[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fGFjc03O1_GSBfMtdkiFU0Dr37I8t6RC4R5uyM-Zmc9U":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":22,"download_link":23,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":36,"analysis":94,"fingerprints":245},"monitor-activities-log","Monitor Activities Log","1.0.0","Dipankar Pal","https:\u002F\u002Fprofiles.wordpress.org\u002Fdipankarpal212\u002F","\u003Cp>Get notified with all plugin activities inside your applicatin. In one place you can track plugin activities by the users such as activation, deactivation, installation, deletion and more.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cp>✅ List all plugin’s activities\u003Cbr \u002F>\n  ✅ Filter data by Plugin Name, Plugin Status, Users, Users Caps, Date\u003C\u002Fp>\n\u003Ch3>Arbitrary section\u003C\u002Fh3>\n\u003Cp>You may provide arbitrary sections, in the same format as the ones above.  This may be of use for extremely complicated\u003Cbr \u002F>\nplugins where more information needs to be conveyed that doesn’t fit into the categories of “description” or\u003Cbr \u002F>\n“installation.”  Arbitrary sections will be shown below the built-in sections outlined above.\u003C\u002Fp>\n","Get notified with all plugin activities inside your applicatin. In one place you can track plugin activities by the users such as activation, deactiva &hellip;",0,683,"2022-06-28T04:16:00.000Z","6.0.11","3.0.1","",[4,18,19,20,21],"monitor-plugin","monitor-plugin-status","plugin-activities","plugin-activity","http:\u002F\u002Fdomain.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmonitor-activities-log.1.0.0.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":32,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"dipankarpal212",3,400,88,30,86,"2026-04-04T21:14:29.184Z",[37,59,66,77],{"slug":38,"name":39,"version":6,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":11,"num_ratings":11,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":49,"tags":50,"homepage":56,"download_link":57,"security_score":58,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26},"download-monitor-restrict-content-integration","Download Monitor & Restrict Content integration","WP Chill","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpchill\u002F","\u003Cp>With Download Monitor & Restrict Content integration you can allow only certain Restrict Content groups users to download from your website and set a maximum number of downloads based on their subscription duration.\u003C\u002Fp>\n","The WordPress gallery plugin that's highly customizable & you can use to impress your clients. Create beautiful image galleries in minutes.",200,4887,"2025-12-02T10:22:00.000Z","6.9.4","5.2","5.6",[51,52,53,54,55],"best-download-monitor-plugin","download-counts","manage-downloads-access","manage-user-access","restrict-downloads","https:\u002F\u002Fwww.download-monitor.com\u002Fextensions\u002Fdlm-restrict-content-integration\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdownload-monitor-restrict-content-integration.1.0.0.zip",100,{"slug":60,"name":61,"version":6,"author":40,"author_profile":41,"description":62,"short_description":43,"active_installs":58,"downloaded":63,"rating":11,"num_ratings":11,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":49,"tags":64,"homepage":16,"download_link":65,"security_score":58,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26},"download-monitor-paid-membership-pro-integration","Download Monitor & Paid Membership Pro integration","\u003Cp>With Download Monitor & Paid Membership Pro integration you can allow only certain Paid Membership Pro groups users to download from your website and set a maximum number of downloads based on their subscription duration.\u003C\u002Fp>\n",4467,[51,52,53,54,55],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdownload-monitor-paid-membership-pro-integration.1.0.0.zip",{"slug":67,"name":68,"version":69,"author":40,"author_profile":41,"description":70,"short_description":43,"active_installs":71,"downloaded":72,"rating":11,"num_ratings":11,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":49,"tags":73,"homepage":75,"download_link":76,"security_score":58,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26},"download-monitor-learndash-integration","Download Monitor & LearnDash integration","1.0.1","\u003Cp>With Download Monitor & LearnDash integration you can allow only certain LearnDash groups users to download from your website.\u003C\u002Fp>\n",60,2723,[51,52,74,53,54],"learndash-downloads","https:\u002F\u002Fwww.download-monitor.com\u002Fextensions\u002Fdlm-learndash-integration\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdownload-monitor-learndash-integration.1.0.1.zip",{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":11,"downloaded":85,"rating":11,"num_ratings":11,"last_updated":16,"tested_up_to":47,"requires_at_least":49,"requires_php":86,"tags":87,"homepage":91,"download_link":92,"security_score":58,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":93},"last-activity","Last Activity","2.0.3","Sajjad Hossain Sagor","https:\u002F\u002Fprofiles.wordpress.org\u002Fsajjad67\u002F","\u003Cp>Keep Tracks of each plugin’s last active datetime, helpful to find obsolete plugins for deletion.\u003C\u002Fp>\n\u003Ch4>Features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>No Complex Settings\u003C\u002Fli>\n\u003Cli>WP Settings Date Timezone\u003C\u002Fli>\n\u003Cli>View Last Time Activity In Plugin’s List View Page\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin saves each plugin's last activity time.",1611,"8.0",[88,21,89,90],"activity","plugin-status","status","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Flast-activity\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flast-activity.2.0.3.zip","2026-03-15T10:48:56.248Z",{"attackSurface":95,"codeSignals":127,"taintFlows":159,"riskAssessment":230,"analyzedAt":244},{"hooks":96,"ajaxHandlers":123,"restRoutes":124,"shortcodes":125,"cronEvents":126,"entryPointCount":11,"unprotectedCount":11},[97,104,110,113,115,118,121],{"type":98,"name":99,"callback":100,"priority":101,"file":102,"line":103},"filter","set-screen-option","c_screen_set_option",11,"admin\\class-monitor-plugins-activities-admin.php",56,{"type":105,"name":106,"callback":107,"file":108,"line":109},"action","plugins_loaded","anonymous","includes\\class-monitor-plugins-activities.php",162,{"type":105,"name":111,"callback":107,"file":108,"line":112},"admin_enqueue_scripts",177,{"type":105,"name":111,"callback":107,"file":108,"line":114},178,{"type":105,"name":116,"callback":107,"file":108,"line":117},"admin_menu",179,{"type":105,"name":119,"callback":107,"file":108,"line":120},"wp_enqueue_scripts",195,{"type":105,"name":119,"callback":107,"file":108,"line":122},196,[],[],[],[],{"dangerousFunctions":128,"sqlUsage":129,"outputEscaping":138,"fileOperations":11,"externalRequests":11,"nonceChecks":11,"capabilityChecks":11,"bundledLibraries":158},[],{"prepared":11,"raw":130,"locations":131},2,[132,136],{"file":133,"line":134,"context":135},"classes\\class-mpa-list.php",448,"$wpdb->query() with variable interpolation",{"file":133,"line":137,"context":135},449,{"escaped":139,"rawEcho":140,"locations":141},101,7,[142,146,148,150,152,154,156],{"file":143,"line":144,"context":145},"admin\\partials\\mpa_main_menu_list_function.php",24,"raw output",{"file":143,"line":147,"context":145},28,{"file":133,"line":149,"context":145},229,{"file":133,"line":151,"context":145},231,{"file":133,"line":153,"context":145},277,{"file":133,"line":155,"context":145},300,{"file":133,"line":157,"context":145},326,[],[160,180,190,202,212],{"entryPoint":161,"graph":162,"unsanitizedCount":178,"severity":179},"filter_filters (classes\\class-mpa-list.php:32)",{"nodes":163,"edges":175},[164,169],{"id":165,"type":166,"label":167,"file":133,"line":168},"n0","source","$_REQUEST",72,{"id":170,"type":171,"label":172,"file":133,"line":173,"wp_function":174},"n1","sink","echo() [XSS]",78,"echo",[176],{"from":165,"to":170,"sanitized":177},false,1,"medium",{"entryPoint":181,"graph":182,"unsanitizedCount":178,"severity":189},"\u003Cmpa_main_menu_list_function> (admin\\partials\\mpa_main_menu_list_function.php:0)",{"nodes":183,"edges":187},[184,186],{"id":165,"type":166,"label":185,"file":143,"line":147},"$_REQUEST['id']",{"id":170,"type":171,"label":172,"file":143,"line":147,"wp_function":174},[188],{"from":165,"to":170,"sanitized":177},"low",{"entryPoint":191,"graph":192,"unsanitizedCount":11,"severity":189},"extra_tablenav (classes\\class-mpa-list.php:89)",{"nodes":193,"edges":199},[194,197],{"id":165,"type":166,"label":195,"file":133,"line":196},"$_GET (x7)",102,{"id":170,"type":171,"label":172,"file":133,"line":198,"wp_function":174},104,[200],{"from":165,"to":170,"sanitized":201},true,{"entryPoint":203,"graph":204,"unsanitizedCount":11,"severity":189},"search_box (classes\\class-mpa-list.php:212)",{"nodes":205,"edges":210},[206,208],{"id":165,"type":166,"label":167,"file":133,"line":207},213,{"id":170,"type":171,"label":172,"file":133,"line":209,"wp_function":174},219,[211],{"from":165,"to":170,"sanitized":201},{"entryPoint":213,"graph":214,"unsanitizedCount":178,"severity":189},"\u003Cclass-mpa-list> (classes\\class-mpa-list.php:0)",{"nodes":215,"edges":226},[216,217,218,220,222,224],{"id":165,"type":166,"label":167,"file":133,"line":168},{"id":170,"type":171,"label":172,"file":133,"line":173,"wp_function":174},{"id":219,"type":166,"label":195,"file":133,"line":196},"n2",{"id":221,"type":171,"label":172,"file":133,"line":198,"wp_function":174},"n3",{"id":223,"type":166,"label":167,"file":133,"line":207},"n4",{"id":225,"type":171,"label":172,"file":133,"line":209,"wp_function":174},"n5",[227,228,229],{"from":165,"to":170,"sanitized":177},{"from":219,"to":221,"sanitized":201},{"from":223,"to":225,"sanitized":201},{"summary":231,"deductions":232},"The 'monitor-activities-log' plugin v1.0.0 exhibits a mixed security posture.  While the static analysis shows a seemingly small attack surface with no identified AJAX handlers, REST API routes, shortcodes, or cron events that lack authentication or permission checks, and a high percentage of properly escaped output, there are significant underlying concerns. The complete absence of nonce checks and capability checks, coupled with the fact that 100% of its SQL queries are not using prepared statements, points to a considerable risk of SQL injection vulnerabilities. Furthermore, the taint analysis revealing flows with unsanitized paths, even without critical or high severity, suggests potential for sensitive data exposure or manipulation if these flows are triggered. The lack of any known vulnerability history is positive but does not negate the inherent risks identified in the code.",[233,236,239,241],{"reason":234,"points":235},"SQL queries not using prepared statements",10,{"reason":237,"points":238},"No nonce checks found",8,{"reason":240,"points":238},"No capability checks found",{"reason":242,"points":243},"Flows with unsanitized paths",6,"2026-03-17T07:18:15.691Z",{"wat":246,"direct":266},{"assetPaths":247,"generatorPatterns":255,"scriptPaths":256,"versionParams":258},[248,249,250,251,252,253,254],"\u002Fwp-content\u002Fplugins\u002Fmonitor-activities-log\u002Fadmin\u002Fcss\u002Fmonitor-plugins-activities-admin.css","\u002Fwp-content\u002Fplugins\u002Fmonitor-activities-log\u002Fadmin\u002Fjs\u002Fmonitor-plugins-activities-admin.js","\u002Fwp-content\u002Fplugins\u002Fmonitor-activities-log\u002Fadmin\u002Fcss\u002Fdaterangepicker.css","\u002Fwp-content\u002Fplugins\u002Fmonitor-activities-log\u002Fadmin\u002Fjs\u002Fdaterangepicker.min.js","\u002Fwp-content\u002Fplugins\u002Fmonitor-activities-log\u002Fadmin\u002Fjs\u002Flist.js","\u002Fwp-content\u002Fplugins\u002Fmonitor-activities-log\u002Fadmin\u002Fcss\u002Ffont-awesome.min.css","\u002Fwp-content\u002Fplugins\u002Fmonitor-activities-log\u002Fadmin\u002Fcss\u002Flist.css",[],[257],"wp-includes\u002Fjs\u002Fdist\u002Fvendor\u002Fmoment.js",[259,260,261,262,263,264,265],"monitor-activities-log\u002Fadmin\u002Fcss\u002Fmonitor-plugins-activities-admin.css?ver=","monitor-activities-log\u002Fadmin\u002Fjs\u002Fmonitor-plugins-activities-admin.js?ver=","monitor-activities-log\u002Fadmin\u002Fcss\u002Fdaterangepicker.css?ver=time()","monitor-activities-log\u002Fadmin\u002Fjs\u002Fdaterangepicker.min.js?ver=time()","monitor-activities-log\u002Fadmin\u002Fjs\u002Flist.js?ver=","monitor-activities-log\u002Fadmin\u002Fcss\u002Ffont-awesome.min.css?ver=time()","monitor-activities-log\u002Fadmin\u002Fcss\u002Flist.css?ver=time()",{"cssClasses":267,"htmlComments":269,"htmlAttributes":272,"restEndpoints":274,"jsGlobals":275,"shortcodeOutput":277},[268],"mpa_log_per_page",[270,271],"\u003C!-- Provide a list of plugins that can be logged -->","\u003C!-- Add screen options for page -->",[273],"data-plugin-slug=\"monitor-activities-log\"",[],[276],"window.plugin_slug",[]]