Does Aspexi Login Audit have any unpatched vulnerabilities?

No. All known vulnerabilities in Aspexi Login Audit have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Aspexi Login Audit compatible with WordPress 4.9.29?

According to WordPress.org data, Aspexi Login Audit 1.0.2 has been tested up to WordPress 4.9.29. Check the plugin's changelog for the latest compatibility information.

How often is Aspexi Login Audit updated?

Aspexi Login Audit was last updated on Apr 25, 2018. Frequent updates are generally a positive security signal.

What is Aspexi Login Audit's security score?

Aspexi Login Audit has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Aspexi Login Audit Security & Risk Analysis

wordpress.org/plugins/aspexi-login-audit

This plugin helps you to keep an audit trail of user login activities such as successful login, logout, failed login and more to ensure your site perf …

10 active installs v1.0.2 PHP + WP 4.5+ Updated Apr 25, 2018

audit-logevent-log-wordpresssecurity-event-logwordpress-activity-logwordpress-security-plugin

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Aspexi Login Audit Safe to Use in 2026?

Generally Safe

Score 85/100

Aspexi Login Audit has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7yr ago

Risk Assessment

The "aspexi-login-audit" plugin version 1.0.2 exhibits a generally positive security posture, with a notable absence of known vulnerabilities and a limited attack surface. The static analysis reveals no direct entry points like AJAX handlers, REST API routes, or shortcodes that lack authentication or permission checks. Furthermore, the plugin demonstrates good practices by avoiding external HTTP requests and file operations, and the taint analysis shows no critical or high severity flows with unsanitized paths. However, the presence of the `unserialize` function is a significant concern, as it can lead to Remote Code Execution (RCE) if used with untrusted data. While the plugin has no recorded vulnerability history, this does not negate the inherent risk associated with using such a dangerous function without clear evidence of robust sanitization or input validation surrounding its usage. The relatively low percentage of properly escaped output also suggests a potential for Cross-Site Scripting (XSS) vulnerabilities, especially if the data processed by `unserialize` is ever directly displayed.

Key Concerns

Use of unserialize() function
Low percentage of properly escaped output

Vulnerabilities

None known

Aspexi Login Audit Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Aspexi Login Audit Code Analysis

Dangerous Functions

Raw SQL Queries

4 prepared

Unescaped Output

12 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$loginInfo = unserialize(get_option('aspexiloginaudit_login_info'));aspexi-login-audit.php:346

SQL Query Safety

40% prepared10 total queries

Output Escaping

13% escaped95 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

admin_page (aspexi-login-audit.php:116)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Aspexi Login Audit Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 8

actionadmin_menuaspexi-login-audit.php:63

actionwp_loginaspexi-login-audit.php:64

actionwp_logoutaspexi-login-audit.php:65

actionwp_login_failedaspexi-login-audit.php:66

actionpassword_resetaspexi-login-audit.php:67

actionadmin_enqueue_scriptsaspexi-login-audit.php:68

actionwpaspexi-login-audit.php:69

filterplugin_action_linksaspexi-login-audit.php:72

Maintenance & Trust

Aspexi Login Audit Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29

Last updatedApr 25, 2018

PHP min version

Downloads2K

Community Trust

Rating100/100

Number of ratings1

Active installs10

Alternatives

Aspexi Login Audit Alternatives

WP Security Audit Log addon for Paid Memberships Pro

wp-security-audit-log-for-paid-memberships-pro

An Addon to the WP Security Audit Log plugin to log events from Paid Memberships Pro plugin

10 No CVEs

TeleLog

telelog

Keep track of everything happening on your WordPress in Telegram

0 No CVEs

Simple History – Track, Log, and Audit WordPress Changes

simple-history

Track changes and user activities on your WordPress site. See who created a page, uploaded an attachment, and more, for a complete audit trail.

300K 4 CVEs

Activity Log – Monitor & Record User Changes

aryo-activity-log

This top rated Activity Log plugin helps you monitor & log all changes and actions on your WordPress site, so you can remain secure and organized.

200K 9 CVEs

WP Admin Audit

wp-admin-audit

100

WP Admin Audit monitors the security-relevant activities on your site, keeps an event log and tells you when something out of the ordinary happens.

1K No CVEs

Developer Profile

Aspexi Login Audit Developer Profile

Aspexi

4 plugins · 3K total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Aspexi Login Audit

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/aspexi-login-audit/aspexi-login-audit.css/wp-content/plugins/aspexi-login-audit/js/aspexi-login-audit-admin.js

Script Paths

/wp-content/plugins/aspexi-login-audit/js/aspexi-login-audit-admin.js

Version Parameters

aspexi-login-audit.css?ver=aspexi-login-audit-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

aspexi-login-audit-admin

Data Attributes

data-pro-url

JS Globals

ala

FAQ