Does RationalCleanup have any unpatched vulnerabilities?

No. All known vulnerabilities in RationalCleanup have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is RationalCleanup compatible with WordPress 6.9.4?

According to WordPress.org data, RationalCleanup 1.1.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is RationalCleanup compatible with PHP 7.4+?

RationalCleanup requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is RationalCleanup updated?

RationalCleanup was last updated on Feb 6, 2026. Frequent updates are generally a positive security signal.

What is RationalCleanup's security score?

RationalCleanup has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

RationalCleanup Security & Risk Analysis

wordpress.org/plugins/rationalcleanup

Clean up legacy WordPress bloat, improve security, and optimize performance with toggleable, opinionated defaults.

100 active installs v1.1.0 PHP 7.4+ WP 5.0+ Updated Feb 6, 2026

cleanupdisable-xmlrpcoptimizationperformancesecurity

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is RationalCleanup Safe to Use in 2026?

Generally Safe

Score 100/100

RationalCleanup has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The "rationalcleanup" plugin v1.1.0 demonstrates a strong security posture based on the provided static analysis. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events significantly limits the potential attack surface, and all identified entry points are reported as protected. The code signals also indicate good practices, with no dangerous functions or file operations detected. All SQL queries utilize prepared statements, which is a critical security measure. However, there are areas for improvement. The 62% proper output escaping suggests that a notable portion of output is not being sanitized, potentially opening the door to cross-site scripting (XSS) vulnerabilities. Additionally, the single external HTTP request warrants closer inspection to ensure it's not susceptible to man-in-the-middle attacks or other network-level threats, although without taint analysis, its exact impact is unclear. The vulnerability history shows no previously known CVEs, which is a positive indicator, suggesting the plugin has historically been secure or issues have been promptly addressed. Overall, the plugin is built with good security fundamentals, but the unescaped output and the single external HTTP request represent the primary areas of concern.

Key Concerns

Output escaping is not consistently applied
Single external HTTP request detected

Vulnerabilities

None known

RationalCleanup Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

RationalCleanup Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

18 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

62% escaped29 total outputs

Attack Surface

RationalCleanup Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 30

actionadmin_menuincludes\rationalwp-admin-menu.php:74

actionadmin_menurationalcleanup.php:44

actionadmin_initrationalcleanup.php:45

actionadmin_enqueue_scriptsrationalcleanup.php:46

filterwp_resource_hintsrationalcleanup.php:127

filtertiny_mce_pluginsrationalcleanup.php:128

filteremoji_svg_urlrationalcleanup.php:129

actionwp_default_scriptsrationalcleanup.php:133

actionwp_enqueue_scriptsrationalcleanup.php:137

filterxmlrpc_enabledrationalcleanup.php:148

filterwp_headersrationalcleanup.php:149

filterxmlrpc_methodsrationalcleanup.php:150

filterredirect_canonicalrationalcleanup.php:154

filterrest_endpointsrationalcleanup.php:155

filterlogin_errorsrationalcleanup.php:159

actionpre_pingrationalcleanup.php:164

filterheartbeat_settingsrationalcleanup.php:168

filterwp_autosave_intervalrationalcleanup.php:172

filtercomments_openrationalcleanup.php:177

filterpings_openrationalcleanup.php:178

filtercomments_arrayrationalcleanup.php:179

actionadmin_initrationalcleanup.php:180

actionadmin_menurationalcleanup.php:181

actionwp_before_admin_bar_renderrationalcleanup.php:182

filteruse_block_editor_for_post_typerationalcleanup.php:186

filteruse_block_editor_for_postrationalcleanup.php:187

filterrest_authentication_errorsrationalcleanup.php:191

actionwp_dashboard_setuprationalcleanup.php:202

actionwp_dashboard_setuprationalcleanup.php:206

actionplugins_loadedrationalcleanup.php:765

Maintenance & Trust

RationalCleanup Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 6, 2026

PHP min version7.4

Downloads147

Community Trust

Rating0/100

Number of ratings0

Active installs100

Alternatives

RationalCleanup Alternatives

Wonderful Secure Cleanup

wonderful-secure-cleanup

100

A simple way to clean and secure WordPress by disabling unnecessary features like comments, XML-RPC, and RSS feeds.

60 No CVEs

Mi13 Clean Up

mi13-clean-up

100

Описание

0 No CVEs

Delete Duplicate Posts

delete-duplicate-posts

Get rid of duplicate posts and pages (any post type) on your blog with manual or automatic modes.

20K 2 CVEs

Freesoul Deactivate Plugins – Disable plugins on individual WordPress pages

freesoul-deactivate-plugins

Load plugins only where you need them. No bloat, no conflicts, more speed. Deactivate plugins where they don't add anything useful.

9K 2 CVEs

JetHost Total Care – Security & Enhancements

jethost-total-care

100

JetHost Total Care simplifies WordPress management by consolidating features like security, site enhancements and performance into a single plugin.

500 No CVEs

Developer Profile

RationalCleanup Developer Profile

rationalwp

1 plugin · 100 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect RationalCleanup

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/rationalcleanup/assets/css/rationalcleanup-admin.css/wp-content/plugins/rationalcleanup/assets/js/rationalcleanup-admin.js

Script Paths

/wp-content/plugins/rationalcleanup/assets/js/rationalcleanup-admin.js

Version Parameters

rationalcleanup/assets/css/rationalcleanup-admin.css?ver=rationalcleanup/assets/js/rationalcleanup-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

rationalcleanup-options-wrapperrationalcleanup-admin-pagerationalcleanup-section-titlerationalcleanup-setting-rowrationalcleanup-toggle-switch

Data Attributes

data-rationalcleanup-option

JS Globals

rationalcleanup_admin_params

REST Endpoints

/wp-json/rationalcleanup/v1/settings

FAQ