[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f1s2f-GQ7w6Z_6Mz4FN-i1QHyGP41bohAEayDVTn1zQo":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":36,"analysis":138,"fingerprints":179},"surbma-gdpr-multisite-privacy","Surbma | GDPR Multisite Privacy","2.0","Surbma","https:\u002F\u002Fprofiles.wordpress.org\u002Fsurbma\u002F","\u003Cp>This plugin is only for Multisite networks! It will give special privileges to every subsite administrator, that has the same email address, what is set as the main email address for that particular subsite. So every subsite can set their own privacy settings and they will have the option to export or remove personal data if required by the user. This is a very important feature if you want to compile with GDPR.\u003C\u002Fp>\n\u003Cp>Only one user will get the special capabilities to set and edit the privacy policy page and get access to user data export or removal pages. The user must be an administrator and the user’s email address must match with the default email address under Settings page.\u003C\u002Fp>\n\u003Ch3>The Problem…\u003C\u002Fh3>\n\u003Cp>By default, the new Privacy settings introduced in WordPress 4.9.6 is available only for single install Administrators or if you use a Multsiite install, it is available only for Super Admins. There is no default option to enable Privacy settings for subsites. It can be a big problem for you subsite users, because they can not meet the GDPR rules.\u003C\u002Fp>\n\u003Ch3>…and the solution\u003C\u002Fh3>\n\u003Cp>This plugin will give subsite Administrators access to these new privacy features. Only one administrator will get these new privileges per subsite, who has the same email, that is set under Settings page.\u003C\u002Fp>\n\u003Ch3>Other GDPR related plugins by Surbma\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsurbma-gdpr-proof-google-analytics\u002F\" rel=\"ugc\">Surbma | GDPR Proof Cookie Consent & Notice Bar\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsurbma-gdpr-proof-gravity-forms\u002F\" rel=\"ugc\">Surbma | GDPR Proof Gravity Forms\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>About Surbma\u003C\u002Fh3>\n\u003Ch4>Other Surbma plugins\u003C\u002Fh4>\n\u003Cp>I have more, than 30 fantastic, FREE plugins in the official WordPress plugin directory. Please check them too here: \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fsurbma#content-plugins\" rel=\"nofollow ugc\">Surbma plugins\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Do you want to contribute or help improving this plugin?\u003C\u002Fh4>\n\u003Cp>You can find it on GitHub: \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FSurbma\u002Fsurbma-gdpr-multisite-privacy\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002FSurbma\u002Fsurbma-gdpr-multisite-privacy\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>You can find my other plugins and projects on GitHub\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FSurbma\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002FSurbma\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Please feel free to contribute, help or recommend any new features for my plugins, themes and other projects.\u003C\u002Fp>\n\u003Ch4>Do you want to know more about me?\u003C\u002Fh4>\n\u003Cp>Visit my webpage: \u003Ca href=\"https:\u002F\u002Fsurbma.com\u002F\" rel=\"nofollow ugc\">Surbma.com\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Do you like and use my free plugins?\u003C\u002Fh4>\n\u003Cp>You can donate me for FREE here: \u003Ca href=\"https:\u002F\u002Fsurbma.com\u002Fdonate\u002F\" rel=\"nofollow ugc\">Surbma.com\u003C\u002Fa>\u003C\u002Fp>\n","A GDPR Multisite plugin, that adds special privileges to a subsite Administrator for Privacy settings.",0,1702,"2023-04-08T13:11:00.000Z","6.2.9","5.1","7.0",[18,19,20,21,22],"multisite","privacy","security","surbma","user","https:\u002F\u002Fsurbma.com\u002Fwordpress-plugins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsurbma-gdpr-multisite-privacy.2.0.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":21,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":32,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},27,30210,88,127,71,"2026-04-04T11:23:53.524Z",[37,58,75,91,114],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":14,"requires_at_least":50,"requires_php":51,"tags":52,"homepage":56,"download_link":57,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"wp-author-security","WP Author Security","1.5.0","mgm security partners GmbH","https:\u002F\u002Fprofiles.wordpress.org\u002Fmgmsp\u002F","\u003Cp>WP Author Security is a lightweight but powerful plugin to protect against user enumeration attacks on author pages and other places where valid user names can be obtained.\u003C\u002Fp>\n\u003Cp>By default, WordPress will display some sensitive information on author pages.\u003Cbr \u002F>\nThe author page is typically called by requesting the URI \u003Ccode>https:\u002F\u002Fyourdomain.tld\u002F?author=\u003Cid>\u003C\u002Fcode> or with permalinks \u003Ccode>https:\u002F\u002Fyourdomain.tld\u002Fauthor\u002F\u003Cusername>\u003C\u002Fcode>.\u003Cbr \u002F>\nThe page will include (depending on your theme) the full name (first and last name) as well as the username of the author which is used to log in to WordPress.\u003C\u002Fp>\n\u003Cp>In some cases, it is not wanted to expose this information to the public. An attacker is able to brute force valid IDs or valid usernames. This information might be used for further attacks like social engineering attacks or log in brute force attacks with gathered usernames.\u003Cbr \u002F>\n\u003Cem>However, when using the plugin and you disable author pages completely it must be noted that you need to take care that your active theme will not display the author name itself on posts like “Posted by admin” or something like that. This is something the plugin will not handle (at the moment).\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>By using the extension, you are able to disable the author pages either completely or display them only when the author has at least one published post. When the page is disabled the default 404 error page of the active theme is displayed.\u003C\u002Fp>\n\u003Cp>In addition, the plugin will also protect other locations which are commonly used by attackers to gather valid user names. These are:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The REST API for users which will list all users with published posts by default.\u003Cbr \u002F>\n  https:\u002F\u002Fyourdomain.tld\u002Fwp-json\u002Fwp\u002Fv2\u002Fusers\u003C\u002Fli>\n\u003Cli>The log in page where different error messages will indicate whether an entered user name or mail address exists or not. The plugin will display a neutral error message independently whether the user exists or not.\u003C\u002Fli>\n\u003Cli>The password forgotten function will also allow an attacker to check for the existence of a user. As for the log in page the plugin will display a neutral message even when the user does not exists.\u003C\u002Fli>\n\u003Cli>Requesting the feed endpoint \u002Ffeed of your blog will also allow others to see the username or display name of the author. The plugin will remove the name from the result list.\u003C\u002Fli>\n\u003Cli>WordPress supports so-called oEmbeds. This is a technique to embed a reference to a post into another post. However, this reference will also contain the author name and a direct link to the profile page. The plugin will also remove the name and link here.\u003C\u002Fli>\n\u003Cli>Since WordPress 5.5 a default sitemap can be reached via \u002Fwp-sitemap.xml. This sitemap will disclose the usernames of all authors. If this should not be disclosed you are able to disable this feature of WordPress.\u003C\u002Fli>\n\u003C\u002Ful>\n","Protect against user enumeration attacks on author pages and other places where valid user names can be obtained.",500,6531,100,2,"2023-04-12T07:32:00.000Z","4.7","7.4",[53,19,20,54,55],"author","user-enumeration","wpscan","https:\u002F\u002Fgithub.com\u002Fmgm-sp\u002Fwp-author-security","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-author-security.1.5.0.zip",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":11,"downloaded":66,"rating":11,"num_ratings":11,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":51,"tags":70,"homepage":73,"download_link":74,"security_score":47,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"adamszokol-onion-service","Onion Service by Adam Szokol","1.0.2","Adam Szokol","https:\u002F\u002Fprofiles.wordpress.org\u002Fszokoladam\u002F","\u003Cp>The Onion Service by Adam Szokol plugin provides reliable functionality for integrating your WordPress site with the Tor network. It configures your site to handle .onion addresses, which can enhance accessibility and privacy for your visitors using the Tor Browser. This plugin is built to work effectively on both single-site and WordPress Multisite installations.\u003C\u002Fp>\n\u003Cp>A core feature is its administrative helper functionality. On activation, the plugin checks for and creates a necessary sunrise.php file for domain mapping support. It also attempts to add the required define( ‘SUNRISE’, true ); constant to your wp-config.php file, which is often the most complex step in the setup process. This modification is only attempted if file permissions allow it.\u003C\u002Fp>\n\u003Cp>The settings interface is available only to administrators (or Super Admins on Multisite), allowing you to easily map your .onion domains and manage the service status.\u003C\u002Fp>\n\u003Cp>Key Features:\u003C\u002Fp>\n\u003Cp>Automatic sunrise.php Creation: Handles the creation and placement of sunrise.php for reliable domain mapping.\u003C\u002Fp>\n\u003Cp>Optional wp-config.php Modification: Attempts to safely add the SUNRISE constant to your configuration file, providing a setup assist.\u003C\u002Fp>\n\u003Cp>Unified Architecture: Works consistently across single WordPress sites and Multisite networks.\u003C\u002Fp>\n\u003Cp>Onion-Location Header: Automatically informs Tor Browser users that a private .onion version of your site is available.\u003C\u002Fp>\n\u003Cp>Full Domain Mapping: Assign unique .onion domains to specific sites in your installation.\u003C\u002Fp>\n\u003Cp>Service Status Control: Easily disable the onion service and display a custom maintenance message.\u003C\u002Fp>\n","A focused plugin designed to enable Onion Service & Mapping support for your WordPress site.",251,"2025-12-22T11:27:00.000Z","6.9.4","5.8",[18,71,19,20,72],"onion","tor","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadamszokol-onion-service.1.0.2.zip",{"slug":76,"name":77,"version":78,"author":79,"author_profile":80,"description":81,"short_description":82,"active_installs":11,"downloaded":83,"rating":11,"num_ratings":11,"last_updated":84,"tested_up_to":85,"requires_at_least":86,"requires_php":16,"tags":87,"homepage":89,"download_link":90,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"prevent-user-name-and-email-leakage","Prevent user name and email leakage","1.0.0","Mark-k","https:\u002F\u002Fprofiles.wordpress.org\u002Fmark-k\u002F","\u003Cp>Stops user name enumeration and other type of user name and email leakages.\u003C\u002Fp>\n\u003Cp>Specifically does the following:\u003Cbr \u002F>\n1. When the site is configured to use pretty permalinks, the plugin will prevent\u003Cbr \u002F>\n   the automatic redirect of usrl which include user ID, like example.com\u002F?author=1, to\u003Cbr \u002F>\n   something like example.com\u002Fauthor\u002Fadmin which will leak the existence of a user\u003Cbr \u002F>\n   named admin which can be used in further brute force attacks.\u003Cbr \u002F>\n   (This is also know as “user enumeration”).\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>With the REST API restrict user name related information (actual user name\u003Cbr \u002F>\nand user posts page URL) to only admin users.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Preventing authentication failure notices on the login page to disclose\u003Cbr \u002F>\nthe existence of user names\u002Fuser emails resulting from displaying different\u003Cbr \u002F>\nmessages hen the user is incorrect and when the password is incorrect. Just\u003Cbr \u002F>\ndisplay the same failure message for whatever is the failure reason.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Preventing the reset password mechanism from disclosing user names\u002Fuser emails\u003Cbr \u002F>\nresulting from displaying different messages when a user\u002Femail for which a reset\u003Cbr \u002F>\nis requested exist in the DB, and when it does not. Just display the same message\u003Cbr \u002F>\nfor both.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Even with the plugin active, if your theme displays author information while linking\u003Cbr \u002F>\nto author pages this can be used for user name leakage. In this case you should\u003Cbr \u002F>\nthink about totally decoupling user and author information with plugins like\u003Cbr \u002F>\nhttps:\u002F\u002Fwordpress.org\u002Fplugins\u002Fauthors-as-taxonomy\u002F\u003C\u002Fp>\n\u003Cp>Another thing that the plugin do not do is to handle leakage resulting from the use\u003Cbr \u002F>\nof gravatar, as this requires a replacement of gravatar functionality itself and\u003Cbr \u002F>\nit is much harder to exploit than the other leakages.\u003C\u002Fp>\n\u003Cp>And last leakage hole not covered right now, but might be covered in the future,\u003Cbr \u002F>\nis leakage of information via the sign in process. We leave it for later as most\u003Cbr \u002F>\ninstalls do not allow people to sign in.\u003C\u002Fp>\n\u003Cp>Read more on the plugins main page https:\u002F\u002Fcalmpress.org\u002Fwordpress-plugins\u002Fprevent-user-name-and-email-leakage\u002F\u003C\u002Fp>\n\u003Ch4>Documentation\u003C\u002Fh4>\n\u003Ch4>Contribute\u003C\u002Fh4>\n\u003Cp>Pull Requests, bug reports and\u002For enhancement suggestions are welcome at https:\u002F\u002Fgithub.com\u002FcalmPress\u002FAuthors-as-taxonomy\u003C\u002Fp>\n","Stops user name enumeration and other type of user name and email leakages.",1174,"2018-04-22T19:19:00.000Z","4.9.29","4.5",[88,19,20,54],"calmpress","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fprevent-user-name-and-email-leakage\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fprevent-user-name-and-email-leakage.1.0.0.zip",{"slug":92,"name":93,"version":94,"author":95,"author_profile":96,"description":97,"short_description":98,"active_installs":99,"downloaded":100,"rating":101,"num_ratings":102,"last_updated":103,"tested_up_to":68,"requires_at_least":104,"requires_php":105,"tags":106,"homepage":110,"download_link":111,"security_score":112,"vuln_count":48,"unpatched_count":11,"last_vuln_date":113,"fetched_at":27},"user-role-editor","User Role Editor","4.64.6","Vladimir Garagulya","https:\u002F\u002Fprofiles.wordpress.org\u002Fshinephp\u002F","\u003Cp>User Role Editor WordPress plugin allows you to change user roles and capabilities easy.\u003Cbr \u002F>\nJust turn on check boxes of capabilities you wish to add to the selected role and click “Update” button to save your changes. That’s done.\u003Cbr \u002F>\nAdd new roles and customize its capabilities according to your needs, from scratch of as a copy of other existing role.\u003Cbr \u002F>\nUnnecessary self-made role can be deleted if there are no users whom such role is assigned.\u003Cbr \u002F>\nRole assigned every new created user by default may be changed too.\u003Cbr \u002F>\nCapabilities could be assigned on per user basis. Multiple roles could be assigned to user simultaneously.\u003Cbr \u002F>\nYou can add new capabilities and remove unnecessary capabilities which could be left from uninstalled plugins.\u003Cbr \u002F>\nMulti-site support is provided.\u003C\u002Fp>\n\u003Cp>Try it out on your free TasteWP \u003Ca href=\"https:\u002F\u002Fdemo.tastewp.com\u002Fuser-role-editor\" rel=\"nofollow ugc\">test site\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>To read more about ‘User Role Editor’ visit \u003Ca href=\"http:\u002F\u002Fwww.shinephp.com\u002Fuser-role-editor-wordpress-plugin\u002F\" rel=\"nofollow ugc\">this page\u003C\u002Fa> at \u003Ca href=\"http:\u002F\u002Fshinephp.com\" rel=\"nofollow ugc\">shinephp.com\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Do you need more functionality with quality support in a real time? Do you wish to remove advertisements from User Role Editor pages?\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.role-editor.com\" rel=\"nofollow ugc\">Buy Pro version\u003C\u002Fa>.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.role-editor.com\" rel=\"nofollow ugc\">User Role Editor Pro\u003C\u002Fa> includes extra modules:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Block selected admin menu items for role.\u003C\u002Fli>\n\u003Cli>Hide selected front-end menu items for no logged-in visitors, logged-in users, roles.\u003C\u002Fli>\n\u003Cli>Block selected widgets under “Appearance” menu for role.\u003C\u002Fli>\n\u003Cli>Show widgets at front-end for selected roles.\u003C\u002Fli>\n\u003Cli>Block selected meta boxes (dashboard, posts, pages, custom post types) for role.\u003C\u002Fli>\n\u003Cli>“Export\u002FImport” module. You can export user role to the local file and import it to any WordPress site or other sites of the multi-site WordPress network.\u003C\u002Fli>\n\u003Cli>Roles and Users permissions management via Network Admin  for multisite configuration. One click Synchronization to the whole network.\u003C\u002Fli>\n\u003Cli>“Other roles access” module allows to define which other roles user with current role may see at WordPress: dropdown menus, e.g assign role to user editing user profile, etc.\u003C\u002Fli>\n\u003Cli>Manage user access to editing posts\u002Fpages\u002Fcustom post type using posts\u002Fpages, authors, taxonomies ID list.\u003C\u002Fli>\n\u003Cli>Per plugin users access management for plugins activate\u002Fdeactivate operations.\u003C\u002Fli>\n\u003Cli>Per form users access management for Gravity Forms plugin.\u003C\u002Fli>\n\u003Cli>Shortcode to show enclosed content to the users with selected roles only.\u003C\u002Fli>\n\u003Cli>Posts and pages view restrictions for selected roles.\u003C\u002Fli>\n\u003Cli>Admin back-end pages permissions viewer\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Pro version is advertisement free. Premium support is included.\u003C\u002Fp>\n\u003Ch3>Additional Documentation\u003C\u002Fh3>\n\u003Cp>You can find more information about “User Role Editor” plugin at \u003Ca href=\"http:\u002F\u002Fwww.shinephp.com\u002Fuser-role-editor-wordpress-plugin\u002F\" rel=\"nofollow ugc\">this page\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>I am ready to answer on your questions about plugin usage. Use \u003Ca href=\"http:\u002F\u002Fwww.shinephp.com\u002Fuser-role-editor-wordpress-plugin\u002F\" rel=\"nofollow ugc\">plugin page comments\u003C\u002Fa> for that.\u003C\u002Fp>\n","User Role Editor WordPress plugin makes user roles and capabilities changing easy. Edit\u002Fadd\u002Fdelete WordPress user roles and capabilities.",700000,21349734,90,287,"2025-12-02T03:45:00.000Z","4.4","7.3",[107,108,109,20,22],"access","editor","role","https:\u002F\u002Fwww.role-editor.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-role-editor.4.64.6.zip",97,"2024-12-16 19:51:53",{"slug":115,"name":116,"version":117,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":122,"downloaded":123,"rating":124,"num_ratings":125,"last_updated":126,"tested_up_to":127,"requires_at_least":128,"requires_php":16,"tags":129,"homepage":134,"download_link":135,"security_score":25,"vuln_count":136,"unpatched_count":11,"last_vuln_date":137,"fetched_at":27},"aryo-activity-log","Activity Log – Monitor & Record User Changes","2.11.2","Elementor","https:\u002F\u002Fprofiles.wordpress.org\u002Felemntor\u002F","\u003Cp>\u003Cstrong>AN EASY TO USE & FULLY SUPPORTED WORDPRESS ACTIVITY LOG PLUGIN\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Want to monitor and track your WordPress website activity? Find out exactly who does what on your WordPress website with this plugin. Activity Log is like an airplane’s black box that logs every action in the WordPress admin, and lets you see exactly what users are doing on your WordPress website.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>If someone is trying to hack your site\u003C\u002Fli>\n\u003Cli>When a post was published, and who published it\u003C\u002Fli>\n\u003Cli>If a plugin\u002Ftheme was activated\u002Fdeactivated\u003C\u002Fli>\n\u003Cli>Suspicious admin activity\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>It’s so essential; you’ll wonder how you ever managed your website without it. The plugin is also lightning fast and works behind the scenes, so it doesn\\’t affect site and admin performance. For optimal performance, we built the plugin so that it runs on a separate table in the database.\u003C\u002Fp>\n\u003Cp>If you have more than a handful of users, keeping track of who did what is virtually impossible. This plugin solves that issue by tracking what actions were initiated by which users, and displaying it in an easy-to-use and easy-to-filter view on the dashboard of your WordPress site.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>New! Introducing Email Logging\u003C\u002Fstrong> – Capture all emails sent from your WordPress site for streamlined debugging and compliance. Gain better visibility into email communication, aiding both troubleshooting and record-keeping. This is particularly beneficial for WooCommerce stores, allowing you to easily track sent emails alongside other critical site events.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Export to CSV\u003C\u002Fstrong> – Export your Activity Log data records to CSV. Developers can easily add support for custom data formats with our new dedicated Export API.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Data Privacy and GDPR Compliance\u003C\u002Fstrong> – We provide the tools to help you adhere to GDPR compliance standards, including Export\u002FErasure of data via the WordPress Privacy Tools.\u003C\u002Fp>\n\u003Ch3>With the Activity Log you can record:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>WordPress\u003C\u002Fstrong> – Core updates\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Posts\u003C\u002Fstrong> – Created, updated, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Pages\u003C\u002Fstrong> – Created, updated, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Post Type\u003C\u002Fstrong> – Created, updated, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Tags\u003C\u002Fstrong> – Created, updated, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Categories\u003C\u002Fstrong> – Created, updated, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Taxonomies\u003C\u002Fstrong> – Created, updated, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Menus\u003C\u002Fstrong> – Created, updated, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Media\u003C\u002Fstrong> – Created, updated, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Comments\u003C\u002Fstrong> – Created, approved, unapproved, trashed, untrashed, spammed, unspammed, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Users\u003C\u002Fstrong> – Login, logout, login failed, update profile, registered, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Plugins\u003C\u002Fstrong> – Installed, updated, activated, deactivated, changed\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Themes\u003C\u002Fstrong> – Installed, updated, deleted, activated, changed (Editor and Customizer)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Widgets\u003C\u002Fstrong> – Added to sidebar, deleted from sidebar, order widgets\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Setting\u003C\u002Fstrong> – General, writing, reading, discussion, media, permalinks\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Options\u003C\u002Fstrong> – Extended custom settings for 3rd party plugins\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Export\u003C\u002Fstrong> – Exported activity log file\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WooCommerce\u003C\u002Fstrong> – Track products, orders, customers, and more\u003C\u002Fli>\n\u003Cli>\u003Cstrong>bbPress\u003C\u002Fstrong> – Forums, topics, replies, taxonomies, and other actions\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Emails sent from WordPress site\u003C\u002Fstrong> – Sending successful, sending failed\u003C\u002Fli>\n\u003Cli>There’s more, of course, but you get the point…\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For each event recorded by the activity log, the following details are also logged:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Date and time of occurrence\u003C\u002Fli>\n\u003Cli>User and user role responsible for the change\u003C\u002Fli>\n\u003Cli>Source IP address from which the change originated\u003C\u002Fli>\n\u003Cli>Affected object where the change occurred\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The plugin doesn\\’t require any kind of setup; it works right out of the box (just another reason people love it)!\u003C\u002Fp>\n\u003Ch3>Data Storage and Performance Optimization\u003C\u002Fh3>\n\u003Cp>In order to ensure optimal performance of your website, all events and logs data are stored in a dedicated custom table within your WordPress database. This approach significantly reduces the impact on your website’s performance, ensuring seamless operation even during peak traffic periods.\u003C\u002Fp>\n\u003Ch3>Uninstall Clean-up\u003C\u002Fh3>\n\u003Cp>We understand the importance of maintaining a clean and efficient database environment. That’s why our plugin features an uninstall hook that seamlessly removes all traces of its presence from your website when uninstalling. This meticulous clean-up process ensures that your database remains lean and clutter-free even after our plugin has been removed.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>With our optimized data storage, thorough logging, and meticulous clean-up process, you can trust that our plugin will enhance the functionality and security of your WordPress site without compromising its performance.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>What users have to say\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cem>“Its tools, particularly for data privacy and GDPR compliance, make it indispensable for websites operating within European Union boundaries or dealing with EU citizens’ data”\u003C\u002Fem> – \u003Ca href=\"https:\u002F\u002Fblog.hubspot.com\u002Fwebsite\u002F8-best-plugins-tracking-user-activity-wordpress\" rel=\"nofollow ugc\">HubSpot.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cem>“If you’re after a competent WP security audit log plugin with all the basic features you need, Activity Log is it!”\u003C\u002Fem> – \u003Ca href=\"https:\u002F\u002Fwpastra.com\u002Fplugins\u002Fwordpress-activity-log-plugins\u002F\" rel=\"nofollow ugc\">WPAstra.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cem>“Activity Log features a remarkably straightforward dashboard interface, providing administrators with an at-a-glance understanding of site interactions”\u003C\u002Fem> – \u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fwordpress-activity-log\u002F\" rel=\"nofollow ugc\">Malcare.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cem>“Best 10 Free WordPress Plugins of the Month: Keeping tabs on what your users do with their access to the Dashboard”\u003C\u002Fem> – \u003Ca href=\"https:\u002F\u002Fmanagewp.com\u002Fbest-free-wordpress-plugins-july-2014\" rel=\"nofollow ugc\">ManageWP.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cem>“Thanks to this step, we’ve discovered that our site was undergoing a brute force attack”\u003C\u002Fem> – \u003Ca href=\"https:\u002F\u002Fartdriver.com\u002Fblog\u002Fwordpress-site-hacked-solution-time\" rel=\"nofollow ugc\">Artdriver.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cem>“Optimized code – The plugin itself is blazing fast and leaves almost no footprint on the server”\u003C\u002Fem> – \u003Ca href=\"https:\u002F\u002Fwww.freshtechtips.com\u002F2014\u002F01\u002Fbest-audit-trail-plugins-for-wordpress.html\" rel=\"nofollow ugc\">FreshTechTips.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cem>“Activity Log lets you track a huge range of activities. Overall, very easy to use and setup”\u003C\u002Fem> – \u003Ca href=\"https:\u002F\u002Fwww.elegantthemes.com\u002Fblog\u002Ftips-tricks\u002F5-best-ways-to-monitor-wordpress-activity-via-the-dashboard\" rel=\"nofollow ugc\">ElegantThemes.com\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Contributions:\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Would you like to contribute to this plugin?\u003C\u002Fstrong> You’re more than welcome to submit your pull requests on the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fpojome\u002Factivity-log\" rel=\"nofollow ugc\">GitHub repo\u003C\u002Fa>. And, if you have any notes about the code, please open a ticket on the issue tracker.\u003C\u002Fp>\n","This top rated Activity Log plugin helps you monitor & log all changes and actions on your WordPress site, so you can remain secure and organized.",200000,3995902,86,74,"2024-11-12T14:55:00.000Z","6.7.5","6.0",[130,131,132,20,133],"activity-log","audit-log","email-log","user-log","https:\u002F\u002Factivitylog.io\u002F?utm_source=wp-plugins&utm_campaign=plugin-uri&utm_medium=wp-dash","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Faryo-activity-log.2.11.2.zip",9,"2024-11-20 17:10:23",{"attackSurface":139,"codeSignals":162,"taintFlows":169,"riskAssessment":170,"analyzedAt":178},{"hooks":140,"ajaxHandlers":158,"restRoutes":159,"shortcodes":160,"cronEvents":161,"entryPointCount":11,"unprotectedCount":11},[141,147,150,153],{"type":142,"name":143,"callback":144,"file":145,"line":146},"action","init","set_user","surbma-gdpr-multisite-privacy.php",152,{"type":142,"name":143,"callback":148,"file":145,"line":149},"set_privacy",153,{"type":142,"name":143,"callback":151,"file":145,"line":152},"set_caps",154,{"type":154,"name":155,"callback":155,"priority":156,"file":145,"line":157},"filter","map_meta_cap",10,164,[],[],[],[],{"dangerousFunctions":163,"sqlUsage":164,"outputEscaping":166,"fileOperations":11,"externalRequests":11,"nonceChecks":11,"capabilityChecks":11,"bundledLibraries":168},[],{"prepared":11,"raw":11,"locations":165},[],{"escaped":11,"rawEcho":11,"locations":167},[],[],[],{"summary":171,"deductions":172},"The static analysis of surbma-gdpr-multisite-privacy v2.0 indicates a strong security posture with no identified vulnerabilities in the code itself. The plugin has a zero attack surface regarding common entry points like AJAX handlers, REST API routes, and shortcodes. Furthermore, there are no detected dangerous functions, SQL queries without prepared statements, unescaped output, file operations, or external HTTP requests. The absence of nonce and capability checks across these areas, while contributing to a zero attack surface, is a notable observation that warrants further consideration in the context of potential future development or feature additions.\n\nThe vulnerability history for this plugin is entirely clean, with no recorded CVEs of any severity. This suggests a history of secure development or diligent patching by the developers. Coupled with the clean static analysis, this paints a picture of a plugin that is currently very well-maintained from a security perspective.\n\nIn conclusion, based on the provided data, surbma-gdpr-multisite-privacy v2.0 appears to be a highly secure plugin. The lack of any identified code vulnerabilities and a clean vulnerability history are significant strengths. The primary area for potential future concern, though not an immediate risk based on this analysis, is the complete absence of security checks like nonces and capabilities on its potential entry points, which could become a weakness if the plugin's functionality expands without incorporating these standard security measures.",[173,176],{"reason":174,"points":175},"No nonce checks",5,{"reason":177,"points":175},"No capability checks","2026-03-17T06:25:49.262Z",{"wat":180,"direct":185},{"assetPaths":181,"generatorPatterns":182,"scriptPaths":183,"versionParams":184},[],[],[],[],{"cssClasses":186,"htmlComments":187,"htmlAttributes":188,"restEndpoints":189,"jsGlobals":190,"shortcodeOutput":191},[],[],[],[],[],[]]