Does Agreeable have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Agreeable compatible with WordPress 4.2.39?

According to WordPress.org data, Agreeable 1.5 has been tested up to WordPress 4.2.39. Check the plugin's changelog for the latest compatibility information.

How often is Agreeable updated?

Agreeable was last updated on Apr 4, 2016. Frequent updates are generally a positive security signal.

What is Agreeable's security score?

Agreeable has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Agreeable Security & Risk Analysis

wordpress.org/plugins/agreeable

Add an "Agree to terms" check box on login, registration, or comment forms. Works with BuddyPress, bbPress and MultiSite.

900 active installs v1.5 PHP + WP 3.5+ Updated Apr 4, 2016

agreeconditionsrequireterms

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Agreeable Safe to Use in 2026?

Generally Safe

Score 85/100

Agreeable has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10yr ago

Risk Assessment

The "agreeable" plugin v1.5 exhibits a generally strong security posture based on the provided static analysis. The complete absence of identifiable attack surface points like AJAX handlers, REST API routes, shortcodes, and cron events is a significant positive. Furthermore, the plugin effectively utilizes prepared statements for all SQL queries, avoids dangerous functions, and demonstrates excellent output escaping with 90% of outputs properly handled. Nonce and capability checks are present, indicating an effort to secure operations.

However, a concern arises from the taint analysis, which identified one flow with unsanitized paths. While this did not escalate to critical or high severity, it represents a potential area where user-supplied data might not be sufficiently validated before being used in a sensitive operation, such as file system access or internal function calls. The plugin also makes a single external HTTP request, which, without further context, could be a minor risk if the target is untrusted or the request is not properly secured.

Notably, the plugin has no recorded vulnerabilities (CVEs), which suggests a history of stable and secure development. The lack of past issues is a strong indicator of good development practices. Overall, "agreeable" v1.5 appears to be a well-developed plugin with minimal apparent risks, the primary area for improvement being the single unsanitized path identified in the taint analysis.

Key Concerns

Taint flow with unsanitized paths
External HTTP request

Vulnerabilities

None known

Agreeable Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Agreeable Release Timeline

v1.5Current

v1.4

v1.3.5

v1.2

v0.3.2

v0.3.1

v0.3

v0.2.4

v0.2.3

v0.2.2

v0.2.1

v0.2

v0.1.2.1

v0.1.2

v0.1.1.5

v0.1.1.4

v0.1.1.3

v0.1.1.2

v0.1.1

Code Analysis

Analyzed Mar 16, 2026

Agreeable Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

28 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

90% escaped31 total outputs

Data Flows · Security

1 unsanitized

Data Flow Analysis

3 flows1 with unsanitized paths

update_options (agreeable.php:79)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Agreeable Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 19

actioninitagreeable.php:30

actionadmin_enqueue_scriptsagreeable.php:31

actionwp_enqueue_scriptsagreeable.php:32

actionlogin_enqueue_scriptsagreeable.php:33

actionadmin_menuagreeable.php:34

filterregistration_errorsagreeable.php:37

filterbp_signup_validateagreeable.php:38

filterwpmu_validate_user_signupagreeable.php:39

filterwp_authenticate_useragreeable.php:42

actionpre_comment_on_postagreeable.php:45

filterlogin_formagreeable.php:48

filterregister_formagreeable.php:49

filtercomment_form_after_fieldsagreeable.php:50

filtercomment_form_logged_in_afteragreeable.php:51

actionbp_before_registration_submit_buttonsagreeable.php:52

actiontml_register_formagreeable.php:53

actionbp_after_login_widget_loggedoutagreeable.php:54

actionsignup_extra_fieldsagreeable.php:158

actionsignup_blogformagreeable.php:159

Maintenance & Trust

Agreeable Maintenance & Trust

Maintenance Signals

WordPress version tested4.2.39

Last updatedApr 4, 2016

PHP min version

Downloads43K

Community Trust

Rating78/100

Number of ratings27

Active installs900

Alternatives

Agreeable Alternatives

LH Agree to Terms

lh-agree-to-terms

Add a HTML5 "Agree to terms" check box on login or registration forms.

900 No CVEs

Additional Terms for WooCommerce

woo-additional-terms

100

Improve your checkout process by adding an extra checkbox for terms and conditions. Keep track of acceptance to ensure transparency and security.

2K No CVEs

Complianz – Terms and Conditions

complianz-terms-conditions

100

Configure your own Terms and Conditions specific to your service or webshop.

300K No CVEs

iubenda | All-in-one Compliance for GDPR / CCPA Cookie Consent + more

iubenda-cookie-law-solution

The solution for GDPR compliance + more. Get your cookie banner, privacy policy, terms and conditions and handle cookie consent in just one plugin.

200K 4 CVEs

Legal Pages – Privacy Policy, Terms & Conditions, GDPR, CCPA, and Cookie Notice Generator

legal-pages

The best WordPress legal pages generator that comes with pre-made templates for GDPR, CCPA, DMCA, Privacy Policy, Terms & Conditions, Cookie Polic …

10K 7 CVEs

Developer Profile

Agreeable Developer Profile

buildcreate

1 plugin · 900 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Agreeable

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/agreeable/css/admin.css/wp-content/plugins/agreeable/css/magnific.css/wp-content/plugins/agreeable/css/front.css/wp-content/plugins/agreeable/js/magnific.js/wp-content/plugins/agreeable/js/agreeable.js

Script Paths

/wp-content/plugins/agreeable/js/magnific.js/wp-content/plugins/agreeable/js/agreeable.js

Version Parameters

agreeable-css?ver=magnific?ver=agreeable-js?ver=magnific-css?ver=agreeable-css?ver=

HTML / DOM Fingerprints

CSS Classes

agreeable-error-message

HTML Comments

Data Attributes

data-agreeable-terms-messagedata-agreeable-terms-pagedata-agreeable-lightbox-enabled

JS Globals

agreeable

FAQ