Does CPM All in one Poll have any unpatched vulnerabilities?

No. All known vulnerabilities in CPM All in one Poll have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is CPM All in one Poll compatible with WordPress 4.3.34?

According to WordPress.org data, CPM All in one Poll 1.0 has been tested up to WordPress 4.3.34. Check the plugin's changelog for the latest compatibility information.

How often is CPM All in one Poll updated?

CPM All in one Poll was last updated on Aug 25, 2015. Frequent updates are generally a positive security signal.

What is CPM All in one Poll's security score?

CPM All in one Poll has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

CPM All in one Poll Security & Risk Analysis

wordpress.org/plugins/cpm-all-in-one-responsive-poll

CPM All in One Poll is an awesome plugin that lets you create Polls with 7 different chart types, and is fully translatable.

10 active installs v1.0 PHP + WP 4.0.0+ Updated Aug 25, 2015

bar-graphdoughnutpie-chartpollsresponsive-poll

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is CPM All in one Poll Safe to Use in 2026?

Generally Safe

Score 85/100

CPM All in one Poll has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10yr ago

Risk Assessment

The cpm-all-in-one-responsive-poll plugin version 1.0 presents a significant security concern due to its lack of proper input validation and authorization checks on its entry points. While the plugin demonstrates good practices by avoiding dangerous functions, performing SQL queries exclusively with prepared statements, and not making external HTTP requests, these strengths are overshadowed by critical weaknesses.

The static analysis reveals two unprotected AJAX handlers, which are direct pathways for attackers to interact with the plugin's functionality without any form of authentication or authorization. This creates a substantial risk of unauthorized actions being performed. Furthermore, none of the 62 output points are properly escaped, indicating a high probability of Cross-Site Scripting (XSS) vulnerabilities, allowing attackers to inject malicious scripts into the site.

Although the plugin has no recorded vulnerability history, this does not guarantee future safety. The absence of security audits and the presence of basic security oversights like unescaped output and unprotected AJAX handlers suggest that vulnerabilities are likely to exist and may not have been discovered or reported. The plugin's overall security posture is poor, with critical flaws that need immediate attention.

Key Concerns

AJAX handlers without auth checks
Output not properly escaped
No nonce checks
Limited capability checks observed

Vulnerabilities

None known

CPM All in one Poll Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

CPM All in one Poll Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Select2

Output Escaping

0% escaped62 total outputs

Attack Surface

2 unprotected

CPM All in one Poll Attack Surface

Entry Points3

Unprotected2

AJAX Handlers 2

authwp_ajax_cpm_poll_vote_actionadmin.php:106

noprivwp_ajax_cpm_poll_vote_actionadmin.php:107

Shortcodes 1

[cpm_wp_poll] includes\frontend.php:38

WordPress Hooks 22

actionadmin_menuadmin.php:6

actionadmin_initadmin.php:8

actionadmin_head-post-new.phpadmin.php:195

actionadmin_head-post.phpadmin.php:196

filterget_sample_permalink_htmladmin.php:202

filterpage_row_actionsadmin.php:215

filterenter_title_hereadmin.php:233

actionadmin_bar_menuadmin.php:237

filterpost_updated_messagesadmin.php:271

filtermanage_cpm_wp_poll_posts_columnsadmin.php:277

actionmanage_cpm_wp_poll_posts_custom_columnadmin.php:283

actioninitincludes\backend.php:33

actionwidgets_initincludes\backend.php:41

actionadd_meta_boxesincludes\backend.php:105

actionsave_postincludes\backend.php:197

actionadd_meta_boxesincludes\backend.php:251

actiontemplate_redirectincludes\frontend.php:6

actionwp_enqueue_scriptsmedia.php:24

actionadmin_enqueue_scriptsmedia.php:50

actionadmin_enqueue_scriptsmedia.php:52

filtercpm_wp_poll_pointers-cpm_wp_pollmedia.php:93

filtercpm_wp_poll_pointers-cpm_wp_pollmedia.php:112

Maintenance & Trust

CPM All in one Poll Maintenance & Trust

Maintenance Signals

WordPress version tested4.3.34

Last updatedAug 25, 2015

PHP min version

Downloads2K

Community Trust

Rating84/100

Number of ratings5

Active installs10

Alternatives

CPM All in one Poll Alternatives

TP PieBuilder

tp-piebuilder

Allow user to manipulate data on pie chart on your site with TP PieBuilder.

600 No CVEs

Simple Poll

smp-simple-poll

The Simple Poll is a voting poll system into your post, pages and everywhere in website by just a shortcode. Add poll system to your post by placing s …

10 No CVEs

Crowdsignal Forms

crowdsignal-forms

The Crowdsignal Forms plugin allows you to create and manage polls right from within the block editor.

100K 1 unpatched

Crowdsignal Dashboard – Polls, Surveys & more

polldaddy

Manage your Crowdsignal polls, surveys, quizzes, and ratings directly from the WordPress dashboard.

100K 9 CVEs

WP-Polls

wp-polls

Adds an AJAX poll system to your WordPress blog. You can also easily add a poll into your WordPress's blog post/page.

40K 6 CVEs

Developer Profile

CPM All in one Poll Developer Profile

Utsav Singh Rathour

2 plugins · 110 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect CPM All in one Poll

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/cpm-all-in-one-responsive-poll/media/js/Chart.min.js/wp-content/plugins/cpm-all-in-one-responsive-poll/media/js/cpm-poll-init.js/wp-content/plugins/cpm-all-in-one-responsive-poll/media/css/cpm-wp-default.css/wp-content/plugins/cpm-all-in-one-responsive-poll/media/js/cpm-poll-frontend-init.js/wp-content/plugins/cpm-all-in-one-responsive-poll/media/js/chart-maker.js/wp-content/plugins/cpm-all-in-one-responsive-poll/media/js/cpm_wp_poll_ajax_call.js/wp-content/plugins/cpm-all-in-one-responsive-poll/media/css/progressbar.css/wp-content/plugins/cpm-all-in-one-responsive-poll/media/css/colorpicker.css+6 more

Script Paths

/wp-content/plugins/cpm-all-in-one-responsive-poll/media/js/Chart.min.js/wp-content/plugins/cpm-all-in-one-responsive-poll/media/js/cpm-poll-init.js/wp-content/plugins/cpm-all-in-one-responsive-poll/media/js/cpm-poll-frontend-init.js/wp-content/plugins/cpm-all-in-one-responsive-poll/media/js/chart-maker.js/wp-content/plugins/cpm-all-in-one-responsive-poll/media/js/cpm_wp_poll_ajax_call.js/wp-content/plugins/cpm-all-in-one-responsive-poll/media/js/colorpicker.js+3 more

Version Parameters

/wp-content/plugins/cpm-all-in-one-responsive-poll/media/js/cpm-poll-init.js?ver=1.0.0

HTML / DOM Fingerprints

CSS Classes

cpm-poll-allow-multiplecpm-wp-chart-type

Data Attributes

data-targetdata-optionsdata-edgedata-aligndata-content

JS Globals

proMessageajax_objectcpmpollPointerpoll_post_type

FAQ