Does DX Delete Attached Media have any unpatched vulnerabilities?

No. All known vulnerabilities in DX Delete Attached Media have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is DX Delete Attached Media compatible with WordPress 6.3.8?

According to WordPress.org data, DX Delete Attached Media 2.0.6 has been tested up to WordPress 6.3.8. Check the plugin's changelog for the latest compatibility information.

Is DX Delete Attached Media compatible with PHP 7.4+?

DX Delete Attached Media requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is DX Delete Attached Media updated?

DX Delete Attached Media was last updated on Dec 19, 2023. Frequent updates are generally a positive security signal.

What is DX Delete Attached Media's security score?

DX Delete Attached Media has a WP-Safety security score of 84/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

DX Delete Attached Media Security & Risk Analysis

wordpress.org/plugins/dx-delete-attached-media

Automatically deletes attached media from posts and custom post types added via the Media button.

4K active installs v2.0.6 PHP 7.4+ WP 4.5+ Updated Dec 19, 2023

attachmentmediapost

B · Generally Safe

CVEs total2

Unpatched0

Last CVEOct 16, 2023

Plugin page Download

Safety Verdict

Is DX Delete Attached Media Safe to Use in 2026?

Mostly Safe

Score 84/100

DX Delete Attached Media is generally safe to use though it hasn't been updated recently. 2 past CVEs were resolved. Keep it updated.

2 known CVEsLast CVE: Oct 16, 2023Updated 2yr ago

Risk Assessment

The plugin "dx-delete-attached-media" v2.0.6 exhibits a generally strong security posture in its current static analysis. It boasts a small attack surface with only one AJAX handler, crucially protected by authentication. The complete absence of dangerous functions, raw SQL queries, file operations, and external HTTP requests are excellent indicators of secure coding practices. Furthermore, the presence of nonce and capability checks reinforces its commitment to authorization.

Key Concerns

Outputs are not consistently escaped
Known medium severity vulnerabilities in history

Vulnerabilities

DX Delete Attached Media Security Vulnerabilities

CVEs by Year

2 CVEs in 2023

2023

Patched Has unpatched

Severity Breakdown

Medium

2 total CVEs

CVE-2023-46073medium · 4.3Missing Authorization

DX Delete Attached Media <= 2.0.5.1 - Cross-Site Request Forgery via add_to_base

Oct 16, 2023 Patched in 2.0.6 (99d)

WF-7b78004e-caa5-4478-ba16-5f1a10e31541-dx-delete-attached-mediamedium · 4.3Missing Authorization

DX Delete Attached Media <= 2.0.2 - Missing Authorization to Settings Update

May 4, 2023 Patched in 2.0.3 (264d)

Code Analysis

Analyzed Mar 16, 2026

DX Delete Attached Media Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

5 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

25% escaped20 total outputs

Attack Surface

DX Delete Attached Media Attack Surface

Entry Points1

Unprotected0

AJAX Handlers 1

authwp_ajax_add_to_basedx-delete-attached-media.php:353

WordPress Hooks 8

actionbefore_delete_postdx-delete-attached-media.php:43

actionadmin_noticesdx-delete-attached-media.php:44

actionplugins_loadeddx-delete-attached-media.php:53

actionadmin_noticesdx-delete-attached-media.php:157

actionadmin_menudx-delete-attached-media.php:184

actionadmin_enqueue_scriptsdx-delete-attached-media.php:326

actioninitdx-delete-attached-media.php:346

actionafter_setup_themedx-delete-attached-media.php:347

Maintenance & Trust

DX Delete Attached Media Maintenance & Trust

Maintenance Signals

WordPress version tested6.3.8

Last updatedDec 19, 2023

PHP min version7.4

Downloads55K

Community Trust

Rating98/100

Number of ratings28

Active installs4K

Alternatives

DX Delete Attached Media Alternatives

Autoremove Attachments

autoremove-attachments

Remove child attachments when parent post, page or custom post type is deleted.

3K No CVEs

LH Add Media From Url

lh-add-media-from-url

Upload files from an url to wordpress media library, either enter file urls in an onsite input box or click a bookmarklet.

2K 2 CVEs

Fix Media Library

wow-media-library-fix

Fix Media Library inconsistency between database and wp-content/uploads folder contents. Unused image files, broken media library entries, missing att …

2K 1 unpatched

Delete Post with Attachments

delete-post-with-attachments

100

A simple plugin to delete attached media files e.g. images/videos/documents, when the post is deleted. Supports Elementor, Divi Builder, Thrive Archit …

1K No CVEs

Find Posts Using Attachment

find-posts-using-attachment

Allows to find all posts where a particular attachment is used.

1K No CVEs

Developer Profile

DX Delete Attached Media Developer Profile

Mario Peshev

13 plugins · 5K total installs

trust score

Avg Security Score

86/100

Avg Patch Time

164 days

View full developer profile

Detection Fingerprints

How We Detect DX Delete Attached Media

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

CSS Classes

dx-template-wrappercontent-wrapper

Data Attributes

name="enable-feature"name="date_sort_new"name="date_sort_old"name="with_parent"name="without_parent"

FAQ