[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fzACBbbePdWKBVdHuMy-OZCs9v3jaapaXQUla4LQw-0Y":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":47,"crawl_stats":36,"alternatives":55,"analysis":147,"fingerprints":481},"logdash-activity-log","LogDash Activity Log","1.2","Deryck","https:\u002F\u002Fprofiles.wordpress.org\u002Fderyck\u002F","\u003Cp>LogDash Activity Log is the ultimate solution for tracking activities on your WordPress site. With its comprehensive features and intuitive interface, managing your website’s activity log has never been easier.\u003C\u002Fp>\n\u003Cp>Designed with simplicity in mind, LogDash Activity Log allows you to effortlessly monitor and track all actions on your WordPress site, including user logins, content changes, plugin updates, and more. Its user-friendly dashboard gives you instant access to critical information, making it easy to identify and resolve issues quickly.\u003C\u002Fp>\n\u003Cp>Whether you’re managing a personal blog or a large corporate website, LogDash Activity Log Plugin is the perfect tool for enhancing your site’s security.\u003C\u002Fp>\n\u003Cp>Log everything that happens on you WordPress website to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Gain full visibility:\u003C\u002Fstrong> Stay informed about everything happening on your WordPress site, from user logins and content updates to plugin installations and more.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Strengthen site security:\u003C\u002Fstrong> Easily spot suspicious behavior before it becomes a security threat with real-time alerts and customizable notifications, providing an added layer of protection for your site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Boost user productivity:\u003C\u002Fstrong> Monitor user activity and identify ways to optimize your site and workflow, leading to increased productivity.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Enhance user accountability:\u003C\u002Fstrong> Keep your users accountable with detailed logs of their actions on your site. This helps to promote responsible behavior and reduce errors.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Simplify troubleshooting:\u003C\u002Fstrong> Makes it easy to pinpoint the source of errors or issues on your site, enabling you to troubleshoot more efficiently and effectively.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Streamline site management:\u003C\u002Fstrong> Make use of shortcuts to gain quick access to modified content, simplifying site administration and reducing complexity.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>LogDash Activity Log is FREE. You can keep your log events for as long as you need – there’s no restriction on the duration of your logs.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Here’s an overview of the modifications that the plugin is capable of tracking and storing:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Core Updates:\u003C\u002Fstrong> such as upgrades, downgrades and re-downloads.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Themes:\u003C\u002Fstrong> such as downloads, installations, upgrades, activations, theme switch and deletions.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Plugins:\u003C\u002Fstrong> such as downloads, installations, upgrades, activations, theme switch and deletions.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Files:\u003C\u002Fstrong> such as uploads or every files, including plugins and themes and updates in WordPress theme or plugin editors.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Attachments:\u003C\u002Fstrong> Uploads and updates for every attachment.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Posts, Pages and Custom Posts:\u003C\u002Fstrong> such as title, content (with quick link to rollback revisions), status, taxonomies and many more.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Settings:\u003C\u002Fstrong> such as the Blog Title, Date format and every setting in WordPress.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Categories, Tags and Custom Taxonomies:\u003C\u002Fstrong> such as creating, removing, updating and adding values to posts, pages and custom posts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Users profile changes:\u003C\u002Fstrong> such as name, email, role changes (including support for multiple roles) and every profile related data.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User activity:\u003C\u002Fstrong> such as failed logins, login, logout and terminating other user sessions.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> LogDash also support WooCommerce, ACF, LogDash as well a every Custom Post Type. Support will be improved and extended in a Premium version in the future.\u003C\u002Fp>\n","The ultimate solution for tracking activities and security issues on your WordPress site.",100,3037,2,"2024-07-11T21:39:00.000Z","6.6.5","5.9.5","7.4",[19,20,21,22],"activity-log","audit-log","user-activity","user-log","https:\u002F\u002Fderyckoe.com\u002Flogdash-activity-log","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flogdash-activity-log.1.2.zip",90,1,0,"2023-10-26 00:00:00","2026-03-15T15:16:48.613Z",[31],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":38,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":28,"updated_date":43,"references":44,"days_to_patch":46},"CVE-2023-6030","logdash-activity-log-unauthenticated-sql-injection","LogDash Activity Log \u003C= 1.1.3 - Unauthenticated SQL Injection","The LogDash Activity Log plugin for WordPress is vulnerable to SQL Injection via the username parameter in all versions up to, and including, 1.1.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.",null,"\u003C=1.1.3","1.1.4","critical",9.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')","2024-03-11 08:36:16",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fb71348c8-9e86-432e-b05e-96884344cef6?source=api-prod",137,{"slug":48,"display_name":7,"profile_url":8,"plugin_count":49,"total_installs":50,"avg_security_score":51,"avg_patch_time_days":52,"trust_score":53,"computed_at":54},"deryck",3,400,88,93,71,"2026-04-04T01:06:31.413Z",[56,80,99,118,134],{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":66,"num_ratings":67,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":71,"tags":72,"homepage":75,"download_link":76,"security_score":77,"vuln_count":78,"unpatched_count":27,"last_vuln_date":79,"fetched_at":29},"aryo-activity-log","Activity Log – Monitor & Record User Changes","2.11.2","Elementor","https:\u002F\u002Fprofiles.wordpress.org\u002Felemntor\u002F","\u003Cp>\u003Cstrong>AN EASY TO USE & FULLY SUPPORTED WORDPRESS ACTIVITY LOG PLUGIN\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Want to monitor and track your WordPress website activity? Find out exactly who does what on your WordPress website with this plugin. Activity Log is like an airplane’s black box that logs every action in the WordPress admin, and lets you see exactly what users are doing on your WordPress website.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>If someone is trying to hack your site\u003C\u002Fli>\n\u003Cli>When a post was published, and who published it\u003C\u002Fli>\n\u003Cli>If a plugin\u002Ftheme was activated\u002Fdeactivated\u003C\u002Fli>\n\u003Cli>Suspicious admin activity\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>It’s so essential; you’ll wonder how you ever managed your website without it. The plugin is also lightning fast and works behind the scenes, so it doesn\\’t affect site and admin performance. For optimal performance, we built the plugin so that it runs on a separate table in the database.\u003C\u002Fp>\n\u003Cp>If you have more than a handful of users, keeping track of who did what is virtually impossible. This plugin solves that issue by tracking what actions were initiated by which users, and displaying it in an easy-to-use and easy-to-filter view on the dashboard of your WordPress site.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>New! Introducing Email Logging\u003C\u002Fstrong> – Capture all emails sent from your WordPress site for streamlined debugging and compliance. Gain better visibility into email communication, aiding both troubleshooting and record-keeping. This is particularly beneficial for WooCommerce stores, allowing you to easily track sent emails alongside other critical site events.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Export to CSV\u003C\u002Fstrong> – Export your Activity Log data records to CSV. Developers can easily add support for custom data formats with our new dedicated Export API.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Data Privacy and GDPR Compliance\u003C\u002Fstrong> – We provide the tools to help you adhere to GDPR compliance standards, including Export\u002FErasure of data via the WordPress Privacy Tools.\u003C\u002Fp>\n\u003Ch3>With the Activity Log you can record:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>WordPress\u003C\u002Fstrong> – Core updates\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Posts\u003C\u002Fstrong> – Created, updated, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Pages\u003C\u002Fstrong> – Created, updated, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Post Type\u003C\u002Fstrong> – Created, updated, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Tags\u003C\u002Fstrong> – Created, updated, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Categories\u003C\u002Fstrong> – Created, updated, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Taxonomies\u003C\u002Fstrong> – Created, updated, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Menus\u003C\u002Fstrong> – Created, updated, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Media\u003C\u002Fstrong> – Created, updated, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Comments\u003C\u002Fstrong> – Created, approved, unapproved, trashed, untrashed, spammed, unspammed, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Users\u003C\u002Fstrong> – Login, logout, login failed, update profile, registered, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Plugins\u003C\u002Fstrong> – Installed, updated, activated, deactivated, changed\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Themes\u003C\u002Fstrong> – Installed, updated, deleted, activated, changed (Editor and Customizer)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Widgets\u003C\u002Fstrong> – Added to sidebar, deleted from sidebar, order widgets\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Setting\u003C\u002Fstrong> – General, writing, reading, discussion, media, permalinks\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Options\u003C\u002Fstrong> – Extended custom settings for 3rd party plugins\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Export\u003C\u002Fstrong> – Exported activity log file\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WooCommerce\u003C\u002Fstrong> – Track products, orders, customers, and more\u003C\u002Fli>\n\u003Cli>\u003Cstrong>bbPress\u003C\u002Fstrong> – Forums, topics, replies, taxonomies, and other actions\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Emails sent from WordPress site\u003C\u002Fstrong> – Sending successful, sending failed\u003C\u002Fli>\n\u003Cli>There’s more, of course, but you get the point…\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For each event recorded by the activity log, the following details are also logged:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Date and time of occurrence\u003C\u002Fli>\n\u003Cli>User and user role responsible for the change\u003C\u002Fli>\n\u003Cli>Source IP address from which the change originated\u003C\u002Fli>\n\u003Cli>Affected object where the change occurred\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The plugin doesn\\’t require any kind of setup; it works right out of the box (just another reason people love it)!\u003C\u002Fp>\n\u003Ch3>Data Storage and Performance Optimization\u003C\u002Fh3>\n\u003Cp>In order to ensure optimal performance of your website, all events and logs data are stored in a dedicated custom table within your WordPress database. This approach significantly reduces the impact on your website’s performance, ensuring seamless operation even during peak traffic periods.\u003C\u002Fp>\n\u003Ch3>Uninstall Clean-up\u003C\u002Fh3>\n\u003Cp>We understand the importance of maintaining a clean and efficient database environment. That’s why our plugin features an uninstall hook that seamlessly removes all traces of its presence from your website when uninstalling. This meticulous clean-up process ensures that your database remains lean and clutter-free even after our plugin has been removed.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>With our optimized data storage, thorough logging, and meticulous clean-up process, you can trust that our plugin will enhance the functionality and security of your WordPress site without compromising its performance.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>What users have to say\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cem>“Its tools, particularly for data privacy and GDPR compliance, make it indispensable for websites operating within European Union boundaries or dealing with EU citizens’ data”\u003C\u002Fem> – \u003Ca href=\"https:\u002F\u002Fblog.hubspot.com\u002Fwebsite\u002F8-best-plugins-tracking-user-activity-wordpress\" rel=\"nofollow ugc\">HubSpot.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cem>“If you’re after a competent WP security audit log plugin with all the basic features you need, Activity Log is it!”\u003C\u002Fem> – \u003Ca href=\"https:\u002F\u002Fwpastra.com\u002Fplugins\u002Fwordpress-activity-log-plugins\u002F\" rel=\"nofollow ugc\">WPAstra.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cem>“Activity Log features a remarkably straightforward dashboard interface, providing administrators with an at-a-glance understanding of site interactions”\u003C\u002Fem> – \u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fwordpress-activity-log\u002F\" rel=\"nofollow ugc\">Malcare.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cem>“Best 10 Free WordPress Plugins of the Month: Keeping tabs on what your users do with their access to the Dashboard”\u003C\u002Fem> – \u003Ca href=\"https:\u002F\u002Fmanagewp.com\u002Fbest-free-wordpress-plugins-july-2014\" rel=\"nofollow ugc\">ManageWP.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cem>“Thanks to this step, we’ve discovered that our site was undergoing a brute force attack”\u003C\u002Fem> – \u003Ca href=\"https:\u002F\u002Fartdriver.com\u002Fblog\u002Fwordpress-site-hacked-solution-time\" rel=\"nofollow ugc\">Artdriver.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cem>“Optimized code – The plugin itself is blazing fast and leaves almost no footprint on the server”\u003C\u002Fem> – \u003Ca href=\"https:\u002F\u002Fwww.freshtechtips.com\u002F2014\u002F01\u002Fbest-audit-trail-plugins-for-wordpress.html\" rel=\"nofollow ugc\">FreshTechTips.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cem>“Activity Log lets you track a huge range of activities. Overall, very easy to use and setup”\u003C\u002Fem> – \u003Ca href=\"https:\u002F\u002Fwww.elegantthemes.com\u002Fblog\u002Ftips-tricks\u002F5-best-ways-to-monitor-wordpress-activity-via-the-dashboard\" rel=\"nofollow ugc\">ElegantThemes.com\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Contributions:\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Would you like to contribute to this plugin?\u003C\u002Fstrong> You’re more than welcome to submit your pull requests on the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fpojome\u002Factivity-log\" rel=\"nofollow ugc\">GitHub repo\u003C\u002Fa>. And, if you have any notes about the code, please open a ticket on the issue tracker.\u003C\u002Fp>\n","This top rated Activity Log plugin helps you monitor & log all changes and actions on your WordPress site, so you can remain secure and organized.",200000,3995902,86,74,"2024-11-12T14:55:00.000Z","6.7.5","6.0","7.0",[19,20,73,74,22],"email-log","security","https:\u002F\u002Factivitylog.io\u002F?utm_source=wp-plugins&utm_campaign=plugin-uri&utm_medium=wp-dash","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Faryo-activity-log.2.11.2.zip",85,9,"2024-11-20 17:10:23",{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":88,"downloaded":89,"rating":67,"num_ratings":90,"last_updated":91,"tested_up_to":92,"requires_at_least":93,"requires_php":71,"tags":94,"homepage":97,"download_link":98,"security_score":11,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"wp-admin-audit","WP Admin Audit","1.2.16","brandtoss","https:\u002F\u002Fprofiles.wordpress.org\u002Fbrandtoss\u002F","\u003Cp>\u003Cstrong>The modern activity log solution for WordPress\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpadminaudit.com\u002F?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WADA&utm_content=plugin+repo+description\" rel=\"nofollow ugc\">WP Admin Audit\u003C\u002Fa> is the powerful monitoring log plugin for WordPress.\u003Cbr \u002F>\nSite owners and administrators can sleep better at night knowing the plugin keeps track of all site changes, security events, and admin activities.\u003C\u002Fp>\n\u003Cp>Ever wondered\u003C\u002Fp>\n\u003Cul>\n\u003Cli>who unpublished a post?\u003C\u002Fli>\n\u003Cli>when a plugin was deactivated?\u003C\u002Fli>\n\u003Cli>how that strange new admin account appeared?\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The WordPress activity log in WP Admin Audit answers these questions.\u003C\u002Fp>\n\u003Cp>Keep track of everything that happens on your WordPress sites to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Have a log of every change that’s made\u003C\u002Fli>\n\u003Cli>Know about security-relevant activities\u003C\u002Fli>\n\u003Cli>Find out who did what and when they did it\u003C\u002Fli>\n\u003Cli>Analyze the steps that led to a technical problem\u003C\u002Fli>\n\u003Cli>Identify and mitigate automated login attempts by bots\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>What is being logged?\u003C\u002Fh3>\n\u003Cp>The short answer: almost all changes on your WordPress site, but you can decide what is kept in the audit log.\u003C\u002Fp>\n\u003Cp>The longer answer: WP Admin Audit has sensors that monitor the changes in your WordPress site and record what actions were performed by which user at which time on which item. A summary of the types of monitored events is below.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Content:\u003C\u002Fstrong> Page and Post changes (e.g. post created\u002Fupdated\u002Fpublished\u002Funpublished\u002Fdeleted)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Taxonomy:\u003C\u002Fstrong> Changes to Categories and Tags (e.g. tag is created, updated, or deleted)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User:\u003C\u002Fstrong> User registration, user profile updates, password resets, user deletions, login, and logout\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WordPress:\u003C\u002Fstrong> Updates of the WordPress core version, settings updates (general\u002Fwriting\u002Freading\u002Fdiscussion\u002Fmedia\u002Fpermalink\u002Fprivacy settings)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Plugin:\u003C\u002Fstrong> Installation, activation, updates, deactivation, and deletion of plugins\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Theme:\u003C\u002Fstrong> Installation, activation (theme switch), update, and deletion of themes\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Media:\u003C\u002Fstrong> Media file and data creations, updates, and deletions\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Menu:\u003C\u002Fstrong> Creation, updates, and deletions of menus\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Comment:\u003C\u002Fstrong> Comment creations, updates, deletions, and status changes (approved, unapproved, spammed, etc.)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>File:\u003C\u002Fstrong> File changes via the  plugin file editor and theme file editor\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>See the complete list of sensors, i.e. \u003Ca href=\"https:\u002F\u002Fwpadminaudit.com\u002Fdocumentation\u002Fwp-admin-audit\u002Fsensors\u002Fevent-types\u002F?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WADA&utm_content=plugin+repo+description\" rel=\"nofollow ugc\">the event types that are stored in the WordPress activity log\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>For every event WP Admin Audit records:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Event type\u003C\u002Fli>\n\u003Cli>Date and time\u003C\u002Fli>\n\u003Cli>IP address (the action\u002Fevent originated from)\u003C\u002Fli>\n\u003Cli>Acting user (the user who did the change)\u003C\u002Fli>\n\u003Cli>Subject (the item affected e.g. a post the action is done with\u002Fto)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Features (free)\u003C\u002Fh3>\n\u003Cp>Besides the WordPress event log, WP Admin Audit also features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Powerful search & filtering:\u003C\u002Fstrong> Powerful free-text search as well as filtering by all sorts of categories makes it easy to find the data you are interested in.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Administrator & user audit:\u003C\u002Fstrong> Find inactive administrator accounts and review the users’ last login dates. Check on their individual activity log.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Login attempts audit:\u003C\u002Fstrong> Monitor logins to be aware of automated (brute-force) attacks and to identify IP addresses for blocking.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Features (premium editions)\u003C\u002Fh3>\n\u003Cp>Upgrade to the \u003Ca href=\"https:\u002F\u002Fwpadminaudit.com\u002Fpricing\u002F?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WADA&utm_content=plugin+repo+description\" rel=\"nofollow ugc\">premium editions\u003C\u002Fa> for the following features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Third-party plugin support:\u003C\u002Fstrong> Optional extensions help you capture events happening in other WordPress plugins. \u003Ca href=\"https:\u002F\u002Fwpadminaudit.com\u002Fextensions\u002F?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WADA&utm_content=plugin+repo+description\" rel=\"nofollow ugc\">See our extension directory for more details.\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Notifications:\u003C\u002Fstrong> Select event types or event severity levels (e.g. critical and high) for instant notification via email. You can choose whole user groups (e.g. administrators), individual WordPress users, or selected email addresses.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Offsite archive \u002F Replication:\u003C\u002Fstrong> To increase security and for backup purposes, you can forward the events for storage to an external logging provider.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Enforce password changes:\u003C\u002Fstrong> You can enable a policy that requires users (with specific user roles) to change their passwords regularly. For example, administrator accounts can be required to change their passwords at least every 90 days.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>CSV export:\u003C\u002Fstrong> Export events, users, and login attempts to CSV files.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpadminaudit.com\u002Ffeature-comparison\u002F?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WADA&utm_content=plugin+repo+description\" rel=\"nofollow ugc\">Click here for more details and for a complete feature list\u003C\u002Fa>\u003C\u002Fp>\n","WP Admin Audit monitors the security-relevant activities on your site, keeps an event log and tells you when something out of the ordinary happens.",1000,13518,6,"2025-07-23T21:45:00.000Z","6.8.5","5.5",[19,20,95,96,22],"audit-trail","security-audit-log","https:\u002F\u002Fwpadminaudit.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-admin-audit.1.2.16.zip",{"slug":100,"name":101,"version":102,"author":103,"author_profile":104,"description":105,"short_description":106,"active_installs":107,"downloaded":108,"rating":11,"num_ratings":13,"last_updated":109,"tested_up_to":92,"requires_at_least":110,"requires_php":111,"tags":112,"homepage":116,"download_link":117,"security_score":11,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"user-logs","User Logs","1.0.2","Vikas Sharma","https:\u002F\u002Fprofiles.wordpress.org\u002Fvikas4travel\u002F","\u003Cp>User Logs plugin allows you to monitor user activity on your website. View user logins, logouts, comments and user registrations.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The plugin helps fight spam. Filter the logs by IP address to find out any suspicious activity.\u003C\u002Fli>\n\u003Cli>Interact with Google line chart for a better view at spikes in user registrations, logins, comments etc. Filter data as per your requirement.\u003C\u002Fli>\n\u003Cli>The plugin is Light weight and fast.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>What’s Next\u003C\u002Fh4>\n\u003Cp>If you find this plugin useful, please leave a good rating.\u003Cbr \u002F>\nYou can also provide us \u003Ca href=\"https:\u002F\u002Fwww.vikas4travel.com\u002F\" rel=\"nofollow ugc\">feedback here\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Credits\u003C\u002Fh4>\n\u003Cp>This plugin is created by \u003Ca href=\"https:\u002F\u002Fwww.vikas4travel.com\" rel=\"nofollow ugc\">Vikas Sharma\u003C\u002Fa>.\u003C\u002Fp>\n","User Logs plugin allows you to monitor user activity on your website. View user logins, logouts, comments and user registrations.",10,2464,"2025-09-01T14:20:00.000Z","5.2","5.6",[113,114,115,21,100],"activity-logs","login-logs","registration-logs","https:\u002F\u002Fwww.vikas4travel.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-logs.1.0.3.zip",{"slug":119,"name":120,"version":121,"author":122,"author_profile":123,"description":124,"short_description":125,"active_installs":27,"downloaded":126,"rating":27,"num_ratings":27,"last_updated":127,"tested_up_to":128,"requires_at_least":129,"requires_php":17,"tags":130,"homepage":132,"download_link":133,"security_score":11,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"activity-monitor-pro","Activity Monitor Pro","1.0.0","Wole Akinloye","https:\u002F\u002Fprofiles.wordpress.org\u002Flovabuild\u002F","\u003Cp>Activity Monitor Pro is a powerful tool designed to help you keep track of everything happening on your WordPress site. From user logins to content updates, this plugin provides a detailed log of activities, ensuring you have full visibility and control.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Comprehensive Activity Log:\u003C\u002Fstrong> Track user actions, system updates, and more.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Undo\u002FRedo Functionality:\u003C\u002Fstrong> Easily reverse changes made to posts, pages, and settings.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>AI-Powered Anomaly Detection:\u003C\u002Fstrong> Detect suspicious behavior and potential security threats (Premium).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Detailed Reporting:\u003C\u002Fstrong> Generate reports to analyze site activity over time.\u003C\u002Fli>\n\u003C\u002Ful>\n","Comprehensive activity monitoring, undo system, and AI-powered anomaly detection for WordPress.",133,"2026-01-14T12:49:00.000Z","6.9.4","5.8",[19,20,74,21,131],"user-tracking","https:\u002F\u002Flovabuild.com\u002Fwordpress-plugins\u002Factivity-monitor-pro","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Factivity-monitor-pro.1.0.0.zip",{"slug":135,"name":136,"version":137,"author":138,"author_profile":139,"description":140,"short_description":141,"active_installs":27,"downloaded":142,"rating":27,"num_ratings":27,"last_updated":143,"tested_up_to":128,"requires_at_least":93,"requires_php":17,"tags":144,"homepage":145,"download_link":146,"security_score":11,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"emw-monitor-activity-log","EMW Monitor Activity Log","1.3.0","Kiran M S","https:\u002F\u002Fprofiles.wordpress.org\u002Fkiranms1996\u002F","\u003Cp>EMW Monitor Activity Log helps site owners audit important events in the WordPress admin area.\u003C\u002Fp>\n\u003Cp>The plugin logs:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>User authentication events (login, failed login, logout, password reset).\u003C\u002Fli>\n\u003Cli>User profile and role changes.\u003C\u002Fli>\n\u003Cli>Post, page, and media actions.\u003C\u002Fli>\n\u003Cli>Comments activity.\u003C\u002Fli>\n\u003Cli>Plugin and theme activation\u002Fdeactivation events.\u003C\u002Fli>\n\u003Cli>Key admin option and menu updates.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can view logs from a searchable admin table with filters.\u003C\u002Fp>\n","Track and review important user and admin activity in WordPress.",194,"2026-03-10T12:54:00.000Z",[19,20,74,21],"","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Femw-monitor-activity-log.1.3.0.zip",{"attackSurface":148,"codeSignals":369,"taintFlows":397,"riskAssessment":468,"analyzedAt":480},{"hooks":149,"ajaxHandlers":350,"restRoutes":358,"shortcodes":366,"cronEvents":367,"entryPointCount":13,"unprotectedCount":27},[150,156,159,164,168,173,176,179,182,185,190,194,199,202,204,208,213,217,221,225,230,232,234,236,239,241,245,249,254,258,262,266,269,272,276,279,281,283,285,289,292,295,297,299,303,306,309,312,314,317,319,321,323,326,328,330,332,335,337,339,342,345,348],{"type":151,"name":152,"callback":153,"file":154,"line":155},"action","init","register_expired_log_job","src\\Actions\\RemoveExpiredLog.php",32,{"type":151,"name":157,"callback":157,"file":154,"line":158},"delete_expired_log",33,{"type":151,"name":160,"callback":161,"file":162,"line":163},"admin_enqueue_scripts","adminAssets","src\\ActivityLog.php",35,{"type":151,"name":165,"callback":166,"file":162,"line":167},"wp_enqueue_scripts","assets",36,{"type":151,"name":169,"callback":170,"file":171,"line":172},"admin_menu","menu_item","src\\Admin\\EventsAdminPage.php",22,{"type":151,"name":169,"callback":174,"priority":25,"file":171,"line":175},"submenu_item_replacement",23,{"type":151,"name":169,"callback":177,"file":178,"line":172},"sub_menu","src\\Admin\\Settings.php",{"type":151,"name":180,"callback":181,"file":178,"line":175},"admin_init","register_settings",{"type":151,"name":152,"callback":183,"file":178,"line":184},"set_defaults",24,{"type":151,"name":186,"callback":187,"file":188,"line":189},"rest_api_init","registerCanLoginField","src\\API\\RestEndpoints.php",12,{"type":151,"name":191,"callback":192,"file":193,"line":175},"_core_updated_successfully","core_updated_successfully","src\\Hooks\\Core.php",{"type":151,"name":195,"callback":196,"file":197,"line":198},"add_attachment","event_file_uploaded","src\\Hooks\\Files.php",21,{"type":151,"name":200,"callback":201,"file":197,"line":172},"delete_attachment","event_file_uploaded_deleted",{"type":151,"name":180,"callback":203,"file":197,"line":175},"extra_file_hooks",{"type":151,"name":205,"callback":206,"file":207,"line":155},"learndash_course_completed","course_completed","src\\Hooks\\LearnDash.php",{"type":151,"name":209,"callback":210,"priority":107,"file":211,"line":212},"update_post_meta","before_update_meta","src\\Hooks\\Meta.php",25,{"type":151,"name":214,"callback":215,"priority":107,"file":211,"line":216},"updated_post_meta","meta_updated",26,{"type":151,"name":218,"callback":219,"priority":107,"file":211,"line":220},"added_post_meta","meta_added",27,{"type":151,"name":222,"callback":223,"priority":107,"file":211,"line":224},"deleted_post_meta","meta_deleted",28,{"type":226,"name":227,"callback":228,"priority":107,"file":211,"line":229},"filter","logdash_manage_columns-post-content_event_meta","event_meta_info",29,{"type":151,"name":180,"callback":180,"file":231,"line":212},"src\\Hooks\\Plugins.php",{"type":151,"name":233,"callback":233,"priority":107,"file":231,"line":216},"activated_plugin",{"type":151,"name":235,"callback":235,"priority":107,"file":231,"line":220},"deactivated_plugin",{"type":151,"name":237,"callback":238,"file":231,"line":224},"delete_plugin","before_delete_plugin",{"type":151,"name":240,"callback":240,"priority":107,"file":231,"line":229},"deleted_plugin",{"type":151,"name":242,"callback":243,"priority":107,"file":231,"line":244},"upgrader_process_complete","upgraded_plugin",30,{"type":151,"name":246,"callback":247,"file":231,"line":248},"shutdown","plugin_actions",31,{"type":151,"name":250,"callback":251,"priority":107,"file":252,"line":253},"pre_post_update","before_post_update","src\\Hooks\\Posts.php",57,{"type":151,"name":255,"callback":256,"priority":107,"file":252,"line":257},"wp_trash_post","post_trashed",58,{"type":151,"name":259,"callback":260,"file":252,"line":261},"untrash_post","post_untrashed",59,{"type":151,"name":263,"callback":264,"priority":107,"file":252,"line":265},"delete_post","post_deleted",60,{"type":151,"name":267,"callback":267,"file":252,"line":268},"post_stuck",61,{"type":151,"name":270,"callback":270,"file":252,"line":271},"post_unstuck",62,{"type":151,"name":273,"callback":274,"priority":107,"file":252,"line":275},"save_post","post_saved",63,{"type":151,"name":218,"callback":277,"priority":107,"file":252,"line":278},"check_meta_updated",64,{"type":151,"name":209,"callback":210,"priority":107,"file":252,"line":280},65,{"type":151,"name":214,"callback":277,"priority":107,"file":252,"line":282},66,{"type":151,"name":222,"callback":277,"priority":107,"file":252,"line":284},67,{"type":151,"name":286,"callback":287,"priority":107,"file":252,"line":288},"set_object_terms","category_assignment",68,{"type":151,"name":290,"callback":290,"priority":107,"file":291,"line":280},"added_option","src\\Hooks\\Settings.php",{"type":151,"name":293,"callback":294,"file":291,"line":282},"delete_option","before_delete_option",{"type":151,"name":296,"callback":296,"file":291,"line":284},"deleted_option",{"type":151,"name":298,"callback":298,"priority":107,"file":291,"line":288},"updated_option",{"type":151,"name":300,"callback":301,"priority":107,"file":302,"line":224},"create_term","term_created","src\\Hooks\\Taxonomies.php",{"type":151,"name":304,"callback":305,"priority":107,"file":302,"line":229},"delete_term","term_deleted",{"type":151,"name":307,"callback":308,"priority":107,"file":302,"line":244},"edit_term","before_edit_term",{"type":151,"name":310,"callback":311,"priority":107,"file":302,"line":248},"edited_term","term_edited",{"type":226,"name":313,"callback":228,"priority":107,"file":302,"line":158},"logdash_manage_columns-tag-content_event_meta",{"type":226,"name":315,"callback":228,"priority":107,"file":302,"line":316},"logdash_manage_columns-category-content_event_meta",34,{"type":226,"name":318,"callback":228,"priority":107,"file":302,"line":163},"logdash_manage_columns-taxonomy-content_event_meta",{"type":151,"name":180,"callback":180,"file":320,"line":220},"src\\Hooks\\Themes.php",{"type":151,"name":322,"callback":322,"priority":107,"file":320,"line":224},"switch_theme",{"type":151,"name":324,"callback":325,"priority":107,"file":320,"line":229},"delete_theme","before_delete_theme",{"type":151,"name":327,"callback":240,"priority":107,"file":320,"line":244},"deleted_theme",{"type":151,"name":242,"callback":329,"priority":107,"file":320,"line":248},"upgraded_theme",{"type":151,"name":246,"callback":331,"file":320,"line":155},"theme_actions",{"type":151,"name":333,"callback":333,"priority":107,"file":334,"line":216},"user_register","src\\Hooks\\Users.php",{"type":151,"name":336,"callback":336,"priority":107,"file":334,"line":220},"deleted_user",{"type":151,"name":338,"callback":338,"priority":107,"file":334,"line":224},"profile_update",{"type":151,"name":340,"callback":341,"priority":107,"file":334,"line":229},"wp_login","login",{"type":151,"name":343,"callback":344,"file":334,"line":244},"wp_logout","logout",{"type":151,"name":346,"callback":347,"priority":107,"file":334,"line":248},"wp_login_failed","login_failed",{"type":151,"name":180,"callback":349,"file":334,"line":316},"extra_actions",[351],{"action":352,"nopriv":353,"callback":354,"hasNonce":355,"hasCapCheck":353,"file":356,"line":357},"logdash_reset_log",false,"logdash_reset_log_action",true,"src\\Actions\\ResetLog.php",38,[359],{"namespace":360,"route":361,"methods":362,"callback":364,"permissionCallback":364,"file":188,"line":365},"logdash\u002Fv1","ip\u002F(?P\u003Cip>\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})",[363],"GET","closure",17,[],[368],{"hook":157,"callback":157,"file":154,"line":357},{"dangerousFunctions":370,"sqlUsage":375,"outputEscaping":377,"fileOperations":27,"externalRequests":27,"nonceChecks":49,"capabilityChecks":13,"bundledLibraries":396},[371],{"fn":372,"file":334,"line":373,"context":374},"unserialize",447,"return implode( ', ', unserialize( $value ) );",{"prepared":316,"raw":27,"locations":376},[],{"escaped":25,"rawEcho":378,"locations":379},8,[380,383,384,387,389,391,393,394],{"file":356,"line":381,"context":382},92,"raw output",{"file":171,"line":275,"context":382},{"file":385,"line":386,"context":382},"src\\Admin\\EventsListTable.php",401,{"file":385,"line":388,"context":382},446,{"file":385,"line":390,"context":382},474,{"file":178,"line":392,"context":382},185,{"file":188,"line":357,"context":382},{"file":188,"line":395,"context":382},48,[],[398,414,422,434,444,457],{"entryPoint":399,"graph":400,"unsanitizedCount":27,"severity":413},"display_events_page (src\\Admin\\EventsAdminPage.php:50)",{"nodes":401,"edges":411},[402,406],{"id":403,"type":404,"label":405,"file":171,"line":288},"n0","source","$_GET['page']",{"id":407,"type":408,"label":409,"file":171,"line":288,"wp_function":410},"n1","sink","echo() [XSS]","echo",[412],{"from":403,"to":407,"sanitized":355},"low",{"entryPoint":415,"graph":416,"unsanitizedCount":27,"severity":413},"\u003CEventsAdminPage> (src\\Admin\\EventsAdminPage.php:0)",{"nodes":417,"edges":420},[418,419],{"id":403,"type":404,"label":405,"file":171,"line":288},{"id":407,"type":408,"label":409,"file":171,"line":288,"wp_function":410},[421],{"from":403,"to":407,"sanitized":355},{"entryPoint":423,"graph":424,"unsanitizedCount":27,"severity":413},"apply_where_filter (src\\Admin\\EventsListTable.php:68)",{"nodes":425,"edges":432},[426,429],{"id":403,"type":404,"label":427,"file":385,"line":428},"$_GET",75,{"id":407,"type":408,"label":430,"file":385,"line":52,"wp_function":431},"get_col() [SQLi]","get_col",[433],{"from":403,"to":407,"sanitized":355},{"entryPoint":435,"graph":436,"unsanitizedCount":27,"severity":413},"extra_tablenav (src\\Admin\\EventsListTable.php:354)",{"nodes":437,"edges":442},[438,440],{"id":403,"type":404,"label":427,"file":385,"line":439},483,{"id":407,"type":408,"label":409,"file":385,"line":441,"wp_function":410},484,[443],{"from":403,"to":407,"sanitized":355},{"entryPoint":445,"graph":446,"unsanitizedCount":27,"severity":413},"\u003CEventsListTable> (src\\Admin\\EventsListTable.php:0)",{"nodes":447,"edges":454},[448,449,450,452],{"id":403,"type":404,"label":427,"file":385,"line":428},{"id":407,"type":408,"label":430,"file":385,"line":52,"wp_function":431},{"id":451,"type":404,"label":427,"file":385,"line":439},"n2",{"id":453,"type":408,"label":409,"file":385,"line":441,"wp_function":410},"n3",[455,456],{"from":403,"to":407,"sanitized":355},{"from":451,"to":453,"sanitized":355},{"entryPoint":458,"graph":459,"unsanitizedCount":27,"severity":413},"\u003Cevents.template> (views\\admin\\events.template.php:0)",{"nodes":460,"edges":466},[461,464],{"id":403,"type":404,"label":427,"file":462,"line":463},"views\\admin\\events.template.php",13,{"id":407,"type":408,"label":409,"file":462,"line":465,"wp_function":410},16,[467],{"from":403,"to":407,"sanitized":355},{"summary":469,"deductions":470},"The \"logdash-activity-log\" plugin v1.2 exhibits a generally positive security posture, with a strong adherence to modern WordPress security practices.  The static analysis reveals a small attack surface consisting of two entry points, both of which appear to have appropriate authentication and permission checks.  The use of prepared statements for all SQL queries is commendable, and a high percentage of output is properly escaped, significantly mitigating common web vulnerabilities like XSS.  The absence of unsanitized paths in taint analysis and no detected critical or high-severity taint flows further bolster confidence in the code's safety.\n\nHowever, a significant concern arises from the presence of a dangerous function, `unserialize`. While the static analysis doesn't explicitly show a vulnerable flow related to it, `unserialize` is inherently risky when processing untrusted input, as it can lead to Remote Code Execution if not handled with extreme caution and proper input validation.  Furthermore, the plugin's vulnerability history includes a past critical vulnerability, identified as SQL Injection. Although this critical issue is marked as currently unpatched, the fact that it existed and was critical indicates a potential for past oversight in security practices. The plugin does have nonce checks and capability checks, but their presence across all identified entry points is not explicitly detailed, and there are only a few instances of each noted in the static analysis.\n\nIn conclusion, \"logdash-activity-log\" v1.2 has strengths in its secure handling of SQL and output escaping, and a well-controlled attack surface.  The primary weaknesses are the presence of the `unserialize` function, which demands careful scrutiny, and the historical critical vulnerability, which suggests a need for continued vigilance and rigorous testing.  The limited number of nonce and capability checks, while present, might warrant further investigation to ensure comprehensive coverage of all potential attack vectors.",[471,473,476,478],{"reason":472,"points":107},"Presence of dangerous unserialize function",{"reason":474,"points":475},"Past critical vulnerability (SQL Injection)",15,{"reason":477,"points":49},"Limited nonce checks found (3)",{"reason":479,"points":13},"Limited capability checks found (2)","2026-03-16T20:42:19.229Z",{"wat":482,"direct":491},{"assetPaths":483,"generatorPatterns":486,"scriptPaths":487,"versionParams":488},[484,485],"\u002Fwp-content\u002Fplugins\u002Flogdash-activity-log\u002Fassets\u002Fbuild\u002Findex.js","\u002Fwp-content\u002Fplugins\u002Flogdash-activity-log\u002Fassets\u002Fbuild\u002Findex.css",[],[484],[489,490],"logdash-activity-log\u002Fassets\u002Fbuild\u002Findex.js?ver=","logdash-activity-log\u002Fassets\u002Fbuild\u002Findex.css?ver=",{"cssClasses":492,"htmlComments":493,"htmlAttributes":494,"restEndpoints":496,"jsGlobals":498,"shortcodeOutput":499},[],[],[495],"data-logdash-events-page",[497],"\u002Fwp-json\u002Flogdash\u002Fv1\u002Fip\u002F",[],[]]