WP-Safety

UptimeMonster Site Monitor Security & Risk Analysis

wordpress.org/plugins/uptimemonster-site-monitor

Monitor all activities and error logs of your WordPress site with UptimeMonster. Effortlessly simplify website management.

200 active installs v1.0.0 PHP 7.0+ WP 5.6+ Updated Sep 17, 2024
activity-monitorerror-logginghealth-checkissue-trackeruptime-monitoring
92
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is UptimeMonster Site Monitor Safe to Use in 2026?

Generally Safe

Score 92/100

UptimeMonster Site Monitor has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago
Risk Assessment

The uptimemonster-site-monitor plugin version 1.0.0 exhibits a strong security posture based on the provided static analysis and vulnerability history. The absence of dangerous functions, raw SQL queries, unsanitized paths in taint analysis, and 100% output escaping indicates a commitment to secure coding practices. The presence of nonce checks and a relatively small attack surface with no apparent unprotected entry points are further strengths.

However, a key area for concern is the complete lack of capability checks on its AJAX handlers. While nonces provide some protection against CSRF, they do not inherently prevent authenticated users from performing actions they shouldn't be able to. This could lead to privilege escalation or unauthorized actions if an attacker can trick a logged-in user into triggering these AJAX requests. The plugin also makes external HTTP requests, which, while not inherently insecure, could be a vector if the external service is compromised or if the requests are not properly validated or sanitized before use.

The plugin's clean vulnerability history with zero recorded CVEs is highly positive. This suggests that the plugin has either been consistently developed with security in mind or has not been a target for exploitation. While this is a significant strength, it's important to remember that zero vulnerabilities in the past do not guarantee future security, especially given the missing capability checks.

Key Concerns

  • AJAX handlers without capability checks
Vulnerabilities
None known

UptimeMonster Site Monitor Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

UptimeMonster Site Monitor Release Timeline

v1.0.0Current
Code Analysis
Analyzed Mar 16, 2026

UptimeMonster Site Monitor Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
63 escaped
Nonce Checks
6
Capability Checks
0
File Operations
0
External Requests
3
Bundled Libraries
0

Output Escaping

100% escaped63 total outputs
Data Flows · Security
All sanitized

Data Flow Analysis

1 flows
<Dashboard> (includes\Dashboard.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

UptimeMonster Site Monitor Attack Surface

Entry Points2
Unprotected0

AJAX Handlers 2

authwp_ajax_edit-theme-plugin-fileincludes\Monitors\Monitor_Plugins_Activity.php:38
authwp_ajax_edit-theme-plugin-fileincludes\Monitors\Monitor_Themes_Activity.php:55
WordPress Hooks 68
actionrest_api_initincludes\Api\Server.php:47
actionadmin_noticesincludes\Dashboard.php:25
actionadmin_menuincludes\Dashboard.php:26
actionadmin_initincludes\Dashboard.php:27
filterplugin_localeincludes\helpers.php:69
actionadd_attachmentincludes\Monitors\Monitor_Attachment_Activity.php:23
actionedit_attachmentincludes\Monitors\Monitor_Attachment_Activity.php:24
actiondelete_attachmentincludes\Monitors\Monitor_Attachment_Activity.php:25
actionwp_insert_commentincludes\Monitors\Monitor_Comment_Activity.php:24
actionedit_commentincludes\Monitors\Monitor_Comment_Activity.php:25
actiontrash_commentincludes\Monitors\Monitor_Comment_Activity.php:26
actionuntrash_commentincludes\Monitors\Monitor_Comment_Activity.php:27
actionspam_commentincludes\Monitors\Monitor_Comment_Activity.php:28
actionunspam_commentincludes\Monitors\Monitor_Comment_Activity.php:29
actiondelete_commentincludes\Monitors\Monitor_Comment_Activity.php:30
actiontransition_comment_statusincludes\Monitors\Monitor_Comment_Activity.php:31
actiondeprecated_function_runincludes\Monitors\Monitor_Deprecated_Activity.php:33
actiondeprecated_constructor_runincludes\Monitors\Monitor_Deprecated_Activity.php:34
actiondeprecated_argument_runincludes\Monitors\Monitor_Deprecated_Activity.php:35
actiondeprecated_hook_runincludes\Monitors\Monitor_Deprecated_Activity.php:36
actionwp_update_nav_menuincludes\Monitors\Monitor_Nav_Menu_Activity.php:27
actionwp_create_nav_menuincludes\Monitors\Monitor_Nav_Menu_Activity.php:28
actionwp_delete_nav_menuincludes\Monitors\Monitor_Nav_Menu_Activity.php:30
actionadded_optionincludes\Monitors\Monitor_Options_Activity.php:27
actionupdated_optionincludes\Monitors\Monitor_Options_Activity.php:28
actiondeleted_optionincludes\Monitors\Monitor_Options_Activity.php:29
actionactivated_pluginincludes\Monitors\Monitor_Plugins_Activity.php:30
actiondeactivated_pluginincludes\Monitors\Monitor_Plugins_Activity.php:31
actiondelete_pluginincludes\Monitors\Monitor_Plugins_Activity.php:33
actiondeleted_pluginincludes\Monitors\Monitor_Plugins_Activity.php:34
actionupgrader_process_completeincludes\Monitors\Monitor_Plugins_Activity.php:35
filterwp_redirectincludes\Monitors\Monitor_Plugins_Activity.php:39
actiontransition_post_statusincludes\Monitors\Monitor_Posts_Activity.php:29
actionpost_updatedincludes\Monitors\Monitor_Posts_Activity.php:30
actiondelete_postincludes\Monitors\Monitor_Posts_Activity.php:31
actionuptimemonster_site_monitor_api_updatedincludes\Monitors\Monitor_Self_Activation_Activity.php:28
actionuptimemonster_site_monitor_activationincludes\Monitors\Monitor_Self_Activation_Activity.php:29
actionuptimemonster_error_logger_installedincludes\Monitors\Monitor_Self_Activation_Activity.php:31
actionuptimemonster_error_logger_uninstalledincludes\Monitors\Monitor_Self_Activation_Activity.php:32
actionwp_loginincludes\Monitors\Monitor_Session_Activity.php:27
actionwp_login_failedincludes\Monitors\Monitor_Session_Activity.php:28
actionclear_auth_cookieincludes\Monitors\Monitor_Session_Activity.php:29
actioncreated_termincludes\Monitors\Monitor_Taxonomy_Terms_Activity.php:30
actionedited_termincludes\Monitors\Monitor_Taxonomy_Terms_Activity.php:31
actiondelete_termincludes\Monitors\Monitor_Taxonomy_Terms_Activity.php:32
actionswitch_themeincludes\Monitors\Monitor_Themes_Activity.php:38
actiondelete_themeincludes\Monitors\Monitor_Themes_Activity.php:41
actiondeleted_themeincludes\Monitors\Monitor_Themes_Activity.php:42
actiondelete_site_transient_update_themesincludes\Monitors\Monitor_Themes_Activity.php:44
actionupdate_site_option_allowedthemesincludes\Monitors\Monitor_Themes_Activity.php:47
actionupgrader_process_completeincludes\Monitors\Monitor_Themes_Activity.php:49
actioncustomize_saveincludes\Monitors\Monitor_Themes_Activity.php:52
filterwp_redirectincludes\Monitors\Monitor_Themes_Activity.php:56
actionuser_registerincludes\Monitors\Monitor_Users_Activity.php:29
actionprofile_updateincludes\Monitors\Monitor_Users_Activity.php:30
actiondeleted_userincludes\Monitors\Monitor_Users_Activity.php:31
actionmake_spam_userincludes\Monitors\Monitor_Users_Activity.php:33
actionmake_ham_userincludes\Monitors\Monitor_Users_Activity.php:34
filterwidget_update_callbackincludes\Monitors\Monitor_Widgets_Activity.php:39
actionsidebar_admin_setupincludes\Monitors\Monitor_Widgets_Activity.php:40
actionadmin_headincludes\Monitors\Monitor_WP_Core_Update_Activity.php:26
actionwp_maybe_auto_updateincludes\Monitors\Monitor_WP_Core_Update_Activity.php:27
action_core_updated_successfullyincludes\Monitors\Monitor_WP_Core_Update_Activity.php:28
actionexport_wpincludes\Monitors\Monitor_WP_Export_Content_Activity.php:25
actionplugins_loadedincludes\UptimeMonster_Site_Monitor.php:49
actioninitincludes\UptimeMonster_Site_Monitor.php:58
actionadmin_noticesuptimemonster-site-monitor.php:93
actionbefore_woocommerce_inituptimemonster-site-monitor.php:112
Maintenance & Trust

UptimeMonster Site Monitor Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5
Last updatedSep 17, 2024
PHP min version7.0
Downloads1K

Community Trust

Rating0/100
Number of ratings0
Active installs200
Alternatives

UptimeMonster Site Monitor Alternatives

Health Check & Troubleshooting

Health Check & Troubleshooting

health-check

C
57

Health Check identifies common problems, and helps you troubleshoot plugin and theme conflicts.

300K 1 unpatched
Health Endpoint

Health Endpoint

health-endpoint

A
92

Creates a /health endpoint that returns a 200 OK HTTP status code while WordPress is performing correctly.

3K No CVEs
Check Conflicts

Check Conflicts

check-conflicts

A
85

The plugin allows you to disable/enable plugins and/or activate a default theme for checking conflict between them only for your IP; other users won&# &hellip;

1K No CVEs
Site Health Tools

Site Health Tools

site-health-tools

A
100

Introduces additional common tools to the Site Health interface.

200 No CVEs
Troubleshooting

Troubleshooting

troubleshooting

A
100

Provides a Troubleshooting Mode to help with support and debugging.

100 No CVEs
Developer Profile

UptimeMonster Site Monitor Developer Profile

UptimeMonster

1 plugin · 200 total installs

88
trust score
Avg Security Score
92/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect UptimeMonster Site Monitor

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/uptimemonster-site-monitor/includes/helpers.php/wp-content/plugins/uptimemonster-site-monitor/vendor/autoload.php
Version Parameters
uptimemonster-site-monitor/includes/helpers.php?ver=uptimemonster-site-monitor/vendor/autoload.php?ver=

HTML / DOM Fingerprints

HTML Comments
<!-- End of file fatal-error-handler.php --><!-- Copyright (C) 2024 UptimeMonster -->
Data Attributes
data-version="1.0.0"
FAQ

Frequently Asked Questions about UptimeMonster Site Monitor