diff --git a/packages/editor-tools/tests/Security/TestPasswordValidation.php b/packages/editor-tools/tests/Security/TestPasswordValidation.php
index 833d380..55219ab 100644
--- a/packages/editor-tools/tests/Security/TestPasswordValidation.php
+++ b/packages/editor-tools/tests/Security/TestPasswordValidation.php
@@ -38,18 +38,27 @@ public function test_init(): void {
 	 *
 	 * @param string   $password The password to check.
 	 * @param bool     $filter_enabled Whether the filter is enabled.
+	 * @param string   $hook_name The hook name.
 	 * @param string[] $expected_errors Whether an error should be expected.
 	 *
 	 * @return void
 	 *
 	 * @dataProvider user_profile_update_errors_provider
 	 */
-	public function test_user_profile_update_errors( string $password, bool $filter_enabled, array $expected_errors ): void {
+	public function test_user_profile_update_errors( string $password, bool $filter_enabled, string $hook_name, array $expected_errors ): void {
+		$_POST['pass1'] = $password;
 
 		\WP_Mock::onFilter( 'boxuk_validate_password' )->with( true )->reply( $filter_enabled );
 
-		\WP_Mock::userFunction( 'sanitize_text_field' )->once()->andReturn( $password );
-		\WP_Mock::userFunction( 'doing_action' )->once()->andReturn( false );
+		\WP_Mock::userFunction( 'doing_action' )
+			->with( 'user_profile_update_errors' )
+			->times( (int) $filter_enabled )
+			->andReturn( 'user_profile_update_errors' === $hook_name );
+
+		\WP_Mock::userFunction( 'sanitize_text_field' )
+			->with( $password )
+			->times( (int) $filter_enabled )
+			->andReturn( $password );
 
 		$error_holder = Mockery::mock( 'WP_Error' );
 
@@ -59,6 +68,7 @@ function ( string $code, string $message ) use ( $expected_errors ) {
 			}
 		);
 
+		
 		$password_validation = new PasswordValidation();
 		$password_validation->user_profile_update_errors( $error_holder );
 
@@ -72,59 +82,73 @@ function ( string $code, string $message ) use ( $expected_errors ) {
 	 */
 	public function user_profile_update_errors_provider(): array {
 		return array(
-			'password too short' => array(
+			'password too short'                    => array(
 				'password'      => 'test',
 				'enabled'       => true,
+				'hook_name'     => 'validate_password_reset',
 				'expect_errors' => array(
 					'This value is too short. It should have 10 characters or more.',
 					'Password must contain at least one number.',
 					'Password must contain at least one uppercase letter.',
 				),
 			),
-			'password too long'  => array(
+			'password too long'                     => array(
 				'password'      => 'testtesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttest',
 				'enabled'       => true,
+				'hook_name'     => 'validate_password_reset',
 				'expect_errors' => array(
 					'This value is too long. It should have 72 characters or less.',
 					'Password must contain at least one uppercase letter.',
 					'Password must contain at least one number.',
 				),
 			),
-			'no number'          => array(
+			'no number'                             => array(
 				'password'      => 'testtesttest',
 				'enabled'       => true,
+				'hook_name'     => 'validate_password_reset',
 				'expect_errors' => array(
 					'Password must contain at least one number.',
 					'Password must contain at least one uppercase letter.',
 				),
 			),
-			'no uppercase'       => array(
+			'no uppercase'                          => array(
 				'password'      => 'testtesttest1',
 				'enabled'       => true,
+				'hook_name'     => 'validate_password_reset',
 				'expect_errors' => array(
 					'Password must contain at least one uppercase letter.',
 				),
 			),
-			'no lowercase'       => array(
+			'no lowercase'                          => array(
 				'password'      => 'TESTTESTTEST1',
 				'enabled'       => true,
+				'hook_name'     => 'validate_password_reset',
 				'expect_errors' => array(
 					'Password must contain at least one lowercase letter.',
 				),
 			),
-			'valid password'     => array(
+			'valid password'                        => array(
 				'password'      => 'Testtesttest1',
 				'enabled'       => true,
+				'hook_name'     => 'validate_password_reset',
 				'expect_errors' => array(),
 			),
-			'disabled feature, valid password' => array(
+			'disabled feature, valid password'      => array(
 				'password'      => 'Testtesttest1',
 				'enabled'       => false,
+				'hook_name'     => 'validate_password_reset',
 				'expect_errors' => array(),
 			),
-			'disabled feature, invalid password' => array(
+			'disabled feature, invalid password'    => array(
 				'password'      => 'test',
 				'enabled'       => false,
+				'hook_name'     => 'validate_password_reset',
+				'expect_errors' => array(),
+			),
+			'on profile-update with empty password' => array(
+				'password'      => '',
+				'enabled'       => true,
+				'hook_name'     => 'user_profile_update_errors',
 				'expect_errors' => array(),
 			),
 		);
@@ -156,7 +180,7 @@ public function test_password_hint( bool $enabled, string $expected ): void {
 	 */
 	public function password_hint_provider(): array {
 		return array(
-			'enabled' => array(
+			'enabled'  => array(
 				'enabled'  => true,
 				'expected' => 'Hint: The password should be at least ten characters long, and include at least one upper case letter and one number. To make it stronger, use more upper and lower case letters, more numbers, and symbols like ! " ? $ % ^ & ).',
 			),
diff --git a/packages/editor-tools/tests/Security/TestRSS.php b/packages/editor-tools/tests/Security/TestRSS.php
index 1924e73..27c6cf2 100644
--- a/packages/editor-tools/tests/Security/TestRSS.php
+++ b/packages/editor-tools/tests/Security/TestRSS.php
@@ -18,28 +18,60 @@ class TestRSS extends TestCase {
 
 	/**
 	 * Test `init` method
+	 * 
+	 * @param bool $enabled Whether the feature is enabled.
+	 * 
+	 * @dataProvider init_provider
 	 */
-	public function test_init() { 
+	public function test_init( bool $enabled ) { 
 
+		\WP_Mock::onFilter( 'boxuk_disable_rss' )->with( true )->reply( $enabled );
 		$class_in_test = new RSS();
 
-		\WP_Mock::expectActionAdded( 'do_feed', array( $class_in_test, 'send_404' ), 1 );
-		\WP_Mock::expectActionAdded( 'do_feed_rdf', array( $class_in_test, 'send_404' ), 1 );
-		\WP_Mock::expectActionAdded( 'do_feed_rss', array( $class_in_test, 'send_404' ), 1 );
-		\WP_Mock::expectActionAdded( 'do_feed_rss2', array( $class_in_test, 'send_404' ), 1 );
-		\WP_Mock::expectActionAdded( 'do_feed_atom', array( $class_in_test, 'send_404' ), 1 );
-		\WP_Mock::expectActionAdded( 'do_feed_rss2_comments', array( $class_in_test, 'send_404' ), 1 );
-		\WP_Mock::expectActionAdded( 'do_feed_atom_comments', array( $class_in_test, 'send_404' ), 1 );
+		if ( ! $enabled ) { 
+			\WP_Mock::expectActionNotAdded( 'do_feed', array( $class_in_test, 'send_404' ), 1 );
+			\WP_Mock::expectActionNotAdded( 'do_feed_rdf', array( $class_in_test, 'send_404' ), 1 );
+			\WP_Mock::expectActionNotAdded( 'do_feed_rss', array( $class_in_test, 'send_404' ), 1 );
+			\WP_Mock::expectActionNotAdded( 'do_feed_rss2', array( $class_in_test, 'send_404' ), 1 );
+			\WP_Mock::expectActionNotAdded( 'do_feed_atom', array( $class_in_test, 'send_404' ), 1 );
+			\WP_Mock::expectActionNotAdded( 'do_feed_rss2_comments', array( $class_in_test, 'send_404' ), 1 );
+			\WP_Mock::expectActionNotAdded( 'do_feed_atom_comments', array( $class_in_test, 'send_404' ), 1 );
+	
+			\WP_Mock::userFunction( 'remove_action' )
+				->never()->with( 'wp_head', 'feed_links_extra', 3 );
+			\WP_Mock::userFunction( 'remove_action' )
+				->never()->with( 'wp_head', 'feed_links', 2 );
+		} else {
+			\WP_Mock::expectActionAdded( 'do_feed', array( $class_in_test, 'send_404' ), 1 );
+			\WP_Mock::expectActionAdded( 'do_feed_rdf', array( $class_in_test, 'send_404' ), 1 );
+			\WP_Mock::expectActionAdded( 'do_feed_rss', array( $class_in_test, 'send_404' ), 1 );
+			\WP_Mock::expectActionAdded( 'do_feed_rss2', array( $class_in_test, 'send_404' ), 1 );
+			\WP_Mock::expectActionAdded( 'do_feed_atom', array( $class_in_test, 'send_404' ), 1 );
+			\WP_Mock::expectActionAdded( 'do_feed_rss2_comments', array( $class_in_test, 'send_404' ), 1 );
+			\WP_Mock::expectActionAdded( 'do_feed_atom_comments', array( $class_in_test, 'send_404' ), 1 );
 
-		\WP_Mock::userFunction( 'remove_action' )
-			->once()->with( 'wp_head', 'feed_links_extra', 3 );
-		\WP_Mock::userFunction( 'remove_action' )
-			->once()->with( 'wp_head', 'feed_links', 2 );
+			\WP_Mock::userFunction( 'remove_action' )
+				->once()->with( 'wp_head', 'feed_links_extra', 3 );
+			\WP_Mock::userFunction( 'remove_action' )
+				->once()->with( 'wp_head', 'feed_links', 2 );
+		}
 
 		$class_in_test->init();
 		$this->assertConditionsMet();
 	}
 
+	/**
+	 * Provider for `init` method
+	 *
+	 * @return array
+	 */
+	public function init_provider(): array {
+		return array(
+			'enabled'  => array( true ),
+			'disabled' => array( false ),
+		);
+	}
+
 	/**
 	 * Test `send_404` method
 	 */
diff --git a/packages/editor-tools/tests/Security/TestRestictHTTPRequestMethods.php b/packages/editor-tools/tests/Security/TestRestictHTTPRequestMethods.php
index f676374..cac834d 100644
--- a/packages/editor-tools/tests/Security/TestRestictHTTPRequestMethods.php
+++ b/packages/editor-tools/tests/Security/TestRestictHTTPRequestMethods.php
@@ -61,7 +61,7 @@ public function test_block_request_if_not_using_allowed_method( string $method,
 		$class_in_test = Mockery::mock( RestrictHTTPRequestMethods::class )
 			->makePartial();
 
-		$class_in_test->expects( 'is_cli' )->once()->andReturn( $is_cli );
+		$class_in_test->expects( 'is_cli' )->times( (int) $enabled )->andReturn( $is_cli );
 
 		if ( $expected ) {
 			\WP_Mock::userFunction( 'status_header' )