Does Cron Scheduler have any unpatched vulnerabilities?

No. All known vulnerabilities in Cron Scheduler have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Cron Scheduler compatible with WordPress 6.8.5?

According to WordPress.org data, Cron Scheduler 1.0.3 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Cron Scheduler compatible with PHP 8.0+?

Cron Scheduler requires PHP 8.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Cron Scheduler updated?

Cron Scheduler was last updated on Jun 20, 2025. Frequent updates are generally a positive security signal.

What is Cron Scheduler's security score?

Cron Scheduler has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Cron Scheduler Security & Risk Analysis

wordpress.org/plugins/cron-scheduler

A WordPress plugin to easily adjust the frequency of cron jobs with a user-friendly interface.

0 active installs v1.0.3 PHP 8.0+ WP 6.0+ Updated Jun 20, 2025

admincronperformanceschedulerwp-cron

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Cron Scheduler Safe to Use in 2026?

Generally Safe

Score 100/100

Cron Scheduler has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9mo ago

Risk Assessment

The "cron-scheduler" v1.0.3 plugin exhibits a mixed security posture. On the positive side, the plugin demonstrates good practices by exclusively using prepared statements for SQL queries and avoiding file operations or external HTTP requests. It also includes a nonce check and a capability check, which are important security mechanisms. The absence of known CVEs and a clean vulnerability history are significant strengths, suggesting a history of secure development or timely patching by the developers.

However, a critical concern arises from the static analysis revealing one unprotected AJAX handler. This represents a direct entry point into the plugin that is not secured by authentication checks, potentially allowing unauthorized users to trigger plugin functionalities. While taint analysis shows no unsanitized paths, the lack of authentication on an AJAX endpoint is a significant risk that could be exploited if the functionality it triggers is sensitive. The output escaping at 43% also presents a moderate risk of cross-site scripting (XSS) vulnerabilities if the unescaped outputs are user-controllable.

In conclusion, while the plugin has strengths in its SQL handling, lack of external dependencies, and a clean vulnerability history, the unprotected AJAX handler is a glaring weakness. The moderate XSS risk from insufficient output escaping further compounds the security concerns. Addressing the unprotected AJAX endpoint and improving output escaping should be the immediate priorities to enhance the plugin's security.

Key Concerns

Unprotected AJAX handler found
Moderate risk from unescaped output (43% escaped)

Vulnerabilities

None known

Cron Scheduler Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Cron Scheduler Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

9 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

43% escaped21 total outputs

Data Flows

All sanitized

Data Flow Analysis

1 flows

<cron-scheduler> (cron-scheduler.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

Cron Scheduler Attack Surface

Entry Points1

Unprotected1

AJAX Handlers 1

authwp_ajax_cron_scheduler_updatecron-scheduler.php:120

WordPress Hooks 3

actionplugins_loadedcron-scheduler.php:29

actionadmin_menucron-scheduler.php:33

actionadmin_enqueue_scriptscron-scheduler.php:37

Maintenance & Trust

Cron Scheduler Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedJun 20, 2025

PHP min version8.0

Downloads245

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Cron Scheduler Alternatives

Cron Jobs

leira-cron-jobs

Easily manage and monitor your WordPress cron jobs from a clean, intuitive interface.

2K 1 CVE

Easycron

easycron

Utilize EasyCron's API to configure a cron job that will trigger WordPress's cron script (wp-cron.php) periodically.

200 No CVEs

Advanced Cron Scheduler for WordPress

migrate-wp-cron-to-action-scheduler

100

The Advanced Cron Scheduler for WordPress plugin helps to easily replace or migrate Native WordPress Cron to the Action Scheduler Library.

200 No CVEs

WP Cron Pixie

wp-cron-pixie

100

A little dashboard widget to view the WordPress cron.

20 No CVEs

ShieldClimb – Fix Pending and Past-due Tasks for WooCommerce

shieldclimb-fix-pending-and-past-due-tasks

100

Fix Pending and Past-due Tasks for WooCommerce – Speed up order processing, prevent stuck scheduled tasks, and optimize performance.

10 No CVEs

Developer Profile

Cron Scheduler Developer Profile

Juanjo Rubio

1 plugin · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Cron Scheduler

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/cron-scheduler/assets/admin.css/wp-content/plugins/cron-scheduler/assets/admin.js

Script Paths

/wp-content/plugins/cron-scheduler/assets/admin.js

HTML / DOM Fingerprints

CSS Classes

cron-scheduler-stylecron-scheduler-scriptcron-interval-selectcron-search

Data Attributes

data-hook

JS Globals

wpCronScheduler

FAQ