Does HD Quiz – Limit Attempts have any unpatched vulnerabilities?

No. All known vulnerabilities in HD Quiz – Limit Attempts have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is HD Quiz – Limit Attempts compatible with WordPress 6.7.5?

According to WordPress.org data, HD Quiz – Limit Attempts 0.6.1 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is HD Quiz – Limit Attempts compatible with PHP 5.6.0+?

HD Quiz – Limit Attempts requires PHP 5.6.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is HD Quiz – Limit Attempts updated?

HD Quiz – Limit Attempts was last updated on Feb 18, 2025. Frequent updates are generally a positive security signal.

What is HD Quiz – Limit Attempts's security score?

HD Quiz – Limit Attempts has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

HD Quiz – Limit Attempts Security & Risk Analysis

wordpress.org/plugins/hd-quiz-limit-attempts

HD Quiz Limit Attempts. Free addon for HD Quiz to limit how many times quizzes can be taken

200 active installs v0.6.1 PHP 5.6.0+ WP 6.0+ Updated Feb 18, 2025

questionnairequizquizesquizzes

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is HD Quiz – Limit Attempts Safe to Use in 2026?

Generally Safe

Score 92/100

HD Quiz – Limit Attempts has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The "hd-quiz-limit-attempts" v0.6.1 plugin exhibits a generally good security posture due to its consistent use of prepared statements for SQL queries and a high percentage of properly escaped output. The absence of known vulnerabilities and critical taint flows further contributes to this positive assessment. However, a significant concern arises from the presence of 3 out of 4 AJAX handlers that lack authentication checks. This creates a substantial attack surface where unauthorized users could potentially trigger plugin functionality, leading to unexpected behavior or denial of service. The plugin also only implements a single nonce check, which is insufficient given the number of AJAX handlers present.

While the plugin's code signals indicate a good overall implementation of secure coding practices, the unprotected AJAX endpoints represent a clear and present risk. The lack of historical vulnerabilities suggests the developers may have been cautious, but this does not mitigate the identified code-level weaknesses. Therefore, while the plugin is not inherently insecure, the exposed AJAX handlers demand immediate attention to prevent potential exploitation.

Key Concerns

AJAX handlers without auth checks
Insufficient nonce checks

Vulnerabilities

None known

HD Quiz – Limit Attempts Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

HD Quiz – Limit Attempts Release Timeline

v0.6.1Current

v0.6.0

v0.5.0

Code Analysis

Analyzed Mar 16, 2026

HD Quiz – Limit Attempts Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

131 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

97% escaped135 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

hdq_a_limit_attempts_save_settings (includes\functions.php:26)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

3 unprotected

HD Quiz – Limit Attempts Attack Surface

Entry Points4

Unprotected3

AJAX Handlers 4

authwp_ajax_hdq_a_limit_attempts_save_settingsincludes\functions.php:46

authwp_ajax_hdq_a_limit_results_get_userincludes\functions.php:125

noprivwp_ajax_hdq_a_limit_results_get_userincludes\functions.php:126

authwp_ajax_hdq_a_limit_results_update_userincludes\functions.php:158

WordPress Hooks 15

filteruser_can_richedithdfields\classes\fields.php:866

filterhd_contenthdfields\classes\sanitize.php:286

filterhd_contenthdfields\classes\sanitize.php:287

filterhd_contenthdfields\classes\sanitize.php:288

filterhd_contenthdfields\classes\sanitize.php:289

filterhd_contenthdfields\classes\sanitize.php:290

filterhd_contenthdfields\classes\sanitize.php:291

actionhdq_afterincludes\functions.php:86

actionhdq_submitincludes\functions.php:94

actionedit_user_profileincludes\functions.php:239

actionshow_user_profileincludes\functions.php:240

actionedit_user_profile_updateincludes\functions.php:251

actionpersonal_options_updateincludes\functions.php:252

actioninitindex.php:30

actionadmin_menuindex.php:45

Maintenance & Trust

HD Quiz – Limit Attempts Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedFeb 18, 2025

PHP min version5.6.0

Downloads4K

Community Trust

Rating0/100

Number of ratings0

Active installs200

Alternatives

HD Quiz – Limit Attempts Alternatives

Quiz Maker

quiz-maker

QUIZ MAKER plugin allows you to make an unlimited number of Quizzes, Exams and Tests

20K 22 CVEs

HD Quiz

hd-quiz

Create a Quiz. An easy-to-use feature rich plugin to create quizzes with quiz timer, pagination, hints, advanced marking, and leading help and support

7K 4 CVEs

Quiz Cat – WordPress Quiz Plugin

quiz-cat

Quiz Cat Lets You Create Beautiful Viral BuzzFeed-style Quizzes That Drive Social Shares & User Engagement. Set It Up In 2 Minutes.

5K 1 CVE

Woorise – Landing Pages, Forms & Surveys

woorise

100

Create landing pages, forms, surveys, quizzes and viral giveaways.

2K No CVEs

Chained Quiz

chained-quiz

Create a quiz where the next question depends on the answer to the previous question. Final quiz results depend on the amount of collected points.

1K 24 CVEs

Developer Profile

HD Quiz – Limit Attempts Developer Profile

Harmonic Design

6 plugins · 8K total installs

trust score

Avg Security Score

88/100

Avg Patch Time

205 days

View full developer profile

Detection Fingerprints

How We Detect HD Quiz – Limit Attempts

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/hd-quiz-limit-attempts/scripts/hdq_a_limit_results_1_8_x.js/wp-content/plugins/hd-quiz-limit-attempts/scripts/hdq_a_limit_results.js

Version Parameters

hdq_a_limit_attempts/scripts/hdq_a_limit_results_1_8_x.js?ver=hdq_a_limit_attempts/scripts/hdq_a_limit_results.js?ver=

HTML / DOM Fingerprints

CSS Classes

hdq_a_limit_results_user_profilehdq_a_limit_results_user_quiz_item

HTML Comments

general HDQ Addon Limit Attempts functionsInclude main filesCreate HD Quiz Results light Settings pageAddon for HD Quiz to limit how many times a user can take quizzes+10 more

Data Attributes

data-hdq_a_limit_results_quiziddata-hdq_a_limit_results_user_id

JS Globals

HDQ_A_LIMIT_RESULTS_MODEHDQ_A_LIMIT_RESULTS_DESCRIPTIONHDQ_A_LIMIT_RESULTS_MAX_ATTEMPTSHDQ_A_IS_LOGGED_INHDQ_A_LIMIT_RESULTS_QUIZ_IDHDQ_A_LIMIT_RESULTS_ATTEMPTS+1 more

REST Endpoints

/wp-json/hdq_a_limit_attempts/v1/save/wp-json/hdq_a_limit_attempts/v1/get_user/wp-json/hdq_a_limit_attempts/v1/update_user

FAQ