Does Auto-Close Comments, Pingbacks and Trackbacks have any unpatched vulnerabilities?

No. All known vulnerabilities in Auto-Close Comments, Pingbacks and Trackbacks have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Auto-Close Comments, Pingbacks and Trackbacks compatible with WordPress 6.9.4?

According to WordPress.org data, Auto-Close Comments, Pingbacks and Trackbacks 3.0.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Auto-Close Comments, Pingbacks and Trackbacks compatible with PHP 7.4+?

Auto-Close Comments, Pingbacks and Trackbacks requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

What is Auto-Close Comments, Pingbacks and Trackbacks's security score?

Auto-Close Comments, Pingbacks and Trackbacks has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Auto-Close Comments, Pingbacks and Trackbacks Security & Risk Analysis

wordpress.org/plugins/autoclose

Auto-Close keeps your site clean by automatically closing comments, pingbacks, and trackbacks—so you can focus on content, not cleanup.

200 active installs v3.0.0 PHP 7.4+ WP 6.3+ Updated Nov 29, 2025

anti-spamcommentspingbackrevisionsspam

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Auto-Close Comments, Pingbacks and Trackbacks Safe to Use in 2026?

Generally Safe

Score 100/100

Auto-Close Comments, Pingbacks and Trackbacks has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago

Risk Assessment

The autoclose plugin v3.0.0 exhibits a strong security posture based on the provided static analysis. The plugin has a minimal attack surface with no exposed AJAX handlers, REST API routes, or shortcodes that lack authentication checks. The code signals also indicate good security practices, with a healthy percentage of SQL queries using prepared statements and a high rate of output escaping. The presence of nonce checks and capability checks further bolsters its security. Crucially, the taint analysis found no flows with unsanitized paths, and there is no historical record of vulnerabilities, suggesting a consistent focus on secure development.

While the plugin appears robust, the static analysis does reveal some areas for potential improvement. Although the percentage of SQL queries using prepared statements is good, there are still 6 total SQL queries, meaning 2 of them are not using prepared statements. Additionally, while the output escaping is high, 16% of outputs are not properly escaped, which could introduce vulnerabilities if the unescaped content is user-supplied. The single capability check, while present, might be insufficient depending on the plugin's functionality. Overall, autoclose v3.0.0 demonstrates a commendable commitment to security, with its main weaknesses lying in minor potential for SQL injection and XSS vulnerabilities due to the small number of unescaped outputs and raw SQL queries.

Key Concerns

Raw SQL queries found
Unescaped output found

Vulnerabilities

None known

Auto-Close Comments, Pingbacks and Trackbacks Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Auto-Close Comments, Pingbacks and Trackbacks Code Analysis

Dangerous Functions

Raw SQL Queries

4 prepared

Unescaped Output

118 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

67% prepared6 total queries

Output Escaping

84% escaped141 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

save (includes\admin\settings\class-metabox-api.php:166)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Auto-Close Comments, Pingbacks and Trackbacks Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 20

actionplugins_loadedautoclose.php:95

actionadmin_menuincludes\admin\class-metabox.php:59

actionsave_postincludes\admin\class-metabox.php:60

actionadmin_menuincludes\admin\class-settings.php:64

actionadmin_headincludes\admin\class-settings.php:65

actionadmin_enqueue_scriptsincludes\admin\settings\class-metabox-api.php:99

actionadd_meta_boxesincludes\admin\settings\class-metabox-api.php:100

actionadmin_menuincludes\admin\settings\class-settings-api.php:178

actionadmin_initincludes\admin\settings\class-settings-api.php:179

filteradmin_footer_textincludes\admin\settings\class-settings-api.php:180

actionadmin_enqueue_scriptsincludes\admin\settings\class-settings-api.php:181

actioninitincludes\class-autoclose.php:91

filterplugin_row_metaincludes\class-autoclose.php:104

actionadmin_menuincludes\class-autoclose.php:108

actionacc_cron_hookincludes\class-autoclose.php:123

actionacc_cron_hookincludes\class-autoclose.php:124

filterwp_revisions_to_keepincludes\class-autoclose.php:127

actionpre_pingincludes\class-autoclose.php:130

actioninitincludes\features\class-close-date.php:35

actionautoclose_close_comments_pings_eventincludes\features\class-close-date.php:36

Scheduled Events 4

autoclose_close_comments_pings_event

acc_cron_hook

Maintenance & Trust

Auto-Close Comments, Pingbacks and Trackbacks Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedNov 29, 2025

PHP min version7.4

Downloads22K

Community Trust

Rating100/100

Number of ratings1

Active installs200

Alternatives

Auto-Close Comments, Pingbacks and Trackbacks Alternatives

Akismet Anti-spam: Spam Protection

akismet

The best anti-spam protection to block spam comments and spam in a contact form. The most trusted antispam solution for WordPress and WooCommerce.

6.0M 2 CVEs

Antispam Bee

antispam-bee

100

Sophisticated antispam plugin for effective daily comment and trackback spam-fighting. Built with data protection and privacy in mind.

700K 1 CVE

Comment Link Remove and Other Comment Tools

comment-link-remove

100

Remove Comment Author Link & Links from Comments, Unlink, Disable Comments, Delete All Pending Comments. AI Auto Comment Reply, Voice, Attachments

8K 1 CVE

Spam Destroyer

spam-destroyer

100

Kills spam dead in it's tracks. Be gone evil demon spam!

6K No CVEs

La Sentinelle antispam

la-sentinelle-antispam

100

Feel safe knowing that your website is safe from spam. La Sentinelle will guard your WordPress website against spam in a simple and effective way.

3K No CVEs

Developer Profile

Auto-Close Comments, Pingbacks and Trackbacks Developer Profile

Ajay

31 plugins · 89K total installs

trust score

Avg Security Score

91/100

Avg Patch Time

825 days

View full developer profile

Detection Fingerprints

How We Detect Auto-Close Comments, Pingbacks and Trackbacks

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/autoclose/assets/css/autoclose.css/wp-content/plugins/autoclose/assets/js/autoclose.js/wp-content/plugins/autoclose/assets/js/script.js

Script Paths

/wp-content/plugins/autoclose/assets/js/autoclose.js/wp-content/plugins/autoclose/assets/js/script.js

Version Parameters

autoclose/assets/css/autoclose.css?ver=autoclose/assets/js/autoclose.js?ver=autoclose/assets/js/script.js?ver=

HTML / DOM Fingerprints

JS Globals

window.autoclose_var

FAQ