Does BugTrace – Debug Log Tool have any unpatched vulnerabilities?

No. All known vulnerabilities in BugTrace – Debug Log Tool have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is BugTrace – Debug Log Tool compatible with WordPress 6.9.4?

According to WordPress.org data, BugTrace – Debug Log Tool 1.0.7 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is BugTrace – Debug Log Tool compatible with PHP 7.4+?

BugTrace – Debug Log Tool requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is BugTrace – Debug Log Tool updated?

BugTrace – Debug Log Tool was last updated on Dec 7, 2025. Frequent updates are generally a positive security signal.

What is BugTrace – Debug Log Tool's security score?

BugTrace – Debug Log Tool has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

BugTrace – Debug Log Tool Security & Risk Analysis

wordpress.org/plugins/debug-log-tool

Essential WordPress debug tool: View/download logs, toggle debug settings & inspect server info. Troubleshoot PHP errors & site issues faster!

40 active installs v1.0.7 PHP 7.4+ WP 6.2+ Updated Dec 7, 2025

database-infodebug-logphp-errorstroubleshooting-toolwordpress-debug

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is BugTrace – Debug Log Tool Safe to Use in 2026?

Generally Safe

Score 100/100

BugTrace – Debug Log Tool has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago

Risk Assessment

The 'debug-log-tool' plugin v1.0.7 exhibits a generally strong security posture, primarily due to its diligent use of prepared statements for SQL queries and a high percentage of properly escaped output. The static analysis reveals no critical or high-severity taint flows, and the plugin has no recorded vulnerability history, suggesting a well-maintained codebase.

However, the analysis does highlight areas for improvement. While all AJAX handlers have authentication checks, the absence of capability checks is a concern. This means that any authenticated user, regardless of their role or permissions, could potentially interact with these AJAX endpoints. The plugin also bundles the DataTables library, and while its version isn't specified, outdated bundled libraries can introduce vulnerabilities if not kept current. The presence of file operations and external HTTP requests, while not inherently insecure, requires careful scrutiny to ensure they are not mishandled.

In conclusion, the plugin is built on a foundation of good security practices, particularly regarding data handling. The main weaknesses lie in the potential for privilege escalation through AJAX endpoints without granular capability checks and the implicit risk associated with bundled libraries. Addressing these points would further solidify its security.

Key Concerns

AJAX handlers without capability checks
Bundled library (DataTables) - version unknown

Vulnerabilities

None known

BugTrace – Debug Log Tool Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

BugTrace – Debug Log Tool Code Analysis

Dangerous Functions

Raw SQL Queries

11 prepared

Unescaped Output

86 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

DataTables

SQL Query Safety

100% prepared11 total queries

Output Escaping

97% escaped89 total outputs

Data Flows

All sanitized

Data Flow Analysis

5 flows

set_auto_refresh (includes\admin\settings\class-wpdt-logs.php:272)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

BugTrace – Debug Log Tool Attack Surface

Entry Points5

Unprotected0

AJAX Handlers 5

authwp_ajax_wpdt_get_debug_logsincludes\admin\settings\class-wpdt-logs.php:21

authwp_ajax_wpdt_set_auto_refreshincludes\admin\settings\class-wpdt-logs.php:24

authwp_ajax_wpdt_set_group_logsincludes\admin\settings\class-wpdt-logs.php:27

authwp_ajax_wpdt_save_general_settingsincludes\admin\settings\class-wpdt-settings.php:18

authwp_ajax_wpdt_reset_general_settingsincludes\admin\settings\class-wpdt-settings.php:21

WordPress Hooks 11

actionadmin_bar_menuincludes\admin\class-wpdt-admin-bar-menu.php:15

actionadmin_enqueue_scriptsincludes\admin\class-wpdt-admin.php:17

actionadmin_menuincludes\admin\class-wpdt-admin.php:18

actionwpdt_save_general_settingsincludes\admin\settings\class-wpdt-config-manager.php:16

actionwpdt_reset_general_settingsincludes\admin\settings\class-wpdt-config-manager.php:17

actionwpdt_activationincludes\admin\settings\class-wpdt-config-manager.php:20

actionwpdt_deactivationincludes\admin\settings\class-wpdt-config-manager.php:21

actioninitincludes\admin\settings\class-wpdt-logs.php:17

actioninitincludes\admin\settings\class-wpdt-logs.php:18

actioninitincludes\class-wpdt-installation.php:47

actioninitincludes\class-wpdt-installation.php:49

Maintenance & Trust

BugTrace – Debug Log Tool Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 7, 2025

PHP min version7.4

Downloads887

Community Trust

Rating100/100

Number of ratings1

Active installs40

Alternatives

BugTrace – Debug Log Tool Alternatives

Conflict Finder

conflict-finder-wp-fix-it

100

Conflict Finder is a WordPress troubleshooting toolkit that helps diagnose plugin conflicts, theme issues, debugging errors, and email delivery proble …

100 No CVEs

Premmerce Dev Tools

premmerce-dev-tools

This plugin is created to facilitate the development, testing and debugging of the code on the WordPress platform and to quickly create the demo data …

100 No CVEs

Eligibility Checklist for AdSense

eligibility-checklist-for-adsense

100

A full AdSense approval & policy audit dashboard for 2025. Scans your site using external keyword lists, content heuristics, and policy checks — w …

30 No CVEs

Change Debug Log Location

change-debug-log-location

100

Your website will not send any email in case of fatal errors.

10 No CVEs

Clear Debug.log Cron

clear-debuglog-cron

100

This plugin will automatically delete the debug.log file generated by Wordpress in wp-content.

10 No CVEs

Developer Profile

BugTrace – Debug Log Tool Developer Profile

Nikhil G

1 plugin · 40 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect BugTrace – Debug Log Tool

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/debug-log-tool/asset/js/admin.js/wp-content/plugins/debug-log-tool/asset/css/admin-rtl.css/wp-content/plugins/debug-log-tool/asset/css/admin.css/wp-content/plugins/debug-log-tool/asset/lib/DataTables/datatables.min.js/wp-content/plugins/debug-log-tool/asset/lib/DataTables/datatables.min.css

Script Paths

/wp-content/plugins/debug-log-tool/asset/js/admin.js/wp-content/plugins/debug-log-tool/asset/lib/DataTables/datatables.min.js

Version Parameters

debug-log-tool/asset/js/admin.js?ver=debug-log-tool/asset/css/admin-rtl.css?ver=debug-log-tool/asset/css/admin.css?ver=debug-log-tool/asset/lib/DataTables/datatables.min.js?ver=debug-log-tool/asset/lib/DataTables/datatables.min.css?ver=

HTML / DOM Fingerprints

CSS Classes

wpdt-headerwpdt-header-titlewpdt-header-iconwpdt-header-buttonswpdt-button

Data Attributes

data-noncedata-home_url

JS Globals

wpdebugtool

FAQ