Does Remind me to change my password have any unpatched vulnerabilities?

No. All known vulnerabilities in Remind me to change my password have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Remind me to change my password compatible with WordPress 5.9.13?

According to WordPress.org data, Remind me to change my password 1.0 has been tested up to WordPress 5.9.13. Check the plugin's changelog for the latest compatibility information.

How often is Remind me to change my password updated?

Remind me to change my password was last updated on Jan 26, 2022. Frequent updates are generally a positive security signal.

What is Remind me to change my password's security score?

Remind me to change my password has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Remind me to change my password Security & Risk Analysis

wordpress.org/plugins/remind-me-to-change-my-password

Enhance the security of your website by managing the passwords expiry date and the suspension of inactive accounts.

10 active installs v1.0 PHP + WP 5.0+ Updated Jan 26, 2022

manage-passwordspasswordreset-password

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Remind me to change my password Safe to Use in 2026?

Generally Safe

Score 85/100

Remind me to change my password has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago

Risk Assessment

The "remind-me-to-change-my-password" plugin v1.0 presents a mixed security posture. On the positive side, the plugin boasts a seemingly small attack surface with no identified AJAX handlers, REST API routes, shortcodes, or cron events that are exposed without authentication. Furthermore, it demonstrates good practices in terms of output escaping, with a high percentage properly handled, and the absence of file operations or external HTTP requests. The presence of nonce checks, although limited in number, is also a positive sign.

However, significant concerns arise from the taint analysis. While no critical severity flows were detected, a substantial number of flows (5 out of 7 analyzed) have unsanitized paths, with 4 of them being of high severity. This indicates a potential for attackers to inject malicious data that is not properly validated or sanitized, which could lead to various vulnerabilities depending on how these unsanitized paths are utilized within the plugin's logic. The fact that 60% of SQL queries use prepared statements is a positive, but the remaining 40% are a potential risk if they handle user-supplied data without proper sanitization. The absence of any capability checks is a notable weakness, as it implies that actions within the plugin might be accessible to users who should not have those privileges.

The plugin's vulnerability history is currently clean, with zero known CVEs. This, combined with the absence of dangerous functions and bundled libraries, suggests that the plugin has not been a target of major exploits in the past or has had its past issues promptly addressed. However, the current taint analysis findings, particularly the high-severity unsanitized paths, present a potential for future vulnerabilities if not rectified. In conclusion, while the plugin has a minimal attack surface and some good security practices in place, the identified high-severity taint flows and the lack of capability checks represent significant areas of concern that require immediate attention to improve its overall security.

Key Concerns

High severity taint flows
Unsanitized paths found
No capability checks
SQL queries without prepared statements

Vulnerabilities

None known

Remind me to change my password Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Remind me to change my password Code Analysis

Dangerous Functions

Raw SQL Queries

3 prepared

Unescaped Output

45 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

60% prepared5 total queries

Output Escaping

85% escaped53 total outputs

Data Flows

5 unsanitized

Data Flow Analysis

7 flows5 with unsanitized paths

resetpass_form (core\user\Password.php:63)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Remind me to change my password Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 28

actionadmin_menucore\admin\Menu.php:7

actionadmin_enqueue_scriptscore\admin\Menu.php:9

actionadmin_bar_menucore\admin\Menu.php:11

actionadmin_initcore\admin\MenuSettings.php:8

actionadmin_enqueue_scriptscore\admin\MenuSettings.php:10

actionadmin_noticescore\admin\MenuSettings.php:12

actioninitcore\Core.php:10

actionplugins_loadedcore\Core.php:11

actionpre_user_querycore\Core.php:16

filtereditable_rolescore\Core.php:18

actioninitcore\user\Actions.php:8

actionadmin_initcore\user\Actions.php:10

actionuser_registercore\user\Actions.php:12

actionprofile_updatecore\user\Actions.php:17

actionadmin_noticescore\user\Actions.php:20

filterretrieve_password_messagecore\user\Actions.php:106

filterwp_mail_content_typecore\user\Actions.php:129

actionwp_logincore\user\Login.php:13

filterlogin_messagecore\user\Login.php:17

actionlogin_form_rmtcmpcore\user\Login.php:20

actionvalidate_password_resetcore\user\Password.php:11

filterlostpassword_errorscore\user\Password.php:16

actionresetpass_formcore\user\Password.php:18

actionpassword_resetcore\user\Password.php:20

filterviews_userscore\user\Views.php:13

filtermanage_users_custom_columncore\user\Views.php:18

filtermanage_users_columnscore\user\Views.php:20

actionload-user-edit.phpcore\user\Views.php:22

Maintenance & Trust

Remind me to change my password Maintenance & Trust

Maintenance Signals

WordPress version tested5.9.13

Last updatedJan 26, 2022

PHP min version

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Remind me to change my password Alternatives

Frontend Reset Password

frontend-reset-password

100

Let your users reset their forgotten passwords from the frontend of your website.

10K No CVEs

Password Policy Manager | Password Manager

password-policy-manager

Enforce strong passwords with expiry, reset, score checks, inactive user lock, and user password management using Password Policy Manager.

6K 2 CVEs

MASS Users Password Reset

mass-users-password-reset

100

Reset passwords for multiple WordPress users at once. Filter users by role and send new passwords via email.

600 No CVEs

Custom Forgot Password Mail

custom-forgot-mail

100

Enables you to send custom forgot password emails to users.

300 No CVEs

Password Reset Enforcement

password-reset-enforcement

100

Easily enforce password reset for WordPress users. Choose to force password changes site-wide, by user and/or by role, to boost your site's security.

100 No CVEs

Developer Profile

Remind me to change my password Developer Profile

Kantari Samy

4 plugins · 460 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Remind me to change my password

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/remind-me-to-change-my-password/assets/css/styles.css/wp-content/plugins/remind-me-to-change-my-password/assets/js/main.js

Script Paths

/wp-content/plugins/remind-me-to-change-my-password/assets/js/main.js

Version Parameters

remind-me-to-change-my-password/assets/css/styles.css?ver=remind-me-to-change-my-password/assets/js/main.js?ver=

HTML / DOM Fingerprints

CSS Classes

update-pluginscount-plugin-countscreen-reader-text

Data Attributes

name="rmtcmp_form[max_days]"name="rmtcmp_form[lock_days]"name="rmtcmp_form[colors_exceeted]"

JS Globals

rmtcmp

FAQ