[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fWpF-hIWNHVXaZvgvS1VXnUXxrqKvRWa5e0jDvsmIZ1E":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":45,"crawl_stats":36,"alternatives":52,"analysis":147,"fingerprints":260},"supervisor","Supervisor","1.3.3","Tiago Hillebrandt","https:\u002F\u002Fprofiles.wordpress.org\u002Ftiagohillebrandt\u002F","\u003Cp>\u003Cstrong>Optimize and Secure Your WordPress Site with Supervisor\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Boost the performance and security of your WordPress site effortlessly with our powerful plugin. Supervisor provides vital insights into your site’s health directly through your WordPress Dashboard.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Performance Optimization:\u003C\u002Fstrong> Improve your site’s speed by cleaning up transients and deactivating unnecessary autoload options.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Brute Force Protection:\u003C\u002Fstrong> Shield your site from attacks with robust security measures designed to prevent unauthorized access.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Web Server Software Verification:\u003C\u002Fstrong> Ensure your server software is up-to-date, keeping your site running smoothly and securely.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SSL Certificate Monitoring:\u003C\u002Fstrong> Stay informed about your SSL certificate status with dashboard notifications for impending expirations or expired certificates.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Experience a faster and more secure WordPress site with Supervisor. Download it today and feel the difference!\u003C\u002Fp>\n","Supervisor is a powerful plugin designed to enhance both the performance and security of your WordPress installation.",100,5563,1,"2025-10-23T08:56:00.000Z","6.8.5","5.5","7.2",[19,20,21,22,23],"autoload","healthcheck","load-time","performance","transients","https:\u002F\u002Fsupervisorwp.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsupervisor.1.3.3.zip",99,0,"2025-10-23 19:46:03","2026-03-15T15:16:48.613Z",[31],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":6,"severity":38,"cvss_score":39,"cvss_vector":40,"vuln_type":41,"published_date":28,"updated_date":42,"references":43,"days_to_patch":13},"CVE-2025-11887","supervisor-missing-authorization-to-authenticated-subscriber-settings-update","Supervisor \u003C= 1.3.2 - Missing Authorization to Authenticated (Subscriber+) Settings Update","The Supervisor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several AJAX functions in all versions up to, and including, 1.3.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update various plugin settings.",null,"\u003C=1.3.2","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Missing Authorization","2025-10-24 08:23:58",[44],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F2d3e2880-bb86-4263-9ed4-25a9769890e4?source=api-prod",{"slug":46,"display_name":7,"profile_url":8,"plugin_count":47,"total_installs":48,"avg_security_score":49,"avg_patch_time_days":13,"trust_score":50,"computed_at":51},"tiagohillebrandt",2,1100,96,97,"2026-04-04T04:58:45.686Z",[53,71,90,109,126],{"slug":54,"name":55,"version":56,"author":7,"author_profile":8,"description":57,"short_description":58,"active_installs":59,"downloaded":60,"rating":11,"num_ratings":61,"last_updated":62,"tested_up_to":63,"requires_at_least":64,"requires_php":65,"tags":66,"homepage":68,"download_link":69,"security_score":70,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"wp-healthcheck","WP Healthcheck","1.4.0","\u003Cp>\u003Ca href=\"https:\u002F\u002Fwp-healthcheck.com\" rel=\"nofollow ugc\">WP Healthcheck\u003C\u002Fa> is a plugin to check the health of your WordPress install.\u003C\u002Fp>\n\u003Cp>It detects some useful information regarding your site health, like the number of active transients and autoload options, and then displays them conveniently via the WordPress Dashboard.\u003C\u002Fp>\n\u003Cp>This plugin can help you improve your site performance by cleaning up the transients and deactivating autoload options.\u003C\u002Fp>\n\u003Cp>WP Healthcheck also verifies the software versions in use by your server. We maintain information about software minimum requirements up to date in our systems. This allows the plugin to retrieve this information from our external API and compare versus the ones installed in your server.\u003C\u002Fp>\n\u003Cp>SSL certificate expiration dates are also checked and notifications for expired or near expiration SSL certificates are provided conveniently via the WordPress Dashboard.\u003C\u002Fp>\n\u003Ch4>WP-CLI Extension\u003C\u002Fh4>\n\u003Cp>WP Healthcheck also includes a WP-CLI extension. If you want to see all the CLI commands available in the plugin, go ahead and run \u003Ccode>wp healthcheck\u003C\u002Fcode> in your site.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>wp healthcheck autoload [--deactivate=\u003Coption-name>] [--history]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp healthcheck transient [--delete-expired] [--delete-all]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp healthcheck server\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp healthcheck ssl\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n","WP Healthcheck is a plugin to check the health of your WordPress install.",1000,26475,3,"2024-07-16T05:30:00.000Z","6.6.5","5.0","7.0",[19,67,20,22,23],"cron","https:\u002F\u002Fwp-healthcheck.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-healthcheck.1.4.0.zip",92,{"slug":72,"name":73,"version":74,"author":75,"author_profile":76,"description":77,"short_description":78,"active_installs":79,"downloaded":80,"rating":11,"num_ratings":13,"last_updated":81,"tested_up_to":82,"requires_at_least":64,"requires_php":83,"tags":84,"homepage":88,"download_link":89,"security_score":11,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"flush-transients","Flush Transients","1.0.1","Felix Arntz","https:\u002F\u002Fprofiles.wordpress.org\u002Fflixos90\u002F","\u003Cp>Just like many other plugins offer a feature to flush the WordPress object cache, this plugin allows to flush transients.\u003C\u002Fp>\n\u003Cp>Many WordPress sites do not have access to an object cache in their hosting environment, and for those sites transients are the only mechanism for caching data which WordPress natively supports. Being able to clear transients can be crucial for certain use-cases, particularly on sites that do not use an object cache.\u003C\u002Fp>\n\u003Cp>This plugin adds a small admin bar menu item where users with the required capabilities can flush transients for the site. For sites not using an object cache, where transients are stored in the database, the menu item also provides information on the amount of transients stored.\u003C\u002Fp>\n\u003Cp>Both regular transients and network transients are supported. When using WordPress Multisite, network transients can be flushed in the Network Admin UI.\u003C\u002Fp>\n","This plugin allows you to flush WordPress transients, plain and simple.",90,2077,"2025-11-24T23:33:00.000Z","6.9.4","5.2",[85,86,87,22,23],"cache","flushing","invalidation","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fflush-transients\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fflush-transients.1.0.1.zip",{"slug":91,"name":92,"version":93,"author":94,"author_profile":95,"description":96,"short_description":97,"active_installs":98,"downloaded":99,"rating":11,"num_ratings":47,"last_updated":100,"tested_up_to":82,"requires_at_least":101,"requires_php":102,"tags":103,"homepage":106,"download_link":107,"security_score":26,"vuln_count":13,"unpatched_count":27,"last_vuln_date":108,"fetched_at":29},"0-day-analytics","0 Day Analytics","4.9.0","Golemiq","https:\u002F\u002Fprofiles.wordpress.org\u002Fawesomefootnotes\u002F","\u003Cp>\u003Cstrong>0 Day Analytics\u003C\u002Fstrong> is a comprehensive WordPress debugging and operational\u003Cbr \u002F>\nintelligence plugin. It is purpose-built for developers and site administrators\u003Cbr \u002F>\nwho need real-time visibility into their PHP errors, scheduled tasks, database\u003Cbr \u002F>\nstate, outgoing emails, HTTP requests, hook behaviour, and overall site health —\u003Cbr \u002F>\nall from a single admin interface.\u003C\u002Fp>\n\u003Cp>Unlike general monitoring services, 0 Day Analytics runs entirely inside your\u003Cbr \u002F>\nWordPress installation with no third-party data collection. Every module is\u003Cbr \u002F>\nopt-in and designed with performance in mind.\u003C\u002Fp>\n\u003Ch4>Error Log Manager\u003C\u002Fh4>\n\u003Cp>Read, search, filter, and manage your PHP\u002FWordPress error log without leaving\u003Cbr \u002F>\nthe admin. Engineered for very large (GB-sized) logs using a reverse-line reader\u003Cbr \u002F>\nthat never performs a full-file read. Supports code-context viewing (click any\u003Cbr \u002F>\nerror to see the surrounding source), per-severity filtering, log truncation,\u003Cbr \u002F>\nand download. Optionally randomise the log filename to reduce exposure.\u003C\u002Fp>\n\u003Ch4>PHP Fatal Error Tracker\u003C\u002Fh4>\n\u003Cp>Captures and stores PHP fatal errors in a dedicated database table, it records PHP errors even if the WP_DEBUG is turned off so they persist even after the log is rotated or overwritten. Each record includes\u003Cbr \u002F>\nerror type, file, line, stack trace, and timestamp — searchable and filterable\u003Cbr \u002F>\ndirectly in the admin.\u003C\u002Fp>\n\u003Ch4>Site Performance & Security Scanner\u003C\u002Fh4>\n\u003Cp>Runs 32+ automated checks across three categories — Security, Speed, and\u003Cbr \u002F>\nResources used — and presents a scored dashboard with actionable\u003Cbr \u002F>\nrecommendations. Checks include: PHP version, WordPress version, SSL\u003Cbr \u002F>\ncertificate, debug mode exposure, file permissions, database prefix, XML-RPC,\u003Cbr \u002F>\nlogin URL, active plugin count, autoloaded options, cron health, page caching,\u003Cbr \u002F>\nobject caching, gzip compression, lazy loading, image optimisation, and more.\u003C\u002Fp>\n\u003Ch4>Google PageSpeed & Core Web Vitals\u003C\u002Fh4>\n\u003Cp>Analyse any URL directly from the WordPress admin using the Google PageSpeed\u003Cbr \u002F>\nInsights API. Displays Performance, Accessibility, Best Practices, and SEO\u003Cbr \u002F>\nscores with Lighthouse category breakdowns for both desktop and mobile. For that you need to provide your own PageSpeed Google API key.\u003C\u002Fp>\n\u003Ch4>URL Tracker & Asset Analyser\u003C\u002Fh4>\n\u003Cp>Automatically tracks visited page URLs on your site. For each recorded URL,\u003Cbr \u002F>\nyou can collect all associated JS, CSS, and media assets (with file sizes), run\u003Cbr \u002F>\na Google PageSpeed analysis, and review visit counts — making it easy to audit\u003Cbr \u002F>\npage weight and performance regressions over time.\u003C\u002Fp>\n\u003Ch4>Cron Manager\u003C\u002Fh4>\n\u003Cp>View, search, edit, manually run, and delete WordPress scheduled tasks. Shows\u003Cbr \u002F>\nnext run time (UTC), recurrence interval, arguments, and last execution status.\u003Cbr \u002F>\nSupports bulk actions and advanced filtering.\u003C\u002Fp>\n\u003Ch4>Transients Manager\u003C\u002Fh4>\n\u003Cp>Browse, search, edit, and safely delete database transients. Displays expiry\u003Cbr \u002F>\ntime, serialised value (pretty-printed), and size. Bulk delete supports\u003Cbr \u002F>\nfiltered selections.\u003C\u002Fp>\n\u003Ch4>Outgoing HTTP Requests Viewer\u003C\u002Fh4>\n\u003Cp>Logs all outgoing \u003Ccode>wp_remote_*\u003C\u002Fcode> calls made by WordPress core, themes, and\u003Cbr \u002F>\nplugins. Records URL, method, status code, response time, triggering plugin,\u003Cbr \u002F>\nuser, and full request\u002Fresponse detail. Export to CSV for external analysis.\u003Cbr \u002F>\nAdvanced filtering by domain, plugin, status, and date range.\u003C\u002Fp>\n\u003Ch4>Mail Logger & Composer\u003C\u002Fh4>\n\u003Cp>Records every email sent through \u003Ccode>wp_mail()\u003C\u002Fcode> — including headers, body,\u003Cbr \u002F>\nattachments, CC, and BCC — and stores it in a searchable log. View the\u003Cbr \u002F>\nrendered email body, resend any logged email, or compose and send new emails\u003Cbr \u002F>\ndirectly from the admin. Supports HTML and plain-text previews.\u003C\u002Fp>\n\u003Ch4>SMTP Configuration\u003C\u002Fh4>\n\u003Cp>Configure custom SMTP settings (host, port, encryption, username, password)\u003Cbr \u002F>\nwith a built-in test email tool. Optionally log SMTP debug output to the\u003Cbr \u002F>\nWordPress debug log.\u003C\u002Fp>\n\u003Ch4>WP Hooks Monitor\u003C\u002Fh4>\n\u003Cp>Define which WordPress actions and filters (core or custom) you want to\u003Cbr \u002F>\nobserve. The Hooks Capture module records each invocation with its parameters,\u003Cbr \u002F>\nreturn value (for filters), and a full stack backtrace. Organise monitoring\u003Cbr \u002F>\nrules into named groups, enable\u002Fdisable per hook, and review the captured\u003Cbr \u002F>\noutput in a dedicated list view.\u003C\u002Fp>\n\u003Ch4>DB Table Manager\u003C\u002Fh4>\n\u003Cp>Browse, search, edit, and delete records across any table in your\u003Cbr \u002F>\nWordPress database — including custom plugin tables. Displays table size,\u003Cbr \u002F>\nengine, collation, row count, and schema information. Supports full and\u003Cbr \u002F>\nfiltered truncation and table drop with confirmation.\u003C\u002Fp>\n\u003Ch4>Server Info & System Status\u003C\u002Fh4>\n\u003Cp>Displays real-time server metrics (CPU load, memory usage, disk space,\u003Cbr \u002F>\nPHP version, active extensions) as both admin-bar badges and a dashboard\u003Cbr \u002F>\nwidget. Also provides a detailed environment report useful for support tickets\u003Cbr \u002F>\nand deployment checks.\u003C\u002Fp>\n\u003Ch4>Plugin Version Switcher\u003C\u002Fh4>\n\u003Cp>Roll back or switch between any previously downloaded version of an installed\u003Cbr \u002F>\nplugin without leaving the admin. Useful for quickly reverting after a bad\u003Cbr \u002F>\nupdate. Supports only free plugins from the WordPress repo.\u003C\u002Fp>\n\u003Ch4>Code Snippets\u003C\u002Fh4>\n\u003Cp>Write, save, and execute custom PHP snippets from the admin. Snippets support\u003Cbr \u002F>\nshortcodes, can be enabled\u002Fdisabled individually, and are sandboxed before\u003Cbr \u002F>\nexecution. Useful for one-off data migrations, testing custom logic, or\u003Cbr \u002F>\ngenerating dynamic output without creating a custom plugin.\u003C\u002Fp>\n\u003Ch4>Recovery Mode\u003C\u002Fh4>\n\u003Cp>Generate single-use recovery links that can disable a specific plugin or\u003Cbr \u002F>\ntrigger a custom action — delivered via Slack, Telegram, or any configured\u003Cbr \u002F>\nwebhook channel. Designed for emergency recovery when the site is inaccessible\u003Cbr \u002F>\nthrough normal means. The recovery URLs are sent in Slack and Telegram channels for security.\u003C\u002Fp>\n\u003Ch4>Other Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Dark mode for all admin screens.\u003C\u002Fli>\n\u003Cli>CSV export on all list views (requests, errors, mails, hooks, etc.).\u003C\u002Fli>\n\u003Cli>Screen Options on every screen (configure columns, items per page).\u003C\u002Fli>\n\u003Cli>WP CLI compatible scaffolding for background operations.\u003C\u002Fli>\n\u003Cli>Multisite aware (note: recovery mode has core multisite limitations).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Short Description\u003C\u002Fh3>\n\u003Cp>All-in-one WordPress debug & operations toolkit: error log manager, PHP fatal\u003Cbr \u002F>\ntracker, cron & transient manager, mail logger, SMTP, outgoing requests viewer,\u003Cbr \u002F>\nDB table manager, site performance & security scanner, Google PageSpeed\u003Cbr \u002F>\nintegration, URL tracker, WP hooks monitor, code snippets, and recovery mode.\u003C\u002Fp>\n\u003Ch3>Requirements & Compatibility\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>WordPress 6.0+ (tested up to 6.9)\u003C\u002Fli>\n\u003Cli>PHP 7.4+ (compatible with PHP 8.0, 8.1, 8.2, 8.3, 8.4)\u003C\u002Fli>\n\u003Cli>MySQL 5.7+ \u002F MariaDB 10.3+\u003C\u002Fli>\n\u003Cli>Not intended as a primary multisite recovery tool (see FAQ)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Best Practices & Security Notes\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Keep log files outside the webroot when possible, or restrict access via\u003Cbr \u002F>\nserver rules (.htaccess \u002F nginx) to prevent public exposure.\u003C\u002Fli>\n\u003Cli>Use the built-in “Randomise Log Filename” feature when logs must stay in the\u003Cbr \u002F>\nwebroot.\u003C\u002Fli>\n\u003Cli>All plugin capabilities are restricted to \u003Ccode>manage_options\u003C\u002Fcode> (administrators)\u003Cbr \u002F>\nby default. The menu can optionally be restricted to admins only.\u003C\u002Fli>\n\u003Cli>Sanitize and escape all output; nonces are enforced on all state-changing\u003Cbr \u002F>\nactions.\u003C\u002Fli>\n\u003Cli>Secure SMTP credentials using TLS\u002FSTARTTLS; credentials are stored in the\u003Cbr \u002F>\nWordPress options table.\u003C\u002Fli>\n\u003Cli>Set file permissions tightly (e.g., 600\u002F640) and restrict ownership to the\u003Cbr \u002F>\nweb server user.\u003C\u002Fli>\n\u003Cli>Backup database and files before using bulk delete or table truncation.\u003C\u002Fli>\n\u003Cli>Disable unused modules to reduce footprint and potential attack surface.\u003C\u002Fli>\n\u003Cli>Disable or throttle high-frequency background polling on high-load sites.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Usage Notes & Performance\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>The Error Log viewer reads the last N lines (default 100, max configurable\u003Cbr \u002F>\nvia Screen Options) to avoid full-file reads on GB-sized logs.\u003C\u002Fli>\n\u003Cli>No pagination on error logs by design — pagination would force repeated\u003Cbr \u002F>\nexpensive full-file reads.\u003C\u002Fli>\n\u003Cli>The PHP Fatal Error Tracker uses its own DB table; apply a retention policy\u003Cbr \u002F>\nin Settings to avoid unbounded growth.\u003C\u002Fli>\n\u003Cli>The Hooks Capture module adds minimal overhead per captured hook invocation;\u003Cbr \u002F>\ndisable capturing on production when not actively debugging.\u003C\u002Fli>\n\u003Cli>The URL Tracker records page visits in a custom table; configure retention\u003Cbr \u002F>\nor pause tracking on high-traffic sites.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support & Notes\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Secure log paths and consider randomising filenames in production.\u003C\u002Fli>\n\u003Cli>Disable unused modules to reduce footprint and attack surface.\u003C\u002Fli>\n\u003Cli>Recovery Mode has limitations on multisite — test before relying on it.\u003C\u002Fli>\n\u003Cli>For bugs or feature requests, open an issue on the plugin page.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Live preview and full details:\u003Cbr \u002F>\nhttps:\u002F\u002Fwordpress.org\u002Fplugins\u002F0-day-analytics\u002F\u003C\u002Fp>\n","0 Day Analytics is a comprehensive WordPress debugging and operational",40,5614,"2026-03-09T13:39:00.000Z","6.0","7.4",[67,104,105,22,23],"debug","error-log","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002F0-day-analytics.4.9.0.zip","2025-11-12 00:00:00",{"slug":110,"name":111,"version":112,"author":113,"author_profile":114,"description":115,"short_description":116,"active_installs":117,"downloaded":118,"rating":11,"num_ratings":13,"last_updated":106,"tested_up_to":82,"requires_at_least":119,"requires_php":102,"tags":120,"homepage":106,"download_link":124,"security_score":11,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":125},"fand-transient-action-cleaner","Fand Transient and Action Cleaner","1.0.5","Florence ANDROLUS","https:\u002F\u002Fprofiles.wordpress.org\u002Ffandevelop\u002F","\u003Cp>\u003Cstrong>Keep your database light and fast effortlessly.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Is your \u003Ccode>wp_options\u003C\u002Fcode> table weighing in at tens of megabytes? Are your \u003Ccode>actionscheduler\u003C\u002Fcode> tables slowing down your backups? \u003Cstrong>Fand Transient and Action Cleaner\u003C\u002Fstrong> is the essential tool for WordPress site owners who want to automate their database maintenance.\u003C\u002Fp>\n\u003Cp>Unlike other global cleanup tools, this plugin surgically targets temporary data and task logs that silently accumulate and eventually impact your admin performance.\u003C\u002Fp>\n\u003Ch3>🧹 Two-step cleanup\u003C\u002Fh3>\n\u003Cp>This plugin doesn’t just delete temporary data; it tackles the two main sources of clutter:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>WordPress Transients:\u003C\u002Fstrong> It identifies and removes expired transients left behind by other plugins, including those containing success or failure markers that are no longer needed.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>The Action Scheduler:\u003C\u002Fstrong> It thoroughly cleans the action tables (\u003Ccode>wp_actionscheduler_actions\u003C\u002Fcode>). It purges logs and completed or failed tasks (statuses: complete, success, failed, error) that accumulate by the thousands.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>⚙️ Your settings, your choice\u003C\u002Fh3>\n\u003Cp>The interface is designed to be simple and efficient. You maintain complete control over your data:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Failure management:\u003C\u002Fstrong> Set a retention period for error logs (15 days by default) to give you time to debug before cleaning.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Success history:\u003C\u002Fstrong> Delete completed tasks after a defined period (30 days by default).\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Full automation:\u003C\u002Fstrong> A global cleanup task is scheduled weekly to maintain your site’s performance without you having to think about it.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>✨ Why choose Fand Transient and Action Cleaner?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Lightweight:\u003C\u002Fstrong> No code overhead; it does exactly what it’s supposed to.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Secure:\u003C\u002Fstrong> Uses native WordPress functions to guarantee database integrity.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Transparent:\u003C\u002Fstrong> Directly displays the number of items eligible for cleaning so you know exactly what you’ll gain.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","Clean up your database by removing expired transients and cumbersome Action Scheduler logs. Optimize your performance with one click.",20,344,"6.4",[121,122,123,22,23],"cleanup","database","optimization","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffand-transient-action-cleaner.1.0.5.zip","2026-03-15T10:48:56.248Z",{"slug":127,"name":128,"version":129,"author":130,"author_profile":131,"description":132,"short_description":133,"active_installs":134,"downloaded":135,"rating":27,"num_ratings":27,"last_updated":136,"tested_up_to":137,"requires_at_least":138,"requires_php":106,"tags":139,"homepage":144,"download_link":145,"security_score":146,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"eve-dynamic-prerender","EVE Dynamic Prerender","4.0.1","gsacheli","https:\u002F\u002Fprofiles.wordpress.org\u002Fgsacheli\u002F","\u003Cp>Prerender Meta Tag allows webmasters to pre-load, in background, a second page in the browser. Until now you have to place a specific prerender by hand in your code, for each page. Otherwise you have to query Google Analytics API.\u003C\u002Fp>\n\u003Cp>The plugin knows the next page users will visit and enables a very fast navigation experience. This plugin is based on users navigation paths and it can really guess the next page that the user will visit.\u003C\u002Fp>\n\u003Cp>This WordPress plugin creates and injects into the head section of the HTML document a real dynamic Prerender Meta Tag. Each page with a perfect and dedicated prerender link!\u003C\u002Fp>\n\u003Cp>The system stores users navigational paths inside a database table called “your-db-prefix_PRERENDER”. Than the plugin retrieves the most common next visited page and uses it as prerender meta tag.\u003C\u002Fp>\n\u003Cp>If the plugin doesn’t hava any data for the next probable visited page, it will show a prerender to the homepage.\u003C\u002Fp>\n\u003Cp>The database table WILL BE REMOVED automatically when the plugin is uninstalled. Do not uninstall the plugin if you want to keep historical data. Uninstall the plugin if you change permalink structure or if you are moving to version 3.5 of this plugin from a previous version – this way will purge the database table.\u003C\u002Fp>\n\u003Cp>For info please visit: \u003Ca href=\"https:\u002F\u002Fwww.evemilano.com\u002Fwp-prerender-plugin\u002F\" rel=\"nofollow ugc\">EVE Milano\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Help Keep This Plugin Free\u003C\u002Fh4>\n\u003Cp>If you find this plugin useful to you, please consider \u003Ca href=\"https:\u002F\u002Fwww.paypal.me\u002Fsacheli\" rel=\"nofollow ugc\">\u003Cstrong>making a donation\u003C\u002Fstrong>\u003C\u002Fa> to help contribute to my time invested and to further development. Thanks for your kind support! – \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fusers\u002Fgsacheli\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Giovanni Sacheli\u003C\u002Fstrong>\u003C\u002Fa>\u003C\u002Fp>\n","An easy and powerful plugin to implement a real dynamic Prerender Meta Tag inside the head section of the HTML document. This version use AJAX so it w &hellip;",10,1621,"2019-05-16T10:31:00.000Z","5.2.24","2.5",[140,141,22,142,143],"loading-speed","page-load-time","prerender","seo","https:\u002F\u002Fwww.evemilano.com\u002F2017\u002F11\u002Fwp-prerender-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feve-dynamic-prerender.zip",85,{"attackSurface":148,"codeSignals":225,"taintFlows":247,"riskAssessment":248,"analyzedAt":259},{"hooks":149,"ajaxHandlers":221,"restRoutes":222,"shortcodes":223,"cronEvents":224,"entryPointCount":27,"unprotectedCount":27},[150,156,161,165,168,172,177,182,188,191,195,200,204,208,211,216],{"type":151,"name":152,"callback":153,"file":154,"line":155},"action","admin_footer","add_wp_nonces","src\\Admin\\AJAX.php",58,{"type":151,"name":157,"callback":158,"file":159,"line":160},"admin_init","load_resources","src\\Admin\\Dashboard.php",60,{"type":151,"name":162,"callback":162,"priority":163,"file":159,"line":164},"admin_menu",5,61,{"type":151,"name":166,"callback":166,"file":159,"line":167},"admin_notices",64,{"type":151,"name":169,"callback":170,"file":159,"line":171},"admin_head","hide_admin_notices",66,{"type":151,"name":173,"callback":174,"file":175,"line":176},"supv_admin_views_components_switch","switcher","src\\Admin\\Views\\ComponentsView.php",29,{"type":151,"name":178,"callback":179,"file":180,"line":181},"init","cleanup_expired_login_attempts","src\\Core\\SecureLogin.php",69,{"type":183,"name":184,"callback":185,"priority":186,"file":180,"line":187},"filter","authenticate","check_login_attempt",21,71,{"type":183,"name":184,"callback":189,"priority":186,"file":180,"line":190},"maybe_replace_invalid_username_error",72,{"type":183,"name":192,"callback":193,"file":180,"line":194},"shake_error_codes","add_error_to_login_shake_codes",74,{"type":151,"name":196,"callback":197,"file":198,"line":199},"shutdown","get_data","src\\Core\\SSL.php",46,{"type":151,"name":178,"callback":201,"file":202,"line":203},"apply_wp_auto_update_policy","src\\Core\\WordPress.php",38,{"type":183,"name":205,"callback":206,"file":202,"line":207},"automatic_updater_disabled","__return_true",52,{"type":183,"name":209,"callback":210,"file":202,"line":155},"allow_major_auto_core_updates","__return_false",{"type":151,"name":212,"callback":213,"file":214,"line":215},"plugins_loaded","setup","src\\Loader.php",49,{"type":151,"name":217,"callback":218,"priority":134,"file":219,"line":220},"upgrader_process_complete","upgrade_completed","src\\Utils\\Upgrade.php",39,[],[],[],[],{"dangerousFunctions":226,"sqlUsage":227,"outputEscaping":239,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":47,"bundledLibraries":246},[],{"prepared":228,"raw":61,"locations":229},11,[230,234,236],{"file":231,"line":232,"context":233},"src\\Core\\Transients.php",25,"$wpdb->get_results() with variable interpolation",{"file":231,"line":199,"context":235},"$wpdb->get_row() with variable interpolation",{"file":231,"line":237,"context":238},94,"$wpdb->query() with variable interpolation",{"escaped":240,"rawEcho":13,"locations":241},89,[242],{"file":243,"line":244,"context":245},"src\\Admin\\Views\\Cards\\AutoloadCardView.php",149,"raw output",[],[],{"summary":249,"deductions":250},"The \"supervisor\" v1.3.3 plugin exhibits a generally good security posture based on the provided static analysis. It demonstrates strong adherence to best practices by implementing prepared statements for the majority of its SQL queries, ensuring proper output escaping, and incorporating nonce and capability checks. The absence of dangerous functions, critical taint flows, and a large attack surface without authentication further strengthens its security.  The plugin also appears to be well-maintained, with no currently unpatched vulnerabilities, despite a past medium severity vulnerability. The static analysis did not reveal any immediate critical risks within the current codebase, suggesting a robust development process.\n\nHowever, the presence of one historical medium severity vulnerability, specifically related to missing authorization, warrants attention. While currently patched, this pattern suggests a potential area of weakness that may require ongoing vigilance. The single file operation and external HTTP request, while not inherently risky without further context, are potential entry points for vulnerabilities if not carefully handled. The overall security is good, but the historical context of a missing authorization vulnerability prevents it from being perfect.",[251,253,255,257],{"reason":252,"points":134},"Past medium severity vulnerability (Missing Authorization)",{"reason":254,"points":163},"1 SQL query without prepared statements",{"reason":256,"points":47},"1 file operation",{"reason":258,"points":47},"1 external HTTP request","2026-03-16T21:00:08.282Z",{"wat":261,"direct":270},{"assetPaths":262,"generatorPatterns":265,"scriptPaths":266,"versionParams":267},[263,264],"\u002Fwp-content\u002Fplugins\u002Fsupervisor\u002Fjs\u002Fsupervisor.js","\u002Fwp-content\u002Fplugins\u002Fsupervisor\u002Fcss\u002Fsupervisor.css",[],[263],[268,269],"supervisor\u002Fstyle.css?ver=","supervisor\u002Fsupervisor.js?ver=",{"cssClasses":271,"htmlComments":273,"htmlAttributes":274,"restEndpoints":276,"jsGlobals":277,"shortcodeOutput":279},[272],"supv-admin-dashboard-wrapper",[],[275],"data-supv-loading",[],[278],"supv",[]]