Does Content Approval Workflow have any unpatched vulnerabilities?

No. All known vulnerabilities in Content Approval Workflow have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Content Approval Workflow compatible with WordPress 6.7.5?

According to WordPress.org data, Content Approval Workflow 1.1.6 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

How often is Content Approval Workflow updated?

Content Approval Workflow was last updated on Feb 24, 2025. Frequent updates are generally a positive security signal.

What is Content Approval Workflow's security score?

Content Approval Workflow has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Content Approval Workflow Security & Risk Analysis

wordpress.org/plugins/content-approval-workflow

Enhance collaboration with this plugin. Easily assign reviewers, track status, and get timely notifications for a seamless content review process.

80 active installs v1.1.6 PHP + WP 3.0.1+ Updated Feb 24, 2025

collaborationcontentfeedbackreviewworkflow

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Content Approval Workflow Safe to Use in 2026?

Generally Safe

Score 92/100

Content Approval Workflow has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The plugin "content-approval-workflow" v1.1.6 exhibits a mixed security posture. On the positive side, it demonstrates good practices by using prepared statements for all SQL queries and having a high rate of properly escaped output. The absence of file operations, external HTTP requests, and bundled libraries further reduces potential attack vectors. However, a significant concern arises from the substantial attack surface, with 9 out of 10 identified entry points lacking authentication checks. This means that potentially sensitive actions or data within these unprotected AJAX handlers could be accessed or manipulated by unauthenticated users. The vulnerability history is clean, with no known CVEs, which suggests a history of generally secure development, but this cannot compensate for the current lack of authentication on critical entry points.

Key Concerns

Large attack surface without auth
Missing nonce checks on AJAX
Capability checks missing on AJAX

Vulnerabilities

None known

Content Approval Workflow Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Content Approval Workflow Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

179 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared2 total queries

Output Escaping

95% escaped189 total outputs

Attack Surface

9 unprotected

Content Approval Workflow Attack Surface

Entry Points10

Unprotected9

AJAX Handlers 9

authwp_ajax_caw_save_review_requestincludes\class-content-approval-workflow.php:196

authwp_ajax_caw_approve_reviewincludes\class-content-approval-workflow.php:197

authwp_ajax_caw_load_more_usersincludes\class-content-approval-workflow.php:198

authwp_ajax_caw_save_feedbackincludes\class-content-approval-workflow.php:199

authwp_ajax_caw_load_more_feedbacksincludes\class-content-approval-workflow.php:200

authwp_ajax_caw_cancel_review_requestincludes\class-content-approval-workflow.php:201

authwp_ajax_caw_load_history_tableincludes\class-content-approval-workflow.php:202

authwp_ajax_ignore_review_processincludes\class-content-approval-workflow.php:207

authwp_ajax_caw_get_approval_statusincludes\class-content-approval-workflow.php:208

Shortcodes 1

[caw_history_log] includes\class-content-approval-workflow-shortcode.php:50

WordPress Hooks 20

filterplugin_action_links_content-approval-workflow/content-approval-workflow.phpcontent-approval-workflow.php:76

actionadmin_initcontent-approval-workflow.php:114

actioninitincludes\class-content-approval-workflow-loader.php:55

actionadd_meta_boxesincludes\class-content-approval-workflow-post-meta-box.php:26

actionplugins_loadedincludes\class-content-approval-workflow.php:138

actionadmin_enqueue_scriptsincludes\class-content-approval-workflow.php:169

actionadmin_enqueue_scriptsincludes\class-content-approval-workflow.php:170

actionadd_meta_boxesincludes\class-content-approval-workflow.php:173

actionwp_dashboard_setupincludes\class-content-approval-workflow.php:183

actionadmin_menuincludes\class-content-approval-workflow.php:186

actionadmin_initincludes\class-content-approval-workflow.php:187

actioninitincludes\class-content-approval-workflow.php:190

actioncaw_review_pending_overdue_notificationincludes\class-content-approval-workflow.php:191

actioncaw_frequently_notificationincludes\class-content-approval-workflow.php:192

actioncaw_remove_old_logincludes\class-content-approval-workflow.php:193

actionadmin_bar_menuincludes\class-content-approval-workflow.php:205

filtercomments_clausesincludes\class-content-approval-workflow.php:241

filterget_comments_numberincludes\class-content-approval-workflow.php:242

actionwp_enqueue_scriptsincludes\class-content-approval-workflow.php:244

actionwp_enqueue_scriptsincludes\class-content-approval-workflow.php:245

Maintenance & Trust

Content Approval Workflow Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedFeb 24, 2025

PHP min version

Downloads3K

Community Trust

Rating100/100

Number of ratings1

Active installs80

Alternatives

Content Approval Workflow Alternatives

Peter’s Post Notes

peters-post-notes

Add notes to the "edit post" and "edit page" sidebars. Collaborators can also share notes on the WordPress dashboard.

3K No CVEs

Testimonial Slider

testimonial-slider

Display your happy customers' Testimonials in a neat Responsive Slider

3K 4 CVEs

Creta Testimonial Showcase

creta-testimonial-showcase

Showcase client reviews with Creta Testimonial Showcase an easy, responsive WordPress testimonial plugin with free and premium templates.

2K 1 CVE

Atarim – Visual Feedback, Review & AI Collaboration

atarim-visual-collaboration

Make collecting feedback on WordPress sites MUCH faster and easier, with the visual collaboration tool used on over 120,000 websites worldwide.

1K 18 CVEs

PublishPress Statuses – Custom Post Status and Workflow

publishpress-statuses

100

The PublishPress Statuses plugin allows you to create additional statuses for your posts. You can use each status to create publishing workflows.

1K No CVEs

Developer Profile

Content Approval Workflow Developer Profile

Qrolic Technologies

1 plugin · 80 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Content Approval Workflow

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/content-approval-workflow/dist/admin/css/admin.bundle.css/wp-content/plugins/content-approval-workflow/dist/admin/js/admin.bundle.js/wp-content/plugins/content-approval-workflow/dist/admin/css/settings.bundle.css/wp-content/plugins/content-approval-workflow/dist/admin/js/settings.bundle.js

Script Paths

/wp-content/plugins/content-approval-workflow/dist/admin/js/admin.bundle.js/wp-content/plugins/content-approval-workflow/dist/admin/js/settings.bundle.js

Version Parameters

/wp-content/plugins/content-approval-workflow/dist/admin/css/admin.bundle.css?ver=/wp-content/plugins/content-approval-workflow/dist/admin/js/admin.bundle.js?ver=/wp-content/plugins/content-approval-workflow/dist/admin/css/settings.bundle.css?ver=/wp-content/plugins/content-approval-workflow/dist/admin/js/settings.bundle.js?ver=

HTML / DOM Fingerprints

Data Attributes

data-caw-nonce

JS Globals

cawNonceAjaxObject

FAQ