PHPackages letraceursnork/wordpress-security-advisories - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. letraceursnork/wordpress-security-advisories ActiveMetapackage letraceursnork/wordpress-security-advisories ============================================ WordPress Security Advisories https://php.watch/articles/WordPress-Security-Advisories 34.5k—0%1[316 PRs](https://github.com/LeTraceurSnork/WordPress-Security-Advisories/pulls) Since Mar 24Pushed 1mo agoCompare [ Source](https://github.com/LeTraceurSnork/WordPress-Security-Advisories)[ Packagist](https://packagist.org/packages/letraceursnork/wordpress-security-advisories)[ RSS](/packages/letraceursnork-wordpress-security-advisories/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependenciesVersions (1)Used By (0) WordPress Security Advisories ============================= [](#wordpress-security-advisories) Disclaimer ---------- [](#disclaimer) This package MAY and most likely WILL be abandoned as long as original `phpwatch/wordpress-security-advisories` will become up-to-date and begins to be supported by its original developer ([@Ayesh](https://github.com/Ayesh)) again Description ----------- [](#description) Inspired [Roave/SecurityAdvisories](https://github.com/Roave/SecurityAdvisories), this package aims to provide rudimentary protection against installing known WordPress core packages, plugins, and themes. This is a **metapackage**, which means it does not add any functional code to your application. This file is purely a JSON file that contains a list of package *conflicts*, which instructs composer to block installation of known vulnerable packages. To make use of this, add this package to your composer setup: ``` composer require --dev letraceursnork/wordpress-security-advisories:dev-master ``` After adding this package, if you try to `require` a package with a known vulnerability, it will be blocked. Adding new packages ------------------- [](#adding-new-packages) Please send a PR. Please see the rules for the WordPress core package when writing your own `conflict` rules. Packages need to be in alphabetical order. The first two lines are reserved for WordPress core, followed by plugins, and themes at the end. An intentional new line is used to separate core, plugins, and themes. I intend to keep this list for packages hosted in wordpress.org (thus, available at `wpackagist`). For commercial plugins and themes hosted elsewhere, I suggest you offer your own update endpoints. Coordinated security releases ----------------------------- [](#coordinated-security-releases) If you would like to release a security vulnerability for your plugin, and would like to coordinate an update to the list, please *do not* create a PR/issue. Instead, please contact me with details mentioned in [SECURITY.md](SECURITY.md) file. Credits ------- [](#credits) This package is maintained by [@LeTraceurSnork](https://github.com/LeTraceurSnork), for [PHP.Watch](https://php.watch). ### Health Score 28 — LowBetter than 54% of packages Maintenance59 Moderate activity, may be stable Popularity27 Limited adoption so far Community11 Small or concentrated contributor base Maturity11 Early-stage or recently created project Bus Factor1 Top contributor holds 50.3% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Community Maintainers ![](https://www.gravatar.com/avatar/8626d285a2c7ac7cd4f72d196cf4b3685f214bf3561faaa9be4596c21ed95db7?d=identicon)[LeTraceurSnork](/maintainers/LeTraceurSnork) --- Top Contributors [![LeTraceurSnork](https://avatars.githubusercontent.com/u/11344267?v=4)](https://github.com/LeTraceurSnork "LeTraceurSnork (1318 commits)")[![WordPressSecurityAdvisories-RenovateBot](https://avatars.githubusercontent.com/u/188698208?v=4)](https://github.com/WordPressSecurityAdvisories-RenovateBot "WordPressSecurityAdvisories-RenovateBot (1179 commits)")[![Ayesh](https://avatars.githubusercontent.com/u/811553?v=4)](https://github.com/Ayesh "Ayesh (124 commits)")[![austinpray](https://avatars.githubusercontent.com/u/2192970?v=4)](https://github.com/austinpray "austinpray (1 commits)") --- Tags composerinfosecphpsecurity-advisoriessecurity-advisorysecurity-vulnerabilitiessecurity-vulnerabilitywordpresswordpress-plugin-securitywordpress-security ### Embed Badge ![Health badge](/badges/letraceursnork-wordpress-security-advisories/health.svg) ``` [![Health](https://phpackages.com/badges/letraceursnork-wordpress-security-advisories/health.svg)](https://phpackages.com/packages/letraceursnork-wordpress-security-advisories) ``` PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)