Does GolfSoc have any unpatched vulnerabilities?

No. All known vulnerabilities in GolfSoc have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is GolfSoc compatible with WordPress 6.7.5?

According to WordPress.org data, GolfSoc 1.6.0.1 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

How often is GolfSoc updated?

GolfSoc was last updated on Unknown. Frequent updates are generally a positive security signal.

What is GolfSoc's security score?

GolfSoc has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

GolfSoc Security & Risk Analysis

wordpress.org/plugins/golf-society

The GolfSoc plugin provides player, score and handicap management for Golf Societies

0 active installs v1.6.0.1 PHP + WP 3.0+ Updated Unknown

competitiongolf

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is GolfSoc Safe to Use in 2026?

Generally Safe

Score 100/100

GolfSoc has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The golf-society plugin v1.6.0.1 exhibits a generally good security posture, with a strong emphasis on secure coding practices. The absence of any known CVEs, critical taint flows, and the extensive use of prepared statements for SQL queries are significant strengths. The plugin also demonstrates a robust implementation of capability checks, which is crucial for WordPress security. However, the presence of the `unserialize` function, even with a relatively small number of instances, introduces a potential risk. While taint analysis found no unsanitized paths, the inherent dangers of unserialization remain a concern, as it can lead to object injection vulnerabilities if not handled with extreme caution and input validation. The plugin's vulnerability history is clean, which is a positive indicator, but it's important to remain vigilant as future vulnerabilities can still emerge. Overall, the plugin is well-developed from a security standpoint, with the primary area for potential improvement being the careful handling or elimination of the `unserialize` function.

Key Concerns

Dangerous function 'unserialize' used

Vulnerabilities

None known

GolfSoc Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

GolfSoc Code Analysis

Dangerous Functions

Raw SQL Queries

109 prepared

Unescaped Output

16 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$settings = unserialize($settings);include\golfsoclib_dbase_api.php:992

unserialize$rtnVal = unserialize($sessionEntries[0]->sessionVal);include\golfsoclib_dbase_api.php:1794

SQL Query Safety

99% prepared110 total queries

Output Escaping

70% escaped23 total outputs

Attack Surface

GolfSoc Attack Surface

Entry Points2

Unprotected0

AJAX Handlers 2

authwp_ajax_golfsoc_ajax_requestgolfsoc_main.php:72

noprivwp_ajax_golfsoc_ajax_requestgolfsoc_main.php:73

WordPress Hooks 23

actionadmin_menugolfsoc_main.php:59

actionwp_print_stylesgolfsoc_main.php:61

actionwp_print_scriptsgolfsoc_main.php:62

actionadmin_enqueue_scriptsgolfsoc_main.php:64

filteruser_contactmethodsgolfsoc_main.php:66

actionlogin_enqueue_scriptsgolfsoc_main.php:75

filterlogin_headerurlgolfsoc_main.php:76

filterlogin_headertextgolfsoc_main.php:77

filterhttp_api_transportsgolfsoc_main.php:81

actionwp_loadedgolfsoc_main.php:85

actionwp_mail_succeededinclude\golfsoclib_htmlemail_api.php:392

actionwp_mail_failedinclude\golfsoclib_htmlemail_api.php:395

actionphpmailer_initinclude\golfsoclib_htmlemail_api.php:399

actionphpmailer_initinclude\golfsoclib_htmlemail_api.php:400

actionphpmailer_initinclude\golfsoclib_htmlemail_api.php:404

filterwp_mail_frominclude\golfsoclib_htmlemail_api.php:408

filterwp_mail_from_nameinclude\golfsoclib_htmlemail_api.php:409

filterwp_mail_content_typeinclude\golfsoclib_htmlemail_api.php:410

actioninitinclude\golfsoclib_login.php:37

actionafter_password_resetinclude\golfsoclib_login.php:38

actionwp_logoutinclude\golfsoclib_login.php:39

filterretrieve_password_messageinclude\golfsoclib_login.php:41

filtersafe_style_cssinclude\golfsoclib_utils.php:96

Maintenance & Trust

GolfSoc Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedUnknown

PHP min version

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

GolfSoc Alternatives

Giveaways and Contests by RafflePress – Get More Website Traffic, Email Subscribers, and Social Followers

rafflepress

The best WordPress giveaway plugin. Grow your email list, website traffic, and social media followers with viral contests, giveaways, and sweepstakes.

30K 11 CVEs

Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe

contest-gallery

JPG, PNG, MP4, MP3, PDF, ZIP & more. Create voting & uploading galleries for photos & media. Social Share, User Registration & Sell via PayPal/Stripe.

1K 36 CVEs

Simple Giveaways – Grow your business, email lists and traffic with contests

giveasap

Create a Simple Giveaway or Giveaways and grow your email list. Embed them in a post or in a sidebar to increase the conversion.

500 1 unpatched

EntryWizard

entrywizard

100

Uploading by logged-in users of sets of image files and associated data. Administrators design the upload form, and download the images and data.

100 No CVEs

EWZ-Rating

ewz-rating

100

Companion plugin to EntryWizard, for display and judging of the uploaded images.

50 No CVEs

Developer Profile

GolfSoc Developer Profile

Malcolm

2 plugins · 10 total installs

trust score

Avg Security Score

93/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect GolfSoc

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/golf-society/admin/css/golfsoc-admin.css/wp-content/plugins/golf-society/admin/js/golfsoc-admin.js/wp-content/plugins/golf-society/admin/js/golfsoclib_admin.js/wp-content/plugins/golf-society/admin/js/golfsoc-addscores.js/wp-content/plugins/golf-society/admin/js/datetimepicker_css.js/wp-content/plugins/golf-society/js/golfsoclib_js.js/wp-content/plugins/golf-society/js/golfsoc.js/wp-content/plugins/golf-society/css/golfsoc.css

Script Paths

js/golfsoclib_js.jsjs/golfsoc.jsadmin/css/golfsoc-admin.cssadmin/js/golfsoc-admin.jsadmin/js/golfsoclib_admin.jsadmin/js/golfsoc-addscores.js+1 more

Version Parameters

golfsoc-css?ver=golfsoc-admin-css?ver=golfsoc-admin-js?ver=golfsoclib_admin-js?ver=golfsoc-addscores-js?ver=golfsoc-dtpicker-js?ver=golfsoclib-lib?ver=golfsoc-lib?ver=

HTML / DOM Fingerprints

CSS Classes

golfsoc_main_formgolfsoc_score_listgolfsoc_member_listgolfsoc_competition_list

HTML Comments

Data Attributes

data-golfsoc-action

JS Globals

GolfSoc_Globals

REST Endpoints

/wp-json/golfsoc/v1/settings/wp-json/golfsoc/v1/members/wp-json/golfsoc/v1/competitions/wp-json/golfsoc/v1/scores

Shortcode Output

[golfsoc_home][golfsoc_competitions]

FAQ