WP-Safety

FreelanceBo Sentra Control Security & Risk Analysis

wordpress.org/plugins/freelancebo-sentra-control

Security agent connecting to FreelanceBo Sentra Control console for WAF, malware scanning, brute force protection, and vulnerability scanning.

0 active installs v2.4.0 PHP 7.4+ WP 5.8+ Updated Mar 22, 2026
brute-forcefirewallmalware-scannersecurityvulnerability-scanner
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is FreelanceBo Sentra Control Safe to Use in 2026?

Generally Safe

Score 100/100

FreelanceBo Sentra Control has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The freelancebo-sentra-control plugin v2.4.0 exhibits a generally good security posture with a notable absence of known vulnerabilities and a commitment to secure coding practices. All identified entry points, including AJAX handlers and REST API routes, appear to have proper authentication and permission checks in place, which significantly mitigates the risk of unauthorized access and execution. Furthermore, the plugin demonstrates strong SQL security by exclusively using prepared statements and ensures output is properly escaped, preventing common cross-site scripting (XSS) vulnerabilities. The vulnerability history showing zero recorded CVEs is a positive indicator of the plugin's current security maturity.

However, the static analysis does reveal areas of concern. The presence of dangerous functions like `set_time_limit`, `preg_replace(/e)`, `exec`, and `ini_set` in the codebase, while not necessarily indicative of a vulnerability in themselves, suggests a potential for misuse if inputs are not rigorously sanitized. More critically, the taint analysis identified four flows with unsanitized paths. While rated as low severity, these flows represent potential attack vectors where user-supplied data could be used in file operations or other sensitive actions without adequate validation, potentially leading to unexpected behavior or information disclosure. The extensive use of file operations (16 instances) coupled with these unsanitized paths warrants careful review.

In conclusion, freelancebo-sentra-control v2.4.0 is a relatively secure plugin, largely due to its strong authentication, permission checks, and SQL/output sanitization practices. The lack of historical vulnerabilities is encouraging. Nevertheless, the presence of dangerous functions and, more importantly, the taint analysis findings concerning unsanitized paths necessitate attention. Addressing these specific code signals will further enhance the plugin's overall security and resilience against potential exploits.

Key Concerns

  • Flows with unsanitized paths found in taint analysis
  • Presence of dangerous functions used in code
Vulnerabilities
None known

FreelanceBo Sentra Control Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

FreelanceBo Sentra Control Release Timeline

v2.4.0Current
v2.3.1
v2.3.0
v2.2.5
v2.2.4
v2.2.3
v2.2.2
v2.2.1
v2.2.0
v2.1.9
v2.1.8
v2.1.7
v2.1.6
v2.1.5
v2.1.4
Code Analysis
Analyzed Apr 16, 2026

FreelanceBo Sentra Control Code Analysis

Dangerous Functions
14
Raw SQL Queries
0
6 prepared
Unescaped Output
0
312 escaped
Nonce Checks
8
Capability Checks
8
File Operations
16
External Requests
7
Bundled Libraries
0

Dangerous Functions Found

set_time_limit@set_time_limit(300); // phpcs:ignore Squiz.PHP.DiscouragedFunctions.Discouragedfreelancebo-sentra-control.php:294
set_time_limit@set_time_limit(300); // phpcs:ignore Squiz.PHP.DiscouragedFunctions.Discouragedfreelancebo-sentra-control.php:332
set_time_limit@set_time_limit(120); // phpcs:ignore Squiz.PHP.DiscouragedFunctions.Discouraged -- needed for long freelancebo-sentra-control.php:398
set_time_limit@set_time_limit(300); // phpcs:ignore Squiz.PHP.DiscouragedFunctions.Discouraged -- needed for long includes/class-sentra-heartbeat.php:159
preg_replace(/e)preg_replace( '/eincludes/modules/class-sentra-auto-patcher.php:504
preg_replace(/e)preg_replace( '/eincludes/modules/class-sentra-auto-patcher.php:511
set_time_limit@set_time_limit(300); // phpcs:ignore Squiz.PHP.DiscouragedFunctions.Discouragedincludes/modules/class-sentra-auto-patcher.php:92
set_time_limit@set_time_limit(300); // phpcs:ignore Squiz.PHP.DiscouragedFunctions.Discouragedincludes/modules/class-sentra-auto-patcher.php:124
execexec('php -l ' . escapeshellarg($tmp) . ' 2>&1', $output, $return); // phpcs:ignore WordPress.PHP.Diincludes/modules/class-sentra-auto-patcher.php:786
ini_setini_set('pcre.backtrack_limit', '10000'); // phpcs:ignore Squiz.PHP.DiscouragedFunctions.Discouragedincludes/modules/class-sentra-firewall.php:69
ini_setini_set('pcre.backtrack_limit', $original_backtrack_limit); // phpcs:ignore Squiz.PHP.DiscouragedFunincludes/modules/class-sentra-firewall.php:96
ini_setini_set('pcre.backtrack_limit', $original_backtrack_limit); // phpcs:ignore Squiz.PHP.DiscouragedFunincludes/modules/class-sentra-firewall.php:109
ini_setini_set('pcre.backtrack_limit', '10000'); // phpcs:ignore Squiz.PHP.DiscouragedFunctions.Discouragedincludes/modules/class-sentra-firewall.php:141
ini_setini_set('pcre.backtrack_limit', $original_backtrack_limit); // phpcs:ignore Squiz.PHP.DiscouragedFunincludes/modules/class-sentra-firewall.php:171

SQL Query Safety

100% prepared6 total queries

Output Escaping

100% escaped312 total outputs
Data Flows · Security
4 unsanitized

Data Flow Analysis

5 flows4 with unsanitized paths
ajax_api_proxy (freelancebo-sentra-control.php:476)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

FreelanceBo Sentra Control Attack Surface

Entry Points9
Unprotected0

AJAX Handlers 7

authwp_ajax_sentra_api_proxyfreelancebo-sentra-control.php:64
authwp_ajax_sentra_run_scanfreelancebo-sentra-control.php:65
authwp_ajax_sentra_analyze_for_patchesfreelancebo-sentra-control.php:66
authwp_ajax_sentra_run_auto_patchfreelancebo-sentra-control.php:67
authwp_ajax_sentra_resolve_findingfreelancebo-sentra-control.php:68
authwp_ajax_sentra_set_auto_scanfreelancebo-sentra-control.php:69
authwp_ajax_sentra_test_connectionfreelancebo-sentra-control.php:163

REST API Routes 2

POST/wp-json/sentra/v1/run-pendingincludes/class-sentra-heartbeat.php:25
POST/wp-json/sentra/v1/auto-patchincludes/modules/class-sentra-auto-patcher.php:24
WordPress Hooks 26
actionadmin_noticesadmin/views/status.php:10
actioninitfreelancebo-sentra-control.php:19
filterhttp_request_host_is_externalfreelancebo-sentra-control.php:55
filterhttp_request_argsfreelancebo-sentra-control.php:56
actionadmin_menufreelancebo-sentra-control.php:59
actionadmin_initfreelancebo-sentra-control.php:60
actionadmin_enqueue_scriptsfreelancebo-sentra-control.php:61
filterpre_update_option_sentra_api_secretfreelancebo-sentra-control.php:142
filtercron_schedulesfreelancebo-sentra-control.php:555
actionplugins_loadedfreelancebo-sentra-control.php:563
actionsentra_flush_eventsincludes/class-sentra-event-queue.php:15
actionshutdownincludes/class-sentra-event-queue.php:16
actionsentra_heartbeat_eventincludes/class-sentra-heartbeat.php:12
actionrest_api_initincludes/class-sentra-heartbeat.php:13
actionrest_api_initincludes/modules/class-sentra-auto-patcher.php:20
actioninitincludes/modules/class-sentra-firewall.php:14
actionsentra_sync_rulesincludes/modules/class-sentra-firewall.php:15
actionsentra_integrity_scanincludes/modules/class-sentra-integrity.php:13
actionupgrader_process_completeincludes/modules/class-sentra-integrity.php:15
actionplugins_loadedincludes/modules/class-sentra-ip-blocker.php:13
actioninitincludes/modules/class-sentra-ip-blocker.php:15
filterauthenticateincludes/modules/class-sentra-login-guard.php:16
actionwp_login_failedincludes/modules/class-sentra-login-guard.php:17
actionwp_loginincludes/modules/class-sentra-login-guard.php:18
actionsentra_malware_scanincludes/modules/class-sentra-malware-scanner.php:97
actionsentra_vuln_scanincludes/modules/class-sentra-vuln-scanner.php:13

Scheduled Events 7

sentra_heartbeat_event
sentra_flush_events
sentra_sync_rules
sentra_malware_scan
sentra_integrity_scan
sentra_vuln_scan
sentra_heartbeat_event
Maintenance & Trust

FreelanceBo Sentra Control Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 22, 2026
PHP min version7.4
Downloads372

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

FreelanceBo Sentra Control Alternatives

Protector – Malware Removal, Firewall & Core Repair

Protector – Malware Removal, Firewall & Core Repair

wp-admin-protect

A
100

Protect your WordPress. The ultimate lightweight security suite. Block brute-force attacks, auto-repair infected core files, hide your login URL, set …

200 No CVEs
Atlant Security

Atlant Security

atlant-security

A
100

Enterprise-grade WordPress security: WAF, brute force protection, malware scanner, 2FA, honeypots, AI crawler control, and post-breach recovery.

0 No CVEs
Dotsquares Custom Login URL & Security Suite

Dotsquares Custom Login URL & Security Suite

custom-login-url-login-designer

A
100

Change your WordPress login URL, design the login page, and enhance your site's security with built-in protection tools.

0 No CVEs
Limit Login Attempts Reloaded – Login Security, 2FA, Brute Force Protection & Firewall

Limit Login Attempts Reloaded – Login Security, 2FA, Brute Force Protection & Firewall

limit-login-attempts-reloaded

A
98

Stop password guessing attacks, secure WooCommerce, block bad IPs, block by countries (Pro), and add email 2FA. Lightweight with better performance.

2.0M 4 CVEs
Security Optimizer – The All-In-One Protection Plugin

Security Optimizer – The All-In-One Protection Plugin

sg-security

A
86

Secure your WordPress site from brute-force attacks, threats, malware, and bots. Free to use and easy to set up.

1.0M 5 CVEs
Developer Profile

FreelanceBo Sentra Control Developer Profile

FreelanceBo Group S.r.l.s

1 plugin · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect FreelanceBo Sentra Control

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/freelancebo-sentra-control/assets/css/sentra-admin.css/wp-content/plugins/freelancebo-sentra-control/assets/js/sentra-admin.js/wp-content/plugins/freelancebo-sentra-control/assets/js/sentra-scan.js/wp-content/plugins/freelancebo-sentra-control/assets/js/sentra-auto-patch.js
Script Paths
/wp-content/plugins/freelancebo-sentra-control/assets/js/sentra-admin.js/wp-content/plugins/freelancebo-sentra-control/assets/js/sentra-scan.js/wp-content/plugins/freelancebo-sentra-control/assets/js/sentra-auto-patch.js
Version Parameters
freelancebo-sentra-control/assets/css/sentra-admin.css?ver=freelancebo-sentra-control/assets/js/sentra-admin.js?ver=freelancebo-sentra-control/assets/js/sentra-scan.js?ver=freelancebo-sentra-control/assets/js/sentra-auto-patch.js?ver=

HTML / DOM Fingerprints

CSS Classes
sentra-admin-wrapsentra-dashboard-widgetsentra-scan-statussentra-finding-item
Data Attributes
data-sentra-nonce
JS Globals
SentraAdminSentraScanSentraAutoPatch
REST Endpoints
/wp-json/sentra/v1/proxy
FAQ

Frequently Asked Questions about FreelanceBo Sentra Control