Does Expire Passwords have any unpatched vulnerabilities?

No. All known vulnerabilities in Expire Passwords have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Expire Passwords compatible with WordPress 4.7.32?

According to WordPress.org data, Expire Passwords 0.6.0 has been tested up to WordPress 4.7.32. Check the plugin's changelog for the latest compatibility information.

How often is Expire Passwords updated?

Expire Passwords was last updated on Jan 5, 2017. Frequent updates are generally a positive security signal.

What is Expire Passwords's security score?

Expire Passwords has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Expire Passwords Security & Risk Analysis

wordpress.org/plugins/expire-passwords

Require certain users to change their passwords on a regular basis.

500 active installs v0.6.0 PHP + WP 4.0+ Updated Jan 5, 2017

adminloginmembershippasswordsprofile

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Expire Passwords Safe to Use in 2026?

Generally Safe

Score 85/100

Expire Passwords has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9yr ago

Risk Assessment

The 'expire-passwords' plugin version 0.6.0 exhibits a strong security posture based on the provided static analysis. The absence of any identified entry points, dangerous functions, raw SQL queries, file operations, external HTTP requests, or vulnerability history suggests a well-developed and secure plugin. The code also adheres to good practices with 100% proper output escaping and the use of prepared statements for any potential SQL interactions, even though none were found in this analysis. The plugin appears to be a solid, secure option with no evident security weaknesses from the static analysis and vulnerability history provided.

Vulnerabilities

None known

Expire Passwords Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Expire Passwords Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

14 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped14 total outputs

Attack Surface

Expire Passwords Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 13

actionplugins_loadedexpire-passwords.php:53

actioninitexpire-passwords.php:65

actionuser_registerexpire-passwords.php:112

actionpassword_resetexpire-passwords.php:113

actionadmin_headincludes\class-list-table.php:16

filtermanage_users_columnsincludes\class-list-table.php:17

actionmanage_users_custom_columnincludes\class-list-table.php:18

actionwp_loginincludes\class-login-screen.php:16

actionvalidate_password_resetincludes\class-login-screen.php:17

filterlogin_messageincludes\class-login-screen.php:18

actionadmin_menuincludes\class-settings.php:16

actionadmin_initincludes\class-settings.php:17

filteradmin_footer_textincludes\class-settings.php:18

Maintenance & Trust

Expire Passwords Maintenance & Trust

Maintenance Signals

WordPress version tested4.7.32

Last updatedJan 5, 2017

PHP min version

Downloads26K

Community Trust

Rating98/100

Number of ratings9

Active installs500

Alternatives

Expire Passwords Alternatives

Expire User Passwords

expire-user-passwords

100

Require certain users to change their passwords on a regular basis.

3K No CVEs

Pie Register – User Registration, Profiles & Content Restriction

pie-register

Create customized registration forms, Invite through email, Email Notification, User Roles assignment, and more. Pie Register is a User Registration p …

2K 1 unpatched