[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fZJm0dYNmN6FJwoPEBa-9r4TPtrNFq2BKeDQ9a-OsBJY":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":60,"crawl_stats":38,"alternatives":67,"analysis":166,"fingerprints":248},"fatal-error-notify","Fatal Error Notify","1.5.4","Jack Arturo","https:\u002F\u002Fprofiles.wordpress.org\u002Fverygoodplugins\u002F","\u003Cp>This plugin sends you an email notification whenever a fatal error (or other error level, configurably) is detected on your site.\u003C\u002Fp>\n\u003Cp>Unlike traditional uptime monitoring services, which will only notify you if your entire site is down, this plugin can notify you when an error is detected on any page or process on your site.\u003C\u002Fp>\n\u003Cp>Automatic plugin and theme updates often introduce problems that you aren’t aware of until they’re reported by your visitors. Fatal Error Notify lets you address these issues as they occur and before they cause significant problems.\u003C\u002Fp>\n","Receive email notifications when errors occur on your WordPress site.",6000,88614,96,18,"2026-02-12T12:16:00.000Z","6.9.4","5.0","7.4",[20,21,22,23,24],"debugging","error","fatal","notification","reporting","https:\u002F\u002Ffatalerrornotify.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffatal-error-notify.1.5.4.zip",99,2,0,"2024-01-30 00:00:00","2026-03-15T15:16:48.613Z",[33,49],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"WF-08b75cac-7b1d-4bed-a1b7-bd1e872f2b4f-fatal-error-notify","fatal-error-notify-cross-site-request-forgery-to-test-error-email-sending","Fatal Error Notify \u003C= 1.5.2 - Cross-Site Request Forgery to Test Error Email Sending","The Fatal Error Notify plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.2. This is due to missing or incorrect nonce validation on the test_error function. This makes it possible for unauthenticated attackers to send test error emails to the administrator email address via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",null,"\u003C=1.5.2","1.5.3","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2024-01-31 00:16:12",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F08b75cac-7b1d-4bed-a1b7-bd1e872f2b4f?source=api-prod",1,{"id":50,"url_slug":51,"title":52,"description":53,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":54,"vuln_type":55,"published_date":30,"updated_date":56,"references":57,"days_to_patch":59},"CVE-2023-7202","fatal-error-notify-missing-authorization-to-test-error-email-sending","Fatal Error Notify \u003C= 1.5.2 - Missing Authorization to Test Error Email Sending","The Fatal Error Notify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the test_error AJAX action in all versions up to, and including, 1.5.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to send test error emails to the administrator email address without restriction. CVE-2024-32455 is likely a duplicate of this issue.","CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Missing Authorization","2024-04-17 17:36:50",[58],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F50499cd6-0e27-494a-892c-5ca827d4433b?source=api-prod",79,{"slug":61,"display_name":7,"profile_url":8,"plugin_count":28,"total_installs":62,"avg_security_score":63,"avg_patch_time_days":64,"trust_score":65,"computed_at":66},"verygoodplugins",11000,98,316,78,"2026-04-03T23:03:21.162Z",[68,85,105,128,144],{"slug":69,"name":70,"version":71,"author":72,"author_profile":73,"description":74,"short_description":75,"active_installs":76,"downloaded":77,"rating":29,"num_ratings":29,"last_updated":78,"tested_up_to":79,"requires_at_least":80,"requires_php":81,"tags":82,"homepage":81,"download_link":83,"security_score":84,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"error-notify-slack","Error Notify Slack","1","Max","https:\u002F\u002Fprofiles.wordpress.org\u002Fzenithtech\u002F","\u003Cp>Get notifications on your selected Slack channel once your WP site throws an errors. Choose which levels of errors you’d like to receive.\u003C\u002Fp>\n","Receive Slack notifications whenever errors occurs on your site.",50,2251,"2024-07-04T05:31:00.000Z","6.6.5","4.6","",[20,21,22,24],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ferror-notify-slack.1.zip",92,{"slug":86,"name":87,"version":88,"author":89,"author_profile":90,"description":91,"short_description":92,"active_installs":93,"downloaded":94,"rating":95,"num_ratings":48,"last_updated":96,"tested_up_to":97,"requires_at_least":98,"requires_php":99,"tags":100,"homepage":103,"download_link":104,"security_score":95,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"error-monitor-and-notifier","Error Monitor & Notifier","1.0.4","Mikhail Alferov","https:\u002F\u002Fprofiles.wordpress.org\u002Fmalferov\u002F","\u003Cp>Error notifications help to \u003Cem>immediately\u003C\u002Fem> identify the causes of failures and quickly fix bugs so that the site runs smoothly and the business does not lose customers due to hidden errors.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>If you are a developer,\u003C\u002Fstrong> install the plugin to find out about specific errors or all errors in the PHP code, even if the error occurred in an unexpected place that could not be foreseen in advance.\u003C\u002Fp>\n\u003Cp>The plugin allows you to configure the types of errors that you want to receive notifications about. Uncaught exceptions won’t break your site — they’re logged and made available for centralized custom handling via the \u003Ccode>enot_exception_handler_should_exit\u003C\u002Fcode> filter. Only real fatal errors stop the script, but you’ll still get full error details.\u003C\u002Fp>\n\u003Cp>The notification will contain the type of error, the file name, and the line number where the error occurred or an uncaught exception was thrown, as well as a callback stack trace.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>If you are the site owner,\u003C\u002Fstrong> after installing the plugin, specify the email address of the developer who maintains the site in the plugin settings so that the plugin can start detecting and sending messages to the developer about serious errors that cause the business to lose orders or customers.\u003C\u002Fp>\n\u003Cp>A notification with detailed information about the causes of the error will indicate to the programmer which plugin or theme caused the failure (which often goes unnoticed for a long time with automatic updates of plugins or themes), and the developer will fix the error before the failure is reported to customers.\u003C\u002Fp>\n\u003Cp>It also helps to find out about critical errors even without access to the server logs or WordPress dashboard.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> The errors named *_NOTICE or *_WARNING are not too severe, but with others, the site breaks down and the user gets a negative experience.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Customizable PHP error levels\u003C\u002Fli>\n\u003Cli>Catch unhandled exceptions from try-catch blocks\u003C\u002Fli>\n\u003Cli>Log stack traces, errors from @ operator, and JavaScript errors (Premium only)\u003C\u002Fli>\n\u003Cli>Display user-friendly messages for critical PHP errors\u003C\u002Fli>\n\u003Cli>Configurable email address for notifications\u003C\u002Fli>\n\u003Cli>Multilingual support: RU, EN\u003C\u002Fli>\n\u003Cli>Free updates to new versions (Premium only)\u003C\u002Fli>\n\u003Cli>Error notifications via email\u003C\u002Fli>\n\u003Cli>Error notifications via Telegram (Premium only)\u003C\u002Fli>\n\u003Cli>JavaScript error alerts (Premium only)\u003C\u002Fli>\n\u003Cli>Database error alerts (Premium only)\u003C\u002Fli>\n\u003C\u002Ful>\n","Receive notifications with details when PHP errors occur on your WordPress site.",10,454,100,"2025-06-02T15:12:00.000Z","6.8.5","5.8","7.4.0",[20,21,101,102,24],"monitoring","notifications","https:\u002F\u002Fwp-error.ru\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ferror-monitor-and-notifier.1.0.4.zip",{"slug":106,"name":107,"version":108,"author":109,"author_profile":110,"description":111,"short_description":112,"active_installs":113,"downloaded":114,"rating":84,"num_ratings":115,"last_updated":116,"tested_up_to":117,"requires_at_least":118,"requires_php":119,"tags":120,"homepage":81,"download_link":125,"security_score":126,"vuln_count":48,"unpatched_count":29,"last_vuln_date":127,"fetched_at":31},"debug","Debug","1.12","SoniNow","https:\u002F\u002Fprofiles.wordpress.org\u002Fsoninow\u002F","\u003Cp>Debug can help you to find errors in your wordpress website via editing wp-config.php file. you may enable error reporting by debug plugin. enable email notification on any run time bug in wordpress CMS\u002Fwebsite.\u003C\u002Fp>\n\u003Ch3>A brief Debug\u003C\u002Fh3>\n\u003Cp>Ordered list:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Debug in wordpress rewrite wp-config.php file via error_log function in php.\u003C\u002Fli>\n\u003Cli>if you don’t have file write permission. so don’t use this plugin.\u003C\u002Fli>\n\u003Cli>keep backup your wp-config file before save plugin setting.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How to contact the support \u002F development team of our Debug plugin\u003C\u002Fh4>\n\u003Cp>You can contact us through,\u003Cbr \u002F>\nhttps:\u002F\u002Fsoninow.com\u002Fcontact\u003C\u002Fp>\n","Debug can help you to find errors in your wordpress website via editing wp-config.php file and email notification.",2000,93492,11,"2024-04-01T14:15:00.000Z","6.4.8","3.4","5.6",[106,121,122,123,124],"display-error","error-log","error-notification","error-reporting","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdebug.1.12.zip",85,"2024-01-31 00:00:00",{"slug":129,"name":130,"version":131,"author":132,"author_profile":133,"description":134,"short_description":135,"active_installs":76,"downloaded":136,"rating":29,"num_ratings":29,"last_updated":137,"tested_up_to":16,"requires_at_least":138,"requires_php":18,"tags":139,"homepage":142,"download_link":143,"security_score":95,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"wonderful-webhook-alerts","Wonderful Webhook Alerts","1.0.0","wonderfulplugins","https:\u002F\u002Fprofiles.wordpress.org\u002Fwonderfulplugins\u002F","\u003Cp>This plugin provides a simple but powerful function for developers and site administrators. It automatically captures critical PHP errors (fatal errors, parse errors, etc.) that would otherwise take your site down silently.\u003C\u002Fp>\n\u003Cp>Instead of having to check server logs, you receive an instant notification via a webhook to a service of your choice, like \u003Cstrong>Slack\u003C\u002Fstrong> or \u003Cstrong>Discord\u003C\u002Fstrong>. This allows for immediate action and faster debugging.\u003C\u002Fp>\n\u003Cp>The setup is minimal: just add your webhook URL on the settings page, and the plugin takes care of the rest.\u003C\u002Fp>\n","Get real-time notifications for PHP fatal errors sent to your webhook (Slack, Discord, etc.). Never miss a critical site issue again.",347,"2025-12-03T08:34:00.000Z","6.2",[106,140,101,23,141],"fatal-error","webhook","https:\u002F\u002Fwonderfulplugins.eu\u002Fwonderful-webhook-alerts","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwonderful-webhook-alerts.1.0.0.zip",{"slug":145,"name":146,"version":147,"author":148,"author_profile":149,"description":150,"short_description":151,"active_installs":152,"downloaded":153,"rating":154,"num_ratings":155,"last_updated":156,"tested_up_to":97,"requires_at_least":157,"requires_php":18,"tags":158,"homepage":163,"download_link":164,"security_score":27,"vuln_count":48,"unpatched_count":29,"last_vuln_date":165,"fetched_at":31},"error-log-monitor","Error Log Monitor","1.7.12","Janis Elsts","https:\u002F\u002Fprofiles.wordpress.org\u002Fwhiteshadow\u002F","\u003Cp>This plugin adds a Dashboard widget that displays the latest messages from your PHP error log. It can also send you email notifications about newly logged errors.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Automatically detects error log location.\u003C\u002Fli>\n\u003Cli>Explains how to configure PHP error logging if it’s not enabled yet.\u003C\u002Fli>\n\u003Cli>The number of displayed log entries is configurable.\u003C\u002Fli>\n\u003Cli>Sends you email notifications about logged errors (optional).\u003C\u002Fli>\n\u003Cli>Configurable email address and frequency.\u003C\u002Fli>\n\u003Cli>You can easily clear the log file.\u003C\u002Fli>\n\u003Cli>The dashboard widget is only visible to administrators.\u003C\u002Fli>\n\u003Cli>Optimized to work well even with very large log files.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Usage\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Once you’ve installed the plugin, go to the Dashboard and enable the “PHP Error Log” widget through the “Screen Options” panel. The widget should automatically display the last 20 lines from your PHP error log. If you see an error message like “Error logging is disabled” instead, follow the displayed instructions to configure error logging.\u003C\u002Fp>\n\u003Cp>Email notifications are disabled by default. To enable them, click the “Configure” link in the top-right corner of the widget and enter your email address in the “Periodically email logged errors to:” box. If desired, you can also change email frequency by selecting the minimum time interval between emails from the “How often to send email” drop-down.\u003C\u002Fp>\n","Adds a Dashboard widget that displays the latest messages from your PHP error log. It can also send logged errors to email.",20000,631204,86,48,"2025-10-01T15:12:00.000Z","4.5",[159,160,161,124,162],"admin","administration","dashboard-widget","php","http:\u002F\u002Fw-shadow.com\u002Fblog\u002F2012\u002F07\u002F25\u002Ferror-log-monitor-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ferror-log-monitor.1.7.12.zip","2019-02-25 00:00:00",{"attackSurface":167,"codeSignals":196,"taintFlows":211,"riskAssessment":237,"analyzedAt":247},{"hooks":168,"ajaxHandlers":187,"restRoutes":193,"shortcodes":194,"cronEvents":195,"entryPointCount":48,"unprotectedCount":29},[169,175,179,183],{"type":170,"name":171,"callback":172,"priority":93,"file":173,"line":174},"action","activated_plugin","maybe_auto_deactivate","fatal-error-notify.php",104,{"type":170,"name":176,"callback":176,"file":177,"line":178},"admin_menu","includes\\admin\\class-admin.php",14,{"type":170,"name":180,"callback":180,"priority":48,"file":181,"line":182},"shutdown","includes\\class-public.php",27,{"type":184,"name":185,"callback":185,"file":181,"line":186},"filter","wp_mail_content_type",254,[188],{"action":189,"nopriv":190,"callback":189,"hasNonce":191,"hasCapCheck":191,"file":177,"line":192},"test_error",false,true,15,[],[],[],{"dangerousFunctions":197,"sqlUsage":198,"outputEscaping":200,"fileOperations":29,"externalRequests":29,"nonceChecks":28,"capabilityChecks":48,"bundledLibraries":210},[],{"prepared":29,"raw":29,"locations":199},[],{"escaped":201,"rawEcho":202,"locations":203},19,3,[204,207,209],{"file":177,"line":205,"context":206},206,"raw output",{"file":177,"line":208,"context":206},207,{"file":177,"line":208,"context":206},[],[212,229],{"entryPoint":213,"graph":214,"unsanitizedCount":29,"severity":228},"settings_page (includes\\admin\\class-admin.php:115)",{"nodes":215,"edges":226},[216,221],{"id":217,"type":218,"label":219,"file":177,"line":220},"n0","source","$_POST['fen_settings']",119,{"id":222,"type":223,"label":224,"file":177,"line":220,"wp_function":225},"n1","sink","update_option() [Settings Manipulation]","update_option",[227],{"from":217,"to":222,"sanitized":191},"low",{"entryPoint":230,"graph":231,"unsanitizedCount":29,"severity":228},"\u003Cclass-admin> (includes\\admin\\class-admin.php:0)",{"nodes":232,"edges":235},[233,234],{"id":217,"type":218,"label":219,"file":177,"line":220},{"id":222,"type":223,"label":224,"file":177,"line":220,"wp_function":225},[236],{"from":217,"to":222,"sanitized":191},{"summary":238,"deductions":239},"The \"fatal-error-notify\" plugin, version 1.5.4, exhibits a generally positive security posture based on static analysis. The plugin demonstrates good practices by utilizing prepared statements for all SQL queries, avoiding dangerous functions, and securing most of its output.  The absence of file operations and external HTTP requests further reduces potential attack vectors. Nonce and capability checks are present, contributing to a controlled attack surface with only one identified AJAX handler, which appears to be protected.\n\nHowever, the plugin's vulnerability history presents a significant concern. With two known medium-severity CVEs, particularly in the past, and a recent vulnerability dated January 30, 2024, it indicates a recurring pattern of security weaknesses, specifically related to Cross-Site Request Forgery (CSRF) and Missing Authorization. While these vulnerabilities are currently patched, this history suggests a potential for future disclosures or a need for ongoing vigilance in development and testing.\n\nIn conclusion, while the current version shows improved security practices in static analysis, the historical vulnerability data warrants caution. The plugin has strengths in secure coding for SQL and output handling, but the past issues highlight areas where authorization and input validation might have been previously insufficient. Users should remain aware of its vulnerability history and ensure the plugin is always kept up-to-date.",[240,242,245],{"reason":241,"points":93},"History of medium severity CVEs",{"reason":243,"points":244},"Recent vulnerability (Jan 2024)",5,{"reason":246,"points":244},"Past vulnerability types: CSRF, Missing Authorization","2026-03-16T18:05:25.254Z",{"wat":249,"direct":258},{"assetPaths":250,"generatorPatterns":253,"scriptPaths":254,"versionParams":255},[251,252],"\u002Fwp-content\u002Fplugins\u002Ffatal-error-notify\u002Fassets\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Ffatal-error-notify\u002Fassets\u002Fadmin.js",[],[252],[256,257],"fatal-error-notify\u002Fassets\u002Fadmin.css?ver=","fatal-error-notify\u002Fassets\u002Fadmin.js?ver=",{"cssClasses":259,"htmlComments":261,"htmlAttributes":262,"restEndpoints":264,"jsGlobals":265,"shortcodeOutput":268},[260],"fatal-error-notify-settings",[],[263],"data-fatal-error-notify-nonce",[],[266,267],"fatalErrorNotifyAjax","fatalErrorNotifyAdmin",[]]