Does Auto Future Date have any unpatched vulnerabilities?

No. All known vulnerabilities in Auto Future Date have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Auto Future Date compatible with WordPress 3.0.5?

According to WordPress.org data, Auto Future Date 0.5.2 has been tested up to WordPress 3.0.5. Check the plugin's changelog for the latest compatibility information.

How often is Auto Future Date updated?

Auto Future Date was last updated on Mar 18, 2012. Frequent updates are generally a positive security signal.

What is Auto Future Date's security score?

Auto Future Date has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Auto Future Date Security & Risk Analysis

wordpress.org/plugins/auto-future-date

Adds an "Auto" link to your post page that will automatically schedule your next post based on the most recent post.

30 active installs v0.5.2 PHP + WP 3.0.0+ Updated Mar 18, 2012

datefuturefuture-datepostposts

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Auto Future Date Safe to Use in 2026?

Generally Safe

Score 85/100

Auto Future Date has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 14yr ago

Risk Assessment

The auto-future-date plugin v0.5.2 exhibits a mixed security posture. While it demonstrates good practices by avoiding dangerous functions, performing all SQL queries using prepared statements, and having no recorded vulnerabilities, there are significant concerns arising from the static analysis. The presence of an unprotected AJAX handler is a critical security weakness, creating a direct attack vector that could be exploited if not properly secured by the application layer or subsequent sanitization within the handler itself. The lack of nonce checks and capability checks on this entry point further exacerbates this risk.

Additionally, the output escaping is only 40% effective, meaning a portion of the plugin's output is not properly sanitized, potentially leading to cross-site scripting (XSS) vulnerabilities. The absence of taint analysis results and the small attack surface might mask deeper issues, but the identified unprotected AJAX handler and insufficient output escaping are immediate red flags. The plugin's clean vulnerability history is positive but does not negate the risks identified in the current code analysis.

Key Concerns

Unprotected AJAX handler found
Output escaping at 40%
No nonce checks on AJAX handler
No capability checks on AJAX handler

Vulnerabilities

None known

Auto Future Date Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Auto Future Date Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

4 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

40% escaped10 total outputs

Attack Surface

1 unprotected

Auto Future Date Attack Surface

Entry Points1

Unprotected1

AJAX Handlers 1

authwp_ajax_afd_get_dateautoFutureDate.php:48

WordPress Hooks 5

actionadmin_print_scripts-post-new.phpautoFutureDate.php:44

actionadmin_print_scripts-post.phpautoFutureDate.php:45

actionadmin_print_scripts-settings_page_afd-optionsautoFutureDate.php:46

actionadmin_menuautoFutureDate.php:51

filterpre_update_option_afd_optionsautoFutureDate.php:52

Maintenance & Trust

Auto Future Date Maintenance & Trust

Maintenance Signals

WordPress version tested3.0.5

Last updatedMar 18, 2012

PHP min version

Downloads4K

Community Trust

Rating100/100

Number of ratings2

Active installs30

Alternatives

Auto Future Date Alternatives

Future Posts Calendar

future-posts-calendar

This plugin adds a monthly calendar that shows all the dates you have future posts.

60 No CVEs

Schedule Post Changes With PublishPress Future: Unpublish, Delete, Change Status, Trash, Change Categories

post-expirator

PublishPress Future can make scheduled changes to your content. You can unpublish posts, move posts to a new status, update the categories, and more.

100K 5 CVEs

WP Meta and Date Remover

wp-meta-and-date-remover

Remove meta author and date information from posts and pages. Hide from Humans and Search engines.SEO friendly and most advance plugin.

90K 2 CVEs

Bulk Post Update Date

bulk-post-update-date

Change the Post Update date for all posts and pages in one click. This will help your blog in search engines and your blog will look alive.

10K No CVEs

WP Missed Schedule Posts

wp-missed-schedule-posts

Auto publish future/scheduled posts missed by WordPress cron

10K No CVEs

Developer Profile

Auto Future Date Developer Profile

Aelora

4 plugins · 550 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Auto Future Date

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/auto-future-date/help.png

Script Paths

/wp-content/plugins/auto-future-date/autoFutureDate.js

HTML / DOM Fingerprints

Data Attributes

id="afd_minTime"id="afd_minFormatted"id="afd_maxTime"id="afd_maxFormatted"

REST Endpoints

/wp-ajax.php?action=afd_get_date

FAQ