Does Achievements sports league have any unpatched vulnerabilities?

No. All known vulnerabilities in Achievements sports league have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Achievements sports league compatible with WordPress 6.8.5?

According to WordPress.org data, Achievements sports league 1.7 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Achievements sports league compatible with PHP 7.4+?

Achievements sports league requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Achievements sports league updated?

Achievements sports league was last updated on Jan 28, 2026. Frequent updates are generally a positive security signal.

What is Achievements sports league's security score?

Achievements sports league has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Achievements sports league Security & Risk Analysis

wordpress.org/plugins/joomsport-achievements

Sports plugin for motor racing, athletics, aquatics, gymnastics, golf, running, cycling, skiing, poker and similar sports. Manage your league with us!

200 active installs v1.7 PHP 7.4+ WP 4.0+ Updated Jan 28, 2026

athleticsmotosportolympic-gamesracingsports

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Achievements sports league Safe to Use in 2026?

Generally Safe

Score 100/100

Achievements sports league has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago

Risk Assessment

The "joomsport-achievements" v1.7 plugin exhibits a concerning security posture, primarily due to a significant number of unprotected entry points. All four identified AJAX handlers lack authentication checks, creating a substantial attack surface that could be exploited by unauthenticated users. While the plugin demonstrates some good practices, such as the presence of nonce and capability checks, their effectiveness is undermined by the absence of similar checks on all AJAX endpoints. The code analysis also reveals a notable percentage of SQL queries (59%) that do not utilize prepared statements, posing a risk of SQL injection vulnerabilities, though the taint analysis did not reveal critical or high-severity unsanitized flows.

The plugin's vulnerability history is currently clean, with no recorded CVEs. This absence of historical issues is a positive sign, suggesting a potential for responsible development or perhaps a lack of prior deep security scrutiny. However, the lack of historical vulnerabilities should not overshadow the immediate risks identified in the static analysis. The combination of a wide open attack surface via unprotected AJAX handlers and the prevalence of non-prepared SQL queries presents a tangible threat that requires immediate attention, despite the otherwise clean vulnerability record.

Key Concerns

4 unprotected AJAX handlers
SQL queries without prepared statements
Low percentage of properly escaped output

Vulnerabilities

None known

Achievements sports league Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Achievements sports league Code Analysis

Dangerous Functions

Raw SQL Queries

36 prepared

Unescaped Output

206

99 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

jQuery

SQL Query Safety

41% prepared87 total queries

Output Escaping

32% escaped305 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

8 flows2 with unsanitized paths

jsarch_update_option (includes\joomsport-achievments-admin-install.php:638)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

4 unprotected

Achievements sports league Attack Surface

Entry Points4

Unprotected4

AJAX Handlers 4

authwp_ajax_jsarch-updoptionincludes\joomsport-achievments-admin-install.php:637

authwp_ajax_jsarch-senddeactivationincludes\joomsport-achievments-admin-install.php:647

authwp_ajax_stageadf_filtersincludes\posts\joomsport-achievments-post-stage.php:19

authwp_ajax_achvstage_seasonmodalincludes\posts\joomsport-achievments-post-stage.php:20

WordPress Hooks 32

actionadmin_enqueue_scriptsincludes\3d\gallery-metabox-master\gallery.php:14

actionadd_meta_boxesincludes\3d\gallery-metabox-master\gallery.php:30

actionsave_postincludes\3d\gallery-metabox-master\gallery.php:70

actionadmin_menuincludes\joomsport-achievments-admin-install.php:22

actionadmin_enqueue_scriptsincludes\joomsport-achievments-admin-install.php:62

actionadmin_enqueue_scriptsincludes\joomsport-achievments-admin-install.php:63

actioninitincludes\joomsport-achievments-admin-install.php:501

actionwp_enqueue_scriptsincludes\joomsport-achievments-admin-install.php:502

actioninitincludes\joomsport-achievments-admin-install.php:504

filtercustom_menu_orderincludes\joomsport-achievments-admin-install.php:513

filterparent_fileincludes\joomsport-achievments-admin-install.php:592

actionadmin_footerincludes\joomsport-achievments-admin-install.php:635

actioninitincludes\joomsport-achievments-admin-install.php:682

actioninitincludes\joomsport-achievments-post-types.php:11

actioninitincludes\joomsport-achievments-post-types.php:12

filterthe_contentincludes\joomsport-achievments-templates.php:12

filterset-screen-optionincludes\pages\joomsport-achievments-page-extrafields.php:208

filterset-screen-optionincludes\pages\joomsport-achievments-page-resultfields.php:175

filterset-screen-optionincludes\pages\joomsport-achievments-page-stages.php:197

actionadmin_initincludes\posts\joomsport-achievments-post-player.php:18

actionedit_form_after_titleincludes\posts\joomsport-achievments-post-player.php:19

actionsave_postincludes\posts\joomsport-achievments-post-player.php:70

actionadmin_initincludes\posts\joomsport-achievments-post-season.php:19

actionedit_form_after_titleincludes\posts\joomsport-achievments-post-season.php:20

actionsave_postincludes\posts\joomsport-achievments-post-season.php:75

actionwp_trash_postincludes\posts\joomsport-achievments-post-season.php:84

actionadmin_initincludes\posts\joomsport-achievments-post-stage.php:18

actionedit_form_after_titleincludes\posts\joomsport-achievments-post-stage.php:22

actionsave_postincludes\posts\joomsport-achievments-post-stage.php:80

actionadd_meta_boxesincludes\taxonomies\joomsport-achievments-taxonomy-league.php:55

actionsave_postincludes\taxonomies\joomsport-achievments-taxonomy-league.php:56

actionjoomsport_matchday_pre_add_formincludes\taxonomies\joomsport-achievments-taxonomy-league.php:157

Maintenance & Trust

Achievements sports league Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedJan 28, 2026

PHP min version7.4

Downloads11K

Community Trust

Rating100/100

Number of ratings6

Active installs200

Alternatives

Achievements sports league Alternatives

Motorsports Calendar Widget

motorsports-calendar-widget

Add customizable countdown widgets for various motorsport series to your WordPress site.

10 No CVEs

SportsPress – Sports Club & League Manager

sportspress

SportsPress is an extendable all-in-one sports data plugin that helps sports clubs set up and manage a league or club site quickly and easily.

10K 6 CVEs

SportsPress for Football (Soccer)

sportspress-for-soccer

SportsPress for Football is an extension for SportsPress, an all-in-one sports data plugin that helps sports clubs set up a football website.

6K No CVEs

DecaLog

decalog

Capture and log events, metrics and traces on your site. Make WordPress observable - finally!

1K 2 CVEs

JoomSport – for Sports: Team & League, Football, Hockey & more

joomsport-sports-league-results-management

Create PRO sports website for your club, sports team or sports league! Soccer, Football, Hockey, Basketball, Volleyball, Handball, eSport & others.

1K 9 CVEs

Developer Profile

Achievements sports league Developer Profile

beardev

3 plugins · 1K total installs

trust score

Avg Security Score

94/100

Avg Patch Time

456 days

View full developer profile

Detection Fingerprints

How We Detect Achievements sports league

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/joomsport-achievements/includes/3d/gallery-metabox-master/css/gallery-metabox.css/wp-content/plugins/joomsport-achievements/includes/3d/gallery-metabox-master/js/gallery-metabox.js

HTML / DOM Fingerprints

CSS Classes

gallery-addgallery-metabox-listimage-preview

Data Attributes

data-uploader-titledata-uploader-button-text

FAQ