WP-Safety

WP Content Scheduler With Range Security & Risk Analysis

wordpress.org/plugins/wp-content-scheduler-with-range

Scheduler of WordPress posts, custom posts, pages, WooCommerce products etc.

70 active installs v1.1 PHP + WP 3.8+ Updated Jun 29, 2021
content-scheduling-pluginwoocommercewordpresswordpress-pluginwp-content-scheduler-plugin
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is WP Content Scheduler With Range Safe to Use in 2026?

Generally Safe

Score 85/100

WP Content Scheduler With Range has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago
Risk Assessment

The "wp-content-scheduler-with-range" plugin exhibits significant security concerns due to a large, unprotected attack surface. All 13 AJAX handlers lack authentication checks, creating an immediate risk of unauthorized actions. The extensive use of dangerous functions like `unserialize` without proper sanitization, coupled with SQL queries that are not prepared, further amplifies the potential for injection vulnerabilities. The very low percentage of properly escaped output also suggests a high risk of Cross-Site Scripting (XSS) vulnerabilities.

The plugin's vulnerability history, while currently showing zero known CVEs, does not negate the inherent risks identified in the static analysis. The absence of past vulnerabilities could be due to luck or a lack of in-depth security auditing rather than strong security practices. The presence of Select2, a bundled library, also warrants attention for potential outdated versions if not actively managed. Overall, while the plugin has a clean vulnerability history, the code analysis reveals critical weaknesses that require immediate attention to mitigate substantial security risks.

Key Concerns

  • 13 AJAX handlers without authentication
  • 17 dangerous functions (unserialize)
  • 4 SQL queries, 0% using prepared statements
  • 2% properly escaped output
  • Taint analysis: 2 unsanitized path flows
  • 0 capability checks
  • Bundled library (Select2)
Vulnerabilities
None known

WP Content Scheduler With Range Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

WP Content Scheduler With Range Code Analysis

Dangerous Functions
17
Raw SQL Queries
4
0 prepared
Unescaped Output
87
2 escaped
Nonce Checks
6
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
1

Dangerous Functions Found

unserialize$saved_post_types = unserialize ( $saved_post_types );includes\main.php:17
unserialize$occasional_contents = unserialize ( $occasional_contents );includes\occasional-contents.php:19
unserialize$occasional_contents = unserialize ( $occasional_contents );includes\occasional-contents.php:109
unserialize$occasional_contents = unserialize ( $occasional_contents );includes\occasional-contents.php:146
unserialize$occasional_contents = unserialize ( $occasional_contents );includes\occasional-contents.php:176
unserialize$saved_post_types = unserialize ( $saved_post_types );includes\settings.php:10
unserialize$pages_already_have_occasional_content = unserialize ( $pages_already_have_occasional_content );includes\settings.php:15
unserialize$shortcode_content = unserialize ( $shortcode_content );includes\settings.php:21
unserialize$occasional_contents = unserialize( $occasional_contents );includes\settings.php:43
unserialize$shortcode = unserialize( get_option('ced_wcswr_shortcode_content') );includes\wp-content-scheduler-with-range-class.php:36
unserialize$occasional_content = unserialize( $occasional_content );includes\wp-content-scheduler-with-range-class.php:181
unserialize$pages_already_have_occasional_content=unserialize($pages_already_have_occasional_content);includes\wp-content-scheduler-with-range-class.php:454
unserialize$occasional_contents = unserialize( $occasional_contents );includes\wp-content-scheduler-with-range-class.php:456
unserialize$occasional_contents = unserialize( $occasional_contents );includes\wp-content-scheduler-with-range-class.php:490
unserialize$shortcode_contents = unserialize ( $shortcode_contents );includes\wp-content-scheduler-with-range-class.php:623
unserialize$arr=unserialize($arr);includes\wp-content-scheduler-with-range-class.php:679
unserialize$pages_saved=unserialize($pages_saved);includes\wp-content-scheduler-with-range-class.php:682

Bundled Libraries

Select2

SQL Query Safety

0% prepared4 total queries

Output Escaping

2% escaped89 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

5 flows2 with unsanitized paths
<settings> (includes\settings.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
13 unprotected

WP Content Scheduler With Range Attack Surface

Entry Points13
Unprotected13

AJAX Handlers 13

authwp_ajax_save_post_typeincludes\wp-content-scheduler-with-range-class.php:26
noprivwp_ajax_save_post_typeincludes\wp-content-scheduler-with-range-class.php:27
authwp_ajax_move_toincludes\wp-content-scheduler-with-range-class.php:28
noprivwp_ajax_move_toincludes\wp-content-scheduler-with-range-class.php:29
authwp_ajax_occasional_contentincludes\wp-content-scheduler-with-range-class.php:30
noprivwp_ajax_occasional_contentincludes\wp-content-scheduler-with-range-class.php:31
authwp_ajax_delete_occasionalincludes\wp-content-scheduler-with-range-class.php:32
noprivwp_ajax_delete_occasionalincludes\wp-content-scheduler-with-range-class.php:33
authwp_ajax_shortcode_contentincludes\wp-content-scheduler-with-range-class.php:34
noprivwp_ajax_shortcode_contentincludes\wp-content-scheduler-with-range-class.php:35
authwp_ajax_filtering_postsincludes\wp-content-scheduler-with-range-class.php:41
noprivwp_ajax_filtering_postsincludes\wp-content-scheduler-with-range-class.php:42
authwp_ajax_ced_wcswr_send_mailincludes\wp-content-scheduler-with-range-class.php:50
WordPress Hooks 16
actionadd_meta_boxesincludes\main.php:27
actionsave_postincludes\main.php:106
filterposts_whereincludes\main.php:193
actionadmin_initincludes\main.php:257
actionwp_headincludes\occasional-contents.php:93
actionadmin_enqueue_scriptsincludes\wp-content-scheduler-with-range-class.php:23
actionwp_enqueue_scriptsincludes\wp-content-scheduler-with-range-class.php:24
actionadmin_initincludes\wp-content-scheduler-with-range-class.php:25
filtermanage_posts_columnsincludes\wp-content-scheduler-with-range-class.php:43
actionmanage_posts_custom_columnincludes\wp-content-scheduler-with-range-class.php:44
filtermanage_pages_columnsincludes\wp-content-scheduler-with-range-class.php:45
actionmanage_pages_custom_columnincludes\wp-content-scheduler-with-range-class.php:46
actionadmin_menuincludes\wp-content-scheduler-with-range-class.php:48
filterplugin_action_linkswp-content-scheduler-with-range.php:31
filterplugin_row_metawp-content-scheduler-with-range.php:69
actionplugins_loadedwp-content-scheduler-with-range.php:84
Maintenance & Trust

WP Content Scheduler With Range Maintenance & Trust

Maintenance Signals

WordPress version tested5.6.17
Last updatedJun 29, 2021
PHP min version
Downloads8K

Community Trust

Rating100/100
Number of ratings5
Active installs70
Alternatives

WP Content Scheduler With Range Alternatives

SoftTech-IT bKash, Rocket, Nagad

SoftTech-IT bKash, Rocket, Nagad

bkash

A
92

Easy to use bKash , Rocket and Nagad Payment Gateway for Woocommerce

7K No CVEs
Bitcoin Payments – Blockonomics

Bitcoin Payments – Blockonomics

blockonomics-bitcoin-payments

A
99

Accept Bitcoin/USDT payments on your WooCommerce website. Crypto payments go directly to your wallet.

3K 2 CVEs
GoUrl Bitcoin Payment Gateway & Paid Downloads & Membership

GoUrl Bitcoin Payment Gateway & Paid Downloads & Membership

gourl-bitcoin-payment-gateway-paid-downloads-membership

C
62

GoUrl Official Bitcoin/Altcoin Payment Gateway for Wordpress. Accept Bitcoin, Bitcoin Cash, Litecoin, Dash, Dogecoin, etc. Payments Online

900 1 unpatched
Elite Licenser addon-lite for WooCommerce

Elite Licenser addon-lite for WooCommerce

woo-elite-licenser-addon

A
100

It is an add-on of Elite Licenser also WooCommerce. So you must need main app (Elite licenser) to use it.

100 No CVEs
Product Image Hover Addon For WooCommerce

Product Image Hover Addon For WooCommerce

product-image-hover-addon-for-woocommerce

A
85

Product Image Hover Addon For WooCommerce is a custom plugin for WooCommerce.

20 No CVEs
Developer Profile

WP Content Scheduler With Range Developer Profile

cedcommerce

21 plugins · 5K total installs

67
trust score
Avg Security Score
83/100
Avg Patch Time
204 days
View full developer profile
Detection Fingerprints

How We Detect WP Content Scheduler With Range

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wp-content-scheduler-with-range/assets/css/date_range_style.min.css/wp-content/plugins/wp-content-scheduler-with-range/assets/css/admin-custom-style.css/wp-content/plugins/wp-content-scheduler-with-range/assets/css/wcswr-select2.min.css/wp-content/plugins/wp-content-scheduler-with-range/assets/js/wcswr_custom_js.min.js/wp-content/plugins/wp-content-scheduler-with-range/assets/js/wcswr-select2.min.js
Script Paths
/wp-content/plugins/wp-content-scheduler-with-range/assets/js/wcswr_custom_js.min.js/wp-content/plugins/wp-content-scheduler-with-range/assets/js/wcswr-select2.min.js
Version Parameters
wp-content-scheduler-with-range/assets/css/date_range_style.min.css?ver=wp-content-scheduler-with-range/assets/css/admin-custom-style.css?ver=wp-content-scheduler-with-range/assets/css/wcswr-select2.min.css?ver=wp-content/plugins/wp-content-scheduler-with-range/assets/js/wcswr_custom_js.min.js?ver=wp-content/plugins/wp-content-scheduler-with-range/assets/js/wcswr-select2.min.js?ver=

HTML / DOM Fingerprints

Data Attributes
data-ced_wcswr_nonce
JS Globals
ced_wcswr_ajax_seurity_string
FAQ

Frequently Asked Questions about WP Content Scheduler With Range