WP-Safety

Activity Monitor Pro Security & Risk Analysis

wordpress.org/plugins/activity-monitor-pro

Comprehensive activity monitoring, undo system, and AI-powered anomaly detection for WordPress.

0 active installs v1.0.0 PHP 7.4+ WP 5.8+ Updated Jan 14, 2026
activity-logaudit-logsecurityuser-activityuser-tracking
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Activity Monitor Pro Safe to Use in 2026?

Generally Safe

Score 100/100

Activity Monitor Pro has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago
Risk Assessment

The activity-monitor-pro v1.0.0 plugin exhibits a concerning security posture due to a significant number of unprotected AJAX handlers. While the plugin demonstrates good practices in other areas, such as proper output escaping and the predominant use of prepared statements for SQL queries, the lack of authentication checks on all entry points creates a substantial risk. The absence of known vulnerabilities and critical taint flows is a positive sign, suggesting that the core code may be well-written concerning data handling and external interactions. However, the unprotected AJAX handlers represent a direct pathway for potential abuse if malicious actors can trigger them without proper authorization. The vulnerability history being clean is a good indicator, but it does not negate the immediate risks presented by the unprotected attack surface. The plugin's strengths in output escaping and SQL preparation are overshadowed by the critical flaw of exposed AJAX functionalities, requiring immediate attention to secure these entry points.

Key Concerns

  • Unprotected AJAX handlers
Vulnerabilities
None known

Activity Monitor Pro Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Activity Monitor Pro Code Analysis

Dangerous Functions
0
Raw SQL Queries
2
15 prepared
Unescaped Output
0
67 escaped
Nonce Checks
7
Capability Checks
5
File Operations
1
External Requests
0
Bundled Libraries
0

SQL Query Safety

88% prepared17 total queries

Output Escaping

100% escaped67 total outputs
Data Flows
All sanitized

Data Flow Analysis

4 flows
<settings> (admin\views\settings.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
6 unprotected

Activity Monitor Pro Attack Surface

Entry Points6
Unprotected6

AJAX Handlers 6

authwp_ajax_activity_monitor_get_latest_logsincludes\class-core.php:169
authwp_ajax_activity_monitor_get_logsincludes\class-core.php:170
authwp_ajax_activity_monitor_export_csvincludes\class-core.php:171
authwp_ajax_activity_monitor_clear_logsincludes\class-core.php:172
authwp_ajax_activity_monitor_undoincludes\class-core.php:177
authwp_ajax_activity_monitor_redoincludes\class-core.php:178
WordPress Hooks 28
actionadmin_enqueue_scriptsincludes\class-core.php:164
actionadmin_enqueue_scriptsincludes\class-core.php:165
actionadmin_menuincludes\class-core.php:166
actionactivity_monitor_daily_cleanupincludes\class-core.php:185
actionadd_attachmentincludes\loggers\class-media-logger.php:34
actionedit_attachmentincludes\loggers\class-media-logger.php:35
actiondelete_attachmentincludes\loggers\class-media-logger.php:36
actionactivated_pluginincludes\loggers\class-plugin-logger.php:34
actiondeactivated_pluginincludes\loggers\class-plugin-logger.php:35
actionpost_updatedincludes\loggers\class-post-logger.php:37
actionbefore_delete_postincludes\loggers\class-post-logger.php:38
action_core_updated_successfullyincludes\loggers\class-system-logger.php:22
actionupdated_optionincludes\loggers\class-system-logger.php:25
actionadded_optionincludes\loggers\class-system-logger.php:26
actiondeleted_optionincludes\loggers\class-system-logger.php:27
actioncreated_termincludes\loggers\class-taxonomy-logger.php:21
actionedited_termincludes\loggers\class-taxonomy-logger.php:22
actiondelete_termincludes\loggers\class-taxonomy-logger.php:23
actionswitch_themeincludes\loggers\class-theme-logger.php:22
actiondelete_themeincludes\loggers\class-theme-logger.php:25
actionupgrader_process_completeincludes\loggers\class-theme-logger.php:29
actionwp_edit_theme_plugin_fileincludes\loggers\class-theme-logger.php:32
actionwp_loginincludes\loggers\class-user-logger.php:34
actionwp_logoutincludes\loggers\class-user-logger.php:35
actionwp_login_failedincludes\loggers\class-user-logger.php:36
actionuser_registerincludes\loggers\class-user-logger.php:37
actiondelete_userincludes\loggers\class-user-logger.php:38
actionactivity_monitor_send_reportsincludes\reports\class-report-scheduler.php:44

Scheduled Events 2

activity_monitor_daily_cleanup
activity_monitor_send_reports
Maintenance & Trust

Activity Monitor Pro Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 14, 2026
PHP min version7.4
Downloads133

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Activity Monitor Pro Alternatives

Logify WP – Activity Log & User Audit Log

Logify WP – Activity Log & User Audit Log

logify-wp

A
100

Logify WP - Activity Log & User Audit Log tracks critical changes, logins, and updates with searchable logs for site security.

200 No CVEs
Logify – Event Logger, Activity Monitor, Activity Log & Audit Log

Logify – Event Logger, Activity Monitor, Activity Log & Audit Log

logify

A
100

Monitor, track, and review everything happening on your WordPress site. Logify helps you stay secure, stay compliant, and stay in control.

10 No CVEs
EMW Monitor Activity Log

EMW Monitor Activity Log

emw-monitor-activity-log

A
100

Track and review important user and admin activity in WordPress.

0 No CVEs
FBS Activity Tracker

FBS Activity Tracker

fbs-activity-tracker

A
100

A modern, granular user activity and audit log WordPress plugin with a custom-designed dashboard interface for comprehensive site monitoring.

0 No CVEs
TeleLog

TeleLog

telelog

A
85

Keep track of everything happening on your WordPress in Telegram

0 No CVEs
Developer Profile

Activity Monitor Pro Developer Profile

Wole Akinloye

1 plugin · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Activity Monitor Pro

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/activity-monitor-pro/admin/css/activity-monitor-pro-admin.css/wp-content/plugins/activity-monitor-pro/admin/js/activity-monitor-pro-admin.js/wp-content/plugins/activity-monitor-pro/admin/js/dashboard.js/wp-content/plugins/activity-monitor-pro/admin/js/activity-log.js
Script Paths
/wp-content/plugins/activity-monitor-pro/admin/js/activity-monitor-pro-admin.js/wp-content/plugins/activity-monitor-pro/admin/js/dashboard.js/wp-content/plugins/activity-monitor-pro/admin/js/activity-log.js
Version Parameters
activity-monitor-pro/admin/css/activity-monitor-pro-admin.css?ver=activity-monitor-pro/admin/js/activity-monitor-pro-admin.js?ver=activity-monitor-pro/admin/js/dashboard.js?ver=activity-monitor-pro/admin/js/activity-log.js?ver=

HTML / DOM Fingerprints

CSS Classes
amp-activity-itemamp-avataramp-contentamp-user-nameamp-severity-indicatoramp-action-descamp-time
Data Attributes
data-nonce
JS Globals
activity_monitor_ajax
FAQ

Frequently Asked Questions about Activity Monitor Pro