Does Expiring Posts have any unpatched vulnerabilities?

No. All known vulnerabilities in Expiring Posts have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Expiring Posts compatible with WordPress 5.9.13?

According to WordPress.org data, Expiring Posts 1.3 has been tested up to WordPress 5.9.13. Check the plugin's changelog for the latest compatibility information.

Is Expiring Posts compatible with PHP 5.3+?

Expiring Posts requires PHP 5.3 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Expiring Posts updated?

Expiring Posts was last updated on Jan 23, 2022. Frequent updates are generally a positive security signal.

What is Expiring Posts's security score?

Expiring Posts has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Expiring Posts Security & Risk Analysis

wordpress.org/plugins/expiring-posts

This plugin adds functionality to expire a post on a given date.

1K active installs v1.3 PHP 5.3+ WP 3.0.1+ Updated Jan 23, 2022

expireexpire-postsexpiringexpiring-postspost-expiry

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Expiring Posts Safe to Use in 2026?

Generally Safe

Score 85/100

Expiring Posts has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago

Risk Assessment

The "expiring-posts" plugin v1.3 exhibits a strong security posture based on the provided static analysis and vulnerability history. The complete absence of known CVEs and the plugin's adherence to secure coding practices like prepared statements for SQL queries, nonce checks, and capability checks are highly commendable. The limited attack surface with no unprotected entry points further enhances its security.

However, a minor concern arises from the output escaping, where 25% of the outputs are not properly escaped. While this doesn't indicate a critical vulnerability in this specific analysis, it represents a potential area for XSS (Cross-Site Scripting) vulnerabilities if user-supplied data is involved in those unescaped outputs. This is a common oversight that can be exploited in certain contexts, even with an otherwise secure plugin.

Overall, the plugin demonstrates a robust commitment to security, with no critical or high-risk findings in the code analysis. The vulnerability history is clean, suggesting consistent secure development. The only area for improvement is ensuring 100% output escaping to mitigate any potential future risks, even if none are currently evident.

Key Concerns

Unescaped outputs detected

Vulnerabilities

None known

Expiring Posts Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Expiring Posts Code Analysis

Dangerous Functions

Raw SQL Queries

1 prepared

Unescaped Output

9 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared1 total queries

Output Escaping

75% escaped12 total outputs

Data Flows

All sanitized

Data Flow Analysis

1 flows

<expiring-posts> (expiring-posts.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Expiring Posts Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 8

actionpost_submitbox_misc_actionsexpiring-posts.php:56

actionadmin_enqueue_scriptsexpiring-posts.php:59

actioninitexpiring-posts.php:62

actionexpired_postexpiring-posts.php:65

actionafter_delete_postexpiring-posts.php:68

actionexp_expire_post_eventexpiring-posts.php:71

actionsave_postexpiring-posts.php:74

actiondisplay_post_statesexpiring-posts.php:77

Scheduled Events 1

exp_expire_post_event

Maintenance & Trust

Expiring Posts Maintenance & Trust

Maintenance Signals

WordPress version tested5.9.13

Last updatedJan 23, 2022

PHP min version5.3

Downloads5K

Community Trust

Rating70/100

Number of ratings2

Active installs1K

Alternatives

Expiring Posts Alternatives

WP Post Expires

wp-post-expires

Plugin adds post expires time after which will be performed actions: add prefix to title, move to drafts or trash.

2K No CVEs

Content Scheduler

content-scheduler

Schedule content to automatically expire and change at a certain time, and notify people of expiration.

200 No CVEs

VA Simple Expires

va-simple-expires

This is the fork of Simple Expires created by Mr. abmcr. Simple plugin which can set up the term of validity.

900 No CVEs

Simple Expires

simple-expires

Enable Posts and Pages to automatically expire and change at a certain time, and provide notification of expiration.

500 No CVEs

Post Expiring

post-expiring

Expire post by set the date of expiring

200 No CVEs

Developer Profile

Expiring Posts Developer Profile

Ivan

2 plugins · 21K total installs

trust score

Avg Security Score

85/100

Avg Patch Time

2826 days

View full developer profile

Detection Fingerprints

How We Detect Expiring Posts

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/expiring-posts/inc/js/expiring-posts.js/wp-content/plugins/expiring-posts/inc/css/expiring-posts.css

Version Parameters

expiring-posts/inc/js/expiring-posts.js?ver=expiring-posts/inc/css/expiring-posts.css?ver=

HTML / DOM Fingerprints

CSS Classes

expiry

Data Attributes

name="exp-aa"name="exp-mm"name="exp-jj"name="exp-hh"name="exp-mn"name="exp-ss"+3 more

JS Globals

AdminExpiringPosts

FAQ