Source evidence

wpcrontrol behavior and security

WP Crontrol · support · 2026-04-26T17:19:00+00:00

WP Crontrol plugin evidence original source source API

mixedsentiment

highseverity

0.9relevance

1replies

Evidence linked to opportunitycommercial context

Proof Health

Open evidence

Commercial opportunities need traceable source links before they are treated as build-worthy.

6 / 35 rows with source links

17.1% of this page's analysis has direct source links.

0 build-decision rows missing links

0 rows here require auditable proof before promotion.

29 rows with no attached evidence

0 rows have source counts but still need direct links.

Conversation

support

pineapplepalm resolved

Hi John, Noticed a few points from a plugin check missing_direct_file_access_protectionPHP file should prevent direct access. WordPress.Security.NonceVerification.RecommendedProcessing form data without nonce verification. Can you share whether you’re hoping to ensure these are tied up? I think we might need to keep WPC on our production site, and these notices and warnings/errors cause a little concern. Quick question: Is we pause or delete a scheduled cron with your plugin installed, what happens to it if we deactivate or delete WPCr ? Do they remain or revert? Thanks in advanced. Plugin deactivation is covered here: https://wp-crontrol.com/docs/deactivation/ The reports about direct file access and missing nonces appear to be false positives. WP Crontrol has a pretty strict set of security and code scanning configuration, but I’ll double check to be sure.

Commercial Context

Opportunity

developer change safety and site customization

Debug change-safety workflow for shipping custom code and site changes without breaking production

Buyer: developers, agencies, and technical site owners

Wedge: preflight debug code changes, compatibility risks, rollback paths, and debug evidence

Proof Blocked card complete market

Analysis

heuristic-v1

Summary: wpcrontrol behavior and security: users show security, bugs, compatibility pain that may indicate a product gap.

Evidence quote: wpcrontrol behavior and security Hi John, Noticed a few points from a plugin check missing_direct_file_access_protectionPHP file should prevent direct access.

Affected feature: form

security bugs compatibility missing feature

Plugin

API

WP Crontrol

300.0K active installs · 7.8M downloads · rating 90.0

cron crontrol debug woocommerce wp cron

Comments

1 shown

John Blackbourn 2026-04-27T09:29:00+00:00

Plugin deactivation is covered here: https://wp-crontrol.com/docs/deactivation/ The reports about direct file access and missing nonces appear to be false positives. WP Crontrol has a pretty strict set of security and code scanning configuration, but I’ll double check to be sure.