Does TAO Schedule Update have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is TAO Schedule Update compatible with WordPress 4.9.29?

According to WordPress.org data, TAO Schedule Update 1.15 has been tested up to WordPress 4.9.29. Check the plugin's changelog for the latest compatibility information.

How often is TAO Schedule Update updated?

TAO Schedule Update was last updated on Aug 17, 2018. Frequent updates are generally a positive security signal.

What is TAO Schedule Update's security score?

TAO Schedule Update has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

TAO Schedule Update Security & Risk Analysis

wordpress.org/plugins/tao-schedule-update

Take a copy of an arbitrary post/page/cpt, change it and make it replace the original post at a given date and time in the future.

2K active installs v1.15 PHP + WP 3.7.0+ Updated Aug 17, 2018

cronpublishingscheduletimingunattended

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is TAO Schedule Update Safe to Use in 2026?

Generally Safe

Score 85/100

TAO Schedule Update has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7yr ago

Risk Assessment

The "tao-schedule-update" plugin v1.15 exhibits a generally positive security posture, with strengths in its minimal use of dangerous functions, reliance on prepared statements for SQL queries, and a high percentage of properly escaped output. The absence of file operations and external HTTP requests further reduces its attack surface. However, a significant concern arises from the presence of one unprotected AJAX handler, representing a direct entry point that lacks authentication or authorization checks. While taint analysis reveals no critical or high-severity issues, and the plugin has no recorded vulnerability history, this unprotected AJAX endpoint remains a potential vector for exploitation if it handles any user-supplied data without proper sanitization or validation.

The plugin demonstrates good practices by including nonce checks and capability checks, indicating an awareness of common WordPress security mechanisms. The small attack surface overall is a positive sign. The lack of past vulnerabilities is encouraging but does not negate the risks presented by current code deficiencies. The primary recommendation for this plugin is to address the unprotected AJAX handler to ensure all entry points are secured.

Key Concerns

Unprotected AJAX handler

Vulnerabilities

None known

TAO Schedule Update Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

TAO Schedule Update Release Timeline

v1.15Current

v1.14.01

v1.14

v1.13

v1.12

v1.11

v1.10

v1.09

v1.08

v1.07

v1.06

v1.05

v1.04.01

v1.04

v1.03

v1.02

Code Analysis

Analyzed Mar 16, 2026

TAO Schedule Update Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

80 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

93% escaped86 total outputs

Data Flows · Security

All sanitized

Data Flow Analysis

3 flows

admin_action_workflow_copy_to_publish (tao-schedule-update.php:267)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

TAO Schedule Update Attack Surface

Entry Points1

Unprotected1

AJAX Handlers 1

authwp_ajax_load_pubdatetao-schedule-update.php:764

WordPress Hooks 15

actionadmin_initoptions.php:225

actionadmin_menuoptions.php:226

actionadd_meta_boxestao-schedule-update.php:67

actionsave_posttao-schedule-update.php:505

actionsave_posttao-schedule-update.php:761

actiontao_publish_posttao-schedule-update.php:762

actioninittao-schedule-update.php:765

actionadmin_action_workflow_copy_to_publishtao-schedule-update.php:766

actionadmin_action_workflow_publish_nowtao-schedule-update.php:767

actiontransition_post_statustao-schedule-update.php:768

filterdisplay_post_statestao-schedule-update.php:770

filterpage_row_actionstao-schedule-update.php:771

filterpost_row_actionstao-schedule-update.php:772

filtermanage_pages_columnstao-schedule-update.php:773

filterpage_attributes_dropdown_pages_argstao-schedule-update.php:774

Scheduled Events 2

tao_publish_post

Maintenance & Trust

TAO Schedule Update Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29

Last updatedAug 17, 2018

PHP min version

Downloads59K

Community Trust

Rating92/100

Number of ratings31

Active installs2K

Alternatives

TAO Schedule Update Alternatives

Controlled Draft Publisher

controlled-draft-publisher

100

Publishes one draft post every configurable interval, with logging and an admin dashboard.

30 No CVEs

Missed Scheduled Posts Publisher by WPBeginner

missed-scheduled-posts-publisher

100

Are your scheduled posts missing their publication times? Missed Scheduled Posts Publisher effectively resolves the 'missed scheduled post' …

60K No CVEs

Action Scheduler

action-scheduler

100

Action Scheduler - Job Queue for WordPress

20K No CVEs

Missed Schedule Post Publisher

missed-schedule-post-publisher

100

🎯 Never miss scheduled posts again! Automatically publishes missed scheduled posts on time, every time. Zero bloat, single purpose, reliable.

7K No CVEs

WP-Cron Status Checker

wp-cron-status-checker

100

If WP-Cron runs important things for you, you better make sure WP-Cron always runs!

5K No CVEs

Developer Profile

TAO Schedule Update Developer Profile

Syberspace

1 plugin · 2K total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect TAO Schedule Update

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

Data Attributes

tao_sc_publish

FAQ