Does Completely Delete have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Completely Delete compatible with WordPress 4.1.42?

According to WordPress.org data, Completely Delete 0.8.3 has been tested up to WordPress 4.1.42. Check the plugin's changelog for the latest compatibility information.

How often is Completely Delete updated?

Completely Delete was last updated on Apr 11, 2015. Frequent updates are generally a positive security signal.

What is Completely Delete's security score?

Completely Delete has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Completely Delete Security & Risk Analysis

wordpress.org/plugins/completely-delete

A plugin to let you completely delete all child objects of a post.

50 active installs v0.8.3 PHP + WP 3.5+ Updated Apr 11, 2015

attachemntspagesposts

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Completely Delete Safe to Use in 2026?

Generally Safe

Score 85/100

Completely Delete has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11yr ago

Risk Assessment

The 'completely-delete' plugin v0.8.3 exhibits a mixed security posture. On the positive side, it demonstrates strong adherence to secure coding practices by exclusively using prepared statements for all SQL queries and including nonce and capability checks in its code. The absence of known CVEs and a clean vulnerability history further suggests a relatively stable past. However, concerns arise from the static analysis. The taint analysis reveals a flow with an unsanitized path, flagged as high severity, which is a significant area of concern that requires immediate attention. Additionally, only 33% of output escaping is properly implemented, indicating a potential for cross-site scripting (XSS) vulnerabilities. The limited attack surface, with no exposed AJAX handlers, REST API routes, shortcodes, or cron events without authentication checks, is a positive aspect.

Key Concerns

High severity taint flow with unsanitized path
Insufficient output escaping (only 33% proper)

Vulnerabilities

None known

Completely Delete Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Completely Delete Release Timeline

v0.8.3Current

v0.8.2

v0.8.1

v0.8.0

v0.7

v0.6

Code Analysis

Analyzed Mar 16, 2026

Completely Delete Code Analysis

Dangerous Functions

Raw SQL Queries

9 prepared

Unescaped Output

2 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared9 total queries

Output Escaping

33% escaped6 total outputs

Data Flows · Security

1 unsanitized

Data Flow Analysis

2 flows1 with unsanitized paths

add_delete_button (admin\class-completely-delete-admin.php:232)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Completely Delete Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 15

actionadmin_enqueue_scriptsadmin\class-completely-delete-admin.php:72

actionadmin_enqueue_scriptsadmin\class-completely-delete-admin.php:73

actionadmin_menuadmin\class-completely-delete-admin.php:79

actionpost_submitbox_startadmin\class-completely-delete-admin.php:87

actionadmin_action_completely_deleteadmin\class-completely-delete-admin.php:88

actionuntrash_postadmin\class-completely-delete-admin.php:89

actionbefore_delete_postadmin\class-completely-delete-admin.php:93

filterpost_row_actionsadmin\class-completely-delete-admin.php:96

filterpage_row_actionsadmin\class-completely-delete-admin.php:97

actionwp_trash_postadmin\class-completely-delete-admin.php:259

actionadmin_initadmin\includes\settings.php:37

actionplugins_loadedcompletely-delete.php:45

actionplugins_loadedcompletely-delete.php:64

actioninitpublic\class-completely-delete.php:65

actionadmin_noticespublic\class-completely-delete.php:68

Maintenance & Trust

Completely Delete Maintenance & Trust

Maintenance Signals

WordPress version tested4.1.42

Last updatedApr 11, 2015

PHP min version

Downloads3K

Community Trust

Rating100/100

Number of ratings4

Active installs50

Alternatives

Completely Delete Alternatives

Duplicate Post

copy-delete-posts

Duplicate post

300K 2 CVEs

Display Posts – Easy lists, grids, navigation, and more

display-posts-shortcode

Add a listing of content on your website using a simple shortcode. Filter the results by category, author, and more.

80K No CVEs

CMS Tree Page View

cms-tree-page-view

Adds a tree view of all pages & custom posts. Get a great overview + options to drag & drop to reorder & option to add multiple pages.

50K 3 CVEs

Sitemap by BestWebSoft – WordPress XML Site Map Page Generator Plugin

google-sitemap-plugin

100

Generate and add XML sitemap to WordPress website. Help search engines index your blog.

20K 1 CVE

Clone Posts

clone-posts

100

Easily clone (duplicate) Posts, Pages and Custom Post Types, including their custom fields (post_meta)

10K No CVEs

Developer Profile

Completely Delete Developer Profile

Yoren Chang

6 plugins · 4K total installs

trust score

Avg Security Score

87/100

Avg Patch Time

51 days

View full developer profile

Detection Fingerprints

How We Detect Completely Delete

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/completely-delete/assets/css/admin.css/wp-content/plugins/completely-delete/assets/js/admin.js

Version Parameters

completely-delete.php?ver=

HTML / DOM Fingerprints

FAQ