WP Beacon

David Anderson / Team Updraft

@davidanderson · wordpress.org profile ↗
Member since
2008-01-02
Location
Employer
Job title
Authored
19 (3 closed)
SVN commit access
16
Readme contributor
2
Combined install base
7M+ across 23 plugins

Alerts (0)

No open alerts.

Show 3 resolved alerts
Critical code_pattern UpdraftPlus: WP Backup & Migration Plugin Resolved · no_longer_matches 7d ago
Slugupdraftplus
Patternunserialize_after_remote_call
Kindbuiltin
Version1.26.3
Hit count1
First hit
File
backup.php
Line
3,604
Snippet
L3604: $var = $updraftplus->unserialize(file_get_contents($cache_file_base.'-info.tmp')); → L3604: $var = $updraftplus->unserialize(file_get_contents($cache_file_base.'-info.tmp'));
Explanationa remote HTTP fetch (`wp_remote_*`/`curl_exec`) is followed by `unserialize`/`maybe_unserialize` within the same file — classic PHP Object Injection C2 gadget used by EP and most WP supply-chain backdoors. Legit plugins essentially never do this.
View raw JSON
{
    "slug": "updraftplus",
    "pattern": "unserialize_after_remote_call",
    "kind": "builtin",
    "version": "1.26.3",
    "hit_count": 1,
    "first_hit": {
        "file": "backup.php",
        "line": 3604,
        "snippet": "L3604: $var = $updraftplus->unserialize(file_get_contents($cache_file_base.'-info.tmp'));  \u2192  L3604: $var = $updraftplus->unserialize(file_get_contents($cache_file_base.'-info.tmp'));"
    },
    "explanation": "a remote HTTP fetch (`wp_remote_*`/`curl_exec`) is followed by `unserialize`/`maybe_unserialize` within the same file \u2014 classic PHP Object Injection C2 gadget used by EP and most WP supply-chain backdoors. Legit plugins essentially never do this."
}
Critical code_scan_delta UpdraftPlus: WP Backup & Migration Plugin Resolved · fp_local_disk_cache 7d ago
Slugupdraftplus
Previous version1.26.3
Current version1.26.3
New findings
PatternKindFileLineSnippetConfidence
unserialize_after_remote_callbuiltinbackup.php3,604L3604: $var = $updraftplus->unserialize(file_get_contents($cache_file_base.'-info.tmp')); → L3604: $var = $updraftplus->unserialize(file_get_contents($cache_file_base.'-info.tmp'));high
New finding count1
View raw JSON
{
    "slug": "updraftplus",
    "previous_version": "1.26.3",
    "current_version": "1.26.3",
    "new_findings": [
        {
            "pattern": "unserialize_after_remote_call",
            "kind": "builtin",
            "file": "backup.php",
            "line": 3604,
            "snippet": "L3604: $var = $updraftplus->unserialize(file_get_contents($cache_file_base.'-info.tmp'));  \u2192  L3604: $var = $updraftplus->unserialize(file_get_contents($cache_file_base.'-info.tmp'));",
            "confidence": "high"
        }
    ],
    "new_finding_count": 1
}
High domain_younger_than_plugin UpdraftPlus: WP Backup & Migration Plugin Resolved · no_longer_matches 8d ago
Slugupdraftplus
Domainipvigilante.com
Domain sourcec2_http_call
Domain registered at2025-03-22
Plugin earliest commit2015-01-01 16:08:48
Plugin latest release2026-04-23 16:51:10
Gap days3,732
Domain age at release397
Active installs3,000,000
View raw JSON
{
    "slug": "updraftplus",
    "domain": "ipvigilante.com",
    "domain_source": "c2_http_call",
    "domain_registered_at": "2025-03-22",
    "plugin_earliest_commit": "2015-01-01 16:08:48",
    "plugin_latest_release": "2026-04-23 16:51:10",
    "gap_days": 3732,
    "domain_age_at_release": 397,
    "active_installs": 3000000
}

Plugins authored (19)

Plugin Version Installs Last updated Status
UpdraftPlus: WP Backup & Migration Plugin ·updraftplus 1.26.3 3M+ 8d ago Active
WP-Optimize – Cache, Compress images, Minify & Clean database to boost page speed & performance ·wp-optimize 4.5.3 1M+ 2d ago Active
All-In-One Security (AIOS) – Security and Firewall ·all-in-one-wp-security-and-firewall 5.4.7 1M+ 4d ago Active
Redux Framework ·redux-framework 4.5.11 1M+ 1mo ago Active
Easy Updates Manager ·stops-core-theme-and-plugin-updates 9.0.20 300k+ 1mo ago Active
Internal Link Juicer: SEO Auto Linker for WordPress ·internal-links 2.26.0 90k+ 1mo ago Active
Two Factor Authentication ·two-factor-authentication 1.16.0 20k+ 1mo ago Active
WPGet API – Connect to any external REST API ·wpgetapi 2.25.4 10k+ 1mo ago Active
Upload Larger Plugins ·upload-larger-plugins 2.0 7k+ 1mo ago Active
UpdraftCentral Dashboard ·updraftcentral 0.8.30 6k+ 1mo ago Active
European VAT Compliance Assistant for WooCommerce ·woocommerce-eu-vat-compliance 1.36.6 3k+ 1mo ago Active
Testimonial Slider ·testimonial-slider 1.3.3 3k+ 1mo ago Active
Use Administrator Password ·use-administrator-password 1.3.2 1k+ 1mo ago Active
No Weak Passwords ·no-weak-passwords 1.0.2 400 1mo ago Active
Add Email Signature ·add-email-signature 1.0.4 200 1mo ago Active
Simba Plugin Updates Manager ·simba-plugin-updates-manager 1.12.0 40 1mo ago Active
Google Cloud Print Library ·google-cloud-print-library 0.8.13 Closed
Redux Converter ·redux-converter 1.1.3.1 Closed
Redux Developer Mode Disabler ·redux-developer-mode-disabler 1.0.1 Closed

SVN commit access (16)

Plugins this account has pushed commits to, reconstructed from plugins.svn.wordpress.org. A new name showing up here on an established plugin is the strongest ownership-transfer signal.

Plugin Primary author Installs Commits First Latest Status
European VAT Compliance Assistant for WooCommerce davidanderson 3k+ 254 11y ago 1mo ago Active
UpdraftPlus: WP Backup & Migration Plugin davidanderson 3M+ 200 11y ago 8d ago Active
Two Factor Authentication davidanderson 20k+ 169 11y ago 1mo ago Active
UpdraftCentral Dashboard davidanderson 6k+ 95 10y ago 1mo ago Active
Easy Updates Manager davidanderson 300k+ 58 8y ago 1mo ago Active
Use Administrator Password davidanderson 1k+ 54 13y ago 1mo ago Active
Upload Larger Plugins davidanderson 7k+ 51 11y ago 1mo ago Active
No Weak Passwords davidanderson 400 46 13y ago 1mo ago Active
SSH SFTP Updater Support terrafrost 10k+ 44 8y ago 1mo ago Active
Testimonial Slider davidanderson 3k+ 30 7y ago 1mo ago Active
Internal Link Juicer: SEO Auto Linker for WordPress davidanderson 90k+ 25 3y ago 1mo ago Active
MetaSlider Gallery – Image Gallery, Lightbox Galleries, Modal Windows metaslider 10k+ 18 8y ago 5y ago Active
WPGet API – Connect to any external REST API davidanderson 10k+ 18 2y ago 1mo ago Active
Slider, Gallery, and Carousel by MetaSlider – Image Slider, Video Slider metaslider 500k+ 7 8y ago 5y ago Active
All-In-One Security (AIOS) – Security and Firewall davidanderson 1M+ 1 4y ago 4d ago Active
WP-Optimize – Cache, Compress images, Minify & Clean database to boost page speed & performance davidanderson 1M+ 1 9y ago 2d ago Active

Contributor on other plugins (2)

Plugins where this account is listed in the readme contributors (distinct from SVN commit access).

Plugin Primary author Version Installs
SSH SFTP Updater Support terrafrost 1.1.1 10k+
MetaSlider Schedule Slides metaslider 1.0.5