WP-Safety

JaJaDi Training Security & Risk Analysis

wordpress.org/plugins/jajadi-training

With this plugin you can add training and courses to your WordPress site.

10 active installs v0.5.7 PHP + WP 3.0.1+ Updated Apr 25, 2014
calendarcourseposttrainingwidget
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is JaJaDi Training Safe to Use in 2026?

Generally Safe

Score 85/100

JaJaDi Training has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11yr ago
Risk Assessment

The "jajadi-training" v0.5.7 plugin exhibits a generally strong security posture based on the provided static analysis. The absence of any known CVEs and the complete reliance on prepared statements for SQL queries are significant strengths. The plugin also appears to implement nonce and capability checks, which are fundamental security practices. However, the low percentage of properly escaped output (24%) is a notable concern. This indicates a substantial risk of Cross-Site Scripting (XSS) vulnerabilities, as user-supplied data might be rendered directly into the page without adequate sanitization.

The static analysis reveals the presence of the `create_function` dangerous function, which, while not an immediate vulnerability on its own, is considered a deprecated and potentially risky practice that can lead to security issues if not handled with extreme care. The fact that there are no identified taint flows or unsanitized paths is positive, suggesting that currently, there are no detectable exploitable paths from user input to sensitive operations. However, this could also be due to the limited scope of the taint analysis performed.

Given the lack of historical vulnerabilities, it's difficult to draw strong conclusions about past security patterns. The current version appears to be free from known critical security flaws based on the provided data. The primary area for improvement lies in the output escaping mechanisms to mitigate XSS risks. Overall, while the plugin demonstrates good intent with prepared statements and auth checks, the insufficient output escaping leaves it vulnerable to common web attacks.

Key Concerns

  • Low percentage of properly escaped output (24%)
  • Presence of dangerous function 'create_function'
Vulnerabilities
None known

JaJaDi Training Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

JaJaDi Training Code Analysis

Dangerous Functions
1
Raw SQL Queries
0
0 prepared
Unescaped Output
35
11 escaped
Nonce Checks
1
Capability Checks
1
File Operations
0
External Requests
0
Bundled Libraries
0

Dangerous Functions Found

create_functionadd_action( 'widgets_init', create_function('', 'return register_widget("jajadi_TrainingenWidget");'jajadi-training-widget.php:107

Output Escaping

24% escaped46 total outputs
Attack Surface

JaJaDi Training Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 22
actionadd_meta_boxesjajadi-custombox.php:10
actionsave_postjajadi-custombox.php:15
filterrequestjajadi-training-functions.php:311
actionadmin_menujajadi-training-settings.php:3
actionadmin_initjajadi-training-settings.php:11
actionwidgets_initjajadi-training-widget.php:107
filtermanage_jajadi_training_posts_columnsjajadi-training.php:33
actionmanage_jajadi_training_posts_custom_columnjajadi-training.php:34
filtermanage_edit-jajadi_training_sortable_columnsjajadi-training.php:35
actionload-edit.phpjajadi-training.php:39
filtermanage_jajadi_course_posts_columnsjajadi-training.php:45
actionmanage_jajadi_course_posts_custom_columnjajadi-training.php:46
filterpost_updated_messagesjajadi-training.php:61
filterpost_updated_messagesjajadi-training.php:62
actionadmin_headjajadi-training.php:64
actioninitjajadi-training.php:65
actioncontextual_helpjajadi-training.php:66
actionafter_switch_themejajadi-training.php:67
actionplugins_loadedjajadi-training.php:68
filterthe_contentjajadi-training.php:73
actioninitjajadi-training.php:74
actionafter_setup_themejajadi-training.php:75
Maintenance & Trust

JaJaDi Training Maintenance & Trust

Maintenance Signals

WordPress version tested3.9.40
Last updatedApr 25, 2014
PHP min version
Downloads3K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

JaJaDi Training Alternatives

Blog Post Calendar Widget

Blog Post Calendar Widget

blog-post-calendar-widget

A
85

The Blog Posts Calendar Widget allows you to display your archived or future posts in a calendar as a sidebar widget.

100 No CVEs
CPT Calender Widget for WordPress

CPT Calender Widget for WordPress

cpt-calender-widget

A
85

Create Custom Post and and select CPT from dropdown.

100 No CVEs
Drafts

Drafts

drafts

A
85

A WordPress plugin to quickly and easily view all your recent draft posts.

0 No CVEs
Elementor Custom Skin

Elementor Custom Skin

ele-custom-skin

A
92

Create new skins for Elementor PRO 3.x page builder. Design your own skins for Post and Post Archive Widgets using Elementor Loop Templates.

100K No CVEs
Recent Posts Widget With Thumbnails

Recent Posts Widget With Thumbnails

recent-posts-widget-with-thumbnails

A
100

List the most recent posts with post titles, thumbnails, excerpts, authors, categories, dates and more!

100K No CVEs
Developer Profile

JaJaDi Training Developer Profile

DoubelJ

3 plugins · 120 total installs

87
trust score
Avg Security Score
90/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect JaJaDi Training

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/jajadi-training/style.css

HTML / DOM Fingerprints

HTML Comments
<!-- Only run our customization on the 'edit.php' page in the admin. --><!-- Common actions --><!-- Register the post type - Training --><!-- ATTENTION: This is *only* done during plugin activation hook! -->+4 more
Data Attributes
data-iddata-title
FAQ

Frequently Asked Questions about JaJaDi Training