[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$ffrogoT12sESivTYbenWo8i538Q0E-wqPuIXic6BiCBo":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":49,"crawl_stats":38,"alternatives":56,"analysis":136,"fingerprints":334},"when-last-login","When Last Login","1.2.3","Andrew Lima","https:\u002F\u002Fprofiles.wordpress.org\u002Fandrewza\u002F","\u003Cp>A lightweight plugin that allows you to see active users according to their last login time\u002Fdate. No need to configure, simply activate When Last and you’re ready to go! This adds a custom column to your WordPress users list of “Last Login” and a timestamp linked to that user.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Show when last a user has logged into your site.\u003C\u002Fli>\n\u003Cli>Sorts users according to last login time stamp (Ascending\u002FDescending) in the WordPress user list.\u003C\u002Fli>\n\u003Cli>Administrator widget for top 3 users according to login count.\u003C\u002Fli>\n\u003Cli>Integrates with Paid Memberships Pro  1.8+ – Add’s a ‘Last Logged In’ column to the ‘Members List’.\u003C\u002Fli>\n\u003Cli>Generates a login history table under ‘When Last Login’ > ‘All Login Records’. \u003C\u002Fli>\n\u003Cli>Hooks and filters for developers.\u003C\u002Fli>\n\u003Cli>Record the user’s last IP address when logging into your WordPress website (Optional Setting).\u003C\u002Fli>\n\u003Cli>A variety of \u003Ca href=\"https:\u002F\u002Fyoohooplugins.com\u002Fplugins\u002F?utm_source=plugin&utm_medium=wordpress&utm_campaign=premium_addons\" rel=\"nofollow ugc\">Premium\u003C\u002Fa> and Free add-ons available. \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Free Add-ons\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwhen-last-login-welcome-email-add-on\u002F\" rel=\"ugc\">When Last Login – Welcome Email\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwhen-last-login-export-user-records\u002F\" rel=\"ugc\">When Last Login – Export User Records\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Premium Add-ons\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fyoohooplugins.com\u002Fplugins\u002Fwhen-last-login-slack-notifications\u002F?utm_source=plugin&utm_medium=wordpress&utm_campaign=slack_notifications\" rel=\"nofollow ugc\">When Last Login – Slack Notifications\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fyoohooplugins.com\u002Fplugins\u002Fwhen-last-login-user-statistics\u002F?utm_source=plugin&utm_medium=wordpress&utm_campaign=user_statistics\" rel=\"nofollow ugc\">When Last Login – User Statistics\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fyoohooplugins.com\u002Fplugins\u002Fzapier-integration\u002F?utm_source=plugin&utm_medium=wordpress&utm_campaign=zapier_integration\" rel=\"nofollow ugc\">When Last Login – Zapier Integration\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>When Last Login in your Language\u003C\u002Fh4>\n\u003Cp>We need your help to translate When Last Login into your locale. To translate When Last Login, simply visit \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fwhen-last-login\" rel=\"nofollow ugc\">https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fwhen-last-login\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Track Your Members Better\u003C\u002Fh4>\n\u003Cp>You are able to track which members login to your site by simply sorting your default user’s list according to when last the user was seen in easily readable text such as “X Min\u002FHours\u002FDays\u002FWeeks\u002FMonths\u002FYears”.\u003C\u002Fp>\n\u003Ch4>Plugins that When Last Login integrates with\u003C\u002Fh4>\n\u003Cp>Here is a list of plugins we currently support:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.paidmembershipspro.com\u002F\" rel=\"nofollow ugc\">Paid Memberships Pro\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftwo-factor\u002F\" rel=\"ugc\">Two Factor Authentication\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you have a plugin and would like to integrate with When Last Login, please open a support thread.\u003C\u002Fp>\n\u003Ch4>Need Help\u003C\u002Fh4>\n\u003Cp>Something not working as intended or have a question about functionality of When Last Login. \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fwhen-last-login\" rel=\"ugc\">Open a support thread\u003C\u002Fa>\u003C\u002Fp>\n","Show a users last login date by creating a sortable column in your WordPress users list.",50000,184463,94,36,"2025-12-03T08:51:00.000Z","6.9.4","5.0","7.4",[20,21,22,23,24],"last-logged-in","last-login","last-seen","user-login","user-login-time","https:\u002F\u002Fwhenlastlogin.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwhen-last-login.1.2.3.zip",100,1,0,"2023-03-01 00:00:00","2026-03-15T15:16:48.613Z",[33],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2023-27461","when-last-login-cross-site-request-forgery-via-wllhidesubscriptionnotice","When Last Login \u003C= 1.2.1 - Cross-Site Request Forgery via wll_hide_subscription_notice","The When Last Login plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.1. This is due to missing or incorrect nonce validation on the wll_hide_subscription_notice function. This makes it possible for unauthenticated attackers to hide plugin notices in the dashboard via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",null,"\u003C=1.2.1","1.2.2","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2024-01-22 19:56:02",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F81638472-b635-4100-8fb9-3daf35fa172e?source=api-prod",328,{"slug":50,"display_name":7,"profile_url":8,"plugin_count":51,"total_installs":52,"avg_security_score":13,"avg_patch_time_days":53,"trust_score":54,"computed_at":55},"andrewza",7,66050,388,75,"2026-04-03T20:54:59.439Z",[57,74,89,105,124],{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":29,"downloaded":65,"rating":29,"num_ratings":29,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":69,"tags":70,"homepage":71,"download_link":72,"security_score":73,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"last-login-time","Last Login Time","1.0.0","Sahil Gulati","https:\u002F\u002Fprofiles.wordpress.org\u002Fsgsoftwaresolutions\u002F","\u003Cp>A lightweight plugin that allows you to see active users according to their last login time\u002Fdate. No need to configure, simply activate the Last Login Time and you’re ready to go! This adds a custom column to your WordPress users list of “Last Login” and a timestamp linked to that user.\u003C\u002Fp>\n\u003Cp>Feature:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Show when last a user has logged into your site.\u003C\u002Fli>\n\u003Cli>Sorts users according to the last login timestamp (Ascending\u002FDescending) in the WordPress user list.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Arbitrary section\u003C\u002Fh3>\n\u003Ch3>A brief Markdown Example\u003C\u002Fh3>\n","A lightweight plugin that allows you to see active users according to their last login time\u002Fdate.",2521,"2022-02-08T11:49:00.000Z","5.9.13","4.5.0","",[20,21,22,23,24],"https:\u002F\u002Fwww.facebook.com\u002Fsgsoftwaresolutions.in","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flast-login-time.zip",85,{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":10,"active_installs":29,"downloaded":81,"rating":29,"num_ratings":29,"last_updated":82,"tested_up_to":83,"requires_at_least":84,"requires_php":85,"tags":86,"homepage":87,"download_link":88,"security_score":73,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"user-login-plus","User Login Plus","1.1","appally","https:\u002F\u002Fprofiles.wordpress.org\u002Fappally\u002F","\u003Cp>A lightweight plugin that allows you to see active users according to their last login time\u002Fdate. No need to configure, simply activate When Last and you’re ready to go! This adds a custom column to your WordPress users list of “Last Login” and a timestamp linked to that user. When Last also integrates with other plugins and now offers some more features.\u003C\u002Fp>\n",1054,"2017-12-30T16:45:00.000Z","4.9.29","4.0","5.6",[20,21,22,23,24],"http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fuser-login-log\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-login-plus.zip",{"slug":90,"name":91,"version":77,"author":92,"author_profile":93,"description":94,"short_description":95,"active_installs":29,"downloaded":96,"rating":29,"num_ratings":29,"last_updated":69,"tested_up_to":97,"requires_at_least":69,"requires_php":69,"tags":98,"homepage":102,"download_link":103,"security_score":27,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":104},"last-login-on-dashboard","Check your Last Login","Sachin Mishra","https:\u002F\u002Fprofiles.wordpress.org\u002Fsachinatzenith\u002F","\u003Cp>A plugin for admin use, which allows users to check their last login activity in their dashboard.\u003C\u002Fp>\n\u003Cp>No settings required, a Widget wrap with title “Last Login Details” will be displayed on your dashboard. Simply activate and check the last login record from your next logins. No extra scripts, no heavy load on database. No other activity trackings are included.\u003C\u002Fp>\n","The ideal plugin to check your last login ip and time for his account security. Extra details like browser and operating system.",1087,"6.7.5",[99,22,23,100,101],"check-last-login","user-login-time-ago","wordpress-check-last-login-plugin","https:\u002F\u002Fwww.linkedin.com\u002Fin\u002Fmishrasachin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flast-login-on-dashboard.zip","2026-03-15T10:48:56.248Z",{"slug":106,"name":107,"version":108,"author":109,"author_profile":110,"description":111,"short_description":112,"active_installs":113,"downloaded":114,"rating":115,"num_ratings":116,"last_updated":117,"tested_up_to":16,"requires_at_least":84,"requires_php":118,"tags":119,"homepage":69,"download_link":123,"security_score":27,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"wp-force-logout","WPForce Logout – WordPress User Login Logout Management Plugin","2.3.0","Sanjeev Aryal","https:\u002F\u002Fprofiles.wordpress.org\u002Fsanzeeb3\u002F","\u003Cp>WPForce Logout allows administrators to log out all or selected users with a single click, enhancing the security of user accounts. It helps protect against brute force attacks and allows you to manage compromised accounts by forcing logout.\u003C\u002Fp>\n\u003Cp>If you need to work on your WordPress website without any users being logged in, this plugin allows you to force all user accounts to be logged out. Additionally, if you suspect that your WordPress site is hacked, forcing logout will help you secure your site. This plugin is also useful for membership or pay-per-view sites to prevent password sharing among users.\u003C\u002Fp>\n\u003Cp>You can easily view online\u002Foffline users, last login activity from the users tab.\u003C\u002Fp>\n\u003Ch3>Features:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Force Logout All Users\u003C\u002Fli>\n\u003Cli>Logout Specific User(s)\u003C\u002Fli>\n\u003Cli>Bulk Logout Users\u003C\u002Fli>\n\u003Cli>View Online Users\u003C\u002Fli>\n\u003Cli>Last Login Activity Tracking\u003C\u002Fli>\n\u003Cli>Idle User Logout [PRO]\u003C\u002Fli>\n\u003Cli>Auto logout on browser close [PRO]\u003C\u002Fli>\n\u003Cli>Session expiration [PRO]\u003C\u002Fli>\n\u003Cli>Logout redirect [PRO]\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fminiplugins.com\u002Fwp-force-logout\u002F\" rel=\"nofollow ugc\">Upgrade to PRO\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>What’s Next?\u003C\u002Fh3>\n\u003Cp>If you like WPForce Logout, then consider checking out my other projects:\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fminiplugins.com\u002Fwp-frontend-delete-account\u002F\" rel=\"nofollow ugc\">WP Frontend Delete Account\u003C\u002Fa> – Allows your customers to delete their account by themselves.\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fminiplugins.com\u002Fwoocommerce-auto-delete-old-orders\u002F\" rel=\"nofollow ugc\">WooCommerce Auto Delete Old Orders\u003C\u002Fa> – Automatically delete old WooCommerce orders.\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fminiplugins.com\u002Fwc-auto-delete-users-with-no-orders\u002F\" rel=\"nofollow ugc\">WooCommerce Auto Delete Users With No Orders\u003C\u002Fa> – Automatically delete users with no purchase history.\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fminiplugins.com\u002Fcustomer-journey-for-woocommerce\u002F\" rel=\"nofollow ugc\">WooCommerce Customer Journey\u003C\u002Fa> – Displays every step of the customer until the order of the product in the orders page.\u003C\u002Fp>\n","Forcefully log out users from your WordPress site, manage online status, and track last login activity.",8000,159227,96,66,"2025-12-18T07:59:00.000Z","7.0",[120,21,22,121,122],"force","logout","online-status","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-force-logout.2.3.0.zip",{"slug":125,"name":126,"version":77,"author":7,"author_profile":8,"description":127,"short_description":128,"active_installs":129,"downloaded":130,"rating":29,"num_ratings":29,"last_updated":131,"tested_up_to":16,"requires_at_least":17,"requires_php":69,"tags":132,"homepage":69,"download_link":135,"security_score":27,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"when-last-login-export-user-records","When Last Login – Export User Records","\u003Cp>An add-on to When Last Login which allows you to export all user login records into a CSV or JSON file. Get meaningful data at the click of a button.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Export user login records into a CSV file\u003C\u002Fli>\n\u003Cli>Export user login records into a JSON file\u003C\u002Fli>\n\u003Cli>Export user records with most recent login time into a CSV file\u003C\u002Fli>\n\u003Cli>Export user records with most recent login time into a JSON file\u003C\u002Fli>\n\u003C\u002Ful>\n","Export your user's login records into a CSV or JSON file in seconds.",600,7071,"2026-02-03T07:44:00.000Z",[133,21,134,4],"export-user-login-records","user-login-records","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwhen-last-login-export-user-records.1.1.zip",{"attackSurface":137,"codeSignals":273,"taintFlows":325,"riskAssessment":326,"analyzedAt":333},{"hooks":138,"ajaxHandlers":264,"restRoutes":270,"shortcodes":271,"cronEvents":272,"entryPointCount":28,"unprotectedCount":29},[139,146,151,155,157,161,165,170,174,177,181,185,189,194,198,202,206,210,214,219,223,226,230,234,238,241,244,247,250,253,256,258,260,262],{"type":140,"name":141,"callback":142,"priority":143,"file":144,"line":145},"action","admin_init","wll_add_suggested_privacy_content",20,"includes\\privacy-policy.php",45,{"type":147,"name":148,"callback":149,"file":144,"line":150},"filter","wp_privacy_personal_data_exporters","wll_register_exporters",58,{"type":147,"name":152,"callback":153,"file":144,"line":154},"wp_privacy_personal_data_erasers","plugin_register_erasers",127,{"type":140,"name":141,"callback":141,"file":156,"line":14},"when-last-login.php",{"type":140,"name":158,"callback":159,"file":156,"line":160},"plugins_loaded","text_domain",37,{"type":140,"name":162,"callback":163,"file":156,"line":164},"admin_enqueue_scripts","load_js_for_notice",38,{"type":140,"name":166,"callback":167,"priority":168,"file":156,"line":169},"wp_login","last_login",10,41,{"type":140,"name":171,"callback":172,"priority":168,"file":156,"line":173},"user_register","wll_user_register",42,{"type":140,"name":175,"callback":175,"priority":168,"file":156,"line":176},"two_factor_user_authenticated",43,{"type":140,"name":178,"callback":179,"file":156,"line":180},"wp_dashboard_setup","admin_dashboard_widget",46,{"type":140,"name":182,"callback":183,"file":156,"line":184},"admin_notices","update_notice",47,{"type":147,"name":186,"callback":187,"priority":168,"file":156,"line":188},"manage_users_columns","column_header",52,{"type":140,"name":190,"callback":191,"priority":192,"file":156,"line":193},"manage_users_custom_column","column_data",15,53,{"type":147,"name":195,"callback":196,"file":156,"line":197},"manage_users_sortable_columns","column_sortable",54,{"type":140,"name":199,"callback":200,"file":156,"line":201},"pre_get_users","sort_by_login_date",55,{"type":140,"name":203,"callback":204,"file":156,"line":205},"pmpro_memberslist_extra_cols_header","pmpro_memberlist_add_header",59,{"type":140,"name":207,"callback":208,"file":156,"line":209},"pmpro_memberslist_extra_cols_body","pmpro_memberlist_add_column_data",60,{"type":140,"name":211,"callback":212,"file":156,"line":213},"init","login_record_cp",61,{"type":140,"name":215,"callback":216,"priority":217,"file":156,"line":218},"admin_menu","wll_settings_page",9,63,{"type":140,"name":220,"callback":221,"file":156,"line":222},"admin_head","wll_settings_page_head",64,{"type":140,"name":141,"callback":224,"file":156,"line":225},"wll_automatically_remove_logs",65,{"type":147,"name":227,"callback":228,"priority":168,"file":156,"line":229},"plugin_row_meta","wll_plugin_row_meta",67,{"type":147,"name":231,"callback":232,"priority":168,"file":156,"line":233},"manage_wll_records_posts_columns","wll_records_columns",70,{"type":140,"name":235,"callback":236,"priority":168,"file":156,"line":237},"manage_wll_records_posts_custom_column","wll_records_column_contents",71,{"type":140,"name":239,"callback":179,"file":156,"line":240},"wp_network_dashboard_setup",76,{"type":147,"name":242,"callback":187,"priority":168,"file":156,"line":243},"wpmu_users_columns",77,{"type":140,"name":245,"callback":191,"priority":192,"file":156,"line":246},"wpmu_users_custom_column",78,{"type":140,"name":182,"callback":248,"file":156,"line":249},"wll_admin_notices",568,{"type":140,"name":182,"callback":251,"file":156,"line":252},"wll_remove_records_notice__success",627,{"type":140,"name":182,"callback":254,"file":156,"line":255},"wll_remove_records_notice__warning",629,{"type":140,"name":182,"callback":251,"file":156,"line":257},646,{"type":140,"name":182,"callback":254,"file":156,"line":259},648,{"type":140,"name":182,"callback":251,"file":156,"line":261},663,{"type":140,"name":182,"callback":254,"file":156,"line":263},665,[265],{"action":266,"nopriv":267,"callback":266,"hasNonce":268,"hasCapCheck":267,"file":156,"line":269},"wll_hide_subscription_notice",false,true,49,[],[],[],{"dangerousFunctions":274,"sqlUsage":275,"outputEscaping":277,"fileOperations":29,"externalRequests":28,"nonceChecks":322,"capabilityChecks":323,"bundledLibraries":324},[],{"prepared":217,"raw":29,"locations":276},[],{"escaped":278,"rawEcho":279,"locations":280},25,22,[281,285,287,288,290,291,292,293,294,296,298,300,302,304,306,308,310,312,314,316,318,320],{"file":282,"line":283,"context":284},"includes\\settings\\add-ons.php",29,"raw output",{"file":286,"line":173,"context":284},"includes\\settings\\general.php",{"file":286,"line":176,"context":284},{"file":286,"line":289,"context":284},48,{"file":286,"line":269,"context":284},{"file":286,"line":197,"context":284},{"file":286,"line":201,"context":284},{"file":286,"line":240,"context":284},{"file":295,"line":160,"context":284},"includes\\settings.php",{"file":156,"line":297,"context":284},367,{"file":156,"line":299,"context":284},368,{"file":156,"line":301,"context":284},374,{"file":156,"line":303,"context":284},384,{"file":156,"line":305,"context":284},387,{"file":156,"line":307,"context":284},416,{"file":156,"line":309,"context":284},417,{"file":156,"line":311,"context":284},418,{"file":156,"line":313,"context":284},424,{"file":156,"line":315,"context":284},432,{"file":156,"line":317,"context":284},435,{"file":156,"line":319,"context":284},525,{"file":156,"line":321,"context":284},686,5,2,[],[],{"summary":327,"deductions":328},"The 'when-last-login' plugin v1.2.3 exhibits a generally positive security posture with several strong practices in place. The complete absence of critical or high-severity taint flows, along with the use of prepared statements for all SQL queries, indicates a good understanding of secure coding principles. Furthermore, the limited attack surface, with only one AJAX handler and no REST API routes, shortcodes, or cron events, minimizes potential entry points for attackers.  The presence of nonce and capability checks on the existing AJAX handler is also a commendable security measure.\n\nHowever, a significant concern arises from the plugin's vulnerability history. The presence of one medium-severity CVE, even if currently patched, suggests a past weakness. While the current version might be clean, it highlights a potential for vulnerabilities to emerge in the plugin's codebase. The 53% rate of proper output escaping is another area for improvement; while not critically low, it leaves room for potential cross-site scripting (XSS) vulnerabilities if untrusted data is directly output without sufficient sanitization in the remaining 47% of cases. The single external HTTP request also warrants careful monitoring to ensure it doesn't become a vector for further attacks.\n\nIn conclusion, 'when-last-login' v1.2.3 has commendable strengths in its limited attack surface and secure database interaction. However, the past medium-severity vulnerability and the moderate output escaping rate present areas that require attention. While the plugin is not currently flagged with critical issues based on the provided data, ongoing vigilance and potential code review for the unescaped outputs would be prudent for maintaining a robust security profile.",[329,331],{"reason":330,"points":168},"Medium severity CVE history",{"reason":332,"points":322},"Moderate output escaping (53% proper)","2026-03-16T17:17:18.179Z",{"wat":335,"direct":344},{"assetPaths":336,"generatorPatterns":339,"scriptPaths":340,"versionParams":342},[337,338],"\u002Fwp-content\u002Fplugins\u002Fwhen-last-login\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Fwhen-last-login\u002Fjs\u002Fnotice-update.js",[],[341],"js\u002Fnotice-update.js",[343],"when-last-login\u002Fjs\u002Fnotice-update.js?ver=1.0",{"cssClasses":345,"htmlComments":347,"htmlAttributes":348,"restEndpoints":349,"jsGlobals":350,"shortcodeOutput":352},[346],"wll-update-notice-newsletter",[],[],[],[351],"wll_notice_update",[]]