[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f05BY5PeTW74MwvtcxDwwxHTtf2qdDlv34vuoWWFWIWA":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":37,"analysis":141,"fingerprints":433},"wpzoom-user-history","WPZOOM User History – Lock Users & Change Usernames","1.2.0","WPZOOM","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpzoom\u002F","\u003Cp>User History tracks all changes made to user profiles and displays a complete history log on the user edit page. It also lets admins lock or unlock user accounts, change usernames, monitor login\u002Flogout activity, manage active sessions, and search for users by their previous details.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Profile Change Tracking:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Track Profile Changes\u003C\u002Fstrong> – Automatically logs changes to username, email, display name, first\u002Flast name, nickname, website, bio, and role\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Password Change Logging\u003C\u002Fstrong> – Records when passwords are changed (without storing any password data)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>See Who Made Changes\u003C\u002Fstrong> – Each log entry shows whether the user changed their own profile or if an admin made the change\u003C\u002Fli>\n\u003Cli>\u003Cstrong>IP Address Tracking\u003C\u002Fstrong> – Records the IP address for each change (can be disabled for GDPR compliance)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Search by Previous Values\u003C\u002Fstrong> – Find users on the All Users page by their old email or username\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Clear History\u003C\u002Fstrong> – Admins can clear the history log for any user\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Login & Session Monitoring:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Login\u002FLogout Tracking\u003C\u002Fstrong> – Records successful logins, logouts, and failed login attempts with date, IP address, and browser info\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Failed Login Attempts\u003C\u002Fstrong> – Track failed login attempts for existing user accounts\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Active Sessions\u003C\u002Fstrong> – View all active WordPress sessions for any user, including login time, IP address, browser, and expiry\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Log Out Everywhere\u003C\u002Fstrong> – Destroy all active sessions for a user with one click\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Browser & OS Detection\u003C\u002Fstrong> – Automatically detects and displays the browser and operating system from the user agent\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Lock\u002FUnlock User Accounts:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Lock User Accounts\u003C\u002Fstrong> – Prevent users from logging in by locking their account\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Instant Session Termination\u003C\u002Fstrong> – Locked users are logged out immediately and all active sessions are destroyed\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Application Password Blocking\u003C\u002Fstrong> – Locked users cannot authenticate via application passwords (REST API, XML-RPC)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Status Column\u003C\u002Fstrong> – See which users are locked at a glance with a status column on the All Users page\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Bulk Lock\u002FUnlock\u003C\u002Fstrong> – Lock or unlock multiple users at once from the All Users page\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Row Actions\u003C\u002Fstrong> – Quickly lock or unlock individual users from the All Users list\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Locked Users Filter\u003C\u002Fstrong> – Filter the All Users list to show only locked accounts\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Lock Message\u003C\u002Fstrong> – Set a custom message shown to locked users on the login screen (Settings > User History)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WP-CLI Access\u003C\u002Fstrong> – Locked users can still be managed via WP-CLI\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Admin Tools:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Change Username\u003C\u002Fstrong> – Allows admins to change usernames directly from the user edit page (WordPress normally doesn’t allow this)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Delete User Button\u003C\u002Fstrong> – Quick access button to delete a user directly from their profile page\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Retention\u003C\u002Fstrong> – Automatically delete old logs after a configurable number of days (default: 30 days)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Clear All Logs\u003C\u002Fstrong> – Bulk delete all history logs for every user from the settings page\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Privacy & Compliance:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>IP Tracking Toggle\u003C\u002Fstrong> – Enable or disable IP address recording for GDPR compliance (Settings > User History)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Configurable Retention\u003C\u002Fstrong> – Set how long logs are kept (1-365+ days, or keep forever)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic Cleanup\u003C\u002Fstrong> – Daily cron job removes logs older than the configured retention period\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Compatibility:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Multisite Compatible\u003C\u002Fstrong> – Works with WordPress multisite installations, including super admin username changes\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Members Plugin Compatible\u003C\u002Fstrong> – Correctly tracks role changes when using the Members plugin for multiple role assignments\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Migration from Lock User Account plugin\u003C\u002Fstrong> – Automatically migrates locked users from the Lock User Account plugin\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Use Cases:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Find customers who changed their email after making a purchase\u003C\u002Fli>\n\u003Cli>Track when and who changed user roles\u003C\u002Fli>\n\u003Cli>Audit user profile modifications for security\u003C\u002Fli>\n\u003Cli>Monitor login activity and detect suspicious access\u003C\u002Fli>\n\u003Cli>View and manage active user sessions\u003C\u002Fli>\n\u003Cli>Allow username changes without database access\u003C\u002Fli>\n\u003Cli>Lock compromised or suspended accounts instantly\u003C\u002Fli>\n\u003Cli>Temporarily disable user access without deleting accounts\u003C\u002Fli>\n\u003C\u002Ful>\n","Track changes made to user accounts, lock\u002Funlock users, change usernames, and monitor login activity.",0,174,"","6.9.4","6.5","7.4",[18,19,20,21,22],"audit-log","change-username","user-history","user-log","user-tracking","https:\u002F\u002Fgithub.com\u002Fwpzoom\u002Fuser-history","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpzoom-user-history.1.2.0.zip",100,null,"2026-03-15T10:48:56.248Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":33,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"wpzoom",24,336710,96,102,76,"2026-04-03T23:35:43.867Z",[38,61,86,105,122],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":14,"requires_at_least":51,"requires_php":16,"tags":52,"homepage":56,"download_link":57,"security_score":33,"vuln_count":58,"unpatched_count":11,"last_vuln_date":59,"fetched_at":60},"simple-history","Simple History – Track, Log, and Audit WordPress Changes","5.24.1","Pär Thernström","https:\u002F\u002Fprofiles.wordpress.org\u002Feskapism\u002F","\u003Cp>Trusted by 300,000+ WordPress sites, rated 4.9 stars with \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fsimple-history\u002Freviews\u002F?filter=5\" rel=\"ugc\">430+ five-star reviews\u003C\u002Fa>, actively developed for 10+ years, and translated into 15+ languages.\u003C\u002Fp>\n\u003Cp>Simple History is the complete audit log for WordPress. It tracks every meaningful change — content edits, user logins, plugin updates, security events, and more — so site owners, teams, agencies, and developers always know who did what and when. Just install and activate; no configuration required.\u003C\u002Fp>\n\u003Ch3>🔍 How Simple History Helps in Real Situations\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Track what’s happening on your site\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Cem>“Has anyone done anything today? Ah, Sarah uploaded the new press release and created an article for it. Great — now I don’t have to do that.”\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Identify issues and debug faster\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Cem>“The site feels slow since yesterday. Has anyone done anything special? … Ah, Steven activated ‘naughty-plugin-x’, that must be it.”\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Keep freelancers & agencies accountable\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Cem>“I hired a developer to optimize my site. But did they actually do anything? A quick glance at Simple History shows me exactly what they worked on.”\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Spot suspicious activity early\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Cem>“I see three failed logins from an unfamiliar IP address overnight. Let me click the IP to check all activity from that address — just those attempts, nothing else. Good to know.”\u003C\u002Fem>\u003C\u002Fp>\n\u003Ch3>✨ What Simple History Tracks\u003C\u002Fh3>\n\u003Ch4>Security & Monitoring\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Failed user logins with IP tracking and filtering by type (wrong password vs. non-existent username)\u003C\u002Fli>\n\u003Cli>Core file integrity checks against official checksums\u003C\u002Fli>\n\u003Cli>Forced security auto-updates from WordPress.org\u003C\u002Fli>\n\u003Cli>Site Health status changes\u003C\u002Fli>\n\u003Cli>Admin page access denied events\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Content & Users\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Posts, pages, and custom post types — create, edit, delete, and homepage assignment\u003C\u002Fli>\n\u003Cli>Attachments with image edit details (crop, rotate, flip, scale) and thumbnail previews\u003C\u002Fli>\n\u003Cli>Taxonomies with detailed diffs of name, slug, description, and parent\u003C\u002Fli>\n\u003Cli>Comments, menus (with item-level detail), and widgets\u003C\u002Fli>\n\u003Cli>User profiles, logins, logouts, and role changes\u003C\u002Fli>\n\u003Cli>Notes — the collaboration feature in WordPress 6.9\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>System & Updates\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Plugin lifecycle: install, update, activate, deactivate, delete, and auto-update toggle\u003C\u002Fli>\n\u003Cli>Theme install, update, activate, switch, and delete\u003C\u002Fli>\n\u003Cli>WordPress core updates (manual and automatic)\u003C\u002Fli>\n\u003Cli>Translation and language pack updates\u003C\u002Fli>\n\u003Cli>Available update notifications\u003C\u002Fli>\n\u003Cli>Settings and option screen changes\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Privacy & Compliance\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Privacy data export and user data erasure requests\u003C\u002Fli>\n\u003Cli>Privacy page changes\u003C\u002Fli>\n\u003Cli>IP addresses anonymized by default — no cookies, no external fonts\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🔌 Built-in Third-Party Plugin Support\u003C\u002Fh3>\n\u003Cp>Simple History includes built-in logging for:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Jetpack\u003C\u002Fstrong> – Module activations and deactivations\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced Custom Fields (ACF)\u003C\u002Fstrong> – Field group and field changes\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User Switching\u003C\u002Fstrong> – User switch events\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WP Crontrol\u003C\u002Fstrong> – Cron event and schedule changes\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Enable Media Replace\u003C\u002Fstrong> – File replacement details\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Limit Login Attempts\u003C\u002Fstrong> – Login attempts, lockouts, and config changes\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Redirection\u003C\u002Fstrong> – Redirect and group changes, global settings\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Duplicate Post\u003C\u002Fstrong> – Post and page cloning\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Beaver Builder\u003C\u002Fstrong> – Layout, template, and settings saves\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Is your plugin missing? Plugin authors can add support using the \u003Ca href=\"https:\u002F\u002Fsimple-history.com\u002Fdocs\u002Flogging-api\u002F?utm_source=wordpress_org&utm_medium=plugin_directory&utm_campaign=documentation&utm_content=readme_doc_logging_api\" rel=\"nofollow ugc\">logging API\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>💬 What Users Say\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fsimple-history\u002Freviews\u002F?filter=5\" rel=\"ugc\">430+ five-star reviews\u003C\u002Fa> on WordPress.org:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cem>“So far the best and most comprehensive logging plugin”\u003C\u002Fem> – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fso-far-the-best-and-most-comprehensive-logging-plugin\u002F\" rel=\"ugc\">@herrschuessler\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cem>“The best history plugin I’ve found”\u003C\u002Fem> – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fthe-best-history-plugin-ive-found\u002F\" rel=\"ugc\">Rich Mehta\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cem>“Fantastic plugin I use on all sites”\u003C\u002Fem> – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Ffantastic-plugin-i-use-on-all-sites\u002F\" rel=\"ugc\">Duncan Michael-MacGregor\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cem>“It is a standard plugin for all of our sites”\u003C\u002Fem> – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fit-is-a-standard-plugin-for-all-of-our-sites\u002F\" rel=\"ugc\">Mr Tibbs\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🚀 View Your Log Everywhere\u003C\u002Fh3>\n\u003Cp>Simple History starts tracking instantly after activation — no setup needed. It even imports recent activity so your log isn’t empty on day one. Access your log from:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Dashboard widget\u003C\u002Fstrong> – Activity stats summary and recent events\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Admin bar quick view\u003C\u002Fstrong> – Dropdown with latest events on any admin page\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Command palette\u003C\u002Fstrong> – Type “Simple History” to jump to the log for the current post\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Dedicated admin page\u003C\u002Fstrong> – Full log with search, filters, and insights sidebar\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Email reports\u003C\u002Fstrong> – Weekly summary delivered to your inbox\u003C\u002Fli>\n\u003Cli>\u003Cstrong>RSS feed\u003C\u002Fstrong> – Password-protected feed for your favorite reader\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WP-CLI\u003C\u002Fstrong> – Command-line access for automation and scripting\u003C\u002Fli>\n\u003Cli>\u003Cstrong>REST API\u003C\u002Fstrong> – Programmatic access for custom integrations\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>📧 Weekly Email Reports – Stay Informed Without Logging In\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fsimple-history.com\u002Ffeatures\u002Femail-reports-weekly\u002F?utm_source=wordpress_org&utm_medium=plugin_directory&utm_campaign=documentation&utm_content=readme_doc_email_reports\" rel=\"nofollow ugc\">Weekly email reports\u003C\u002Fa> deliver a summary of your site’s activity every Monday morning — total activity, daily breakdown, key metrics (logins, content updates, plugin changes), and direct links to the full log.\u003C\u002Fp>\n\u003Cp>Perfect for site owners, agencies managing client sites, and teams who need regular updates without logging in. Enable it in settings and \u003Ca href=\"https:\u002F\u002Fsimple-history.com\u002Ffeatures\u002Femail-reports-weekly\u002F?utm_source=wordpress_org&utm_medium=plugin_directory&utm_campaign=documentation&utm_content=readme_doc_email_reports#example\" rel=\"nofollow ugc\">see what the email looks like\u003C\u002Fa> before turning it on.\u003C\u002Fp>\n\u003Ch3>🛠️ For Developers & Power Users\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>WP-CLI\u003C\u002Fstrong> – \u003Ca href=\"https:\u002F\u002Fsimple-history.com\u002Ffeatures\u002Fwp-cli-commands\u002F?utm_source=wordpress_org&utm_medium=plugin_directory&utm_campaign=documentation&utm_content=readme_doc_wp_cli_commands\" rel=\"nofollow ugc\">List, search, and export events\u003C\u002Fa> from the command line — perfect for automation and managing multiple sites\u003C\u002Fli>\n\u003Cli>\u003Cstrong>REST API\u003C\u002Fstrong> – Full programmatic access to query the log and add custom events. See the \u003Ca href=\"https:\u002F\u002Fsimple-history.com\u002Fdocs\u002F?utm_source=wordpress_org&utm_medium=plugin_directory&utm_campaign=documentation&utm_content=readme_doc_overview\" rel=\"nofollow ugc\">documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Logging API\u003C\u002Fstrong> – \u003Ca href=\"https:\u002F\u002Fsimple-history.com\u002Fdocs\u002Flogging-api\u002F?utm_source=wordpress_org&utm_medium=plugin_directory&utm_campaign=documentation&utm_content=readme_doc_logging_api\" rel=\"nofollow ugc\">Log your own events\u003C\u002Fa> from themes and plugins with a single line of code\u003C\u002Fli>\n\u003Cli>\u003Cstrong>RSS feed\u003C\u002Fstrong> – Subscribe to changes using any feed reader\u003C\u002Fli>\n\u003Cli>\u003Cstrong>AI & agent-friendly\u003C\u002Fstrong> – The REST API and RSS feed make Simple History accessible to AI agents and automated workflows like Claude Code\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Stealth Mode\u003C\u002Fstrong> – Run Simple History completely hidden from the admin interface via code; \u003Ca href=\"https:\u002F\u002Fsimple-history.com\u002Fadd-ons\u002Fpremium?utm_source=wordpress_org&utm_medium=plugin_directory&utm_campaign=documentation&utm_content=readme_doc_stealth_mode\" rel=\"nofollow ugc\">Premium\u003C\u002Fa> adds a GUI. Ideal for agencies and client sites\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🔆 Extend with Add-ons\u003C\u002Fh3>\n\u003Ch4>\u003Ca href=\"https:\u002F\u002Fsimple-history.com\u002Fadd-ons\u002Fpremium?utm_source=wordpress_org&utm_medium=plugin_directory&utm_campaign=documentation&utm_content=readme_doc_premium\" rel=\"nofollow ugc\">Simple History Premium\u003C\u002Fa>\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Alerts & Notifications\u003C\u002Fstrong> – Get notified instantly via Email, Slack, Discord, or Telegram when important events occur. Start quickly with preset rules for common scenarios or build custom rules filtered by event type, user, role, and log level.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Log Forwarding\u003C\u002Fstrong> – Stream events to external destinations: local log files, syslog servers (UDP\u002FTCP\u002FTLS), Datadog, Splunk, webhooks, or external MySQL\u002FMariaDB databases. Perfect for centralized logging, compliance, and backup.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Enhanced Controls\u003C\u002Fstrong> – Custom retention periods (or keep logs forever), CSV\u002FJSON export of filtered search results, post activity panel in the block editor, custom log entries for team decisions, stealth mode GUI, logger control to fine-tune which events are recorded, and an ad-free experience.\u003C\u002Fp>\n\u003Ch4>\u003Ca href=\"https:\u002F\u002Fsimple-history.com\u002Fadd-ons\u002Fwoocommerce\u002F?utm_source=wordpress_org&utm_medium=plugin_directory&utm_campaign=addons&utm_content=readme_addon_woocommerce\" rel=\"nofollow ugc\">WooCommerce Logger\u003C\u002Fa>\u003C\u002Fh4>\n\u003Cp>Track WooCommerce activity: orders, refunds, stock changes, product updates, pricing adjustments, settings modifications, and coupon usage.\u003C\u002Fp>\n\u003Ch4>\u003Ca href=\"https:\u002F\u002Fsimple-history.com\u002Fadd-ons\u002Fdebug-and-monitor\u002F?utm_source=wordpress_org&utm_medium=plugin_directory&utm_campaign=addons&utm_content=readme_addon_debug_monitor\" rel=\"nofollow ugc\">Debug and Monitor\u003C\u002Fa>\u003C\u002Fh4>\n\u003Cp>Monitor outgoing HTTP requests and emails, debug API calls, and see what’s happening under the hood. Essential for developers and support teams.\u003C\u002Fp>\n\u003Ch3>💚 Sponsor this project\u003C\u002Fh3>\n\u003Cp>If you like this plugin please consider \u003Ca href=\"https:\u002F\u002Fsimple-history.com\u002Fsponsor\u002F?utm_source=wordpress_org&utm_medium=plugin_directory&utm_campaign=sponsorship&utm_content=readme_sponsor_footer\" rel=\"nofollow ugc\">sponsoring the development of the free plugin\u003C\u002Fa>. The plugin has been free for over 10 years and will continue to be free.\u003C\u002Fp>\n","Track changes and user activities on your WordPress site. See who created a page, uploaded an attachment, and more, for a complete audit trail.",300000,11308682,98,461,"2026-03-14T20:29:00.000Z","6.3",[53,18,54,55,22],"activity","event-log","history","https:\u002F\u002Fsimple-history.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-history.5.24.1.zip",4,"2025-06-05 21:58:10","2026-03-15T15:16:48.613Z",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":69,"downloaded":70,"rating":71,"num_ratings":72,"last_updated":73,"tested_up_to":74,"requires_at_least":75,"requires_php":76,"tags":77,"homepage":81,"download_link":82,"security_score":83,"vuln_count":84,"unpatched_count":11,"last_vuln_date":85,"fetched_at":60},"aryo-activity-log","Activity Log – Monitor & Record User Changes","2.11.2","Elementor","https:\u002F\u002Fprofiles.wordpress.org\u002Felemntor\u002F","\u003Cp>\u003Cstrong>AN EASY TO USE & FULLY SUPPORTED WORDPRESS ACTIVITY LOG PLUGIN\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Want to monitor and track your WordPress website activity? Find out exactly who does what on your WordPress website with this plugin. Activity Log is like an airplane’s black box that logs every action in the WordPress admin, and lets you see exactly what users are doing on your WordPress website.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>If someone is trying to hack your site\u003C\u002Fli>\n\u003Cli>When a post was published, and who published it\u003C\u002Fli>\n\u003Cli>If a plugin\u002Ftheme was activated\u002Fdeactivated\u003C\u002Fli>\n\u003Cli>Suspicious admin activity\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>It’s so essential; you’ll wonder how you ever managed your website without it. The plugin is also lightning fast and works behind the scenes, so it doesn\\’t affect site and admin performance. For optimal performance, we built the plugin so that it runs on a separate table in the database.\u003C\u002Fp>\n\u003Cp>If you have more than a handful of users, keeping track of who did what is virtually impossible. This plugin solves that issue by tracking what actions were initiated by which users, and displaying it in an easy-to-use and easy-to-filter view on the dashboard of your WordPress site.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>New! Introducing Email Logging\u003C\u002Fstrong> – Capture all emails sent from your WordPress site for streamlined debugging and compliance. Gain better visibility into email communication, aiding both troubleshooting and record-keeping. This is particularly beneficial for WooCommerce stores, allowing you to easily track sent emails alongside other critical site events.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Export to CSV\u003C\u002Fstrong> – Export your Activity Log data records to CSV. Developers can easily add support for custom data formats with our new dedicated Export API.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Data Privacy and GDPR Compliance\u003C\u002Fstrong> – We provide the tools to help you adhere to GDPR compliance standards, including Export\u002FErasure of data via the WordPress Privacy Tools.\u003C\u002Fp>\n\u003Ch3>With the Activity Log you can record:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>WordPress\u003C\u002Fstrong> – Core updates\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Posts\u003C\u002Fstrong> – Created, updated, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Pages\u003C\u002Fstrong> – Created, updated, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Post Type\u003C\u002Fstrong> – Created, updated, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Tags\u003C\u002Fstrong> – Created, updated, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Categories\u003C\u002Fstrong> – Created, updated, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Taxonomies\u003C\u002Fstrong> – Created, updated, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Menus\u003C\u002Fstrong> – Created, updated, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Media\u003C\u002Fstrong> – Created, updated, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Comments\u003C\u002Fstrong> – Created, approved, unapproved, trashed, untrashed, spammed, unspammed, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Users\u003C\u002Fstrong> – Login, logout, login failed, update profile, registered, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Plugins\u003C\u002Fstrong> – Installed, updated, activated, deactivated, changed\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Themes\u003C\u002Fstrong> – Installed, updated, deleted, activated, changed (Editor and Customizer)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Widgets\u003C\u002Fstrong> – Added to sidebar, deleted from sidebar, order widgets\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Setting\u003C\u002Fstrong> – General, writing, reading, discussion, media, permalinks\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Options\u003C\u002Fstrong> – Extended custom settings for 3rd party plugins\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Export\u003C\u002Fstrong> – Exported activity log file\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WooCommerce\u003C\u002Fstrong> – Track products, orders, customers, and more\u003C\u002Fli>\n\u003Cli>\u003Cstrong>bbPress\u003C\u002Fstrong> – Forums, topics, replies, taxonomies, and other actions\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Emails sent from WordPress site\u003C\u002Fstrong> – Sending successful, sending failed\u003C\u002Fli>\n\u003Cli>There’s more, of course, but you get the point…\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For each event recorded by the activity log, the following details are also logged:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Date and time of occurrence\u003C\u002Fli>\n\u003Cli>User and user role responsible for the change\u003C\u002Fli>\n\u003Cli>Source IP address from which the change originated\u003C\u002Fli>\n\u003Cli>Affected object where the change occurred\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The plugin doesn\\’t require any kind of setup; it works right out of the box (just another reason people love it)!\u003C\u002Fp>\n\u003Ch3>Data Storage and Performance Optimization\u003C\u002Fh3>\n\u003Cp>In order to ensure optimal performance of your website, all events and logs data are stored in a dedicated custom table within your WordPress database. This approach significantly reduces the impact on your website’s performance, ensuring seamless operation even during peak traffic periods.\u003C\u002Fp>\n\u003Ch3>Uninstall Clean-up\u003C\u002Fh3>\n\u003Cp>We understand the importance of maintaining a clean and efficient database environment. That’s why our plugin features an uninstall hook that seamlessly removes all traces of its presence from your website when uninstalling. This meticulous clean-up process ensures that your database remains lean and clutter-free even after our plugin has been removed.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>With our optimized data storage, thorough logging, and meticulous clean-up process, you can trust that our plugin will enhance the functionality and security of your WordPress site without compromising its performance.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>What users have to say\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cem>“Its tools, particularly for data privacy and GDPR compliance, make it indispensable for websites operating within European Union boundaries or dealing with EU citizens’ data”\u003C\u002Fem> – \u003Ca href=\"https:\u002F\u002Fblog.hubspot.com\u002Fwebsite\u002F8-best-plugins-tracking-user-activity-wordpress\" rel=\"nofollow ugc\">HubSpot.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cem>“If you’re after a competent WP security audit log plugin with all the basic features you need, Activity Log is it!”\u003C\u002Fem> – \u003Ca href=\"https:\u002F\u002Fwpastra.com\u002Fplugins\u002Fwordpress-activity-log-plugins\u002F\" rel=\"nofollow ugc\">WPAstra.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cem>“Activity Log features a remarkably straightforward dashboard interface, providing administrators with an at-a-glance understanding of site interactions”\u003C\u002Fem> – \u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fwordpress-activity-log\u002F\" rel=\"nofollow ugc\">Malcare.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cem>“Best 10 Free WordPress Plugins of the Month: Keeping tabs on what your users do with their access to the Dashboard”\u003C\u002Fem> – \u003Ca href=\"https:\u002F\u002Fmanagewp.com\u002Fbest-free-wordpress-plugins-july-2014\" rel=\"nofollow ugc\">ManageWP.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cem>“Thanks to this step, we’ve discovered that our site was undergoing a brute force attack”\u003C\u002Fem> – \u003Ca href=\"https:\u002F\u002Fartdriver.com\u002Fblog\u002Fwordpress-site-hacked-solution-time\" rel=\"nofollow ugc\">Artdriver.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cem>“Optimized code – The plugin itself is blazing fast and leaves almost no footprint on the server”\u003C\u002Fem> – \u003Ca href=\"https:\u002F\u002Fwww.freshtechtips.com\u002F2014\u002F01\u002Fbest-audit-trail-plugins-for-wordpress.html\" rel=\"nofollow ugc\">FreshTechTips.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cem>“Activity Log lets you track a huge range of activities. Overall, very easy to use and setup”\u003C\u002Fem> – \u003Ca href=\"https:\u002F\u002Fwww.elegantthemes.com\u002Fblog\u002Ftips-tricks\u002F5-best-ways-to-monitor-wordpress-activity-via-the-dashboard\" rel=\"nofollow ugc\">ElegantThemes.com\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Contributions:\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Would you like to contribute to this plugin?\u003C\u002Fstrong> You’re more than welcome to submit your pull requests on the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fpojome\u002Factivity-log\" rel=\"nofollow ugc\">GitHub repo\u003C\u002Fa>. And, if you have any notes about the code, please open a ticket on the issue tracker.\u003C\u002Fp>\n","This top rated Activity Log plugin helps you monitor & log all changes and actions on your WordPress site, so you can remain secure and organized.",200000,3995902,86,74,"2024-11-12T14:55:00.000Z","6.7.5","6.0","7.0",[78,18,79,80,21],"activity-log","email-log","security","https:\u002F\u002Factivitylog.io\u002F?utm_source=wp-plugins&utm_campaign=plugin-uri&utm_medium=wp-dash","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Faryo-activity-log.2.11.2.zip",85,9,"2024-11-20 17:10:23",{"slug":87,"name":88,"version":89,"author":90,"author_profile":91,"description":92,"short_description":93,"active_installs":94,"downloaded":95,"rating":72,"num_ratings":96,"last_updated":97,"tested_up_to":98,"requires_at_least":99,"requires_php":76,"tags":100,"homepage":103,"download_link":104,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":60},"wp-admin-audit","WP Admin Audit","1.2.16","brandtoss","https:\u002F\u002Fprofiles.wordpress.org\u002Fbrandtoss\u002F","\u003Cp>\u003Cstrong>The modern activity log solution for WordPress\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpadminaudit.com\u002F?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WADA&utm_content=plugin+repo+description\" rel=\"nofollow ugc\">WP Admin Audit\u003C\u002Fa> is the powerful monitoring log plugin for WordPress.\u003Cbr \u002F>\nSite owners and administrators can sleep better at night knowing the plugin keeps track of all site changes, security events, and admin activities.\u003C\u002Fp>\n\u003Cp>Ever wondered\u003C\u002Fp>\n\u003Cul>\n\u003Cli>who unpublished a post?\u003C\u002Fli>\n\u003Cli>when a plugin was deactivated?\u003C\u002Fli>\n\u003Cli>how that strange new admin account appeared?\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The WordPress activity log in WP Admin Audit answers these questions.\u003C\u002Fp>\n\u003Cp>Keep track of everything that happens on your WordPress sites to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Have a log of every change that’s made\u003C\u002Fli>\n\u003Cli>Know about security-relevant activities\u003C\u002Fli>\n\u003Cli>Find out who did what and when they did it\u003C\u002Fli>\n\u003Cli>Analyze the steps that led to a technical problem\u003C\u002Fli>\n\u003Cli>Identify and mitigate automated login attempts by bots\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>What is being logged?\u003C\u002Fh3>\n\u003Cp>The short answer: almost all changes on your WordPress site, but you can decide what is kept in the audit log.\u003C\u002Fp>\n\u003Cp>The longer answer: WP Admin Audit has sensors that monitor the changes in your WordPress site and record what actions were performed by which user at which time on which item. A summary of the types of monitored events is below.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Content:\u003C\u002Fstrong> Page and Post changes (e.g. post created\u002Fupdated\u002Fpublished\u002Funpublished\u002Fdeleted)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Taxonomy:\u003C\u002Fstrong> Changes to Categories and Tags (e.g. tag is created, updated, or deleted)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User:\u003C\u002Fstrong> User registration, user profile updates, password resets, user deletions, login, and logout\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WordPress:\u003C\u002Fstrong> Updates of the WordPress core version, settings updates (general\u002Fwriting\u002Freading\u002Fdiscussion\u002Fmedia\u002Fpermalink\u002Fprivacy settings)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Plugin:\u003C\u002Fstrong> Installation, activation, updates, deactivation, and deletion of plugins\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Theme:\u003C\u002Fstrong> Installation, activation (theme switch), update, and deletion of themes\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Media:\u003C\u002Fstrong> Media file and data creations, updates, and deletions\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Menu:\u003C\u002Fstrong> Creation, updates, and deletions of menus\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Comment:\u003C\u002Fstrong> Comment creations, updates, deletions, and status changes (approved, unapproved, spammed, etc.)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>File:\u003C\u002Fstrong> File changes via the  plugin file editor and theme file editor\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>See the complete list of sensors, i.e. \u003Ca href=\"https:\u002F\u002Fwpadminaudit.com\u002Fdocumentation\u002Fwp-admin-audit\u002Fsensors\u002Fevent-types\u002F?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WADA&utm_content=plugin+repo+description\" rel=\"nofollow ugc\">the event types that are stored in the WordPress activity log\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>For every event WP Admin Audit records:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Event type\u003C\u002Fli>\n\u003Cli>Date and time\u003C\u002Fli>\n\u003Cli>IP address (the action\u002Fevent originated from)\u003C\u002Fli>\n\u003Cli>Acting user (the user who did the change)\u003C\u002Fli>\n\u003Cli>Subject (the item affected e.g. a post the action is done with\u002Fto)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Features (free)\u003C\u002Fh3>\n\u003Cp>Besides the WordPress event log, WP Admin Audit also features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Powerful search & filtering:\u003C\u002Fstrong> Powerful free-text search as well as filtering by all sorts of categories makes it easy to find the data you are interested in.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Administrator & user audit:\u003C\u002Fstrong> Find inactive administrator accounts and review the users’ last login dates. Check on their individual activity log.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Login attempts audit:\u003C\u002Fstrong> Monitor logins to be aware of automated (brute-force) attacks and to identify IP addresses for blocking.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Features (premium editions)\u003C\u002Fh3>\n\u003Cp>Upgrade to the \u003Ca href=\"https:\u002F\u002Fwpadminaudit.com\u002Fpricing\u002F?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WADA&utm_content=plugin+repo+description\" rel=\"nofollow ugc\">premium editions\u003C\u002Fa> for the following features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Third-party plugin support:\u003C\u002Fstrong> Optional extensions help you capture events happening in other WordPress plugins. \u003Ca href=\"https:\u002F\u002Fwpadminaudit.com\u002Fextensions\u002F?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WADA&utm_content=plugin+repo+description\" rel=\"nofollow ugc\">See our extension directory for more details.\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Notifications:\u003C\u002Fstrong> Select event types or event severity levels (e.g. critical and high) for instant notification via email. You can choose whole user groups (e.g. administrators), individual WordPress users, or selected email addresses.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Offsite archive \u002F Replication:\u003C\u002Fstrong> To increase security and for backup purposes, you can forward the events for storage to an external logging provider.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Enforce password changes:\u003C\u002Fstrong> You can enable a policy that requires users (with specific user roles) to change their passwords regularly. For example, administrator accounts can be required to change their passwords at least every 90 days.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>CSV export:\u003C\u002Fstrong> Export events, users, and login attempts to CSV files.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpadminaudit.com\u002Ffeature-comparison\u002F?utm_source=wordpress.org&utm_medium=referral&utm_campaign=WADA&utm_content=plugin+repo+description\" rel=\"nofollow ugc\">Click here for more details and for a complete feature list\u003C\u002Fa>\u003C\u002Fp>\n","WP Admin Audit monitors the security-relevant activities on your site, keeps an event log and tells you when something out of the ordinary happens.",1000,13518,6,"2025-07-23T21:45:00.000Z","6.8.5","5.5",[78,18,101,102,21],"audit-trail","security-audit-log","https:\u002F\u002Fwpadminaudit.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-admin-audit.1.2.16.zip",{"slug":106,"name":107,"version":108,"author":109,"author_profile":110,"description":111,"short_description":112,"active_installs":113,"downloaded":114,"rating":25,"num_ratings":115,"last_updated":116,"tested_up_to":98,"requires_at_least":117,"requires_php":118,"tags":119,"homepage":120,"download_link":121,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":60},"logify-wp","Logify WP – Activity Log & User Audit Log","1.3.3","Made Neat","https:\u002F\u002Fprofiles.wordpress.org\u002Fmadeneat\u002F","\u003Cp>\u003Cstrong>Logify WP\u003C\u002Fstrong> provides real-time, detailed logs of activities happening across your WordPress website. Whether you’re an \u003Cstrong>agency\u003C\u002Fstrong>, \u003Cstrong>freelancer\u003C\u002Fstrong>, \u003Cstrong>IT team\u003C\u002Fstrong>, \u003Cstrong>developer\u003C\u002Fstrong>, or \u003Cstrong>website administrator\u003C\u002Fstrong>, Logify WP gives you full visibility into your website’s activity with a comprehensive \u003Cstrong>activity log\u003C\u002Fstrong> and \u003Cstrong>audit log\u003C\u002Fstrong>. From tracking post edits to user login attempts and plugin updates, Logify WP helps you monitor and secure your site with clear and easy-to-understand logs.\u003C\u002Fp>\n\u003Cp>Take your activity logs to the next level with activity \u003Cstrong>Notes\u003C\u002Fstrong>! This feature allows you to attach \u003Cstrong>searchable notes\u003C\u002Fstrong> linked to logged events, providing valuable context. Need to document why a plugin was installed, who approved an update, or where a license is stored? Now you can, with simple markup support for clarity.\u003C\u002Fp>\n\u003Cp>Built to be simple yet powerful, Logify WP features a clean layout of activity information, easy filtering and search options, and customizable role-based access controls. The user-friendly dashboard widget makes it easy to review recent critical activities at a glance.\u003C\u002Fp>\n\u003Ch3>Key Features:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Activity Log Overview:\u003C\u002Fstrong> Get a complete chronological view of all logged activities across your WordPress site. Ideal for tracking patterns, diagnosing issues, and maintaining a transparent record of site events.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User Audit Log:\u003C\u002Fstrong> Drill down into individual user activity with dedicated audit trails. See exactly what each user did, when, and from where, perfect for accountability and compliance.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Track Core WordPress Activities:\u003C\u002Fstrong> Record actions on posts, pages, custom post types, taxonomies, plugins, themes, users, and more.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-time Monitoring:\u003C\u002Fstrong> Get instant insights into who made changes, when, and where, via a secure \u003Cstrong>event log\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Action Notes (New!):\u003C\u002Fstrong> Add and search \u003Cstrong>notes\u003C\u002Fstrong> linked to actions for improved tracking and accountability.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User Login Monitoring:\u003C\u002Fstrong> Track user logins, logouts, and failed attempts with IP addresses.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Media Management:\u003C\u002Fstrong> Know who is uploading, editing, or deleting media files and when.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Role-Based Access Control:\u003C\u002Fstrong> Limit who can access the activity logs based on their WordPress role.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced Search & Filters:\u003C\u002Fstrong> Filter logs by user, date, post type, and more to quickly find specific actions.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User-Friendly Dashboard Widget:\u003C\u002Fstrong> View the most recent critical activities in a quick summary.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>IP Address Information Integration:\u003C\u002Fstrong> One-click access to IP information via WhatIsMyIpAddress.com.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Who is Logify WP for?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Logify WP is perfect for:\u003Cbr \u002F>\n– \u003Cstrong>Agencies\u003C\u002Fstrong> managing multiple client sites.\u003Cbr \u002F>\n– \u003Cstrong>Freelancers\u003C\u002Fstrong> who need a detailed audit trail for their client work.\u003Cbr \u002F>\n– \u003Cstrong>IT Teams\u003C\u002Fstrong> maintaining the security of large WordPress environments.\u003Cbr \u002F>\n– \u003Cstrong>Website Administrators\u003C\u002Fstrong> responsible for monitoring site activity and detecting unauthorized changes.\u003Cbr \u002F>\n– \u003Cstrong>Developers\u003C\u002Fstrong> looking for a simple yet powerful logging tool.\u003Cbr \u002F>\n– \u003Cstrong>Everyday Website Users\u003C\u002Fstrong> who want a simple way to monitor and track activity on their site.\u003C\u002Fp>\n\u003Cp>Logify WP is actively being developed, with new features in the pipeline. If you’d like to suggest features, submit them via \u003Ca href=\"https:\u002F\u002Flogifywp.com\u002Fsuggest\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Flogifywp.com\u002Fsuggest\u002F\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Links\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Flogifywp.com\u002F\" rel=\"nofollow ugc\">Plugin Website\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Flogifywp.com\u002Fsuggest\u002F\" rel=\"nofollow ugc\">Suggest Features\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>This plugin bundles \u003Ca href=\"https:\u002F\u002Fdatatables.net\" rel=\"nofollow ugc\">DataTables\u003C\u002Fa>, which is released under the \u003Ca href=\"https:\u002F\u002Fdatatables.net\u002Flicense\u002Fmit\" rel=\"nofollow ugc\">MIT License\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>DataTables ©2007-2024 SpryMedia Ltd.\u003C\u002Fp>\n\u003Ch3>Third-Party Services\u003C\u002Fh3>\n\u003Cp>This plugin utilizes third-party services under certain circumstances:\u003C\u002Fp>\n\u003Ch3>1. WordPress Documentation Links\u003C\u002Fh3>\n\u003Cp>When viewing logs, this plugin provides links to the official WordPress documentation corresponding to the version of WordPress that has been installed on your site. These links direct users to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Service URL:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fdocumentation\u002F\" rel=\"ugc\">https:\u002F\u002Fwordpress.org\u002Fdocumentation\u002Fwordpress-version\u002Fversion-\u003Cversion>\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Purpose:\u003C\u002Fstrong> To offer quick access to documentation for the specific WordPress version installed.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Sent:\u003C\u002Fstrong> The WordPress version number is included in the URL.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy Policy:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fabout\u002Fprivacy\u002F\" rel=\"ugc\">https:\u002F\u002Fwordpress.org\u002Fabout\u002Fprivacy\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>2. IP Address Lookup\u003C\u002Fh3>\n\u003Cp>This plugin allows users to click on logged IP addresses to view their origin information. When a user clicks an IP address in the log, it opens a link to an external service:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Service Name:\u003C\u002Fstrong> WhatIsMyIPAddress.com\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Service URL:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwhatismyipaddress.com\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fwhatismyipaddress.com\u002Fip\u002F\u003CIP>\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Purpose:\u003C\u002Fstrong> To provide detailed information about the IP address’s geographical location and other related data.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Sent:\u003C\u002Fstrong> The IP address clicked in the log is included in the URL.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy Policy:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwhatismyipaddress.com\u002Fprivacy-policy\" rel=\"nofollow ugc\">https:\u002F\u002Fwhatismyipaddress.com\u002Fprivacy-policy\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms of Use:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwhatismyipaddress.com\u002Fterms-of-use\" rel=\"nofollow ugc\">https:\u002F\u002Fwhatismyipaddress.com\u002Fterms-of-use\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>3. IP Geolocation Service\u003C\u002Fh3>\n\u003Cp>This plugin retrieves the geographical location of users based on their IP addresses to enhance log information. When a user’s IP address is logged, the plugin sends a request to an external service to obtain location details:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Service Name:\u003C\u002Fstrong> ip-api.com\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Service URL:\u003C\u002Fstrong> \u003Ca href=\"http:\u002F\u002Fip-api.com\u002F\" rel=\"nofollow ugc\">http:\u002F\u002Fip-api.com\u002Fjson\u002F\u003CIP>\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Purpose:\u003C\u002Fstrong> To obtain geographical location data (city, region, country) associated with the IP address for display in logs.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Sent:\u003C\u002Fstrong> The user’s IP address is included in the API request URL.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Received:\u003C\u002Fstrong> The service returns location information such as city, region, and country.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy Policy:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fip-api.com\u002Fdocs\u002Flegal\" rel=\"nofollow ugc\">https:\u002F\u002Fip-api.com\u002Fdocs\u002Flegal\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms of Service:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fip-api.com\u002Fdocs\u002Flegal\" rel=\"nofollow ugc\">https:\u002F\u002Fip-api.com\u002Fdocs\u002Flegal\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Please Note:\u003C\u002Fstrong> By using these features, data (such as your WordPress version, or your users’ IP addresses) is sent to external services. We recommend reviewing your privacy policies and terms of use to ensure compliance with local laws and regulations.\u003C\u002Fp>\n","Logify WP - Activity Log & User Audit Log tracks critical changes, logins, and updates with searchable logs for site security.",200,2876,2,"2025-12-05T11:23:00.000Z","6.2","8.0",[78,18,54,80,22],"https:\u002F\u002Flogifywp.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flogify-wp.1.3.3.zip",{"slug":123,"name":124,"version":125,"author":126,"author_profile":127,"description":128,"short_description":129,"active_installs":25,"downloaded":130,"rating":25,"num_ratings":115,"last_updated":131,"tested_up_to":132,"requires_at_least":133,"requires_php":16,"tags":134,"homepage":136,"download_link":137,"security_score":138,"vuln_count":139,"unpatched_count":11,"last_vuln_date":140,"fetched_at":60},"logdash-activity-log","LogDash Activity Log","1.2","Deryck","https:\u002F\u002Fprofiles.wordpress.org\u002Fderyck\u002F","\u003Cp>LogDash Activity Log is the ultimate solution for tracking activities on your WordPress site. With its comprehensive features and intuitive interface, managing your website’s activity log has never been easier.\u003C\u002Fp>\n\u003Cp>Designed with simplicity in mind, LogDash Activity Log allows you to effortlessly monitor and track all actions on your WordPress site, including user logins, content changes, plugin updates, and more. Its user-friendly dashboard gives you instant access to critical information, making it easy to identify and resolve issues quickly.\u003C\u002Fp>\n\u003Cp>Whether you’re managing a personal blog or a large corporate website, LogDash Activity Log Plugin is the perfect tool for enhancing your site’s security.\u003C\u002Fp>\n\u003Cp>Log everything that happens on you WordPress website to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Gain full visibility:\u003C\u002Fstrong> Stay informed about everything happening on your WordPress site, from user logins and content updates to plugin installations and more.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Strengthen site security:\u003C\u002Fstrong> Easily spot suspicious behavior before it becomes a security threat with real-time alerts and customizable notifications, providing an added layer of protection for your site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Boost user productivity:\u003C\u002Fstrong> Monitor user activity and identify ways to optimize your site and workflow, leading to increased productivity.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Enhance user accountability:\u003C\u002Fstrong> Keep your users accountable with detailed logs of their actions on your site. This helps to promote responsible behavior and reduce errors.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Simplify troubleshooting:\u003C\u002Fstrong> Makes it easy to pinpoint the source of errors or issues on your site, enabling you to troubleshoot more efficiently and effectively.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Streamline site management:\u003C\u002Fstrong> Make use of shortcuts to gain quick access to modified content, simplifying site administration and reducing complexity.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>LogDash Activity Log is FREE. You can keep your log events for as long as you need – there’s no restriction on the duration of your logs.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Here’s an overview of the modifications that the plugin is capable of tracking and storing:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Core Updates:\u003C\u002Fstrong> such as upgrades, downgrades and re-downloads.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Themes:\u003C\u002Fstrong> such as downloads, installations, upgrades, activations, theme switch and deletions.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Plugins:\u003C\u002Fstrong> such as downloads, installations, upgrades, activations, theme switch and deletions.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Files:\u003C\u002Fstrong> such as uploads or every files, including plugins and themes and updates in WordPress theme or plugin editors.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Attachments:\u003C\u002Fstrong> Uploads and updates for every attachment.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Posts, Pages and Custom Posts:\u003C\u002Fstrong> such as title, content (with quick link to rollback revisions), status, taxonomies and many more.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Settings:\u003C\u002Fstrong> such as the Blog Title, Date format and every setting in WordPress.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Categories, Tags and Custom Taxonomies:\u003C\u002Fstrong> such as creating, removing, updating and adding values to posts, pages and custom posts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Users profile changes:\u003C\u002Fstrong> such as name, email, role changes (including support for multiple roles) and every profile related data.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User activity:\u003C\u002Fstrong> such as failed logins, login, logout and terminating other user sessions.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> LogDash also support WooCommerce, ACF, LogDash as well a every Custom Post Type. Support will be improved and extended in a Premium version in the future.\u003C\u002Fp>\n","The ultimate solution for tracking activities and security issues on your WordPress site.",3037,"2024-07-11T21:39:00.000Z","6.6.5","5.9.5",[78,18,135,21],"user-activity","https:\u002F\u002Fderyckoe.com\u002Flogdash-activity-log","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flogdash-activity-log.1.2.zip",90,1,"2023-10-26 00:00:00",{"attackSurface":142,"codeSignals":311,"taintFlows":342,"riskAssessment":426,"analyzedAt":432},{"hooks":143,"ajaxHandlers":282,"restRoutes":306,"shortcodes":307,"cronEvents":308,"entryPointCount":96,"unprotectedCount":11},[144,151,154,157,159,163,167,172,176,180,183,184,188,192,196,199,203,207,211,215,219,222,227,231,235,240,243,247,251,255,259,263,267,271,275,279],{"type":145,"name":146,"callback":147,"priority":148,"file":149,"line":150},"action","edit_user_profile","display_history_section",99,"includes\\class-admin.php",36,{"type":145,"name":152,"callback":147,"priority":148,"file":149,"line":153},"show_user_profile",37,{"type":145,"name":146,"callback":155,"priority":25,"file":149,"line":156},"display_delete_user_button",38,{"type":145,"name":152,"callback":155,"priority":25,"file":149,"line":158},39,{"type":145,"name":160,"callback":161,"file":149,"line":162},"admin_enqueue_scripts","enqueue_admin_assets",42,{"type":145,"name":164,"callback":165,"file":149,"line":166},"pre_user_query","extend_user_search",51,{"type":168,"name":169,"callback":170,"priority":94,"file":171,"line":150},"filter","authenticate","block_locked_user_auth","includes\\class-lock.php",{"type":145,"name":173,"callback":174,"priority":175,"file":171,"line":153},"wp_authenticate_application_password_errors","block_locked_user_app_password",10,{"type":168,"name":177,"callback":178,"priority":179,"file":171,"line":156},"determine_current_user","block_locked_user_session",9999,{"type":145,"name":146,"callback":181,"priority":48,"file":171,"line":182},"display_lock_user_section",41,{"type":145,"name":152,"callback":181,"priority":48,"file":171,"line":162},{"type":168,"name":185,"callback":186,"priority":175,"file":171,"line":187},"user_row_actions","add_lock_row_action",48,{"type":145,"name":189,"callback":190,"file":171,"line":191},"admin_init","process_lock_row_action",49,{"type":168,"name":193,"callback":194,"file":171,"line":195},"manage_users_columns","add_locked_column",50,{"type":168,"name":197,"callback":198,"priority":175,"file":171,"line":166},"manage_users_custom_column","render_locked_column",{"type":168,"name":200,"callback":201,"file":171,"line":202},"bulk_actions-users","add_lock_bulk_actions",52,{"type":168,"name":204,"callback":205,"priority":175,"file":171,"line":206},"handle_bulk_actions-users","handle_lock_bulk_actions",53,{"type":168,"name":208,"callback":209,"file":171,"line":210},"views_users","add_locked_users_view",54,{"type":145,"name":212,"callback":213,"file":171,"line":214},"pre_get_users","filter_locked_users_query",55,{"type":145,"name":216,"callback":217,"file":171,"line":218},"admin_notices","lock_bulk_action_admin_notice",56,{"type":145,"name":160,"callback":220,"file":171,"line":221},"enqueue_lock_assets",59,{"type":145,"name":223,"callback":224,"priority":175,"file":225,"line":226},"wp_login","log_login","includes\\class-login-tracker.php",33,{"type":145,"name":228,"callback":229,"priority":175,"file":225,"line":230},"wp_logout","log_logout",34,{"type":145,"name":232,"callback":233,"priority":175,"file":225,"line":234},"wp_login_failed","log_failed_login",35,{"type":145,"name":236,"callback":237,"file":238,"line":239},"admin_menu","add_settings_page","includes\\class-settings.php",22,{"type":145,"name":189,"callback":241,"file":238,"line":242},"register_settings",23,{"type":145,"name":164,"callback":244,"file":245,"line":246},"capture_old_data_on_query","includes\\class-tracker.php",103,{"type":168,"name":248,"callback":249,"priority":175,"file":245,"line":250},"wp_pre_insert_user_data","capture_old_user_data",104,{"type":145,"name":252,"callback":253,"priority":175,"file":245,"line":254},"profile_update","log_user_changes",107,{"type":145,"name":256,"callback":257,"priority":175,"file":245,"line":258},"update_user_meta","capture_old_meta",110,{"type":145,"name":260,"callback":261,"priority":175,"file":245,"line":262},"updated_user_meta","log_meta_change",111,{"type":145,"name":264,"callback":265,"priority":175,"file":245,"line":266},"set_user_role","log_role_change",114,{"type":145,"name":268,"callback":269,"file":245,"line":270},"shutdown","log_pending_role_changes",117,{"type":145,"name":272,"callback":273,"priority":175,"file":245,"line":274},"user_register","log_user_creation",120,{"type":145,"name":276,"callback":277,"file":278,"line":250},"plugins_loaded","init","wpzoom-user-history.php",{"type":145,"name":280,"callback":281,"file":278,"line":254},"wpzoom_user_history_cleanup","cleanup_old_entries",[283,289,293,297,300,303],{"action":284,"nopriv":285,"callback":286,"hasNonce":287,"hasCapCheck":287,"file":149,"line":288},"wpzoom_user_history_load_more",false,"ajax_load_more_history",true,45,{"action":290,"nopriv":285,"callback":291,"hasNonce":287,"hasCapCheck":287,"file":149,"line":292},"wpzoom_user_history_change_username","ajax_change_username",46,{"action":294,"nopriv":285,"callback":295,"hasNonce":287,"hasCapCheck":287,"file":149,"line":296},"wpzoom_user_history_clear","ajax_clear_history",47,{"action":298,"nopriv":285,"callback":299,"hasNonce":287,"hasCapCheck":287,"file":149,"line":187},"wpzoom_user_history_destroy_sessions","ajax_destroy_sessions",{"action":301,"nopriv":285,"callback":302,"hasNonce":287,"hasCapCheck":287,"file":171,"line":288},"wpzoom_user_history_toggle_lock","ajax_toggle_lock",{"action":304,"nopriv":285,"callback":305,"hasNonce":287,"hasCapCheck":287,"file":238,"line":31},"wpzoom_user_history_clear_all","ajax_clear_all_logs",[],[],[309],{"hook":280,"callback":280,"file":278,"line":310},119,{"dangerousFunctions":312,"sqlUsage":313,"outputEscaping":319,"fileOperations":11,"externalRequests":11,"nonceChecks":340,"capabilityChecks":175,"bundledLibraries":341},[],{"prepared":314,"raw":139,"locations":315},18,[316],{"file":238,"line":317,"context":318},209,"$wpdb->query() with variable interpolation",{"escaped":320,"rawEcho":321,"locations":322},75,8,[323,326,328,330,332,334,336,338],{"file":149,"line":324,"context":325},182,"raw output",{"file":149,"line":327,"context":325},220,{"file":149,"line":329,"context":325},245,{"file":238,"line":331,"context":325},122,{"file":238,"line":333,"context":325},133,{"file":238,"line":335,"context":325},144,{"file":238,"line":337,"context":325},178,{"file":238,"line":339,"context":325},283,7,[],[343,379,394],{"entryPoint":344,"graph":345,"unsanitizedCount":115,"severity":378},"ajax_load_more_history (includes\\class-admin.php:571)",{"nodes":346,"edges":373},[347,352,356,362,365,368],{"id":348,"type":349,"label":350,"file":149,"line":351},"n0","source","$_POST",586,{"id":353,"type":354,"label":355,"file":149,"line":351},"n1","transform","→ get_user_history()",{"id":357,"type":358,"label":359,"file":278,"line":360,"wp_function":361},"n2","sink","get_results() [SQLi]",341,"get_results",{"id":363,"type":349,"label":350,"file":149,"line":364},"n3",593,{"id":366,"type":354,"label":367,"file":149,"line":364},"n4","→ get_user_history_count()",{"id":369,"type":358,"label":370,"file":278,"line":371,"wp_function":372},"n5","get_var() [SQLi]",376,"get_var",[374,375,376,377],{"from":348,"to":353,"sanitized":285},{"from":353,"to":357,"sanitized":285},{"from":363,"to":366,"sanitized":285},{"from":366,"to":369,"sanitized":285},"high",{"entryPoint":380,"graph":381,"unsanitizedCount":139,"severity":378},"ajax_change_username (includes\\class-admin.php:665)",{"nodes":382,"edges":391},[383,385,387],{"id":348,"type":349,"label":350,"file":149,"line":384},736,{"id":353,"type":354,"label":386,"file":149,"line":384},"→ change_username()",{"id":357,"type":358,"label":388,"file":149,"line":389,"wp_function":390},"query() [SQLi]",786,"query",[392,393],{"from":348,"to":353,"sanitized":285},{"from":353,"to":357,"sanitized":285},{"entryPoint":395,"graph":396,"unsanitizedCount":425,"severity":378},"\u003Cclass-admin> (includes\\class-admin.php:0)",{"nodes":397,"edges":417},[398,401,403,404,405,406,407,409,411,413,415],{"id":348,"type":349,"label":399,"file":149,"line":400},"$_POST (x2)",690,{"id":353,"type":358,"label":388,"file":149,"line":402,"wp_function":390},777,{"id":357,"type":349,"label":350,"file":149,"line":351},{"id":363,"type":354,"label":355,"file":149,"line":351},{"id":366,"type":358,"label":359,"file":278,"line":360,"wp_function":361},{"id":369,"type":349,"label":350,"file":149,"line":364},{"id":408,"type":354,"label":367,"file":149,"line":364},"n6",{"id":410,"type":358,"label":370,"file":278,"line":371,"wp_function":372},"n7",{"id":412,"type":349,"label":350,"file":149,"line":384},"n8",{"id":414,"type":354,"label":386,"file":149,"line":384},"n9",{"id":416,"type":358,"label":388,"file":149,"line":389,"wp_function":390},"n10",[418,419,420,421,422,423,424],{"from":348,"to":353,"sanitized":287},{"from":357,"to":363,"sanitized":285},{"from":363,"to":366,"sanitized":285},{"from":369,"to":408,"sanitized":285},{"from":408,"to":410,"sanitized":285},{"from":412,"to":414,"sanitized":285},{"from":414,"to":416,"sanitized":285},3,{"summary":427,"deductions":428},"The \"wpzoom-user-history\" v1.2.0 plugin exhibits a generally strong security posture with several good practices in place. The high percentage of SQL queries using prepared statements and properly escaped outputs are positive indicators. The absence of file operations and external HTTP requests further reduces potential attack vectors. Additionally, the presence of numerous nonce and capability checks across its entry points suggests a deliberate effort to secure its functionality. The plugin also has a clean vulnerability history, with no recorded CVEs, which implies a well-maintained and secure codebase over time.\n\nHowever, the static analysis reveals three \"flows with unsanitized paths\" flagged with high severity in the taint analysis. While the static analysis might not be able to definitively prove exploitation without further dynamic analysis, these flows represent potential avenues for attackers to inject malicious data if not handled with extreme care. The presence of these high-severity taint flows, even with good overall practices, warrants attention and potential further investigation to ensure these paths are indeed sanitized or if they represent exploitable logic flaws.\n\nIn conclusion, the plugin is robust in many areas, particularly in its handling of database operations and output rendering, and benefits from a clean CVE history. The main area of concern stems from the high-severity taint flows, which, despite the plugin's overall good security design, could represent a weakness. Further dynamic testing or a more in-depth code review focused on these specific taint flows would be beneficial to fully confirm their risk.",[429],{"reason":430,"points":431},"High severity taint flows found",15,"2026-03-17T06:04:26.443Z",{"wat":434,"direct":445},{"assetPaths":435,"generatorPatterns":439,"scriptPaths":440,"versionParams":441},[436,437,438],"\u002Fwp-content\u002Fplugins\u002Fwpzoom-user-history\u002Fassets\u002Fcss\u002Fadmin-style.css","\u002Fwp-content\u002Fplugins\u002Fwpzoom-user-history\u002Fassets\u002Fjs\u002Fadmin-script.js","\u002Fwp-content\u002Fplugins\u002Fwpzoom-user-history\u002Fassets\u002Fcss\u002Fuser-history.css",[],[437],[442,443,444],"wpzoom-user-history\u002Fassets\u002Fcss\u002Fadmin-style.css?ver=","wpzoom-user-history\u002Fassets\u002Fjs\u002Fadmin-script.js?ver=","wpzoom-user-history\u002Fassets\u002Fcss\u002Fuser-history.css?ver=",{"cssClasses":446,"htmlComments":450,"htmlAttributes":451,"restEndpoints":455,"jsGlobals":456,"shortcodeOutput":458},[447,448,449],"wpzoom-user-history-log","wpzoom-user-history-entry","wpzoom-user-history-meta",[],[452,453,454],"data-user-id","data-field-name","data-change-type",[],[457],"WPZOOMUserHistory",[]]