As a WordPress website owner, it can be frustrating to find out who installed a plugin on your website, especially since the platform doesn’t natively store any admin activity records.

However, several methods can be used to obtain more information about the plugin. One of the simplest ways is to use an auditing plugin, such as WP Activity, which can log actions performed after the plugin’s installation. Unfortunately, this means that information regarding activities performed before the plugin’s installation will not be available.

Check the plugin installation log, which many plugins include. This log records basic information about when the plugin was installed and often by whom. By checking the plugin’s settings tab on the WordPress dashboard, you can access this log and even discover whether the plugin was active and had any login features enabled that could offer useful information.

Access logs can also be used to identify the IP address and/or user agent logged in at the same time the plugin was installed. If an installation log isn’t available, this information can be compared with the plugin installation log if one is available. At Mshini, you can view your website server access logs via FTP. These logs are located in the /logs folder in your /home directory. Inside the /logs folder, you will find a file called yoursitename.nginx.access.log that contains detailed information about each request made to the server.

Lastly, checking your site’s user accounts could also provide information about any new users that appeared around the same time the plugin was installed. By checking the site’s user accounts, you may be able to identify any new users that appeared around the same time the plugin was installed. These users could have installed the plugin, and their information could be used to determine how the plugin was installed.