WP-Safety

WP Keep Me Logged In Security & Risk Analysis

wordpress.org/plugins/wp-keep-me-logged-in

This plugin will increase the session time of your WordPress login cookie to 1 year. That way you won't have to login over and over again.

50 active installs v1.0 PHP 5.6+ WP 2.5+ Updated Nov 10, 2022
loginsession
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is WP Keep Me Logged In Safe to Use in 2026?

Generally Safe

Score 85/100

WP Keep Me Logged In has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago
Risk Assessment

Based on the provided static analysis and vulnerability history, the wp-keep-me-logged-in plugin v1.0 presents a very strong security posture. The attack surface is entirely protected, with no identified AJAX handlers, REST API routes, shortcodes, or cron events that are not properly secured with authentication and permission checks. Furthermore, the code signals indicate a clean codebase with no dangerous functions, all SQL queries utilizing prepared statements, and all output being properly escaped. There are no file operations, external HTTP requests, or bundled libraries to consider. The absence of any recorded vulnerabilities, critical or otherwise, further reinforces this positive assessment. The plugin appears to have been developed with security best practices in mind from its inception.

Vulnerabilities
None known

WP Keep Me Logged In Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

WP Keep Me Logged In Release Timeline

v1.0Current
Code Analysis
Analyzed Mar 16, 2026

WP Keep Me Logged In Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
0 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0
Attack Surface

WP Keep Me Logged In Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 1
filterauth_cookie_expirationrk-keep-me-logged-in.php:19
Maintenance & Trust

WP Keep Me Logged In Maintenance & Trust

Maintenance Signals

WordPress version tested6.1.10
Last updatedNov 10, 2022
PHP min version5.6
Downloads71K

Community Trust

Rating0/100
Number of ratings0
Active installs50
Alternatives

WP Keep Me Logged In Alternatives

Loggedin – Limit Concurrent Sessions

Loggedin – Limit Concurrent Sessions

loggedin

A
99

Lightweight plugin that limits an account to a specific number of concurrent logins.

8K 1 CVE
Persistent Login

Persistent Login

wp-persistent-login

A
100

Persistent Login keeps users logged into your website, limits the number of active logins allowed at one time and alerts users of new devices logging …

6K No CVEs
Remember Me Controls

Remember Me Controls

remember-me-controls

A
91

Have "Remember Me" checked by default on the login page and configure how long a login is remembered. Or disable the feature altogether.

4K 1 CVE
Sessions

Sessions

sessions

A
99

Powerful sessions manager for WordPress with sessions limiter and full analytics reporting capabilities.

900 1 CVE
User Session Control

User Session Control

user-session-control

A
85

View and manage all active user sessions in a custom admin screen.

700 No CVEs
Developer Profile

WP Keep Me Logged In Developer Profile

ruudkok

2 plugins · 120 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect WP Keep Me Logged In

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

FAQ

Frequently Asked Questions about WP Keep Me Logged In