MMPlugs Logo

Docs / MMCRA Toolkit

MMCRA Toolkit

MMCRA Toolkit

Articles

MM CRA Toolkit documentation

MM CRA Toolkit documentation Everything you need to use MM CRA Toolkit on your WordPress site. Each topic below is one focused article — in…

Read →

Install MM CRA Toolkit

Install MM CRA Toolkit The toolkit installs from a zip upload. There is no free version on the WordPress.org repository yet. Requirements …

Read →

Run the Setup Wizard

Run the Setup Wizard The Setup Wizard walks you through the configuration the toolkit needs before it can generate complete CRA artifacts. …

Read →

Generate a CycloneDX SBOM

Generate a CycloneDX SBOM The SBOM (Software Bill of Materials) is a machine-readable inventory of every dependency that ships with your pl…

Read →

Run the Plugin Scanner

Run the Plugin Scanner The Plugin Scanner performs static analysis over the PHP files of any WordPress plugin and produces a structured rep…

Read →

Publish a Vulnerability Disclosure Policy

Publish a Vulnerability Disclosure Policy The CRA's Article 13 requires a Vulnerability Disclosure Policy (VDP) — a published, machine…

Read →

Build an EU Declaration of Conformity

Build an EU Declaration of Conformity The CRA's Annex V requires a signed Declaration of Conformity (DoC) per product. MM CRA Toolkit …

Read →

Check dependencies against OSV.dev

Check dependencies against OSV.dev The Vulnerability Check page runs every Composer and npm dependency in your saved SBOMs against the OSV.…

Read →

Enable weekly vulnerability monitoring

Enable weekly vulnerability monitoring CRA Article 14 requires manufacturers to monitor their products for new vulnerabilities post-release…

Read →

Export a Compliance Bundle

Export a Compliance Bundle The Compliance Bundle is the single ZIP you hand to a regulator under CRA Article 31 or to an EU customer asking…

Read →

Audit log

Audit log Every artifact the toolkit produces and every significant event it observes is recorded to a tamper-evident audit log. This is yo…

Read →

Updates and Ed25519 signature verification

Updates and Ed25519 signature verification MM CRA Toolkit updates come from mmplugs.com over the standard WordPress update channel. Every p…

Read →

License watermarking explained

License watermarking explained Every artifact MM CRA Toolkit generates (SBOM, DoC HTML, Compliance Bundle) is embedded with a 16-character …

Read →

Changelog

Changelog 1.10.0 — May 2026 Anti-piracy and license enforcement. License-gated features. SBOM generation, Plugin Scanner, Compliance Bundl…

Read →

Roadmap

Roadmap What's in flight, what's next, and what's parked. Honest dates only. In flight Stripe checkout integration on mmplug…

Read →