WP Install From Web

wp-plugin-management · by safetydev · wordpress.org ↗ · SVN ↗
This plugin is closed on wordpress.org. Closed 2026-04-16. Reason: guideline-violation.
Active installs
100
Current version
1.10.1.1
Added
2020-07-02
Last updated
First seen by beacon
2mo ago
Total downloads

Audits (1)

Malicious Audit #43 baseline → head 1.10.1 suspect safetydev 19d ago

This is a previously-undocumented SiteGuarding supply-chain backdoor burner. It was surfaced by hunting for plugins that WP.org cleaned on closure — i.e. where a Plugin Review Team account force-pushed a code change at the moment of closure. For wp-plugin-management, WP.org's response was the most explicit possible confirmation.

Read full audit →

Alerts (0)

No open alerts.

Show 1 resolved alert
Medium recent_prt_intervention Resolved · audited_malicious 2026-06-15 03:09:43 (19d ago)
Slugwp-plugin-management
Committersafetydev
First commit at2020-07-02 21:57:27
Active installs100
Prt committerfrantorres
Clean commit at2026-04-16 09:46:56
Strippedactivation hook flipped install→delete + admin notice
Payloadsiteguarding_tools.php v1.7 (2020-03-20)
ExplanationClosed-on-clean SiteGuarding burner: wp.org PRT (frantorres) force-pushed a cleaning commit at closure that stripped the backdoor payload (activation hook flipped install→delete + admin notice). Pre-clean trunk ships a SiteGuarding backdoor dropper. Found via clean-on-closure hunt 2026-06-14.
View raw JSON
{
    "slug": "wp-plugin-management",
    "committer": "safetydev",
    "first_commit_at": "2020-07-02 21:57:27",
    "active_installs": 100,
    "prt_committer": "frantorres",
    "clean_commit_at": "2026-04-16 09:46:56",
    "stripped": "activation hook flipped install\u2192delete + admin notice",
    "payload": "siteguarding_tools.php v1.7 (2020-03-20)",
    "explanation": "Closed-on-clean SiteGuarding burner: wp.org PRT (frantorres) force-pushed a cleaning commit at closure that stripped the backdoor payload (activation hook flipped install\u2192delete + admin notice). Pre-clean trunk ships a SiteGuarding backdoor dropper. Found via clean-on-closure hunt 2026-06-14."
}

SVN committers (3)

Accounts with actual commit access to wp-plugin-management on plugins.svn.wordpress.org, reconstructed from svn log. This is the list that matters for ownership changes — not the readme contributors.

Committer Member since Commits First commit Latest commit
safetydev 2020-07-02 13 2020-11-17 · r2420122 2025-05-29 · r3302992
Francisco Torres 2012-02-08 1 2026-04-16 · r3507884 2026-04-16 · r3507884
plugin-master 2007-03-09 1 2020-07-02 · r2334533 2020-07-02 · r2334533

Readme contributors (2)

Names the plugin's readme declares as contributors. A soft signal — anyone can be listed. The SVN access column is the ground-truth cross-reference: does this contributor actually commit code?

Contributor Member since SVN access Status
safetydev 2020-07-02 13 commits Active
webtools 2007-02-23 Active

Versions (2 most recent)

Version Released Download
1.10.1.1 2026-04-16 · 2mo ago
1.10.1 2025-05-29 · 1y ago