PHPackages pvtl/wp-safe-user-deletion - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. pvtl/wp-safe-user-deletion ActiveWordpress-muplugin[Security](/categories/security) pvtl/wp-safe-user-deletion ========================== A must-use WordPress plugin that adds a double confirmation when deleting users and blocks deletion if the user has content that has not been reassigned to another user. v1.0.0(2mo ago)05PublicPHPPHP >=7.3 Since Feb 17Pushed 2mo agoCompare [ Source](https://github.com/pvtl/wp-safe-user-deletion)[ Packagist](https://packagist.org/packages/pvtl/wp-safe-user-deletion)[ Docs](https://github.com/pvtl/wp-safe-user-deletion)[ RSS](/packages/pvtl-wp-safe-user-deletion/feed)WikiDiscussions main Synced 1mo ago READMEChangelogDependenciesVersions (2)Used By (0) WP Safe User Deletion ===================== [](#wp-safe-user-deletion) A must-use WordPress plugin that adds a double confirmation when deleting users and blocks deletion if the user has content that has not been reassigned to another user. Why we created this plugin -------------------------- [](#why-we-created-this-plugin) Deleting a WordPress user who has authored posts, pages, or other content can permanently delete that content if an administrator chooses "Delete all content" instead of "Attribute all content to" another user. This is easy to do by mistake: the confirmation screen presents both options, and a quick click can lead to irreversible data loss. We created WP Safe User Deletion to: - **Reduce accidental data loss** when removing users (e.g. former staff or contributors). - **Make the reassignment option obvious** so admins are encouraged to assign content to another user before deleting. - **Enforce a safety check** so deletion is blocked when the user has content and no reassignment was selected. What this plugin prevents ------------------------- [](#what-this-plugin-prevents) - **Permanent loss of posts and pages** – Content authored by the deleted user is no longer lost by mistake when an admin forgets to choose "Attribute all content to". - **Orphaned or deleted custom content** – The same protection applies to any post type that supports author (e.g. custom post types like job profiles). - **Rushed deletions** – An extra confirmation step when "Delete all content" is selected gives admins a chance to cancel and reassign instead. The plugin does **not** prevent deletion when: - The user has no content (posts, pages, or links), or - The admin has chosen "Attribute all content to" and selected another user. In those cases, deletion proceeds as normal. How it works ------------ [](#how-it-works) 1. **On the delete confirmation screen** (Users → Delete on a user), an admin notice reminds the admin to choose a user to assign content to before deleting, so no data is lost. 2. **Before submitting the form**, if the admin selects "Delete all content", a browser confirmation dialog appears warning that the user has content and suggesting they assign it to another user. They can cancel to go back and choose "Attribute all content to". 3. **When deletion is requested**, the plugin checks whether the user being deleted has any content (posts of any type or, if the link manager is enabled, links). If they do, and no reassignment was selected, the deletion is **blocked** and the admin sees a clear message with a link back to the Users list to try again and select a reassignment user. This plugin works with WordPress's built-in user delete flow; it does not add new admin pages or change how you delete users, only adds notices and guards. What counts as "content" ------------------------ [](#what-counts-as-content) - **Posts and pages** – Any post type that supports the author field (posts, pages, and custom post types such as job profiles). - **Links** – If the site has the link manager enabled, links owned by the user are also considered content. If the user has at least one such item, deletion is blocked until content is reassigned (or the user is deleted via the reassign option). Requirements ------------ [](#requirements) - WordPress (tested with modern versions; uses standard hooks and APIs). - No additional PHP extensions or Composer dependencies. - Installed as a must-use plugin (`mu-plugins`); it is always active and does not appear in the Plugins list. Installation ------------ [](#installation) ### Composer / Wordpress Bedrock [](#composer--wordpress-bedrock) ``` composer require pvtl/wp-safe-user-deletion ``` ### Manual [](#manual) 1. Upload plugin to `wp-content/plugins/wp-safe-user-deletion/` 2. Activate plugin in WordPress admin Author ------ [](#author) Pivotal Agency Pty Ltd License ------- [](#license) MIT ### Health Score 32 — LowBetter than 72% of packages Maintenance85 Actively maintained with recent releases Popularity5 Limited adoption so far Community6 Small or concentrated contributor base Maturity29 Early-stage or recently created project Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 82d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/b54f3e43a9171099a685589c94f7cd35da4da8e600d5737536d14918d872ca56?d=identicon)[pvtl](/maintainers/pvtl) --- Top Contributors [![erinwelch](https://avatars.githubusercontent.com/u/53369160?v=4)](https://github.com/erinwelch "erinwelch (1 commits)") ### Embed Badge ![Health badge](/badges/pvtl-wp-safe-user-deletion/health.svg) ``` [![Health](https://phpackages.com/badges/pvtl-wp-safe-user-deletion/health.svg)](https://phpackages.com/packages/pvtl-wp-safe-user-deletion) ``` ### Alternatives [defuse/php-encryption Secure PHP Encryption Library 3.9k162.4M214](/packages/defuse-php-encryption)[roave/security-advisories Prevents installation of composer packages with known security vulnerabilities: no API, simply require it 2.9k97.3M6.4k](/packages/roave-security-advisories)[mews/purifier Laravel 5/6/7/8/9/10 HtmlPurifier Package 2.0k16.7M113](/packages/mews-purifier)[robrichards/xmlseclibs A PHP library for XML Security 41278.1M118](/packages/robrichards-xmlseclibs)[bjeavons/zxcvbn-php Realistic password strength estimation PHP library based on Zxcvbn JS 86917.5M63](/packages/bjeavons-zxcvbn-php)[enlightn/security-checker A PHP dependency vulnerabilities scanner based on the Security Advisories Database. 33732.2M110](/packages/enlightn-security-checker) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)