Does WP Last Login have any unpatched vulnerabilities?

No. All known vulnerabilities in WP Last Login have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WP Last Login compatible with WordPress 6.8.5?

According to WordPress.org data, WP Last Login 7 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

How often is WP Last Login updated?

WP Last Login was last updated on Apr 28, 2025. Frequent updates are generally a positive security signal.

What is WP Last Login's security score?

WP Last Login has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WP Last Login Security & Risk Analysis

wordpress.org/plugins/wp-last-login

Make the last login for each user visible in the user overview.

10K active installs v7 PHP + WP 3.1+ Updated Apr 28, 2025

adminlast-loginloginlogin-timeuser

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is WP Last Login Safe to Use in 2026?

Generally Safe

Score 100/100

WP Last Login has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11mo ago

Risk Assessment

The wp-last-login v7 plugin exhibits a very strong security posture based on the provided static analysis and vulnerability history. The absence of any identified dangerous functions, raw SQL queries, unescaped output, file operations, external HTTP requests, and importantly, any form of attack surface (AJAX handlers, REST API routes, shortcodes, cron events) is highly commendable. The 100% use of prepared statements for SQL queries and proper output escaping further solidifies this positive assessment. The vulnerability history is equally clean, with zero recorded CVEs of any severity. This indicates a well-maintained and secure codebase that has likely undergone thorough security review. The only minor area for consideration, though not a direct risk based on the data, is the complete lack of capability checks and nonce checks. While the absence of an attack surface mitigates the immediate risk, in a scenario where functionality might be added in the future without robust access controls, this could become a concern. However, based on the current data, the plugin appears exceptionally secure.

Vulnerabilities

None known

WP Last Login Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

WP Last Login Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

3 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped3 total outputs

Attack Surface

WP Last Login Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 13

actioninitwp-last-login.php:44

actionwp_loginwp-last-login.php:55

actiontwo_factor_user_authenticatedwp-last-login.php:71

actionuser_registerwp-last-login.php:81

filtermanage_site-users-network_columnswp-last-login.php:111

filtermanage_users_columnswp-last-login.php:112

filterwpmu_users_columnswp-last-login.php:113

filteradmin_print_styles-users.phpwp-last-login.php:121

filteradmin_print_styles-site-users.phpwp-last-login.php:122

filtermanage_users_custom_columnwp-last-login.php:156

filtermanage_users_sortable_columnswp-last-login.php:169

filtermanage_users-network_sortable_columnswp-last-login.php:170

filterpre_get_userswp-last-login.php:191

Maintenance & Trust

WP Last Login Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedApr 28, 2025

PHP min version

Downloads152K

Community Trust

Rating74/100

Number of ratings25

Active installs10K

Alternatives

WP Last Login Alternatives

When Last Login

when-last-login

100

Show a users last login date by creating a sortable column in your WordPress users list.

50K 1 CVE

Admin Users Logged In

admin-users-logged-in

100

Dashboard widget that shows admin users and when they were last logged in.

100 No CVEs

Last Login Display

last-login-display

100

Show the last login date and time of users in the admin dashboard.

100 No CVEs

Last Login Tracker & Redirect URL

last-login-tracker-redirect-url

Tracks user last login and allows redirection of 404 pages to the homepage.

10 No CVEs

CodeCave Admin Security Auditor

codecave-admin-security-auditor

100

Track and display the last login time for each user in the WordPress admin users table.

0 No CVEs

Developer Profile

WP Last Login Developer Profile

Konstantin Obenland

13 plugins · 23K total installs

trust score

Avg Security Score

93/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WP Last Login

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

CSS Classes

column-wp-last-login

Data Attributes

titledatetime

FAQ