[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fcWBVBt7NpYvsLiUQLZvsurRIdMTCiODbT-V456baohc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":40,"analysis":137,"fingerprints":324},"wp-healthcheck","WP Healthcheck","1.4.0","Tiago Hillebrandt","https:\u002F\u002Fprofiles.wordpress.org\u002Ftiagohillebrandt\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fwp-healthcheck.com\" rel=\"nofollow ugc\">WP Healthcheck\u003C\u002Fa> is a plugin to check the health of your WordPress install.\u003C\u002Fp>\n\u003Cp>It detects some useful information regarding your site health, like the number of active transients and autoload options, and then displays them conveniently via the WordPress Dashboard.\u003C\u002Fp>\n\u003Cp>This plugin can help you improve your site performance by cleaning up the transients and deactivating autoload options.\u003C\u002Fp>\n\u003Cp>WP Healthcheck also verifies the software versions in use by your server. We maintain information about software minimum requirements up to date in our systems. This allows the plugin to retrieve this information from our external API and compare versus the ones installed in your server.\u003C\u002Fp>\n\u003Cp>SSL certificate expiration dates are also checked and notifications for expired or near expiration SSL certificates are provided conveniently via the WordPress Dashboard.\u003C\u002Fp>\n\u003Ch4>WP-CLI Extension\u003C\u002Fh4>\n\u003Cp>WP Healthcheck also includes a WP-CLI extension. If you want to see all the CLI commands available in the plugin, go ahead and run \u003Ccode>wp healthcheck\u003C\u002Fcode> in your site.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>wp healthcheck autoload [--deactivate=\u003Coption-name>] [--history]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp healthcheck transient [--delete-expired] [--delete-all]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp healthcheck server\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp healthcheck ssl\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n","WP Healthcheck is a plugin to check the health of your WordPress install.",1000,26475,100,3,"2024-07-16T05:30:00.000Z","6.6.5","5.0","7.0",[20,21,22,23,24],"autoload","cron","healthcheck","performance","transients","https:\u002F\u002Fwp-healthcheck.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-healthcheck.1.4.0.zip",92,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":36,"avg_patch_time_days":37,"trust_score":38,"computed_at":39},"tiagohillebrandt",2,1100,96,1,97,"2026-04-03T20:00:15.970Z",[41,58,78,99,117],{"slug":42,"name":43,"version":44,"author":7,"author_profile":8,"description":45,"short_description":46,"active_installs":13,"downloaded":47,"rating":13,"num_ratings":37,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":51,"tags":52,"homepage":54,"download_link":55,"security_score":56,"vuln_count":37,"unpatched_count":28,"last_vuln_date":57,"fetched_at":30},"supervisor","Supervisor","1.3.3","\u003Cp>\u003Cstrong>Optimize and Secure Your WordPress Site with Supervisor\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Boost the performance and security of your WordPress site effortlessly with our powerful plugin. Supervisor provides vital insights into your site’s health directly through your WordPress Dashboard.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Performance Optimization:\u003C\u002Fstrong> Improve your site’s speed by cleaning up transients and deactivating unnecessary autoload options.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Brute Force Protection:\u003C\u002Fstrong> Shield your site from attacks with robust security measures designed to prevent unauthorized access.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Web Server Software Verification:\u003C\u002Fstrong> Ensure your server software is up-to-date, keeping your site running smoothly and securely.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SSL Certificate Monitoring:\u003C\u002Fstrong> Stay informed about your SSL certificate status with dashboard notifications for impending expirations or expired certificates.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Experience a faster and more secure WordPress site with Supervisor. Download it today and feel the difference!\u003C\u002Fp>\n","Supervisor is a powerful plugin designed to enhance both the performance and security of your WordPress installation.",5563,"2025-10-23T08:56:00.000Z","6.8.5","5.5","7.2",[20,22,53,23,24],"load-time","https:\u002F\u002Fsupervisorwp.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsupervisor.1.3.3.zip",99,"2025-10-23 19:46:03",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":13,"num_ratings":34,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":71,"tags":72,"homepage":75,"download_link":76,"security_score":56,"vuln_count":37,"unpatched_count":28,"last_vuln_date":77,"fetched_at":30},"0-day-analytics","0 Day Analytics","4.9.0","Golemiq","https:\u002F\u002Fprofiles.wordpress.org\u002Fawesomefootnotes\u002F","\u003Cp>\u003Cstrong>0 Day Analytics\u003C\u002Fstrong> is a comprehensive WordPress debugging and operational\u003Cbr \u002F>\nintelligence plugin. It is purpose-built for developers and site administrators\u003Cbr \u002F>\nwho need real-time visibility into their PHP errors, scheduled tasks, database\u003Cbr \u002F>\nstate, outgoing emails, HTTP requests, hook behaviour, and overall site health —\u003Cbr \u002F>\nall from a single admin interface.\u003C\u002Fp>\n\u003Cp>Unlike general monitoring services, 0 Day Analytics runs entirely inside your\u003Cbr \u002F>\nWordPress installation with no third-party data collection. Every module is\u003Cbr \u002F>\nopt-in and designed with performance in mind.\u003C\u002Fp>\n\u003Ch4>Error Log Manager\u003C\u002Fh4>\n\u003Cp>Read, search, filter, and manage your PHP\u002FWordPress error log without leaving\u003Cbr \u002F>\nthe admin. Engineered for very large (GB-sized) logs using a reverse-line reader\u003Cbr \u002F>\nthat never performs a full-file read. Supports code-context viewing (click any\u003Cbr \u002F>\nerror to see the surrounding source), per-severity filtering, log truncation,\u003Cbr \u002F>\nand download. Optionally randomise the log filename to reduce exposure.\u003C\u002Fp>\n\u003Ch4>PHP Fatal Error Tracker\u003C\u002Fh4>\n\u003Cp>Captures and stores PHP fatal errors in a dedicated database table, it records PHP errors even if the WP_DEBUG is turned off so they persist even after the log is rotated or overwritten. Each record includes\u003Cbr \u002F>\nerror type, file, line, stack trace, and timestamp — searchable and filterable\u003Cbr \u002F>\ndirectly in the admin.\u003C\u002Fp>\n\u003Ch4>Site Performance & Security Scanner\u003C\u002Fh4>\n\u003Cp>Runs 32+ automated checks across three categories — Security, Speed, and\u003Cbr \u002F>\nResources used — and presents a scored dashboard with actionable\u003Cbr \u002F>\nrecommendations. Checks include: PHP version, WordPress version, SSL\u003Cbr \u002F>\ncertificate, debug mode exposure, file permissions, database prefix, XML-RPC,\u003Cbr \u002F>\nlogin URL, active plugin count, autoloaded options, cron health, page caching,\u003Cbr \u002F>\nobject caching, gzip compression, lazy loading, image optimisation, and more.\u003C\u002Fp>\n\u003Ch4>Google PageSpeed & Core Web Vitals\u003C\u002Fh4>\n\u003Cp>Analyse any URL directly from the WordPress admin using the Google PageSpeed\u003Cbr \u002F>\nInsights API. Displays Performance, Accessibility, Best Practices, and SEO\u003Cbr \u002F>\nscores with Lighthouse category breakdowns for both desktop and mobile. For that you need to provide your own PageSpeed Google API key.\u003C\u002Fp>\n\u003Ch4>URL Tracker & Asset Analyser\u003C\u002Fh4>\n\u003Cp>Automatically tracks visited page URLs on your site. For each recorded URL,\u003Cbr \u002F>\nyou can collect all associated JS, CSS, and media assets (with file sizes), run\u003Cbr \u002F>\na Google PageSpeed analysis, and review visit counts — making it easy to audit\u003Cbr \u002F>\npage weight and performance regressions over time.\u003C\u002Fp>\n\u003Ch4>Cron Manager\u003C\u002Fh4>\n\u003Cp>View, search, edit, manually run, and delete WordPress scheduled tasks. Shows\u003Cbr \u002F>\nnext run time (UTC), recurrence interval, arguments, and last execution status.\u003Cbr \u002F>\nSupports bulk actions and advanced filtering.\u003C\u002Fp>\n\u003Ch4>Transients Manager\u003C\u002Fh4>\n\u003Cp>Browse, search, edit, and safely delete database transients. Displays expiry\u003Cbr \u002F>\ntime, serialised value (pretty-printed), and size. Bulk delete supports\u003Cbr \u002F>\nfiltered selections.\u003C\u002Fp>\n\u003Ch4>Outgoing HTTP Requests Viewer\u003C\u002Fh4>\n\u003Cp>Logs all outgoing \u003Ccode>wp_remote_*\u003C\u002Fcode> calls made by WordPress core, themes, and\u003Cbr \u002F>\nplugins. Records URL, method, status code, response time, triggering plugin,\u003Cbr \u002F>\nuser, and full request\u002Fresponse detail. Export to CSV for external analysis.\u003Cbr \u002F>\nAdvanced filtering by domain, plugin, status, and date range.\u003C\u002Fp>\n\u003Ch4>Mail Logger & Composer\u003C\u002Fh4>\n\u003Cp>Records every email sent through \u003Ccode>wp_mail()\u003C\u002Fcode> — including headers, body,\u003Cbr \u002F>\nattachments, CC, and BCC — and stores it in a searchable log. View the\u003Cbr \u002F>\nrendered email body, resend any logged email, or compose and send new emails\u003Cbr \u002F>\ndirectly from the admin. Supports HTML and plain-text previews.\u003C\u002Fp>\n\u003Ch4>SMTP Configuration\u003C\u002Fh4>\n\u003Cp>Configure custom SMTP settings (host, port, encryption, username, password)\u003Cbr \u002F>\nwith a built-in test email tool. Optionally log SMTP debug output to the\u003Cbr \u002F>\nWordPress debug log.\u003C\u002Fp>\n\u003Ch4>WP Hooks Monitor\u003C\u002Fh4>\n\u003Cp>Define which WordPress actions and filters (core or custom) you want to\u003Cbr \u002F>\nobserve. The Hooks Capture module records each invocation with its parameters,\u003Cbr \u002F>\nreturn value (for filters), and a full stack backtrace. Organise monitoring\u003Cbr \u002F>\nrules into named groups, enable\u002Fdisable per hook, and review the captured\u003Cbr \u002F>\noutput in a dedicated list view.\u003C\u002Fp>\n\u003Ch4>DB Table Manager\u003C\u002Fh4>\n\u003Cp>Browse, search, edit, and delete records across any table in your\u003Cbr \u002F>\nWordPress database — including custom plugin tables. Displays table size,\u003Cbr \u002F>\nengine, collation, row count, and schema information. Supports full and\u003Cbr \u002F>\nfiltered truncation and table drop with confirmation.\u003C\u002Fp>\n\u003Ch4>Server Info & System Status\u003C\u002Fh4>\n\u003Cp>Displays real-time server metrics (CPU load, memory usage, disk space,\u003Cbr \u002F>\nPHP version, active extensions) as both admin-bar badges and a dashboard\u003Cbr \u002F>\nwidget. Also provides a detailed environment report useful for support tickets\u003Cbr \u002F>\nand deployment checks.\u003C\u002Fp>\n\u003Ch4>Plugin Version Switcher\u003C\u002Fh4>\n\u003Cp>Roll back or switch between any previously downloaded version of an installed\u003Cbr \u002F>\nplugin without leaving the admin. Useful for quickly reverting after a bad\u003Cbr \u002F>\nupdate. Supports only free plugins from the WordPress repo.\u003C\u002Fp>\n\u003Ch4>Code Snippets\u003C\u002Fh4>\n\u003Cp>Write, save, and execute custom PHP snippets from the admin. Snippets support\u003Cbr \u002F>\nshortcodes, can be enabled\u002Fdisabled individually, and are sandboxed before\u003Cbr \u002F>\nexecution. Useful for one-off data migrations, testing custom logic, or\u003Cbr \u002F>\ngenerating dynamic output without creating a custom plugin.\u003C\u002Fp>\n\u003Ch4>Recovery Mode\u003C\u002Fh4>\n\u003Cp>Generate single-use recovery links that can disable a specific plugin or\u003Cbr \u002F>\ntrigger a custom action — delivered via Slack, Telegram, or any configured\u003Cbr \u002F>\nwebhook channel. Designed for emergency recovery when the site is inaccessible\u003Cbr \u002F>\nthrough normal means. The recovery URLs are sent in Slack and Telegram channels for security.\u003C\u002Fp>\n\u003Ch4>Other Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Dark mode for all admin screens.\u003C\u002Fli>\n\u003Cli>CSV export on all list views (requests, errors, mails, hooks, etc.).\u003C\u002Fli>\n\u003Cli>Screen Options on every screen (configure columns, items per page).\u003C\u002Fli>\n\u003Cli>WP CLI compatible scaffolding for background operations.\u003C\u002Fli>\n\u003Cli>Multisite aware (note: recovery mode has core multisite limitations).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Short Description\u003C\u002Fh3>\n\u003Cp>All-in-one WordPress debug & operations toolkit: error log manager, PHP fatal\u003Cbr \u002F>\ntracker, cron & transient manager, mail logger, SMTP, outgoing requests viewer,\u003Cbr \u002F>\nDB table manager, site performance & security scanner, Google PageSpeed\u003Cbr \u002F>\nintegration, URL tracker, WP hooks monitor, code snippets, and recovery mode.\u003C\u002Fp>\n\u003Ch3>Requirements & Compatibility\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>WordPress 6.0+ (tested up to 6.9)\u003C\u002Fli>\n\u003Cli>PHP 7.4+ (compatible with PHP 8.0, 8.1, 8.2, 8.3, 8.4)\u003C\u002Fli>\n\u003Cli>MySQL 5.7+ \u002F MariaDB 10.3+\u003C\u002Fli>\n\u003Cli>Not intended as a primary multisite recovery tool (see FAQ)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Best Practices & Security Notes\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Keep log files outside the webroot when possible, or restrict access via\u003Cbr \u002F>\nserver rules (.htaccess \u002F nginx) to prevent public exposure.\u003C\u002Fli>\n\u003Cli>Use the built-in “Randomise Log Filename” feature when logs must stay in the\u003Cbr \u002F>\nwebroot.\u003C\u002Fli>\n\u003Cli>All plugin capabilities are restricted to \u003Ccode>manage_options\u003C\u002Fcode> (administrators)\u003Cbr \u002F>\nby default. The menu can optionally be restricted to admins only.\u003C\u002Fli>\n\u003Cli>Sanitize and escape all output; nonces are enforced on all state-changing\u003Cbr \u002F>\nactions.\u003C\u002Fli>\n\u003Cli>Secure SMTP credentials using TLS\u002FSTARTTLS; credentials are stored in the\u003Cbr \u002F>\nWordPress options table.\u003C\u002Fli>\n\u003Cli>Set file permissions tightly (e.g., 600\u002F640) and restrict ownership to the\u003Cbr \u002F>\nweb server user.\u003C\u002Fli>\n\u003Cli>Backup database and files before using bulk delete or table truncation.\u003C\u002Fli>\n\u003Cli>Disable unused modules to reduce footprint and potential attack surface.\u003C\u002Fli>\n\u003Cli>Disable or throttle high-frequency background polling on high-load sites.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Usage Notes & Performance\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>The Error Log viewer reads the last N lines (default 100, max configurable\u003Cbr \u002F>\nvia Screen Options) to avoid full-file reads on GB-sized logs.\u003C\u002Fli>\n\u003Cli>No pagination on error logs by design — pagination would force repeated\u003Cbr \u002F>\nexpensive full-file reads.\u003C\u002Fli>\n\u003Cli>The PHP Fatal Error Tracker uses its own DB table; apply a retention policy\u003Cbr \u002F>\nin Settings to avoid unbounded growth.\u003C\u002Fli>\n\u003Cli>The Hooks Capture module adds minimal overhead per captured hook invocation;\u003Cbr \u002F>\ndisable capturing on production when not actively debugging.\u003C\u002Fli>\n\u003Cli>The URL Tracker records page visits in a custom table; configure retention\u003Cbr \u002F>\nor pause tracking on high-traffic sites.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support & Notes\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Secure log paths and consider randomising filenames in production.\u003C\u002Fli>\n\u003Cli>Disable unused modules to reduce footprint and attack surface.\u003C\u002Fli>\n\u003Cli>Recovery Mode has limitations on multisite — test before relying on it.\u003C\u002Fli>\n\u003Cli>For bugs or feature requests, open an issue on the plugin page.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Live preview and full details:\u003Cbr \u002F>\nhttps:\u002F\u002Fwordpress.org\u002Fplugins\u002F0-day-analytics\u002F\u003C\u002Fp>\n","0 Day Analytics is a comprehensive WordPress debugging and operational",40,5614,"2026-03-09T13:39:00.000Z","6.9.4","6.0","7.4",[21,73,74,23,24],"debug","error-log","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002F0-day-analytics.4.9.0.zip","2025-11-12 00:00:00",{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":86,"downloaded":87,"rating":13,"num_ratings":88,"last_updated":89,"tested_up_to":69,"requires_at_least":90,"requires_php":51,"tags":91,"homepage":97,"download_link":98,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"divewp-boost-site-performance","DiveWP – Boost Site Performance with Clear, Actionable Steps","2.3.3","Oleg Petrov","https:\u002F\u002Fprofiles.wordpress.org\u002Freplikon\u002F","\u003Ch4>🔌 NEW: Plugins Management\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Monitor and manage all installed plugins from one place.\u003C\u002Fstrong> DiveWP’s \u003Cstrong>Plugins Management\u003C\u002Fstrong> feature shows every plugin with active\u002Finactive status, update availability, and “Up to date” state. View details and changelog from WordPress.org, and activate or deactivate plugins without leaving the dashboard.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Plugins Management & Abilities API:\u003C\u002Fstrong> Use the \u003Ccode>divewp\u002Fplugins-management\u003C\u002Fcode> ability so AI assistants can list plugins, fetch description and changelog for a plugin, or activate\u002Fdeactivate a plugin by file path.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What Plugins Management Delivers:\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Cstrong>Unified plugin list\u003C\u002Fstrong> – All installed plugins with status pills (Active, Inactive, Update Available, Up to date)\u003Cbr \u002F>\n* \u003Cstrong>Dashboard overview\u003C\u002Fstrong> – Green and red pill counts on the main dashboard for quick health overview\u003Cbr \u002F>\n* \u003Cstrong>Details drawer\u003C\u002Fstrong> – Overview, full description, and changelog from WordPress.org\u003Cbr \u002F>\n* \u003Cstrong>Toggle activation\u003C\u002Fstrong> – Activate or deactivate plugins from the card or drawer\u003Cbr \u002F>\n* \u003Cstrong>Search\u003C\u002Fstrong> – Filter plugins by name, author, or description\u003Cbr \u002F>\n* \u003Cstrong>Abilities API\u003C\u002Fstrong> – Operations: list (all plugins), details (wp.org info for one plugin), toggle (activate\u002Fdeactivate)\u003C\u002Fp>\n\u003Ch4>🤖 NEW: AI Capabilities & WordPress Abilities API\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Talk to your WordPress site through AI!\u003C\u002Fstrong> DiveWP integrates with the \u003Cstrong>WordPress Abilities API\u003C\u002Fstrong> and Model Context Protocol (MCP), so AI tools like Cursor, Claude, and ChatGPT can query your site’s health and diagnostics directly—no copy-paste needed.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WordPress Abilities API & MCP:\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Cstrong>11 Diagnostic Abilities\u003C\u002Fstrong> – Server insights, cron monitoring, plugins management, database health, security audits, and more via the Abilities API\u003Cbr \u002F>\n* \u003Cstrong>Zero Copy-Paste\u003C\u002Fstrong> – AI agents run diagnostics through MCP without manual log sharing\u003Cbr \u002F>\n* \u003Cstrong>Secure Authentication\u003C\u002Fstrong> – WordPress Application Passwords for safe, controlled access\u003Cbr \u002F>\n* \u003Cstrong>Step-by-Step Setup\u003C\u002Fstrong> – “AI Capabilities” tab guides you through 3-step configuration for Abilities API and MCP clients\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Available Abilities:\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Ccode>divewp\u002Fserver-insights\u003C\u002Fcode> – Full server health & config check\u003Cbr \u002F>\n* \u003Ccode>divewp\u002Fcron-insights\u003C\u002Fcode> – Monitor WP-Cron and Action Scheduler; background tasks & overdue jobs\u003Cbr \u002F>\n* \u003Ccode>divewp\u002Fdb-insights\u003C\u002Fcode> – Database size & optimization status\u003Cbr \u002F>\n* \u003Ccode>divewp\u002Fsecurity-insights\u003C\u002Fcode> – Vulnerability & configuration audit\u003Cbr \u002F>\n* \u003Ccode>divewp\u002Fperformance-checks\u003C\u002Fcode> – Caching & optimization discovery\u003Cbr \u002F>\n* \u003Ccode>divewp\u002Ftheme-builder-insights\u003C\u002Fcode> – Theme and page builder health\u003Cbr \u002F>\n* \u003Ccode>divewp\u002Fwoocommerce-best-practices\u003C\u002Fcode> – WooCommerce optimization\u003Cbr \u002F>\n* \u003Ccode>divewp\u002Fseo-optimization\u003C\u002Fcode> – SEO configuration audit\u003Cbr \u002F>\n* \u003Ccode>divewp\u002Femail-communications\u003C\u002Fcode> – Email delivery & SMTP status\u003Cbr \u002F>\n* \u003Ccode>divewp\u002Fhosting-benchmark-latest\u003C\u002Fcode> – Latest benchmark results\u003Cbr \u002F>\n* \u003Ccode>divewp\u002Fplugins-management\u003C\u002Fcode> – List installed plugins, fetch wp.org details\u002Fchangelog, or toggle plugin activation (operations: list, details, toggle)\u003C\u002Fp>\n\u003Ch4>⏰ NEW: Cron Job Manager & WP-Cron Monitoring\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Take control of WordPress cron jobs and scheduled tasks.\u003C\u002Fstrong> DiveWP’s \u003Cstrong>Cron Job Manager\u003C\u002Fstrong> gives you a clear view of WP-Cron and Action Scheduler so you can spot overdue jobs, slow hooks, and misconfigured cron setups.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Cron Jobs & Abilities API:\u003C\u002Fstrong> Use the \u003Ccode>divewp\u002Fcron-insights\u003C\u002Fcode> ability so AI assistants can inspect your cron status, overdue tasks, and recommendations without opening the admin.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What the Cron Job Manager Delivers:\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Cstrong>Real-time cron monitoring\u003C\u002Fstrong> – WP-Cron and Action Scheduler in one dashboard\u003Cbr \u002F>\n* \u003Cstrong>Hook performance\u003C\u002Fstrong> – Execution time and memory per cron hook\u003Cbr \u002F>\n* \u003Cstrong>Overdue & orphan detection\u003C\u002Fstrong> – Find stuck or orphaned scheduled tasks\u003Cbr \u002F>\n* \u003Cstrong>Execution history\u003C\u002Fstrong> – Filterable, paginated cron run history\u003Cbr \u002F>\n* \u003Cstrong>Health guidance\u003C\u002Fstrong> – System health and cron configuration tips\u003C\u002Fp>\n\u003Ch4>🚀 Hosting Performance Benchmark – Know If You Need to Upgrade!\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Measure how your hosting handles your WordPress site!\u003C\u002Fstrong> DiveWP’s comprehensive Hosting Performance Benchmark is a powerful enterprise-grade testing system that evaluates your hosting environment through real-world performance tests.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What It Tests:\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Cstrong>Database Performance\u003C\u002Fstrong> – Tests INSERT, SELECT, UPDATE operations, datetime functions, and aggregate operations (8 comprehensive tests)\u003Cbr \u002F>\n* \u003Cstrong>Server Resources\u003C\u002Fstrong> – Evaluates CPU, memory, I\u002FO, and network capabilities (5 resource tests)\u003Cbr \u002F>\n* \u003Cstrong>Concurrency Handling\u003C\u002Fstrong> – Measures how your hosting performs under multiple simultaneous requests (4 concurrency tests)\u003Cbr \u002F>\n* \u003Cstrong>E-commerce Performance\u003C\u002Fstrong> – Tests WooCommerce-like operations including price calculations, shipping, and inventory checks (3 performance tests)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Benefits:\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Cstrong>20+ Individual Tests\u003C\u002Fstrong> – Comprehensive evaluation across 4 major categories\u003Cbr \u002F>\n* \u003Cstrong>Real-World Simulation\u003C\u002Fstrong> – Tests simulate actual WordPress operations, not synthetic benchmarks\u003Cbr \u002F>\n* \u003Cstrong>6-Minute Complete Analysis\u003C\u002Fstrong> – Get detailed insights in approximately 6 minutes\u003Cbr \u002F>\n* \u003Cstrong>Actionable Results\u003C\u002Fstrong> – Understand if your current hosting is sufficient or if you need to upgrade\u003Cbr \u002F>\n* \u003Cstrong>Cross-Database Compatible\u003C\u002Fstrong> – Works with MySQL, MariaDB, PostgreSQL, SQLite, and SQL Server\u003Cbr \u002F>\n* \u003Cstrong>Optimized for Shared Hosting\u003C\u002Fstrong> – Designed to work efficiently even on shared hosting environments\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Perfect For:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Site owners wondering if their hosting plan is sufficient\u003Cbr \u002F>\n* Users experiencing slow performance and wanting to identify bottlenecks\u003Cbr \u002F>\n* Anyone considering upgrading their hosting plan\u003Cbr \u002F>\n* Developers evaluating hosting performance for client sites\u003C\u002Fp>\n\u003Ch4>🎯 Transform Your WP Journey\u003C\u002Fh4>\n\u003Cp>Discover your site’s true potential by understanding exactly what’s happening under the hood. DiveWP provides clear insights about Performance, Security, and Best Practices – all explained in plain English. Take control of your digital presence by learning as you optimize!\u003C\u002Fp>\n\u003Ch4>🔍 Key Features\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>🔌 NEW: Plugins Management\u003C\u002Fstrong>\u003Cbr \u002F>\n* Unified list of all installed plugins with status (Active, Inactive, Update Available, Up to date)\u003Cbr \u002F>\n* Dashboard counts green (up to date) and red (updates available) pills for quick overview\u003Cbr \u002F>\n* Details drawer with overview, WordPress.org description, and changelog\u003Cbr \u002F>\n* Toggle plugin activation from card or drawer; search by name, author, or description\u003Cbr \u002F>\n* Abilities API: \u003Ccode>divewp\u002Fplugins-management\u003C\u002Fcode> (list, details, toggle) for AI-assisted plugin management\u003C\u002Fp>\n\u003Cp>\u003Cstrong>⏰ NEW: Cron Job Manager & WP-Cron Monitoring\u003C\u002Fstrong>\u003Cbr \u002F>\n* Real-time WP-Cron and Action Scheduler tracking\u003Cbr \u002F>\n* Monitor hook performance and execution time\u003Cbr \u002F>\n* Detect orphaned and overdue tasks\u003Cbr \u002F>\n* Identify problematic cron hooks affecting performance\u003Cbr \u002F>\n* Complete execution history with filtering and pagination\u003Cbr \u002F>\n* Integrates with Abilities API via \u003Ccode>divewp\u002Fcron-insights\u003C\u002Fcode> for AI-assisted cron diagnostics\u003C\u002Fp>\n\u003Cp>\u003Cstrong>🤖 NEW: AI Capabilities & WordPress Abilities API\u003C\u002Fstrong>\u003Cbr \u002F>\n* WordPress Abilities API and MCP let AI assistants query your site for diagnostics\u003Cbr \u002F>\n* 11 abilities for server, cron jobs, plugins, security, database, and performance insights\u003Cbr \u002F>\n* Works with Cursor, Claude Desktop, ChatGPT, and other MCP clients\u003Cbr \u002F>\n* Secure access via WordPress Application Passwords\u003Cbr \u002F>\n* Step-by-step setup guide in “AI Capabilities” tab\u003C\u002Fp>\n\u003Cp>\u003Cstrong>🚀 Hosting Performance Benchmark\u003C\u002Fstrong>\u003Cbr \u002F>\n* Comprehensive hosting evaluation with 20+ real-world performance tests\u003Cbr \u002F>\n* Database, resource, concurrency, and e-commerce performance analysis\u003Cbr \u002F>\n* Determine if your hosting plan is sufficient for your site\u003Cbr \u002F>\n* Cross-database compatibility (MySQL, MariaDB, PostgreSQL, SQLite, SQL Server)\u003Cbr \u002F>\n* Optimized for shared hosting environments\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Deep Site Insights\u003C\u002Fstrong>\u003Cbr \u002F>\n* Understand your site inside out\u003Cbr \u002F>\n* Comprehensive analysis of core functions\u003Cbr \u002F>\n* Database health monitoring\u003Cbr \u002F>\n* User activity tracking\u003Cbr \u002F>\n* Everything explained in plain English\u003C\u002Fp>\n\u003Cp>\u003Cstrong>⚡ Performance & Speed\u003C\u002Fstrong>\u003Cbr \u002F>\n* Clear performance insights\u003Cbr \u002F>\n* Actionable optimization steps\u003Cbr \u002F>\n* Speed improvement recommendations\u003Cbr \u002F>\n* Learn what affects your site’s performance\u003C\u002Fp>\n\u003Cp>\u003Cstrong>🛡️ Security & Best Practices\u003C\u002Fstrong>\u003Cbr \u002F>\n* Proactive security checks\u003Cbr \u002F>\n* Easy-to-follow hardening recommendations\u003Cbr \u002F>\n* Learn WordPress security best practices\u003Cbr \u002F>\n* Implement as you learn\u003C\u002Fp>\n\u003Cp>\u003Cstrong>📊 Database Health\u003C\u002Fstrong>\u003Cbr \u002F>\n* Optimize database performance\u003Cbr \u002F>\n* Clear insights into tables and structure\u003Cbr \u002F>\n* Cleanup recommendations\u003Cbr \u002F>\n* Learn database management without being a tech expert\u003C\u002Fp>\n\u003Cp>\u003Cstrong>🎯 SEO & Visibility\u003C\u002Fstrong>\u003Cbr \u002F>\n* Practical SEO recommendations\u003Cbr \u002F>\n* Essential optimization techniques\u003Cbr \u002F>\n* Improve search engine rankings\u003Cbr \u002F>\n* Learn while implementing\u003C\u002Fp>\n\u003Cp>\u003Cstrong>🛍️ WooCommerce Optimization\u003C\u002Fstrong>\u003Cbr \u002F>\n* Specialized store insights\u003Cbr \u002F>\n* Performance optimization\u003Cbr \u002F>\n* Checkout process analysis\u003Cbr \u002F>\n* Shopping experience improvements\u003C\u002Fp>\n\u003Cp>\u003Cstrong>📧 Email System Monitor\u003C\u002Fstrong>\u003Cbr \u002F>\n* Detailed logging and diagnostics\u003Cbr \u002F>\n* Track email system performance\u003Cbr \u002F>\n* Ensure reliable communication\u003Cbr \u002F>\n* Monitor delivery status\u003C\u002Fp>\n\u003Cp>\u003Cstrong>🎨 Theme & Builder Analysis\u003C\u002Fstrong>\u003Cbr \u002F>\n* Theme performance insights\u003Cbr \u002F>\n* Page builder optimization\u003Cbr \u002F>\n* Visual elements analysis\u003Cbr \u002F>\n* Speed optimization guidance\u003C\u002Fp>\n\u003Ch4>💡 How It Works\u003C\u002Fh4>\n\u003Col>\n\u003Cli>\u003Cstrong>Install & Scan:\u003C\u002Fstrong> Quick installation and automatic site analysis\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Get Clear Insights:\u003C\u002Fstrong> Receive easy-to-understand explanations\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Learn Best Practices:\u003C\u002Fstrong> Understand WordPress through your own site\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Implement Changes:\u003C\u002Fstrong> Follow actionable recommendations\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Monitor Progress:\u003C\u002Fstrong> Track improvements and keep learning\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>🎯 Perfect For\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>WordPress Beginners:\u003C\u002Fstrong> Finally understand what’s happening on your site\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Store Owners:\u003C\u002Fstrong> Optimize WooCommerce performance and boost sales\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Agency Teams:\u003C\u002Fstrong> Maintain multiple sites while learning best practices\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Content Creators:\u003C\u002Fstrong> Improve site visibility while mastering WordPress\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>🌟 What’s New in 2.3.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>NEW\u003C\u002Fstrong>: Plugins Management\u003C\u002Fli>\n\u003Cli>New “Plugins Management” feature: view all installed plugins with status pills (Active, Inactive, Update Available, Up to date)\u003C\u002Fli>\n\u003Cli>Dashboard overview counts green (up to date) and red (updates available) pills alongside other feature statuses\u003C\u002Fli>\n\u003Cli>Details drawer with overview, full description, and changelog from WordPress.org\u003C\u002Fli>\n\u003Cli>Activate\u002Fdeactivate plugins from the card or drawer; search by name, author, or description\u003C\u002Fli>\n\u003Cli>\u003Cstrong>NEW\u003C\u002Fstrong>: Abilities API – \u003Ccode>divewp\u002Fplugins-management\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Operations: list (all plugins with status), details (wp.org description and changelog for one plugin), toggle (activate\u002Fdeactivate by plugin file)\u003C\u002Fli>\n\u003Cli>AI assistants can list plugins, fetch plugin info, or change activation state via MCP\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>🌟 What’s New in 2.2.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>NEW\u003C\u002Fstrong>: AI Capabilities & WordPress Abilities API\u003C\u002Fli>\n\u003Cli>New “AI Capabilities” tab with step-by-step setup guide\u003C\u002Fli>\n\u003Cli>10 diagnostic abilities for AI agents (server, cron jobs, database, security, performance, and more)\u003C\u002Fli>\n\u003Cli>Support for Cursor, Claude Desktop, ChatGPT via Model Context Protocol (MCP)\u003C\u002Fli>\n\u003Cli>Secure access using WordPress Application Passwords\u003C\u002Fli>\n\u003Cli>\u003Cstrong>NEW\u003C\u002Fstrong>: Cron Job Manager & WP-Cron Monitoring\u003C\u002Fli>\n\u003Cli>Full cron jobs dashboard: WP-Cron and Action Scheduler in one place\u003C\u002Fli>\n\u003Cli>Hook performance, overdue and orphan detection, execution history\u003C\u002Fli>\n\u003Cli>Abilities API integration: \u003Ccode>divewp\u002Fcron-insights\u003C\u002Fcode> for AI-driven cron diagnostics\u003C\u002Fli>\n\u003Cli>\u003Cstrong>NEW\u003C\u002Fstrong>: REST API Access Logging in User Events\u003C\u002Fli>\n\u003Cli>Track API access via Application Passwords in the event log\u003C\u002Fli>\n\u003Cli>Monitor AI agent activity and external integrations\u003C\u002Fli>\n\u003Cli>Throttled logging to prevent flood from MCP bursts\u003C\u002Fli>\n\u003Cli>\u003Cstrong>IMPROVED\u003C\u002Fstrong>: Cron Jobs Feature Enhancements\u003C\u002Fli>\n\u003Cli>Aligned AJAX and server health calculations for consistent status display\u003C\u002Fli>\n\u003Cli>“Potential orphan” terminology for clearer task identification\u003C\u002Fli>\n\u003Cli>Added Alternate Cron explanation footnote\u003C\u002Fli>\n\u003Cli>Visual accent pills for Important\u002FRecommendation notes in task modals\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>Need help? We’re here for you!\u003C\u002Fp>\n\u003Cul>\n\u003Cli>📚 \u003Ca href=\"https:\u002F\u002Fdivewp.com\u002Fdocumentation\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>💬 \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fdivewp\u002F\" rel=\"ugc\">Support Forum\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>🐞 \u003Ca href=\"https:\u002F\u002Fdivewp.com\u002Fcontact\u002F\" rel=\"nofollow ugc\">Bug Reports and Contact\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Privacy\u003C\u002Fh3>\n\u003Cp>DiveWP respects your privacy and that of your users. We do not collect any personal data. All analysis is performed locally on your server.\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>DiveWP is proudly created and maintained by Oleg Petrov.\u003C\u002Fp>\n","Learn WP Best Practices Through Your Own Site! Get clear insights about Performance, Security, and Best Practices – explained in plain English.",200,1884,6,"2026-02-26T08:16:00.000Z","6.8",[92,93,94,95,96],"abilities-api","cron-jobs","performance-optimization","security","site-health","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdivewp-boost-site-performance\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdivewp-boost-site-performance.2.3.3.zip",{"slug":100,"name":101,"version":102,"author":103,"author_profile":104,"description":105,"short_description":106,"active_installs":107,"downloaded":108,"rating":13,"num_ratings":37,"last_updated":109,"tested_up_to":69,"requires_at_least":17,"requires_php":110,"tags":111,"homepage":115,"download_link":116,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"flush-transients","Flush Transients","1.0.1","Felix Arntz","https:\u002F\u002Fprofiles.wordpress.org\u002Fflixos90\u002F","\u003Cp>Just like many other plugins offer a feature to flush the WordPress object cache, this plugin allows to flush transients.\u003C\u002Fp>\n\u003Cp>Many WordPress sites do not have access to an object cache in their hosting environment, and for those sites transients are the only mechanism for caching data which WordPress natively supports. Being able to clear transients can be crucial for certain use-cases, particularly on sites that do not use an object cache.\u003C\u002Fp>\n\u003Cp>This plugin adds a small admin bar menu item where users with the required capabilities can flush transients for the site. For sites not using an object cache, where transients are stored in the database, the menu item also provides information on the amount of transients stored.\u003C\u002Fp>\n\u003Cp>Both regular transients and network transients are supported. When using WordPress Multisite, network transients can be flushed in the Network Admin UI.\u003C\u002Fp>\n","This plugin allows you to flush WordPress transients, plain and simple.",90,2077,"2025-11-24T23:33:00.000Z","5.2",[112,113,114,23,24],"cache","flushing","invalidation","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fflush-transients\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fflush-transients.1.0.1.zip",{"slug":118,"name":119,"version":120,"author":121,"author_profile":122,"description":123,"short_description":124,"active_installs":125,"downloaded":126,"rating":13,"num_ratings":37,"last_updated":127,"tested_up_to":128,"requires_at_least":129,"requires_php":130,"tags":131,"homepage":134,"download_link":135,"security_score":136,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"revision-strike","Revision Strike","0.6.0","Steve Grunwell","https:\u002F\u002Fprofiles.wordpress.org\u002Fstevegrunwell\u002F","\u003Cp>Unless post revisions are explicitly limited, WordPress will build up a hefty sum of revisions over time. While it’s great to have revision history for some recent content, the chances that old revisions will be necessary diminish the longer a post has been published. Revision Strike is designed to automatically remove these unneeded revisions on older, published posts.\u003C\u002Fp>\n\u003Ch4>How does it work?\u003C\u002Fh4>\n\u003Cp>First, a threshold is set, with a default of 30 days. Once a day, Revision Strike will run and find any post revisions in the database attached to published posts with a post date of at least 30 (or your custom threshold) days ago, and “strike” (tear-down and remove) them from the WordPress database.\u003C\u002Fp>\n\u003Ch4>Contributing\u003C\u002Fh4>\n\u003Cp>If you’d like to help build Revision Strike, please \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fstevegrunwell\u002Frevision-strike\" rel=\"nofollow ugc\">visit the plugin’s GitHub page\u003C\u002Fa>. Contributors are welcome, and \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fstevegrunwell\u002Frevision-strike#contributing\" rel=\"nofollow ugc\">details can be found in the repo’s README file\u003C\u002Fa>.\u003C\u002Fp>\n","Periodically purge old post revisions via WP Cron.",70,5834,"2017-09-16T17:45:00.000Z","4.8.28","4.2","5.4",[21,132,23,133],"maintenance","revisions","https:\u002F\u002Fstevegrunwell.com\u002Fblog\u002Frevision-strike","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frevision-strike.0.6.0.zip",85,{"attackSurface":138,"codeSignals":201,"taintFlows":314,"riskAssessment":315,"analyzedAt":323},{"hooks":139,"ajaxHandlers":197,"restRoutes":198,"shortcodes":199,"cronEvents":200,"entryPointCount":28,"unprotectedCount":28},[140,146,149,153,156,159,164,169,172,176,181,185,189,193,195],{"type":141,"name":142,"callback":142,"priority":143,"file":144,"line":145},"action","admin_menu",5,"includes\\class-wp-healthcheck-admin.php",45,{"type":141,"name":147,"callback":147,"file":144,"line":148},"admin_notices",46,{"type":141,"name":150,"callback":151,"file":144,"line":152},"admin_init","load_resources",47,{"type":141,"name":150,"callback":154,"file":144,"line":155},"init",59,{"type":141,"name":150,"callback":154,"priority":157,"file":144,"line":158},4,60,{"type":160,"name":161,"callback":162,"file":144,"line":163},"filter","screen_options_show_screen","__return_false",178,{"type":141,"name":165,"callback":166,"file":167,"line":168},"admin_footer","add_wp_nonces","includes\\class-wp-healthcheck-ajax.php",35,{"type":141,"name":150,"callback":151,"priority":143,"file":170,"line":171},"includes\\class-wp-healthcheck-pointers.php",36,{"type":141,"name":173,"callback":174,"file":170,"line":175},"admin_print_footer_scripts","enqueue_pointers",37,{"type":141,"name":177,"callback":178,"file":179,"line":180},"wp_loaded","check_core_updates","includes\\class-wp-healthcheck.php",118,{"type":141,"name":182,"callback":183,"file":179,"line":184},"upgrader_process_complete","plugin_deactivation",119,{"type":141,"name":186,"callback":187,"file":179,"line":188},"shutdown","get_ssl_data",120,{"type":160,"name":190,"callback":191,"file":179,"line":192},"automatic_updater_disabled","__return_true",133,{"type":141,"name":154,"callback":154,"file":194,"line":171},"wp-healthcheck.php",{"type":141,"name":154,"callback":154,"file":194,"line":196},41,[],[],[],[],{"dangerousFunctions":202,"sqlUsage":203,"outputEscaping":219,"fileOperations":37,"externalRequests":37,"nonceChecks":204,"capabilityChecks":37,"bundledLibraries":313},[],{"prepared":204,"raw":143,"locations":205},7,[206,209,212,215,217],{"file":179,"line":207,"context":208},166,"$wpdb->query() with variable interpolation",{"file":179,"line":210,"context":211},240,"$wpdb->get_results() with variable interpolation",{"file":179,"line":213,"context":214},259,"$wpdb->get_row() with variable interpolation",{"file":179,"line":216,"context":211},504,{"file":179,"line":218,"context":214},523,{"escaped":204,"rawEcho":220,"locations":221},54,[222,225,228,229,231,232,234,235,238,239,240,242,245,246,248,250,251,252,253,254,255,258,260,263,264,267,269,272,273,274,275,276,277,278,279,281,282,284,285,287,288,291,292,294,296,298,299,302,303,305,306,308,310,312],{"file":170,"line":223,"context":224},77,"raw output",{"file":226,"line":227,"context":224},"views\\admin\\autoload-history.php",24,{"file":226,"line":227,"context":224},{"file":226,"line":230,"context":224},25,{"file":226,"line":230,"context":224},{"file":226,"line":233,"context":224},26,{"file":226,"line":233,"context":224},{"file":236,"line":237,"context":224},"views\\admin\\autoload-list-status.php",34,{"file":236,"line":196,"context":224},{"file":236,"line":152,"context":224},{"file":236,"line":241,"context":224},57,{"file":243,"line":244,"context":224},"views\\admin\\autoload-list.php",27,{"file":243,"line":244,"context":224},{"file":243,"line":247,"context":224},30,{"file":243,"line":249,"context":224},33,{"file":243,"line":249,"context":224},{"file":243,"line":249,"context":224},{"file":243,"line":237,"context":224},{"file":243,"line":237,"context":224},{"file":243,"line":237,"context":224},{"file":256,"line":257,"context":224},"views\\admin\\autoload-stats.php",13,{"file":256,"line":259,"context":224},17,{"file":261,"line":262,"context":224},"views\\admin\\cron.php",21,{"file":261,"line":262,"context":224},{"file":265,"line":266,"context":224},"views\\admin\\support.php",10,{"file":265,"line":268,"context":224},19,{"file":270,"line":271,"context":224},"views\\admin\\sysinfo.php",20,{"file":270,"line":271,"context":224},{"file":270,"line":227,"context":224},{"file":270,"line":227,"context":224},{"file":270,"line":249,"context":224},{"file":270,"line":249,"context":224},{"file":270,"line":66,"context":224},{"file":270,"line":66,"context":224},{"file":280,"line":257,"context":224},"views\\admin\\transients-stats.php",{"file":280,"line":259,"context":224},{"file":280,"line":283,"context":224},29,{"file":280,"line":171,"context":224},{"file":286,"line":227,"context":224},"views\\admin\\wp-updates.php",{"file":286,"line":227,"context":224},{"file":289,"line":290,"context":224},"views\\notices\\database.php",31,{"file":289,"line":237,"context":224},{"file":293,"line":283,"context":224},"views\\notices\\mysql.php",{"file":293,"line":295,"context":224},32,{"file":297,"line":283,"context":224},"views\\notices\\php.php",{"file":297,"line":295,"context":224},{"file":300,"line":301,"context":224},"views\\notices\\plugins.php",18,{"file":300,"line":227,"context":224},{"file":304,"line":249,"context":224},"views\\notices\\ssl.php",{"file":304,"line":171,"context":224},{"file":307,"line":168,"context":224},"views\\notices\\web.php",{"file":307,"line":309,"context":224},38,{"file":311,"line":227,"context":224},"views\\notices\\wordpress.php",{"file":311,"line":244,"context":224},[],[],{"summary":316,"deductions":317},"The wp-healthcheck plugin v1.4.0 exhibits a generally strong security posture with no recorded vulnerabilities or critical taint flows. The absence of known CVEs and the presence of nonce and capability checks suggest good development practices for entry points. However, the static analysis reveals some areas of concern that warrant attention. Specifically, the low percentage of properly escaped output is a significant weakness, potentially exposing the site to cross-site scripting (XSS) vulnerabilities if user-supplied data is not handled with care. While the SQL query usage is decent with a majority prepared, the presence of raw SQL queries, even if a minority, can still be a vector for SQL injection if not meticulously sanitized. The single file operation and external HTTP request, while not inherently risky without further context, represent potential points of interaction that could be exploited if not secured properly.\n\nWhile the plugin's attack surface appears minimal with no reported AJAX handlers, REST API routes, or shortcodes, the lack of proper output escaping remains the most prominent risk. The vulnerability history is reassuring, indicating a lack of past security incidents. However, a clean history does not guarantee future security, and the identified code weaknesses need to be addressed to maintain this favorable record. In conclusion, wp-healthcheck v1.4.0 is relatively secure due to its limited attack surface and lack of historical vulnerabilities, but the high proportion of unescaped output represents a notable risk that should be prioritized for remediation.",[318,321],{"reason":319,"points":320},"Low percentage of properly escaped output",8,{"reason":322,"points":14},"Presence of raw SQL queries","2026-03-16T18:58:50.695Z",{"wat":325,"direct":338},{"assetPaths":326,"generatorPatterns":331,"scriptPaths":332,"versionParams":333},[327,328,329,330],"\u002Fwp-content\u002Fplugins\u002Fwp-healthcheck\u002Fassets\u002Fwp-healthcheck.min.js","\u002Fwp-content\u002Fplugins\u002Fwp-healthcheck\u002Fassets\u002Fwp-healthcheck.js","\u002Fwp-content\u002Fplugins\u002Fwp-healthcheck\u002Fassets\u002Fwp-healthcheck.min.css","\u002Fwp-content\u002Fplugins\u002Fwp-healthcheck\u002Fassets\u002Fwp-healthcheck.css",[],[327,328],[334,335,336,337],"wp-healthcheck\u002Fassets\u002Fwp-healthcheck.min.js?ver=","wp-healthcheck\u002Fassets\u002Fwp-healthcheck.js?ver=","wp-healthcheck\u002Fassets\u002Fwp-healthcheck.min.css?ver=","wp-healthcheck\u002Fassets\u002Fwp-healthcheck.css?ver=",{"cssClasses":339,"htmlComments":342,"htmlAttributes":343,"restEndpoints":348,"jsGlobals":349,"shortcodeOutput":351},[340,341],"wphc-btn-transients-help","wphc-btn-autoload-help",[],[344,345,346,347],"name=\"admin\u002Ftransients\"","name=\"admin\u002Fautoload\"","name=\"admin\u002Fwp-updates\"","name=\"admin\u002Fsupport\"",[],[350],"wp-healthcheck-js",[]]