Does Hello Dalek have any unpatched vulnerabilities?

No. All known vulnerabilities in Hello Dalek have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Hello Dalek compatible with WordPress 4.1.42?

According to WordPress.org data, Hello Dalek 1.0 has been tested up to WordPress 4.1.42. Check the plugin's changelog for the latest compatibility information.

How often is Hello Dalek updated?

Hello Dalek was last updated on Mar 27, 2015. Frequent updates are generally a positive security signal.

What is Hello Dalek's security score?

Hello Dalek has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Hello Dalek Security & Risk Analysis

wordpress.org/plugins/hello-dalek

Dr. Who quotes. Presented in the same fashion as hello Dolly.

10 active installs v1.0 PHP + WP 3.9+ Updated Mar 27, 2015

dalekfirst-doctorhellowho

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Hello Dalek Safe to Use in 2026?

Generally Safe

Score 85/100

Hello Dalek has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11yr ago

Risk Assessment

The 'hello-dalek' plugin v1.0 exhibits a generally good security posture based on the provided static analysis. The plugin has no known CVEs and an absence of dangerous functions or SQL queries not using prepared statements is a positive sign. The lack of file operations and external HTTP requests also reduces potential attack vectors. However, a significant concern arises from the fact that 100% of its total outputs are not properly escaped. This indicates a high risk of Cross-Site Scripting (XSS) vulnerabilities, where malicious scripts could be injected and executed in users' browsers. Additionally, the complete absence of nonce checks and capability checks on its entry points means that any potential functionality, if it were to exist, would be unprotected against unauthorized access or manipulation.

Key Concerns

Outputs are not properly escaped
No nonce checks on entry points
No capability checks on entry points

Vulnerabilities

None known

Hello Dalek Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Hello Dalek Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped2 total outputs

Attack Surface

Hello Dalek Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 2

actionadmin_noticeshello-dalek.php:68

actionadmin_headhello-dalek.php:87

Maintenance & Trust

Hello Dalek Maintenance & Trust

Maintenance Signals

WordPress version tested4.1.42

Last updatedMar 27, 2015

PHP min version

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Hello Dalek Alternatives

Hello Plus

hello-plus

100

Hello+ is a free WordPress plugin designed to work seamlessly with Elementor’s Hello suite of themes.

80K No CVEs

Advanced Custom Fields: Gravity Forms Add-on

acf-gravityforms-add-on

100

Provides an Advanced Custom Field which allows a WordPress user to select a Gravity Form as part of a field group configuration.

30K No CVEs

Wholesale Suite – B2B, Dynamic Pricing & WooCommerce Wholesale Prices

woocommerce-wholesale-prices

WooCommerce wholesale plugin for serving wholesale & B2B customers. Adds wholesale pricing, user roles, dynamic pricing & more.

20K 6 CVEs

B2BKing — Ultimate WooCommerce B2B and Wholesale Solution — Dynamic Pricing, Wholesale Order Form & More

b2bking-wholesale-for-woocommerce

B2BKing is the complete solution for running a Wholesale, B2B or B2B + B2C hybrid store with WooCommerce.

10K 2 CVEs

Lenix Leads Collector

lenix-elementor-leads-addon

Leads Collector, Collects forms entries from Elementor,Cf7,WPForms and more with export to CSV.

10K 1 CVE

Developer Profile

Hello Dalek Developer Profile

Nikhil Vimal

4 plugins · 40 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Hello Dalek

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

Data Attributes

id='dalek'

Shortcode Output

<p id='dalek'>

FAQ