Does Publishing Conditions have any unpatched vulnerabilities?

No. All known vulnerabilities in Publishing Conditions have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Publishing Conditions compatible with WordPress 4.8.28?

According to WordPress.org data, Publishing Conditions 1.0.2 has been tested up to WordPress 4.8.28. Check the plugin's changelog for the latest compatibility information.

Is Publishing Conditions compatible with PHP 5.3+?

Publishing Conditions requires PHP 5.3 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Publishing Conditions updated?

Publishing Conditions was last updated on Sep 23, 2017. Frequent updates are generally a positive security signal.

What is Publishing Conditions's security score?

Publishing Conditions has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Publishing Conditions Security & Risk Analysis

wordpress.org/plugins/publishing-conditions

Prevent yourself from publishing unfinished posts.

10 active installs v1.0.2 PHP 5.3+ WP 3.0+ Updated Sep 23, 2017

bloggingchecklistconditionspublishingwriting

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Publishing Conditions Safe to Use in 2026?

Generally Safe

Score 85/100

Publishing Conditions has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8yr ago

Risk Assessment

The "publishing-conditions" plugin version 1.0.2 exhibits a generally positive security posture based on the provided static analysis. The absence of AJAX handlers, REST API routes, shortcodes, and cron events suggests a limited attack surface, which is a good security practice. Furthermore, the complete utilization of prepared statements for all SQL queries is a significant strength, mitigating the risk of SQL injection vulnerabilities. The lack of dangerous function calls, file operations, and external HTTP requests also contributes to a more secure codebase.

However, a critical concern arises from the "Output escaping" analysis, which indicates that 100% of the identified outputs are not properly escaped. This means that any dynamic data displayed by the plugin could be vulnerable to Cross-Site Scripting (XSS) attacks if not handled carefully by other mechanisms or if the data itself is not sanitized before being passed to the plugin. The plugin also lacks nonce and capability checks, which could be a weakness if any hidden entry points are discovered or if the plugin is extended in the future, potentially allowing unauthorized actions.

The vulnerability history is clean, with no recorded CVEs. This absence of past vulnerabilities is reassuring and may indicate good development practices or simply that the plugin has not been a target of significant scrutiny. In conclusion, while the plugin's limited attack surface and secure SQL handling are commendable, the unescaped output presents a tangible risk of XSS vulnerabilities. Addressing the output escaping is paramount to improving its overall security.

Key Concerns

0% of outputs properly escaped
No nonce checks
No capability checks

Vulnerabilities

None known

Publishing Conditions Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Publishing Conditions Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped4 total outputs

Attack Surface

Publishing Conditions Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 6

actionsave_postsrc\class-main.php:49

actionplugins_loadedsrc\class-main.php:50

actionpost_updated_messagessrc\class-main.php:51

filterredirect_post_locationsrc\class-main.php:89

actionsave_postsrc\class-main.php:91

actionadmin_initsrc\class-settings.php:19

Maintenance & Trust

Publishing Conditions Maintenance & Trust

Maintenance Signals

WordPress version tested4.8.28

Last updatedSep 23, 2017

PHP min version5.3

Downloads3K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Publishing Conditions Alternatives

Novelist

novelist

Easily organize and display your portfolio of books.

1K 3 CVEs

Arvow AI SEO Writer

journalist-ai

100

The AI SEO writer that generates human-like content and auto-publishes it to your WordPress blog.

900 No CVEs

Ghost

ghost

Export all your WordPress data to Ghost in a couple of clicks!

600 2 CVEs

ContentPen

contentpen

100

AI-Powered SEO Content Writing Assistant

200 No CVEs

Progress Planner

progress-planner

Powering your website’s progress! Track, motivate, and enhance your website management with daily activity tracking and weekly progress reports.

200 3 CVEs

Developer Profile

Publishing Conditions Developer Profile

maurobringolf

2 plugins · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Publishing Conditions

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/publishing-conditions/css/style.css/wp-content/plugins/publishing-conditions/js/script.js

Script Paths

/wp-content/plugins/publishing-conditions/js/script.js

Version Parameters

publishing-conditions/css/style.css?ver=publishing-conditions/js/script.js?ver=

HTML / DOM Fingerprints

FAQ