[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fDmY8a_NfqHjViaBE2FUev7wyyj5Od-sDjdfp4yYlpZY":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":38,"analysis":133,"fingerprints":405},"wp-auto-updater","WP Auto Updater","1.7.3","thingsym","https:\u002F\u002Fprofiles.wordpress.org\u002Fthingsym\u002F","\u003Cp>WP Auto Updater plugin enables automatic updates of WordPress Core, Themes, Plugins and Translations. Version control of WordPress Core makes automatic update more safely.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Automatically update WordPress Core\u003C\u002Fli>\n\u003Cli>Automatically updates Themes, Plugins and Translations\u003C\u002Fli>\n\u003Cli>Set up a schedule automatic updates\u003C\u002Fli>\n\u003Cli>Disable automatic updating of each Themes and Plugins\u003C\u002Fli>\n\u003Cli>Record update history\u003C\u002Fli>\n\u003Cli>Update notification\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Important\u003C\u002Fstrong>: before updating, please back up your database and files.\u003C\u002Fp>\n\u003Ch4>Auto Update Scenario\u003C\u002Fh4>\n\u003Cp>First of all, we will make an \u003Cstrong>Auto Update Scenario\u003C\u002Fstrong> which decide the policy of WordPress automatic updates.\u003C\u002Fp>\n\u003Cp>You can choose from the following five automatic updates of WordPress Core.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Minor Version Update\u003C\u002Fli>\n\u003Cli>Major Version Update\u003C\u002Fli>\n\u003Cli>Minor Only Version Update\u003C\u002Fli>\n\u003Cli>Previous Generation Version Update\u003C\u002Fli>\n\u003Cli>Manual Update\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Minor Version Update\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Minor Version Update\u003C\u002Fstrong> enable minor updates. Minor updates is default behavior in WordPress for security updates. The transition of the version number is as follows: update from 4.8 to 4.8.1, 4.8.2 …\u003C\u002Fp>\n\u003Ch4>Major Version Update\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Major Version Update\u003C\u002Fstrong> enable major updates. The transition of the version number is as follows: update from 4.7 to 4.8, 4.9 …\u003C\u002Fp>\n\u003Ch4>Minor Only Version Update\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Minor Only Version Update\u003C\u002Fstrong> enable major updates and minor updates \u003Cstrong>except version x.y.0\u003C\u002Fstrong>. It make sense to take a “skip” approach to avoid introducing new vulnerabilities into the latest major version release.\u003C\u002Fp>\n\u003Cp>Update the WordPress Core version (eg. x.y.1 or later) with security fixed. Not automatically update the latest major version of x.y.0. The transition of the version number is as follows: update from 4.7.z to 4.8.z, 4.9.z … skiped 4.7.0, 4.8.0, 4.9.0 …\u003C\u002Fp>\n\u003Ch4>Previous Generation Version Update\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Previous Generation Version Update\u003C\u002Fstrong> enable major updates and minor updates \u003Cstrong>except the latest major version\u003C\u002Fstrong>. It make sense to take a “wait and see” approach to ensure the latest major version release is stable before.\u003C\u002Fp>\n\u003Cp>With the installed WordPress Core version as 4.6.z. If the latest WordPress Core version released to 4.8.0, automatically update it to version 4.7.z. It will be always automatically updated to the previous generation WordPress Core version with probably security fixed.\u003C\u002Fp>\n\u003Ch4>Manual Update\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Manual Update\u003C\u002Fstrong> disable automatic updates. You update WordPress Core manually on the Dashboard Updates Screen.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Automatic updates\u003C\u002Fstrong> and \u003Cstrong>manual updates\u003C\u002Fstrong> are available for themes, plugins and Translations.\u003Cbr \u002F>\nIt is also possible to disable automatic updating of each Themes and Plugins.\u003C\u002Fp>\n\u003Ch4>Scheduled automatic updates\u003C\u002Fh4>\n\u003Cp>Next we will set up a schedule for automatic updates.\u003Cbr \u002F>\nThe update interval can be selected from the following four.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Twice Daily (12 hours interval)\u003C\u002Fli>\n\u003Cli>Daily\u003C\u002Fli>\n\u003Cli>Weekly\u003C\u002Fli>\n\u003Cli>Monthly\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can also set the day, the day of the week, the hour and the minute of the Update Date.\u003C\u002Fp>\n\u003Cp>At the time of automatic update, Automatically updates WordPress Core, Themes, Plugins and Translations to be updated.\u003C\u002Fp>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>If you have any trouble, you can use the forums or report bugs.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Forum: \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fwp-auto-updater\u002F\" rel=\"ugc\">https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fwp-auto-updater\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Issues: \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fthingsym\u002Fwp-auto-updater\u002Fissues\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Fthingsym\u002Fwp-auto-updater\u002Fissues\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Contribution\u003C\u002Fh4>\n\u003Cp>Small patches and bug reports can be submitted a issue tracker in Github. Forking on Github is another good way. You can send a pull request.\u003C\u002Fp>\n\u003Cp>Translating a plugin takes a lot of time, effort, and patience. I really appreciate the hard work from these contributors.\u003C\u002Fp>\n\u003Cp>If you have created or updated your own language pack, you can send gettext PO and MO files to author. I can bundle it into plugin.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fthingsym\u002Fwp-auto-updater\" rel=\"nofollow ugc\">VCS – GitHub\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-auto-updater\u002F\" rel=\"ugc\">Homepage – WordPress Plugin\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fwp-auto-updater\" rel=\"nofollow ugc\">Translate WP Auto Updater into your language.\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can also contribute by answering issues on the forums.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Forum: \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fwp-auto-updater\u002F\" rel=\"ugc\">https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fwp-auto-updater\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Issues: \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fthingsym\u002Fwp-auto-updater\u002Fissues\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Fthingsym\u002Fwp-auto-updater\u002Fissues\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Contribute guidlines\u003C\u002Fh4>\n\u003Cp>If you would like to contribute, here are some notes and guidlines.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>All development happens on the \u003Cstrong>develop\u003C\u002Fstrong> branch, so it is always the most up-to-date\u003C\u002Fli>\n\u003Cli>The \u003Cstrong>master\u003C\u002Fstrong> branch only contains tagged releases\u003C\u002Fli>\n\u003Cli>If you are going to be submitting a pull request, please submit your pull request to the \u003Cstrong>develop\u003C\u002Fstrong> branch\u003C\u002Fli>\n\u003Cli>See about \u003Ca href=\"https:\u002F\u002Fhelp.github.com\u002Farticles\u002Ffork-a-repo\u002F\" rel=\"nofollow ugc\">forking\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fhelp.github.com\u002Farticles\u002Fusing-pull-requests\u002F\" rel=\"nofollow ugc\">pull requests\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Test Matrix\u003C\u002Fh4>\n\u003Cp>For operation compatibility between PHP version and WordPress version, see below \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fthingsym\u002Fwp-auto-updater\u002Factions\" rel=\"nofollow ugc\">Github Actions\u003C\u002Fa>.\u003C\u002Fp>\n","WP Auto Updater plugin enables automatic updates of WordPress Core, Themes, Plugins and Translations. Version control of WordPress Core makes automati &hellip;",7000,111423,92,10,"2024-08-23T07:15:00.000Z","6.6.5","4.9","5.6",[20,21,22,23,24],"auto-update","automatic-updates","background-updates","core-updates","updates","https:\u002F\u002Fgithub.com\u002Fthingsym\u002Fwp-auto-updater","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-auto-updater.1.7.3.zip",0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":34,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},11,38600,93,30,89,"2026-04-04T10:38:38.267Z",[39,61,77,99,115],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":49,"num_ratings":50,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":54,"tags":55,"homepage":58,"download_link":59,"security_score":60,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"wp-automatic-updates","WP Automatic Updates","1.1.6","Ankit Singla","https:\u002F\u002Fprofiles.wordpress.org\u002Faksingla\u002F","\u003Cp>An easy-to-use plugin settings panel where you can set automatic updates on or off for themes, plugins, and core updates from plugin options.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cp>In a matter of few clicks, you will be able to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Set Minor\u002FMajor Core Updates\u003C\u002Fli>\n\u003Cli>Set Plugin Updates\u003C\u002Fli>\n\u003Cli>Set Theme Updates\u003C\u002Fli>\n\u003Cli>Set Translations Updates\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Languages\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>Dutch\u003C\u002Fli>\n\u003Cli>French\u003C\u002Fli>\n\u003C\u002Ful>\n","Configure WordPress automatic updates settings through backend options. Just install, setup and forget.",400,27182,100,2,"2018-08-16T12:22:00.000Z","4.8.28","3.7","",[21,22,23,56,57],"plugin-updates","translation-updates","http:\u002F\u002Fwww.omaksolutions.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-automatic-updates.1.1.6.zip",85,{"slug":20,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":49,"downloaded":68,"rating":27,"num_ratings":27,"last_updated":69,"tested_up_to":70,"requires_at_least":71,"requires_php":72,"tags":73,"homepage":75,"download_link":76,"security_score":49,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"Auto Update","1.0.2","Valeriu Tihai","https:\u002F\u002Fprofiles.wordpress.org\u002Fvaleriutihai\u002F","\u003Cp>Auto Update is built for site owners who want WordPress to stay current without logging in to run updates manually.\u003C\u002Fp>\n\u003Cp>It keeps WordPress core, plugins, and themes updated automatically, which helps reduce maintenance work, apply security fixes sooner, and keep the site closer to the latest stable releases.\u003C\u002Fp>\n\u003Cp>Once activated, it enables both minor and major core updates and allows installed plugins and themes to update in the background.\u003C\u002Fp>\n\u003Cp>There is no settings page. Activate the plugin and let WordPress handle updates automatically.\u003C\u002Fp>\n","Keeps WordPress core, plugins, and themes updated automatically to reduce manual maintenance and improve security.",3683,"2026-03-14T02:42:00.000Z","6.9.4","5.8","7.4",[21,22,23,56,74],"theme-updates","https:\u002F\u002Fstylishwp.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fauto-update.1.0.2.zip",{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":85,"downloaded":86,"rating":87,"num_ratings":88,"last_updated":89,"tested_up_to":90,"requires_at_least":18,"requires_php":72,"tags":91,"homepage":97,"download_link":98,"security_score":49,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"webcraftic-updates-manager","Disable Updates – Updates Manager, Disable Automatic Updates, Disable All Updates","1.3.0","Themeisle","https:\u002F\u002Fprofiles.wordpress.org\u002Fthemeisle\u002F","\u003Cp>Disable Updates is a lightweight updates manager that gives you full control over how and when updates run on your site. You can disable all updates, turn off automatic updates, or manage updates individually for WordPress core, plugins, and themes.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Ch4>Disable Plugin Updates\u003C\u002Fh4>\n\u003Cp>You can disable plugin updates globally or manage them on a per-plugin basis. This allows you to prevent update notifications for all plugins or selectively disable updates only for specific plugins you want to keep unchanged.\u003C\u002Fp>\n\u003Cp>The plugin also lets you disable automatic plugin updates, giving you full control over which plugins update automatically and which ones require manual approval.\u003C\u002Fp>\n\u003Ch4>Disable Theme Updates\u003C\u002Fh4>\n\u003Cp>You can disable theme updates entirely or control them individually for each theme. This is especially useful if you are using custom themes or child themes where updates could overwrite changes.\u003C\u002Fp>\n\u003Cp>You can also disable automatic theme updates or allow automatic updates only for selected themes, depending on your workflow.\u003C\u002Fp>\n\u003Ch4>Disable WordPress Core Updates\u003C\u002Fh4>\n\u003Cp>Take control of WordPress core updates by disabling them completely or managing how they are applied. You can choose to disable all core updates or fine-tune automatic updates by release type.\u003C\u002Fp>\n\u003Cp>Options include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Disable WordPress core updates entirely\u003C\u002Fli>\n\u003Cli>Disable automatic core updates\u003C\u002Fli>\n\u003Cli>Allow automatic updates for major releases\u003C\u002Fli>\n\u003Cli>Allow automatic updates for minor releases\u003C\u002Fli>\n\u003Cli>Allow automatic development updates\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This gives you full control over how WordPress itself updates on your site.\u003C\u002Fp>\n\u003Ch4>Additional Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Disable translation updates\u003C\u002Fli>\n\u003Cli>Hide update notices for all users except admins\u003C\u002Fli>\n\u003Cli>Get email notifications when updates are available or on successful update\u003C\u002Fli>\n\u003Cli>Disable core update notification emails\u003C\u002Fli>\n\u003Cli>Force automatic updates\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>We’re here to help. Feel free to open a new thread on the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fwebcraftic-updates-manager\u002F\" rel=\"ugc\">Support Forum\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Useful Resources\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>If you like this plugin, you’re sure to love \u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002Fwordpress-plugins\u002F\" rel=\"nofollow ugc\">our other plugins\u003C\u002Fa> as well.\u003C\u002Fli>\n\u003Cli>Our blog is a great place to \u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002Fblog\u002F\" rel=\"nofollow ugc\">learn more about WordPress\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Get the most out of your website with our helpful \u003Ca href=\"https:\u002F\u002Fyoutube.com\u002Fplaylist?list=PLmRasCVwuvpSep2MOsIoE0ncO9JE3FcKP\" rel=\"nofollow ugc\">WordPress YouTube Tutorials\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n","Disable updates and automatic updates for WordPress core, plugins, and themes, with the option to disable plugin or theme updates individually.",9000,68184,90,24,"2026-01-12T15:12:00.000Z","6.8.5",[92,93,94,95,96],"disable-automatic-updates","disable-core-updates","disable-plugin-updates","disable-updates","updates-manager","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwebcraftic-updates-manager\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwebcraftic-updates-manager.1.3.0.zip",{"slug":100,"name":101,"version":102,"author":103,"author_profile":104,"description":105,"short_description":106,"active_installs":49,"downloaded":107,"rating":49,"num_ratings":108,"last_updated":109,"tested_up_to":52,"requires_at_least":53,"requires_php":54,"tags":110,"homepage":113,"download_link":114,"security_score":60,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"background-update-notification-email-address","Background Update Notification Email Address","1.1.1","Kanuka Digital","https:\u002F\u002Fprofiles.wordpress.org\u002Fiwebsolutions\u002F","\u003Cp>\u003Cstrong>This plugin changes the email address update notifications are sent to following an automatic background update.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Automatic background updates were introduced in WordPress 3.7. An email notification is sent following the success or failure. The email is sent to the website administrator specified in WordPress under Settings > General. This may not always be the best recipient.\u003C\u002Fp>\n\u003Cp>This plugin is ideal for those who manage WordPress on their clients behalf. The client carries on receiving WordPress emails as before, with automatic background update notifications being redirected to the developers email address specified in this plugins settings.\u003C\u002Fp>\n\u003Cp>We originally \u003Ca href=\"https:\u002F\u002Fwww.iweb.co.uk\u002F2013\u002F10\u002Fchange-wordpress-auto-update-email-address\u002F\" rel=\"nofollow ugc\">published a solution\u003C\u002Fa> following the release of WordPress 3.7.1. This plugin provides a simple interface for setting the email address without having to touch code.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Once installed, navigate to Settings > Update Notifications. From here you can set the email address where background update notifications should be sent to. Background update notifications can be sent to multiple recipients by entering a comma-separated list of email addresses.\u003C\u002Fstrong>\u003C\u002Fp>\n","Change the email address update notifications are sent to following an automatic background update.",3491,3,"2015-12-11T09:44:00.000Z",[111,21,22,112,24],"admin","manage","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbackground-update-notification-email-address\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbackground-update-notification-email-address.1.1.1.zip",{"slug":116,"name":117,"version":118,"author":119,"author_profile":120,"description":121,"short_description":122,"active_installs":27,"downloaded":123,"rating":49,"num_ratings":124,"last_updated":125,"tested_up_to":126,"requires_at_least":127,"requires_php":128,"tags":129,"homepage":54,"download_link":132,"security_score":60,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"automatic-updates-enabled","Automatic Updates Enabled","1.0","Piotr Moćko","https:\u002F\u002Fprofiles.wordpress.org\u002Fpiotrmocko\u002F","\u003Cp>This plugin turns on WordPress auto-updates by default for every plugin installed and activated on your website later then this plugin was activated.\u003C\u002Fp>\n","Enables WordPress automatic updates by default for newly installed and activated plugins",949,1,"2020-07-31T18:55:00.000Z","5.5.18","2.9","5.2",[130,21,131],"auto-updates","plugins-auto-update","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fautomatic-updates-enabled.zip",{"attackSurface":134,"codeSignals":295,"taintFlows":359,"riskAssessment":398,"analyzedAt":404},{"hooks":135,"ajaxHandlers":282,"restRoutes":283,"shortcodes":284,"cronEvents":285,"entryPointCount":27,"unprotectedCount":27},[136,141,145,148,152,157,160,164,168,172,175,179,183,185,189,192,195,198,202,204,207,210,212,214,218,222,226,230,234,238,241,244,248,251,253,255,259,262,265,269,273,276,279],{"type":137,"name":138,"callback":139,"file":140,"line":13},"action","plugins_loaded","init","inc\\class-wp-auto-updater-history.php",{"type":137,"name":142,"callback":143,"file":140,"line":144},"admin_menu","add_option_page",94,{"type":137,"name":138,"callback":146,"file":140,"line":147},"check_table_version",96,{"type":137,"name":149,"callback":150,"file":140,"line":151},"admin_notices","admin_notice",97,{"type":153,"name":154,"callback":155,"priority":14,"file":140,"line":156},"filter","set-screen-option","set_screen_option",113,{"type":137,"name":138,"callback":139,"file":158,"line":159},"inc\\class-wp-auto-updater-notification.php",87,{"type":137,"name":161,"callback":162,"file":158,"line":163},"admin_init","register_settings",88,{"type":137,"name":165,"callback":166,"file":158,"line":167},"wp_loaded","set_update_notification_core",101,{"type":153,"name":169,"callback":170,"priority":14,"file":158,"line":171},"auto_core_update_email","change_core_update_email",102,{"type":137,"name":165,"callback":173,"file":158,"line":174},"disable_theme_and_plugin_update_notification",103,{"type":153,"name":176,"callback":177,"file":158,"line":178},"wp_mail_from","change_mail_from",220,{"type":153,"name":180,"callback":181,"priority":14,"file":158,"line":182},"wp_auto_updater_notification\u002Fwp_mail","change_email",221,{"type":153,"name":176,"callback":177,"file":158,"line":184},288,{"type":153,"name":186,"callback":187,"file":158,"line":188},"auto_core_update_send_email","__return_true",354,{"type":153,"name":186,"callback":190,"file":158,"line":191},"__return_false",357,{"type":153,"name":193,"callback":190,"file":158,"line":194},"auto_theme_update_send_email",371,{"type":153,"name":196,"callback":190,"file":158,"line":197},"auto_plugin_update_send_email",372,{"type":137,"name":138,"callback":199,"file":200,"line":201},"load_textdomain","inc\\class-wp-auto-updater.php",135,{"type":137,"name":138,"callback":139,"file":200,"line":203},136,{"type":137,"name":165,"callback":205,"file":200,"line":206},"auto_update",137,{"type":137,"name":138,"callback":208,"file":200,"line":209},"load_plugin_data",139,{"type":137,"name":161,"callback":162,"file":200,"line":211},141,{"type":137,"name":142,"callback":143,"file":200,"line":213},142,{"type":137,"name":215,"callback":216,"file":200,"line":217},"wp_auto_updater\u002Fset_cron","set_schedule",144,{"type":137,"name":219,"callback":220,"file":200,"line":221},"wp_auto_updater\u002Fclear_schedule","clear_schedule",145,{"type":137,"name":223,"callback":224,"file":200,"line":225},"automatic_updates_complete","auto_update_result",149,{"type":137,"name":227,"callback":228,"file":200,"line":229},"pre_auto_update","gather_upgraded_version",171,{"type":153,"name":231,"callback":232,"priority":14,"file":200,"line":233},"plugin_row_meta","plugin_metadata_links",175,{"type":153,"name":235,"callback":236,"file":200,"line":237},"cron_schedules","add_cron_interval",178,{"type":153,"name":239,"callback":190,"file":200,"line":240},"plugins_auto_update_enabled",181,{"type":153,"name":242,"callback":190,"file":200,"line":243},"themes_auto_update_enabled",182,{"type":137,"name":245,"callback":246,"file":200,"line":247},"after_core_auto_updates_settings","hidden_auto_update_status",183,{"type":153,"name":249,"callback":187,"file":200,"line":250},"allow_major_auto_core_updates",567,{"type":153,"name":249,"callback":187,"file":200,"line":252},574,{"type":153,"name":249,"callback":187,"file":200,"line":254},588,{"type":153,"name":256,"callback":257,"file":200,"line":258},"pre_site_option_update_core","updates_previous_version",589,{"type":153,"name":260,"callback":257,"file":200,"line":261},"site_transient_update_core",590,{"type":153,"name":263,"callback":190,"file":200,"line":264},"auto_update_core",594,{"type":153,"name":266,"callback":267,"priority":14,"file":200,"line":268},"auto_update_theme","auto_update_specific_theme",641,{"type":153,"name":270,"callback":271,"priority":14,"file":200,"line":272},"auto_update_plugin","auto_update_specific_plugin",683,{"type":153,"name":274,"callback":190,"file":200,"line":275},"auto_update_translation",725,{"type":137,"name":277,"callback":277,"file":200,"line":278},"admin_enqueue_scripts",927,{"type":137,"name":149,"callback":280,"file":200,"line":281},"admin_notice_upgrader_disabled",932,[],[],[],[286,289,292],{"hook":287,"callback":287,"file":200,"line":288},"wp_version_check",404,{"hook":290,"callback":290,"file":200,"line":291},"wp_update_themes",407,{"hook":293,"callback":293,"file":200,"line":294},"wp_update_plugins",410,{"dangerousFunctions":296,"sqlUsage":297,"outputEscaping":324,"fileOperations":27,"externalRequests":27,"nonceChecks":124,"capabilityChecks":124,"bundledLibraries":358},[],{"prepared":298,"raw":32,"locations":299},4,[300,303,305,307,309,312,314,316,318,320,322],{"file":140,"line":301,"context":302},152,"$wpdb->get_results() with variable interpolation",{"file":140,"line":304,"context":302},154,{"file":140,"line":306,"context":302},156,{"file":140,"line":308,"context":302},362,{"file":140,"line":310,"context":311},625,"$wpdb->get_var() with variable interpolation",{"file":140,"line":313,"context":302},752,{"file":140,"line":315,"context":302},756,{"file":140,"line":317,"context":302},760,{"file":140,"line":319,"context":302},764,{"file":140,"line":321,"context":302},768,{"file":140,"line":323,"context":302},772,{"escaped":159,"rawEcho":325,"locations":326},15,[327,330,332,334,336,338,340,342,344,346,348,350,352,354,356],{"file":140,"line":328,"context":329},649,"raw output",{"file":140,"line":331,"context":329},673,{"file":140,"line":333,"context":329},706,{"file":158,"line":335,"context":329},532,{"file":158,"line":337,"context":329},549,{"file":158,"line":339,"context":329},566,{"file":158,"line":341,"context":329},583,{"file":158,"line":343,"context":329},619,{"file":200,"line":345,"context":329},1205,{"file":200,"line":347,"context":329},1291,{"file":200,"line":349,"context":329},1313,{"file":200,"line":351,"context":329},1315,{"file":200,"line":353,"context":329},1333,{"file":200,"line":355,"context":329},1343,{"file":200,"line":357,"context":329},1353,[],[360,387],{"entryPoint":361,"graph":362,"unsanitizedCount":27,"severity":386},"render_history_page (inc\\class-wp-auto-updater-history.php:584)",{"nodes":363,"edges":382},[364,369,375,378],{"id":365,"type":366,"label":367,"file":140,"line":368},"n0","source","$_GET",611,{"id":370,"type":371,"label":372,"file":140,"line":373,"wp_function":374},"n1","sink","get_results() [SQLi]",615,"get_results",{"id":376,"type":366,"label":377,"file":140,"line":368},"n2","$_GET (x2)",{"id":379,"type":371,"label":380,"file":140,"line":328,"wp_function":381},"n3","echo() [XSS]","echo",[383,385],{"from":365,"to":370,"sanitized":384},true,{"from":376,"to":379,"sanitized":384},"low",{"entryPoint":388,"graph":389,"unsanitizedCount":27,"severity":386},"\u003Cclass-wp-auto-updater-history> (inc\\class-wp-auto-updater-history.php:0)",{"nodes":390,"edges":395},[391,392,393,394],{"id":365,"type":366,"label":367,"file":140,"line":368},{"id":370,"type":371,"label":372,"file":140,"line":373,"wp_function":374},{"id":376,"type":366,"label":377,"file":140,"line":368},{"id":379,"type":371,"label":380,"file":140,"line":328,"wp_function":381},[396,397],{"from":365,"to":370,"sanitized":384},{"from":376,"to":379,"sanitized":384},{"summary":399,"deductions":400},"The \"wp-auto-updater\" v1.7.3 plugin exhibits a generally strong security posture, with a clean vulnerability history and no critical issues identified in the static and taint analysis. The code demonstrates good practices, particularly in the high percentage of properly escaped outputs and the presence of nonce and capability checks, which are crucial for secure WordPress development. The absence of file operations and external HTTP requests further reduces the attack surface.\n\nHowever, there are areas that warrant attention. While the number of SQL queries is moderate, a significant portion (73%) do not utilize prepared statements, which presents a potential risk for SQL injection vulnerabilities if the data processed by these queries is not meticulously sanitized at the application level. The limited scope of taint analysis (only 2 flows) means that there could be other unsanitized paths that were not detected. The plugin's limited attack surface (zero unprotected entry points) is a positive sign, but the presence of 3 cron events, while not inherently insecure, could become a vector if they interact with vulnerable code or external systems in the future.\n\nOverall, the plugin's lack of historical vulnerabilities and its good use of security features like nonce and capability checks are significant strengths. The primary concern lies in the substantial number of SQL queries not using prepared statements. Addressing this would further solidify its security. The plugin is currently in a good state, but continuous monitoring and adherence to secure coding practices, especially around database interactions, are recommended.",[401],{"reason":402,"points":403},"SQL queries not using prepared statements",7,"2026-03-16T17:59:58.397Z",{"wat":406,"direct":415},{"assetPaths":407,"generatorPatterns":410,"scriptPaths":411,"versionParams":412},[408,409],"\u002Fwp-content\u002Fplugins\u002Fwp-auto-updater\u002Fassets\u002Fcss\u002Fwp-auto-updater.css","\u002Fwp-content\u002Fplugins\u002Fwp-auto-updater\u002Fassets\u002Fjs\u002Fwp-auto-updater.js",[],[409],[413,414],"wp-auto-updater\u002Fassets\u002Fcss\u002Fwp-auto-updater.css?ver=","wp-auto-updater\u002Fassets\u002Fjs\u002Fwp-auto-updater.js?ver=",{"cssClasses":416,"htmlComments":417,"htmlAttributes":418,"restEndpoints":420,"jsGlobals":421,"shortcodeOutput":422},[],[],[419],"wp_auto_updater",[],[],[]]