diff --git a/core/modules/content_moderation/src/Plugin/WorkflowType/ContentModeration.php b/core/modules/content_moderation/src/Plugin/WorkflowType/ContentModeration.php
index e61f25e..b2ba6b2 100644
--- a/core/modules/content_moderation/src/Plugin/WorkflowType/ContentModeration.php
+++ b/core/modules/content_moderation/src/Plugin/WorkflowType/ContentModeration.php
@@ -30,6 +30,14 @@ public function checkWorkflowAccess(WorkflowInterface $entity, $operation, Accou
     if ($operation === 'view') {
       return AccessResult::allowedIfHasPermission($account, 'view content moderation');
     }
+    elseif ($operation === 'delete' || $operation === 'delete-state') {
+      $count = \Drupal::entityQuery('content_moderation_state')
+        ->count()
+        ->condition('workflow', $entity->id())
+        ->execute();
+      // Can't be cached.
+      return AccessResult::forbiddenIf((bool) $count)->setCacheMaxAge(0);
+    }
     return parent::checkWorkflowAccess($entity, $operation, $account);
   }