WP Install From Web
This plugin is closed on wordpress.org.
Closed 2026-04-16.
Reason: guideline-violation.
- Active installs
- 100
- Current version
- 1.10.1.1
- Added
- 2020-07-02
- Last updated
- —
- First seen by beacon
- 2mo ago
- Total downloads
- —
Audits (1)
Alerts (0)
No open alerts.
Show 1 resolved alert
Medium recent_prt_intervention
Resolved · audited_malicious
2026-06-15 03:09:43 (19d ago)
| Slug | wp-plugin-management |
|---|---|
| Committer | safetydev |
| First commit at | 2020-07-02 21:57:27 |
| Active installs | 100 |
| Prt committer | frantorres |
| Clean commit at | 2026-04-16 09:46:56 |
| Stripped | activation hook flipped install→delete + admin notice |
| Payload | siteguarding_tools.php v1.7 (2020-03-20) |
| Explanation | Closed-on-clean SiteGuarding burner: wp.org PRT (frantorres) force-pushed a cleaning commit at closure that stripped the backdoor payload (activation hook flipped install→delete + admin notice). Pre-clean trunk ships a SiteGuarding backdoor dropper. Found via clean-on-closure hunt 2026-06-14. |
View raw JSON
{
"slug": "wp-plugin-management",
"committer": "safetydev",
"first_commit_at": "2020-07-02 21:57:27",
"active_installs": 100,
"prt_committer": "frantorres",
"clean_commit_at": "2026-04-16 09:46:56",
"stripped": "activation hook flipped install\u2192delete + admin notice",
"payload": "siteguarding_tools.php v1.7 (2020-03-20)",
"explanation": "Closed-on-clean SiteGuarding burner: wp.org PRT (frantorres) force-pushed a cleaning commit at closure that stripped the backdoor payload (activation hook flipped install\u2192delete + admin notice). Pre-clean trunk ships a SiteGuarding backdoor dropper. Found via clean-on-closure hunt 2026-06-14."
}SVN committers (3)
Accounts with actual commit access to wp-plugin-management on plugins.svn.wordpress.org, reconstructed from svn log. This is the list that matters for ownership changes — not the readme contributors.
| Committer | Member since | Commits | First commit | Latest commit |
|---|---|---|---|---|
| safetydev | 2020-07-02 | 13 | 2020-11-17 · r2420122 | 2025-05-29 · r3302992 |
| Francisco Torres | 2012-02-08 | 1 | 2026-04-16 · r3507884 | 2026-04-16 · r3507884 |
| plugin-master | 2007-03-09 | 1 | 2020-07-02 · r2334533 | 2020-07-02 · r2334533 |
Readme contributors (2)
Names the plugin's readme declares as contributors. A soft signal — anyone can be listed. The SVN access column is the ground-truth cross-reference: does this contributor actually commit code?
Versions (2 most recent)
| Version | Released | Download |
|---|---|---|
| 1.10.1.1 | 2026-04-16 · 2mo ago | — |
| 1.10.1 | 2025-05-29 · 1y ago | — |