WP Debug Toolkit 1.2.0 is LIVE. Get $300 discount on the lifetime deal now
Use Discount Code WPDTLTD
Get Started Now
Home
Features
Error Log Viewer
A Better Way to Check WordPress Logs
Query Viewer
Fast, Lightweight Database Monitoring
Email Alerts Viewer
Know About Issues Before Your Clients Do
Pricing
Account
WP Debug Toolkit 1.2.2 Is Now Available
May 31, 2026
Elias Lista
Articles

This release contains three viewer changes: a bearer-token auth fallback for hosts whose cache layer strips cookies from API responses, a global rate-limit floor on auth attempts, and a path-blocklist correction.

After updating, click Reinstall Viewer on the Overview page.

Fixed

  • Viewer login silently failing on hosts where the cache layer strips Set-Cookie headers from API responses. The viewer now also issues a bearer token in the JSON response body that the client sends via Authorization: Bearer on subsequent requests.
  • Path-blocklist typo and two missing entries left rate-limit.db, viewer-settings.db, and rate-limit.json readable via the viewer’s get_file_content endpoint by authenticated users. Blocklist now matches the actual filenames.

Security

  • Added a global rate-limit floor for viewer auth: 100+ failed attempts across all IPs in 24h triggers a 60s delay between subsequent attempts, capping rotating-IP attackers at ~1440/day. Never locks admins out — only delays.

A note on security

The standalone viewer runs outside of WordPress, so we take its security very seriously. We’re always happy to hear about any vulnerabilities or concerns you might have or find. Please report them to support+security@wpdebugtoolkit.com.

Want to try it first?
We can't offer you a free trial, but we do have a great demo where you can testdrive all features for free for seven days and (spoiler alert) even get a discount on your purchase
Free 7-day trial
No credit card required
Try WP Debug Toolkit Pro Now