Does Content Unpublisher have any unpatched vulnerabilities?

No. All known vulnerabilities in Content Unpublisher have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Content Unpublisher compatible with WordPress 6.8.5?

According to WordPress.org data, Content Unpublisher 1.0 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Content Unpublisher compatible with PHP 7.2+?

Content Unpublisher requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Content Unpublisher updated?

Content Unpublisher was last updated on May 17, 2025. Frequent updates are generally a positive security signal.

What is Content Unpublisher's security score?

Content Unpublisher has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Content Unpublisher Security & Risk Analysis

wordpress.org/plugins/content-unpublisher

A lightweight plugin to automatically unpublish or trash posts and pages at a scheduled time.

50 active installs v1.0 PHP 7.2+ WP 5.0+ Updated May 17, 2025

pagespostsscheduletrashunpublish

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Content Unpublisher Safe to Use in 2026?

Generally Safe

Score 100/100

Content Unpublisher has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10mo ago

Risk Assessment

The 'content-unpublisher' v1.0 plugin demonstrates a generally good security posture with several positive indicators. Notably, all SQL queries utilize prepared statements, and all identified output operations are properly escaped, mitigating common risks like SQL injection and XSS. The absence of file operations and external HTTP requests further reduces the attack surface. The plugin also has a clean vulnerability history with zero recorded CVEs, suggesting a well-maintained codebase over time. However, the plugin is not without its concerns. The static analysis revealed one AJAX handler that lacks authentication checks. This unprotected entry point, while singular, presents a potential pathway for attackers to interact with the plugin's functionality without proper authorization, which could lead to unintended consequences depending on what the AJAX handler does. The presence of this unprotected entry point is the primary security concern identified in this version.

Key Concerns

Unprotected AJAX handler without auth checks

Vulnerabilities

None known

Content Unpublisher Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Content Unpublisher Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

17 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped17 total outputs

Data Flows

All sanitized

Data Flow Analysis

1 flows

<content-unpublisher> (content-unpublisher.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

Content Unpublisher Attack Surface

Entry Points1

Unprotected1

AJAX Handlers 1

authwp_ajax_contun_remove_unpublishcontent-unpublisher.php:190

WordPress Hooks 5

actionadd_meta_boxescontent-unpublisher.php:22

actionsave_postcontent-unpublisher.php:49

actioncontun_unpublisher_runcontent-unpublisher.php:81

actionadmin_menucontent-unpublisher.php:93

actionadmin_enqueue_scriptscontent-unpublisher.php:105

Scheduled Events 1

contun_unpublisher_run

Maintenance & Trust

Content Unpublisher Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedMay 17, 2025

PHP min version7.2

Downloads523

Community Trust

Rating100/100

Number of ratings1

Active installs50

Alternatives

Content Unpublisher Alternatives

Schedule Post Changes With PublishPress Future: Unpublish, Delete, Change Status, Trash, Change Categories

post-expirator

PublishPress Future can make scheduled changes to your content. You can unpublish posts, move posts to a new status, update the categories, and more.

100K 5 CVEs

Auto Post Expiry Manager

auto-post-expiry-manager

100

Automatically expire posts and custom post types at a specific date and time. Works with all public post types and uses a lightweight cron scheduler.

80 No CVEs

Bulk Trash by URL

bulk-trash-by-url

100

Bulk‑trash posts, pages and custom post types from pasted URLs. Fast URL mapping, batched processing with pause/resume, and an optional summary.

10 No CVEs

DishSoap

dishsoap

Automatically unpublish or unsticky a post on a specified date and time. Simple interface for ease of use.

10 No CVEs

Duplicate Post

copy-delete-posts

Duplicate post

300K 2 CVEs

Developer Profile

Content Unpublisher Developer Profile

skldrth

1 plugin · 50 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Content Unpublisher

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/content-unpublisher/unpublisher-admin.js

Script Paths

/wp-content/plugins/content-unpublisher/unpublisher-admin.js

Version Parameters

unpublisher-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

unpub-remove-linkunpub-remove-button

Data Attributes

data-post-idname="unpublish_date"name="unpublish_action"id="contun_unpublish_settings"

JS Globals

window.ContunAjax

REST Endpoints

/wp-json/wp/v2/posts/wp-json/wp/v2/pages

FAQ