Does Dima Take Action have any unpatched vulnerabilities?

Yes — Dima Take Action currently has 1 unpatched vulnerability. We recommend switching to an alternative or applying any available workarounds.

Is Dima Take Action compatible with WordPress 4.9.29?

According to WordPress.org data, Dima Take Action 1.0.5 has been tested up to WordPress 4.9.29. Check the plugin's changelog for the latest compatibility information.

How often is Dima Take Action updated?

Dima Take Action was last updated on Aug 6, 2018. Frequent updates are generally a positive security signal.

What is Dima Take Action's security score?

Dima Take Action has a WP-Safety security score of 64/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Dima Take Action Security & Risk Analysis

wordpress.org/plugins/dima-take-action

Easily lets you add a Top/Buttom Banner to display a notification and promotion.

300 active installs v1.0.5 PHP + WP 4.0+ Updated Aug 6, 2018

bannerbottom-bardima-take-actiontop-barwordpress-notification-bar

C · Use Caution

CVEs total1

Unpatched1

Last CVEApr 1, 2025

Plugin page Download

Safety Verdict

Is Dima Take Action Safe to Use in 2026?

Use With Caution

Score 64/100

Dima Take Action has 1 unpatched vulnerability. Evaluate alternatives or apply available mitigations.

1 known CVE 1 unpatched Last CVE: Apr 1, 2025Updated 7yr ago

Risk Assessment

The dima-take-action plugin v1.0.5 presents a mixed security posture. On the positive side, all identified AJAX entry points have authentication checks, and SQL queries are exclusively performed using prepared statements, indicating good practices in these areas. The plugin also correctly implements nonce checks for all its AJAX handlers. However, significant concerns arise from the static analysis. A substantial portion of output (49%) is not properly escaped, creating a risk of Cross-Site Scripting (XSS) vulnerabilities. Furthermore, taint analysis revealed multiple flows with unsanitized paths, even though they were not classified as critical or high severity, this still indicates potential for input validation weaknesses.

The plugin's vulnerability history is a major concern. It has a known unpatched medium severity CVE from April 2025, specifically an XSS vulnerability. This, combined with the static analysis findings related to output escaping and unsanitized paths, strongly suggests a pattern of input sanitization and output escaping deficiencies. While the plugin demonstrates some strong security controls, the unpatched CVE and the static analysis indicators of potential XSS and path manipulation vulnerabilities necessitate caution.

Key Concerns

Unpatched CVE: 1 medium
Significant portion of output unescaped
Flows with unsanitized paths found

Vulnerabilities

Dima Take Action Security Vulnerabilities

CVEs by Year

1 CVE in 2025 · unpatched

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-31742medium · 4.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Dima Take Action <= 1.0.5 - Authenticated (Administrator+) Stored Cross-Site Scripting

Apr 1, 2025Unpatched

Code Analysis

Analyzed Mar 16, 2026

Dima Take Action Code Analysis

Dangerous Functions

Raw SQL Queries

7 prepared

Unescaped Output

417

436 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared7 total queries

Output Escaping

51% escaped853 total outputs

Data Flows

4 unsanitized

Data Flow Analysis

7 flows4 with unsanitized paths

save_network_page (admin\redux-framework\ReduxCore\framework.php:594)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Dima Take Action Attack Surface

Entry Points5

Unprotected0

AJAX Handlers 5

noprivwp_ajax_redux_padmin\redux-framework\ReduxCore\inc\class.p.php:7

authwp_ajax_redux_padmin\redux-framework\ReduxCore\inc\class.p.php:8

authwp_ajax_redux_hide_admin_noticeadmin\redux-framework\ReduxCore\inc\class.redux_admin_notices.php:32

authwp_ajax_redux_allow_trackingadmin\redux-framework\ReduxCore\inc\tracking.php:510

authwp_ajax_redux_support_hashadmin\redux-framework\ReduxCore\inc\welcome\welcome.php:25

WordPress Hooks 69

actionredux/page/dima_ta_demo/enqueueadmin\class-dima-take-action-admin.php:123

actionwp_loadedadmin\redux-framework\class.redux-plugin.php:170

actionwpmu_new_blogadmin\redux-framework\class.redux-plugin.php:173

actionadmin_noticesadmin\redux-framework\class.redux-plugin.php:176

filterplugin_row_metaadmin\redux-framework\class.redux-plugin.php:179

actionactivated_pluginadmin\redux-framework\class.redux-plugin.php:181

actionredux/loadedadmin\redux-framework\pixeldima\pixeldima-config.php:648

actionadmin_menuadmin\redux-framework\pixeldima\pixeldima-config.php:769

actionwp_dashboard_setupadmin\redux-framework\ReduxCore\core\dashboard.php:13

actionredux/initadmin\redux-framework\ReduxCore\framework.php:30

actionadmin_menuadmin\redux-framework\ReduxCore\framework.php:354

actionnetwork_admin_menuadmin\redux-framework\ReduxCore\framework.php:358

actionadmin_bar_menuadmin\redux-framework\ReduxCore\framework.php:362

actionadmin_initadmin\redux-framework\ReduxCore\framework.php:368

actionadmin_initadmin\redux-framework\ReduxCore\framework.php:373

actionadmin_noticesadmin\redux-framework\ReduxCore\framework.php:378

actionadmin_initadmin\redux-framework\ReduxCore\framework.php:381

actionadmin_enqueue_scriptsadmin\redux-framework\ReduxCore\framework.php:385

actionwp_headadmin\redux-framework\ReduxCore\framework.php:391

actionwp_enqueue_scriptsadmin\redux-framework\ReduxCore\framework.php:392

actionlogin_headadmin\redux-framework\ReduxCore\framework.php:397

actionlogin_enqueue_scriptsadmin\redux-framework\ReduxCore\framework.php:398

actionadmin_headadmin\redux-framework\ReduxCore\framework.php:403

actionadmin_enqueue_scriptsadmin\redux-framework\ReduxCore\framework.php:404

actionwp_print_scriptsadmin\redux-framework\ReduxCore\framework.php:408

actionadmin_enqueue_scriptsadmin\redux-framework\ReduxCore\framework.php:409

actionadmin_bar_menuadmin\redux-framework\ReduxCore\framework.php:417

actionadmin_headadmin\redux-framework\ReduxCore\framework.php:1735

filteradmin_footer_textadmin\redux-framework\ReduxCore\framework.php:1738

actionafter_setup_themeadmin\redux-framework\ReduxCore\inc\class.redux_api.php:47

actioninitadmin\redux-framework\ReduxCore\inc\class.redux_api.php:48

actionswitch_themeadmin\redux-framework\ReduxCore\inc\class.redux_api.php:49

actionredux/constructadmin\redux-framework\ReduxCore\inc\class.redux_instances.php:60

actioncustomize_registeradmin\redux-framework\ReduxCore\inc\extensions\customizer\extension_customizer.php:113

actionwp_headadmin\redux-framework\ReduxCore\inc\extensions\customizer\extension_customizer.php:118

actioncustomize_save_afteradmin\redux-framework\ReduxCore\inc\extensions\customizer\extension_customizer.php:122

actioncustomize_controls_print_scriptsadmin\redux-framework\ReduxCore\inc\extensions\customizer\extension_customizer.php:125

actioncustomize_controls_initadmin\redux-framework\ReduxCore\inc\extensions\customizer\extension_customizer.php:127

filterupload_mimesadmin\redux-framework\ReduxCore\inc\extensions\import_export\extension_import_export.php:97

filterredux/font-iconsadmin\redux-framework\ReduxCore\inc\fields\select\elusive-icons.php:312

actionadmin_enqueue_scriptsadmin\redux-framework\ReduxCore\inc\themecheck\class.redux_themecheck.php:74

actionadmin_enqueue_scriptsadmin\redux-framework\ReduxCore\inc\themecheck\class.redux_themecheck.php:75

actionthemecheck_checks_loadedadmin\redux-framework\ReduxCore\inc\themecheck\class.redux_themecheck.php:77

actionthemecheck_checks_loadedadmin\redux-framework\ReduxCore\inc\themecheck\class.redux_themecheck.php:78

actionadmin_enqueue_scriptsadmin\redux-framework\ReduxCore\inc\tracking.php:81

actionadmin_enqueue_scriptsadmin\redux-framework\ReduxCore\inc\tracking.php:83

actionredux_trackingadmin\redux-framework\ReduxCore\inc\tracking.php:100

actionadmin_print_footer_scriptsadmin\redux-framework\ReduxCore\inc\tracking.php:110

actionadmin_print_footer_scriptsadmin\redux-framework\ReduxCore\inc\tracking.php:119

filterredux/tracking/optionsadmin\redux-framework\ReduxCore\inc\tracking.php:486

actioninitadmin\redux-framework\ReduxCore\inc\validation\unique_slug\validation_unique_slug.php:60

actionredux/loadedadmin\redux-framework\ReduxCore\inc\welcome\welcome.php:23

actionadmin_menuadmin\redux-framework\ReduxCore\inc\welcome\welcome.php:35

filteradmin_footer_textadmin\redux-framework\ReduxCore\inc\welcome\welcome.php:41

actionadmin_headadmin\redux-framework\ReduxCore\inc\welcome\welcome.php:42

actioninitadmin\redux-framework\ReduxCore\inc\welcome\welcome.php:91

actionplugins_loadedincludes\class-dima-take-action.php:142

actionadmin_enqueue_scriptsincludes\class-dima-take-action.php:157

actionadmin_enqueue_scriptsincludes\class-dima-take-action.php:158

actionwp_enqueue_scriptsincludes\class-dima-take-action.php:173

actionwp_enqueue_scriptsincludes\class-dima-take-action.php:174

actioninitincludes\class-pixeldima-base.php:24

actionplugins_loadedincludes\class-pixeldima-base.php:25

actionadmin_initincludes\class-pixeldima-base.php:29

actionadmin_menuincludes\class-pixeldima-base.php:30

filterplugin_action_linksincludes\class-pixeldima-base.php:31

actionwp_enqueue_scriptsincludes\class-pixeldima-base.php:33

actionwp_enqueue_scriptsincludes\class-pixeldima-base.php:34

actionwp_headpublic\class-dima-take-action-public.php:66

Scheduled Events 1

redux_tracking

Maintenance & Trust

Dima Take Action Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29

Last updatedAug 6, 2018

PHP min version

Downloads14K

Community Trust

Rating0/100

Number of ratings0

Active installs300

Alternatives

Dima Take Action Alternatives

WPFront Notification Bar

wpfront-notification-bar

Easily lets you create a bar on top or bottom to display a notification.

50K 4 CVEs

Simple Site Notice – Top Bar & Bottom Bar

simple-site-notice

100

Display a customizable notification bar at the top or bottom of your site. Perfect for notices, promotions, or announcements.

20 No CVEs

Top Bar

top-bar

Simply the easiest way to add a topbar to your website. Create a notification bar in no-time and show a message and a button to your visitors.

20K 3 CVEs

Easy Notification Bar

easy-notification-bar

100

A simple plugin for displaying a notice at the top of your website that can be closed by the visitor. Completely free and minimal without any upsells.

9K No CVEs

Notibar – Notification Bar for WordPress

notibar

Customizer for sticky header, notification bar, alert, promo code, marketing campaign, top banner

8K 3 CVEs

Developer Profile

Dima Take Action Developer Profile

PixelDima

2 plugins · 400 total installs

trust score

Avg Security Score

75/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Dima Take Action

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/dima-take-action/css/dima-take-action-admin.css/wp-content/plugins/dima-take-action/js/dima-take-action-admin.js

Version Parameters

dima-take-action-admin.js?ver=dima-take-action-admin.css?ver=

HTML / DOM Fingerprints

FAQ