WP-Safety

Post Status Notifications Security & Risk Analysis

wordpress.org/plugins/wpsite-post-status-notifications

The Post Status Notifications plugin by 99 Robots provides an easy way to notify Administrators when Contributors submit posts for review or when a Co …

1K active installs v3.2.0 PHP 5.6.20+ WP 4.9+ Updated Aug 29, 2023
email-notificationpost-notificationpost-statusstatusstatus-notification
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Post Status Notifications Safe to Use in 2026?

Generally Safe

Score 85/100

Post Status Notifications has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2yr ago
Risk Assessment

The security posture of wpsite-post-status-notifications v3.2.0 appears to be relatively strong based on the provided static analysis. The absence of any reported CVEs and the lack of identified critical or high severity taint flows suggest a generally secure codebase. The plugin demonstrates good practices by avoiding dangerous functions, file operations, and external HTTP requests. The high percentage of properly escaped output (80%) and the presence of nonce checks are also positive indicators.

Key Concerns

  • SQL queries not using prepared statements
  • No capability checks on entry points
  • Output escaping not fully implemented
Vulnerabilities
None known

Post Status Notifications Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Post Status Notifications Code Analysis

Dangerous Functions
0
Raw SQL Queries
1
0 prepared
Unescaped Output
8
33 escaped
Nonce Checks
1
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

0% prepared1 total queries

Output Escaping

80% escaped41 total outputs
Data Flows
All sanitized

Data Flow Analysis

2 flows
page_settings (wpsite-post-status-notification.php:276)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Post Status Notifications Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 3
actionplugins_loadedwpsite-post-status-notification.php:189
actiontransition_post_statuswpsite-post-status-notification.php:196
actionadmin_menuwpsite-post-status-notification.php:197
Maintenance & Trust

Post Status Notifications Maintenance & Trust

Maintenance Signals

WordPress version tested6.3.8
Last updatedAug 29, 2023
PHP min version5.6.20
Downloads30K

Community Trust

Rating70/100
Number of ratings10
Active installs1K
Alternatives

Post Status Notifications Alternatives

WP Post Status Notifications

WP Post Status Notifications

wp-post-status-notifications

A
85

Configure email notifications for post/page status changes.

10 No CVEs
Archive Content with Archived Post Status

Archive Content with Archived Post Status

archived-post-status

A
100

Use an "Archived" status to unpublish content without having to trash it.

5K No CVEs
LH Private Content Login

LH Private Content Login

lh-private-content-login

A
85

Redirects non-logged users to the login page when they follow a link to a post, page, or cpt which is protected by post status.

300 No CVEs
Post Status Menu Items

Post Status Menu Items

post-status-menu-items

A
85

Adds post status links–e.g. "Draft" (7)–to post type admin menus and a few other nice goodies.

200 No CVEs
Pending Status

Pending Status

pending-status

A
100

Get notified when your site has posts pending review.

100 No CVEs
Developer Profile

Post Status Notifications Developer Profile

DraftPress Team

12 plugins · 613K total installs

70
trust score
Avg Security Score
87/100
Avg Patch Time
1011 days
View full developer profile
Detection Fingerprints

How We Detect Post Status Notifications

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wpsite-post-status-notifications/css/settings.css/wp-content/plugins/wpsite-post-status-notifications/css/bootstrap.min.css/wp-content/plugins/wpsite-post-status-notifications/js/settings.js
Script Paths
/wp-content/plugins/wpsite-post-status-notifications/js/settings.js
Version Parameters
wpsite-post-status-notifications/css/settings.css?ver=wpsite-post-status-notifications/css/bootstrap.min.css?ver=wpsite-post-status-notifications/js/settings.js?ver=

HTML / DOM Fingerprints

CSS Classes
wpsite-post-status-notifications-settings
HTML Comments
<!-- WPSite Post Status Notifications Settings -->
Data Attributes
data-plugin-urldata-plugin-version
JS Globals
wpsite_post_status_notifications_settingswpsite_psn_admin_settings
FAQ

Frequently Asked Questions about Post Status Notifications