WP Beacon

Mark Maunder

@mmaunder · wordpress.org profile ↗
Member since
2011-05-13
Location
Seattle, WA
Employer
Defiant Inc.
Job title
CTO
Authored
4 (2 closed)
SVN commit access
3 (1 closed)
Readme contributor
1
Combined install base
5.1M+ across 5 plugins

Alerts (0)

No open alerts.

Show 2 resolved alerts
High code_scan_match Wordfence Security – Firewall, Malware Scan, and Login Security Resolved · fp:overgeneric_ioc 19d ago
Slugwordfence
Finding count37
Findings
PatternKindFileLineSnippetConfidence
base64_decodebuiltinlib/wfActivityReport.php592$paramKey = base64_decode($actionData['paramKey']);medium
base64_decodebuiltinlib/wfActivityReport.php593$paramValue = base64_decode($actionData['paramValue']);medium
base64_decodebuiltinlib/wfUtils.php3,791$intermediate = base64_decode($intermediate);medium
base64_decodebuiltinlib/wfJWT.php21$decodedHeader = base64_decode($header);medium
base64_decodebuiltinlib/wfJWT.php32$decodedBody = base64_decode($body);medium
base64_decodebuiltinlib/wfJWT.php91$decodedHeader = base64_decode($header);medium
base64_decodebuiltinlib/wfJWT.php107$decodedBody = base64_decode($body);medium
base64_decodebuiltinlib/wfJWT.php179return base64_decode(strtr($data, '-_', '+/'));medium
base64_decodebuiltinlib/wordfenceURLHoover.php604$skipList = new wfBinaryList(base64_decode(wfConfig::get('wfsbskip', '')));medium
base64_decodebuiltinlib/wfLog.php1,356$actionData[$key] = base64_decode($actionData[$key]);medium
base64_decodebuiltinlib/wordfenceClass.php1,182$iwpRequest = json_decode(trim(base64_decode($iwpRequestDataArray[1])), true);medium
base64_decodebuiltinlib/wordfenceClass.php7,588$waf->whitelistRuleForParam(base64_decode($_POST['path']), base64_decode($_POST['paramKey']),medium
base64_decodebuiltinlib/wordfenceClass.php8,116$paramKey = base64_decode($actionData['paramKey']);medium
base64_decodebuiltinlib/wordfenceClass.php8,117$paramValue = base64_decode($actionData['paramValue']);medium
base64_decodebuiltinlib/wordfenceClass.php8,356$value['path'] = base64_decode($path);medium
Triage note 2026 05 03wordfence: 37 base64_decode hits, all in legitimate JWT decode (lib/wfJWT.php), activity-report parameters, URL hoover skip-list. Standard security-plugin internals.
View raw JSON
{
    "slug": "wordfence",
    "finding_count": 37,
    "findings": [
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "lib/wfActivityReport.php",
            "line": 592,
            "snippet": "$paramKey = base64_decode($actionData['paramKey']);",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "lib/wfActivityReport.php",
            "line": 593,
            "snippet": "$paramValue = base64_decode($actionData['paramValue']);",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "lib/wfUtils.php",
            "line": 3791,
            "snippet": "$intermediate = base64_decode($intermediate);",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "lib/wfJWT.php",
            "line": 21,
            "snippet": "$decodedHeader = base64_decode($header);",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "lib/wfJWT.php",
            "line": 32,
            "snippet": "$decodedBody = base64_decode($body);",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "lib/wfJWT.php",
            "line": 91,
            "snippet": "$decodedHeader = base64_decode($header);",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "lib/wfJWT.php",
            "line": 107,
            "snippet": "$decodedBody = base64_decode($body);",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "lib/wfJWT.php",
            "line": 179,
            "snippet": "return base64_decode(strtr($data, '-_', '+/'));",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "lib/wordfenceURLHoover.php",
            "line": 604,
            "snippet": "$skipList = new wfBinaryList(base64_decode(wfConfig::get('wfsbskip', '')));",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "lib/wfLog.php",
            "line": 1356,
            "snippet": "$actionData[$key] = base64_decode($actionData[$key]);",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "lib/wordfenceClass.php",
            "line": 1182,
            "snippet": "$iwpRequest = json_decode(trim(base64_decode($iwpRequestDataArray[1])), true);",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "lib/wordfenceClass.php",
            "line": 7588,
            "snippet": "$waf->whitelistRuleForParam(base64_decode($_POST['path']), base64_decode($_POST['paramKey']),",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "lib/wordfenceClass.php",
            "line": 8116,
            "snippet": "$paramKey = base64_decode($actionData['paramKey']);",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "lib/wordfenceClass.php",
            "line": 8117,
            "snippet": "$paramValue = base64_decode($actionData['paramValue']);",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "lib/wordfenceClass.php",
            "line": 8356,
            "snippet": "$value['path'] = base64_decode($path);",
            "confidence": "medium"
        }
    ],
    "triage_note_2026_05_03": "wordfence: 37 base64_decode hits, all in legitimate JWT decode (lib/wfJWT.php), activity-report parameters, URL hoover skip-list. Standard security-plugin internals."
}
High committer_younger_than_plugin Wordfence Security – Firewall, Malware Scan, and Login Security Resolved · benign_company_employee 25d ago
Slugwordfence
Committer slugwfmatt
Committer display namewfmatt
Committer employer
Committer member since2014-12-21
Committer first commit2014-12-22 03:10:09
Committer commit count28
Plugin listed authormmaunder
Earliest plugin commit2011-09-04 10:09:14
Plugin age at join days1,204
Committer age at join days1
Active installs5,000,000
View raw JSON
{
    "slug": "wordfence",
    "committer_slug": "wfmatt",
    "committer_display_name": "wfmatt",
    "committer_employer": null,
    "committer_member_since": "2014-12-21",
    "committer_first_commit": "2014-12-22 03:10:09",
    "committer_commit_count": 28,
    "plugin_listed_author": "mmaunder",
    "earliest_plugin_commit": "2011-09-04 10:09:14",
    "plugin_age_at_join_days": 1204,
    "committer_age_at_join_days": 1,
    "active_installs": 5000000
}

Plugins authored (4)

Plugin Version Installs Last updated Status
Wordfence Security – Firewall, Malware Scan, and Login Security ·wordfence 8.2.0 5M+ 23d ago Active
Benchmark ·benchmark 1.1 80 13y ago Active
timthumb ·timthumb Closed
Wordfence Assistant ·wordfence-assistant 1.0.10 Closed

SVN commit access (3)

Plugins this account has pushed commits to, reconstructed from plugins.svn.wordpress.org. A new name showing up here on an established plugin is the strongest ownership-transfer signal.

Plugin Primary author Installs Commits First Latest Status
Wordfence Security – Firewall, Malware Scan, and Login Security mmaunder 5M+ 179 14y ago 10y ago Active
Benchmark mmaunder 80 2 13y ago 13y ago Active
Wordfence Assistant mmaunder 2 12y ago 12y ago Closed

Contributor on other plugins (1)

Plugins where this account is listed in the readme contributors (distinct from SVN commit access).

Plugin Primary author Version Installs
Wordfence Login Security wfryan 1.1.16 70k+