[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f2lB7c8Oz-Q886jVudN3RbQ0lH3pjcBv5A6iPjm6s3Xg":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":22,"download_link":23,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":37,"analysis":137,"fingerprints":228},"site-health-tools","Site Health Tools","1.0.1","Marius L. J.","https:\u002F\u002Fprofiles.wordpress.org\u002Fclorith\u002F","\u003Cp>The Site Health Tools plugin implements a selection of additional tools to the Site Health section of your site, to help you diagnose common issues.\u003C\u002Fp>\n\u003Cp>These are checks that require some form of user interaction, and therefore are not as good of a fit as the automatic nature of the normal Site Health checker.\u003C\u002Fp>\n\u003Cp>Providing tools such as:\u003Cbr \u002F>\n– Debug log viewer\u003Cbr \u002F>\n– File integrity checker\u003Cbr \u002F>\n– PHP information\u003Cbr \u002F>\n– Mail sending test\u003Cbr \u002F>\n– Plugin PHP compatibility checker\u003Cbr \u002F>\n– And more…\u003C\u002Fp>\n","Introduces additional common tools to the Site Health interface.",200,2071,90,2,"2026-01-01T11:22:00.000Z","6.9.4","5.8","7.1",[20,21],"health-check","site-health","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsite-health-tools\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsite-health-tools.1.0.1.zip",100,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":33,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"clorith",5,90310,85,30,84,"2026-04-04T01:11:33.875Z",[38,56,77,100,121],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":25,"num_ratings":25,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":51,"tags":52,"homepage":54,"download_link":55,"security_score":33,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"plugin-health-check","Plugin Health Check","0.0.5","kero","https:\u002F\u002Fprofiles.wordpress.org\u002Fkingkero\u002F","\u003Cp>This plugin adds additional tests to the Site Health screen.\u003C\u002Fp>\n\u003Cp>Right now this only includes whether updates are available or not. Future releases will include options to silence & escalate specific plugin updates as well as multiple more sanity checks for the installed plugins and themes.\u003C\u002Fp>\n","Adds checks to the Site Health screen to test installed plugins and themes.",20,1708,"2019-08-06T17:54:00.000Z","5.2.24","5.2","7.2",[20,21,53],"site-health-check","https:\u002F\u002Fgithub.com\u002Fkingkero\u002Fplugin-health-check","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fplugin-health-check.0.0.5.zip",{"slug":20,"name":57,"version":58,"author":59,"author_profile":60,"description":61,"short_description":62,"active_installs":63,"downloaded":64,"rating":65,"num_ratings":66,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":70,"tags":71,"homepage":72,"download_link":73,"security_score":74,"vuln_count":31,"unpatched_count":75,"last_vuln_date":76,"fetched_at":27},"Health Check & Troubleshooting","1.7.1","WordPress.org","https:\u002F\u002Fprofiles.wordpress.org\u002Fwordpressdotorg\u002F","\u003Cp>This plugin will perform a number of checks on your WordPress installation to detect common configuration errors and known issues, and also allows plugins and themes to add their own checks.\u003C\u002Fp>\n\u003Cp>The debug section, which allows you to gather information about your WordPress and server configuration that you may easily share with support representatives for themes, plugins or on the official WordPress.org support forums.\u003C\u002Fp>\n\u003Cp>Troubleshooting allows you to have a clean WordPress session, where all plugins are disabled, and a default theme is used, but only for your user until you disable it or log out.\u003C\u002Fp>\n\u003Cp>The Tools section allows you to check that WordPress files have not been tampered with, that emails can be sent, and if your plugins are compatible with any PHP version updates in the future.\u003C\u002Fp>\n\u003Cp>For a more extensive example of how to efficiently use the Health Check plugin, check out the \u003Ca href=\"https:\u002F\u002Fmake.wordpress.org\u002Fsupport\u002Fhandbook\u002Fappendix\u002Ftroubleshooting-using-the-health-check\u002F\" rel=\"nofollow ugc\">WordPress.org support team handbook page about this plugin\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Feedback is welcome both through the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fhealth-check\" rel=\"ugc\">WordPress.org forums\u003C\u002Fa>, the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FWordPress\u002Fhealth-check\" rel=\"nofollow ugc\">GitHub project page\u003C\u002Fa>, or on \u003Ca href=\"https:\u002F\u002Fmake.wordpress.org\u002Fchat\" rel=\"nofollow ugc\">Slack\u003C\u002Fa> in either \u003Ca href=\"https:\u002F\u002Fwordpress.slack.com\u002Fmessages\u002Fforums\u002F\" rel=\"nofollow ugc\">#forums\u003C\u002Fa> or \u003Ca href=\"https:\u002F\u002Fwordpress.slack.com\u002Fmessages\u002Fcore-site-health\u002F\" rel=\"nofollow ugc\">#core-site-health\u003C\u002Fa>.\u003C\u002Fp>\n","Health Check identifies common problems, and helps you troubleshoot plugin and theme conflicts.",300000,5255588,72,179,"2024-07-25T21:43:00.000Z","6.6.5","4.4","5.6",[20],"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fhealth-check\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhealth-check.1.7.1.zip",57,1,"2025-12-15 00:00:00",{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":85,"downloaded":86,"rating":87,"num_ratings":88,"last_updated":89,"tested_up_to":90,"requires_at_least":91,"requires_php":51,"tags":92,"homepage":97,"download_link":98,"security_score":24,"vuln_count":75,"unpatched_count":25,"last_vuln_date":99,"fetched_at":27},"performance-lab","Performance Lab","4.1.0","WordPress Performance Team","https:\u002F\u002Fprofiles.wordpress.org\u002Fperformanceteam\u002F","\u003Cp>The Performance Lab plugin is a collection of features focused on enhancing the performance of your site, most of which should eventually be merged into WordPress core. The plugin facilitates the discovery and activation of the individual performance feature plugins which the performance team is developing. In this way you can test the features to get their benefits before they become available in WordPress core. You can also play an important role by providing feedback to further improve the solutions.\u003C\u002Fp>\n\u003Cp>The feature plugins which are currently featured by this plugin are:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fembed-optimizer\u002F\" rel=\"ugc\">Embed Optimizer\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fauto-sizes\u002F\" rel=\"ugc\">Enhanced Responsive Images\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdominant-color-images\u002F\" rel=\"ugc\">Image Placeholders\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fimage-prioritizer\u002F\" rel=\"ugc\">Image Prioritizer\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fnocache-bfcache\u002F\" rel=\"ugc\">Instant Back\u002FForward\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwebp-uploads\u002F\" rel=\"ugc\">Modern Image Formats\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Foptimization-detective\u002F\" rel=\"ugc\">Optimization Detective\u003C\u002Fa> (dependency for Embed Optimizer and Image Prioritizer)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fperformant-translations\u002F\" rel=\"ugc\">Performant Translations\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fspeculation-rules\u002F\" rel=\"ugc\">Speculative Loading\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fview-transitions\u002F\" rel=\"ugc\">View Transitions\u003C\u002Fa> \u003Cem>(experimental)\u003C\u002Fem>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>These plugins can also be installed separately from installing Performance Lab, but having the Performance Lab plugin also active will ensure you find out about new performance features as they are developed.\u003C\u002Fp>\n","Performance plugin from the WordPress Performance Team, which is a collection of standalone performance features.",200000,3452248,86,50,"2026-02-27T20:19:00.000Z","7.0","6.6",[93,94,95,96,21],"diagnostics","measurement","optimization","performance","https:\u002F\u002Fgithub.com\u002FWordPress\u002Fperformance","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fperformance-lab.4.1.0.zip","2023-05-18 00:00:00",{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":108,"downloaded":109,"rating":24,"num_ratings":110,"last_updated":111,"tested_up_to":16,"requires_at_least":112,"requires_php":113,"tags":114,"homepage":119,"download_link":120,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"version-info","Version Info – Server Health Monitor, PHP & MySQL Version Display, Environment Indicators","2.0.0","Brandon Ernst","https:\u002F\u002Fprofiles.wordpress.org\u002Fbrandonfire\u002F","\u003Ch4>🛡️ THE ESSENTIAL TECHNICAL HUD FOR EVERY WORDPRESS PROFESSIONAL\u003C\u002Fh4>\n\u003Cp>Stop digging through hidden menus or leaving insecure \u003Ccode>phpinfo()\u003C\u002Fcode> files on your server. \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fversioninfoplugin.com\u002F\" title=\"Visit the Version Info website\" rel=\"nofollow ugc\">Version Info\u003C\u002Fa>\u003C\u002Fstrong> is the essential technical dashboard that brings your site’s most vital environment data directly into your daily workflow — the admin footer, the admin bar, or a dedicated dashboard widget.\u003C\u002Fp>\n\u003Cp>Whether you’re a freelancer managing dozens of client sites, a developer debugging a complex plugin conflict, or an agency maintaining a portfolio of high-value properties, having instant access to your \u003Cstrong>PHP version\u003C\u002Fstrong>, \u003Cstrong>MySQL version\u003C\u002Fstrong>, \u003Cstrong>WordPress version\u003C\u002Fstrong>, and \u003Cstrong>web server type\u003C\u002Fstrong> is a mission-critical utility.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Version Info\u003C\u002Fstrong> has been trusted by WordPress professionals since 2015 and is now supercharged with a complete PRO + Agency suite for serious site monitoring. Learn more at \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fversioninfoplugin.com\u002F\" title=\"Version Info official website\" rel=\"nofollow ugc\">versioninfoplugin.com\u003C\u002Fa>\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch4>✨ What Makes Version Info Different?\u003C\u002Fh4>\n\u003Cp>Most server info plugins show you a wall of data you don’t need. Version Info is designed around \u003Cstrong>the data you actually use every day\u003C\u002Fstrong>, placed exactly where you need it — no extra pages, no bloat, no performance impact.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Zero Configuration\u003C\u002Fstrong> — Install, activate, done. Versions appear in your footer immediately.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Surgical Precision\u003C\u002Fstrong> — Only shows WP, PHP, MySQL, and Server versions. No fluff.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Performance First\u003C\u002Fstrong> — Uses native WordPress APIs. Literally zero impact on page load.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Developer Hooks\u003C\u002Fstrong> — Every data point is filterable for custom integrations. See the \u003Ca href=\"https:\u002F\u002Fdocs.versioninfoplugin.com\u002Fadvanced-configuration-hooks-and-filters\" title=\"Version Info developer documentation\" rel=\"nofollow ugc\">developer docs\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>🚀 Core Features (100% Free, Forever)\u003C\u002Fh4>\n\u003Cp>These features will always be free. No bait-and-switch.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>🛠️ \u003Cstrong>Admin Footer Display\u003C\u002Fstrong> — See WordPress, PHP, MySQL, and Web Server versions at the bottom of every admin page. Includes a one-click update link when a new WP version is available.\u003C\u002Fli>\n\u003Cli>🚦 \u003Cstrong>WP-Admin Bar Nodes\u003C\u002Fstrong> — Pin your version stack to the admin bar for instant visibility while navigating between pages, posts, and settings.\u003C\u002Fli>\n\u003Cli>📊 \u003Cstrong>Dashboard Widget\u003C\u002Fstrong> — A dedicated “At a Glance” style widget showing your complete technical stack. Enable it via Screen Options.\u003C\u002Fli>\n\u003Cli>🔄 \u003Cstrong>Core Update Alerts\u003C\u002Fstrong> — Automatically compares your WP version with the latest available and shows an update link right in the footer.\u003C\u002Fli>\n\u003Cli>💻 \u003Cstrong>Server Detection\u003C\u002Fstrong> — Instantly identify Apache, Nginx, LiteSpeed, or any other server software without leaving WordPress.\u003C\u002Fli>\n\u003Cli>🌐 \u003Cstrong>Translation Ready\u003C\u002Fstrong> — Fully localized with translations in 13+ languages including Spanish, German, French, Japanese, Chinese, and more. \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fversion-info\u002F\" title=\"Translate Version Info on WordPress.org\" rel=\"nofollow ugc\">Help translate\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>🔥 PRO Plan — Advanced Site Intelligence\u003C\u002Fh4>\n\u003Cp>Unlock real-time performance monitoring, environment safety, and proactive health checks. Built for developers who take their stack seriously.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fversioninfoplugin.com\u002Fpricing\" title=\"Version Info PRO pricing\" rel=\"nofollow ugc\">Upgrade to PRO \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan>\u003C\u002Fa>\u003C\u002Fstrong> Starting at $19\u002Fyear.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>📈 \u003Cstrong>Real-Time CPU & RAM Monitoring\u003C\u002Fstrong> — See your server’s pulse, live. Visual percentage bars that auto-refresh every 60 seconds via the WordPress Heartbeat API. Cross-platform: uses \u003Ccode>sys_getloadavg()\u003C\u002Fcode> on Linux, COM objects on Windows, and \u003Ccode>\u002Fproc\u002Fmeminfo\u003C\u002Fcode> for system memory. Fully cached with Transients to prevent server strain.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>💾 \u003Cstrong>Database Size Tracking\u003C\u002Fstrong> — Know exactly how bloated your database is before it becomes a problem. Breaks down \u003Ccode>data_length\u003C\u002Fcode> vs. \u003Ccode>index_length\u003C\u002Fcode> for all tables matching your \u003Ccode>$wpdb->prefix\u003C\u002Fcode>. Results cached for 12 hours with a \u003Cstrong>“Scan Now” AJAX button\u003C\u002Fstrong> for on-demand fresh data. Perfect for monitoring WooCommerce database growth during peak sales.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>🚨 \u003Cstrong>Smart Environment Indicators\u003C\u002Fstrong> — Never accidentally run a destructive query on production again. High-visibility color-coded badges in the admin bar: \u003Cstrong>Red\u003C\u002Fstrong> for Production, \u003Cstrong>Orange\u003C\u002Fstrong> for Staging, \u003Cstrong>Green\u003C\u002Fstrong> for Development\u002FLocal. Auto-detects \u003Ccode>WP_ENVIRONMENT_TYPE\u003C\u002Fcode>, Bedrock (\u003Ccode>WP_ENV\u003C\u002Fcode>), Kinsta, WP Engine, Pantheon, Flywheel, and more. Optional: highlight the entire admin bar border to match the environment color.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>📜 \u003Cstrong>Audit Log of Version History\u003C\u002Fstrong> — A persistent timeline tracking every shift in your WordPress core, PHP, MySQL, plugin, and theme versions. Hooks into \u003Ccode>upgrader_process_complete\u003C\u002Fcode> for real-time logging of WordPress updates. Know exactly \u003Cem>when\u003C\u002Fem> and \u003Cem>what\u003C\u002Fem> changed for historical troubleshooting. Limited to the last 50 entries to prevent bloat.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>🛡️ \u003Cstrong>Health Advisor Notifications\u003C\u002Fstrong> — Proactive alerts that predict problems before they happen. Checks your PHP and MySQL versions against known \u003Cstrong>End-of-Life (EOL) dates\u003C\u002Fstrong> and flags critical security risks. Integrates directly with the native \u003Cstrong>WordPress Site Health\u003C\u002Fstrong> screen via \u003Ccode>site_status_tests\u003C\u002Fcode>. Flags PHP \u003C 8.1 as a critical security risk.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>📤 \u003Cstrong>JSON System Info Export\u003C\u002Fstrong> — One-click download of your entire technical stack as a structured JSON file. Includes WordPress config, PHP version + all extensions, database details, active theme, all active plugins with versions, server info, and more. Ideal for attaching to support tickets, sharing with hosting providers, or archiving before migrations.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fdocs.versioninfoplugin.com\u002Fpro-features\" title=\"Version Info PRO documentation\" rel=\"nofollow ugc\">See the full PRO feature documentation \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan>\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>🏛️ Agency Plan — The Command Center for Client Portfolios\u003C\u002Fh4>\n\u003Cp>Everything in PRO, plus enterprise-grade tools for agencies, freelancers, and hosting companies managing multiple sites.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fversioninfoplugin.com\u002Fpricing\" title=\"Version Info Agency pricing\" rel=\"nofollow ugc\">Upgrade to Agency \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan>\u003C\u002Fa>\u003C\u002Fstrong> Starting at $49\u002Fyear.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>🏷️ \u003Cstrong>Full Agency White-Labeling\u003C\u002Fstrong> — Make it \u003Cem>your\u003C\u002Fem> plugin. Replace “Version Info” and “Gaucho Plugins” with your agency’s name everywhere: the plugin list, dashboard widgets, admin bar, footer, and settings page. Hide Freemius-generated Account, Contact, and Support submenus. Uses the \u003Ccode>all_plugins\u003C\u002Fcode> filter for seamless Plugins list rebranding.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>👥 \u003Cstrong>Role-Based Admin Visibility\u003C\u002Fstrong> — Keep it simple for clients. A checkbox matrix lets you control exactly which WordPress user roles can see version information in the admin bar, footer, and dashboard widget. Show everything to administrators, hide everything from editors and shop managers. Default: administrator only.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>🌐 \u003Cstrong>Multi-Site Network Dashboard\u003C\u002Fstrong> — A centralized command center for WordPress Multisite. A dedicated page under \u003Cstrong>Network Admin > Settings\u003C\u002Fstrong> shows a table of every site on the network with columns for site name, URL, WP version, PHP version, MySQL version, and database size. Uses \u003Ccode>switch_to_blog()\u003C\u002Fcode> safely with network transient caching. Capped at 100 sites for performance.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>📧 \u003Cstrong>System Change Email Alerts\u003C\u002Fstrong> — Get notified the \u003Cem>instant\u003C\u002Fem> something changes. Proactive \u003Ccode>wp_mail()\u003C\u002Fcode> notifications the moment a hosting provider changes a PHP version, a WordPress core update completes, or any plugin\u002Ftheme version shifts. Configurable recipient list (comma-separated), per-component toggles, and defaults to the site admin email.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>🔍 \u003Cstrong>PHP Error Log Dashboard\u003C\u002Fstrong> — Debug without FTP or SSH. View the last 100 lines of your \u003Ccode>debug.log\u003C\u002Fcode> (or custom \u003Ccode>error_log\u003C\u002Fcode> path) directly inside WordPress. Uses efficient \u003Ccode>fseek()\u003C\u002Fcode> tail reading — never loads the full log into memory. Sensitive file paths are automatically masked with \u003Ccode>[ABSPATH]\u003C\u002Fcode>. Download the full log as a ZIP file for offline analysis.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fdocs.versioninfoplugin.com\u002Fagency-features\" title=\"Version Info Agency documentation\" rel=\"nofollow ugc\">See the full Agency feature documentation \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan>\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>🎯 Real-World Use Cases\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>“The Support Hero”\u003C\u002Fstrong>\u003Cbr \u002F>\nA client reports a bug. Instead of asking for their login credentials, you ask them to screenshot their admin footer. You instantly know their PHP version, MySQL version, WordPress version, and web server — without ever logging into their site.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>“The WooCommerce Specialist”\u003C\u002Fstrong>\u003Cbr \u002F>\nBlack Friday is coming. You use \u003Cstrong>Database Tracking\u003C\u002Fstrong> to monitor table size growth during the high-traffic event. When \u003Ccode>wp_options\u003C\u002Fcode> grows 300% overnight, you catch the autoloaded transient bloat before it takes down the store.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>“The Agency Owner”\u003C\u002Fstrong>\u003Cbr \u002F>\nYou hand over a beautifully built site to a high-ticket client. With \u003Cstrong>White-Labeling\u003C\u002Fstrong>, the client never sees “Gaucho Plugins” — they see \u003Cem>your\u003C\u002Fem> agency name everywhere. With \u003Cstrong>Role-Based Visibility\u003C\u002Fstrong>, the client’s editors see a clean dashboard without confusing server information.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>“The Safety-First Developer”\u003C\u002Fstrong>\u003Cbr \u002F>\nYou manage staging and production environments for the same client. The bright \u003Cstrong>red “Production” badge\u003C\u002Fstrong> in your admin bar prevents you from ever accidentally running a migration script on the live site. The \u003Cstrong>admin bar highlight\u003C\u002Fstrong> makes the environment unmistakable.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>“The Managed Hosting Reseller”\u003C\u002Fstrong>\u003Cbr \u002F>\nYou run 40 sites on a Multisite installation. The \u003Cstrong>Network Dashboard\u003C\u002Fstrong> gives you a single page showing WP, PHP, and MySQL versions across every site — perfect for planning bulk upgrades. When a host updates PHP overnight, the \u003Cstrong>Email Alert\u003C\u002Fstrong> hits your inbox before the first support ticket arrives.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>“The Remote Debugger”\u003C\u002Fstrong>\u003Cbr \u002F>\nA client’s site throws a white screen. You open the \u003Cstrong>Error Log Dashboard\u003C\u002Fstrong> directly in wp-admin — no FTP client, no SSH terminal. The last 100 lines show a fatal error from a plugin update. The \u003Cstrong>Version History\u003C\u002Fstrong> tab confirms the plugin updated 10 minutes ago. Root cause found in under 60 seconds.\u003C\u002Fp>\n\u003Ch4>⚡ Performance & Architecture\u003C\u002Fh4>\n\u003Cp>Version Info is built with performance as the #1 priority:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Transients API\u003C\u002Fstrong> — All resource-heavy metrics (CPU, RAM, DB size) are cached. CPU\u002FRAM uses 60-second TTL; database size uses 12-hour TTL.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Heartbeat API\u003C\u002Fstrong> — Live resource updates use the native WordPress Heartbeat, ensuring data refreshes only when the admin page is active.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Provider Pattern\u003C\u002Fstrong> — A \u003Ccode>ProviderInterface\u003C\u002Fcode> abstracts all detection logic, making it trivial to add custom providers for AWS, Kinsta, or any host-specific API.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hook-First Architecture\u003C\u002Fstrong> — Every data point fires a WordPress filter (\u003Ccode>version_info_wp_version\u003C\u002Fcode>, \u003Ccode>version_info_php_version\u003C\u002Fcode>, etc.) and every render point fires an action. Extend anything without editing core files. See the \u003Ca href=\"https:\u002F\u002Fdocs.versioninfoplugin.com\u002Fadvanced-configuration-hooks-and-filters\" title=\"Version Info hooks reference\" rel=\"nofollow ugc\">hooks reference\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Strict Typing\u003C\u002Fstrong> — Every file uses \u003Ccode>declare(strict_types=1)\u003C\u002Fcode> and PHP 8.1+ typed properties for maximum reliability.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WordPress Coding Standards\u003C\u002Fstrong> — Follows WPCS, uses proper escaping, nonce verification, capability checks, and prepared SQL queries throughout.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>🌍 Works With Your Stack\u003C\u002Fh4>\n\u003Cp>Version Info auto-detects and works seamlessly with:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Hosts:\u003C\u002Fstrong> Kinsta, WP Engine, Pantheon, Flywheel, Cloudways, SiteGround, and any standard LAMP\u002FLEMP host\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Environments:\u003C\u002Fstrong> Bedrock, Trellis, Local by Flywheel, MAMP, WAMP, Docker, DevKinsta\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Servers:\u003C\u002Fstrong> Apache, Nginx, LiteSpeed, OpenLiteSpeed, IIS\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multisite:\u003C\u002Fstrong> Full network-level support with dedicated Network Admin page (Agency)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Translations:\u003C\u002Fstrong> 13+ languages with full RTL support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>📣 What WordPress Professionals Are Saying\u003C\u002Fh4>\n\u003Cblockquote>\n\u003Cp>“I install this on every client site. It saves me at least 5 minutes per support ticket.” — ★★★★★\u003C\u002Fp>\n\u003Cp>“The environment badges alone are worth the upgrade. I’ll never accidentally nuke production again.” — ★★★★★\u003C\u002Fp>\n\u003Cp>“Finally, a server info plugin that isn’t bloated with stuff I don’t need.” — ★★★★★\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fversion-info\u002Freviews\u002F?filter=5\" title=\"Version Info 5-star reviews\" rel=\"ugc\">Read more reviews \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan>\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>🔗 Resources & Links\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fversioninfoplugin.com\u002F\" title=\"Visit the Version Info website\" rel=\"nofollow ugc\">Version Info Website\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fdocs.versioninfoplugin.com\u002F\" title=\"Version Info documentation\" rel=\"nofollow ugc\">Documentation & Guides\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fversioninfoplugin.com\u002Fpricing\" title=\"Version Info pricing\" rel=\"nofollow ugc\">PRO & Agency Pricing\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fdocs.versioninfoplugin.com\u002Fadvanced-configuration-hooks-and-filters\" title=\"Version Info hooks reference\" rel=\"nofollow ugc\">Developer Hooks Reference\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fversion-info\u002F\" title=\"Version Info support\" rel=\"ugc\">Support Forum\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fversion-info\u002F\" title=\"Translate on WordPress.org\" rel=\"nofollow ugc\">Translate Version Info\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fgauchoplugins.com\" title=\"Gaucho Plugins\" rel=\"nofollow ugc\">Gaucho Plugins Portfolio\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n","The #1 technical dashboard for WordPress professionals. Display PHP, MySQL, WP & server versions anywhere in admin. Monitor CPU, RAM, DB size &amp &hellip;",10000,120467,14,"2026-02-22T07:10:00.000Z","5.5","8.1",[115,116,117,118,21],"developer-tools","mysql-version","php-version","server-info","https:\u002F\u002Fversioninfoplugin.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fversion-info.2.0.0.zip",{"slug":122,"name":123,"version":124,"author":125,"author_profile":126,"description":127,"short_description":128,"active_installs":108,"downloaded":129,"rating":24,"num_ratings":46,"last_updated":130,"tested_up_to":16,"requires_at_least":131,"requires_php":70,"tags":132,"homepage":135,"download_link":136,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"wpvulnerability","WPVulnerability","4.3.1","Javier Casares","https:\u002F\u002Fprofiles.wordpress.org\u002Fjaviercasares\u002F","\u003Cp>This plugin integrates with the WPVulnerability API to provide real-time vulnerability assessments for your WordPress core, plugins, themes, PHP version, Apache HTTPD, nginx, MariaDB, MySQL, ImageMagick, curl, memcached, Redis, and SQLite.\u003C\u002Fp>\n\u003Cp>It delivers detailed reports directly within your WordPress dashboard, helping you stay aware of potential security risks. Configure the plugin to send periodic notifications about your site’s security status, ensuring you remain informed without being overwhelmed. Designed for ease of use, it supports proactive security measures without storing or retrieving any personal data from your site.\u003C\u002Fp>\n\u003Ch4>Data reliability\u003C\u002Fh4>\n\u003Cp>The information provided by the information database comes from different sources that have been reviewed by third parties. There is no liability of any kind for the information. Act at your own risk.\u003C\u002Fp>\n\u003Ch3>Using the plugin\u003C\u002Fh3>\n\u003Ch4>WP-CLI\u003C\u002Fh4>\n\u003Cp>You can use the following WP-CLI commands to manage and check vulnerabilities:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Core: \u003Ccode>wp wpvulnerability core\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Plugins: \u003Ccode>wp wpvulnerability plugins\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Themes: \u003Ccode>wp wpvulnerability themes\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>PHP: \u003Ccode>wp wpvulnerability php\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Apache HTTPD: \u003Ccode>wp wpvulnerability apache\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>nginx: \u003Ccode>wp wpvulnerability nginx\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>MariaDB: \u003Ccode>wp wpvulnerability mariadb\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>MySQL: \u003Ccode>wp wpvulnerability mysql\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>ImageMagick: \u003Ccode>wp wpvulnerability imagemagick\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>curl: \u003Ccode>wp wpvulnerability curl\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>memcached: \u003Ccode>wp wpvulnerability memcached\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Redis: \u003Ccode>wp wpvulnerability redis\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>SQLite: \u003Ccode>wp wpvulnerability sqlite\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>To configure the plugin you can use:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Hide component: \u003Ccode>wp wpvulnerability config hide \u003Ccomponent> [on|off]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Notification email: \u003Ccode>wp wpvulnerability config email \u003Cemails>\u003C\u002Fcode> (comma separatted)\u003C\u002Fli>\n\u003Cli>Notification period: \u003Ccode>wp wpvulnerability config period \u003Cnever|daily|weekly>\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Log retention: \u003Ccode>wp wpvulnerability config log-retention \u003C0|1|7|14|28>\u003C\u002Fcode> (in days)\u003C\u002Fli>\n\u003Cli>Cache duration: \u003Ccode>wp wpvulnerability config cache \u003C1|6|12|24>\u003C\u002Fcode> (in hours)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>All commands support the \u003Ccode>--format\u003C\u002Fcode> option to specify the output format:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>--format=table\u003C\u002Fcode>: Displays the results in a table format (default).\u003C\u002Fli>\n\u003Cli>\u003Ccode>--format=json\u003C\u002Fcode>: Displays the results in JSON format.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Need help?\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>wp wpvulnerability --help\u003C\u002Fcode>: Displays help information for WPVulnerability commands.\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp wpvulnerability [command] --help\u003C\u002Fcode>: Displays help information for a WPVulnerability command.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>REST API\u003C\u002Fh4>\n\u003Cp>The WPVulnerability plugin provides several \u003Cstrong>REST API endpoints\u003C\u002Fstrong> to fetch vulnerability information for different components of your WordPress site.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Core: \u003Ccode>\u002Fwpvulnerability\u002Fv1\u002Fcore\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Plugins: \u003Ccode>\u002Fwpvulnerability\u002Fv1\u002Fplugins\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Themes: \u003Ccode>\u002Fwpvulnerability\u002Fv1\u002Fthemes\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>PHP: \u003Ccode>\u002Fwpvulnerability\u002Fv1\u002Fphp\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Apache HTTPD: \u003Ccode>\u002Fwpvulnerability\u002Fv1\u002Fapache\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>nginx: \u003Ccode>\u002Fwpvulnerability\u002Fv1\u002Fnginx\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>MariaDB: \u003Ccode>\u002Fwpvulnerability\u002Fv1\u002Fmariadb\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>MySQL: \u003Ccode>\u002Fwpvulnerability\u002Fv1\u002Fmysql\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>ImageMagick: \u003Ccode>\u002Fwpvulnerability\u002Fv1\u002Fimagemagick\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>curl: \u003Ccode>\u002Fwpvulnerability\u002Fv1\u002Fcurl\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>memcached: \u003Ccode>\u002Fwpvulnerability\u002Fv1\u002Fmemcached\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Redis: \u003Ccode>\u002Fwpvulnerability\u002Fv1\u002Fredis\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>SQLite: \u003Ccode>\u002Fwpvulnerability\u002Fv1\u002Fsqlite\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The WPVulnerability REST API uses \u003Cstrong>Application Passwords\u003C\u002Fstrong> for authentication. You need to include a valid Application Password in the Authorization header of your requests.\u003C\u002Fp>\n\u003Cp>Example Request with Authentication\u003C\u002Fp>\n\u003Cpre>\u003Ccode>curl -X GET https:\u002F\u002Fexample.com\u002Fwp-json\u002Fwpvulnerability\u002Fv1\u002Fplugins -u username:application_password\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Replace username with your WordPress \u003Ccode>username\u003C\u002Fcode> and \u003Ccode>application_password\u003C\u002Fcode> with your \u003Ca href=\"https:\u002F\u002Fmake.wordpress.org\u002Fcore\u002F2020\u002F11\u002F05\u002Fapplication-passwords-integration-guide\u002F\" rel=\"nofollow ugc\">Application Password\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Extra Configurations\u003C\u002Fh3>\n\u003Ch4>“From:” mail (since: 3.2.2)\u003C\u002Fh4>\n\u003Cp>If, for some reason, you need the emails sent by the plugin to have a From different from the site administrator, you can change it from the \u003Ccode>wp-config.php\u003C\u002Fcode> by adding a constant:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define( 'WPVULNERABILITY_MAIL', 'sender@example.com' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>If the constant is active, it will be visible in the configuration screen.\u003C\u002Fp>\n\u003Ch4>Force hiding checks (since: 4.1.0)\u003C\u002Fh4>\n\u003Cp>If you want to always hide a specific component, you can define a constant in \u003Ccode>wp-config.php\u003C\u002Fcode>. When set to \u003Ccode>true\u003C\u002Fcode>, the option will be checked automatically in the settings screen and the related analysis will be skipped.\u003C\u002Fp>\n\u003Cp>Example:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define( 'WPVULNERABILITY_HIDE_APACHE', true );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Available constants: \u003Ccode>WPVULNERABILITY_HIDE_CORE\u003C\u002Fcode>, \u003Ccode>WPVULNERABILITY_HIDE_PLUGINS\u003C\u002Fcode>, \u003Ccode>WPVULNERABILITY_HIDE_THEMES\u003C\u002Fcode>, \u003Ccode>WPVULNERABILITY_HIDE_PHP\u003C\u002Fcode>, \u003Ccode>WPVULNERABILITY_HIDE_APACHE\u003C\u002Fcode>, \u003Ccode>WPVULNERABILITY_HIDE_NGINX\u003C\u002Fcode>, \u003Ccode>WPVULNERABILITY_HIDE_MARIADB\u003C\u002Fcode>, \u003Ccode>WPVULNERABILITY_HIDE_MYSQL\u003C\u002Fcode>, \u003Ccode>WPVULNERABILITY_HIDE_IMAGEMAGICK\u003C\u002Fcode>, \u003Ccode>WPVULNERABILITY_HIDE_CURL\u003C\u002Fcode>, \u003Ccode>WPVULNERABILITY_HIDE_MEMCACHED\u003C\u002Fcode>, \u003Ccode>WPVULNERABILITY_HIDE_REDIS\u003C\u002Fcode>, \u003Ccode>WPVULNERABILITY_HIDE_SQLITE\u003C\u002Fcode>.\u003C\u002Fp>\n\u003Ch4>Cache duration (since: 4.1.0)\u003C\u002Fh4>\n\u003Cp>By default, data from the API is cached for 12 hours. To change this, define \u003Ccode>WPVULNERABILITY_CACHE_HOURS\u003C\u002Fcode> in \u003Ccode>wp-config.php\u003C\u002Fcode> with one of \u003Ccode>1\u003C\u002Fcode>, \u003Ccode>6\u003C\u002Fcode>, \u003Ccode>12\u003C\u002Fcode> or \u003Ccode>24\u003C\u002Fcode>. This value overrides the setting screen and WP-CLI command.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define( 'WPVULNERABILITY_CACHE_HOURS', 24 );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Log rotation (since: 4.2.0)\u003C\u002Fh4>\n\u003Cp>WPVulnerability stores the most recent API responses so you can review recent calls from the new log tab. Define \u003Ccode>WPVULNERABILITY_LOG_RETENTION_DAYS\u003C\u002Fcode> in \u003Ccode>wp-config.php\u003C\u002Fcode> to control how many days of entries are preserved. Supported values are \u003Ccode>0\u003C\u002Fcode>, \u003Ccode>1\u003C\u002Fcode>, \u003Ccode>7\u003C\u002Fcode>, \u003Ccode>14\u003C\u002Fcode> or \u003Ccode>28\u003C\u002Fcode>; using \u003Ccode>0\u003C\u002Fcode> disables logging entirely.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define( 'WPVULNERABILITY_LOG_RETENTION_DAYS', 14 );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>When the constant is present its value is enforced in the settings UI and through WP-CLI, ensuring consistent log rotation across environments.\u003C\u002Fp>\n\u003Ch4>Security configuration (since: 4.3.0)\u003C\u002Fh4>\n\u003Cp>WPVulnerability uses a hybrid detection approach for server software (ImageMagick, Redis, Memcached, SQLite): PHP extensions first (most secure), then shell commands as fallback (most accurate). You can control this behavior using security configuration constants in \u003Ccode>wp-config.php\u003C\u002Fcode>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Global disable of shell commands:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define( 'WPVULNERABILITY_DISABLE_SHELL_EXEC', true );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Completely disables shell command usage. Falls back to PHP extensions only. Use for maximum security when accuracy loss is acceptable.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Security mode (standard\u002Fstrict\u002Fdisabled):\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define( 'WPVULNERABILITY_SECURITY_MODE', 'strict' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cul>\n\u003Cli>\u003Ccode>standard\u003C\u002Fcode> – Hybrid detection: PHP extensions first, shell commands fallback (default, best accuracy)\u003C\u002Fli>\n\u003Cli>\u003Ccode>strict\u003C\u002Fcode> – PHP extensions only, no shell commands (high security, lower accuracy)\u003C\u002Fli>\n\u003Cli>\u003Ccode>disabled\u003C\u002Fcode> – No software detection at all (maximum security)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Component whitelist:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define( 'WPVULNERABILITY_SHELL_EXEC_WHITELIST', 'imagemagick,redis' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Allows shell commands only for specified components. Available components: \u003Ccode>imagemagick\u003C\u002Fcode>, \u003Ccode>redis\u003C\u002Fcode>, \u003Ccode>memcached\u003C\u002Fcode>, \u003Ccode>sqlite\u003C\u002Fcode>. Use for granular control.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Examples:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Maximum security (no shell commands):\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define( 'WPVULNERABILITY_SECURITY_MODE', 'strict' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Only allow ImageMagick shell detection:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define( 'WPVULNERABILITY_SHELL_EXEC_WHITELIST', 'imagemagick' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Complete disable:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define( 'WPVULNERABILITY_DISABLE_SHELL_EXEC', true );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>All shell commands are hardcoded and validated – no user input is involved. Commands are logged for security auditing.\u003C\u002Fp>\n\u003Ch3>Compatibility\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>WordPress: 4.7 – 6.9\u003C\u002Fli>\n\u003Cli>PHP: 5.6 – 8.5\u003C\u002Fli>\n\u003Cli>WP-CLI: 2.3.0 – 2.11.0\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Security\u003C\u002Fh3>\n\u003Cp>This plugin adheres to the following security measures and review protocols for each version:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdeveloper.wordpress.org\u002Fplugins\u002F\" rel=\"nofollow ugc\">WordPress Plugin Handbook\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdeveloper.wordpress.org\u002Fplugins\u002Fwordpress-org\u002Fplugin-security\u002F\" rel=\"nofollow ugc\">WordPress Plugin Security\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdeveloper.wordpress.org\u002Fapis\u002Fsecurity\u002F\" rel=\"nofollow ugc\">WordPress APIs Security\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FWordPress\u002FWordPress-Coding-Standards\" rel=\"nofollow ugc\">WordPress Coding Standards\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fplugin-check\u002F\" rel=\"ugc\">Plugin Check (PCP)\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Privacy\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>This plugin or the WordPress Vulnerability Database API does not collect any information about your site, your identity, the plugins, themes or content the site has.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Vulnerabilities\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>A security vulnerability was found and fixed in version 4.2.2.1. All previous versions (3.3.0 – 4.2.1) are affected. Please update to version 4.2.2.1 or later.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Found a security vulnerability? Please report it to us privately at the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fjaviercasares\u002Fwpvulnerability\u002Fsecurity\u002Fadvisories\u002Fnew\" rel=\"nofollow ugc\">WPVulnerability GitHub repository\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Contributors\u003C\u002Fh3>\n\u003Cp>You can contribute to this plugin at the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fjaviercasares\u002Fwpvulnerability\" rel=\"nofollow ugc\">WPVulnerability GitHub repository\u003C\u002Fa>.\u003C\u002Fp>\n","Get WordPress vulnerability alerts from the WPVulnerability Database API.",527094,"2026-01-20T15:01:00.000Z","4.7",[133,21,134],"security","vulnerability","https:\u002F\u002Fwww.wpvulnerability.com\u002Fplugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpvulnerability.4.3.1.zip",{"attackSurface":138,"codeSignals":150,"taintFlows":185,"riskAssessment":214,"analyzedAt":227},{"hooks":139,"ajaxHandlers":146,"restRoutes":147,"shortcodes":148,"cronEvents":149,"entryPointCount":25,"unprotectedCount":25},[140],{"type":141,"name":142,"callback":143,"file":144,"line":145},"action","wp_mail_failed","mail_failed","SiteHealthTools\\class-mail-check.php",55,[],[],[],[],{"dangerousFunctions":151,"sqlUsage":152,"outputEscaping":161,"fileOperations":162,"externalRequests":25,"nonceChecks":25,"capabilityChecks":25,"bundledLibraries":184},[],{"prepared":25,"raw":14,"locations":153},[154,158],{"file":155,"line":156,"context":157},"SiteHealthTools\\class-transients.php",38,"$wpdb->query() with variable interpolation",{"file":155,"line":159,"context":160},56,"$wpdb->get_results() with variable interpolation",{"escaped":162,"rawEcho":163,"locations":164},4,9,[165,168,171,173,175,177,179,180,183],{"file":144,"line":166,"context":167},147,"raw output",{"file":169,"line":170,"context":167},"SiteHealthTools\\class-site-health-tool.php",58,{"file":155,"line":172,"context":167},59,{"file":155,"line":174,"context":167},63,{"file":155,"line":176,"context":167},79,{"file":178,"line":170,"context":167},"templates\\phpinfo.php",{"file":178,"line":174,"context":167},{"file":181,"line":182,"context":167},"templates\\tools.php",52,{"file":181,"line":172,"context":167},[],[186,206],{"entryPoint":187,"graph":188,"unsanitizedCount":25,"severity":205},"view_file_diff (SiteHealthTools\\class-files-integrity.php:233)",{"nodes":189,"edges":202},[190,196],{"id":191,"type":192,"label":193,"file":194,"line":195},"n0","source","$_POST","SiteHealthTools\\class-files-integrity.php",245,{"id":197,"type":198,"label":199,"file":194,"line":200,"wp_function":201},"n1","sink","file_get_contents() [SSRF\u002FLFI]",257,"file_get_contents",[203],{"from":191,"to":197,"sanitized":204},true,"low",{"entryPoint":207,"graph":208,"unsanitizedCount":25,"severity":205},"\u003Cclass-files-integrity> (SiteHealthTools\\class-files-integrity.php:0)",{"nodes":209,"edges":212},[210,211],{"id":191,"type":192,"label":193,"file":194,"line":195},{"id":197,"type":198,"label":199,"file":194,"line":200,"wp_function":201},[213],{"from":191,"to":197,"sanitized":204},{"summary":215,"deductions":216},"The 'site-health-tools' plugin v1.0.1 exhibits a very limited attack surface with no apparent direct entry points exposed to unauthenticated users. This is a positive sign for its security posture. The static analysis did not reveal any critical or high-severity issues in taint analysis, suggesting that data sanitization and path handling are robust. Furthermore, the plugin has no recorded vulnerability history, which is excellent and indicates a stable and secure track record.",[217,220,223,225],{"reason":218,"points":219},"SQL queries without prepared statements",10,{"reason":221,"points":222},"Low percentage of properly escaped output",8,{"reason":224,"points":31},"No nonce checks implemented",{"reason":226,"points":31},"No capability checks implemented","2026-03-16T20:19:05.287Z",{"wat":229,"direct":238},{"assetPaths":230,"generatorPatterns":233,"scriptPaths":234,"versionParams":235},[231,232],"\u002Fwp-content\u002Fplugins\u002Fsite-health-tools\u002Fbuild\u002Fsite-health-tools.css","\u002Fwp-content\u002Fplugins\u002Fsite-health-tools\u002Fbuild\u002Fsite-health-tools.js",[],[232],[236,237],"site-health-tools\u002Fbuild\u002Fsite-health-tools.css?ver=","site-health-tools\u002Fbuild\u002Fsite-health-tools.js?ver=",{"cssClasses":239,"htmlComments":242,"htmlAttributes":243,"restEndpoints":247,"jsGlobals":249,"shortcodeOutput":251},[240,241],"site-health-tool-plugin-compat-list","supported-version",[],[244,245,246],"data-plugin-slug","data-plugin-version","data-plugin-checked",[248],"\u002Fwp-json\u002Fsite-health-tools\u002Fv1\u002Fplugin-compat",[250],"SiteHealthTools",[]]