PLUGIN SECURITY
Is Worker safe?
Known vulnerabilities, PHP compatibility and safer alternatives for the Worker WordPress plugin — checked against WP Clinic's local security database.
Plugin details
- Slug:
worker - Max supported PHP (analyzed): <8.0
Known vulnerabilities
- ManageWP Worker [worker] < 4.9.3 [Manage WP Worker <= 4.9.2 - Authentication Bypass]
- ManageWP Worker [worker] < 4.9.32 [CVE-2026-39463, ManageWP Worker <= 4.9.31 - Unauthenticated Stored Cross-Site Scripting, EUVD-2026-36931]
- ManageWP Worker [worker] < 4.9.32 [CVE-2026-3718, WordPress ManageWP Worker Plugin <= 4.9.31 is vulnerable to a medium priority Cross Site Scripting (XSS), ManageWP Worker <= 4.9.31 - Unauthenticated Stored Cross-Site Scripting via 'MWP-Key-Name' Header]
Vulnerabilities are matched against the exact installed version when it's known. Always keep the plugin updated to the latest release.
Safer / more established alternatives
- All-in-One WP Migration and Backup — 5000000+ active installs — max PHP <8.0
- UpdraftPlus: WP Backup & Migration Plugin — 3000000+ active installs — max PHP <8.0
- Jetpack – WP Security, Backup, Speed, & Growth — 3000000+ active installs
- Duplicator – Backups & Migration Plugin – Cloud Backups, Scheduled Backups, & More — 1000000+ active installs — max PHP <8.0
- WPvivid — Backup, Migration & Staging — 900000+ active installs — max PHP <8.0
Check your own WordPress site
Run a free passive scan now, or create a free account and install the WP Clinic plugin for a deep scan of your whole hosting account and AI-assisted repair.