Does Easy Updates Manager have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Easy Updates Manager compatible with WordPress 7.0?

According to WordPress.org data, Easy Updates Manager 9.0.20 has been tested up to WordPress 7.0. Check the plugin's changelog for the latest compatibility information.

Is Easy Updates Manager compatible with PHP 5.6+?

Easy Updates Manager requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Easy Updates Manager updated?

Easy Updates Manager was last updated on Mar 25, 2026. Frequent updates are generally a positive security signal.

What is Easy Updates Manager's security score?

Easy Updates Manager has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Easy Updates Manager Security & Risk Analysis

wordpress.org/plugins/stops-core-theme-and-plugin-updates

Manage all your WordPress updates, including individual updates, automatic updates, logs, and loads more. This also works very well with WordPress Mul …

300K active installs v9.0.20 PHP 5.6+ WP 5.1+ Updated Mar 25, 2026

disable-updatesdisable-updates-managereasy-updates-managerupdate-controlupdates-manager

A · Safe

CVEs total1

Unpatched0

Last CVEMar 28, 2019

Plugin page Download

Safety Verdict

Is Easy Updates Manager Safe to Use in 2026?

Generally Safe

Score 100/100

Easy Updates Manager has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

1 known CVELast CVE: Mar 28, 2019Updated 1mo ago

Risk Assessment

The "stops-core-theme-and-plugin-updates" plugin exhibits a generally good security posture, demonstrating strong adherence to many WordPress security best practices. The extensive use of prepared statements for SQL queries (94%) and proper output escaping (85%) are positive indicators. Furthermore, the plugin shows a robust implementation of capability checks (81) and nonce checks (6), suggesting a well-thought-out approach to access control and request verification.

However, the static analysis did reveal some areas of concern. The presence of a "dangerous function" like `unserialize` warrants caution, as improper handling of serialized data can lead to serious vulnerabilities. The taint analysis also identified a high-severity flow with unsanitized paths, which could potentially be exploited if not carefully handled. While the plugin has a history of only one medium-severity CVE in 2019, which is now patched, the existence of this vulnerability, combined with the identified `unserialize` function and unsanitized paths, suggests that developers should remain vigilant.

In conclusion, the plugin is generally well-secured with strong foundational practices. The primary risks lie in the potential misuse of `unserialize` and the identified unsanitized paths. While the vulnerability history is currently clean, these specific code signals suggest areas where further scrutiny and potential remediation might be beneficial to maintain a high level of security.

Key Concerns

Dangerous function unserialize found
High severity taint flow found

Vulnerabilities

1 published

Easy Updates Manager Security Vulnerabilities

CVEs by Year

1 CVE in 2019

2019

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2019-15650medium · 4.3Improper Authorization

Stops Core Theme And Plugin Updates <= 8.0.4 - Insufficient Restrictions on Option Changes

Mar 28, 2019 Patched in 8.0.5 (1762d)

Version History

Easy Updates Manager Release Timeline

v9.0.20Current47 files changed

v9.0.1911 files changed

v9.0.1831 files changed

v9.0.1714 files changed

v9.0.1614 files changed

v9.0.1521 files changed

v9.0.1437 files changed

v9.0.1319 files changed

v9.0.1211 files changed

v9.0.1112 files changed

v9.0.1013 files changed

v9.0.917 files changed

v9.0.811 files changed

v9.0.745 files changed

v9.0.63 files changed

v9.0.511 files changed

v9.0.312 files changed

v9.0.15 files changed

v9.0.021 files changed

v8.2.0

Code Analysis

Analyzed Mar 16, 2026

Easy Updates Manager Code Analysis

Dangerous Functions

Raw SQL Queries

33 prepared

Unescaped Output

300 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$result = unserialize($serialized_data); // For PHP 5.2 users, the search-replace feature has been rmain.php:229

SQL Query Safety

94% prepared35 total queries

Output Escaping

85% escaped351 total outputs

Data Flows · Security

2 unsanitized

Data Flow Analysis

5 flows2 with unsanitized paths

search_box (includes\MPSUM_List_Table.php:340)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Easy Updates Manager Attack Surface

Entry Points3

Unprotected0

AJAX Handlers 3

authwp_ajax_eum_axios_ajaxincludes\MPSUM_Admin_Ajax.php:41

authwp_ajax_eum_ajaxincludes\MPSUM_Admin_Ajax.php:42

authwp_ajax_easy_updates_manager_ajaxmain.php:152

WordPress Hooks 171

actioninitincludes\MPSUM_Admin.php:63

filterset-screen-optionincludes\MPSUM_Admin.php:64

actionnetwork_admin_menuincludes\MPSUM_Admin.php:131

actionwp_before_admin_bar_renderincludes\MPSUM_Admin.php:132

actionadmin_menuincludes\MPSUM_Admin.php:134

actionadmin_bar_menuincludes\MPSUM_Admin.php:136

actionadmin_headincludes\MPSUM_Admin.php:139

actionadmin_enqueue_scriptsincludes\MPSUM_Admin.php:580

actionadmin_enqueue_scriptsincludes\MPSUM_Admin.php:597

actionmpsum_admin_tab_advancedincludes\MPSUM_Admin_Advanced.php:49

actioneum_advanced_headingsincludes\MPSUM_Admin_Advanced_Preview.php:15

actioneum_advanced_settingsincludes\MPSUM_Admin_Advanced_Preview.php:16

filterautomatic_updater_disabledincludes\MPSUM_Admin_Ajax.php:1007

filterfile_mod_allowedincludes\MPSUM_Admin_Ajax.php:1008

filterauto_update_coreincludes\MPSUM_Admin_Ajax.php:1009

filterauto_update_pluginincludes\MPSUM_Admin_Ajax.php:1010

filterauto_update_themeincludes\MPSUM_Admin_Ajax.php:1011

filterauto_update_translationincludes\MPSUM_Admin_Ajax.php:1012

filterasync_update_translationincludes\MPSUM_Admin_Ajax.php:1013

filterupdraftplus_boot_backupincludes\MPSUM_Admin_Ajax.php:1034

filterwp_doing_cronincludes\MPSUM_Admin_Ajax.php:1061

actioneum_advanced_headingsincludes\MPSUM_Admin_Bar.php:17

actioneum_advanced_settingsincludes\MPSUM_Admin_Bar.php:18

filtereum_i18nincludes\MPSUM_Admin_Bar.php:19

actionmpsum_admin_tab_mainincludes\MPSUM_Admin_Core.php:41

actionadmin_initincludes\MPSUM_Admin_Core.php:42

actionmpsum_admin_tab_dashboardincludes\MPSUM_Admin_Dashboard.php:42

actionmpsum_admin_tab_logsincludes\MPSUM_Admin_Logs.php:42

actionmpsum_admin_tab_pluginsincludes\MPSUM_Admin_Plugins.php:43

actionmpsum_admin_tab_themesincludes\MPSUM_Admin_Themes.php:43

actionmpsum_admin_tab_premiumincludes\MPSUM_Advanced_Premium.php:17

filterupdate_footerincludes\MPSUM_Disable_Updates.php:49

actionwp_dashboard_setupincludes\MPSUM_Disable_Updates.php:54

actionwp_network_dashboard_setupincludes\MPSUM_Disable_Updates.php:55

actionwp_update_pluginsincludes\MPSUM_Disable_Updates.php:59

filterautomatic_updater_disabledincludes\MPSUM_Disable_Updates.php:66

filterfile_mod_allowedincludes\MPSUM_Disable_Updates.php:67

filterallow_dev_auto_core_updatesincludes\MPSUM_Disable_Updates.php:82

filterallow_major_auto_core_updatesincludes\MPSUM_Disable_Updates.php:85

filterallow_minor_auto_core_updatesincludes\MPSUM_Disable_Updates.php:88

filterauto_update_coreincludes\MPSUM_Disable_Updates.php:91

filterauto_update_translationincludes\MPSUM_Disable_Updates.php:115

filterasync_update_translationincludes\MPSUM_Disable_Updates.php:116

filterauto_update_translationincludes\MPSUM_Disable_Updates.php:121

filterasync_update_translationincludes\MPSUM_Disable_Updates.php:122

filtersend_update_notification_emailincludes\MPSUM_Disable_Updates.php:127

filtersend_update_notification_emailincludes\MPSUM_Disable_Updates.php:130

filtersend_update_notification_emailincludes\MPSUM_Disable_Updates.php:133

filterauto_update_pluginincludes\MPSUM_Disable_Updates.php:139

filterauto_update_pluginincludes\MPSUM_Disable_Updates.php:141

filterauto_update_pluginincludes\MPSUM_Disable_Updates.php:143

filterauto_update_pluginincludes\MPSUM_Disable_Updates.php:145

filterauto_update_pluginincludes\MPSUM_Disable_Updates.php:149

filterauto_update_themeincludes\MPSUM_Disable_Updates.php:155

filterauto_update_themeincludes\MPSUM_Disable_Updates.php:157

filterauto_update_themeincludes\MPSUM_Disable_Updates.php:159

filterauto_update_themeincludes\MPSUM_Disable_Updates.php:161

filterauto_update_themeincludes\MPSUM_Disable_Updates.php:164

filtersite_transient_update_pluginsincludes\MPSUM_Disable_Updates.php:169

filtersite_transient_update_themesincludes\MPSUM_Disable_Updates.php:170

filterhttp_request_argsincludes\MPSUM_Disable_Updates.php:171

actionadmin_initincludes\MPSUM_Disable_Updates_All.php:20

filterpre_transient_update_themesincludes\MPSUM_Disable_Updates_All.php:26

filterpre_site_transient_update_themesincludes\MPSUM_Disable_Updates_All.php:31

actionpre_transient_update_pluginsincludes\MPSUM_Disable_Updates_All.php:37

filterpre_site_transient_update_pluginsincludes\MPSUM_Disable_Updates_All.php:42

filterpre_transient_update_coreincludes\MPSUM_Disable_Updates_All.php:48

filterpre_site_transient_update_coreincludes\MPSUM_Disable_Updates_All.php:53

filterauto_update_translationincludes\MPSUM_Disable_Updates_All.php:62

filterasync_update_translationincludes\MPSUM_Disable_Updates_All.php:63

filterautomatic_updater_disabledincludes\MPSUM_Disable_Updates_All.php:64

filterallow_minor_auto_core_updatesincludes\MPSUM_Disable_Updates_All.php:65

filterallow_major_auto_core_updatesincludes\MPSUM_Disable_Updates_All.php:66

filterallow_dev_auto_core_updatesincludes\MPSUM_Disable_Updates_All.php:67

filterauto_update_coreincludes\MPSUM_Disable_Updates_All.php:68

filterwp_auto_update_coreincludes\MPSUM_Disable_Updates_All.php:69

filterauto_core_update_send_emailincludes\MPSUM_Disable_Updates_All.php:70

filtersend_core_update_notification_emailincludes\MPSUM_Disable_Updates_All.php:71

filterauto_update_pluginincludes\MPSUM_Disable_Updates_All.php:72

filterauto_update_themeincludes\MPSUM_Disable_Updates_All.php:73

filterautomatic_updates_send_debug_emailincludes\MPSUM_Disable_Updates_All.php:74

actionadmin_initincludes\MPSUM_Disable_Updates_Plugins.php:21

actionpre_transient_update_pluginsincludes\MPSUM_Disable_Updates_Plugins.php:27

filterpre_site_transient_update_pluginsincludes\MPSUM_Disable_Updates_Plugins.php:32

filterauto_update_pluginincludes\MPSUM_Disable_Updates_Plugins.php:37

actionupgrader_process_completeincludes\MPSUM_Disable_Updates_Plugins.php:64

actionpre_transient_update_pluginsincludes\MPSUM_Disable_Updates_Plugins.php:103

filterpre_site_transient_update_pluginsincludes\MPSUM_Disable_Updates_Plugins.php:104

actionadmin_initincludes\MPSUM_Disable_Updates_Themes.php:18

filterpre_transient_update_themesincludes\MPSUM_Disable_Updates_Themes.php:25

filterpre_site_transient_update_themesincludes\MPSUM_Disable_Updates_Themes.php:30

filterauto_update_themeincludes\MPSUM_Disable_Updates_Themes.php:38

actionupgrader_process_completeincludes\MPSUM_Disable_Updates_Themes.php:65

actionpre_transient_update_themesincludes\MPSUM_Disable_Updates_Themes.php:103

filterpre_site_transient_update_themesincludes\MPSUM_Disable_Updates_Themes.php:104

filterauto_update_translationincludes\MPSUM_Disable_Updates_Translations.php:24

filterasync_update_translationincludes\MPSUM_Disable_Updates_Translations.php:25

filterpre_transient_update_themesincludes\MPSUM_Disable_Updates_Translations.php:31

filterpre_site_transient_update_themesincludes\MPSUM_Disable_Updates_Translations.php:36

actionpre_transient_update_pluginsincludes\MPSUM_Disable_Updates_Translations.php:43

filterpre_site_transient_update_pluginsincludes\MPSUM_Disable_Updates_Translations.php:48

filterpre_transient_update_coreincludes\MPSUM_Disable_Updates_Translations.php:55

filterpre_site_transient_update_coreincludes\MPSUM_Disable_Updates_Translations.php:60

filterpre_transient_update_themesincludes\MPSUM_Disable_Updates_Translations.php:82

filterpre_site_transient_update_themesincludes\MPSUM_Disable_Updates_Translations.php:83

filterpre_transient_update_pluginsincludes\MPSUM_Disable_Updates_Translations.php:84

filterpre_site_transient_update_pluginsincludes\MPSUM_Disable_Updates_Translations.php:85

filterpre_transient_update_coreincludes\MPSUM_Disable_Updates_Translations.php:86

filterpre_site_transient_update_coreincludes\MPSUM_Disable_Updates_Translations.php:87

actionadmin_initincludes\MPSUM_Disable_Updates_WordPress.php:18

filterpre_transient_update_coreincludes\MPSUM_Disable_Updates_WordPress.php:25

filterpre_site_transient_update_coreincludes\MPSUM_Disable_Updates_WordPress.php:30

filterallow_minor_auto_core_updatesincludes\MPSUM_Disable_Updates_WordPress.php:39

filterallow_major_auto_core_updatesincludes\MPSUM_Disable_Updates_WordPress.php:40

filterallow_dev_auto_core_updatesincludes\MPSUM_Disable_Updates_WordPress.php:41

filterauto_update_coreincludes\MPSUM_Disable_Updates_WordPress.php:42

filterwp_auto_update_coreincludes\MPSUM_Disable_Updates_WordPress.php:43

filterauto_core_update_send_emailincludes\MPSUM_Disable_Updates_WordPress.php:44

filtersend_core_update_notification_emailincludes\MPSUM_Disable_Updates_WordPress.php:45

filterautomatic_updates_send_debug_emailincludes\MPSUM_Disable_Updates_WordPress.php:46

actionupgrader_process_completeincludes\MPSUM_Disable_Updates_WordPress.php:80

actionpre_transient_update_coreincludes\MPSUM_Disable_Updates_WordPress.php:118

filterpre_site_transient_update_coreincludes\MPSUM_Disable_Updates_WordPress.php:119

filtersite_transient_update_pluginsincludes\MPSUM_Disable_VCS.php:45

filtersite_transient_update_themesincludes\MPSUM_Disable_VCS.php:46

actionadmin_noticesincludes\MPSUM_Disable_VCS.php:47

actionnetwork_admin_noticesincludes\MPSUM_Disable_VCS.php:48

actioneum_plugins_tab_headerincludes\MPSUM_Disable_VCS.php:49

actioneum_themes_tab_headerincludes\MPSUM_Disable_VCS.php:50

actioneum_advanced_headingsincludes\MPSUM_Exclude_Users.php:17

actioneum_advanced_settingsincludes\MPSUM_Exclude_Users.php:18

actioneum_advanced_headingsincludes\MPSUM_Force_Updates.php:17

actioneum_advanced_settingsincludes\MPSUM_Force_Updates.php:18

actionadmin_footerincludes\MPSUM_List_Table.php:154

actionpre_auto_updateincludes\MPSUM_Logs.php:88

filtereum_i18nincludes\MPSUM_Logs.php:89

filterupgrader_package_optionsincludes\MPSUM_Logs.php:90

actionautomatic_updates_completeincludes\MPSUM_Logs.php:91

actionupgrader_process_completeincludes\MPSUM_Logs.php:92

filterupgrader_pre_downloadincludes\MPSUM_Logs.php:93

filterupgrader_post_installincludes\MPSUM_Logs.php:222

action_core_updated_successfullyincludes\MPSUM_Logs.php:234

filterupdate_feedbackincludes\MPSUM_Logs.php:235

actioneum_advanced_headingsincludes\MPSUM_Reset_Options.php:17

actioneum_advanced_settingsincludes\MPSUM_Reset_Options.php:18

filterautomatic_updates_send_debug_emailincludes\MPSUM_Send_Email_Notifications.php:34

actionautomatic_updates_completeincludes\MPSUM_Send_Email_Notifications.php:40

filterauto_core_update_send_emailincludes\MPSUM_Send_Email_Notifications.php:42

filterauto_plugin_update_send_emailincludes\MPSUM_Send_Email_Notifications.php:43

filterauto_theme_update_send_emailincludes\MPSUM_Send_Email_Notifications.php:44

filtersend_core_update_notification_emailincludes\MPSUM_Send_Email_Notifications.php:46

filtersend_core_update_notification_emailincludes\MPSUM_Send_Email_Notifications.php:48

filterupdraftplus_remotecontrol_command_classesincludes\MPSUM_UpdraftCentral.php:14

filterupdraftcentral_remotecontrol_command_classesincludes\MPSUM_UpdraftCentral.php:15

actionupdraftcentral_command_class_wantedincludes\MPSUM_UpdraftCentral.php:16

actionadmin_noticesincludes\MPSUM_Utils.php:260

actionnetwork_admin_noticesincludes\MPSUM_Utils.php:261

actionadmin_noticesmain.php:132

actionnetwork_admin_noticesmain.php:134

actionadmin_noticesmain.php:141

actionnetwork_admin_noticesmain.php:143

actioninitmain.php:149

actionplugins_loadedmain.php:150

actionadmin_initmain.php:151

actionall_admin_noticesmain.php:740

filterplugin_auto_update_setting_htmlmain.php:744

filtertheme_auto_update_setting_htmlmain.php:745

filtertheme_auto_update_setting_templatemain.php:746

actionall_admin_noticesmain.php:764

actionall_admin_noticesmain.php:769

actionall_admin_noticesmain.php:773

Scheduled Events 4

eum_notification_updates_weekly

eum_notification_updates_monthly

wp_maybe_auto_update

Maintenance & Trust

Easy Updates Manager Maintenance & Trust

Maintenance Signals

WordPress version tested7.0

Last updatedMar 25, 2026

PHP min version5.6

Downloads7.7M

Community Trust

Rating96/100

Number of ratings722

Active installs300K

Alternatives

Easy Updates Manager Alternatives

Ignore Or Disable Plugin Update

ignore-single-update

100

Allows to ignore a single plugin update for a certain number of days, or until its next version.

100 No CVEs

Disable All WordPress Updates

disable-wordpress-updates

100

Disables the theme, plugin and core update checking, the related cronjobs, plugin/theme update health checks and notification system.

20K No CVEs

Disable Updates – Updates Manager, Disable Automatic Updates, Disable All Updates

webcraftic-updates-manager

100

Disable updates and automatic updates for WordPress core, plugins, and themes, with the option to disable plugin or theme updates individually.

9K No CVEs

Disable All Update & Notification

disable-all-update-notification

A plugin to disable all WordPress core, theme, and plugin updates, and remove update notifications.

0 No CVEs

KK-UPDATE-CONTROL

kk-update-control

A simple WordPress plugin to control automatic core updates or auto-updates for plugins, themes and translations.

0 No CVEs

Developer Profile

Easy Updates Manager Developer Profile

David Anderson / Team Updraft

16 plugins · 6.4M total installs

trust score

Avg Security Score

97/100

Avg Patch Time

1159 days

View full developer profile

Detection Fingerprints

How We Detect Easy Updates Manager

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/stops-core-theme-and-plugin-updates/assets/css/backend.css/wp-content/plugins/stops-core-theme-and-plugin-updates/assets/css/frontend.css/wp-content/plugins/stops-core-theme-and-plugin-updates/assets/css/style.css/wp-content/plugins/stops-core-theme-and-plugin-updates/assets/js/backend.js/wp-content/plugins/stops-core-theme-and-plugin-updates/assets/js/frontend.js/wp-content/plugins/stops-core-theme-and-plugin-updates/assets/js/vendor/chart.min.js/wp-content/plugins/stops-core-theme-and-plugin-updates/assets/js/vendor/daterangepicker.js/wp-content/plugins/stops-core-theme-and-plugin-updates/assets/js/vendor/moment.min.js+1 more

Script Paths

/wp-content/plugins/stops-core-theme-and-plugin-updates/assets/js/backend.js/wp-content/plugins/stops-core-theme-and-plugin-updates/assets/js/frontend.js/wp-content/plugins/stops-core-theme-and-plugin-updates/assets/js/vendor/chart.min.js/wp-content/plugins/stops-core-theme-and-plugin-updates/assets/js/vendor/daterangepicker.js/wp-content/plugins/stops-core-theme-and-plugin-updates/assets/js/vendor/moment.min.js/wp-content/plugins/stops-core-theme-and-plugin-updates/assets/js/vendor/sweetalert2.js

Version Parameters

stops-core-theme-and-plugin-updates/assets/css/backend.css?ver=stops-core-theme-and-plugin-updates/assets/css/frontend.css?ver=stops-core-theme-and-plugin-updates/assets/css/style.css?ver=stops-core-theme-and-plugin-updates/assets/js/backend.js?ver=stops-core-theme-and-plugin-updates/assets/js/frontend.js?ver=stops-core-theme-and-plugin-updates/assets/js/vendor/chart.min.js?ver=stops-core-theme-and-plugin-updates/assets/js/vendor/daterangepicker.js?ver=stops-core-theme-and-plugin-updates/assets/js/vendor/moment.min.js?ver=stops-core-theme-and-plugin-updates/assets/js/vendor/sweetalert2.js?ver=

HTML / DOM Fingerprints

CSS Classes

mpsum-premium-notification-dismissmpsum-warningmpsum-infompsum-errormpsum-notice

HTML Comments

Data Attributes

data-mpsum-action

JS Globals

easy_updates_manager_ajax_object

FAQ