Does Apache Status & Info have any unpatched vulnerabilities?

No. All known vulnerabilities in Apache Status & Info have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Apache Status & Info compatible with WordPress 6.9.4?

According to WordPress.org data, Apache Status & Info 3.3.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Apache Status & Info compatible with PHP 8.1+?

Apache Status & Info requires PHP 8.1 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Apache Status & Info updated?

Apache Status & Info was last updated on Nov 22, 2025. Frequent updates are generally a positive security signal.

What is Apache Status & Info's security score?

Apache Status & Info has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Apache Status & Info Security & Risk Analysis

wordpress.org/plugins/htaccess-server-info-server-status

Apache server-info and server-status monitoring right in your WordPress admin.

100 active installs v3.3.0 PHP 8.1+ WP 6.2+ Updated Nov 22, 2025

apachehtaccessserver-infoserver-statusstackdriver

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Apache Status & Info Safe to Use in 2026?

Generally Safe

Score 100/100

Apache Status & Info has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago

Risk Assessment

The 'htaccess-server-info-server-status' plugin v3.3.0 exhibits a mixed security posture. On the positive side, it has no recorded historical vulnerabilities and its code analysis shows no critical findings like dangerous functions or unsanitized taint flows. The majority of SQL queries use prepared statements, and there are a reasonable number of nonce and capability checks in place. However, there are notable areas of concern. The plugin exposes two AJAX handlers without authentication checks, which presents a significant attack vector. While the static analysis doesn't reveal specific exploitable flaws in these handlers, their unprotected nature is a considerable risk. Furthermore, less than 60% of output is properly escaped, indicating a potential for cross-site scripting (XSS) vulnerabilities if user-supplied data is not sufficiently sanitized before display. The plugin also performs several file operations and external HTTP requests, which, while not inherently insecure, can become vulnerabilities if not handled with extreme care regarding input validation and error handling. In conclusion, while the plugin benefits from a clean vulnerability history, the presence of unprotected AJAX endpoints and inadequate output escaping are significant weaknesses that require attention.

Key Concerns

Unprotected AJAX handlers
Insufficient output escaping

Vulnerabilities

None known

Apache Status & Info Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Apache Status & Info Code Analysis

Dangerous Functions

Raw SQL Queries

11 prepared

Unescaped Output

33 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

73% prepared15 total queries

Output Escaping

58% escaped57 total outputs

Attack Surface

2 unprotected

Apache Status & Info Attack Surface

Entry Points7

Unprotected2

AJAX Handlers 3

authwp_ajax_hide_hsiss_nagincludes\plugin\class-core.php:99

authwp_ajax_hsiss_get_statusincludes\plugin\class-core.php:100

authwp_ajax_poo_switch_autoupdateperfopsone\functions.php:32

Shortcodes 4

[hsiss-wpcli] includes\features\class-wpcli.php:40

[hsiss-changelog] includes\plugin\class-core.php:75

[hsiss-libraries] includes\plugin\class-core.php:76

[hsiss-statistics] includes\plugin\class-core.php:77

WordPress Hooks 28

filterinit_perfopsone_admin_menusadmin\class-hsiss-admin.php:177

filtermod_rewrite_rulesincludes\features\class-rules.php:44

filterperfopsone_plugin_infoincludes\plugin\class-core.php:71

actioninitincludes\plugin\class-core.php:72

actioninitincludes\plugin\class-core.php:73

actionwp_headincludes\plugin\class-core.php:74

actionadmin_enqueue_scriptsincludes\plugin\class-core.php:90

actionadmin_enqueue_scriptsincludes\plugin\class-core.php:91

actionadmin_menuincludes\plugin\class-core.php:92

actionadmin_menuincludes\plugin\class-core.php:93

actionadmin_menuincludes\plugin\class-core.php:94

actionadmin_initincludes\plugin\class-core.php:95

filterplugin_row_metaincludes\plugin\class-core.php:97

actionadmin_noticesincludes\plugin\class-core.php:98

actionwp_enqueue_scriptsincludes\plugin\class-core.php:112

actionwp_enqueue_scriptsincludes\plugin\class-core.php:113

filterplugins_apiincludes\plugin\class-updater.php:65

filtersite_transient_update_pluginsincludes\plugin\class-updater.php:66

actionupgrader_process_completeincludes\plugin\class-updater.php:67

filterclean_urlincludes\plugin\class-updater.php:68

filterperfopsone_apcu_infoincludes\system\class-apcu.php:51

filtersite_status_testsincludes\system\class-sitehealth.php:77

filtersite_status_testsincludes\system\class-sitehealth.php:78

filtersite_status_testsincludes\system\class-sitehealth.php:79

filtersite_status_testsincludes\system\class-sitehealth.php:81

filterdebug_informationincludes\system\class-sitehealth.php:91

filterdebug_informationincludes\system\class-sitehealth.php:109

actionadmin_bar_menuperfopsone\class-adminbar.php:54

Maintenance & Trust

Apache Status & Info Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedNov 22, 2025

PHP min version8.1

Downloads13K

Community Trust

Rating100/100

Number of ratings3

Active installs100

Alternatives

Apache Status & Info Alternatives

phpinfo() WP

phpinfo-wp

A simple plugin to look up server info and manage server configuration of wordpress site

3K 2 CVEs

Redirection

redirection

Manage 301 redirects, track 404 errors, and improve your site. No knowledge of Apache or Nginx required.

2.0M 5 CVEs

Spider Blocker

spiderblocker

SpiderBlocker will block most common bots that consume bandwidth and slow down your blog.

20K No CVEs

Custom PHP Settings

custom-php-settings

100

This plugin makes it possible to override php settings.

10K No CVEs

Server Info

server-info

100

This plugin will show you very useful information about your hosting server such as PHP version, Server OS, Server IP etc.

3K No CVEs

Developer Profile

Apache Status & Info Developer Profile

Pierre Lannoy

12 plugins · 15K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

65 days

View full developer profile

Detection Fingerprints

How We Detect Apache Status & Info

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/htaccess-server-info-server-status/assets/css/switchery.min.css/wp-content/plugins/htaccess-server-info-server-status/assets/css/tooltip.min.css/wp-content/plugins/htaccess-server-info-server-status/assets/css/style.css/wp-content/plugins/htaccess-server-info-server-status/assets/js/switchery.min.js/wp-content/plugins/htaccess-server-info-server-status/assets/js/livesstatus.js/wp-content/plugins/htaccess-server-info-server-status/assets/js/main.js/wp-content/plugins/htaccess-server-info-server-status/assets/js/livesstatus.js?ver=1000/wp-content/plugins/htaccess-server-info-server-status/assets/js/main.js?ver=1000

Script Paths

/wp-content/plugins/htaccess-server-info-server-status/assets/js/switchery.min.js/wp-content/plugins/htaccess-server-info-server-status/assets/js/livesstatus.js/wp-content/plugins/htaccess-server-info-server-status/assets/js/main.js

Version Parameters

?ver=1000

HTML / DOM Fingerprints

CSS Classes

hsiss-dashboardhsiss-rowhsiss-boxhsiss-box-40-60-linehsiss-about-logo

Data Attributes

data-hsiss-nonce

JS Globals

livestatus

Shortcode Output

[hsiss-libraries][hsiss-changelog]

FAQ