Does Cron Logger have any unpatched vulnerabilities?

Yes — Cron Logger currently has 1 unpatched vulnerability. We recommend switching to an alternative or applying any available workarounds.

Is Cron Logger compatible with WordPress 6.6.5?

According to WordPress.org data, Cron Logger 1.3.0 has been tested up to WordPress 6.6.5. Check the plugin's changelog for the latest compatibility information.

Is Cron Logger compatible with PHP 8.1+?

Cron Logger requires PHP 8.1 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Cron Logger updated?

Cron Logger was last updated on Nov 4, 2024. Frequent updates are generally a positive security signal.

What is Cron Logger's security score?

Cron Logger has a WP-Safety security score of 70/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Cron Logger Security & Risk Analysis

wordpress.org/plugins/cron-logger

Logs wp-cron.php runs.

2K active installs v1.3.0 PHP 8.1+ WP 5.3+ Updated Nov 4, 2024

crondebuglogtoolwp-cron

B · Generally Safe

CVEs total1

Unpatched1

Last CVEJun 27, 2025

Download

Safety Verdict

Is Cron Logger Safe to Use in 2026?

Mostly Safe

Score 70/100

Cron Logger is generally safe to use though it hasn't been updated recently. 1 past CVE were resolved. Keep it updated.

1 known CVE 1 unpatched Last CVE: Jun 27, 2025Updated 1yr ago

Risk Assessment

The "cron-logger" plugin v1.3.0 presents a significant security risk due to a combination of factors observed in its static analysis and vulnerability history. The plugin's attack surface is small but critically flawed, with one AJAX handler lacking any authorization checks. This directly exposes a potential entry point for attackers. Furthermore, the plugin exhibits poor coding practices regarding SQL query security, with 100% of its SQL queries not using prepared statements, increasing the risk of SQL injection vulnerabilities. The lack of nonce and capability checks in critical areas like AJAX further exacerbates these risks.

The vulnerability history is concerning, indicating a pattern of "Missing Authorization" vulnerabilities, with one medium-severity CVE still unpatched. The fact that the last vulnerability was recorded in the future (2025-06-27) suggests a potential data anomaly or a forward-looking vulnerability that hasn't been fixed yet, but the presence of an unpatched CVE itself is a major red flag. While the absence of dangerous functions and file operations is positive, it is heavily outweighed by the critical flaws in authorization, SQL query handling, and the unpatched vulnerability.

In conclusion, this plugin's security posture is poor. The unprotected AJAX handler, widespread use of raw SQL queries, and an unpatched CVE create substantial vulnerabilities. Users are strongly advised to avoid this plugin or take immediate steps to mitigate these risks if absolutely necessary. The plugin demonstrates a lack of fundamental security best practices, making it a prime target for exploitation.

Key Concerns

Unprotected AJAX handler
SQL queries lack prepared statements
No nonce checks on AJAX
No capability checks
Unpatched CVE
Low output escaping percentage

Vulnerabilities

Cron Logger Security Vulnerabilities

CVEs by Year

1 CVE in 2025 · unpatched

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-53266medium · 4.3Missing Authorization

Cron Logger <= 1.3.0 - Missing Authorization

Jun 27, 2025Unpatched

Code Analysis

Analyzed Mar 16, 2026

Cron Logger Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

5 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared6 total queries

Output Escaping

26% escaped19 total outputs

Attack Surface

1 unprotected

Cron Logger Attack Surface

Entry Points1

Unprotected1

AJAX Handlers 1

authwp_ajax_cron_logger_cleanupclasses\Ajax.php:10

WordPress Hooks 12

actioninitclasses\Components\Plugin.php:83

actionadmin_menuclasses\Page.php:23

actionadmin_initclasses\Schedule.php:10

actionsolr_cron_startclasses\Services\SolrPlugin.php:11

actionsolr_cron_finishclasses\Services\SolrPlugin.php:12

actionplugins_loadedclasses\Services\WPCron.php:17

actionshutdownclasses\Services\WPCron.php:18

actionpublish_future_postclasses\Services\WPCron.php:21

actionpublish_future_postclasses\Services\WPCron.php:22

actiontransition_post_statusclasses\Services\WPCron.php:73

actionplugins_loadedclasses\Services.php:17

actionadmin_initclasses\Updates.php:13

Maintenance & Trust

Cron Logger Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5

Last updatedNov 4, 2024

PHP min version8.1

Downloads45K

Community Trust

Rating98/100

Number of ratings8

Active installs2K

Alternatives

Cron Logger Alternatives

Re{code} Cron Viewer

recode-cron-viewer

100

A lightweight WordPress plugin to view and debug all scheduled WP-Cron tasks.

0 No CVEs

WP Crontrol

wp-crontrol

WP Crontrol enables you to take control of the cron events on your WordPress website.

300K 3 CVEs

Error Log Viewer by BestWebSoft

error-log-viewer

Get latest error log messages to diagnose website problems. Define and fix issues faster.

6K 5 CVEs

Debug Log – Manager Tool

debug-log-config-tool

The "Debug Log Config Tool" simplifies debugging. Toggle logging,queries , view levels, clear logs from dashboard.

3K 1 CVE

Cron Jobs

leira-cron-jobs

Easily manage and monitor your WordPress cron jobs from a clean, intuitive interface.

2K 1 CVE

Developer Profile

Cron Logger Developer Profile

EdwardBock

22 plugins · 2K total installs

trust score

Avg Security Score

90/100

Avg Patch Time

107 days

View full developer profile

Detection Fingerprints

How We Detect Cron Logger

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

FAQ