Does Database Snapshots – WPvivid have any unpatched vulnerabilities?

No. All known vulnerabilities in Database Snapshots – WPvivid have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Database Snapshots – WPvivid compatible with WordPress 6.2.9?

According to WordPress.org data, Database Snapshots – WPvivid 0.9.4 has been tested up to WordPress 6.2.9. Check the plugin's changelog for the latest compatibility information.

Is Database Snapshots – WPvivid compatible with PHP 5.3+?

Database Snapshots – WPvivid requires PHP 5.3 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Database Snapshots – WPvivid updated?

Database Snapshots – WPvivid was last updated on Apr 11, 2023. Frequent updates are generally a positive security signal.

What is Database Snapshots – WPvivid's security score?

Database Snapshots – WPvivid has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Database Snapshots – WPvivid Security & Risk Analysis

wordpress.org/plugins/wpvivid-snapshot-database

Create snapshots of a WordPress database quickly.

1K active installs v0.9.4 PHP 5.3+ WP 4.5+ Updated Apr 11, 2023

database-restoredatabase-rollbackdatabase-snapshotrollbacksnapshot

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Database Snapshots – WPvivid Safe to Use in 2026?

Generally Safe

Score 85/100

Database Snapshots – WPvivid has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2yr ago

Risk Assessment

The wpvivid-snapshot-database plugin v0.9.4 exhibits a concerning security posture primarily due to a significant number of unprotected AJAX handlers. The static analysis reveals 7 AJAX handlers, all of which lack authentication checks. This creates a substantial attack surface, allowing any user, including unauthenticated ones, to potentially trigger these functions. While the plugin shows strengths in other areas, such as a lack of dangerous functions, no file operations, no external HTTP requests, and a high percentage of output escaping, the unprotected AJAX handlers represent a critical weakness. The taint analysis, though limited in scope with only 4 flows analyzed, did identify 3 flows with unsanitized paths, indicating potential risks that were not classified as critical or high. The absence of any recorded vulnerabilities in its history is a positive sign, suggesting a generally stable codebase, but it does not negate the immediate risks identified in the current version's code. The presence of only one nonce check and two capability checks further highlights the inadequate security measures for its entry points.

Key Concerns

7 unprotected AJAX handlers
3 flows with unsanitized paths
Only 1 nonce check
Only 2 capability checks

Vulnerabilities

None known

Database Snapshots – WPvivid Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Database Snapshots – WPvivid Code Analysis

Dangerous Functions

Raw SQL Queries

11 prepared

Unescaped Output

121 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

46% prepared24 total queries

Output Escaping

92% escaped132 total outputs

Data Flows

3 unsanitized

Data Flow Analysis

4 flows3 with unsanitized paths

create_snapshot (includes\class-wpvivid-snapshot.php:1221)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

7 unprotected

Database Snapshots – WPvivid Attack Surface

Entry Points7

Unprotected7

AJAX Handlers 7

authwp_ajax_wpvivid_create_snapshotincludes\class-wpvivid-snapshot.php:40

authwp_ajax_wpvivid_get_snapshot_progressincludes\class-wpvivid-snapshot.php:41

authwp_ajax_wpvivid_resume_create_snapshotincludes\class-wpvivid-snapshot.php:43

authwp_ajax_wpvivid_restore_snapshotincludes\class-wpvivid-snapshot.php:44

authwp_ajax_wpvivid_get_restore_snapshot_statusincludes\class-wpvivid-snapshot.php:45

authwp_ajax_wpvivid_delete_snapshotincludes\class-wpvivid-snapshot.php:46

authwp_ajax_wpvivid_set_snapshot_settingincludes\class-wpvivid-snapshot.php:51

WordPress Hooks 14

filterwpvivid_merge_query_lockincludes\class-wpvivid-snapshot-function.php:312

actionnetwork_admin_menuincludes\class-wpvivid-snapshot.php:27

actionadmin_menuincludes\class-wpvivid-snapshot.php:31

actionadmin_enqueue_scriptsincludes\class-wpvivid-snapshot.php:34

actionadmin_enqueue_scriptsincludes\class-wpvivid-snapshot.php:35

filterwpvivid_snapshot_get_screen_idsincludes\class-wpvivid-snapshot.php:36

filterwpvivid_get_toolbar_menusincludes\class-wpvivid-snapshot.php:38

filterwpvivid_check_create_snapshotincludes\class-wpvivid-snapshot.php:48

actionwpvivid_create_snapshotincludes\class-wpvivid-snapshot.php:49

actionwpvivid_snapshot_add_sidebarincludes\class-wpvivid-snapshot.php:53

actionadmin_bar_menuincludes\class-wpvivid-snapshot.php:61

actionadmin_footerincludes\class-wpvivid-snapshot.php:62

filterwpvivid_snapshot_get_main_admin_menusincludes\class-wpvivid-snapshot.php:121

filterwpvivid_added_quick_snapshotincludes\class-wpvivid-snapshot.php:204

Maintenance & Trust

Database Snapshots – WPvivid Maintenance & Trust

Maintenance Signals

WordPress version tested6.2.9

Last updatedApr 11, 2023

PHP min version5.3

Downloads16K

Community Trust

Rating100/100

Number of ratings2

Active installs1K

Alternatives

Database Snapshots – WPvivid Alternatives

Selmitec QuickSnap Restore

selmitec-quicksnap-restore

100

Create one-click site snapshots and restore quickly from the WordPress admin area. Minimal UI and lightweight footprint.

0 No CVEs

WP Rollback – Rollback Plugins and Themes

wp-rollback

Rollback (or forward) any WordPress.org plugin, theme, or block like a boss.

300K 2 CVEs

WP Downgrade | Specific Core Version

wp-downgrade

Automatically downgrad or update to any WordPress version you want directly from the backend.

100K 1 CVE

Change Admin Email

change-admin-email-setting-without-outbound-email

This plugin allows an administrator to change the "site admin email", without sending a confirmation email from the server.

50K No CVEs

Core Rollback

core-rollback

100

Seamless rollback of WordPress Core to latest release or any outdated, secure release using the Core Update API and core update methods.

10K No CVEs

Developer Profile

Database Snapshots – WPvivid Developer Profile

wpvividplugins

4 plugins · 921K total installs

trust score

Avg Security Score

90/100

Avg Patch Time

332 days

View full developer profile

Detection Fingerprints

How We Detect Database Snapshots – WPvivid

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wpvivid-snapshot-database/assets/css/wpvivid-snapshot.css/wp-content/plugins/wpvivid-snapshot-database/assets/js/wpvivid-snapshot.js

Script Paths

/wp-content/plugins/wpvivid-snapshot-database/assets/js/wpvivid-snapshot.js

Version Parameters

wpvivid-snapshot-database/assets/css/wpvivid-snapshot.css?ver=wpvivid-snapshot-database/assets/js/wpvivid-snapshot.js?ver=

HTML / DOM Fingerprints

CSS Classes

wpvivid-quick-create-snapshot

JS Globals

wpvivid_snapshot_create_snapshot_ajax_objectwpvivid_snapshot_get_snapshot_progress_ajax_objectwpvivid_snapshot_resume_create_snapshot_ajax_objectwpvivid_snapshot_restore_snapshot_ajax_objectwpvivid_snapshot_get_restore_snapshot_status_ajax_objectwpvivid_snapshot_delete_snapshot_ajax_object+3 more

REST Endpoints

/wp-json/wpvivid-snapshot/v1/create/wp-json/wpvivid-snapshot/v1/get_progress/wp-json/wpvivid-snapshot/v1/resume_create/wp-json/wpvivid-snapshot/v1/restore/wp-json/wpvivid-snapshot/v1/get_restore_status/wp-json/wpvivid-snapshot/v1/delete/wp-json/wpvivid-snapshot/v1/check_create/wp-json/wpvivid-snapshot/v1/create_ex/wp-json/wpvivid-snapshot/v1/set_setting

FAQ