WP-Safety

Cleanup Action Scheduler Security & Risk Analysis

wordpress.org/plugins/cleanup-action-scheduler

Delete Action Scheduler Events to avoid having large database tables.

2K active installs v1.2.4 PHP 7.4+ WP 4.9+ Updated Feb 6, 2025
actioncleanupcron-jobschedulerwoocommerce
92
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Cleanup Action Scheduler Safe to Use in 2026?

Generally Safe

Score 92/100

Cleanup Action Scheduler has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago
Risk Assessment

The "cleanup-action-scheduler" plugin version 1.2.4 demonstrates a generally good security posture based on the provided static analysis. It has a limited attack surface with only two AJAX entry points, and crucially, none of these are exposed without authentication checks. The absence of raw SQL queries, file operations, and external HTTP requests further strengthens its security. The high percentage of properly escaped output and the presence of nonce checks are positive indicators of secure coding practices. The taint analysis also revealed no critical or high severity unsanitized flows.

While the static analysis is encouraging, the lack of capability checks on the AJAX handlers is a potential concern. Although nonce checks are in place, relying solely on nonces without verifying user capabilities could allow authenticated users to perform actions they shouldn't. The bundled Freemius library, while not flagged as outdated in this report, is a component that should be monitored for potential vulnerabilities if it's an older version. However, the plugin's vulnerability history is exceptionally clean, with no recorded CVEs, suggesting a well-maintained and secure codebase. Overall, the plugin appears robust, but the missing capability checks represent a minor area for improvement to further harden its security.

Key Concerns

  • AJAX handlers without capability checks
  • Bundled library (Freemius v1.0) might be outdated
Vulnerabilities
None known

Cleanup Action Scheduler Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Cleanup Action Scheduler Code Analysis

Dangerous Functions
0
Raw SQL Queries
1
2 prepared
Unescaped Output
1
8 escaped
Nonce Checks
1
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
1

Bundled Libraries

Freemius1.0

SQL Query Safety

67% prepared3 total queries

Output Escaping

89% escaped9 total outputs
Data Flows
All sanitized

Data Flow Analysis

2 flows
cas_delete_all_Action (core\Actions\Cleanups.php:33)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Cleanup Action Scheduler Attack Surface

Entry Points2
Unprotected0

AJAX Handlers 2

authwp_ajax_cas_delete_allcore\Actions\Cleanups.php:23
noprivwp_ajax_cas_delete_allcore\Actions\Cleanups.php:24
WordPress Hooks 10
filterpricing/show_annual_in_monthlycleanup-action-scheduler.php:102
actionadmin_enqueue_scriptscore\Base\Enqueue.php:20
actionadmin_menucore\Pages\Dashboard.php:25
actionadmin_initcore\Pages\Dashboard.php:26
filteraction_scheduler_retention_periodcore\Pages\Dashboard.php:27
filteraction_scheduler_queue_runner_batch_sizecore\Pages\Dashboard.php:28
filteraction_scheduler_queue_runner_concurrent_batchescore\Pages\Dashboard.php:29
filteraction_scheduler_timeout_periodcore\Pages\Dashboard.php:30
filteraction_scheduler_failure_periodcore\Pages\Dashboard.php:31
filteraction_scheduler_queue_runner_time_limitcore\Pages\Dashboard.php:32
Maintenance & Trust

Cleanup Action Scheduler Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedFeb 6, 2025
PHP min version7.4
Downloads17K

Community Trust

Rating64/100
Number of ratings6
Active installs2K
Alternatives

Cleanup Action Scheduler Alternatives

Easy Actions Scheduler Cleaner

Easy Actions Scheduler Cleaner

easy-actions-scheduler-cleaner-ayudawp

A
100

Clean up your Actions Scheduler database with manual or scheduled cleanup. Remove old actions and logs automatically.

100 No CVEs
ZS Action Scheduler Optimizer

ZS Action Scheduler Optimizer

zs-action-scheduler-optimizer

A
92

This plugin optimizes Action Scheduler by clearing the Action Scheduler Actions table, truncating the logs, and modifying the retention period.

400 No CVEs
Failed Actions Monitor for Action Scheduler

Failed Actions Monitor for Action Scheduler

failed-actions-monitor-for-action-scheduler

A
100

Monitors failed Action Scheduler jobs and sends daily email notifications about them.

30 No CVEs
Disable Bloat for WordPress & WooCommerce

Disable Bloat for WordPress & WooCommerce

disable-dashboard-for-woocommerce

A
92

All-in-One solution to speed up your WordPress & WooCommerce. Remove unnecessary features and make your site faster and cleaner.

10K No CVEs
Mobile Contact Bar

Mobile Contact Bar

mobile-contact-bar

A
99

Allow your visitors to contact you via mobile phones, or access your site's pages instantly.

10K 1 CVE
Developer Profile

Cleanup Action Scheduler Developer Profile

laurencebahiirwa

5 plugins · 3K total installs

86
trust score
Avg Security Score
88/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Cleanup Action Scheduler

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/cleanup-action-scheduler/assets/build/css/admin.css/wp-content/plugins/cleanup-action-scheduler/assets/build/js/admin.js

HTML / DOM Fingerprints

Data Attributes
cas_paramscas_delete_nonce
JS Globals
cas_paramscfas_fs
FAQ

Frequently Asked Questions about Cleanup Action Scheduler