WP-Safety

Advanced WordPress Reset – Debug, Recover & Reset WP Security & Risk Analysis

wordpress.org/plugins/advanced-wp-reset

The ultimate solution for resetting your WordPress database or specific components to their default settings using the advanced reset features.

20K active installs v2.0.7 PHP 7.0+ WP 4.0+ Updated Feb 2, 2026
cleandatabaseresetreset-databaserestore
100
A · Safe
CVEs total1
Unpatched0
Last CVEJul 5, 2022
Plugin page Download
Safety Verdict

Is Advanced WordPress Reset – Debug, Recover & Reset WP Safe to Use in 2026?

Generally Safe

Score 100/100

Advanced WordPress Reset – Debug, Recover & Reset WP has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

1 known CVELast CVE: Jul 5, 2022Updated 3mo ago
Risk Assessment

The "advanced-wp-reset" v2.0.7 plugin exhibits a mixed security posture. On the positive side, it has a low number of total known CVEs, with none currently unpatched, and the last recorded vulnerability was over a year ago, suggesting a history of addressing security issues. The taint analysis shows no critical or high severity unsanitized flows, which is a good indicator. However, the static analysis reveals significant concerns, particularly a large attack surface comprised of 16 AJAX handlers, all of which lack authentication checks. This represents a substantial risk, as any user, authenticated or not, could potentially trigger these handlers. The presence of dangerous functions like 'exec' is also a serious red flag, especially when coupled with unprotected entry points, as it could lead to arbitrary code execution if exploited.

While the plugin does employ some output escaping and prepared statements for SQL queries, the high percentage of unprotected AJAX handlers negates many of these good practices. The single reported medium vulnerability in its history, related to Cross-site Scripting, combined with the current static analysis findings, indicates a persistent risk of input validation and authorization vulnerabilities. The plugin's strengths lie in its historical security remediation, but its current implementation presents significant and immediate risks due to the extensive unprotected attack surface and the presence of powerful, potentially exploitable functions.

Key Concerns

  • All 16 AJAX handlers lack authentication checks
  • Dangerous function 'exec' found
  • 1 out of 1 medium severity CVE history
  • Only 1 nonce check for 16 entry points
  • Only 1 capability check for 16 entry points
  • 2 flows with unsanitized paths (taint analysis)
  • 28% of SQL queries not using prepared statements
  • 28% of outputs not properly escaped
Vulnerabilities
1 published

Advanced WordPress Reset – Debug, Recover & Reset WP Security Vulnerabilities

CVEs by Year

1 CVE in 2022
2022
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2022-2181medium · 5.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advanced WordPress Reset <= 1.5 - Reflected Cross-Site Scripting

Jul 5, 2022 Patched in 1.6 (567d)
Version History

Advanced WordPress Reset – Debug, Recover & Reset WP Release Timeline

v2.0.7Current
v2.0.6
v2.0.5
v2.0.4
v2.0.3
v2.0.2
v2.0.1
v2.0
v1.7
v1.6
v1.51 CVE
CVE-2022-2181
v1.1.11 CVE
CVE-2022-2181
v1.1.01 CVE
CVE-2022-2181
v1.0.11 CVE
CVE-2022-2181
v1.0.01 CVE
CVE-2022-2181
Code Analysis
Analyzed Mar 16, 2026

Advanced WordPress Reset – Debug, Recover & Reset WP Code Analysis

Dangerous Functions
3
Raw SQL Queries
23
19 prepared
Unescaped Output
5
13 escaped
Nonce Checks
1
Capability Checks
1
File Operations
17
External Requests
1
Bundled Libraries
0

Dangerous Functions Found

execexec('where /Q ' . $command, $output, $return_val);includes\utils\dumper.php:191
exec$last_line = exec('which ' . $command);includes\utils\dumper.php:200
execexec($command, $output, $return_val);includes\utils\dumper.php:271

SQL Query Safety

45% prepared42 total queries

Output Escaping

72% escaped18 total outputs
Data Flows · Security
2 unsanitized

Data Flow Analysis

6 flows2 with unsanitized paths
download (includes\endpoints\snapshot-controller.class.php:278)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
16 unprotected

Advanced WordPress Reset – Debug, Recover & Reset WP Attack Surface

Entry Points16
Unprotected16

AJAX Handlers 16

authwp_ajax_AWR_SHOW_NOTIFICATIONSactions.inc.php:3
authwp_ajax_awr_hide_videoactions.inc.php:4
authwp_ajax_awr_system_infosactions.inc.php:5
authwp_ajax_awr_change_nav_tabactions.inc.php:6
authwp_ajax_awr_save_hidden_blocactions.inc.php:7
authwp_ajax_awr_count_option_itemsactions.inc.php:9
authwp_ajax_awr_get_tools_countsactions.inc.php:10
authwp_ajax_awr_reset_optionsactions.inc.php:12
authwp_ajax_awr_full_resetactions.inc.php:15
authwp_ajax_awr_create_snapshotactions.inc.php:19
authwp_ajax_awr_get_snapshotsactions.inc.php:20
authwp_ajax_awr_delete_snapshotactions.inc.php:21
authwp_ajax_awr_bulk_delete_snapshotactions.inc.php:22
authwp_ajax_awr_execute_snapshotactions.inc.php:23
authwp_ajax_awr_compare_snapshotactions.inc.php:24
authwp_ajax_awr_download_snapshotactions.inc.php:25
WordPress Hooks 9
actionadmin_enqueue_scriptsadvanced-wp-reset.class.php:51
actionadmin_menuadvanced-wp-reset.class.php:52
filterplugin_action_linksadvanced-wp-reset.class.php:65
filterplugin_row_metaadvanced-wp-reset.class.php:66
actionadmin_noticesadvanced-wp-reset.class.php:67
actionadmin_noticesadvanced-wp-reset.class.php:68
actionadmin_noticesadvanced-wp-reset.class.php:69
actionadmin_noticesadvanced-wp-reset.php:24
filterwp_redirectadvanced-wp-reset.php:27
Maintenance & Trust

Advanced WordPress Reset – Debug, Recover & Reset WP Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 2, 2026
PHP min version7.0
Downloads1.3M

Community Trust

Rating98/100
Number of ratings1,232
Active installs20K
Alternatives

Advanced WordPress Reset – Debug, Recover & Reset WP Alternatives

Database Reset Pro – Clean & Reset WordPress Database

Database Reset Pro – Clean & Reset WordPress Database

db-reset-pro

A
100

DB Reset Pro is a powerful free Database reset plugin for WordPress. 1-click database reset to default settings while preserving files, media uploads, &hellip;

200 No CVEs
WP Reset

WP Reset

wp-reset

A
91

WP Reset resets the entire site or selected parts using advanced reset options to default values. 100% safe to use with built-in restore function.

300K 6 CVEs
Reset – WordPress Database Reset Plugin

Reset – WordPress Database Reset Plugin

reset

A
98

Fast & lightweight WordPress reset plugin. Instantly reset your WordPress database or selected tables with one click. Safe, secure & developer &hellip;

80 1 CVE
Extended WP Reset

Extended WP Reset

extended-wp-reset

A
85

This plugin will reset your WordPress installation to its default state. It will not delete any files, themes or plugins. WPMU is supported.

10 No CVEs
WPMU Database Reset

WPMU Database Reset

wpmu-database-reset

A
85

Clean up a single site in a WP network, by removing all posts, comments, terms and media files. A clean slate for the site.

10 No CVEs
Developer Profile

Advanced WordPress Reset – Debug, Recover & Reset WP Developer Profile

Younes JFR.

4 plugins · 121K total installs

78
trust score
Avg Security Score
98/100
Avg Patch Time
416 days
View full developer profile
Detection Fingerprints

How We Detect Advanced WordPress Reset – Debug, Recover & Reset WP

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/advanced-wp-reset/assets/css/all.css/wp-content/plugins/advanced-wp-reset/assets/js/all.js/wp-content/plugins/advanced-wp-reset/assets/css/reset.css/wp-content/plugins/advanced-wp-reset/assets/css/reset.min.css/wp-content/plugins/advanced-wp-reset/assets/js/reset.js/wp-content/plugins/advanced-wp-reset/assets/js/reset.min.js
Script Paths
/wp-content/plugins/advanced-wp-reset/assets/js/all.js/wp-content/plugins/advanced-wp-reset/assets/js/reset.js/wp-content/plugins/advanced-wp-reset/assets/js/reset.min.js
Version Parameters
advanced-wp-reset/assets/css/all.css?ver=advanced-wp-reset/assets/js/all.js?ver=advanced-wp-reset/assets/css/reset.css?ver=advanced-wp-reset/assets/css/reset.min.css?ver=advanced-wp-reset/assets/js/reset.js?ver=advanced-wp-reset/assets/js/reset.min.js?ver=

HTML / DOM Fingerprints

CSS Classes
awpr-app-containerawpr-notice-buttonawpr-notice-rowawpr-notice-iconawpr-notice-contentawpr-notice-titleawpr-notice-textawpr-notice-button-row+3 more
HTML Comments
<!-- For not showing "Plugin activated". --><!-- Singleton Pattern --><!-- Activation --><!-- Deactivation -->+4 more
Data Attributes
data-awr-notice-type="rate"data-awr-notice-type="activation"data-awr-notice-type="news"
JS Globals
awr_reset_ajax_objawr_reset_varAWR_PLUGIN_TEXTDOMAIN
REST Endpoints
/wp-json/awr/v1/reset
FAQ

Frequently Asked Questions about Advanced WordPress Reset – Debug, Recover & Reset WP