Does Supervisor have any unpatched vulnerabilities?

No. All known vulnerabilities in Supervisor have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Supervisor compatible with WordPress 6.8.5?

According to WordPress.org data, Supervisor 1.3.3 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Supervisor compatible with PHP 7.2+?

Supervisor requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Supervisor updated?

Supervisor was last updated on Oct 23, 2025. Frequent updates are generally a positive security signal.

What is Supervisor's security score?

Supervisor has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Supervisor Security & Risk Analysis

wordpress.org/plugins/supervisor

Supervisor is a powerful plugin designed to enhance both the performance and security of your WordPress installation.

100 active installs v1.3.3 PHP 7.2+ WP 5.5+ Updated Oct 23, 2025

autoloadhealthcheckload-timeperformancetransients

A · Safe

CVEs total1

Unpatched0

Last CVEOct 23, 2025

Plugin page Download

Safety Verdict

Is Supervisor Safe to Use in 2026?

Generally Safe

Score 99/100

Supervisor has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Oct 23, 2025Updated 5mo ago

Risk Assessment

The "supervisor" v1.3.3 plugin exhibits a generally good security posture based on the provided static analysis. It demonstrates strong adherence to best practices by implementing prepared statements for the majority of its SQL queries, ensuring proper output escaping, and incorporating nonce and capability checks. The absence of dangerous functions, critical taint flows, and a large attack surface without authentication further strengthens its security. The plugin also appears to be well-maintained, with no currently unpatched vulnerabilities, despite a past medium severity vulnerability. The static analysis did not reveal any immediate critical risks within the current codebase, suggesting a robust development process.

However, the presence of one historical medium severity vulnerability, specifically related to missing authorization, warrants attention. While currently patched, this pattern suggests a potential area of weakness that may require ongoing vigilance. The single file operation and external HTTP request, while not inherently risky without further context, are potential entry points for vulnerabilities if not carefully handled. The overall security is good, but the historical context of a missing authorization vulnerability prevents it from being perfect.

Key Concerns

Past medium severity vulnerability (Missing Authorization)
1 SQL query without prepared statements
1 file operation
1 external HTTP request

Vulnerabilities

Supervisor Security Vulnerabilities

CVEs by Year

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-11887medium · 4.3Missing Authorization

Supervisor <= 1.3.2 - Missing Authorization to Authenticated (Subscriber+) Settings Update

Oct 23, 2025 Patched in 1.3.3 (1d)

Code Analysis

Analyzed Mar 16, 2026

Supervisor Code Analysis

Dangerous Functions

Raw SQL Queries

11 prepared

Unescaped Output

89 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

79% prepared14 total queries

Output Escaping

99% escaped90 total outputs

Attack Surface

Supervisor Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 16

actionadmin_footersrc\Admin\AJAX.php:58

actionadmin_initsrc\Admin\Dashboard.php:60

actionadmin_menusrc\Admin\Dashboard.php:61

actionadmin_noticessrc\Admin\Dashboard.php:64

actionadmin_headsrc\Admin\Dashboard.php:66

actionsupv_admin_views_components_switchsrc\Admin\Views\ComponentsView.php:29

actioninitsrc\Core\SecureLogin.php:69

filterauthenticatesrc\Core\SecureLogin.php:71

filterauthenticatesrc\Core\SecureLogin.php:72

filtershake_error_codessrc\Core\SecureLogin.php:74

actionshutdownsrc\Core\SSL.php:46

actioninitsrc\Core\WordPress.php:38

filterautomatic_updater_disabledsrc\Core\WordPress.php:52

filterallow_major_auto_core_updatessrc\Core\WordPress.php:58

actionplugins_loadedsrc\Loader.php:49

actionupgrader_process_completesrc\Utils\Upgrade.php:39

Maintenance & Trust

Supervisor Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedOct 23, 2025

PHP min version7.2

Downloads6K

Community Trust

Rating100/100

Number of ratings1

Active installs100

Alternatives

Supervisor Alternatives

WP Healthcheck

wp-healthcheck

WP Healthcheck is a plugin to check the health of your WordPress install.

1K No CVEs

Flush Transients

flush-transients

100

This plugin allows you to flush WordPress transients, plain and simple.

90 No CVEs

0 Day Analytics

0-day-analytics

0 Day Analytics is a comprehensive WordPress debugging and operational

40 1 CVE

Fand Transient and Action Cleaner

fand-transient-action-cleaner

100

Clean up your database by removing expired transients and cumbersome Action Scheduler logs. Optimize your performance with one click.

20 No CVEs

EVE Dynamic Prerender

eve-dynamic-prerender

An easy and powerful plugin to implement a real dynamic Prerender Meta Tag inside the head section of the HTML document. This version use AJAX so it w …

10 No CVEs

Developer Profile

Supervisor Developer Profile

Tiago Hillebrandt

2 plugins · 1K total installs

trust score

Avg Security Score

96/100

Avg Patch Time

1 days

View full developer profile

Detection Fingerprints

How We Detect Supervisor

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/supervisor/js/supervisor.js/wp-content/plugins/supervisor/css/supervisor.css

Script Paths

/wp-content/plugins/supervisor/js/supervisor.js

Version Parameters

supervisor/style.css?ver=supervisor/supervisor.js?ver=

HTML / DOM Fingerprints

CSS Classes

supv-admin-dashboard-wrapper

Data Attributes

data-supv-loading

JS Globals

supv

FAQ