Does WP Frontend Delete Account have any unpatched vulnerabilities?

No. All known vulnerabilities in WP Frontend Delete Account have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WP Frontend Delete Account compatible with WordPress 6.7.5?

According to WordPress.org data, WP Frontend Delete Account 2.4.2 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is WP Frontend Delete Account compatible with PHP 5.6+?

WP Frontend Delete Account requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is WP Frontend Delete Account updated?

WP Frontend Delete Account was last updated on Jan 27, 2025. Frequent updates are generally a positive security signal.

What is WP Frontend Delete Account's security score?

WP Frontend Delete Account has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WP Frontend Delete Account Security & Risk Analysis

wordpress.org/plugins/wp-frontend-delete-account

Lets customers delete their account by their own.

5K active installs v2.4.2 PHP 5.6+ WP 5.0+ Updated Jan 27, 2025

delete-accountfrontend-deletegdprremove-account

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is WP Frontend Delete Account Safe to Use in 2026?

Generally Safe

Score 92/100

WP Frontend Delete Account has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The "wp-frontend-delete-account" plugin version 2.4.2 presents a mixed security posture. While it has no known historical vulnerabilities and implements nonce checks on all its AJAX handlers, indicating some attention to security, there are significant areas of concern. The presence of one unprotected AJAX handler is a critical flaw, creating an immediate entry point for potential unauthorized actions.

Further analysis reveals concerning coding practices. A significant portion of SQL queries are not using prepared statements, increasing the risk of SQL injection. Additionally, the output escaping is only partially effective, with 56% of outputs not being properly escaped, leaving room for cross-site scripting (XSS) vulnerabilities. The taint analysis shows flows with unsanitized paths, though currently classified as not critical or high, this indicates potential for more serious issues if they were to involve sensitive data or more complex interactions.

In conclusion, while the lack of historical vulnerabilities and the implementation of nonce checks are positive signs, the identified unprotected AJAX handler, raw SQL queries, and insufficient output escaping represent substantial security weaknesses. These issues could be exploited to gain unauthorized access, manipulate data, or execute malicious scripts within a WordPress site.

Key Concerns

Unprotected AJAX handler detected
SQL queries without prepared statements
Insufficient output escaping
Flows with unsanitized paths

Vulnerabilities

None known

WP Frontend Delete Account Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

WP Frontend Delete Account Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

24 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Freemius1.0

SQL Query Safety

0% prepared1 total queries

Output Escaping

44% escaped55 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

6 flows2 with unsanitized paths

emails (src\Emails\Emails.php:86)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

WP Frontend Delete Account Attack Surface

Entry Points6

Unprotected1

AJAX Handlers 5

authwp_ajax_wpfda_email_statussrc\Backend.php:27

authwp_ajax_wp_frontend_delete_account_dismiss_review_noticesrc\Backend.php:29

authwp_ajax_confirm_deletesrc\Frontend.php:24

noprivwp_ajax_delete_feedbacksrc\Frontend.php:25

noprivwp_ajax_delete_feedback_emailsrc\Frontend.php:26

Shortcodes 1

[wp_frontend_delete_account] src\Frontend.php:27

WordPress Hooks 19

actionadmin_menusrc\Backend.php:24

actionadmin_initsrc\Backend.php:25

actionadmin_enqueue_scriptssrc\Backend.php:26

actionin_admin_headersrc\Backend.php:28

actionadmin_print_scriptssrc\Backend.php:30

filterwp_frontend_delete_account_emailssrc\Emails\Summary.php:32

actionadmin_initsrc\Emails\Summary.php:33

actionwpfda_weekly_summary_emailsrc\Emails\Summary.php:34

actionwp_frontend_delete_account_process_completesrc\Emails\Summary.php:35

filterwoocommerce_email_footer_textsrc\Emails\Summary.php:104

actionwp_enqueue_scriptssrc\Frontend.php:23

actioninitsrc\Gutenberg.php:23

actionenqueue_block_editor_assetssrc\Gutenberg.php:24

actioninitsrc\Plugin.php:49

actionplugins_loadedsrc\Plugin.php:50

actioninitsrc\WooCommerce.php:28

filterquery_varssrc\WooCommerce.php:29

filterwoocommerce_account_menu_itemssrc\WooCommerce.php:30

actionwoocommerce_account_wpf-delete-account_endpointsrc\WooCommerce.php:31

Maintenance & Trust

WP Frontend Delete Account Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedJan 27, 2025

PHP min version5.6

Downloads47K

Community Trust

Rating92/100

Number of ratings27

Active installs5K

Alternatives

WP Frontend Delete Account Alternatives

Complianz – GDPR/CCPA Cookie Consent

complianz-gdpr

Configure your Cookie Banner, Cookie Consent and Cookie Policy with our Wizard and Cookies Scan.

1.0M 10 CVEs

CookieYes – Cookie Banner for Cookie Consent (Easy to setup GDPR/CCPA Compliant Cookie Notice)

cookie-law-info

100

Easily set up cookie banner or notice in WordPress, and policy pages for compliance with global cookie laws (GDPR, DSGVO, RGPD, CCPA/CPRA, etc).

1.0M 1 CVE

Cookie Notice & Compliance for GDPR / CCPA

cookie-notice

Cookie Notice allows you to you elegantly inform users that your site uses cookies and helps you comply with GDPR, CCPA and other data privacy laws.

900K 6 CVEs

CookieAdmin – Cookie Consent Banner

cookieadmin

100

CookieAdmin provides easy to configure cookie consent banner with GDPR and CCPA law support.

300K No CVEs

GDPR Cookie Compliance – Cookie Banner, Cookie Consent, Cookie Notice for CCPA, EU Cookie Law

gdpr-cookie-compliance

Cookie notice banner for GDPR, CCPA, EU cookie law, data protection and privacy regulations and other cookie law and consent notice requirements on yo …

300K 9 CVEs

Developer Profile

WP Frontend Delete Account Developer Profile

Sanjeev Aryal

10 plugins · 13K total installs

trust score

Avg Security Score

89/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WP Frontend Delete Account

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wp-frontend-delete-account/assets/css/frontend.css/wp-content/plugins/wp-frontend-delete-account/assets/js/frontend.js

Script Paths

/wp-content/plugins/wp-frontend-delete-account/assets/js/frontend.js

Version Parameters

wp-frontend-delete-account/assets/css/frontend.css?ver=wp-frontend-delete-account/assets/js/frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes

wpfda-delete-account-containerwp-frontend-delete-account-sidebarwp-frontend-delete-account-widgetwp-frontend-delete-account-boxwp-frontend-delete-account-widget_title

HTML Comments

+1 more

Data Attributes

id='wpfda-delete-account-frontend-js'

JS Globals

wpfda_plugins_params

Shortcode Output

<div class='wpfda-delete-account-container'><script id='wpfda-delete-account-frontend-js'>var wpfda_plugins_params =

FAQ