Does Advanced Crossword have any unpatched vulnerabilities?

No. All known vulnerabilities in Advanced Crossword have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Advanced Crossword compatible with WordPress 6.9.4?

According to WordPress.org data, Advanced Crossword 1.2.2 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Advanced Crossword compatible with PHP 5.2.4+?

Advanced Crossword requires PHP 5.2.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Advanced Crossword updated?

Advanced Crossword was last updated on Dec 12, 2025. Frequent updates are generally a positive security signal.

What is Advanced Crossword's security score?

Advanced Crossword has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Advanced Crossword Security & Risk Analysis

wordpress.org/plugins/advanced-crossword

Create a beautiful, responsive 15x15 grid crossword to your liking. You have full control over the blank cells and the clues.

90 active installs v1.2.2 PHP 5.2.4+ WP 5.0.1+ Updated Dec 12, 2025

crosswordpuzzleword-game

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Advanced Crossword Safe to Use in 2026?

Generally Safe

Score 100/100

Advanced Crossword has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago

Risk Assessment

The "advanced-crossword" plugin version 1.2.2 presents a mixed security posture. While it boasts no known CVEs and a generally good rate of prepared SQL statements and output escaping, significant concerns arise from its attack surface and taint analysis. The presence of five AJAX handlers, all lacking authentication checks, creates a substantial entry point for potential attacks. Furthermore, two taint flows with unsanitized paths, even if not classified as critical or high in severity by the analysis, indicate potential vulnerabilities where user-supplied input could be processed in an unsafe manner. The absence of any reported vulnerabilities in its history is a positive sign, suggesting developers may have previously addressed security issues. However, the current static analysis findings, particularly the unprotected AJAX endpoints and unsanitized taint flows, warrant careful attention and mitigation efforts.

Key Concerns

AJAX handlers without authentication checks
Taint flows with unsanitized paths
Use of dangerous function (unserialize)

Vulnerabilities

None known

Advanced Crossword Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Advanced Crossword Code Analysis

Dangerous Functions

Raw SQL Queries

15 prepared

Unescaped Output

91 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$result->data_json_two = unserialize( base64_decode( $result->data_json_two ) );includes\D_PcPuzzleCrosswords_Table.php:61

unserialize$data_json = unserialize( $puzzle_obj->data_json );includes\PcPuzzleCrossword_LifeCycle.php:242

unserialize$result = unserialize( $opt_settings );includes\PcPuzzleCrossword_LifeCycle.php:527

unserialize$data_json->answer_data = unserialize( sanitize_text_field( serialize( $data_json->answer_data )));includes\PcPuzzleCrossword_LifeCycle.php:714

unserializeecho wp_json_encode( unserialize( $data->data_json ), ( JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLAincludes\w\W_PcPuzzleCrosswords_View.php:234

SQL Query Safety

83% prepared18 total queries

Output Escaping

83% escaped109 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

3 flows2 with unsanitized paths

puzzle_admin_actions (includes\PcPuzzleCrossword_LifeCycle.php:605)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

5 unprotected

Advanced Crossword Attack Surface

Entry Points5

Unprotected5

AJAX Handlers 5

authwp_ajax_pc_front_actionsincludes\PcPuzzleCrossword_Plugin.php:200

authwp_ajax_save_prize_infoincludes\PcPuzzleCrossword_Plugin.php:201

authwp_ajax_set_puzzle_prizeincludes\PcPuzzleCrossword_Plugin.php:202

authwp_ajax_pc_submit_actionsincludes\PcPuzzleCrossword_Plugin.php:203

authwp_ajax_puzzle_admin_actionsincludes\PcPuzzleCrossword_Plugin.php:204

WordPress Hooks 5

actioninitadvanced-crossword.php:30

actioninitincludes\PcPuzzleCrossword_Plugin.php:197

actionadmin_menuincludes\PcPuzzleCrossword_Plugin.php:198

actionadmin_enqueue_scriptsincludes\PcPuzzleCrossword_Plugin.php:199

actionadmin_footerincludes\PcPuzzleCrossword_Plugin.php:205

Maintenance & Trust

Advanced Crossword Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 12, 2025

PHP min version5.2.4

Downloads4K

Community Trust

Rating60/100

Number of ratings2

Active installs90

Alternatives

Advanced Crossword Alternatives

PuzzleMe – Interactive Puzzles for WordPress – Easily publish crosswords, quizzes, word searches and more

puzzleme

PuzzleMe makes it easy to add interactive games to your WordPress website - no coding required.

1K 1 CVE

Crossword Compiler Puzzles

crossword-compiler-puzzles

Insert a crossword puzzle, sudoku or word search from content made by Crossword Compiler

300 1 unpatched

WHA Puzzle

wha-puzzle

Puzzle - puzzle game, which is a mosaic that you want to make from the many fragments of the pattern of various shapes.

300 No CVEs

YMC Crossword

ymc-crossword

100

The plugin Crossword creates an easy crossword from the words of any combination.

200 No CVEs

EV Crosswords

ev-crosswords

Easily add crosswords to your Wordpress website, with or without AI help.

10 No CVEs

Developer Profile

Advanced Crossword Developer Profile

dan009

5 plugins · 2K total installs

trust score

Avg Security Score

100/100

Avg Patch Time

112 days

View full developer profile

Detection Fingerprints

How We Detect Advanced Crossword

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/advanced-crossword/assets/css/pc_puzzle_crossword_styles.css/wp-content/plugins/advanced-crossword/assets/js/pc_puzzle_crossword_view.js/wp-content/plugins/advanced-crossword/assets/js/pc_puzzle_crossword_editor.js/wp-content/plugins/advanced-crossword/assets/js/pc_puzzle_crossword_front.js/wp-content/plugins/advanced-crossword/assets/images/plugin-icon.png

Script Paths

/wp-content/plugins/advanced-crossword/assets/js/pc_puzzle_crossword_view.js/wp-content/plugins/advanced-crossword/assets/js/pc_puzzle_crossword_editor.js/wp-content/plugins/advanced-crossword/assets/js/pc_puzzle_crossword_front.js

Version Parameters

advanced-crossword/assets/css/pc_puzzle_crossword_styles.css?ver=advanced-crossword/assets/js/pc_puzzle_crossword_view.js?ver=advanced-crossword/assets/js/pc_puzzle_crossword_editor.js?ver=advanced-crossword/assets/js/pc_puzzle_crossword_front.js?ver=

HTML / DOM Fingerprints

CSS Classes

pc-crossword-gridpc-crossword-clue

HTML Comments

Data Attributes

data-crossword-iddata-clue-number

JS Globals

pc_crossword_settingspc_crossword_data

Shortcode Output

[ADVANCED_CROSSWORD id="1"]

FAQ