WP-Safety

Revisionize Security & Risk Analysis

wordpress.org/plugins/revisionize

Draft up revisions of live, published content. The live content doesn't change until you publish the revision manually or with the scheduling sys …

4K active installs v2.3.4 PHP + WP 4.6+ Updated Mar 28, 2021
cronrevisionschedulestagingvariation
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Revisionize Safe to Use in 2026?

Generally Safe

Score 85/100

Revisionize has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago
Risk Assessment

The plugin "revisionize" v2.3.4 exhibits a generally good security posture, with no recorded vulnerabilities (CVEs) and a commendable approach to database interactions. The static analysis shows a small attack surface with no immediately apparent entry points that are unprotected. All SQL queries are properly prepared, indicating a strong defense against SQL injection. However, there are significant concerns regarding output escaping, with only 24% of outputs being properly escaped. This suggests a high risk of Cross-Site Scripting (XSS) vulnerabilities, as user-supplied data or plugin-generated content could be rendered in the browser without proper sanitization, allowing attackers to inject malicious scripts. While the plugin demonstrates a lack of dangerous functions, limited file operations, and a single external HTTP request, the poor output escaping is a major weakness that needs immediate attention.

The vulnerability history is currently clear, which is a positive sign. However, this does not negate the risks identified in the static analysis. The absence of past vulnerabilities could be due to a lack of discovery or a very small user base. The strengths lie in the secure handling of database queries and the minimal attack surface. The primary weakness is the insufficient output escaping, which creates a significant XSS risk. This plugin requires further investigation and remediation of the output escaping issues to be considered truly secure.

Key Concerns

  • Low percentage of properly escaped output
Vulnerabilities
None known

Revisionize Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Revisionize Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
34
11 escaped
Nonce Checks
2
Capability Checks
8
File Operations
3
External Requests
1
Bundled Libraries
0

Output Escaping

24% escaped45 total outputs
Data Flows
All sanitized

Data Flow Analysis

2 flows
create (revisionize.php:98)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Revisionize Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 25
filterrevisionize_registered_addonsaddon.php:11
actioninitrevisionize.php:37
filterdisplay_post_statesrevisionize.php:42
filterpost_row_actionsrevisionize.php:43
filterpage_row_actionsrevisionize.php:44
actionpost_submitbox_startrevisionize.php:46
actionadmin_action_revisionize_createrevisionize.php:47
actionadmin_noticesrevisionize.php:48
actionbefore_delete_postrevisionize.php:50
actionwp_dashboard_setuprevisionize.php:55
actionacf/save_postrevisionize.php:61
actiontransition_post_statusrevisionize.php:64
actionadmin_bar_menurevisionize.php:67
filterwp_save_post_revision_post_has_changedrevisionize.php:237
actioninitsettings.php:24
actioninitsettings.php:27
actionadmin_menusettings.php:28
actionadmin_initsettings.php:29
actionnetwork_admin_menusettings.php:30
actionnetwork_admin_edit_revisionize_network_settingssettings.php:31
filterrevisionize_keep_original_on_publishsettings.php:34
filterrevisionize_preserve_post_datesettings.php:35
filterrevisionize_preserve_authorsettings.php:36
actionadmin_noticessettings.php:49
actionnetwork_admin_noticessettings.php:53
Maintenance & Trust

Revisionize Maintenance & Trust

Maintenance Signals

WordPress version tested5.2.24
Last updatedMar 28, 2021
PHP min version
Downloads103K

Community Trust

Rating92/100
Number of ratings24
Active installs4K
Alternatives

Revisionize Alternatives

Missed Scheduled Posts Publisher by WPBeginner

Missed Scheduled Posts Publisher by WPBeginner

missed-scheduled-posts-publisher

A
92

Are your scheduled posts missing their publication times? Missed Scheduled Posts Publisher effectively resolves the 'missed scheduled post' …

60K No CVEs
Action Scheduler

Action Scheduler

action-scheduler

A
100

Action Scheduler - Job Queue for WordPress

20K No CVEs
PublishPress Revisions: Duplicate Posts, Submit, Approve and Schedule Content Changes

PublishPress Revisions: Duplicate Posts, Submit, Approve and Schedule Content Changes

revisionary

A
95

Control how published content is updated. Users can duplicate posts and submit changes. Then editors can approve, reject or schedule those changes.

10K 3 CVEs
Missed Schedule Post Publisher

Missed Schedule Post Publisher

missed-schedule-post-publisher

A
100

🎯 Never miss scheduled posts again! Automatically publishes missed scheduled posts on time, every time. Zero bloat, single purpose, reliable.

6K No CVEs
WP-Cron Status Checker

WP-Cron Status Checker

wp-cron-status-checker

A
100

If WP-Cron runs important things for you, you better make sure WP-Cron always runs!

5K No CVEs
Developer Profile

Revisionize Developer Profile

jamiechong

3 plugins · 4K total installs

91
trust score
Avg Security Score
95/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Revisionize

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/revisionize/assets/css/revisionize.css/wp-content/plugins/revisionize/assets/js/revisionize.js/wp-content/plugins/revisionize/assets/js/revisionize.min.js
Script Paths
/wp-content/plugins/revisionize/assets/js/revisionize.js/wp-content/plugins/revisionize/assets/js/revisionize.min.js
Version Parameters
revisionize/style.css?ver=revisionize/script.js?ver=

HTML / DOM Fingerprints

CSS Classes
revisionize-post-status-labelrevisionize-action-linkrevisionize-button
HTML Comments
<!-- Revisionize: This is a revision. --><!-- Revisionize: Publish Revision -->
Data Attributes
data-revisionize-post-id
JS Globals
Revisionize
FAQ

Frequently Asked Questions about Revisionize