Does HD Quiz – Save Results Light have any unpatched vulnerabilities?

No. All known vulnerabilities in HD Quiz – Save Results Light have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is HD Quiz – Save Results Light compatible with WordPress 6.9.4?

According to WordPress.org data, HD Quiz – Save Results Light 0.7.3 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is HD Quiz – Save Results Light compatible with PHP 7.0+?

HD Quiz – Save Results Light requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is HD Quiz – Save Results Light updated?

HD Quiz – Save Results Light was last updated on Feb 6, 2026. Frequent updates are generally a positive security signal.

What is HD Quiz – Save Results Light's security score?

HD Quiz – Save Results Light has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

HD Quiz – Save Results Light Security & Risk Analysis

wordpress.org/plugins/hd-quiz-save-results-light

HD Quiz Save Results Light. Free addon for HD Quiz to save basic results of quizzes

1K active installs v0.7.3 PHP 7.0+ WP 5.0+ Updated Feb 6, 2026

harmonic-designhd-quizhdqhdquizsave-quiz-results

A · Safe

CVEs total1

Unpatched0

Last CVEOct 21, 2024

Plugin page Download

Safety Verdict

Is HD Quiz – Save Results Light Safe to Use in 2026?

Generally Safe

Score 99/100

HD Quiz – Save Results Light has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Oct 21, 2024Updated 1mo ago

Risk Assessment

The "hd-quiz-save-results-light" plugin, version 0.7.3, presents a mixed security posture. While it demonstrates good practices by exclusively using prepared statements for SQL queries and generally good output escaping (77%), there are significant concerns regarding its attack surface and authorization mechanisms. Two out of three AJAX handlers lack authentication checks, which could potentially expose sensitive functionality to unauthenticated users. The taint analysis revealing two flows with unsanitized paths, though not classified as critical or high severity, warrants attention as it indicates potential pathways for malicious input to be processed without adequate sanitization.

The plugin's vulnerability history shows one known CVE, which is currently unpatched. This is a concerning trend, especially considering the historical prevalence of "Missing Authorization" vulnerabilities. While the current unpatched status is 0, the pattern suggests a recurring issue that needs proactive attention. The plugin's strengths lie in its secure handling of database interactions and output. However, the presence of unprotected entry points and past authorization-related vulnerabilities detract from its overall security. A balanced view acknowledges its secure coding in certain areas but emphasizes the need to address the exposed AJAX endpoints and reinforce authorization checks.

Key Concerns

AJAX handlers without auth checks
Flows with unsanitized paths (taint analysis)
Total known CVEs (1)
Missing capability checks on one entry point

Vulnerabilities

HD Quiz – Save Results Light Security Vulnerabilities

CVEs by Year

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2024-49689medium · 4.3Missing Authorization

HD Quiz – Save Results Light <= 0.5 - Missing Authorization

Oct 21, 2024 Patched in 0.6 (10d)

Version History

HD Quiz – Save Results Light Release Timeline

v0.7.3Current

v0.7.2

v0.7.1

v0.7.0

v0.6.0

Code Analysis

Analyzed Mar 16, 2026

HD Quiz – Save Results Light Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

23 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

77% escaped30 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

3 flows2 with unsanitized paths

hdq_a_light_submit_action (includes\functions.php:14)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

HD Quiz – Save Results Light Attack Surface

Entry Points3

Unprotected2

AJAX Handlers 3

authwp_ajax_hdq_a_light_submit_actionincludes\functions.php:40

noprivwp_ajax_hdq_a_light_submit_actionincludes\functions.php:41

authwp_ajax_hdq_a_light_delete_resultsincludes\functions.php:222

WordPress Hooks 4

actionhdq_submitincludes\functions.php:11

actioninitindex.php:34

actionadmin_menuindex.php:44

actioninitindex.php:46

Maintenance & Trust

HD Quiz – Save Results Light Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 6, 2026

PHP min version7.0

Downloads20K

Community Trust

Rating80/100

Number of ratings4

Active installs1K

Alternatives

HD Quiz – Save Results Light Alternatives

No alternatives data available yet.

Developer Profile

HD Quiz – Save Results Light Developer Profile

Harmonic Design

6 plugins · 8K total installs

trust score

Avg Security Score

88/100

Avg Patch Time

205 days

View full developer profile

Detection Fingerprints

How We Detect HD Quiz – Save Results Light

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/hd-quiz-save-results-light/includes/css/hdq_a_light_admin_style.css/wp-content/plugins/hd-quiz-save-results-light/js/hdq_a_light_admin.js

Script Paths

/wp-content/plugins/hd-quiz-save-results-light/js/hdq_a_light_admin.js

Version Parameters

hdq_a_light_admin_style.css?v=hdq_a_light_admin.js?v=

HTML / DOM Fingerprints

CSS Classes

hdq_active_tabhdq_tab_contenthdq_tabhdq_srphdq_meta_formshdq_wrapperhdq_form_wrapperhdq_a_light_table

Data Attributes

data-hdq-content

JS Globals

HDQ_A_LIGHT_PLUGIN_VERSIONHDQ_SRL_MAX_RESULTS

FAQ