[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fIXuiqH67BLeSNAJMH2t4IeO6stgRJ5ixPzDuaGs01zA":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":37,"analysis":141,"fingerprints":1280},"divewp-boost-site-performance","DiveWP – Boost Site Performance with Clear, Actionable Steps","2.3.3","Oleg Petrov","https:\u002F\u002Fprofiles.wordpress.org\u002Freplikon\u002F","\u003Ch4>🔌 NEW: Plugins Management\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Monitor and manage all installed plugins from one place.\u003C\u002Fstrong> DiveWP’s \u003Cstrong>Plugins Management\u003C\u002Fstrong> feature shows every plugin with active\u002Finactive status, update availability, and “Up to date” state. View details and changelog from WordPress.org, and activate or deactivate plugins without leaving the dashboard.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Plugins Management & Abilities API:\u003C\u002Fstrong> Use the \u003Ccode>divewp\u002Fplugins-management\u003C\u002Fcode> ability so AI assistants can list plugins, fetch description and changelog for a plugin, or activate\u002Fdeactivate a plugin by file path.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What Plugins Management Delivers:\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Cstrong>Unified plugin list\u003C\u002Fstrong> – All installed plugins with status pills (Active, Inactive, Update Available, Up to date)\u003Cbr \u002F>\n* \u003Cstrong>Dashboard overview\u003C\u002Fstrong> – Green and red pill counts on the main dashboard for quick health overview\u003Cbr \u002F>\n* \u003Cstrong>Details drawer\u003C\u002Fstrong> – Overview, full description, and changelog from WordPress.org\u003Cbr \u002F>\n* \u003Cstrong>Toggle activation\u003C\u002Fstrong> – Activate or deactivate plugins from the card or drawer\u003Cbr \u002F>\n* \u003Cstrong>Search\u003C\u002Fstrong> – Filter plugins by name, author, or description\u003Cbr \u002F>\n* \u003Cstrong>Abilities API\u003C\u002Fstrong> – Operations: list (all plugins), details (wp.org info for one plugin), toggle (activate\u002Fdeactivate)\u003C\u002Fp>\n\u003Ch4>🤖 NEW: AI Capabilities & WordPress Abilities API\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Talk to your WordPress site through AI!\u003C\u002Fstrong> DiveWP integrates with the \u003Cstrong>WordPress Abilities API\u003C\u002Fstrong> and Model Context Protocol (MCP), so AI tools like Cursor, Claude, and ChatGPT can query your site’s health and diagnostics directly—no copy-paste needed.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WordPress Abilities API & MCP:\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Cstrong>11 Diagnostic Abilities\u003C\u002Fstrong> – Server insights, cron monitoring, plugins management, database health, security audits, and more via the Abilities API\u003Cbr \u002F>\n* \u003Cstrong>Zero Copy-Paste\u003C\u002Fstrong> – AI agents run diagnostics through MCP without manual log sharing\u003Cbr \u002F>\n* \u003Cstrong>Secure Authentication\u003C\u002Fstrong> – WordPress Application Passwords for safe, controlled access\u003Cbr \u002F>\n* \u003Cstrong>Step-by-Step Setup\u003C\u002Fstrong> – “AI Capabilities” tab guides you through 3-step configuration for Abilities API and MCP clients\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Available Abilities:\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Ccode>divewp\u002Fserver-insights\u003C\u002Fcode> – Full server health & config check\u003Cbr \u002F>\n* \u003Ccode>divewp\u002Fcron-insights\u003C\u002Fcode> – Monitor WP-Cron and Action Scheduler; background tasks & overdue jobs\u003Cbr \u002F>\n* \u003Ccode>divewp\u002Fdb-insights\u003C\u002Fcode> – Database size & optimization status\u003Cbr \u002F>\n* \u003Ccode>divewp\u002Fsecurity-insights\u003C\u002Fcode> – Vulnerability & configuration audit\u003Cbr \u002F>\n* \u003Ccode>divewp\u002Fperformance-checks\u003C\u002Fcode> – Caching & optimization discovery\u003Cbr \u002F>\n* \u003Ccode>divewp\u002Ftheme-builder-insights\u003C\u002Fcode> – Theme and page builder health\u003Cbr \u002F>\n* \u003Ccode>divewp\u002Fwoocommerce-best-practices\u003C\u002Fcode> – WooCommerce optimization\u003Cbr \u002F>\n* \u003Ccode>divewp\u002Fseo-optimization\u003C\u002Fcode> – SEO configuration audit\u003Cbr \u002F>\n* \u003Ccode>divewp\u002Femail-communications\u003C\u002Fcode> – Email delivery & SMTP status\u003Cbr \u002F>\n* \u003Ccode>divewp\u002Fhosting-benchmark-latest\u003C\u002Fcode> – Latest benchmark results\u003Cbr \u002F>\n* \u003Ccode>divewp\u002Fplugins-management\u003C\u002Fcode> – List installed plugins, fetch wp.org details\u002Fchangelog, or toggle plugin activation (operations: list, details, toggle)\u003C\u002Fp>\n\u003Ch4>⏰ NEW: Cron Job Manager & WP-Cron Monitoring\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Take control of WordPress cron jobs and scheduled tasks.\u003C\u002Fstrong> DiveWP’s \u003Cstrong>Cron Job Manager\u003C\u002Fstrong> gives you a clear view of WP-Cron and Action Scheduler so you can spot overdue jobs, slow hooks, and misconfigured cron setups.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Cron Jobs & Abilities API:\u003C\u002Fstrong> Use the \u003Ccode>divewp\u002Fcron-insights\u003C\u002Fcode> ability so AI assistants can inspect your cron status, overdue tasks, and recommendations without opening the admin.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What the Cron Job Manager Delivers:\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Cstrong>Real-time cron monitoring\u003C\u002Fstrong> – WP-Cron and Action Scheduler in one dashboard\u003Cbr \u002F>\n* \u003Cstrong>Hook performance\u003C\u002Fstrong> – Execution time and memory per cron hook\u003Cbr \u002F>\n* \u003Cstrong>Overdue & orphan detection\u003C\u002Fstrong> – Find stuck or orphaned scheduled tasks\u003Cbr \u002F>\n* \u003Cstrong>Execution history\u003C\u002Fstrong> – Filterable, paginated cron run history\u003Cbr \u002F>\n* \u003Cstrong>Health guidance\u003C\u002Fstrong> – System health and cron configuration tips\u003C\u002Fp>\n\u003Ch4>🚀 Hosting Performance Benchmark – Know If You Need to Upgrade!\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Measure how your hosting handles your WordPress site!\u003C\u002Fstrong> DiveWP’s comprehensive Hosting Performance Benchmark is a powerful enterprise-grade testing system that evaluates your hosting environment through real-world performance tests.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What It Tests:\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Cstrong>Database Performance\u003C\u002Fstrong> – Tests INSERT, SELECT, UPDATE operations, datetime functions, and aggregate operations (8 comprehensive tests)\u003Cbr \u002F>\n* \u003Cstrong>Server Resources\u003C\u002Fstrong> – Evaluates CPU, memory, I\u002FO, and network capabilities (5 resource tests)\u003Cbr \u002F>\n* \u003Cstrong>Concurrency Handling\u003C\u002Fstrong> – Measures how your hosting performs under multiple simultaneous requests (4 concurrency tests)\u003Cbr \u002F>\n* \u003Cstrong>E-commerce Performance\u003C\u002Fstrong> – Tests WooCommerce-like operations including price calculations, shipping, and inventory checks (3 performance tests)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Benefits:\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Cstrong>20+ Individual Tests\u003C\u002Fstrong> – Comprehensive evaluation across 4 major categories\u003Cbr \u002F>\n* \u003Cstrong>Real-World Simulation\u003C\u002Fstrong> – Tests simulate actual WordPress operations, not synthetic benchmarks\u003Cbr \u002F>\n* \u003Cstrong>6-Minute Complete Analysis\u003C\u002Fstrong> – Get detailed insights in approximately 6 minutes\u003Cbr \u002F>\n* \u003Cstrong>Actionable Results\u003C\u002Fstrong> – Understand if your current hosting is sufficient or if you need to upgrade\u003Cbr \u002F>\n* \u003Cstrong>Cross-Database Compatible\u003C\u002Fstrong> – Works with MySQL, MariaDB, PostgreSQL, SQLite, and SQL Server\u003Cbr \u002F>\n* \u003Cstrong>Optimized for Shared Hosting\u003C\u002Fstrong> – Designed to work efficiently even on shared hosting environments\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Perfect For:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Site owners wondering if their hosting plan is sufficient\u003Cbr \u002F>\n* Users experiencing slow performance and wanting to identify bottlenecks\u003Cbr \u002F>\n* Anyone considering upgrading their hosting plan\u003Cbr \u002F>\n* Developers evaluating hosting performance for client sites\u003C\u002Fp>\n\u003Ch4>🎯 Transform Your WP Journey\u003C\u002Fh4>\n\u003Cp>Discover your site’s true potential by understanding exactly what’s happening under the hood. DiveWP provides clear insights about Performance, Security, and Best Practices – all explained in plain English. Take control of your digital presence by learning as you optimize!\u003C\u002Fp>\n\u003Ch4>🔍 Key Features\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>🔌 NEW: Plugins Management\u003C\u002Fstrong>\u003Cbr \u002F>\n* Unified list of all installed plugins with status (Active, Inactive, Update Available, Up to date)\u003Cbr \u002F>\n* Dashboard counts green (up to date) and red (updates available) pills for quick overview\u003Cbr \u002F>\n* Details drawer with overview, WordPress.org description, and changelog\u003Cbr \u002F>\n* Toggle plugin activation from card or drawer; search by name, author, or description\u003Cbr \u002F>\n* Abilities API: \u003Ccode>divewp\u002Fplugins-management\u003C\u002Fcode> (list, details, toggle) for AI-assisted plugin management\u003C\u002Fp>\n\u003Cp>\u003Cstrong>⏰ NEW: Cron Job Manager & WP-Cron Monitoring\u003C\u002Fstrong>\u003Cbr \u002F>\n* Real-time WP-Cron and Action Scheduler tracking\u003Cbr \u002F>\n* Monitor hook performance and execution time\u003Cbr \u002F>\n* Detect orphaned and overdue tasks\u003Cbr \u002F>\n* Identify problematic cron hooks affecting performance\u003Cbr \u002F>\n* Complete execution history with filtering and pagination\u003Cbr \u002F>\n* Integrates with Abilities API via \u003Ccode>divewp\u002Fcron-insights\u003C\u002Fcode> for AI-assisted cron diagnostics\u003C\u002Fp>\n\u003Cp>\u003Cstrong>🤖 NEW: AI Capabilities & WordPress Abilities API\u003C\u002Fstrong>\u003Cbr \u002F>\n* WordPress Abilities API and MCP let AI assistants query your site for diagnostics\u003Cbr \u002F>\n* 11 abilities for server, cron jobs, plugins, security, database, and performance insights\u003Cbr \u002F>\n* Works with Cursor, Claude Desktop, ChatGPT, and other MCP clients\u003Cbr \u002F>\n* Secure access via WordPress Application Passwords\u003Cbr \u002F>\n* Step-by-step setup guide in “AI Capabilities” tab\u003C\u002Fp>\n\u003Cp>\u003Cstrong>🚀 Hosting Performance Benchmark\u003C\u002Fstrong>\u003Cbr \u002F>\n* Comprehensive hosting evaluation with 20+ real-world performance tests\u003Cbr \u002F>\n* Database, resource, concurrency, and e-commerce performance analysis\u003Cbr \u002F>\n* Determine if your hosting plan is sufficient for your site\u003Cbr \u002F>\n* Cross-database compatibility (MySQL, MariaDB, PostgreSQL, SQLite, SQL Server)\u003Cbr \u002F>\n* Optimized for shared hosting environments\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Deep Site Insights\u003C\u002Fstrong>\u003Cbr \u002F>\n* Understand your site inside out\u003Cbr \u002F>\n* Comprehensive analysis of core functions\u003Cbr \u002F>\n* Database health monitoring\u003Cbr \u002F>\n* User activity tracking\u003Cbr \u002F>\n* Everything explained in plain English\u003C\u002Fp>\n\u003Cp>\u003Cstrong>⚡ Performance & Speed\u003C\u002Fstrong>\u003Cbr \u002F>\n* Clear performance insights\u003Cbr \u002F>\n* Actionable optimization steps\u003Cbr \u002F>\n* Speed improvement recommendations\u003Cbr \u002F>\n* Learn what affects your site’s performance\u003C\u002Fp>\n\u003Cp>\u003Cstrong>🛡️ Security & Best Practices\u003C\u002Fstrong>\u003Cbr \u002F>\n* Proactive security checks\u003Cbr \u002F>\n* Easy-to-follow hardening recommendations\u003Cbr \u002F>\n* Learn WordPress security best practices\u003Cbr \u002F>\n* Implement as you learn\u003C\u002Fp>\n\u003Cp>\u003Cstrong>📊 Database Health\u003C\u002Fstrong>\u003Cbr \u002F>\n* Optimize database performance\u003Cbr \u002F>\n* Clear insights into tables and structure\u003Cbr \u002F>\n* Cleanup recommendations\u003Cbr \u002F>\n* Learn database management without being a tech expert\u003C\u002Fp>\n\u003Cp>\u003Cstrong>🎯 SEO & Visibility\u003C\u002Fstrong>\u003Cbr \u002F>\n* Practical SEO recommendations\u003Cbr \u002F>\n* Essential optimization techniques\u003Cbr \u002F>\n* Improve search engine rankings\u003Cbr \u002F>\n* Learn while implementing\u003C\u002Fp>\n\u003Cp>\u003Cstrong>🛍️ WooCommerce Optimization\u003C\u002Fstrong>\u003Cbr \u002F>\n* Specialized store insights\u003Cbr \u002F>\n* Performance optimization\u003Cbr \u002F>\n* Checkout process analysis\u003Cbr \u002F>\n* Shopping experience improvements\u003C\u002Fp>\n\u003Cp>\u003Cstrong>📧 Email System Monitor\u003C\u002Fstrong>\u003Cbr \u002F>\n* Detailed logging and diagnostics\u003Cbr \u002F>\n* Track email system performance\u003Cbr \u002F>\n* Ensure reliable communication\u003Cbr \u002F>\n* Monitor delivery status\u003C\u002Fp>\n\u003Cp>\u003Cstrong>🎨 Theme & Builder Analysis\u003C\u002Fstrong>\u003Cbr \u002F>\n* Theme performance insights\u003Cbr \u002F>\n* Page builder optimization\u003Cbr \u002F>\n* Visual elements analysis\u003Cbr \u002F>\n* Speed optimization guidance\u003C\u002Fp>\n\u003Ch4>💡 How It Works\u003C\u002Fh4>\n\u003Col>\n\u003Cli>\u003Cstrong>Install & Scan:\u003C\u002Fstrong> Quick installation and automatic site analysis\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Get Clear Insights:\u003C\u002Fstrong> Receive easy-to-understand explanations\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Learn Best Practices:\u003C\u002Fstrong> Understand WordPress through your own site\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Implement Changes:\u003C\u002Fstrong> Follow actionable recommendations\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Monitor Progress:\u003C\u002Fstrong> Track improvements and keep learning\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>🎯 Perfect For\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>WordPress Beginners:\u003C\u002Fstrong> Finally understand what’s happening on your site\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Store Owners:\u003C\u002Fstrong> Optimize WooCommerce performance and boost sales\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Agency Teams:\u003C\u002Fstrong> Maintain multiple sites while learning best practices\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Content Creators:\u003C\u002Fstrong> Improve site visibility while mastering WordPress\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>🌟 What’s New in 2.3.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>NEW\u003C\u002Fstrong>: Plugins Management\u003C\u002Fli>\n\u003Cli>New “Plugins Management” feature: view all installed plugins with status pills (Active, Inactive, Update Available, Up to date)\u003C\u002Fli>\n\u003Cli>Dashboard overview counts green (up to date) and red (updates available) pills alongside other feature statuses\u003C\u002Fli>\n\u003Cli>Details drawer with overview, full description, and changelog from WordPress.org\u003C\u002Fli>\n\u003Cli>Activate\u002Fdeactivate plugins from the card or drawer; search by name, author, or description\u003C\u002Fli>\n\u003Cli>\u003Cstrong>NEW\u003C\u002Fstrong>: Abilities API – \u003Ccode>divewp\u002Fplugins-management\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Operations: list (all plugins with status), details (wp.org description and changelog for one plugin), toggle (activate\u002Fdeactivate by plugin file)\u003C\u002Fli>\n\u003Cli>AI assistants can list plugins, fetch plugin info, or change activation state via MCP\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>🌟 What’s New in 2.2.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>NEW\u003C\u002Fstrong>: AI Capabilities & WordPress Abilities API\u003C\u002Fli>\n\u003Cli>New “AI Capabilities” tab with step-by-step setup guide\u003C\u002Fli>\n\u003Cli>10 diagnostic abilities for AI agents (server, cron jobs, database, security, performance, and more)\u003C\u002Fli>\n\u003Cli>Support for Cursor, Claude Desktop, ChatGPT via Model Context Protocol (MCP)\u003C\u002Fli>\n\u003Cli>Secure access using WordPress Application Passwords\u003C\u002Fli>\n\u003Cli>\u003Cstrong>NEW\u003C\u002Fstrong>: Cron Job Manager & WP-Cron Monitoring\u003C\u002Fli>\n\u003Cli>Full cron jobs dashboard: WP-Cron and Action Scheduler in one place\u003C\u002Fli>\n\u003Cli>Hook performance, overdue and orphan detection, execution history\u003C\u002Fli>\n\u003Cli>Abilities API integration: \u003Ccode>divewp\u002Fcron-insights\u003C\u002Fcode> for AI-driven cron diagnostics\u003C\u002Fli>\n\u003Cli>\u003Cstrong>NEW\u003C\u002Fstrong>: REST API Access Logging in User Events\u003C\u002Fli>\n\u003Cli>Track API access via Application Passwords in the event log\u003C\u002Fli>\n\u003Cli>Monitor AI agent activity and external integrations\u003C\u002Fli>\n\u003Cli>Throttled logging to prevent flood from MCP bursts\u003C\u002Fli>\n\u003Cli>\u003Cstrong>IMPROVED\u003C\u002Fstrong>: Cron Jobs Feature Enhancements\u003C\u002Fli>\n\u003Cli>Aligned AJAX and server health calculations for consistent status display\u003C\u002Fli>\n\u003Cli>“Potential orphan” terminology for clearer task identification\u003C\u002Fli>\n\u003Cli>Added Alternate Cron explanation footnote\u003C\u002Fli>\n\u003Cli>Visual accent pills for Important\u002FRecommendation notes in task modals\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>Need help? We’re here for you!\u003C\u002Fp>\n\u003Cul>\n\u003Cli>📚 \u003Ca href=\"https:\u002F\u002Fdivewp.com\u002Fdocumentation\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>💬 \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fdivewp\u002F\" rel=\"ugc\">Support Forum\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>🐞 \u003Ca href=\"https:\u002F\u002Fdivewp.com\u002Fcontact\u002F\" rel=\"nofollow ugc\">Bug Reports and Contact\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Privacy\u003C\u002Fh3>\n\u003Cp>DiveWP respects your privacy and that of your users. We do not collect any personal data. All analysis is performed locally on your server.\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>DiveWP is proudly created and maintained by Oleg Petrov.\u003C\u002Fp>\n","Learn WP Best Practices Through Your Own Site! Get clear insights about Performance, Security, and Best Practices – explained in plain English.",200,1884,100,6,"2026-02-26T08:16:00.000Z","6.9.4","6.8","7.2",[20,21,22,23,24],"abilities-api","cron-jobs","performance-optimization","security","site-health","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdivewp-boost-site-performance\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdivewp-boost-site-performance.2.3.3.zip",0,null,"2026-03-15T15:16:48.613Z",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":11,"avg_security_score":13,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"replikon",1,30,94,"2026-04-03T21:29:55.516Z",[38,56,81,101,123],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":13,"num_ratings":48,"last_updated":49,"tested_up_to":16,"requires_at_least":50,"requires_php":51,"tags":52,"homepage":54,"download_link":55,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"wpvulnerability","WPVulnerability","4.3.1","Javier Casares","https:\u002F\u002Fprofiles.wordpress.org\u002Fjaviercasares\u002F","\u003Cp>This plugin integrates with the WPVulnerability API to provide real-time vulnerability assessments for your WordPress core, plugins, themes, PHP version, Apache HTTPD, nginx, MariaDB, MySQL, ImageMagick, curl, memcached, Redis, and SQLite.\u003C\u002Fp>\n\u003Cp>It delivers detailed reports directly within your WordPress dashboard, helping you stay aware of potential security risks. Configure the plugin to send periodic notifications about your site’s security status, ensuring you remain informed without being overwhelmed. Designed for ease of use, it supports proactive security measures without storing or retrieving any personal data from your site.\u003C\u002Fp>\n\u003Ch4>Data reliability\u003C\u002Fh4>\n\u003Cp>The information provided by the information database comes from different sources that have been reviewed by third parties. There is no liability of any kind for the information. Act at your own risk.\u003C\u002Fp>\n\u003Ch3>Using the plugin\u003C\u002Fh3>\n\u003Ch4>WP-CLI\u003C\u002Fh4>\n\u003Cp>You can use the following WP-CLI commands to manage and check vulnerabilities:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Core: \u003Ccode>wp wpvulnerability core\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Plugins: \u003Ccode>wp wpvulnerability plugins\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Themes: \u003Ccode>wp wpvulnerability themes\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>PHP: \u003Ccode>wp wpvulnerability php\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Apache HTTPD: \u003Ccode>wp wpvulnerability apache\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>nginx: \u003Ccode>wp wpvulnerability nginx\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>MariaDB: \u003Ccode>wp wpvulnerability mariadb\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>MySQL: \u003Ccode>wp wpvulnerability mysql\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>ImageMagick: \u003Ccode>wp wpvulnerability imagemagick\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>curl: \u003Ccode>wp wpvulnerability curl\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>memcached: \u003Ccode>wp wpvulnerability memcached\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Redis: \u003Ccode>wp wpvulnerability redis\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>SQLite: \u003Ccode>wp wpvulnerability sqlite\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>To configure the plugin you can use:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Hide component: \u003Ccode>wp wpvulnerability config hide \u003Ccomponent> [on|off]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Notification email: \u003Ccode>wp wpvulnerability config email \u003Cemails>\u003C\u002Fcode> (comma separatted)\u003C\u002Fli>\n\u003Cli>Notification period: \u003Ccode>wp wpvulnerability config period \u003Cnever|daily|weekly>\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Log retention: \u003Ccode>wp wpvulnerability config log-retention \u003C0|1|7|14|28>\u003C\u002Fcode> (in days)\u003C\u002Fli>\n\u003Cli>Cache duration: \u003Ccode>wp wpvulnerability config cache \u003C1|6|12|24>\u003C\u002Fcode> (in hours)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>All commands support the \u003Ccode>--format\u003C\u002Fcode> option to specify the output format:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>--format=table\u003C\u002Fcode>: Displays the results in a table format (default).\u003C\u002Fli>\n\u003Cli>\u003Ccode>--format=json\u003C\u002Fcode>: Displays the results in JSON format.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Need help?\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>wp wpvulnerability --help\u003C\u002Fcode>: Displays help information for WPVulnerability commands.\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp wpvulnerability [command] --help\u003C\u002Fcode>: Displays help information for a WPVulnerability command.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>REST API\u003C\u002Fh4>\n\u003Cp>The WPVulnerability plugin provides several \u003Cstrong>REST API endpoints\u003C\u002Fstrong> to fetch vulnerability information for different components of your WordPress site.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Core: \u003Ccode>\u002Fwpvulnerability\u002Fv1\u002Fcore\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Plugins: \u003Ccode>\u002Fwpvulnerability\u002Fv1\u002Fplugins\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Themes: \u003Ccode>\u002Fwpvulnerability\u002Fv1\u002Fthemes\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>PHP: \u003Ccode>\u002Fwpvulnerability\u002Fv1\u002Fphp\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Apache HTTPD: \u003Ccode>\u002Fwpvulnerability\u002Fv1\u002Fapache\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>nginx: \u003Ccode>\u002Fwpvulnerability\u002Fv1\u002Fnginx\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>MariaDB: \u003Ccode>\u002Fwpvulnerability\u002Fv1\u002Fmariadb\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>MySQL: \u003Ccode>\u002Fwpvulnerability\u002Fv1\u002Fmysql\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>ImageMagick: \u003Ccode>\u002Fwpvulnerability\u002Fv1\u002Fimagemagick\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>curl: \u003Ccode>\u002Fwpvulnerability\u002Fv1\u002Fcurl\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>memcached: \u003Ccode>\u002Fwpvulnerability\u002Fv1\u002Fmemcached\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Redis: \u003Ccode>\u002Fwpvulnerability\u002Fv1\u002Fredis\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>SQLite: \u003Ccode>\u002Fwpvulnerability\u002Fv1\u002Fsqlite\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The WPVulnerability REST API uses \u003Cstrong>Application Passwords\u003C\u002Fstrong> for authentication. You need to include a valid Application Password in the Authorization header of your requests.\u003C\u002Fp>\n\u003Cp>Example Request with Authentication\u003C\u002Fp>\n\u003Cpre>\u003Ccode>curl -X GET https:\u002F\u002Fexample.com\u002Fwp-json\u002Fwpvulnerability\u002Fv1\u002Fplugins -u username:application_password\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Replace username with your WordPress \u003Ccode>username\u003C\u002Fcode> and \u003Ccode>application_password\u003C\u002Fcode> with your \u003Ca href=\"https:\u002F\u002Fmake.wordpress.org\u002Fcore\u002F2020\u002F11\u002F05\u002Fapplication-passwords-integration-guide\u002F\" rel=\"nofollow ugc\">Application Password\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Extra Configurations\u003C\u002Fh3>\n\u003Ch4>“From:” mail (since: 3.2.2)\u003C\u002Fh4>\n\u003Cp>If, for some reason, you need the emails sent by the plugin to have a From different from the site administrator, you can change it from the \u003Ccode>wp-config.php\u003C\u002Fcode> by adding a constant:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define( 'WPVULNERABILITY_MAIL', 'sender@example.com' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>If the constant is active, it will be visible in the configuration screen.\u003C\u002Fp>\n\u003Ch4>Force hiding checks (since: 4.1.0)\u003C\u002Fh4>\n\u003Cp>If you want to always hide a specific component, you can define a constant in \u003Ccode>wp-config.php\u003C\u002Fcode>. When set to \u003Ccode>true\u003C\u002Fcode>, the option will be checked automatically in the settings screen and the related analysis will be skipped.\u003C\u002Fp>\n\u003Cp>Example:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define( 'WPVULNERABILITY_HIDE_APACHE', true );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Available constants: \u003Ccode>WPVULNERABILITY_HIDE_CORE\u003C\u002Fcode>, \u003Ccode>WPVULNERABILITY_HIDE_PLUGINS\u003C\u002Fcode>, \u003Ccode>WPVULNERABILITY_HIDE_THEMES\u003C\u002Fcode>, \u003Ccode>WPVULNERABILITY_HIDE_PHP\u003C\u002Fcode>, \u003Ccode>WPVULNERABILITY_HIDE_APACHE\u003C\u002Fcode>, \u003Ccode>WPVULNERABILITY_HIDE_NGINX\u003C\u002Fcode>, \u003Ccode>WPVULNERABILITY_HIDE_MARIADB\u003C\u002Fcode>, \u003Ccode>WPVULNERABILITY_HIDE_MYSQL\u003C\u002Fcode>, \u003Ccode>WPVULNERABILITY_HIDE_IMAGEMAGICK\u003C\u002Fcode>, \u003Ccode>WPVULNERABILITY_HIDE_CURL\u003C\u002Fcode>, \u003Ccode>WPVULNERABILITY_HIDE_MEMCACHED\u003C\u002Fcode>, \u003Ccode>WPVULNERABILITY_HIDE_REDIS\u003C\u002Fcode>, \u003Ccode>WPVULNERABILITY_HIDE_SQLITE\u003C\u002Fcode>.\u003C\u002Fp>\n\u003Ch4>Cache duration (since: 4.1.0)\u003C\u002Fh4>\n\u003Cp>By default, data from the API is cached for 12 hours. To change this, define \u003Ccode>WPVULNERABILITY_CACHE_HOURS\u003C\u002Fcode> in \u003Ccode>wp-config.php\u003C\u002Fcode> with one of \u003Ccode>1\u003C\u002Fcode>, \u003Ccode>6\u003C\u002Fcode>, \u003Ccode>12\u003C\u002Fcode> or \u003Ccode>24\u003C\u002Fcode>. This value overrides the setting screen and WP-CLI command.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define( 'WPVULNERABILITY_CACHE_HOURS', 24 );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Log rotation (since: 4.2.0)\u003C\u002Fh4>\n\u003Cp>WPVulnerability stores the most recent API responses so you can review recent calls from the new log tab. Define \u003Ccode>WPVULNERABILITY_LOG_RETENTION_DAYS\u003C\u002Fcode> in \u003Ccode>wp-config.php\u003C\u002Fcode> to control how many days of entries are preserved. Supported values are \u003Ccode>0\u003C\u002Fcode>, \u003Ccode>1\u003C\u002Fcode>, \u003Ccode>7\u003C\u002Fcode>, \u003Ccode>14\u003C\u002Fcode> or \u003Ccode>28\u003C\u002Fcode>; using \u003Ccode>0\u003C\u002Fcode> disables logging entirely.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define( 'WPVULNERABILITY_LOG_RETENTION_DAYS', 14 );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>When the constant is present its value is enforced in the settings UI and through WP-CLI, ensuring consistent log rotation across environments.\u003C\u002Fp>\n\u003Ch4>Security configuration (since: 4.3.0)\u003C\u002Fh4>\n\u003Cp>WPVulnerability uses a hybrid detection approach for server software (ImageMagick, Redis, Memcached, SQLite): PHP extensions first (most secure), then shell commands as fallback (most accurate). You can control this behavior using security configuration constants in \u003Ccode>wp-config.php\u003C\u002Fcode>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Global disable of shell commands:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define( 'WPVULNERABILITY_DISABLE_SHELL_EXEC', true );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Completely disables shell command usage. Falls back to PHP extensions only. Use for maximum security when accuracy loss is acceptable.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Security mode (standard\u002Fstrict\u002Fdisabled):\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define( 'WPVULNERABILITY_SECURITY_MODE', 'strict' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cul>\n\u003Cli>\u003Ccode>standard\u003C\u002Fcode> – Hybrid detection: PHP extensions first, shell commands fallback (default, best accuracy)\u003C\u002Fli>\n\u003Cli>\u003Ccode>strict\u003C\u002Fcode> – PHP extensions only, no shell commands (high security, lower accuracy)\u003C\u002Fli>\n\u003Cli>\u003Ccode>disabled\u003C\u002Fcode> – No software detection at all (maximum security)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Component whitelist:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define( 'WPVULNERABILITY_SHELL_EXEC_WHITELIST', 'imagemagick,redis' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Allows shell commands only for specified components. Available components: \u003Ccode>imagemagick\u003C\u002Fcode>, \u003Ccode>redis\u003C\u002Fcode>, \u003Ccode>memcached\u003C\u002Fcode>, \u003Ccode>sqlite\u003C\u002Fcode>. Use for granular control.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Examples:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Maximum security (no shell commands):\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define( 'WPVULNERABILITY_SECURITY_MODE', 'strict' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Only allow ImageMagick shell detection:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define( 'WPVULNERABILITY_SHELL_EXEC_WHITELIST', 'imagemagick' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Complete disable:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define( 'WPVULNERABILITY_DISABLE_SHELL_EXEC', true );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>All shell commands are hardcoded and validated – no user input is involved. Commands are logged for security auditing.\u003C\u002Fp>\n\u003Ch3>Compatibility\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>WordPress: 4.7 – 6.9\u003C\u002Fli>\n\u003Cli>PHP: 5.6 – 8.5\u003C\u002Fli>\n\u003Cli>WP-CLI: 2.3.0 – 2.11.0\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Security\u003C\u002Fh3>\n\u003Cp>This plugin adheres to the following security measures and review protocols for each version:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdeveloper.wordpress.org\u002Fplugins\u002F\" rel=\"nofollow ugc\">WordPress Plugin Handbook\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdeveloper.wordpress.org\u002Fplugins\u002Fwordpress-org\u002Fplugin-security\u002F\" rel=\"nofollow ugc\">WordPress Plugin Security\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdeveloper.wordpress.org\u002Fapis\u002Fsecurity\u002F\" rel=\"nofollow ugc\">WordPress APIs Security\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FWordPress\u002FWordPress-Coding-Standards\" rel=\"nofollow ugc\">WordPress Coding Standards\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fplugin-check\u002F\" rel=\"ugc\">Plugin Check (PCP)\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Privacy\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>This plugin or the WordPress Vulnerability Database API does not collect any information about your site, your identity, the plugins, themes or content the site has.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Vulnerabilities\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>A security vulnerability was found and fixed in version 4.2.2.1. All previous versions (3.3.0 – 4.2.1) are affected. Please update to version 4.2.2.1 or later.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Found a security vulnerability? Please report it to us privately at the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fjaviercasares\u002Fwpvulnerability\u002Fsecurity\u002Fadvisories\u002Fnew\" rel=\"nofollow ugc\">WPVulnerability GitHub repository\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Contributors\u003C\u002Fh3>\n\u003Cp>You can contribute to this plugin at the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fjaviercasares\u002Fwpvulnerability\" rel=\"nofollow ugc\">WPVulnerability GitHub repository\u003C\u002Fa>.\u003C\u002Fp>\n","Get WordPress vulnerability alerts from the WPVulnerability Database API.",10000,527094,20,"2026-01-20T15:01:00.000Z","4.7","5.6",[23,24,53],"vulnerability","https:\u002F\u002Fwww.wpvulnerability.com\u002Fplugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpvulnerability.4.3.1.zip",{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":66,"num_ratings":67,"last_updated":68,"tested_up_to":16,"requires_at_least":69,"requires_php":70,"tags":71,"homepage":76,"download_link":77,"security_score":78,"vuln_count":79,"unpatched_count":27,"last_vuln_date":80,"fetched_at":29},"sitelock","SiteLock Security – WP Hardening, Login Security & Malware Scans","5.1.0","SiteLock","https:\u002F\u002Fprofiles.wordpress.org\u002Fsitelocksecurity\u002F","\u003Cblockquote>\n\u003Cp>\u003Cstrong>🌟 Completely redesigned in Version 5.0 — now even stronger with 2FA in 5.1 🌟\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The SiteLock WordPress plugin was recently rebuilt with three goals: make it faster, make it clearer and move the heavy work to the cloud. We built a cloudfirst architecture, modernized UI, expanded security controls and stripped out everything that didn’t need to be there. Our latest 5.1 release builds on that foundation with TwoFactor Authentication (2FA) to strengthen login security and give you tighter control over access.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>The big changes:\u003C\u002Fstrong>\u003Cbr \u002F>\n  – 🔒 Enhanced WordPress-specific hardening and login security controls\u003Cbr \u002F>\n  – ☁️ Cloud-powered scanning architecture for zero performance impact\u003Cbr \u002F>\n  – 🩺 New Site Health interface that shows you what matters in one view\u003Cbr \u002F>\n  – ⚡ Streamlined controls (fewer clicks to get protected)\u003Cbr \u002F>\n  – ✨ Modern codebase built for the WordPress you’re actually using today\u003Cbr \u002F>\n  – 🔢 Two-Factor Authentication (2FA) now available for stronger login protection\u003C\u002Fp>\n\u003Cp>If you used the old plugin: this is a different tool. If you’re new: you’re starting with the cleanest, fastest version of the plugin.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>Your website deserves protection that’s simple, fast and built for WordPress. SiteLock WordPress Security focuses on the everyday controls that matter most and helps you establish a secure baseline in minutes — WordPress-specific hardening, login protection with Two-Factor Authentication (2FA) and a clear Site Health dashboard that keeps you in control without slowing your site down. It’s lightweight, action-first protection that complements your host defenses: essential safeguards run inside WordPress while deeper checks happen securely in the SiteLock cloud. Skip heavy on-server scans and alert fatigue — run on-demand checks when you need extra assurance, so you can ship updates with confidence.\u003C\u002Fp>\n\u003Ch4>Security that grows with you\u003C\u002Fh4>\n\u003Cp>Our goal is straightforward: maintain a strong baseline with minimal overhead while giving you clear visibility and room to grow as your needs evolve.\u003Cbr \u002F>\nAnd because security is never static, this plugin keeps pace. Two-Factor Authentication (2FA) is now available to strengthen login security with an extra layer of protection.\u003C\u002Fp>\n\u003Ch4>Commercial plugin\u003C\u002Fh4>\n\u003Cp>This plugin is free but offers additional paid commercial upgrades or support.\u003C\u002Fp>\n\u003Ch3>What’s included\u003C\u002Fh3>\n\u003Ch4>WordPress Hardening: Cut common attack paths in just a few clicks\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Disable directory listing\u003C\u002Fli>\n\u003Cli>Restrict PHP execution in upload folders\u003C\u002Fli>\n\u003Cli>Limit unsafe script types\u003C\u002Fli>\n\u003Cli>Force strong configuration defaults to close risky gaps\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>All options are toggle-based and reversible — safe to enable, easy to test and lightweight on performance.\u003C\u002Fem>\u003C\u002Fp>\n\u003Ch4>Login Security: Protect what matters most — your access\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Two-Factor Authentication (2FA)\u003C\u002Fstrong>: Add a second layer of verification to protect admin access\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Brute-force defense\u003C\u002Fstrong>: Blocks repeated failed logins and temporarily locks abusive IPs\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Password policy prompts\u003C\u002Fstrong>: Encourage stronger credentials without breaking workflows\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Session timeouts\u003C\u002Fstrong>: Automatically end idle sessions to prevent account hijacks\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Activity awareness\u003C\u002Fstrong>: View recent logins and admin changes in the \u003Cstrong>Activity Log\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Site Health & Cloud Checks: Clarity without noise\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Site Health Dashboard\u003C\u002Fstrong>: Surface key signals in one view — WordPress hardening status, last scan timestamp and actionable indicators\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Cloud Checks\u003C\u002Fstrong>: Connect your free SiteLock account to enable recurring off-server checks (Webpage Scan, SSL Verification, Email Reputation and more)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Scan Now\u003C\u002Fstrong>: Run on-demand checks after updates or changes for instant assurance — no heavy, always-on local scanners\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Activity Log\u003C\u002Fstrong>: Track what’s happening across your WordPress admin. See admin\u002Flogin events at a glance making it easy to spot anomalies early and keep accountability clear\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Why Choose SiteLock WordPress Security?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Lightweight by design\u003C\u002Fstrong>: All high-impact protections, no unnecessary load\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real visibility\u003C\u002Fstrong>: Know your security posture in seconds with Site Health\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Cloud-powered assurance\u003C\u002Fstrong>: Checks run off-server, protecting performance\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Flexible setup\u003C\u002Fstrong>: Use standalone or connect a SiteLock account for added layers\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Strong login protection\u003C\u002Fstrong>: Two-Factor Authentication (2FA) alongside brute-force defense and session controls\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Trusted heritage\u003C\u002Fstrong>: From the global leader in SMB website security backed by continuous innovation and research\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Aligned to WordPress\u003C\u002Fstrong>: Designed to stay out of your way and keep performance priorities intact\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Who It’s For\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Small businesses & startups\u003C\u002Fli>\n\u003Cli>Portfolio & personal brand sites\u003C\u002Fli>\n\u003Cli>WooCommerce shops & small e-commerce\u003C\u002Fli>\n\u003Cli>Agencies & website maintenance services\u003C\u002Fli>\n\u003Cli>Freelance developers & web designers\u003C\u002Fli>\n\u003Cli>Bloggers, creators & publishers\u003C\u002Fli>\n\u003Cli>Community & membership sites\u003C\u002Fli>\n\u003Cli>Nonprofits & educational sites\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>If you manage a WordPress website, SiteLock gives you confidence and control whether you run one site or hundreds.\u003C\u002Fem>\u003C\u002Fp>\n\u003Ch4>Can I Fix an Already-Infected Site with This Plugin?\u003C\u002Fh4>\n\u003Cp>The plugin focuses on prevention, posture and visibility — not full malware removal. It isn’t designed to fully clean up sites that were infected before it was active.\u003Cbr \u002F>\nIf your site is already compromised, act quickly, we recommend:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Restoring from a clean backup if available\u003C\u002Fli>\n\u003Cli>Remove malicious files manually or with professional help\u003C\u002Fli>\n\u003Cli>For urgent assistance, consider \u003Ca href=\"https:\u002F\u002Fwww.sitelock.com\u002Fproducts\u002Ffix-hacked-site\u002F\" rel=\"nofollow ugc\">SiteLock 911 – Emergency Malware Removal\u003C\u002Fa> for rapid cleanup\u003C\u002Fli>\n\u003Cli>For ongoing defense, consider \u003Ca href=\"https:\u002F\u002Fwww.sitelock.com\u002Fpricing\u002F\" rel=\"nofollow ugc\">choosing a comprehensive SiteLock plan\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Don’t Know Where To Start? Try This\u003C\u002Fh4>\n\u003Cp>Here are common first moves teams take with SiteLock. Order isn’t enforced — choose what fits your site and workflow:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Enable WordPress hardening that matches your hosting and theme setup\u003C\u002Fli>\n\u003Cli>Turn on Login Security controls: brute-force lockouts, session timeouts, and password-hygiene prompts\u003C\u002Fli>\n\u003Cli>Connect a free SiteLock account, then use Scan Now to run an on-demand check after plugin\u002Ftheme updates\u003C\u002Fli>\n\u003Cli>Review the Activity Log after major changes to spot unexpected admin\u002Flogin events quickly\u003Cbr \u002F>\nMake one change at a time, validate and roll back any toggle that conflicts with your stack.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Need Help with Setup or Fixes?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Visit \u003Ca href=\"https:\u002F\u002Fwww.sitelock.com\u002Fhelp-center\u002F?topics=wordpress-plugin\" rel=\"nofollow ugc\">Help Center – WordPress\u003C\u002Fa> for plugin specific help\u003C\u002Fli>\n\u003Cli>For broader topics explore the \u003Ca href=\"https:\u002F\u002Fwww.sitelock.com\u002Fhelp-center\u002F\" rel=\"nofollow ugc\">SiteLock Help Center\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Security\u003C\u002Fh4>\n\u003Cp>Protecting our customers and systems is a top priority, and we take security very seriously. If you believe you’ve found a security vulnerability in the SiteLock WordPress plugin, please let us know at vuln-reporting@sitelock.com before sharing any details publicly.\u003C\u002Fp>\n","Free, lightweight WordPress security. Harden your site with login protection & 2FA, see Site Health clearly and run on-demand checks—setup in minutes.",1000,48458,68,14,"2026-02-26T21:50:00.000Z","3.8","8.0",[72,73,24,74,75],"login-security","malware-scan","vulnerability-scanner","wordpress-security","https:\u002F\u002Fwww.sitelock.com\u002Fwordpress","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsitelock.5.1.0.zip",98,2,"2026-01-25 00:00:00",{"slug":82,"name":83,"version":84,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":64,"downloaded":89,"rating":90,"num_ratings":91,"last_updated":92,"tested_up_to":93,"requires_at_least":94,"requires_php":95,"tags":96,"homepage":98,"download_link":99,"security_score":100,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"wp-disable-site-health","WP Disable Site Health","1.0","WP Academic","https:\u002F\u002Fprofiles.wordpress.org\u002Feastsidecode\u002F","\u003Cp>The addition of the new Site Health screen can be useful but it exposes a lot of server information that should be kept private. This plugin disables this feature in WordPress.\u003C\u002Fp>\n\u003Cp>Major features in WP Disable Site Health include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>No setup required!\u003C\u002Fli>\n\u003Cli>Prevents the Site Health screen from exposing critical server information.\u003C\u002Fli>\n\u003C\u002Ful>\n","License: GPLv2 or later Disables new Site Health screen from WP Dashboard",3539,80,3,"2019-06-13T12:39:00.000Z","5.2.24","4.5","",[97,23],"disable-site-health-screen","https:\u002F\u002Feastsidecode.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-disable-site-health.zip",85,{"slug":102,"name":103,"version":104,"author":105,"author_profile":106,"description":107,"short_description":108,"active_installs":109,"downloaded":110,"rating":111,"num_ratings":112,"last_updated":113,"tested_up_to":114,"requires_at_least":115,"requires_php":95,"tags":116,"homepage":121,"download_link":122,"security_score":100,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"wp-safely-disable-directory-browsing","WP safely disable directory browsing","0.1","Maurisource","https:\u002F\u002Fprofiles.wordpress.org\u002Fmaurisource\u002F","\u003Cp>This essential .htaccess rules plugin allow you to improve security of your wordpress blog.\u003C\u002Fp>\n\u003Cp>More info:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>More info on \u003Ca href=\"http:\u002F\u002Fwww.maurisource.com\u002Fblog\u002Fwp-safely-disable-directory-browsing\u002F\" rel=\"nofollow ugc\">WP safely disable directory browsing\u003C\u002Fa>, with info on how to configure it.\u003C\u002Fli>\n\u003Cli>Special Thanks to \u003Ca href=\"http:\u002F\u002Fwww.maurisource.com\u002F\" rel=\"nofollow ugc\">Agence web Montreal\u003C\u002Fa> for support.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Changelog\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>0.1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>first release\u003C\u002Fli>\n\u003C\u002Ful>\n","This essential .htaccess rules plugin allow you to improve security of your wordpress blog.",300,5850,82,8,"2012-10-05T18:03:00.000Z","2.9.2","2.6",[117,118,119,75,120],"directory-browsing","htaccess","web-performance-optimization","wp-content","http:\u002F\u002Fwww.maurisource.com\u002Fblog\u002Fwp-safely-disable-directory-browsing\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-safely-disable-directory-browsing.zip",{"slug":124,"name":125,"version":126,"author":127,"author_profile":128,"description":129,"short_description":130,"active_installs":13,"downloaded":131,"rating":13,"num_ratings":132,"last_updated":133,"tested_up_to":93,"requires_at_least":134,"requires_php":51,"tags":135,"homepage":139,"download_link":140,"security_score":100,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"site-health-manager","Site Health Manager","1.1.2","Rami Yushuvaev","https:\u002F\u002Fprofiles.wordpress.org\u002Framiy\u002F","\u003Cp>Make sure your health score is correct by running only the tests relevant to your server configuration. Take some protective measures to keep your critical server data hidden and secure.\u003C\u002Fp>\n\u003Ch4>Status Manager\u003C\u002Fh4>\n\u003Cp>Site Health Status screen generates a health score based on tests it runs on the server, but some tests may not be relevant to your server setup. This may cause a low health score, unhappy site owners, and complaints for web hosts.\u003C\u002Fp>\n\u003Cp>Select the test you want to disable in order to prevent displaying the wrong health score in your Site Health Status screen. For example, missing PHP extensions for security reasons or disabled background updates to allow version control.\u003C\u002Fp>\n\u003Ch4>Info Manager\u003C\u002Fh4>\n\u003Cp>Site Health Info screen displays configuration data and debugging information. Some data in this screen is confidential and sharing critical server data should be done with caution and with security in mind.\u003C\u002Fp>\n\u003Cp>Select what information you want to disable in order to prevent your users from copying it to the clipboard when sharing debug data with third parties. For example, when sending data to plugin\u002Ftheme developers to debug issues.\u003C\u002Fp>\n\u003Ch4>Contribute\u003C\u002Fh4>\n\u003Cp>If you want to contribute, visit \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Framiy\u002Fsite-health-manager\" rel=\"nofollow ugc\">Site Health Manager GitHub Repository\u003C\u002Fa> and see where you can help.\u003C\u002Fp>\n\u003Cp>You can also help by translating the plugin to your language via \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fsite-health-manager\u002F\" rel=\"nofollow ugc\">translate.wordpress.org\u003C\u002Fa>.\u003C\u002Fp>\n","Control which status tests and what debug information appear in your Site Health screen.",3967,4,"2019-06-20T12:58:00.000Z","5.2",[136,137,138,23,24],"confidential-data","debug","health","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsite-health-manager\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsite-health-manager.1.1.2.zip",{"attackSurface":142,"codeSignals":692,"taintFlows":1018,"riskAssessment":1269,"analyzedAt":1279},{"hooks":143,"ajaxHandlers":505,"restRoutes":683,"shortcodes":684,"cronEvents":685,"entryPointCount":504,"unprotectedCount":691},[144,150,154,157,159,163,166,171,175,180,183,187,190,194,198,201,205,207,209,211,215,218,220,223,226,229,231,233,235,237,239,241,245,249,252,254,256,258,262,266,269,275,278,281,284,288,292,295,299,303,307,311,315,319,322,325,328,331,336,339,341,344,347,350,352,355,357,360,363,366,371,375,379,383,386,390,394,398,401,405,408,411,413,416,420,424,426,430,433,436,440,443,447,451,454,457,461,465,467,471,474,478,482,486,490,494,497,500,502],{"type":145,"name":146,"callback":147,"file":148,"line":149},"action","admin_notices","closure","divewp.php",91,{"type":145,"name":151,"callback":152,"file":148,"line":153},"admin_init","divewp_check_update",155,{"type":145,"name":151,"callback":155,"file":148,"line":156},"divewp_admin_init",187,{"type":145,"name":146,"callback":147,"file":148,"line":158},245,{"type":145,"name":160,"callback":161,"file":148,"line":162},"plugins_loaded","divewp_run_plugin",254,{"type":145,"name":164,"callback":147,"file":148,"line":165},"admin_footer",285,{"type":145,"name":167,"callback":168,"priority":169,"file":148,"line":170},"admin_enqueue_scripts","divewp_emergency_script_load",999,289,{"type":145,"name":167,"callback":172,"file":173,"line":174},"enqueue_timeline_styles","includes\\class-dashboard-overview.php",26,{"type":145,"name":176,"callback":177,"file":178,"line":179},"wp_abilities_api_categories_init","register_category","includes\\class-divewp-abilities.php",62,{"type":145,"name":181,"callback":177,"file":178,"line":182},"abilities_api_categories_init",63,{"type":145,"name":184,"callback":185,"file":178,"line":186},"wp_abilities_api_init","register_abilities",66,{"type":145,"name":188,"callback":185,"file":178,"line":189},"abilities_api_init",67,{"type":145,"name":167,"callback":191,"file":192,"line":193},"enqueue_styles","includes\\class-divewp-feedback.php",159,{"type":145,"name":146,"callback":195,"priority":196,"file":192,"line":197},"display_feedback_notice",10,160,{"type":145,"name":151,"callback":199,"file":192,"line":200},"register_settings",162,{"type":145,"name":202,"callback":203,"priority":13,"file":204,"line":186},"admin_bar_menu","add_admin_bar_button","includes\\class-divewp-main.php",{"type":145,"name":167,"callback":206,"file":204,"line":189},"enqueue_admin_bar_styles",{"type":145,"name":208,"callback":206,"file":204,"line":66},"wp_enqueue_scripts",{"type":145,"name":146,"callback":147,"file":204,"line":210},116,{"type":145,"name":212,"callback":213,"file":204,"line":214},"admin_menu","add_menu_page",280,{"type":145,"name":167,"callback":191,"priority":216,"file":204,"line":217},99,283,{"type":145,"name":146,"callback":147,"file":204,"line":219},318,{"type":145,"name":146,"callback":221,"file":204,"line":222},"__return_false",524,{"type":145,"name":224,"callback":221,"file":204,"line":225},"all_admin_notices",525,{"type":145,"name":227,"callback":147,"priority":27,"file":204,"line":228},"admin_head",529,{"type":145,"name":164,"callback":147,"file":204,"line":230},552,{"type":145,"name":212,"callback":213,"file":204,"line":232},1070,{"type":145,"name":167,"callback":191,"file":204,"line":234},1071,{"type":145,"name":202,"callback":203,"priority":13,"file":204,"line":236},1072,{"type":145,"name":167,"callback":206,"file":204,"line":238},1073,{"type":145,"name":208,"callback":206,"file":204,"line":240},1074,{"type":145,"name":167,"callback":242,"file":243,"line":244},"enqueue_scripts","includes\\features\\choose-hosting\\class-choose-hosting.php",51,{"type":145,"name":246,"callback":247,"file":243,"line":248},"wp_logout","cleanup_user_transients",54,{"type":145,"name":250,"callback":147,"file":251,"line":179},"shutdown","includes\\features\\choose-hosting\\class-database-tests.php",{"type":145,"name":250,"callback":147,"file":251,"line":253},201,{"type":145,"name":250,"callback":147,"file":251,"line":255},347,{"type":145,"name":250,"callback":147,"file":251,"line":257},487,{"type":145,"name":167,"callback":259,"file":260,"line":261},"enqueue_assets","includes\\features\\class-ai-capabilities.php",27,{"type":145,"name":151,"callback":263,"file":264,"line":265},"build_plugin_hooks_cache","includes\\features\\cron-jobs\\class-cron-data.php",44,{"type":145,"name":167,"callback":259,"file":267,"line":268},"includes\\features\\cron-jobs\\class-cron-jobs.php",97,{"type":270,"name":271,"callback":272,"priority":33,"file":273,"line":274},"filter","cron_schedules","add_custom_schedule_interval","includes\\features\\cron-jobs\\class-cron-logger.php",103,{"type":145,"name":160,"callback":276,"priority":33,"file":273,"line":277},"early_attach_to_cron_hooks",117,{"type":145,"name":279,"callback":276,"priority":33,"file":273,"line":280},"muplugins_loaded",120,{"type":145,"name":160,"callback":282,"priority":33,"file":273,"line":283},"setup_cron_context",123,{"type":145,"name":285,"callback":286,"priority":33,"file":273,"line":287},"all","track_all_hooks",126,{"type":270,"name":289,"callback":290,"priority":196,"file":273,"line":291},"cron_request","on_cron_request",129,{"type":145,"name":160,"callback":293,"priority":48,"file":273,"line":294},"init_action_scheduler_hooks",132,{"type":145,"name":296,"callback":297,"priority":196,"file":273,"line":298},"init","schedule_cleanup_event",135,{"type":145,"name":300,"callback":301,"file":273,"line":302},"divewp_cleanup_cron_logs","cleanup_old_logs",136,{"type":270,"name":304,"callback":305,"priority":196,"file":273,"line":306},"pre_schedule_event","on_pre_schedule_event",139,{"type":270,"name":308,"callback":309,"priority":196,"file":273,"line":310},"pre_schedule_single_event","on_pre_schedule_single_event",140,{"type":145,"name":296,"callback":312,"priority":313,"file":273,"line":314},"cleanup_orphaned_events",5,143,{"type":145,"name":316,"callback":317,"priority":196,"file":273,"line":318},"action_scheduler_before_execute","before_action_execute",199,{"type":145,"name":320,"callback":321,"priority":196,"file":273,"line":11},"action_scheduler_after_execute","after_action_execute",{"type":145,"name":323,"callback":324,"priority":196,"file":273,"line":253},"action_scheduler_failed_execution","on_action_failed",{"type":145,"name":167,"callback":259,"file":326,"line":327},"includes\\features\\db-insights\\class-db-insights.php",74,{"type":145,"name":167,"callback":259,"file":329,"line":330},"includes\\features\\email-communications\\class-email-insights.php",47,{"type":270,"name":332,"callback":333,"priority":33,"file":334,"line":335},"wp_mail","log_email_before_send","includes\\features\\email-communications\\class-email-logger.php",65,{"type":145,"name":337,"callback":338,"priority":33,"file":334,"line":186},"wp_mail_failed","log_email_failure",{"type":145,"name":340,"callback":301,"file":334,"line":66},"divewp_daily_cleanup",{"type":145,"name":296,"callback":342,"file":334,"line":343},"maybe_schedule_cleanup",69,{"type":145,"name":167,"callback":259,"file":345,"line":346},"includes\\features\\performance-optimizations\\class-performance-checks.php",71,{"type":145,"name":164,"callback":348,"file":345,"line":349},"add_nonce_fields",72,{"type":145,"name":167,"callback":259,"file":351,"line":261},"includes\\features\\plugins-management\\class-plugins-management.php",{"type":145,"name":167,"callback":259,"file":353,"line":354},"includes\\features\\security-insights\\class-security.php",83,{"type":145,"name":164,"callback":348,"file":353,"line":356},84,{"type":145,"name":167,"callback":259,"file":358,"line":359},"includes\\features\\seo-optimization\\class-seo-optimization.php",33,{"type":145,"name":167,"callback":259,"file":361,"line":362},"includes\\features\\server-insights\\class-server-insights-new.php",38,{"type":145,"name":164,"callback":348,"file":364,"line":365},"includes\\features\\theme-builder\\class-theme-builder.php",87,{"type":145,"name":367,"callback":368,"priority":48,"file":369,"line":370},"transition_post_status","log_post_status_change","includes\\features\\user-events\\class-event-logger.php",109,{"type":145,"name":372,"callback":373,"priority":48,"file":369,"line":374},"post_updated","log_post_update",110,{"type":145,"name":376,"callback":377,"file":369,"line":378},"add_attachment","log_media_upload",113,{"type":145,"name":380,"callback":381,"file":369,"line":382},"delete_attachment","log_media_deletion",114,{"type":145,"name":384,"callback":385,"priority":196,"file":369,"line":277},"created_term","log_term_creation",{"type":145,"name":387,"callback":388,"priority":196,"file":369,"line":389},"edited_term","log_term_update",118,{"type":145,"name":391,"callback":392,"priority":196,"file":369,"line":393},"delete_term","log_term_deletion",119,{"type":145,"name":395,"callback":396,"priority":196,"file":369,"line":397},"transition_comment_status","log_comment_status_change",122,{"type":145,"name":399,"callback":400,"file":369,"line":283},"delete_comment","log_comment_deletion",{"type":145,"name":402,"callback":403,"file":369,"line":404},"edit_comment","log_comment_edit",124,{"type":145,"name":151,"callback":406,"file":369,"line":407},"maybe_log_admin_login",127,{"type":145,"name":246,"callback":409,"file":369,"line":410},"log_admin_logout",128,{"type":145,"name":412,"callback":409,"file":369,"line":291},"clear_auth_cookie",{"type":145,"name":414,"callback":415,"file":369,"line":294},"user_register","log_user_creation_by_admin",{"type":145,"name":417,"callback":418,"file":369,"line":419},"delete_user","log_user_deletion_by_admin",133,{"type":145,"name":421,"callback":422,"file":369,"line":423},"edit_user_profile_update","log_user_update_by_admin",134,{"type":145,"name":425,"callback":422,"file":369,"line":298},"after_password_reset",{"type":145,"name":427,"callback":428,"priority":196,"file":369,"line":429},"activated_plugin","log_plugin_activation",138,{"type":145,"name":431,"callback":432,"priority":196,"file":369,"line":306},"deactivated_plugin","log_plugin_deactivation",{"type":145,"name":434,"callback":435,"priority":196,"file":369,"line":310},"deleted_plugin","log_plugin_deletion",{"type":145,"name":437,"callback":438,"priority":196,"file":369,"line":439},"upgrader_process_complete","log_plugin_installation",141,{"type":145,"name":437,"callback":441,"priority":196,"file":369,"line":442},"log_plugin_update",142,{"type":145,"name":444,"callback":445,"priority":196,"file":369,"line":446},"switch_theme","log_theme_switch",145,{"type":145,"name":448,"callback":449,"priority":196,"file":369,"line":450},"deleted_theme","log_theme_deletion",146,{"type":145,"name":437,"callback":452,"priority":196,"file":369,"line":453},"log_theme_update",147,{"type":145,"name":437,"callback":455,"priority":196,"file":369,"line":456},"log_theme_installation",148,{"type":145,"name":458,"callback":459,"file":369,"line":460},"customize_save","log_theme_customization",149,{"type":145,"name":462,"callback":463,"priority":196,"file":369,"line":464},"updated_option","log_settings_change",152,{"type":145,"name":296,"callback":342,"file":369,"line":466},156,{"type":145,"name":468,"callback":469,"file":369,"line":470},"divewp_user_events_cleanup","cleanup_old_events",157,{"type":145,"name":472,"callback":473,"file":369,"line":197},"retrieve_password","log_password_reset_request",{"type":145,"name":475,"callback":476,"priority":196,"file":369,"line":477},"application_password_did_authenticate","mark_rest_app_password_authenticated",163,{"type":270,"name":479,"callback":480,"priority":196,"file":369,"line":481},"rest_request_before_callbacks","log_rest_api_access",166,{"type":145,"name":483,"callback":484,"priority":196,"file":369,"line":485},"set_user_role","log_user_role_change",169,{"type":145,"name":487,"callback":488,"priority":196,"file":369,"line":489},"wp_login_failed","log_failed_login",170,{"type":145,"name":491,"callback":492,"priority":196,"file":369,"line":493},"before_delete_post","log_post_permanent_deletion",171,{"type":145,"name":437,"callback":495,"priority":196,"file":369,"line":496},"log_core_update",172,{"type":145,"name":167,"callback":498,"file":499,"line":335},"enqueue_admin_scripts","includes\\features\\user-events\\class-user-events.php",{"type":145,"name":146,"callback":147,"file":499,"line":501},771,{"type":145,"name":167,"callback":259,"file":503,"line":504},"includes\\features\\woocommerce-best-practices\\class-woocommerce-best-practices.php",49,[506,510,515,519,523,527,531,534,538,542,546,550,554,558,561,565,569,573,576,579,582,585,589,593,596,599,603,608,612,615,618,622,625,628,631,634,638,641,644,648,651,654,657,660,664,668,672,676,680],{"action":507,"nopriv":508,"callback":147,"hasNonce":508,"hasCapCheck":508,"file":509,"line":79},"divewp_get_resource_results",false,"includes\\admin\\ajax-get-resource-results.php",{"action":511,"nopriv":508,"callback":512,"hasNonce":513,"hasCapCheck":513,"file":192,"line":514},"divewp_dismiss_feedback","dismiss_feedback_notice",true,161,{"action":516,"nopriv":508,"callback":517,"hasNonce":513,"hasCapCheck":513,"file":204,"line":518},"divewp_update_settings","handle_settings_update",939,{"action":520,"nopriv":508,"callback":521,"hasNonce":513,"hasCapCheck":513,"file":204,"line":522},"divewp_fetch_data","handle_data_fetch",940,{"action":524,"nopriv":508,"callback":525,"hasNonce":513,"hasCapCheck":513,"file":243,"line":526},"divewp_run_hosting_test","ajax_run_hosting_test",45,{"action":528,"nopriv":508,"callback":529,"hasNonce":513,"hasCapCheck":513,"file":243,"line":530},"divewp_get_hosting_evaluation","ajax_get_hosting_evaluation",46,{"action":532,"nopriv":508,"callback":533,"hasNonce":513,"hasCapCheck":513,"file":243,"line":330},"divewp_get_hosting_evaluation_cards","ajax_get_hosting_evaluation_cards",{"action":535,"nopriv":508,"callback":536,"hasNonce":513,"hasCapCheck":513,"file":243,"line":537},"divewp_run_concurrency_step","ajax_run_concurrency_step",48,{"action":539,"nopriv":508,"callback":540,"hasNonce":508,"hasCapCheck":508,"file":541,"line":359},"divewp_cron_get_events","handle_get_events","includes\\features\\cron-jobs\\ajax-handlers.php",{"action":543,"nopriv":508,"callback":544,"hasNonce":508,"hasCapCheck":508,"file":541,"line":545},"divewp_cron_run_now","handle_run_now",34,{"action":547,"nopriv":508,"callback":548,"hasNonce":508,"hasCapCheck":508,"file":541,"line":549},"divewp_cron_delete","handle_delete",35,{"action":551,"nopriv":508,"callback":552,"hasNonce":508,"hasCapCheck":508,"file":541,"line":553},"divewp_cron_bulk_action","handle_bulk_action",36,{"action":555,"nopriv":508,"callback":556,"hasNonce":508,"hasCapCheck":508,"file":541,"line":557},"divewp_cron_add_event","handle_add_event",37,{"action":559,"nopriv":508,"callback":560,"hasNonce":508,"hasCapCheck":508,"file":541,"line":362},"divewp_cron_get_event_details","handle_get_event_details",{"action":562,"nopriv":508,"callback":563,"hasNonce":508,"hasCapCheck":508,"file":541,"line":564},"divewp_cron_get_as_actions","handle_get_as_actions",41,{"action":566,"nopriv":508,"callback":567,"hasNonce":508,"hasCapCheck":508,"file":541,"line":568},"divewp_cron_run_as_action","handle_run_as_action",42,{"action":570,"nopriv":508,"callback":571,"hasNonce":508,"hasCapCheck":508,"file":541,"line":572},"divewp_cron_cancel_as_action","handle_cancel_as_action",43,{"action":574,"nopriv":508,"callback":575,"hasNonce":508,"hasCapCheck":508,"file":541,"line":530},"divewp_cron_get_logs","handle_get_logs",{"action":577,"nopriv":508,"callback":578,"hasNonce":508,"hasCapCheck":508,"file":541,"line":330},"divewp_cron_get_hook_logs","handle_get_hook_logs",{"action":580,"nopriv":508,"callback":581,"hasNonce":508,"hasCapCheck":508,"file":541,"line":537},"divewp_cron_get_log_details","handle_get_log_details",{"action":583,"nopriv":508,"callback":584,"hasNonce":508,"hasCapCheck":508,"file":541,"line":504},"divewp_cron_clear_logs","handle_clear_logs",{"action":586,"nopriv":508,"callback":587,"hasNonce":508,"hasCapCheck":508,"file":541,"line":588},"divewp_cron_get_diagnostics","handle_get_diagnostics",52,{"action":590,"nopriv":508,"callback":591,"hasNonce":508,"hasCapCheck":508,"file":541,"line":592},"divewp_cron_get_overdue","handle_get_overdue",55,{"action":594,"nopriv":508,"callback":595,"hasNonce":513,"hasCapCheck":513,"file":329,"line":537},"divewp_send_test_email","send_test_email_handler",{"action":597,"nopriv":508,"callback":598,"hasNonce":513,"hasCapCheck":513,"file":329,"line":504},"divewp_refresh_email_log","refresh_email_log_handler",{"action":600,"nopriv":508,"callback":601,"hasNonce":513,"hasCapCheck":513,"file":329,"line":602},"divewp_delete_all_email_logs","ajax_delete_all_email_logs",50,{"action":604,"nopriv":508,"callback":605,"hasNonce":513,"hasCapCheck":513,"file":606,"line":607},"divewp_benchmark_init","handle_benchmark_init","includes\\features\\hosting\\hosting-benchmark\\ajax-handlers.php",28,{"action":609,"nopriv":508,"callback":610,"hasNonce":513,"hasCapCheck":513,"file":606,"line":611},"divewp_benchmark_run_test","handle_run_test",31,{"action":613,"nopriv":508,"callback":614,"hasNonce":513,"hasCapCheck":513,"file":606,"line":545},"divewp_benchmark_finalize","handle_benchmark_finalize",{"action":616,"nopriv":508,"callback":617,"hasNonce":513,"hasCapCheck":508,"file":606,"line":557},"divewp_benchmark_get_status","handle_get_status",{"action":619,"nopriv":508,"callback":620,"hasNonce":513,"hasCapCheck":513,"file":606,"line":621},"divewp_get_saved_benchmarks","handle_get_saved_benchmarks",40,{"action":623,"nopriv":508,"callback":624,"hasNonce":513,"hasCapCheck":513,"file":606,"line":564},"divewp_load_saved_benchmark","handle_load_saved_benchmark",{"action":626,"nopriv":508,"callback":627,"hasNonce":513,"hasCapCheck":513,"file":606,"line":568},"divewp_delete_saved_benchmark","handle_delete_saved_benchmark",{"action":629,"nopriv":508,"callback":630,"hasNonce":513,"hasCapCheck":513,"file":606,"line":572},"divewp_delete_all_benchmarks","handle_delete_all_benchmarks",{"action":632,"nopriv":508,"callback":633,"hasNonce":513,"hasCapCheck":513,"file":351,"line":607},"divewp_toggle_plugin_status","handle_toggle_plugin_status",{"action":635,"nopriv":508,"callback":636,"hasNonce":513,"hasCapCheck":513,"file":351,"line":637},"divewp_get_plugin_details","handle_get_plugin_details",29,{"action":639,"nopriv":508,"callback":640,"hasNonce":513,"hasCapCheck":513,"file":351,"line":34},"divewp_get_plugin_versions","handle_get_plugin_versions",{"action":642,"nopriv":508,"callback":643,"hasNonce":513,"hasCapCheck":513,"file":351,"line":611},"divewp_rollback_plugin_version","handle_rollback_plugin_version",{"action":645,"nopriv":508,"callback":646,"hasNonce":513,"hasCapCheck":513,"file":351,"line":647},"divewp_update_plugin","handle_update_plugin",32,{"action":649,"nopriv":508,"callback":650,"hasNonce":513,"hasCapCheck":513,"file":351,"line":359},"divewp_get_plugin_ratings_batch","handle_get_plugin_ratings_batch",{"action":652,"nopriv":508,"callback":653,"hasNonce":513,"hasCapCheck":513,"file":351,"line":545},"divewp_get_plugin_icons_batch","handle_get_plugin_icons_batch",{"action":655,"nopriv":508,"callback":656,"hasNonce":513,"hasCapCheck":513,"file":364,"line":354},"divewp_theme_check","handle_theme_check",{"action":658,"nopriv":508,"callback":659,"hasNonce":513,"hasCapCheck":513,"file":364,"line":356},"divewp_theme_refresh","handle_theme_refresh",{"action":661,"nopriv":508,"callback":662,"hasNonce":513,"hasCapCheck":508,"file":369,"line":663},"edit-theme-plugin-file","log_file_edit",173,{"action":665,"nopriv":508,"callback":666,"hasNonce":513,"hasCapCheck":513,"file":499,"line":667},"divewp_delete_all_logs","ajax_delete_all_logs",58,{"action":669,"nopriv":508,"callback":670,"hasNonce":513,"hasCapCheck":513,"file":499,"line":671},"divewp_refresh_logs","ajax_refresh_logs",59,{"action":673,"nopriv":508,"callback":674,"hasNonce":513,"hasCapCheck":513,"file":499,"line":675},"divewp_load_more_events","ajax_load_more_events",60,{"action":677,"nopriv":508,"callback":678,"hasNonce":513,"hasCapCheck":513,"file":499,"line":679},"divewp_load_recent_timeline","ajax_load_recent_timeline",61,{"action":681,"nopriv":508,"callback":682,"hasNonce":513,"hasCapCheck":513,"file":499,"line":179},"divewp_get_event_details","ajax_get_event_details",[],[],[686,687,689],{"hook":300,"callback":300,"file":273,"line":156},{"hook":340,"callback":340,"file":334,"line":688},312,{"hook":468,"callback":468,"file":369,"line":690},302,16,{"dangerousFunctions":693,"sqlUsage":699,"outputEscaping":811,"fileOperations":1016,"externalRequests":112,"nonceChecks":248,"capabilityChecks":314,"bundledLibraries":1017},[694],{"fn":695,"file":696,"line":697,"context":698},"unserialize","includes\\features\\choose-hosting\\class-resource-tests.php",1349,"$unserialized = unserialize($data);",{"prepared":700,"raw":675,"locations":701},158,[702,705,706,709,712,714,716,718,721,722,723,725,727,729,731,732,734,735,736,737,739,741,743,745,747,749,750,752,753,754,756,758,759,760,762,764,766,767,769,771,773,775,777,779,781,783,785,787,789,791,793,795,797,798,800,802,804,806,809,810],{"file":703,"line":35,"context":704},"includes\\class-divewp-database.php","$wpdb->get_var() with variable interpolation",{"file":703,"line":287,"context":704},{"file":707,"line":708,"context":704},"includes\\class-divewp-db-access.php",305,{"file":707,"line":710,"context":711},358,"$wpdb->query() with variable interpolation",{"file":707,"line":713,"context":711},364,{"file":707,"line":715,"context":711},471,{"file":707,"line":717,"context":711},505,{"file":707,"line":719,"context":720},669,"$wpdb->get_row() with variable interpolation",{"file":707,"line":501,"context":711},{"file":707,"line":169,"context":704},{"file":707,"line":724,"context":720},1258,{"file":707,"line":726,"context":704},1277,{"file":707,"line":728,"context":711},1342,{"file":730,"line":442,"context":704},"includes\\features\\choose-hosting\\class-database-benchmark.php",{"file":730,"line":314,"context":704},{"file":730,"line":733,"context":704},144,{"file":730,"line":446,"context":704},{"file":730,"line":456,"context":704},{"file":730,"line":460,"context":704},{"file":730,"line":464,"context":738},"$wpdb->get_results() with variable interpolation",{"file":730,"line":740,"context":704},198,{"file":730,"line":742,"context":704},255,{"file":730,"line":744,"context":704},276,{"file":730,"line":746,"context":704},413,{"file":730,"line":748,"context":738},648,{"file":251,"line":182,"context":711},{"file":251,"line":751,"context":711},64,{"file":251,"line":453,"context":711},{"file":251,"line":456,"context":711},{"file":251,"line":755,"context":711},153,{"file":251,"line":757,"context":711},154,{"file":251,"line":193,"context":711},{"file":251,"line":197,"context":711},{"file":251,"line":761,"context":711},202,{"file":251,"line":763,"context":711},203,{"file":251,"line":765,"context":711},301,{"file":251,"line":690,"context":711},{"file":251,"line":768,"context":711},307,{"file":251,"line":770,"context":711},308,{"file":251,"line":772,"context":711},348,{"file":251,"line":774,"context":711},415,{"file":251,"line":776,"context":711},420,{"file":251,"line":778,"context":711},489,{"file":251,"line":780,"context":711},490,{"file":251,"line":782,"context":711},691,{"file":251,"line":784,"context":711},692,{"file":251,"line":786,"context":711},705,{"file":251,"line":788,"context":711},706,{"file":251,"line":790,"context":711},712,{"file":251,"line":792,"context":711},713,{"file":251,"line":794,"context":711},1239,{"file":251,"line":796,"context":711},1249,{"file":264,"line":170,"context":738},{"file":264,"line":799,"context":704},315,{"file":606,"line":801,"context":711},556,{"file":606,"line":803,"context":711},565,{"file":606,"line":805,"context":711},574,{"file":807,"line":808,"context":711},"uninstall.php",57,{"file":807,"line":389,"context":711},{"file":807,"line":397,"context":711},{"escaped":812,"rawEcho":393,"locations":813},987,[814,817,819,821,823,824,826,828,830,832,834,836,838,840,842,844,846,848,850,852,854,856,858,860,862,864,866,868,870,872,874,876,878,880,882,884,886,888,890,892,894,896,898,900,902,904,906,907,908,910,912,913,914,915,916,917,918,919,921,923,925,926,927,928,929,931,932,934,936,938,940,941,943,945,947,949,951,953,954,955,957,958,959,960,962,964,965,967,969,971,973,974,976,977,978,979,981,983,984,985,986,988,989,990,991,993,994,995,996,997,999,1000,1002,1004,1006,1008,1010,1012,1014],{"file":148,"line":815,"context":816},246,"raw output",{"file":818,"line":265,"context":816},"includes\\admin\\templates\\admin-right-sidebar.php",{"file":173,"line":820,"context":816},239,{"file":173,"line":822,"context":816},264,{"file":204,"line":389,"context":816},{"file":204,"line":825,"context":816},320,{"file":204,"line":827,"context":816},602,{"file":204,"line":829,"context":816},799,{"file":204,"line":831,"context":816},1176,{"file":243,"line":833,"context":816},1351,{"file":243,"line":835,"context":816},1357,{"file":243,"line":837,"context":816},1359,{"file":243,"line":839,"context":816},1360,{"file":243,"line":841,"context":816},1383,{"file":243,"line":843,"context":816},1387,{"file":243,"line":845,"context":816},1388,{"file":243,"line":847,"context":816},1389,{"file":243,"line":849,"context":816},1394,{"file":243,"line":851,"context":816},1397,{"file":243,"line":853,"context":816},1398,{"file":243,"line":855,"context":816},1402,{"file":243,"line":857,"context":816},1405,{"file":243,"line":859,"context":816},1407,{"file":243,"line":861,"context":816},1412,{"file":243,"line":863,"context":816},1413,{"file":243,"line":865,"context":816},1426,{"file":243,"line":867,"context":816},1428,{"file":243,"line":869,"context":816},1446,{"file":243,"line":871,"context":816},1448,{"file":243,"line":873,"context":816},1449,{"file":243,"line":875,"context":816},1450,{"file":243,"line":877,"context":816},1456,{"file":243,"line":879,"context":816},1458,{"file":243,"line":881,"context":816},1459,{"file":243,"line":883,"context":816},1460,{"file":243,"line":885,"context":816},1461,{"file":243,"line":887,"context":816},1462,{"file":243,"line":889,"context":816},1463,{"file":243,"line":891,"context":816},1464,{"file":243,"line":893,"context":816},1465,{"file":243,"line":895,"context":816},1466,{"file":243,"line":897,"context":816},1467,{"file":243,"line":899,"context":816},1473,{"file":243,"line":901,"context":816},1474,{"file":260,"line":903,"context":816},309,{"file":260,"line":905,"context":816},310,{"file":329,"line":277,"context":816},{"file":329,"line":291,"context":816},{"file":329,"line":909,"context":816},635,{"file":911,"line":568,"context":816},"includes\\features\\hosting\\chose-hosting\\class-chose-hosting.php",{"file":911,"line":572,"context":816},{"file":911,"line":265,"context":816},{"file":911,"line":504,"context":816},{"file":911,"line":244,"context":816},{"file":911,"line":343,"context":816},{"file":911,"line":346,"context":816},{"file":911,"line":349,"context":816},{"file":911,"line":920,"context":816},73,{"file":911,"line":922,"context":816},79,{"file":911,"line":924,"context":816},81,{"file":911,"line":111,"context":816},{"file":911,"line":354,"context":816},{"file":911,"line":356,"context":816},{"file":911,"line":100,"context":816},{"file":911,"line":930,"context":816},86,{"file":911,"line":365,"context":816},{"file":911,"line":933,"context":816},88,{"file":911,"line":935,"context":816},89,{"file":911,"line":937,"context":816},90,{"file":911,"line":939,"context":816},96,{"file":911,"line":268,"context":816},{"file":942,"line":346,"context":816},"includes\\features\\hosting\\class-hosting.php",{"file":942,"line":944,"context":816},75,{"file":942,"line":946,"context":816},76,{"file":942,"line":948,"context":816},77,{"file":942,"line":950,"context":816},92,{"file":358,"line":952,"context":816},78,{"file":358,"line":939,"context":816},{"file":358,"line":78,"context":816},{"file":499,"line":956,"context":816},150,{"file":499,"line":470,"context":816},{"file":499,"line":514,"context":816},{"file":499,"line":493,"context":816},{"file":499,"line":961,"context":816},183,{"file":499,"line":963,"context":816},185,{"file":499,"line":156,"context":816},{"file":499,"line":966,"context":816},189,{"file":499,"line":968,"context":816},191,{"file":499,"line":970,"context":816},218,{"file":499,"line":972,"context":816},223,{"file":499,"line":109,"context":816},{"file":499,"line":975,"context":816},546,{"file":503,"line":13,"context":816},{"file":503,"line":378,"context":816},{"file":503,"line":298,"context":816},{"file":503,"line":980,"context":816},137,{"file":982,"line":944,"context":816},"includes\\templates\\hosting-evaluation-card.php",{"file":982,"line":924,"context":816},{"file":982,"line":268,"context":816},{"file":982,"line":268,"context":816},{"file":982,"line":987,"context":816},105,{"file":982,"line":370,"context":816},{"file":982,"line":378,"context":816},{"file":982,"line":382,"context":816},{"file":982,"line":992,"context":816},115,{"file":982,"line":210,"context":816},{"file":982,"line":277,"context":816},{"file":982,"line":481,"context":816},{"file":982,"line":489,"context":816},{"file":982,"line":998,"context":816},177,{"file":982,"line":968,"context":816},{"file":982,"line":1001,"context":816},205,{"file":982,"line":1003,"context":816},207,{"file":982,"line":1005,"context":816},232,{"file":982,"line":1007,"context":816},237,{"file":982,"line":1009,"context":816},251,{"file":982,"line":1011,"context":816},306,{"file":982,"line":1013,"context":816},339,{"file":982,"line":1015,"context":816},354,19,[],[1019,1037,1055,1070,1083,1098,1149,1157,1170,1183,1201,1213,1223,1246,1261],{"entryPoint":1020,"graph":1021,"unsanitizedCount":27,"severity":1036},"\u003Cclass-divewp-feedback> (includes\\class-divewp-feedback.php:0)",{"nodes":1022,"edges":1034},[1023,1028],{"id":1024,"type":1025,"label":1026,"file":192,"line":1027},"n0","source","$_POST (x2)",343,{"id":1029,"type":1030,"label":1031,"file":192,"line":1032,"wp_function":1033},"n1","sink","update_option() [Settings Manipulation]",375,"update_option",[1035],{"from":1024,"to":1029,"sanitized":513},"low",{"entryPoint":1038,"graph":1039,"unsanitizedCount":27,"severity":1036},"handle_get_logs (includes\\features\\cron-jobs\\ajax-handlers.php:760)",{"nodes":1040,"edges":1052},[1041,1044,1047],{"id":1024,"type":1025,"label":1042,"file":541,"line":1043},"$_POST",770,{"id":1029,"type":1045,"label":1046,"file":541,"line":1043},"transform","→ get_total_cron_logs()",{"id":1048,"type":1030,"label":1049,"file":707,"line":1050,"wp_function":1051},"n2","get_var() [SQLi]",989,"get_var",[1053,1054],{"from":1024,"to":1029,"sanitized":508},{"from":1029,"to":1048,"sanitized":513},{"entryPoint":1056,"graph":1057,"unsanitizedCount":27,"severity":1036},"handle_get_hook_logs (includes\\features\\cron-jobs\\ajax-handlers.php:786)",{"nodes":1058,"edges":1067},[1059,1061,1063],{"id":1024,"type":1025,"label":1042,"file":541,"line":1060},802,{"id":1029,"type":1045,"label":1062,"file":541,"line":1060},"→ get_cron_log_summary_for_hook()",{"id":1048,"type":1030,"label":1064,"file":707,"line":1065,"wp_function":1066},"get_row() [SQLi]",1140,"get_row",[1068,1069],{"from":1024,"to":1029,"sanitized":508},{"from":1029,"to":1048,"sanitized":513},{"entryPoint":1071,"graph":1072,"unsanitizedCount":27,"severity":1036},"handle_get_log_details (includes\\features\\cron-jobs\\ajax-handlers.php:833)",{"nodes":1073,"edges":1080},[1074,1076,1078],{"id":1024,"type":1025,"label":1042,"file":541,"line":1075},847,{"id":1029,"type":1045,"label":1077,"file":541,"line":1075},"→ get_cron_log()",{"id":1048,"type":1030,"label":1064,"file":707,"line":1079,"wp_function":1066},961,[1081,1082],{"from":1024,"to":1029,"sanitized":508},{"from":1029,"to":1048,"sanitized":513},{"entryPoint":1084,"graph":1085,"unsanitizedCount":27,"severity":1036},"handle_clear_logs (includes\\features\\cron-jobs\\ajax-handlers.php:871)",{"nodes":1086,"edges":1095},[1087,1089,1091],{"id":1024,"type":1025,"label":1042,"file":541,"line":1088},881,{"id":1029,"type":1045,"label":1090,"file":541,"line":1088},"→ cleanup_cron_logs()",{"id":1048,"type":1030,"label":1092,"file":707,"line":1093,"wp_function":1094},"query() [SQLi]",1231,"query",[1096,1097],{"from":1024,"to":1029,"sanitized":508},{"from":1029,"to":1048,"sanitized":513},{"entryPoint":1099,"graph":1100,"unsanitizedCount":27,"severity":1036},"\u003Cajax-handlers> (includes\\features\\cron-jobs\\ajax-handlers.php:0)",{"nodes":1101,"edges":1138},[1102,1104,1106,1109,1114,1116,1118,1120,1122,1124,1126,1128,1130,1132,1134,1136],{"id":1024,"type":1025,"label":1042,"file":541,"line":1103},460,{"id":1029,"type":1030,"label":1064,"file":541,"line":1105,"wp_function":1066},483,{"id":1048,"type":1025,"label":1107,"file":541,"line":1108},"$_POST (x11)",273,{"id":1110,"type":1030,"label":1111,"file":541,"line":1112,"wp_function":1113},"n3","echo() [XSS]",1049,"echo",{"id":1115,"type":1025,"label":1042,"file":541,"line":1043},"n4",{"id":1117,"type":1045,"label":1046,"file":541,"line":1043},"n5",{"id":1119,"type":1030,"label":1049,"file":707,"line":1050,"wp_function":1051},"n6",{"id":1121,"type":1025,"label":1042,"file":541,"line":1060},"n7",{"id":1123,"type":1045,"label":1062,"file":541,"line":1060},"n8",{"id":1125,"type":1030,"label":1064,"file":707,"line":1065,"wp_function":1066},"n9",{"id":1127,"type":1025,"label":1042,"file":541,"line":1075},"n10",{"id":1129,"type":1045,"label":1077,"file":541,"line":1075},"n11",{"id":1131,"type":1030,"label":1064,"file":707,"line":1079,"wp_function":1066},"n12",{"id":1133,"type":1025,"label":1042,"file":541,"line":1088},"n13",{"id":1135,"type":1045,"label":1090,"file":541,"line":1088},"n14",{"id":1137,"type":1030,"label":1092,"file":707,"line":1093,"wp_function":1094},"n15",[1139,1140,1141,1142,1143,1144,1145,1146,1147,1148],{"from":1024,"to":1029,"sanitized":513},{"from":1048,"to":1110,"sanitized":513},{"from":1115,"to":1117,"sanitized":508},{"from":1117,"to":1119,"sanitized":513},{"from":1121,"to":1123,"sanitized":508},{"from":1123,"to":1125,"sanitized":513},{"from":1127,"to":1129,"sanitized":508},{"from":1129,"to":1131,"sanitized":513},{"from":1133,"to":1135,"sanitized":508},{"from":1135,"to":1137,"sanitized":513},{"entryPoint":1150,"graph":1151,"unsanitizedCount":27,"severity":1036},"handle_run_test (includes\\features\\hosting\\hosting-benchmark\\ajax-handlers.php:98)",{"nodes":1152,"edges":1155},[1153,1154],{"id":1024,"type":1025,"label":1026,"file":606,"line":378},{"id":1029,"type":1030,"label":1031,"file":606,"line":318,"wp_function":1033},[1156],{"from":1024,"to":1029,"sanitized":513},{"entryPoint":1158,"graph":1159,"unsanitizedCount":27,"severity":1036},"handle_load_saved_benchmark (includes\\features\\hosting\\hosting-benchmark\\ajax-handlers.php:1652)",{"nodes":1160,"edges":1167},[1161,1163,1165],{"id":1024,"type":1025,"label":1042,"file":606,"line":1162},1676,{"id":1029,"type":1045,"label":1164,"file":606,"line":1162},"→ get_benchmark_result()",{"id":1048,"type":1030,"label":1064,"file":707,"line":1166,"wp_function":1066},614,[1168,1169],{"from":1024,"to":1029,"sanitized":508},{"from":1029,"to":1048,"sanitized":513},{"entryPoint":1171,"graph":1172,"unsanitizedCount":27,"severity":1036},"handle_delete_saved_benchmark (includes\\features\\hosting\\hosting-benchmark\\ajax-handlers.php:1743)",{"nodes":1173,"edges":1180},[1174,1176,1178],{"id":1024,"type":1025,"label":1042,"file":606,"line":1175},1767,{"id":1029,"type":1045,"label":1177,"file":606,"line":1175},"→ delete_benchmark_result()",{"id":1048,"type":1030,"label":1049,"file":707,"line":1179,"wp_function":1051},731,[1181,1182],{"from":1024,"to":1029,"sanitized":508},{"from":1029,"to":1048,"sanitized":513},{"entryPoint":1184,"graph":1185,"unsanitizedCount":27,"severity":1036},"\u003Cajax-handlers> (includes\\features\\hosting\\hosting-benchmark\\ajax-handlers.php:0)",{"nodes":1186,"edges":1195},[1187,1188,1189,1190,1191,1192,1193,1194],{"id":1024,"type":1025,"label":1026,"file":606,"line":378},{"id":1029,"type":1030,"label":1031,"file":606,"line":318,"wp_function":1033},{"id":1048,"type":1025,"label":1042,"file":606,"line":1162},{"id":1110,"type":1045,"label":1164,"file":606,"line":1162},{"id":1115,"type":1030,"label":1064,"file":707,"line":1166,"wp_function":1066},{"id":1117,"type":1025,"label":1042,"file":606,"line":1175},{"id":1119,"type":1045,"label":1177,"file":606,"line":1175},{"id":1121,"type":1030,"label":1049,"file":707,"line":1179,"wp_function":1051},[1196,1197,1198,1199,1200],{"from":1024,"to":1029,"sanitized":513},{"from":1048,"to":1110,"sanitized":508},{"from":1110,"to":1115,"sanitized":513},{"from":1117,"to":1119,"sanitized":508},{"from":1119,"to":1121,"sanitized":513},{"entryPoint":1202,"graph":1203,"unsanitizedCount":27,"severity":1036},"ajax_get_event_details (includes\\features\\user-events\\class-user-events.php:608)",{"nodes":1204,"edges":1210},[1205,1207,1209],{"id":1024,"type":1025,"label":1042,"file":499,"line":1206},625,{"id":1029,"type":1045,"label":1208,"file":499,"line":1206},"→ get_event_by_id()",{"id":1048,"type":1030,"label":1064,"file":707,"line":744,"wp_function":1066},[1211,1212],{"from":1024,"to":1029,"sanitized":508},{"from":1029,"to":1048,"sanitized":513},{"entryPoint":1214,"graph":1215,"unsanitizedCount":27,"severity":1036},"\u003Cclass-user-events> (includes\\features\\user-events\\class-user-events.php:0)",{"nodes":1216,"edges":1220},[1217,1218,1219],{"id":1024,"type":1025,"label":1042,"file":499,"line":1206},{"id":1029,"type":1045,"label":1208,"file":499,"line":1206},{"id":1048,"type":1030,"label":1064,"file":707,"line":744,"wp_function":1066},[1221,1222],{"from":1024,"to":1029,"sanitized":508},{"from":1029,"to":1048,"sanitized":513},{"entryPoint":1224,"graph":1225,"unsanitizedCount":79,"severity":1245},"\u003Cclass-concurrency-tests-backup> (includes\\features\\choose-hosting\\class-concurrency-tests-backup.php:0)",{"nodes":1226,"edges":1241},[1227,1230,1234,1236,1238],{"id":1024,"type":1025,"label":1228,"file":1229,"line":939},"$_GET","includes\\features\\choose-hosting\\class-concurrency-tests-backup.php",{"id":1029,"type":1030,"label":1231,"file":1229,"line":1232,"wp_function":1233},"get_results() [SQLi]",1317,"get_results",{"id":1048,"type":1025,"label":1228,"file":1229,"line":1235},313,{"id":1110,"type":1045,"label":1237,"file":1229,"line":1235},"→ get_debug_transients()",{"id":1115,"type":1030,"label":1231,"file":1239,"line":1240,"wp_function":1233},"includes\\features\\choose-hosting\\class-concurrency-tests.php",1587,[1242,1243,1244],{"from":1024,"to":1029,"sanitized":508},{"from":1048,"to":1110,"sanitized":508},{"from":1110,"to":1115,"sanitized":508},"high",{"entryPoint":1247,"graph":1248,"unsanitizedCount":79,"severity":1245},"\u003Cclass-concurrency-tests> (includes\\features\\choose-hosting\\class-concurrency-tests.php:0)",{"nodes":1249,"edges":1257},[1250,1252,1253,1255,1256],{"id":1024,"type":1025,"label":1228,"file":1239,"line":1251},229,{"id":1029,"type":1030,"label":1231,"file":1239,"line":1240,"wp_function":1233},{"id":1048,"type":1025,"label":1228,"file":1239,"line":1254},449,{"id":1110,"type":1045,"label":1237,"file":1239,"line":1254},{"id":1115,"type":1030,"label":1231,"file":1239,"line":1240,"wp_function":1233},[1258,1259,1260],{"from":1024,"to":1029,"sanitized":508},{"from":1048,"to":1110,"sanitized":508},{"from":1110,"to":1115,"sanitized":508},{"entryPoint":1262,"graph":1263,"unsanitizedCount":33,"severity":1245},"handle_get_event_details (includes\\features\\cron-jobs\\ajax-handlers.php:456)",{"nodes":1264,"edges":1267},[1265,1266],{"id":1024,"type":1025,"label":1042,"file":541,"line":1103},{"id":1029,"type":1030,"label":1064,"file":541,"line":1105,"wp_function":1066},[1268],{"from":1024,"to":1029,"sanitized":508},{"summary":1270,"deductions":1271},"The divewp-boost-site-performance plugin v2.3.3 exhibits a mixed security posture. On the positive side, it shows a strong adherence to good security practices with a high percentage of SQL queries using prepared statements and properly escaped output. The plugin also has a clean vulnerability history, with no known CVEs, which suggests a potentially stable codebase.  Furthermore, it demonstrates a robust use of nonce and capability checks throughout its code.\n\nHowever, there are significant concerns that temper this positive outlook. The plugin presents a substantial attack surface with 49 AJAX handlers, and a notable portion of these (16) lack authentication checks. This represents a direct avenue for potential unauthorized actions if malicious inputs can be crafted. The taint analysis revealing 3 high-severity flows with unsanitized paths is particularly alarming, as these could lead to serious security breaches if exploited, despite the absence of reported critical issues.\n\nIn conclusion, while the plugin has good underlying practices and no recorded historical vulnerabilities, the high number of unprotected AJAX endpoints and the presence of high-severity unsanitized taint flows are critical weaknesses. These areas require immediate attention and remediation to mitigate potential risks to WordPress sites utilizing this plugin.",[1272,1274,1277],{"reason":1273,"points":196},"Unprotected AJAX handlers",{"reason":1275,"points":1276},"High severity unsanitized taint flows",15,{"reason":1278,"points":313},"Dangerous function: unserialize","2026-03-16T20:19:35.028Z",{"wat":1281,"direct":1294},{"assetPaths":1282,"generatorPatterns":1287,"scriptPaths":1288,"versionParams":1289},[1283,1284,1285,1286],"\u002Fwp-content\u002Fplugins\u002Fdivewp-boost-site-performance\u002Fassets\u002Fcss\u002Fdivewp-styles.css","\u002Fwp-content\u002Fplugins\u002Fdivewp-boost-site-performance\u002Fassets\u002Fjs\u002Fdivewp-scripts.js","\u002Fwp-content\u002Fplugins\u002Fdivewp-boost-site-performance\u002Fassets\u002Fjs\u002Fdivewp-script-dashboard.js","\u002Fwp-content\u002Fplugins\u002Fdivewp-boost-site-performance\u002Fassets\u002Fjs\u002Fdivewp-script-admin.js",[],[1284,1285,1286],[1290,1291,1292,1293],"divewp-boost-site-performance\u002Fassets\u002Fcss\u002Fdivewp-styles.css?ver=","divewp-boost-site-performance\u002Fassets\u002Fjs\u002Fdivewp-scripts.js?ver=","divewp-boost-site-performance\u002Fassets\u002Fjs\u002Fdivewp-script-dashboard.js?ver=","divewp-boost-site-performance\u002Fassets\u002Fjs\u002Fdivewp-script-admin.js?ver=",{"cssClasses":1295,"htmlComments":1302,"htmlAttributes":1307,"restEndpoints":1312,"jsGlobals":1316,"shortcodeOutput":1321},[1296,1297,1298,1299,1300,1301],"divewp-dashboard-wrap","divewp-overview-section","divewp-performance-insights","divewp-security-insights","divewp-best-practices-insights","divewp-email-logging-table",[1303,1304,1305,1306],"\u003C!-- DiveWP Debug Log -->","\u003C!-- DiveWP Performance Insights Section -->","\u003C!-- DiveWP Security Insights Section -->","\u003C!-- DiveWP Best Practices Insights Section -->",[1308,1309,1310,1311],"data-divewp-chart-type","data-divewp-chart-data","data-divewp-insight-slug","data-divewp-user-id",[1313,1314,1315],"\u002Fwp-json\u002Fdivewp\u002Fv1\u002Finsights","\u002Fwp-json\u002Fdivewp\u002Fv1\u002Femail-logs","\u002Fwp-json\u002Fdivewp\u002Fv1\u002Fdebug-settings",[1317,1318,1319,1320],"divewp_params","divewp_dashboard_data","divewp_email_logs","divewp_debug_settings",[1322,1323,1324,1325],"[divewp_performance_insight]","[divewp_security_insight]","[divewp_best_practice_insight]","[divewp_email_log_viewer]"]