Does Chessgame Shizzle have any unpatched vulnerabilities?

No. All known vulnerabilities in Chessgame Shizzle have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Chessgame Shizzle compatible with WordPress 6.9.4?

According to WordPress.org data, Chessgame Shizzle 1.3.4 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Chessgame Shizzle compatible with PHP 7.0+?

Chessgame Shizzle requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Chessgame Shizzle updated?

Chessgame Shizzle was last updated on Jan 10, 2026. Frequent updates are generally a positive security signal.

What is Chessgame Shizzle's security score?

Chessgame Shizzle has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Chessgame Shizzle Security & Risk Analysis

wordpress.org/plugins/chessgame-shizzle

Chessgame Shizzle is a nice way to integrate chessgames into your WordPress website. Ideal for chess clubs, your chess blog, or any chess related webs …

100 active installs v1.3.4 PHP 7.0+ WP 4.1+ Updated Jan 10, 2026

chesschessgamechessgamespgnpgn4web

A · Safe

CVEs total1

Unpatched0

Last CVENov 22, 2024

Plugin page Download

Safety Verdict

Is Chessgame Shizzle Safe to Use in 2026?

Generally Safe

Score 99/100

Chessgame Shizzle has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Nov 22, 2024Updated 2mo ago

Risk Assessment

The "chessgame-shizzle" v1.3.4 plugin exhibits a generally good security posture, with all identified entry points (AJAX handlers, shortcodes) appearing to have authentication or permission checks. The plugin demonstrates strong adherence to WordPress security best practices, with a high percentage of properly escaped output and a significant number of nonce checks, indicating a conscious effort to prevent common vulnerabilities. The absence of external HTTP requests and dangerous functions further bolsters its security.

However, the taint analysis reveals a notable concern: four flows with unsanitized paths. While the static analysis didn't flag these as critical or high severity, unsanitized paths can lead to various vulnerabilities, including path traversal or information disclosure, depending on how they are handled in the code. The plugin's history of a medium-severity Cross-site Scripting (XSS) vulnerability, though now patched, also suggests a past weakness in input sanitization or output escaping that needs continued vigilance.

In conclusion, "chessgame-shizzle" v1.3.4 is a reasonably secure plugin with robust authentication and escaping mechanisms. The primary area of concern lies in the four unsanitized paths identified in the taint analysis, which warrant further code review to ensure they do not present exploitable risks. The past XSS vulnerability, while resolved, serves as a reminder to maintain strict sanitization and escaping practices throughout the plugin's lifecycle.

Key Concerns

Unsanitized paths found in taint analysis
Past medium severity XSS vulnerability
SQL queries using prepared statements (33%)

Vulnerabilities

Chessgame Shizzle Security Vulnerabilities

CVEs by Year

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2024-11446medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Chessgame Shizzle <= 1.3.0 - Reflected Cross-Site Scripting

Nov 22, 2024 Patched in 1.3.1 (1d)

Code Analysis

Analyzed Mar 16, 2026

Chessgame Shizzle Code Analysis

Dangerous Functions

Raw SQL Queries

1 prepared

Unescaped Output

299 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

33% prepared3 total queries

Output Escaping

81% escaped370 total outputs

Data Flows

4 unsanitized

Data Flow Analysis

11 flows4 with unsanitized paths

chessgame_shizzle_handle_bulk_admin_notice (admin\cs-list-table-featured-image.php:115)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Chessgame Shizzle Attack Surface

Entry Points16

Unprotected0

AJAX Handlers 11

authwp_ajax_chessgame_shizzle_fen_ajaxadmin\cs-ajax-mfen.php:92

authwp_ajax_chessgame_shizzle_fen_image_ajaxfrontend\cs-ajax-mfen.php:10

noprivwp_ajax_chessgame_shizzle_fen_image_ajaxfrontend\cs-ajax-mfen.php:11

authwp_ajax_chessgame_shizzle_simple_list_searchfrontend\cs-shortcode-simple-list-search.php:107

noprivwp_ajax_chessgame_shizzle_simple_list_searchfrontend\cs-shortcode-simple-list-search.php:108

authwp_ajax_chessgame_shizzle_lesson_ajaxfunctions\cs-ajax-lesson.php:10

noprivwp_ajax_chessgame_shizzle_lesson_ajaxfunctions\cs-ajax-lesson.php:11

authwp_ajax_chessgame_shizzle_lesson_ajax_postidfunctions\cs-ajax-lesson.php:151

noprivwp_ajax_chessgame_shizzle_lesson_ajax_postidfunctions\cs-ajax-lesson.php:152

authwp_ajax_chessgame_shizzle_lesson_ajax_searchfunctions\cs-ajax-lesson.php:220

noprivwp_ajax_chessgame_shizzle_lesson_ajax_searchfunctions\cs-ajax-lesson.php:221

Shortcodes 5

[chessgame_shizzle_game] frontend\cs-shortcode-chessgame.php:35

[chessgame_shizzle_game_extended] frontend\cs-shortcode-chessgame.php:66

[chessgame_shizzle_form] frontend\cs-shortcode-form.php:424

[chessgame_shizzle_lessons] frontend\cs-shortcode-lessons.php:17

[chessgame_shizzle_simple_list] frontend\cs-shortcode-simple-list.php:144

WordPress Hooks 43

actionadmin_footeradmin\cs-ajax-mfen.php:10

actionadmin_enqueue_scriptsadmin\cs-hooks.php:22

filterbulk_actions-edit-cs_chessgameadmin\cs-list-table-featured-image.php:25

filterhandle_bulk_actions-edit-cs_chessgameadmin\cs-list-table-featured-image.php:107

actionadmin_noticesadmin\cs-list-table-featured-image.php:133

actionadmin_footeradmin\cs-menu-counter.php:39

actionadmin_menuadmin\cs-meta-box-preview.php:18

actionadmin_menuadmin\cs-meta-box.php:35

actionsave_postadmin\cs-meta-box.php:422

filteris_protected_metaadmin\cs-meta-box.php:465

actionadmin_menuadmin\cs-page-about.php:95

actionadmin_menuadmin\cs-page-export.php:15

actionadmin_initadmin\cs-page-export.php:228

actionadmin_menuadmin\cs-page-import.php:324

actionadmin_menuadmin\cs-page-lessons.php:42

actionadmin_menuadmin\cs-page-settings.php:13

actioninitchessgame-shizzle-hooks.php:17

filterplugin_action_linkschessgame-shizzle-hooks.php:31

actioninitchessgame-shizzle-hooks.php:61

actionwpmu_new_blogchessgame-shizzle-hooks.php:75

actionwp_initialize_sitechessgame-shizzle-hooks.php:90

actionwp_enqueue_scriptsfrontend\cs-hooks.php:41

filterrequestfrontend\cs-request-posttype.php:29

actionpre_get_postsfrontend\cs-request-posttype.php:52

actionwpfrontend\cs-shortcode-form-post.php:21

actionwidgets_initfrontend\widgets\cs-widget-featured-chessgame.php:155

actionwidgets_initfrontend\widgets\cs-widget-newest-chessgame.php:122

actionwidgets_initfrontend\widgets\cs-widget-recent-chessgames.php:138

actionwidgets_initfrontend\widgets\cs-widget-search.php:114

actionsave_postfunctions\cs-cache.php:64

actiondelete_postfunctions\cs-cache.php:65

filterthe_contentfunctions\cs-content-filters.php:45

filterthe_contentfunctions\cs-content-filters.php:113

filterthe_contentfunctions\cs-content-filters.php:272

actionchessgame_shizzle_save_frontendfunctions\cs-mail.php:95

actionsave_postfunctions\cs-post-meta.php:46

filteris_protected_metafunctions\cs-post-meta.php:66

actioninitfunctions\cs-post-meta.php:142

actioninitfunctions\cs-post-types.php:119

filterdefault_contentfunctions\cs-post-types.php:137

actionadmin_initfunctions\cs-privacy.php:27

actionadmin_initfunctions\cs-settings.php:30

actionwp_enqueue_scriptsthirdparty\pgn4web\cs-pgn4web.php:35

Maintenance & Trust

Chessgame Shizzle Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 10, 2026

PHP min version7.0

Downloads15K

Community Trust

Rating94/100

Number of ratings3

Active installs100

Alternatives

Chessgame Shizzle Alternatives

Embed Chessboard

embed-chessboard

Allows for the insertion of a chessboard displaying chess games within wordpress articles.

600 1 unpatched

RPB Chessboard

rpb-chessboard

100

This plugin allows you to typeset and display chess diagrams and PGN-encoded chess games.

1K No CVEs

PgnViewerJS

pgnviewerjs-wp

100

Integration of @mliebelt/pgn-viewer into WordPress (formarly named PGNViewerJS).

50 No CVEs

pgn-viewer-for-lichess

Integration of lichess-pgn-viewer into WordPress.

40 No CVEs

Chess Game Viewer

chess-game-viewer-control-panel

The Chess Game Viewer Control Panel is the easiest way to add a customizable chess board to your blog.

30 No CVEs

Developer Profile

Chessgame Shizzle Developer Profile

Marcel Pol

18 plugins · 82K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

1119 days

View full developer profile

Detection Fingerprints

How We Detect Chessgame Shizzle

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/chessgame-shizzle/css/chessgame-shizzle-admin.css/wp-content/plugins/chessgame-shizzle/thirdparty/pgn4web/css/pgn4web.css/wp-content/plugins/chessgame-shizzle/thirdparty/pgn4web/css/ui-lightness/jquery-ui-1.10.3.custom.min.css/wp-content/plugins/chessgame-shizzle/thirdparty/pgn4web/css/chessboard-0.3.0.css/wp-content/plugins/chessgame-shizzle/thirdparty/pgn4web/css/pgn4web.css

Script Paths

/wp-content/plugins/chessgame-shizzle/thirdparty/pgn4web/js/pgn4web.min.js/wp-content/plugins/chessgame-shizzle/thirdparty/pgn4web/js/chessboard-0.3.0.js/wp-content/plugins/chessgame-shizzle/thirdparty/pgn4web/js/jquery-ui-1.10.3.custom.min.js/wp-content/plugins/chessgame-shizzle/thirdparty/pgn4web/js/pgn4web.js/wp-content/plugins/chessgame-shizzle/thirdparty/chessParser/cs-chessparser.js

Version Parameters

chessgame-shizzle/css/chessgame-shizzle-admin.css?ver=chessgame-shizzle/thirdparty/pgn4web/css/pgn4web.css?ver=chessgame-shizzle/thirdparty/pgn4web/css/ui-lightness/jquery-ui-1.10.3.custom.min.css?ver=chessgame-shizzle/thirdparty/pgn4web/css/chessboard-0.3.0.css?ver=chessgame-shizzle/thirdparty/pgn4web/css/pgn4web.css?ver=chessgame-shizzle/thirdparty/pgn4web/js/pgn4web.min.js?ver=chessgame-shizzle/thirdparty/pgn4web/js/chessboard-0.3.0.js?ver=chessgame-shizzle/thirdparty/pgn4web/js/jquery-ui-1.10.3.custom.min.js?ver=chessgame-shizzle/thirdparty/pgn4web/js/pgn4web.js?ver=chessgame-shizzle/thirdparty/chessParser/cs-chessparser.js?ver=

HTML / DOM Fingerprints

CSS Classes

cs-chessgame-shizzlecs-playercs-player-btn-playcs-player-btn-pausecs-player-btn-forwardcs-player-btn-backwardcs-player-btn-restart

HTML Comments

<!-- TODO: Add tag taxonomy for ECO codes. Or use a page with wp_query for meta. Or shortcode [opening_explorer]. Model after A-Z listings. -->

+42 more

Data Attributes

data-cs-iddata-cs-pgn

JS Globals

cs_chessgame_shizzle

FAQ