Plugin inspection:

User Activity Log

Use with caution

Last revised:

Confidence: Medium
This plugin has been given a short, targeted code review.

Before using this plugin, you should carefully consider these findings. Read more about this recommendation.


This recommendation applies to version 1.4.7 of this plugin, but the most recent version is 2.1. These findings may no longer be correct.


The plugin is assessed to work safely, as it integrates with standard WordPress functions to log user activities. The code could possibly by better organised, specifically into classes to avoid potential interactions with other code, but measures are included in this code to limit such conflicts.

One point to be aware of is that as this logs user activity, including user names and possibly IP addresses (the latter depending on settings), there may be data protection issues for the plugin user to take account of. Also, while the default log retention of 30 days seems reasonable, if this is increased by the plugin user they should consider their available database storage space.

Reason for the 'Use with caution' result

The plugin has been given this recommendation at the tester's discretion:

The main reason for the use with caution rating is to highlight that the plugin user should manage any data protection issues arising from tracking user activity.

Failure criteria

  • Poor coding style

Read more about our failure criteria.