Does Advanced Bulk Actions have any unpatched vulnerabilities?

No. All known vulnerabilities in Advanced Bulk Actions have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Advanced Bulk Actions compatible with WordPress 4.7.32?

According to WordPress.org data, Advanced Bulk Actions 1.1.2 has been tested up to WordPress 4.7.32. Check the plugin's changelog for the latest compatibility information.

How often is Advanced Bulk Actions updated?

Advanced Bulk Actions was last updated on May 31, 2017. Frequent updates are generally a positive security signal.

What is Advanced Bulk Actions's security score?

Advanced Bulk Actions has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Advanced Bulk Actions Security & Risk Analysis

wordpress.org/plugins/bulk-actions

Supercharge the WordPress admin panel with additional bulk actions to manage your content

100 active installs v1.1.2 PHP + WP 4.7+ Updated May 31, 2017

actionsadminadvanced-bulk-actionsbulkbulk-actions

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Advanced Bulk Actions Safe to Use in 2026?

Generally Safe

Score 85/100

Advanced Bulk Actions has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8yr ago

Risk Assessment

The "bulk-actions" plugin v1.1.2 exhibits a generally good security posture with some notable exceptions. The absence of any recorded vulnerabilities in its history and the responsible use of prepared statements for SQL queries are positive indicators. Furthermore, the plugin avoids risky operations like file manipulation or external HTTP requests. However, a significant concern arises from the static analysis, which reveals a single AJAX handler that lacks authentication checks. This unprotected entry point presents a potential attack vector that could be exploited by unauthenticated users.

The code analysis indicates a low overall risk, primarily due to the limited attack surface and the absence of critical security issues like dangerous functions or unsanitized taint flows. The high percentage of properly escaped output is also reassuring. Nevertheless, the single unprotected AJAX handler is a critical weakness that must be addressed. The plugin's clean vulnerability history is commendable and suggests a commitment to security from its developers, but this does not negate the immediate risk posed by the identified unprotected entry point.

In conclusion, while "bulk-actions" v1.1.2 demonstrates several security strengths, particularly in its database interactions and output handling, the presence of an unprotected AJAX handler is a serious flaw that significantly degrades its overall security. Remediation of this specific issue is paramount to improving the plugin's security posture.

Key Concerns

Unprotected AJAX handler

Vulnerabilities

None known

Advanced Bulk Actions Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Advanced Bulk Actions Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

26 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

84% escaped31 total outputs

Attack Surface

1 unprotected

Advanced Bulk Actions Attack Surface

Entry Points1

Unprotected1

AJAX Handlers 1

authwp_ajax_wpba/dismiss_noticelibrary\AdminFeedback.php:17

WordPress Hooks 9

actionplugins_loadedbulk-actions.php:79

actioninitbulk-actions.php:80

actionadmin_initbulk-actions.php:81

actionplugins_loadedbulk-actions.php:84

actionadmin_noticeslibrary\AdminFeedback.php:15

actionadmin_enqueue_scriptslibrary\AdminFeedback.php:16

actionadmin_noticeslibrary\ListScreen\Abstract.php:41

actionadmin_enqueue_scriptslibrary\ListScreen\Abstract.php:42

actionadmin_print_footer_scriptslibrary\ListScreen\Abstract.php:43

Maintenance & Trust

Advanced Bulk Actions Maintenance & Trust

Maintenance Signals

WordPress version tested4.7.32

Last updatedMay 31, 2017

PHP min version

Downloads6K

Community Trust

Rating100/100

Number of ratings5

Active installs100

Alternatives

Advanced Bulk Actions Alternatives

Bulk Actions Select All

bulk-actions-select-all

Adds an option to the admin posts and terms overview pages to select all items (instead of just the ones on the current page) to apply bulk actions.

900 No CVEs

Bulk Delete Product Images

bulk-delete-product-images

100

Adds a bulk action to delete featured and gallery images from selected WooCommerce products in one click.

20 No CVEs

Bulk Plugin Toggle

bulk-plugin-toggle

Adds "Toggle" as a bulk action for the plugins listing to toggle the activation state for selected plugins.

0 No CVEs

Pimi Admin Agent

pimi-admin-agent

100

Manage your WordPress site using simple commands. Create pages, posts, users, manage plugins, and more with commands.

0 No CVEs

Bulk edit publish date

bulk-edit-publish-date

Adds a bulk action to all post types to allow setting the publish date to a specific date time.

1K No CVEs

Developer Profile

Advanced Bulk Actions Developer Profile

Jesper van Engelen

7 plugins · 2K total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Advanced Bulk Actions

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/bulk-actions/css/admin.css/wp-content/plugins/bulk-actions/js/admin.js/wp-content/plugins/bulk-actions/js/bulk-actions.js

Script Paths

/wp-content/plugins/bulk-actions/js/admin.js/wp-content/plugins/bulk-actions/js/bulk-actions.js

Version Parameters

bulk-actions/css/admin.css?ver=bulk-actions/js/admin.js?ver=bulk-actions/js/bulk-actions.js?ver=

HTML / DOM Fingerprints

CSS Classes

wpba-notice-feedback

Data Attributes

data-wpba-posttype

JS Globals

wpba_admin_options

FAQ