Does Process Log have any unpatched vulnerabilities?

No. All known vulnerabilities in Process Log have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Process Log compatible with WordPress 6.2.0?

According to WordPress.org data, Process Log 1.3.4 has been tested up to WordPress 6.2.0. Check the plugin's changelog for the latest compatibility information.

How often is Process Log updated?

Process Log was last updated on May 3, 2023. Frequent updates are generally a positive security signal.

What is Process Log's security score?

Process Log has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Process Log Security & Risk Analysis

wordpress.org/plugins/process-log

Logging system.

10 active installs v1.3.4 PHP + WP 5.0+ Updated May 3, 2023

debuglog

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Process Log Safe to Use in 2026?

Generally Safe

Score 85/100

Process Log has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2yr ago

Risk Assessment

The "process-log" plugin version 1.3.4 exhibits a concerning security posture due to a significant number of unprotected entry points. The static analysis reveals two AJAX handlers that lack authentication checks, presenting a direct attack vector for unauthorized actions. Furthermore, the taint analysis identified two flows with unsanitized paths, classified as high severity, indicating potential for sensitive data exposure or manipulation if these paths are triggered by malicious input. While the plugin has no recorded vulnerability history or known CVEs, and demonstrates good practices in SQL prepared statements and output escaping, the identified unprotected AJAX endpoints and high-severity taint flows are critical weaknesses that cannot be overlooked. The absence of nonce checks on AJAX handlers is a particularly worrying oversight.

In conclusion, despite a clean vulnerability history and some positive coding practices, the "process-log" plugin's security is significantly undermined by its exposed AJAX endpoints and the presence of high-severity unsanitized taint flows. These issues create tangible risks for WordPress sites using this plugin, necessitating immediate attention and remediation. The lack of any recorded vulnerabilities might suggest a lack of prior focused security auditing or a smaller user base, rather than inherent security, making the current identified risks even more prominent.

Key Concerns

Unprotected AJAX handlers
High severity unsanitized taint flows
Missing nonce checks on AJAX

Vulnerabilities

None known

Process Log Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Process Log Code Analysis

Dangerous Functions

Raw SQL Queries

9 prepared

Unescaped Output

23 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

50% prepared18 total queries

Output Escaping

72% escaped32 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

process_logs (classes\Ajax.php:106)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

Process Log Attack Surface

Entry Points2

Unprotected2

AJAX Handlers 2

authwp_ajax_processes_listclasses\Ajax.php:21

authwp_ajax_process_logsclasses\Ajax.php:22

WordPress Hooks 23

actioninitclasses\Component\Plugin.php:77

actionadmin_menuclasses\MenuPage.php:30

actionadmin_initclasses\Schedule.php:14

actionadmin_initclasses\Updates.php:10

actionadd_meta_boxesclasses\View\CommentMetaBoxView.php:14

actionwp_insert_commentclasses\Watcher\CommentWatcher.php:23

actiontransition_comment_statusclasses\Watcher\CommentWatcher.php:24

filterwp_update_comment_dataclasses\Watcher\CommentWatcher.php:25

actioncontent_user_relations_add_relation_afterclasses\Watcher\ContentUserRelationWatcher.php:27

actioncontent_user_relations_remove_relation_afterclasses\Watcher\ContentUserRelationWatcher.php:31

actionadded_optionclasses\Watcher\OptionsWatcher.php:22

actionupdated_optionclasses\Watcher\OptionsWatcher.php:23

actiondelete_optionclasses\Watcher\OptionsWatcher.php:24

actionpost_updatedclasses\Watcher\PostWatcher.php:32

actionadd_post_metaclasses\Watcher\PostWatcher.php:33

actionupdate_post_metaclasses\Watcher\PostWatcher.php:34

actiondelete_post_metaclasses\Watcher\PostWatcher.php:35

actionuser_registerclasses\Watcher\UserWatcher.php:28

actionprofile_updateclasses\Watcher\UserWatcher.php:29

actionupdate_user_metaclasses\Watcher\UserWatcher.php:30

actiondelete_userclasses\Watcher\UserWatcher.php:34

filterwp_mailclasses\Watcher\WPMailWatcher.php:28

actionshutdownclasses\Writer.php:31

Maintenance & Trust

Process Log Maintenance & Trust

Maintenance Signals

WordPress version tested6.2.0

Last updatedMay 3, 2023

PHP min version

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Process Log Alternatives

Error Log Viewer by BestWebSoft

error-log-viewer

Get latest error log messages to diagnose website problems. Define and fix issues faster.

6K 5 CVEs

Dashboard Widgets Suite

dashboard-widgets-suite

Adds 9 awesome widgets to your WP Dashboard. Includes User Notes, Social Buttons, System Info, Debug/Error Logs, and more!

4K 3 CVEs

Debug Log – Manager Tool

debug-log-config-tool

The "Debug Log Config Tool" simplifies debugging. Toggle logging,queries , view levels, clear logs from dashboard.

3K 1 CVE

Cron Logger

cron-logger

Logs wp-cron.php runs.

2K 1 unpatched

Debug

debug

Debug can help you to find errors in your wordpress website via editing wp-config.php file and email notification.

2K 1 CVE

Developer Profile

Process Log Developer Profile

EdwardBock

22 plugins · 2K total installs

trust score

Avg Security Score

90/100

Avg Patch Time

107 days

View full developer profile

Detection Fingerprints

How We Detect Process Log

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/process-log/css/menu-page.css/wp-content/plugins/process-log/js/api.js/wp-content/plugins/process-log/js/menu-page.js

Script Paths

/wp-content/plugins/process-log/js/api.js/wp-content/plugins/process-log/js/menu-page.js

HTML / DOM Fingerprints

CSS Classes

process-logprocess-log-table-bodyprocess-log-load-moreprocess-filters

Data Attributes

data-process_iddata-process_typedata-process_severitydata-process_createddata-process_userdata-process_message

JS Globals

ProcessLogAPIProcessLogApp

REST Endpoints

/wp-json/process-log/v1/logs

FAQ