Does Cron Jobs have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Cron Jobs compatible with WordPress 6.9.4?

According to WordPress.org data, Cron Jobs 1.2.12 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Cron Jobs compatible with PHP 5.4+?

Cron Jobs requires PHP 5.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Cron Jobs updated?

Cron Jobs was last updated on Dec 19, 2025. Frequent updates are generally a positive security signal.

What is Cron Jobs's security score?

Cron Jobs has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Cron Jobs Security & Risk Analysis

wordpress.org/plugins/leira-cron-jobs

Easily manage and monitor your WordPress cron jobs from a clean, intuitive interface.

2K active installs v1.2.12 PHP 5.4+ WP 4.1+ Updated Dec 19, 2025

admin-toolsautomationcronschedulerwp-cron

A · Safe

CVEs total1

Unpatched0

Last CVESep 12, 2024

Plugin page Download

Safety Verdict

Is Cron Jobs Safe to Use in 2026?

Generally Safe

Score 99/100

Cron Jobs has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

1 known CVELast CVE: Sep 12, 2024Updated 5mo ago

Risk Assessment

The 'leira-cron-jobs' plugin version 1.2.12 exhibits a mixed security posture. On the positive side, it demonstrates good practices in its SQL query handling, with 100% prepared statements, and a high rate of output escaping (91%). It also includes a reasonable number of nonce and capability checks (4 and 5 respectively). However, a significant concern arises from its attack surface, specifically two AJAX handlers that lack authentication checks. This is further exacerbated by a taint analysis flow with an unsanitized path, indicating a potential for vulnerabilities if not handled carefully.

The vulnerability history shows one known CVE, which has been patched, and a medium severity vulnerability in the past related to Cross-site Scripting. While the current version may not have unpatched critical or high-severity issues, the past pattern of XSS and the presence of an unsanitized path in the taint analysis suggest a potential for similar issues to emerge if code is not meticulously reviewed. The lack of proper authentication on AJAX endpoints is a direct invitation for exploitation.

In conclusion, while the plugin employs some good security practices, the unprotected AJAX endpoints and the identified unsanitized path present immediate risks. The historical vulnerability for XSS, though patched, warrants vigilance. Addressing the unprotected AJAX handlers should be the top priority to mitigate the current risks.

Key Concerns

2 AJAX handlers without auth checks
Taint flow with unsanitized path
1 known CVE (even if patched)
Medium severity vulnerability in history

Vulnerabilities

1 published

Cron Jobs Security Vulnerabilities

CVEs by Year

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2024-8731medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Cron Jobs <= 1.2.9 - Reflected Cross-Site Scripting

Sep 12, 2024 Patched in 1.2.10 (12d)

Version History

Cron Jobs Release Timeline

v1.2.12Current

v1.2.11

v1.2.10

v1.2.91 CVE

v1.2.81 CVE

v1.2.71 CVE

v1.2.61 CVE

v1.2.51 CVE

v1.2.21 CVE

v1.2.11 CVE

v1.2.01 CVE

v1.1.21 CVE

v1.1.11 CVE

v1.1.01 CVE

v1.0.11 CVE

v1.0.01 CVE

Code Analysis

Analyzed Mar 16, 2026

Cron Jobs Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

48 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

91% escaped53 total outputs

Data Flows · Security

1 unsanitized

Data Flow Analysis

2 flows1 with unsanitized paths

search_box (admin\class-leira-cron-jobs-list-table.php:413)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

Cron Jobs Attack Surface

Entry Points2

Unprotected2

AJAX Handlers 2

authwp_ajax_inline-save-cron-jobincludes\class-leira-cron-jobs.php:170

authwp_ajax_leira-cron-jobs-footer-ratedincludes\class-leira-cron-jobs.php:178

WordPress Hooks 6

actionplugins_loadedincludes\class-leira-cron-jobs.php:149

actionadmin_enqueue_scriptsincludes\class-leira-cron-jobs.php:167

actionadmin_enqueue_scriptsincludes\class-leira-cron-jobs.php:168

actionadmin_menuincludes\class-leira-cron-jobs.php:169

filterset-screen-optionincludes\class-leira-cron-jobs.php:172

filteradmin_footer_textincludes\class-leira-cron-jobs.php:177

Maintenance & Trust

Cron Jobs Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 19, 2025

PHP min version5.4

Downloads31K

Community Trust

Rating94/100

Number of ratings3

Active installs2K

Alternatives

Cron Jobs Alternatives

Cronjob Scheduler

cronjob-scheduler

Cronjob Scheduler allows you to automate regular tasks and actions within your WordPress installation!

1K No CVEs

Easycron

easycron

Utilize EasyCron's API to configure a cron job that will trigger WordPress's cron script (wp-cron.php) periodically.

200 No CVEs

Advanced Cron Scheduler for WordPress

migrate-wp-cron-to-action-scheduler

The Advanced Cron Scheduler for WordPress plugin helps to easily replace or migrate Native WordPress Cron to the Action Scheduler Library.

200 No CVEs

Controlled Draft Publisher

controlled-draft-publisher

100

Publishes one draft post every configurable interval, with logging and an admin dashboard.

30 No CVEs

Simple Auto Post Scheduler

simple-auto-post-scheduler

100

Schedule posts to be published at specific times and intervals with an easy-to-use interface.

20 No CVEs

Developer Profile

Cron Jobs Developer Profile

Ariel

5 plugins · 9K total installs

trust score

Avg Security Score

97/100

Avg Patch Time

12 days

View full developer profile

Detection Fingerprints

How We Detect Cron Jobs

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/leira-cron-jobs/build/admin.css/wp-content/plugins/leira-cron-jobs/build/admin.js

Script Paths

/wp-content/plugins/leira-cron-jobs/build/admin.js

Version Parameters

leira-cron-jobs/build/admin.css?ver=leira-cron-jobs/build/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

wp-heading-inline

HTML Comments

Data Attributes

data-screen

FAQ

Cron Jobs Security & Risk Analysis

Is Cron Jobs Safe to Use in 2026?

Generally Safe

Key Concerns

Cron Jobs Security Vulnerabilities

CVEs by Year

Severity Breakdown

Cron Jobs Release Timeline

Cron Jobs Code Analysis

Output Escaping

Data Flow Analysis

Cron Jobs Attack Surface

AJAX Handlers 2

Cron Jobs Maintenance & Trust

Maintenance Signals

Community Trust

Cron Jobs Alternatives

Cronjob Scheduler

Easycron

Advanced Cron Scheduler for WordPress

Controlled Draft Publisher

Simple Auto Post Scheduler

Cron Jobs Developer Profile

How We Detect Cron Jobs

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Cron Jobs