[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fr0qeOx3Kz3dRzXqM5Gl37bhkZBJrCrV7urX1Eh4wr1M":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":46,"crawl_stats":36,"alternatives":53,"analysis":152,"fingerprints":328},"plainview-activity-monitor","Plainview Activity Monitor","20180826","edward_plainview","https:\u002F\u002Fprofiles.wordpress.org\u002Fedward_plainview\u002F","\u003Cp>Activity Monitor tracks all user activity on your blog or network. The activities can be viewed in global table showing activities on the whole network, or locally for just the blog you are currently viewing. The activites can be filtered so that only specific blogs \u002F hooks \u002F IPs \u002F users are displayed.\u003C\u002Fp>\n\u003Cp>Monitored actions include (not exhaustive):\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Comments: approve, held, spam, delete\u003C\u002Fli>\n\u003Cli>Custom Post Types:  draft, publish, update, trash, delete\u003C\u002Fli>\n\u003Cli>Logins: login, login failed, logout\u003C\u002Fli>\n\u003Cli>Pageviews: admin, front-end\u003C\u002Fli>\n\u003Cli>Passwords: reset, retrieve\u003C\u002Fli>\n\u003Cli>Plugins: activate, deactivate\u003C\u002Fli>\n\u003Cli>Pages: draft, publish, update, trash, delete\u003C\u002Fli>\n\u003Cli>Posts: draft, publish, update, trash, delete, password\u003C\u002Fli>\n\u003Cli>Taxonomies: create, edit, delete\u003C\u002Fli>\n\u003Cli>Themes: switched\u003C\u002Fli>\n\u003Cli>Updates: WordPress core, plugins, themes\u003C\u002Fli>\n\u003Cli>Users: register, delete, profile changes\u003C\u002Fli>\n\u003Cli>And more….\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The logged information consists of:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>A description of what was logged\u003C\u002Fli>\n\u003Cli>Blog\u003C\u002Fli>\n\u003Cli>Timestamp\u003C\u002Fli>\n\u003Cli>Hook that was triggered\u003C\u002Fli>\n\u003Cli>User ID\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>git\u003C\u002Fh4>\n\u003Cp>The \u003Ca href=\"https:\u002F\u002Fbitbucket.org\u002Fedward_electric\u002Factivity-monitor\" rel=\"nofollow ugc\">Activity Monitor has a git repository\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Security tips\u003C\u002Fh4>\n\u003Cp>There are several ways for people to break in to your WordPress installation, or cause trouble by DDOS. Here are some tips on how to use the Activity Monitor and its plugins to help detect problems:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Get a DDOS protection service with an API. There is a plugin to ban IPs via CloudFlare (\u003Cem>Send To CloudFlare\u003C\u002Fem>). Other APIs could be supported as the need arises.\u003C\u002Fli>\n\u003Cli>If you have another DDOS service, write a script that can ban visitors by IP. Use this script with the \u003Cem>Send To Exec\u003C\u002Fem> plugin.\u003C\u002Fli>\n\u003Cli>If you can’t ban users using a script, at least set up the \u003Cem>Send To E-mail\u003C\u002Fem> plugin to inform you of suspicious activity.\u003C\u002Fli>\n\u003Cli>Use the Bruteforce Detect plugin to detect when an IP or IPs are trying to guess the admin’s password. Ban the IPs automatically using \u003Cem>Send To Exec\u003C\u002Fem>.\u003C\u002Fli>\n\u003Cli>Do not use admin as the username for your administrator account. Instead, use some else and add the admin username to the list of banned usernames in the \u003Cem>Login Failed Username\u003C\u002Fem> plugin. Ban the IPs that cause the plugin to react.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Custom hooks\u003C\u002Fh4>\n\u003Cp>See the \u003Ca href=\"https:\u002F\u002Fpvactivitymonitor.com\u002Fdoc\u002Fdev\u002F\" rel=\"nofollow ugc\">developer documentation\u003C\u002Fa> for relevant info on how to create custom hooks.\u003C\u002Fp>\n","Real-time monitoring of users, content, functionality, appearance, security, and updates.",200,28899,72,12,"2018-08-26T15:08:00.000Z","4.9.29","3.9","",[20,21,22],"activities","activity","logging","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fplainview-activity-monitor\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fplainview-activity-monitor.20180826.zip",84,1,0,"2018-08-26 00:00:00","2026-03-15T15:16:48.613Z",[31],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":6,"severity":38,"cvss_score":39,"cvss_vector":40,"vuln_type":41,"published_date":28,"updated_date":42,"references":43,"days_to_patch":45},"CVE-2018-15877","plainview-activity-monitor-remote-command-injection","Plainview Activity Monitor \u003C 20180826 - Remote Command Injection","The Plainview Activity Monitor plugin before 20180826 for WordPress is vulnerable to OS command injection via shell metacharacters in the ip parameter of a wp-admin\u002Fadmin.php?page=plainview_activity_monitor&tab=activity_tools request.",null,"\u003C20180826","high",8.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","2024-01-22 19:56:02",[44],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F669df758-0c7d-41c9-a9bd-9b3697898c77?source=api-prod",1976,{"slug":7,"display_name":7,"profile_url":8,"plugin_count":47,"total_installs":48,"avg_security_score":49,"avg_patch_time_days":50,"trust_score":51,"computed_at":52},3,9200,94,603,75,"2026-04-04T18:18:58.772Z",[54,77,97,118,137],{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":62,"downloaded":63,"rating":64,"num_ratings":65,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":69,"tags":70,"homepage":74,"download_link":75,"security_score":76,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"buddypress-group-email-subscription","BuddyPress Group Email Subscription","4.2.4","Boone Gorges","https:\u002F\u002Fprofiles.wordpress.org\u002Fboonebgorges\u002F","\u003Cp>This powerful plugin allows users to receive email notifications of group activity. Weekly or daily digests are available. Each user can choose how they want to subscribe to their groups.\u003C\u002Fp>\n\u003Cp>Please note that this plugin requires BuddyPress, as well as the BuddyPress Groups and Activity components.\u003C\u002Fp>\n\u003Cp>EMAIL SUBSCRIPTION LEVELS\u003Cbr \u002F>\nThere are 5 levels of email subscription options:\u003C\u002Fp>\n\u003Col>\n\u003Cli>No Email – Read this group on the web\u003C\u002Fli>\n\u003Cli>Weekly Summary Email – A summary of new topics each week\u003C\u002Fli>\n\u003Cli>Daily Digest Email – All the day’s activity bundled into a single email\u003C\u002Fli>\n\u003Cli>New Topics Email – Send new topics as they arrive (but don’t send replies)\u003C\u002Fli>\n\u003Cli>All Email – Send all group activity as it arrives\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>DEFAULT SUBSCRIPTION STATUS\u003Cbr \u002F>\nGroup admins can choose one of the 5 subscription levels as a default that gets applied when new members join.\u003C\u002Fp>\n\u003Cp>DIGEST AND SUMMARY EMAILS\u003Cbr \u002F>\nThe daily digest email is sent every morning and contains all the emails from all the groups a user is subscribed to. The digest begins with a helpful topic summary. The weekly summary email contains the topic titles from the past week by default. Summary and digest timing can be configured in the back end. (The admin can view a sample of the digests and summaries in the queue by going adding this to your url: mydomain.com\u002Fsum=1. This won’t send emails just show what will be sent)\u003C\u002Fp>\n\u003Cp>HTML EMAILS\u003Cbr \u002F>\nThe digest and summary emails are sent out in multipart HTML and plain text email format. This makes the digest much more readable with better links. The email is multipart so users who need only plain text will get plain text.\u003C\u002Fp>\n\u003Cp>EMAILS FOR TOPICS I’VE STARTED OR COMMENTED ON (only available with BuddyPress legacy discussion forums)\u003Cbr \u002F>\nUsers receive email notifications when someone replies to a topic they create or comment on (similar to Facebook). This happens whether they are subscribed or not. Users can control this behaviour in their notifications page.\u003C\u002Fp>\n\u003Cp>TOPIC FOLLOW AND MUTE (only available with BuddyPress legacy discussion forums)\u003Cbr \u002F>\nUsers who are not fully subscribed to a group (ie. maybe they are on digest) can choose to get immediate email updates for specific topic threads. Any subsequent replies to that thread will be emailed to them. In an opposite way, users who are fully subscribed to a group but want to stop getting emails from a specific (perhaps annoying) thread can choose to mute that topic.  bbPress plugin users can utilize the “Subscribe” \u002F “Notify me of follow-up replies via email” option.\u003C\u002Fp>\n\u003Cp>ADMIN NOTIFICATION\u003Cbr \u002F>\nGroup admins can send out an email to all group members from the group’s admin section. This feature is helpful to quickly communicate to the whole group, but it should be used with caution.\u003C\u002Fp>\n\u003Cp>GROUP ADMINS CAN SET SUBSCRIPTION LEVEL\u003Cbr \u002F>\nGroup admins can set the subscription level for existing users on the group’s “Admin > Manage Members” page – either one by one or all at once.\u003C\u002Fp>\n\u003Cp>SPAM PROTECTION\u003Cbr \u002F>\nTo protect against spam, you can set a minimum number of days users need to be registered before their group activity will be emailed to other users. This feature is off by default, but can be enabled in the admin.\u003C\u002Fp>\n\u003Cp>TRANSLATORS\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Brazilian Portuguese – www.about.me\u002Fdennisaltermann (or www.congregacao.net)\u003C\u002Fli>\n\u003Cli>Catalan – Sara Arjona Téllez\u003C\u002Fli>\n\u003Cli>Danish – Morten Nalholm\u003C\u002Fli>\n\u003Cli>Dutch – Anja werkgroepen.net\u002Fwordpress, Tim de Hoog\u003C\u002Fli>\n\u003Cli>Farsi – Vahid Masoomi http:\u002F\u002Fwww.AzUni.ir\u003C\u002Fli>\n\u003Cli>French – http:\u002F\u002Fwww.claudegagne-photo.com, Sylvain Ghysens\u003C\u002Fli>\n\u003Cli>German – Peter Peterson, Thorsten Wollenhöfer, Jörg Lohrer\u003C\u002Fli>\n\u003Cli>Hebrew – Iggy Pritzker\u003C\u002Fli>\n\u003Cli>Italian – Stefano Russo\u003C\u002Fli>\n\u003Cli>Japanese – https:\u002F\u002Fbuddypress.org\u002Fcommunity\u002Fmembers\u002Fchestnut_jp\u002F\u003C\u002Fli>\n\u003Cli>Lithuanian – Vincent G http:\u002F\u002Fwww.Host1Free.com\u003C\u002Fli>\n\u003Cli>Russian – http:\u002F\u002Fwww.viaestvita.net\u002Fgroups\u002F\u003C\u002Fli>\n\u003Cli>Spanish – Williams Castillo, Gregor Gimmy\u003C\u002Fli>\n\u003Cli>Swedish – Thomas Schneider, Joakim Hising\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>NOTE TO PLUGIN AUTHORS\u003Cbr \u002F>\nIf your plugin posts updates to the standard BuddyPress activity stream, then group members who are subscribed via 3. Daily Digest and 5. All Email will get your updates automatically. However people subscribed as 2. Weekly Summary and 4. New Topic will not. If you feel some of your plugin’s updates are very important and want to make sure all subscribed members receive them, you can filter ‘ass_this_activity_is_important’ and return TRUE when $type matches your activity. See the ass_this_activity_is_important() function in bp-activity-subscription-functions.phpfor more info.\u003C\u002Fp>\n\u003Cp>PLUGIN SUPPORTERS:\u003Cbr \u002F>\nMajor supporters: shambhalanetwork.org & commons.gc.cuny.edu\u003Cbr \u002F>\nOther supporters: bluedotproductions.com\u003C\u002Fp>\n\u003Cp>PLUGIN DEVELOPMENT\u003Cbr \u002F>\nFor bug reports or to add patches or translation files, please visit the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fboonebgorges\u002Fbuddypress-group-email-subscription\u002F\" rel=\"nofollow ugc\">GES Github page\u003C\u002Fa>.  Contributions are definitely welcome!\u003C\u002Fp>\n","This powerful plugin allows users to receive email notifications of group activity. Weekly or daily digests are available.",1000,230356,80,32,"2024-10-04T14:35:00.000Z","6.6.5","3.2","5.3",[20,21,71,72,73],"bp","buddypress","groups","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fbuddypress-group-email-subscription\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-group-email-subscription.4.2.4.zip",92,{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":11,"downloaded":85,"rating":27,"num_ratings":27,"last_updated":86,"tested_up_to":67,"requires_at_least":87,"requires_php":88,"tags":89,"homepage":95,"download_link":96,"security_score":76,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"uptimemonster-site-monitor","UptimeMonster Site Monitor","1.0.0","UptimeMonster","https:\u002F\u002Fprofiles.wordpress.org\u002Fuptimemonster\u002F","\u003Cp>Track and analyze all activities on your WordPress website with the powerful and flexible UptimeMonster Site Monitor plugin.\u003Cbr \u002F>\nThis plugin integrates seamlessly with UptimeMonster, an external web application that monitors your website’s uptime, downtime, security, and other essential functions.\u003C\u002Fp>\n\u003Cp>UptimeMonster Site Monitor operates 24\u002F7, allowing you to identify and address issues before they impact users globally.\u003Cbr \u002F>\nActivate the plugin with and connect with the dashboard and monitor every aspect of your WordPress website.\u003Cbr \u002F>\nChoose from different monitoring interval mode, and receive a detailed report in a centralized dashboard for all of your websites.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FUTT14RCx84k?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Monitor WordPress Website Activities\u003C\u002Fh3>\n\u003Cp>Explore detailed information about any action by anyone on your WordPress site through the activity log.\u003Cbr \u002F>\nMonitor post changes, user actions, plugin and theme activation\u002Fdeactivation, WordPress cron jobs, etc.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WordPress core updates, cron job logs.\u003C\u002Fli>\n\u003Cli>Pages, Posts, CPT (Custom Post Types): add, edit, delete.\u003C\u002Fli>\n\u003Cli>Categories, Tags, Taxonomies: add, edit, delete.\u003C\u002Fli>\n\u003Cli>Plugins: install, activate, deactivate, update, delete.\u003C\u002Fli>\n\u003Cli>Themes: install, activate, change (switch), update, delete.\u003C\u002Fli>\n\u003Cli>Errors Logs: show error type, message, stack-trace and time.\u003C\u002Fli>\n\u003Cli>Users: register\u002Fadd, edit, delete.\u003C\u002Fli>\n\u003Cli>User Activity: login, logout, login fails, etc.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Manage WordPress Plugin, Themes And Core Updates\u003C\u002Fh3>\n\u003Cp>Manage your WordPress website’s plugin and theme from a single dashboard, check installed versions, available updates, etc.\u003Cbr \u002F>\nincluding \u003Ccode>mu-plugins\u003C\u002Fcode> and \u003Ccode>drop-ins\u003C\u002Fcode>.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Manage Plugins: Install new plugins from WordPress repository, update, activate\u002Fdeactivate, uninstall\u002Fdelete plugins.\u003C\u002Fli>\n\u003Cli>Manage Themes: Install new themes from WordPress repository, update, switch and delete themes including child-themes.\u003C\u002Fli>\n\u003Cli>Manage Core Updates: Upgrade WordPress core.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>WordPress error monitoring\u003C\u002Fh3>\n\u003Cp>This plugin will log and report php errors for your WordPress site. You will be able to view the error easily without having\u003Cbr \u002F>\nto log into your server via ssh\u002Fftp. This plugin will try to capture as much data as possible for the error, including error\u003Cbr \u002F>\nmessage, error severity, file and line number, timestamp, WordPress version, user details (if any user loggedin) etc.\u003C\u002Fp>\n\u003Ch3>WordPress Health Check\u003C\u002Fh3>\n\u003Cp>Receive a detailed report on your WordPress site’s health and performance, including security reports.\u003Cbr \u002F>\nUptimeMonster performs examinations to detect errors, issues, and custom checks by plugins and themes.\u003C\u002Fp>\n\u003Cp>The Site Health Status feature evaluates performance and security aspects, categorizing issues and recommendations into three layers:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Critical: Number of critical issues, categorized as security or performance, with suggested solutions.\u003C\u002Fli>\n\u003Cli>Recommended: List of recommendations for enhancing site health with step-by-step instructions.\u003C\u002Fli>\n\u003Cli>Passed Tests: Number of items with no issues, providing detailed information.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The plugin also reports website activity date and time, user details, and source IP addresses.\u003Cbr \u002F>\nNo setup is required; simply add the API key to connect the plugin.\u003C\u002Fp>\n\u003Ch3>Comprehensive Monitoring with UptimeMonster\u003C\u002Fh3>\n\u003Cp>Extend your monitoring capabilities beyond website and WordPress health – UptimeMonster offers a comprehensive suite of services\u003Cbr \u002F>\nto ensure the robustness of your entire online presence.\u003Cbr \u002F>\nIn addition to website and WordPress metrics, monitor the following services seamlessly from the same dashboard:\u003C\u002Fp>\n\u003Ch4>Server Monitoring\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Load Average\u003C\u002Fli>\n\u003Cli>CPU Utilization\u003C\u002Fli>\n\u003Cli>Disk Usage & Stats, iNode Usage\u003C\u002Fli>\n\u003Cli>RAM & Swap Usage\u003C\u002Fli>\n\u003Cli>Network Stats\u003C\u002Fli>\n\u003Cli>Active SSH Connections\u003C\u002Fli>\n\u003Cli>Running Processes\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Service Monitoring\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>IP blacklist\u003C\u002Fli>\n\u003Cli>DNS, FTP, sFTP, SSH\u003C\u002Fli>\n\u003Cli>SMTP, POP3, iMAP\u003C\u002Fli>\n\u003Cli>ICMP (ping), DNS lookup\u003C\u002Fli>\n\u003Cli>Custom TCP\u002FIP Ports\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Gain a holistic view of your digital infrastructure, ensuring optimal performance and preemptively addressing potential issues.\u003Cbr \u002F>\nUptimeMonster simplifies the monitoring of your website, server, and additional services, providing a centralized solution for a\u003Cbr \u002F>\nrobust online presence.\u003C\u002Fp>\n\u003Cp>Explore the full array of \u003Ca href=\"https:\u002F\u002Fuptimemonster.com\u002Ffeatures\" rel=\"nofollow ugc\">features\u003C\u002Fa> & \u003Ca href=\"https:\u002F\u002Fuptimemonster.com\u002Fmanagement-services\" rel=\"nofollow ugc\">services\u003C\u002Fa> available at your fingertips with UptimeMonster.\u003C\u002Fp>\n\u003Cp>Check out the \u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=UTT14RCx84k&ab_channel=UptimeMonster&sub_confirmation=1\" rel=\"nofollow ugc\">UptimeMonster promo video\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Please subscribe to our \u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002F@uptimemonster?sub_confirmation=1\" rel=\"nofollow ugc\">YouTube Channel\u003C\u002Fa> for tips & tricks.\u003C\u002Fp>\n\u003Cp>Start your journey by signing up for a \u003Ca href=\"https:\u002F\u002Fuptimemonster.com\u002Fproduct\u002Fuptimemonster-yearly-pricing?attribute_pa_packages=starter&variation_id=1171&add-to-cart=1170\" rel=\"nofollow ugc\">free starter account\u003C\u002Fa> with \u003Ca href=\"https:\u002F\u002Fuptimemonster.com\u002Fproduct\u002Fuptimemonster-yearly-pricing?attribute_pa_packages=starter&variation_id=1171&add-to-cart=1170\" rel=\"nofollow ugc\">UptimeMonster\u003C\u002Fa> today!\u003C\u002Fp>\n\u003Ch3>Manage WordPress Themes and Plugins with UptimeMonster\u003C\u002Fh3>\n\u003Cp>The Uptime Monster Monitor plugin is based on UptimeMonster app service. Our monitoring service provides features such as installing, activating, deactivating, and uninstalling any themes or plugins for specific WordPress site. Therefore, users will perform these actions from the app instead of the WordPress dashboard.\u003C\u002Fp>\n","Monitor all activities and error logs of your WordPress site with UptimeMonster. Effortlessly simplify website management.",1306,"2024-09-17T11:24:00.000Z","5.6","7.0",[90,91,92,93,94],"activity-monitor","error-logging","health-check","issue-tracker","uptime-monitoring","https:\u002F\u002Fgithub.com\u002FPixelaar-LLC\u002Fuptimemonster-site-monitor","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuptimemonster-site-monitor.1.0.0.zip",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":105,"downloaded":106,"rating":107,"num_ratings":47,"last_updated":18,"tested_up_to":108,"requires_at_least":109,"requires_php":18,"tags":110,"homepage":114,"download_link":115,"security_score":116,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":117},"dm-user-tracking-plugin","DM User Tracking","1.9.1","digmedia","https:\u002F\u002Fprofiles.wordpress.org\u002Fdigmedia\u002F","\u003Cp>The DM User Tracking plugin is a fully featured, page by page tracking plugin for your blog. Every time a page is visited on your blog, the plugin logs a whole host of information on the person who visited the page.\u003C\u002Fp>\n\u003Cp>The plugin is totally customisable from what you decide to track to what you decide you want to see. There is an optional dashboard widget included for a quick overview of recent visitors as well as a search feature for you to accurately sift through your tracking log and find the results you are looking for.\u003C\u002Fp>\n\u003Cp>\u003Cem>Data that is tracked by default:\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>IP address (including an attempt to locate IP addresses from behind a proxy)\u003C\u002Fli>\n\u003Cli>The HTTP referrer (what page the user was viewing before they clicked)\u003C\u002Fli>\n\u003Cli>The time of the click\u003C\u002Fli>\n\u003Cli>User ID\u003C\u002Fli>\n\u003Cli>User Level (admin, editor, so on)\u003C\u002Fli>\n\u003Cli>Display Name\u003C\u002Fli>\n\u003Cli>Browser\u003C\u002Fli>\n\u003Cli>Operating System\u003C\u002Fli>\n\u003Cli>The page they visited\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>Data that is not tracked by default but can be enabled:\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>GET variables\u003C\u002Fli>\n\u003Cli>POST variables\u003C\u002Fli>\n\u003Cli>Cookies\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Please be sure to read the “Other Notes” section to view your responsibilities\u003Cbr \u002F>\nin using this plugin.\u003C\u002Fp>\n\u003Ch3>Your Responsibility\u003C\u002Fh3>\n\u003Cp>Upon installing this plugin you need to realise that you are potentially logging\u003Cbr \u002F>\na lot of sensitive information on your users. You accept that by installing this\u003Cbr \u002F>\nplugin you are accepting not to misuse or abuse this data in any way. I will not\u003Cbr \u002F>\ntake responsibility of any case of misuse of data caused by this plugin. That is\u003Cbr \u002F>\nthe sole responsibility of the person who installed the plugin..This plugin is currently incompatible with the multi user function of wordpress we are working on updating the plugin to support the multiuser functionality.\u003C\u002Fp>\n\u003Cp>.This plugin does not currently support blocking of ip addresses.\u003C\u002Fp>\n","An extensive, customisable, fully featured user tracking plugin.",10,6372,40,"3.5.3","3.5.1",[21,111,112,22,113],"auditing","dm","tracking","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fdm-user-tracking-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdm-user-tracking-plugin.zip",100,"2026-03-15T10:48:56.248Z",{"slug":119,"name":120,"version":121,"author":122,"author_profile":123,"description":124,"short_description":125,"active_installs":105,"downloaded":126,"rating":27,"num_ratings":27,"last_updated":127,"tested_up_to":128,"requires_at_least":129,"requires_php":130,"tags":131,"homepage":134,"download_link":135,"security_score":136,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"lyon-site-activity","Lyon Site Activity","2.0.2","Wheaton College","https:\u002F\u002Fprofiles.wordpress.org\u002Fwheatoncollege\u002F","\u003Cp>A simple, lightweight plugin that gives site administrators an at-a-glance view of recent content edits.\u003C\u002Fp>\n\u003Cp>A single screen under the \u003Cstrong>Tools\u003C\u002Fstrong> menu  shows tabular data for the latest created, latest modified, and\u002For latest trashed post, pages, or custom post types.  You can also find the latest created taxonomies and custom taxonomies, along with latest added media elements (currently only PDF application types are supported.)  Dynamic navigation control is found in a sticky element at the top of the page, allowing fast access to special areas of interest.\u003C\u002Fp>\n\u003Cp>A single screen under the \u003Cstrong>Settings\u003C\u002Fstrong> menu will allow you to show only those posts, custom post types, taxonomies, or custom taxonomies that you are interested in seeing.  Please note that while custom post type and custom taxonomies you create will be listed here, it does not mean that they are fully supported at this time.  They should work as desired, but custom post types and custom taxonomies can be tricky.\u003C\u002Fp>\n\u003Ch3>Background\u003C\u002Fh3>\n\u003Cp>This plugin was designed to fulfill a need of Wheaton College, Norton MA. We wanted to track \u003Cem>some\u003C\u002Fem> editor activity without storing records in the database. The guiding principle was that the code would be lightweight and \u003Cem>read only\u003C\u002Fem>.\u003C\u002Fp>\n\u003Cp>One use case is to review recent edits to ensure user compliance with existing guidelines.\u003C\u002Fp>\n\u003Cp>Another is to review if there have been any recent edits at all.\u003C\u002Fp>\n\u003Cp>This plugin supplements our paid site monitoring software. The idea is to catch issues early, providing a teaching opportunity for web editors that are less experienced.\u003C\u002Fp>\n","A simple, lightweight plugin that gives site administrators an at-a-glance view of recent content edits.",1385,"2020-09-28T17:10:00.000Z","5.3.21","3.5","5.4.0",[132,22,133],"admin","site-activity","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Flyon-site-activity\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flyon-site-activity.zip",85,{"slug":138,"name":139,"version":80,"author":140,"author_profile":141,"description":142,"short_description":143,"active_installs":105,"downloaded":144,"rating":27,"num_ratings":27,"last_updated":145,"tested_up_to":146,"requires_at_least":87,"requires_php":147,"tags":148,"homepage":18,"download_link":151,"security_score":116,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"user-activity-tracker","User Activity Tracker","whizPlugins","https:\u002F\u002Fprofiles.wordpress.org\u002Fwhizplugins\u002F","\u003Cp>User Activity Tracker is a lightweight and efficient WordPress plugin that allows you to track and log user activities on your site. Whether you need to monitor login attempts, content updates, or administrative changes, this plugin provides real-time tracking and reporting.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Tracks user logins, post updates, and administrative actions.\u003Cbr \u002F>\n– Displays recent user activity in an easy-to-read format.\u003Cbr \u002F>\n– Secure and optimized for performance.\u003Cbr \u002F>\n– Compatible with the latest version of WordPress.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>For support, visit the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fuser-activity-tracker\" rel=\"ugc\">plugin support forum\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Developed by Hazrath Ali (https:\u002F\u002Fgithub.com\u002FHazrath15).\u003C\u002Fp>\n","Track and monitor user activity effortlessly with User Activity Tracker. Stay informed about actions taken on your site.",320,"2025-06-12T16:22:00.000Z","6.7.5","7.4",[149,22,113,150],"custom","user-activity","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-activity-tracker.zip",{"attackSurface":153,"codeSignals":224,"taintFlows":290,"riskAssessment":310,"analyzedAt":327},{"hooks":154,"ajaxHandlers":220,"restRoutes":221,"shortcodes":222,"cronEvents":223,"entryPointCount":27,"unprotectedCount":27},[155,160,162,168,172,176,179,183,187,189,192,196,199,203,206,209,211,214,216,219],{"type":156,"name":157,"callback":157,"file":158,"line":159},"action","plainview_activity_monitor_manifest_hooks","dev\\examples\\1_minimal\\PVAM_Example_1.php",23,{"type":156,"name":157,"callback":157,"file":161,"line":159},"dev\\examples\\2_minimal_expanded\\PVAM_Example_2.php",{"type":163,"name":164,"callback":165,"file":166,"line":167},"filter","post_password_expires","do_log","src\\hooks\\post_password.php",26,{"type":163,"name":169,"callback":165,"file":170,"line":171},"upgrader_post_install","src\\hooks\\upgrader_post_install.php",25,{"type":156,"name":173,"callback":174,"file":175,"line":65},"admin_menu","anonymous","src\\Plainview_Activity_Monitor.php",{"type":156,"name":177,"callback":173,"file":175,"line":178},"network_admin_menu",33,{"type":156,"name":180,"callback":181,"file":175,"line":182},"plugins_loaded","wp_loaded",35,{"type":156,"name":184,"callback":174,"file":185,"line":186},"plainview_activity_monitor_display_activity_table_column","src\\traits\\activities.php",11,{"type":156,"name":188,"callback":174,"file":185,"line":14},"plainview_activity_monitor_get_activity_description",{"type":156,"name":190,"callback":174,"file":185,"line":191},"plainview_activity_monitor_get_activity_table_columns",13,{"type":156,"name":193,"callback":174,"file":194,"line":195},"plainview_activity_monitor_add_filter_settings","src\\traits\\activities_overview.php",17,{"type":156,"name":197,"callback":174,"file":194,"line":198},"plainview_activity_monitor_save_filter_settings",18,{"type":156,"name":200,"callback":174,"file":201,"line":202},"plainview_activity_monitor_list_activities","src\\traits\\database.php",20,{"type":156,"name":200,"callback":204,"priority":116,"file":201,"line":205},"plainview_activity_monitor_list_activities_actual",21,{"type":156,"name":207,"callback":174,"file":201,"line":208},"plainview_activity_monitor_list_distinct_values",22,{"type":156,"name":210,"callback":174,"file":201,"line":159},"plainview_activity_monitor_log_hook",{"type":156,"name":212,"callback":174,"file":201,"line":213},"plainview_activity_monitor_prune_activities",24,{"type":156,"name":215,"callback":174,"file":201,"line":171},"plainview_activity_monitor_remove_activities",{"type":156,"name":217,"callback":174,"file":218,"line":202},"plainview_activity_monitor_get_logged_hooks","src\\traits\\hooks.php",{"type":156,"name":157,"callback":174,"file":218,"line":205},[],[],[],[],{"dangerousFunctions":225,"sqlUsage":239,"outputEscaping":242,"fileOperations":105,"externalRequests":27,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":289},[226,231,235],{"fn":227,"file":228,"line":229,"context":230},"unserialize","src\\sdk\\traits\\db_aware_object.php",268,"$object->$key = @unserialize( base64_decode( $object->$key ) );",{"fn":227,"file":232,"line":233,"context":234},"src\\sdk\\wordpress\\base.php",1015,"return unserialize( base64_decode( $string) );",{"fn":236,"file":194,"line":237,"context":238},"exec",360,"exec( 'dig -x ' . $ip, $output );",{"prepared":240,"raw":27,"locations":241},16,[],{"escaped":243,"rawEcho":202,"locations":244},28,[245,248,250,252,254,256,258,260,263,266,268,270,272,274,276,279,281,283,285,287],{"file":232,"line":246,"context":247},252,"raw output",{"file":232,"line":249,"context":247},304,{"file":232,"line":251,"context":247},546,{"file":232,"line":253,"context":247},709,{"file":232,"line":255,"context":247},749,{"file":232,"line":257,"context":247},1096,{"file":232,"line":259,"context":247},1390,{"file":261,"line":262,"context":247},"src\\sdk\\wordpress\\tabs\\tabs.php",332,{"file":264,"line":265,"context":247},"src\\sdk\\wordpress\\traits\\debug.php",145,{"file":194,"line":267,"context":247},199,{"file":194,"line":269,"context":247},267,{"file":194,"line":271,"context":247},279,{"file":194,"line":273,"context":247},297,{"file":194,"line":275,"context":247},376,{"file":277,"line":278,"context":247},"src\\traits\\admin_menu.php",192,{"file":277,"line":280,"context":247},258,{"file":277,"line":282,"context":247},354,{"file":277,"line":284,"context":247},363,{"file":277,"line":286,"context":247},438,{"file":288,"line":198,"context":247},"src\\traits\\plugin_pack.php",[],[291],{"entryPoint":292,"graph":293,"unsanitizedCount":309,"severity":38},"\u003Ctabs> (src\\sdk\\wordpress\\tabs\\tabs.php:0)",{"nodes":294,"edges":306},[295,300],{"id":296,"type":297,"label":298,"file":261,"line":299},"n0","source","$_GET (x2)",198,{"id":301,"type":302,"label":303,"file":261,"line":304,"wp_function":305},"n1","sink","call_user_func_array() [RCE]",328,"call_user_func_array",[307],{"from":296,"to":301,"sanitized":308},false,2,{"summary":311,"deductions":312},"The plainview-activity-monitor plugin, version 20180826, exhibits a mixed security posture.  While it demonstrates good practices such as using prepared statements for all SQL queries and avoiding external HTTP requests, it has significant areas of concern.  The static analysis revealed the presence of dangerous functions like `unserialize` and `exec`, alongside a critical taint flow with unsanitized input.  The absence of nonce checks and capability checks on all entry points is a major weakness, especially considering the presence of dangerous functions that could be leveraged.  \n\nThe vulnerability history indicates a past high-severity OS Command Injection vulnerability, which is concerning given the `exec` function is present in the code. This suggests a history of exploitable flaws that could have severe consequences if similar vulnerabilities are introduced or if the existing ones are not thoroughly mitigated.  The fact that the last known vulnerability was on the same date as the plugin version implies the potential for self-inflicted vulnerabilities or a direct link to the code's state.  \n\nIn conclusion, while the plugin uses prepared statements and avoids external requests, the presence of dangerous functions, a critical taint flow, a lack of essential security checks (nonces and capabilities), and a history of high-severity vulnerabilities paint a picture of moderate to high risk. The absence of any current unpatched CVEs is positive, but the underlying code quality and historical issues warrant caution.",[313,316,318,320,322,324],{"reason":314,"points":315},"Dangerous functions present (unserialize, exec)",15,{"reason":317,"points":315},"Critical severity taint flow found",{"reason":319,"points":105},"Missing nonce checks on entry points",{"reason":321,"points":105},"Missing capability checks on entry points",{"reason":323,"points":315},"High severity CVE in history",{"reason":325,"points":326},"Unescaped output percentage (58%)",5,"2026-03-16T20:25:23.467Z",{"wat":329,"direct":337},{"assetPaths":330,"generatorPatterns":332,"scriptPaths":333,"versionParams":335},[331],"\u002Fwp-content\u002Fplugins\u002Fplainview-activity-monitor\u002Fcss\u002Ficon.svg",[],[334],"\u002Fwp-content\u002Fplugins\u002Fplainview-activity-monitor\u002Fjs\u002Fjs.js",[336],"plainview-activity-monitor\u002Fjs\u002Fjs.js?ver=",{"cssClasses":338,"htmlComments":348,"htmlAttributes":349,"restEndpoints":351,"jsGlobals":352,"shortcodeOutput":354},[339,340,341,342,343,344,345,346,347],"hooks","pvam","plugins","with_groups","group","inactive","plugin","active","plugin-title",[],[350],"data-group",[],[353],"PLAINVIEW_ACTIVITY_MONITOR_VERSION",[]]