Does WP-Sweep have any unpatched vulnerabilities?

No. All known vulnerabilities in WP-Sweep have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WP-Sweep compatible with WordPress 6.8.5?

According to WordPress.org data, WP-Sweep 1.1.8 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

How often is WP-Sweep updated?

WP-Sweep was last updated on Apr 16, 2025. Frequent updates are generally a positive security signal.

What is WP-Sweep's security score?

WP-Sweep has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WP-Sweep Security & Risk Analysis

wordpress.org/plugins/wp-sweep

WP-Sweep allows you to clean up unused, orphaned and duplicated data in your WordPress. It also optimizes your database tables.

100K active installs v1.1.8 PHP + WP 4.6+ Updated Apr 16, 2025

cleanclean-upcleanupoptimizesweep

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is WP-Sweep Safe to Use in 2026?

Generally Safe

Score 100/100

WP-Sweep has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11mo ago

Risk Assessment

WP-Sweep v1.1.8 exhibits a strong security posture based on the static analysis and vulnerability history. The plugin demonstrates excellent adherence to secure coding practices, with 100% of its output being properly escaped and all SQL queries utilizing prepared statements at a high rate (83%). The absence of file operations, external HTTP requests, and dangerous functions further bolsters its security. Furthermore, the plugin correctly implements nonce and capability checks on its limited attack surface of two AJAX handlers, indicating a good understanding of WordPress security fundamentals.

The analysis found no critical or high severity taint flows, and the plugin has a clean vulnerability history with zero recorded CVEs. This historical lack of known vulnerabilities suggests a consistent commitment to security by the developers. The very limited attack surface, consisting solely of protected AJAX endpoints, also minimizes the potential for attack vectors.

Overall, WP-Sweep v1.1.8 appears to be a secure plugin with robust development practices. Its strengths lie in its secure handling of SQL, output escaping, and authentication checks. The lack of historical vulnerabilities is a significant positive indicator. While the taint analysis was limited (0 flows analyzed), the other indicators strongly suggest a well-secured plugin.

Vulnerabilities

None known

WP-Sweep Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

WP-Sweep Code Analysis

Dangerous Functions

Raw SQL Queries

116 prepared

Unescaped Output

166 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

83% prepared139 total queries

Output Escaping

100% escaped166 total outputs

Attack Surface

WP-Sweep Attack Surface

Entry Points2

Unprotected0

AJAX Handlers 2

authwp_ajax_sweep_detailsinc\class-wpsweep.php:98

authwp_ajax_sweepinc\class-wpsweep.php:99

WordPress Hooks 5

actionrest_api_initinc\class-wpsweep-api.php:55

actionplugins_loadedinc\class-wpsweep.php:43

actioninitinc\class-wpsweep.php:95

actionadmin_menuinc\class-wpsweep.php:96

actionadmin_enqueue_scriptsinc\class-wpsweep.php:97

Maintenance & Trust

WP-Sweep Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedApr 16, 2025

PHP min version

Downloads1.8M

Community Trust

Rating94/100

Number of ratings138

Active installs100K

Alternatives

WP-Sweep Alternatives

Advanced Clean Master – Complete Site Cleanup & Database Optimizer

advanced-clean-master

100

Boost WordPress performance by cleaning unnecessary data and optimizing your database. Remove drafts, orphaned media, transients with scheduled cleanu …

10 No CVEs