Does CardzNet – Multiplayer Card Games have any unpatched vulnerabilities?

No. All known vulnerabilities in CardzNet – Multiplayer Card Games have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is CardzNet – Multiplayer Card Games compatible with WordPress 6.3.8?

According to WordPress.org data, CardzNet – Multiplayer Card Games 2.5.1 has been tested up to WordPress 6.3.8. Check the plugin's changelog for the latest compatibility information.

How often is CardzNet – Multiplayer Card Games updated?

CardzNet – Multiplayer Card Games was last updated on Oct 13, 2023. Frequent updates are generally a positive security signal.

What is CardzNet – Multiplayer Card Games's security score?

CardzNet – Multiplayer Card Games has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

CardzNet – Multiplayer Card Games Security & Risk Analysis

wordpress.org/plugins/cardznet

The CardzNet plugin allows you to play cards over the internet

10 active installs v2.5.1 PHP + WP 5.0+ Updated Oct 13, 2023

card-gamesgamesnetworkpagesplaying-cards

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is CardzNet – Multiplayer Card Games Safe to Use in 2026?

Generally Safe

Score 85/100

CardzNet – Multiplayer Card Games has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2yr ago

Risk Assessment

The cardznet plugin v2.5.1 exhibits a generally strong security posture based on the provided static analysis and vulnerability history. The absence of known CVEs and a lack of critical taint analysis findings are positive indicators. The plugin also demonstrates good practices with a high percentage of SQL queries using prepared statements and a substantial number of capability checks, suggesting an effort to secure its functionality. The limited attack surface with all identified entry points having authentication checks further enhances its security. However, there are areas for improvement. The presence of 26 instances of the `unserialize` function, while not explicitly flagged as a taint flow issue, warrants caution as it can be a vector for deserialization vulnerabilities if improperly handled with untrusted input. Additionally, the 76% output escaping rate means that 24% of outputs are not properly escaped, which could lead to cross-site scripting (XSS) vulnerabilities if the unescaped data is user-controlled or originates from an untrusted source.

Key Concerns

Potential for unserialize vulnerabilities
Unescaped output detected

Vulnerabilities

None known

CardzNet – Multiplayer Card Games Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

CardzNet – Multiplayer Card Games Code Analysis

Dangerous Functions

Raw SQL Queries

91 prepared

Unescaped Output

25 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$roundMeta = unserialize($roundObj->roundMeta);games\wpcardznet_canasta.php:221

unserialize$cardsList = unserialize($hand->cardsList);games\wpcardznet_canasta.php:712

unserialize$cardsList = unserialize($hand->cardsList);games\wpcardznet_hearts.php:115

unserialize$cards = unserialize($trick->cardsList);games\wpcardznet_hearts.php:239

unserialize$trick->posns = unserialize($result->cardsList);games\wpcardznet_one_eyed_jacks.php:930

unserialize$trick->played = unserialize($result->playedList);games\wpcardznet_one_eyed_jacks.php:931

unserialize$settings = unserialize($settings);include\wpcardznetlib_dbase_api.php:930

unserialize$rtnVal = unserialize($sessionEntries[0]->sessionVal);include\wpcardznetlib_dbase_api.php:1701

unserialize$this->gameMetaArr = unserialize($this->currGameRec->gameMeta);include\wpcardznet_dbase_api.php:859

unserialize$this->gameMetaArr = unserialize($this->gameMeta);include\wpcardznet_dbase_api.php:1458

unserializereturn ($roundMeta != '') ? unserialize($roundMeta) : array();include\wpcardznet_dbase_api.php:1691

unserialize$deck = unserialize($results[0]->roundDeck);include\wpcardznet_dbase_api.php:1779

unserialize$cards = unserialize($lastRounds[0]->roundDeck);include\wpcardznet_dbase_api.php:1825

unserialize$cardsList = unserialize($results[0]->cardsList);include\wpcardznet_dbase_api.php:1924

unserialize$playersHand->cards = unserialize($playersHand->cardsList);include\wpcardznet_dbase_api.php:1965

unserialize$playersHand->played = unserialize($playersHand->playedList);include\wpcardznet_dbase_api.php:1966

unserialize$playersHand->handMetaDecode = ($playersHand->handMeta != '') ? unserialize($playersHand->handMeta) include\wpcardznet_dbase_api.php:1967

unserialize$playersHand->roundMetaDecode = ($playersHand->roundMeta != '') ? unserialize($playersHand->roundMetinclude\wpcardznet_dbase_api.php:1968

unserialize$cardsList[$src] = unserialize($hands[$src]->cardsList);include\wpcardznet_dbase_api.php:2006

unserialize$playedList[$src] = unserialize($hands[$src]->playedList);include\wpcardznet_dbase_api.php:2007

unserialize$results[0]->cardsListArr = unserialize($results[0]->cardsList);include\wpcardznet_dbase_api.php:2114

unserialize$results[0]->cardsListArr = unserialize($results[0]->cardsList);include\wpcardznet_dbase_api.php:2129

unserialize$results[$index]->cardsListArr = unserialize($results[$index]->cardsList);include\wpcardznet_dbase_api.php:2167

unserialize$results[0]->cardsListArr = unserialize($results[0]->cardsList);include\wpcardznet_dbase_api.php:2183

unserialize$results[$index]->gameOpts = unserialize($results[$index]->gameMeta);include\wpcardznet_dbase_api.php:2576

unserialize$currOpts = unserialize($lastGameDetails[0]->gameMeta);include\wpcardznet_tabletop.php:303

SQL Query Safety

98% prepared93 total queries

Output Escaping

76% escaped33 total outputs

Attack Surface

CardzNet – Multiplayer Card Games Attack Surface

Entry Points3

Unprotected0

AJAX Handlers 2

authwp_ajax_wpcardznet_ajax_requestwpcardznet.php:75

noprivwp_ajax_wpcardznet_ajax_requestwpcardznet.php:76

Shortcodes 1

[wpcardznet] wpcardznet.php:79

WordPress Hooks 18

filterwpcardznet_filter_oneeyedjackcards\Large-Print\wpcardznet_cards.php:42

filterwpcardznet_filter_twoeyedjackcards\Large-Print\wpcardznet_cards.php:43

filterwpcardznet_filter_ActiveRoundgames\wpcardznet_canasta.php:188

filterwpcardznet_filter_ActiveGamegames\wpcardznet_canasta.php:189

actionwp_mail_succeededinclude\wpcardznetlib_htmlemail_api.php:392

actionwp_mail_failedinclude\wpcardznetlib_htmlemail_api.php:395

actionphpmailer_initinclude\wpcardznetlib_htmlemail_api.php:399

actionphpmailer_initinclude\wpcardznetlib_htmlemail_api.php:400

actionphpmailer_initinclude\wpcardznetlib_htmlemail_api.php:404

filterwp_mail_frominclude\wpcardznetlib_htmlemail_api.php:408

filterwp_mail_from_nameinclude\wpcardznetlib_htmlemail_api.php:409

filterwp_mail_content_typeinclude\wpcardznetlib_htmlemail_api.php:410

filtersafe_style_cssinclude\wpcardznetlib_utils.php:96

actionadmin_menuwpcardznet.php:64

actionwp_print_styleswpcardznet.php:66

actionwp_print_scriptswpcardznet.php:67

actionadmin_enqueue_scriptswpcardznet.php:69

filterthe_contentwpcardznet.php:72

Maintenance & Trust

CardzNet – Multiplayer Card Games Maintenance & Trust

Maintenance Signals

WordPress version tested6.3.8

Last updatedOct 13, 2023

PHP min version

Downloads3K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

CardzNet – Multiplayer Card Games Alternatives

Playing Card Notations

playing-card-notations-pcn

Use a simple shortcode to present playing cards in your WordPress blog.

50 No CVEs

CDN Bull

cdn-bull

100

Enable CDN URLs for your static assets such as images, CSS or JavaScript files.

20 No CVEs

Multisite Post Cloner

multisite-post-cloner

Multisite Post Cloner allows you to clone posts and pages across sites in your WordPress multisite network.

10 No CVEs

Toggle Admin Bar Menu

toggle-admin-bar-menu

Replaces the WordPress admin bar menu with a compact menu icon. Clicking the icon toggles the visibility of the full admin bar.

10 No CVEs

LiteSpeed Cache

litespeed-cache

All-in-one unbeatable acceleration & PageSpeed improvement: caching, image/CSS/JS optimization...

7.0M 18 CVEs

Developer Profile

CardzNet – Multiplayer Card Games Developer Profile

Malcolm

2 plugins · 10 total installs

trust score

Avg Security Score

93/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect CardzNet – Multiplayer Card Games

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/cardznet/css/wpcardznet.css/wp-content/plugins/cardznet/js/wpcardznetlib_js.js/wp-content/plugins/cardznet/js/wpcardznetlib_fullscreen.js/wp-content/plugins/cardznet/js/wpcardznet.js/wp-content/plugins/cardznet/admin/css/wpcardznet-admin.css/wp-content/plugins/cardznet/admin/js/wpcardznetlib_admin.js/wp-content/plugins/cardznet/admin/js/wpcardznet_admin.js

HTML / DOM Fingerprints

CSS Classes

wpcardznetlib-jswpcardznetlib-fullscreenwpcardznet-jswpcardznet-adminwpcardznetlib_adminwpcardznet_admin

JS Globals

WPCardzNetLibUtilsClassWPCardzNetAdminDBaseClassWPCardzNetLibDevCallerClass

Shortcode Output

[wpcardznet][wpcardznet-shortcode]

FAQ