Delete Post with Attachments Security & Risk Analysis
wordpress.org/plugins/delete-post-with-attachmentsA simple plugin to delete attached media files e.g. images/videos/documents, when the post is deleted. Supports Elementor, Divi Builder, Thrive Archit …
Is Delete Post with Attachments Safe to Use in 2026?
Generally Safe
Score 100/100Delete Post with Attachments has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "delete-post-with-attachments" v2.0 plugin exhibits a strong security posture based on the provided static analysis. The absence of any identified dangerous functions, file operations, or external HTTP requests is commendable. Furthermore, all SQL queries are properly prepared, and all output is correctly escaped, mitigating common attack vectors like SQL injection and cross-site scripting. The plugin also has a clean vulnerability history with no recorded CVEs, indicating a history of secure development practices.
However, a significant concern arises from the complete lack of capability checks and nonce checks across all identified entry points, which are zero. While the current attack surface is minimal, this absence of authorization and CSRF protection means that if any entry points were to be introduced or discovered in the future, they would likely be unprotected. This reliance on the *absence* of vulnerabilities rather than proactive security measures is a potential weakness that could become a significant risk if the plugin's functionality or attack surface expands.
Key Concerns
- No capability checks on entry points
- No nonce checks on entry points
Delete Post with Attachments Security Vulnerabilities
Delete Post with Attachments Code Analysis
SQL Query Safety
Output Escaping
Delete Post with Attachments Attack Surface
WordPress Hooks 1
Maintenance & Trust
Delete Post with Attachments Maintenance & Trust
Maintenance Signals
Community Trust
Delete Post with Attachments Alternatives
SiteEase Bulk Delete Manager
bulk-delete-all-in-one
SiteEase Bulk Delete Manager helps administrators safely and efficiently delete large amounts of WordPress content using a simple, AJAX-powered interf …
MCOD Delete Media by Content
mcod-bulk-delete-media-by-content
Bulk delete WordPress media files linked to any post type. Clean your media library in batches with smart exclusions and WooCommerce/ACF support.
Delete Duplicate Posts
delete-duplicate-posts
Get rid of duplicate posts and pages (any post type) on your blog with manual or automatic modes.
DX Delete Attached Media
dx-delete-attached-media
Automatically deletes attached media from posts and custom post types added via the Media button.
Autoremove Attachments
autoremove-attachments
Remove child attachments when parent post, page or custom post type is deleted.
Delete Post with Attachments Developer Profile
3 plugins · 1K total installs
How We Detect Delete Post with Attachments
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/delete-post-with-attachments/js/alsvin-dpwa-admin.jsHTML / DOM Fingerprints
data-media-idid='123'[thrive_image