Skip to main content
Monitor.CATMonitor.CAT
FeaturesHow it worksInstallFAQ
Install the Plugin
Back to homepage

Security Notes

Monitor.CAT applies a security-first approach to the plugin. All processing happens locally — no data leaves your site.

Plugin security model

  • WordPress capability checks protect all admin actions — only authorized administrators can access plugin functionality
  • Nonce validation is enforced for all state-changing admin operations
  • All data is processed and stored locally — no external API calls or data transmission
  • PSR-4 autoloading with dependency injection — clean, auditable architecture

Local processing and REST API

  • The plugin REST API is available only to authenticated WordPress administrators
  • WordPress nonce authentication is required for all REST API endpoints
  • No external services, accounts, or API keys are required — the plugin is fully self-contained

Updates and patch policy

Security and maintenance updates are delivered via the standard WordPress plugin update flow. Auto-updates are recommended to ensure you receive patches promptly.

Responsible disclosure

If you discover a security vulnerability in the Monitor.CAT plugin, please report it privately. Do not open a public issue — contact us directly:

[email protected]

We target acknowledgment within 48 hours and provide a remediation timeline within 5 business days.

ZIP verification

If you install via the ZIP method, we provide a SHA-256 checksum for every release. Always verify the checksum before uploading to your WordPress installation.

Current release

monitor-cat.zip v1.2.2

SHA-256

ebcc707f3e60ac3cdcec4f7d313c5dd75b285e5ba07bb724530df477965060dd

Verify the checksum after downloading:

Linux / macOS

sha256sum monitor-cat.zip

Windows (PowerShell)

Get-FileHash monitor-cat.zip -Algorithm SHA256