Suspect-shape but multiply-unreachable dead code — benign. WPBot's includes/openai/plugin-upgrader/ and includes/integration/openai/plugin-upgrader/ directories ship a self-update class (QCLD_openaiaddon_AutoUpdate) who…
baseline 0.9.0
→ head 8.2.4
· event #1758 · investigator austin
Suspect-shape but structurally unreachable — benign with one regression to flag. YARPP's version_info() matches the high-confidence catalog IOC unserialize_after_remote_call (@unserialize of wp_remote_post body, hardcod…
baseline 1.0
→ head 5.30.11
· event #1741 · investigator austin
Clean — no supply-chain anomaly. Full git-level audit of ilab-media-tools (Media Cloud by interfacelab) covering all 162 published versions back to 2016-07. Single committer for 8 years, zero detection events, zero IOC …
baseline 1.0.0
→ head 4.6.4
· investigator austin
Historical PHP Object Injection chain in Admitad integration — gated since v6.0.0 (2023-08-21), endpoint dead. Two compounding patterns in application/libs/admitad/AdmitadProducts.php + application/libs/RestClient.php f…
baseline 11.0.0
→ head 11.0.0
· event #1469 · investigator beacon-scan-skill
Who made the change. Committer thanghoang pushed their first commit to this plugin on 2024-07-09, when their WordPress.org account was only 12 days old (created 2024-06-27). New-account commits on established plugins ar…
baseline 5.1
→ head 5.1.1
· event #115 · investigator austin
Verdict: legitimate team onboarding — not a takeover. alexopen is a Smash Balloon employee ("Alex at Smash Balloon" display name), added as a committer to the five Smash Balloon social-feed plugins owned by Awesome Moti…
baseline 6.9.1
→ head 6.10.0
· event #114 · investigator austin