Does Controlled Draft Publisher have any unpatched vulnerabilities?

No. All known vulnerabilities in Controlled Draft Publisher have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Controlled Draft Publisher compatible with WordPress 6.8.5?

According to WordPress.org data, Controlled Draft Publisher 1.4 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Controlled Draft Publisher compatible with PHP 8.0+?

Controlled Draft Publisher requires PHP 8.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Controlled Draft Publisher updated?

Controlled Draft Publisher was last updated on Jan 19, 2026. Frequent updates are generally a positive security signal.

What is Controlled Draft Publisher's security score?

Controlled Draft Publisher has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Controlled Draft Publisher Security & Risk Analysis

wordpress.org/plugins/controlled-draft-publisher

Publishes one draft post every configurable interval, with logging and an admin dashboard.

10 active installs v1.4 PHP 8.0+ WP 5.0+ Updated Jan 19, 2026

automationcrondraftspublishingscheduler

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Controlled Draft Publisher Safe to Use in 2026?

Generally Safe

Score 100/100

Controlled Draft Publisher has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago

Risk Assessment

The controlled-draft-publisher plugin v1.4 exhibits a generally strong security posture, primarily due to the absence of known vulnerabilities and a healthy approach to code security. The static analysis reveals no dangerous functions, SQL queries are exclusively prepared, and there are no identified taint flows with unsanitized paths. Furthermore, the plugin demonstrates diligent use of nonce checks and capability checks for its limited entry points.

However, a notable concern arises from the output escaping. With 60% of outputs properly escaped, it indicates that 40% of the plugin's output might be vulnerable to Cross-Site Scripting (XSS) attacks. While there are no direct indications of XSS in the taint analysis, poorly escaped output is a common vector for such vulnerabilities, especially in conjunction with other potential weaknesses. The plugin's vulnerability history is clean, which is a positive sign, suggesting past development practices have been secure. Nonetheless, the moderate output escaping rate is the primary area of risk that warrants attention.

Key Concerns

Moderate output escaping rate

Vulnerabilities

None known

Controlled Draft Publisher Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Controlled Draft Publisher Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

66 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

60% escaped110 total outputs

Data Flows

All sanitized

Data Flow Analysis

3 flows

cdp_dashboard_page (controlled-draft-publisher.php:170)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Controlled Draft Publisher Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 4

actionadmin_initcontrolled-draft-publisher.php:23

filtercron_schedulescontrolled-draft-publisher.php:66

actioncdp_publish_eventcontrolled-draft-publisher.php:81

actionadmin_menucontrolled-draft-publisher.php:132

Scheduled Events 3

cdp_publish_event

Maintenance & Trust

Controlled Draft Publisher Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedJan 19, 2026

PHP min version8.0

Downloads254

Community Trust

Rating100/100

Number of ratings1

Active installs10

Alternatives

Controlled Draft Publisher Alternatives

Cron Jobs

leira-cron-jobs

Easily manage and monitor your WordPress cron jobs from a clean, intuitive interface.

2K 1 CVE

Cronjob Scheduler

cronjob-scheduler

Cronjob Scheduler allows you to automate regular tasks and actions within your WordPress installation!

1K No CVEs

Simple Auto Post Scheduler

simple-auto-post-scheduler

100

Schedule posts to be published at specific times and intervals with an easy-to-use interface.

20 No CVEs

Blog2Social: Social Media Auto Post & Scheduler

blog2social

Automatically share and schedule your WordPress content on top social platforms like Facebook, Instagram, LinkedIn, TikTok, and more.

50K 21 CVEs

Action Scheduler

action-scheduler

100

Action Scheduler - Job Queue for WordPress

20K No CVEs

Developer Profile

Controlled Draft Publisher Developer Profile

techygeekshome

2 plugins · 70 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Controlled Draft Publisher

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/controlled-draft-publisher/css/cdp-admin.css/wp-content/plugins/controlled-draft-publisher/js/cdp-admin.js

Script Paths

/wp-content/plugins/controlled-draft-publisher/js/cdp-admin.js

Version Parameters

controlled-draft-publisher/css/cdp-admin.css?ver=controlled-draft-publisher/js/cdp-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

cdp-dashboard-wrappercdp-graph-containercdp-stats-gridcdp-log-tablecdp-log-entry

HTML Comments

Data Attributes

data-cdp-intervaldata-cdp-post-typesdata-cdp-loggingdata-cdp-posts-per-rundata-cdp-categories

JS Globals

cdp_admin_ajax_objectcdp_data_for_chart

FAQ