Does amr cron manager have any unpatched vulnerabilities?

Yes — amr cron manager currently has 1 unpatched vulnerability. We recommend switching to an alternative or applying any available workarounds.

Is amr cron manager compatible with WordPress 5.5.18?

According to WordPress.org data, amr cron manager 2.3 has been tested up to WordPress 5.5.18. Check the plugin's changelog for the latest compatibility information.

How often is amr cron manager updated?

amr cron manager was last updated on Aug 17, 2020. Frequent updates are generally a positive security signal.

What is amr cron manager's security score?

amr cron manager has a WP-Safety security score of 60/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

amr cron manager Security & Risk Analysis

wordpress.org/plugins/amr-cron-manager

Overview of wp cron jobs in the site's timezone. The lists show if the action exists and any arguments to the cron job.

200 active installs v2.3 PHP + WP + Updated Aug 17, 2020

croncron-cleanercron-controlcron-managerwp-cron

C · Use Caution

CVEs total1

Unpatched1

Last CVEJan 23, 2026

Plugin page Download

Safety Verdict

Is amr cron manager Safe to Use in 2026?

Use With Caution

Score 60/100

amr cron manager has 1 unpatched vulnerability. Evaluate alternatives or apply available mitigations.

1 known CVE 1 unpatched Last CVE: Jan 23, 2026Updated 5yr ago

Risk Assessment

The amr-cron-manager plugin v2.3 exhibits a mixed security posture. On the positive side, static analysis reveals no identified entry points such as AJAX handlers, REST API routes, or shortcodes that are directly exposed. The plugin also demonstrates good practices by exclusively using prepared statements for its SQL queries, not performing file operations, and making no external HTTP requests. The presence of a nonce check is also a positive indicator.

However, there are significant concerns. The plugin has a history of a high-severity vulnerability, specifically Cross-Site Scripting (XSS), with one known and currently unpatched CVE. This, combined with only 50% of its output being properly escaped, suggests a persistent risk of XSS vulnerabilities that could be exploited. The absence of capability checks on its code signals is also a notable weakness, as it implies that actions within the plugin might not be properly restricted to authorized users.

Overall, while the plugin has a limited apparent attack surface and uses secure SQL practices, the presence of an unpatched high-severity vulnerability and incomplete output escaping present a tangible risk. Users should be cautious, and the developers need to address the outstanding CVE and improve output sanitization to enhance the plugin's security.

Key Concerns

Unpatched High Severity CVE
Half of output not properly escaped
No capability checks on code signals

Vulnerabilities

amr cron manager Security Vulnerabilities

CVEs by Year

1 CVE in 2026 · unpatched

2026

Patched Has unpatched

Severity Breakdown

High

1 total CVE

CVE-2025-68848high · 7.2Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

amr cron manager <= 2.3 - Unauthenticated Stored Cross-Site Scripting

Jan 23, 2026Unpatched

Code Analysis

Analyzed Mar 16, 2026

amr cron manager Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

2 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

50% escaped4 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

wp_cron_menu (amr-cron-manager.php:194)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

amr cron manager Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 1

actionadmin_menuamr-cron-manager.php:48

Maintenance & Trust

amr cron manager Maintenance & Trust

Maintenance Signals

WordPress version tested5.5.18

Last updatedAug 17, 2020

PHP min version

Downloads9K

Community Trust

Rating100/100

Number of ratings4

Active installs200

Alternatives

amr cron manager Alternatives

Advanced Cron Scheduler for WordPress

migrate-wp-cron-to-action-scheduler

100

The Advanced Cron Scheduler for WordPress plugin helps to easily replace or migrate Native WordPress Cron to the Action Scheduler Library.

200 No CVEs

ShieldClimb – Fix Pending and Past-due Tasks for WooCommerce

shieldclimb-fix-pending-and-past-due-tasks

100

Fix Pending and Past-due Tasks for WooCommerce – Speed up order processing, prevent stuck scheduled tasks, and optimize performance.

10 No CVEs

WP Crontrol

wp-crontrol

WP Crontrol enables you to take control of the cron events on your WordPress website.

300K 3 CVEs

Advanced Cron Manager – debug & control

advanced-cron-manager

View, pause, remove, edit and add WP Cron events and schedules.

30K 3 CVEs

Cron Logger

cron-logger

Logs wp-cron.php runs.

2K 1 unpatched

Developer Profile

amr cron manager Developer Profile

anmari

3 plugins · 320 total installs

trust score

Avg Security Score

70/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect amr cron manager

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/amr-cron-manager/css/amr-cron.css/wp-content/plugins/amr-cron-manager/js/amr-cron.js

Script Paths

/wp-content/plugins/amr-cron-manager/js/amr-cron.js

Version Parameters

amr-cron-manager/css/amr-cron.css?ver=amr-cron-manager/js/amr-cron.js?ver=

HTML / DOM Fingerprints

CSS Classes

amr-cron-dashboardcronmgr_tableamr-cron-help

HTML Comments

Data Attributes

data-hookdata-timestampdata-args

FAQ