Activity Log Pro – Event Logger, Activity Monitor & Audit Log Security & Risk Analysis
wordpress.org/plugins/activity-log-proProfessional WordPress Activity Log. Track logins, user actions, content changes, and system events to see who did what, when, and where.
Is Activity Log Pro – Event Logger, Activity Monitor & Audit Log Safe to Use in 2026?
Generally Safe
Score 100/100Activity Log Pro – Event Logger, Activity Monitor & Audit Log has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "activity-log-pro" v1.0.4 plugin exhibits a generally strong security posture, with no reported vulnerabilities or critical taint flows. The code analysis reveals excellent adherence to secure coding practices, particularly regarding SQL query sanitation (100% prepared statements) and output escaping (94% properly escaped). The presence of 38 nonce checks and 49 capability checks further indicates a conscious effort to implement authorization mechanisms.
However, the plugin does present a notable area of concern: two AJAX handlers are exposed without authentication checks. This represents a direct attack vector that could be exploited by unauthenticated users. While the taint analysis shows no unsanitized paths, these unprotected AJAX endpoints could still be a gateway for malicious activity if they perform sensitive operations or leak information.
In conclusion, "activity-log-pro" v1.0.4 is commendably built with many security best practices in place, especially concerning data handling. Its vulnerability history is clean, suggesting a stable and well-maintained codebase. The primary risk lies in the unprotected AJAX handlers, which, if not mitigated, could undermine the plugin's otherwise robust security.
Key Concerns
- AJAX handlers without authentication checks
Activity Log Pro – Event Logger, Activity Monitor & Audit Log Security Vulnerabilities
Activity Log Pro – Event Logger, Activity Monitor & Audit Log Code Analysis
SQL Query Safety
Output Escaping
Data Flow Analysis
Activity Log Pro – Event Logger, Activity Monitor & Audit Log Attack Surface
AJAX Handlers 31
REST API Routes 2
WordPress Hooks 100
Scheduled Events 2
Maintenance & Trust
Activity Log Pro – Event Logger, Activity Monitor & Audit Log Maintenance & Trust
Maintenance Signals
Community Trust
Activity Log Pro – Event Logger, Activity Monitor & Audit Log Alternatives
Activity Track – User Activity Log
activity-track
User activity log for WordPress — track logins, edits, and admin actions with real-time alerts, audit trail, and AI-powered summaries.
WP Admin Audit
wp-admin-audit
WP Admin Audit monitors the security-relevant activities on your site, keeps an event log and tells you when something out of the ordinary happens.
Activity Monitor Pro
activity-monitor-pro
Comprehensive activity monitoring, undo system, and AI-powered anomaly detection for WordPress.
EMW Monitor Activity Log
emw-monitor-activity-log
Track and review important user and admin activity in WordPress.
Activity Log – Monitor & Record User Changes
aryo-activity-log
This top rated Activity Log plugin helps you monitor & log all changes and actions on your WordPress site, so you can remain secure and organized.
Activity Log Pro – Event Logger, Activity Monitor & Audit Log Developer Profile
1 plugin · 100 total installs
How We Detect Activity Log Pro – Event Logger, Activity Monitor & Audit Log
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/activity-log-pro/admin/css/activity-log-pro-admin.css/wp-content/plugins/activity-log-pro/admin/js/activity-log-pro-admin.js/wp-content/plugins/activity-log-pro/assets/css/bootstrap.min.css/wp-content/plugins/activity-log-pro/assets/css/datatable.min.css/wp-content/plugins/activity-log-pro/assets/css/select2.min.css/wp-content/plugins/activity-log-pro/assets/js/bootstrap.min.js/wp-content/plugins/activity-log-pro/assets/js/datatable.min.js/wp-content/plugins/activity-log-pro/assets/js/select2.min.js+7 morejs/activity-log-pro-admin.jsassets/js/bootstrap.min.jsassets/js/datatable.min.jsassets/js/select2.min.jsassets/js/moment.min.jsassets/js/daterangepicker.min.js+5 moreactivity-log-pro/admin/js/activity-log-pro-admin.js?ver=activity-log-pro/assets/js/bootstrap.min.js?ver=activity-log-pro/assets/js/datatable.min.js?ver=activity-log-pro/assets/js/select2.min.js?ver=activity-log-pro/assets/js/moment.min.js?ver=activity-log-pro/assets/js/daterangepicker.min.js?ver=activity-log-pro/assets/js/activity-log-pro.js?ver=activity-log-pro/assets/js/activity-log-pro-settings.js?ver=activity-log-pro/assets/js/activity-log-pro-reports.js?ver=activity-log-pro/assets/js/activity-log-pro-notifications.js?ver=activity-log-pro/assets/js/activity-log-pro-dashboard-widget.js?ver=activity-log-pro/admin/css/activity-log-pro-admin.css?ver=activity-log-pro/assets/css/bootstrap.min.css?ver=activity-log-pro/assets/css/datatable.min.css?ver=activity-log-pro/assets/css/select2.min.css?ver=HTML / DOM Fingerprints
actlogpro-datatableactlogpro-settingsactlogpro-reportsactlogpro-notificationsactlogpro-dashboard-widget<!-- START Activity Log Pro Admin JavaScript --><!-- END Activity Log Pro Admin JavaScript --><!-- START Activity Log Pro Settings JavaScript --><!-- END Activity Log Pro Settings JavaScript -->+6 moredata-noncedata-ajaxurldata-actiondata-post-iddata-user-iddata-settings-id+3 moreactlogpro_ajaxactivityLogProAdminactivityLogProSettingsactivityLogProReportsactivityLogProNotificationsactivityLogProDashboardWidget/wp-json/activity-log-pro/v1/logs/wp-json/activity-log-pro/v1/settings/wp-json/activity-log-pro/v1/reports/wp-json/activity-log-pro/v1/notifications/wp-json/activity-log-pro/v1/dashboard