Does Cronjob Scheduler have any unpatched vulnerabilities?

No. All known vulnerabilities in Cronjob Scheduler have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Cronjob Scheduler compatible with WordPress 5.4.19?

According to WordPress.org data, Cronjob Scheduler 1.40.1 has been tested up to WordPress 5.4.19. Check the plugin's changelog for the latest compatibility information.

How often is Cronjob Scheduler updated?

Cronjob Scheduler was last updated on May 26, 2020. Frequent updates are generally a positive security signal.

What is Cronjob Scheduler's security score?

Cronjob Scheduler has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Cronjob Scheduler Security & Risk Analysis

wordpress.org/plugins/cronjob-scheduler

Cronjob Scheduler allows you to automate regular tasks and actions within your WordPress installation!

1K active installs v1.40.1 PHP + WP 3.5.1+ Updated May 26, 2020

automationcroncronjobschedulertask

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Cronjob Scheduler Safe to Use in 2026?

Generally Safe

Score 85/100

Cronjob Scheduler has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago

Risk Assessment

The "cronjob-scheduler" plugin version 1.40.1 exhibits a generally strong security posture based on the static analysis and vulnerability history provided. The absence of any detected dangerous functions, raw SQL queries, file operations, external HTTP requests, or critical taint flows is highly encouraging. The plugin also appears to have a limited attack surface, with no exposed AJAX handlers, REST API routes, shortcodes, or cron events that lack authentication or permission checks. Its vulnerability history is clean, with no known CVEs, which suggests a commitment to secure development or a lack of prior discoveries.

However, a significant concern lies in the output escaping. With 29 total outputs and only 69% properly escaped, there's a notable risk of cross-site scripting (XSS) vulnerabilities. This means that user-supplied data displayed by the plugin might not be sufficiently sanitized, potentially allowing an attacker to inject malicious scripts into the user's browser. The absence of nonce checks and capability checks across all entry points, while seemingly mitigated by the lack of exposed entry points, still represents a potential weakness if the attack surface were to grow or be misconfigured. The plugin's strengths are in its lack of common attack vectors and its SQL query handling, but the unescaped output is a clear area for improvement.

Key Concerns

Significant portion of output not properly escaped
No nonce checks on entry points
No capability checks on entry points

Vulnerabilities

None known

Cronjob Scheduler Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Cronjob Scheduler Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

20 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

69% escaped29 total outputs

Data Flows

All sanitized

Data Flow Analysis

1 flows

<plugin_settings> (views\plugin_settings.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Cronjob Scheduler Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 1

actionmy_cronjob_actioncronjobs.php:16

Maintenance & Trust

Cronjob Scheduler Maintenance & Trust

Maintenance Signals

WordPress version tested5.4.19

Last updatedMay 26, 2020

PHP min version

Downloads41K

Community Trust

Rating88/100

Number of ratings14

Active installs1K

Alternatives

Cronjob Scheduler Alternatives

Cron Jobs

leira-cron-jobs

Easily manage and monitor your WordPress cron jobs from a clean, intuitive interface.

2K 1 CVE

Easycron

easycron

Utilize EasyCron's API to configure a cron job that will trigger WordPress's cron script (wp-cron.php) periodically.

200 No CVEs

Simple Auto Post Scheduler

simple-auto-post-scheduler

100

Schedule posts to be published at specific times and intervals with an easy-to-use interface.

20 No CVEs

Controlled Draft Publisher

controlled-draft-publisher

100

Publishes one draft post every configurable interval, with logging and an admin dashboard.

10 No CVEs

Blog2Social: Social Media Auto Post & Scheduler

blog2social

Automatically share and schedule your WordPress content on top social platforms like Facebook, Instagram, LinkedIn, TikTok, and more.

50K 21 CVEs

Developer Profile

Cronjob Scheduler Developer Profile

chrispage1

1 plugin · 1K total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Cronjob Scheduler

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/cronjob-scheduler/css/style.css/wp-content/plugins/cronjob-scheduler/js/cronjobs.js

Script Paths

/wp-content/plugins/cronjob-scheduler/js/cronjobs.js

Version Parameters

cronjob-scheduler/css/style.css?ver=cronjob-scheduler/js/cronjobs.js?ver=

HTML / DOM Fingerprints

CSS Classes

button-redform-input-tip

Data Attributes

name="scheduler_nonce"name="deleteschedule"name="schedule[display]"name="schedule[interval]"name="save"

FAQ