WP-Safety

WEN Post Expiry Notification Security & Risk Analysis

wordpress.org/plugins/wen-post-expiry-notification

Set expiry date for posts, pages, and custom post types. Send notification about the expiry before specified number of days.

0 active installs v1.2 PHP 7.4+ WP 6.0+ Updated Mar 24, 2025
expiry-notificationpost-expiry
92
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is WEN Post Expiry Notification Safe to Use in 2026?

Generally Safe

Score 92/100

WEN Post Expiry Notification has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago
Risk Assessment

The "wen-post-expiry-notification" v1.2 plugin demonstrates a generally positive security posture. The static analysis reveals no critical vulnerabilities such as SQL injection, unsanitized paths in taint analysis, or dangerous function usage. The absence of external HTTP requests and file operations further reduces the attack surface. Furthermore, the plugin incorporates nonce and capability checks, which are fundamental security practices.

However, a significant concern arises from the SQL queries. The analysis indicates that 100% of the identified SQL queries are not using prepared statements. This presents a substantial risk of SQL injection vulnerabilities, even if none have been historically documented. While the plugin has no recorded CVEs, this absence of vulnerabilities in its history doesn't negate the inherent risk posed by unparameterized SQL queries, especially if the plugin handles user-provided input that could be injected into these queries.

In conclusion, the plugin has strong foundational security elements like nonce and capability checks and a clean history. The lack of reported CVEs is a good sign, but the unescaped output (32%) and, more critically, the complete lack of prepared statements in SQL queries are notable weaknesses that require immediate attention to mitigate potential security risks.

Key Concerns

  • 100% of SQL queries not using prepared statements
  • 32% of outputs not properly escaped
Vulnerabilities
None known

WEN Post Expiry Notification Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

WEN Post Expiry Notification Release Timeline

v1.2Current
v1.1
v1.0
Code Analysis
Analyzed Mar 17, 2026

WEN Post Expiry Notification Code Analysis

Dangerous Functions
0
Raw SQL Queries
1
0 prepared
Unescaped Output
13
28 escaped
Nonce Checks
1
Capability Checks
2
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

0% prepared1 total queries

Output Escaping

68% escaped41 total outputs
Data Flows · Security
All sanitized

Data Flow Analysis

1 flows
<post-expiry-meta-boxes> (inc\post-expiry-meta-boxes.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

WEN Post Expiry Notification Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 11
actionplugins_loadedinc\class-wen-post-expiry-notification.php:16
actionwpen_check_daily_for_post_expiryinc\class-wen-post-expiry-notification.php:18
actionadmin_enqueue_scriptsinc\class-wen-post-expiry-notification.php:19
actionadmin_menuinc\class-wpen-admin-settings.php:9
actionadmin_initinc\class-wpen-admin-settings.php:10
actionupdate_option_wpen_emailinc\class-wpen-admin-settings.php:11
filterplugin_action_links_wen-post-expiry-notification/wen-post-expiry-notification.phpinc\class-wpen-admin-settings.php:13
actionload-post.phpinc\post-expiry-meta-boxes.php:7
actionload-post-new.phpinc\post-expiry-meta-boxes.php:8
actionadd_meta_boxesinc\post-expiry-meta-boxes.php:14
actionsave_postinc\post-expiry-meta-boxes.php:15

Scheduled Events 2

wpen_check_daily_for_post_expiry
wpen_check_daily_for_post_expiry
Maintenance & Trust

WEN Post Expiry Notification Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedMar 24, 2025
PHP min version7.4
Downloads1K

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

WEN Post Expiry Notification Alternatives

WP Post Expires

WP Post Expires

wp-post-expires

A
85

Plugin adds post expires time after which will be performed actions: add prefix to title, move to drafts or trash.

2K No CVEs
Expiring Posts

Expiring Posts

expiring-posts

A
85

This plugin adds functionality to expire a post on a given date.

900 No CVEs
AIT Easy Post Customization

AIT Easy Post Customization

ait-easy-post-customization

A
100

Easily set expiry dates for posts and custom post types, automatically unpublishing content when it becomes outdated.

0 No CVEs
Developer Profile

WEN Post Expiry Notification Developer Profile

Web Experts Nepal

3 plugins · 90 total installs

88
trust score
Avg Security Score
92/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect WEN Post Expiry Notification

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wen-post-expiry-notification/assets/css/jquery-ui.css/wp-content/plugins/wen-post-expiry-notification/assets/css/post-expiry-custom.css/wp-content/plugins/wen-post-expiry-notification/assets/js/post-expiry-custom.js
Script Paths
/wp-content/plugins/wen-post-expiry-notification/assets/js/post-expiry-custom.js

HTML / DOM Fingerprints

CSS Classes
post-expiry-settingswen_date_pickerwen_email_recepient_towen_email_recepient_ccwen_email_subject
Data Attributes
name="date-picker"name="email-recepient-to"name="email-recepient-cc"name="email-subject"name="email-template"id="date-picker"+4 more
FAQ

Frequently Asked Questions about WEN Post Expiry Notification