Does Recent Logins have any unpatched vulnerabilities?

No. All known vulnerabilities in Recent Logins have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Recent Logins compatible with WordPress 4.6.30?

According to WordPress.org data, Recent Logins 1.0.0 has been tested up to WordPress 4.6.30. Check the plugin's changelog for the latest compatibility information.

How often is Recent Logins updated?

Recent Logins was last updated on Apr 23, 2016. Frequent updates are generally a positive security signal.

What is Recent Logins's security score?

Recent Logins has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Recent Logins Security & Risk Analysis

wordpress.org/plugins/recent-logins

Is there someone else logging in to your account? Keep an eye on your recent login records.

10 active installs v1.0.0 PHP + WP 3.0.0+ Updated Apr 23, 2016

latest-login-recordslatest-loginslogin-historylogin-recordrecent-login

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Recent Logins Safe to Use in 2026?

Generally Safe

Score 85/100

Recent Logins has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9yr ago

Risk Assessment

The "recent-logins" plugin v1.0.0 presents a concerning security posture, despite a clean vulnerability history. While the plugin boasts a zero attack surface for common entry points like AJAX, REST API, shortcodes, and cron events, indicating good initial design in those areas, the code analysis reveals significant underlying risks. The presence of the `unserialize` function is a major red flag, especially when combined with the fact that no nonce checks are implemented. This combination can lead to remote code execution vulnerabilities if an attacker can control the data being unserialized.

Furthermore, the plugin executes SQL queries without using prepared statements, increasing the risk of SQL injection attacks. The lack of output escaping on all identified outputs means that any data displayed by the plugin is vulnerable to cross-site scripting (XSS) attacks. Although there are no known CVEs, this does not negate the inherent risks identified in the code. The plugin demonstrates a clear weakness in secure coding practices, particularly around input validation and data sanitization, which could be easily exploited if an attacker can influence the serialized data or database inputs.

Key Concerns

Unescaped output (all outputs)
Raw SQL without prepare
Dangerous function: unserialize
Missing nonce checks

Vulnerabilities

None known

Recent Logins Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Recent Logins Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$client = unserialize( $log->client ); ?>recent-logins.php:131

SQL Query Safety

0% prepared1 total queries

Output Escaping

0% escaped8 total outputs

Attack Surface

Recent Logins Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 8

actionplugins_loadedrecent-logins.php:40

actionwp_loginrecent-logins.php:41

actionshow_user_profilerecent-logins.php:42

actionedit_user_profilerecent-logins.php:43

filtermanage_site-users-network_columnsrecent-logins.php:45

filtermanage_users_columnsrecent-logins.php:46

filterwpmu_users_columnsrecent-logins.php:47

filtermanage_users_custom_columnrecent-logins.php:48

Maintenance & Trust

Recent Logins Maintenance & Trust

Maintenance Signals

WordPress version tested4.6.30

Last updatedApr 23, 2016

PHP min version

Downloads2K

Community Trust

Rating60/100

Number of ratings2

Active installs10

Alternatives

Recent Logins Alternatives

When Last Login – Export User Records

when-last-login-export-user-records

100

Export your user's login records into a CSV or JSON file in seconds.

600 No CVEs

WP Users Login History

wp-users-login-history

Track website's users by their login related information like Last login Date/Time, Environment/Server IP address,Country/City/Continent/Timezone …

70 No CVEs

User Login Tracker

user-login-tracker

100

Monitor user login activity with advanced analytics, visual charts, and comprehensive tracking dashboard.

30 No CVEs

Login Activity Tracker

100

Tracks user login attempts and displays login logs with styled pagination for admins and users.

0 No CVEs

WP Easy Login – Remember Recent Usernames

wp-easy-login

100

WP Easy Login stores the recent logins and makes it easy for you to login by selecting an account.

0 No CVEs

Developer Profile

Recent Logins Developer Profile

Nazmul Ahsan

6 plugins · 180 total installs

trust score

Avg Security Score

86/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Recent Logins

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

CSS Classes

recent-logins-wraprecent-login-table

FAQ