Digioh Forms, Popups, Quizzes, Surveys, Abandon Cart Security & Risk Analysis
wordpress.org/plugins/digiohTurn visitors into customers with a suite of list growth and conversion rate optimization tools that drive revenue. Supports WooCommerce.
Is Digioh Forms, Popups, Quizzes, Surveys, Abandon Cart Safe to Use in 2026?
Generally Safe
Score 85/100Digioh Forms, Popups, Quizzes, Surveys, Abandon Cart has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The Digioh plugin v1.1.2 presents a mixed security posture. On the positive side, the plugin demonstrates excellent output escaping practices and avoids making external HTTP requests, which are common vectors for vulnerabilities. The absence of any recorded vulnerabilities or CVEs in its history is a strong indicator of a well-maintained and secure codebase.
However, the static analysis reveals significant concerns. The presence of SQL queries without prepared statements is a notable risk, as it can lead to SQL injection vulnerabilities if the data used in the query is not properly sanitized. Furthermore, the taint analysis indicates flows with unsanitized paths, although they are not classified as critical or high severity. The complete lack of nonce and capability checks across all entry points (AJAX, REST API, shortcodes, cron) is a major security weakness, leaving these potential entry points vulnerable to unauthorized access and manipulation.
In conclusion, while the plugin's history and output escaping are commendable, the identified SQL query and taint flow issues, coupled with the alarming absence of any authorization or security checks on its entry points, indicate a substantial risk. These oversights could be exploited to perform unauthorized actions or manipulate data, despite the lack of historical vulnerability data.
Key Concerns
- Raw SQL query without prepared statements
- Taint flow with unsanitized path (low severity)
- Taint flow with unsanitized path (low severity)
- No capability checks on entry points
- No nonce checks on AJAX handlers
Digioh Forms, Popups, Quizzes, Surveys, Abandon Cart Security Vulnerabilities
Digioh Forms, Popups, Quizzes, Surveys, Abandon Cart Code Analysis
SQL Query Safety
Output Escaping
Data Flow Analysis
Digioh Forms, Popups, Quizzes, Surveys, Abandon Cart Attack Surface
WordPress Hooks 7
Maintenance & Trust
Digioh Forms, Popups, Quizzes, Surveys, Abandon Cart Maintenance & Trust
Maintenance Signals
Community Trust
Digioh Forms, Popups, Quizzes, Surveys, Abandon Cart Alternatives
Woorise – Landing Pages, Forms & Surveys
woorise
Create landing pages, forms, surveys, quizzes and viral giveaways.
Yay! Forms
yayforms
Embed custom forms, surveys, and quizzes into your WordPress site with ease.
Email Marketing for WordPress and WooCommerce – Retainful
retainful
Email marketing, newsletters for WordPress and WooCommerce. Send newsletters and campaigns, recover abandoned carts, signup forms, and more
Release0
release0
Develop sophisticated chat experiences effortlessly, no coding required.
Logic Hop Personalization for Gravity Forms Add-on
logic-hop-personalization-for-gravity-forms-add-on
The Logic Hop Personalization for Gravity Forms Add-on brings the power of personalization to WordPress with Gravity Forms.
Digioh Forms, Popups, Quizzes, Surveys, Abandon Cart Developer Profile
1 plugin · 60 total installs
How We Detect Digioh Forms, Popups, Quizzes, Surveys, Abandon Cart
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/digioh/templates/javascript.txthttps://www.lightboxcdn.com/vendor/lightbox_speed.jslightbox_inline.jsHTML / DOM Fingerprints
id="digioh_compatability_tag"