WP-Safety

Likert Survey Master Security & Risk Analysis

wordpress.org/plugins/likert-survey-master

Quickly create "Likert scale" surveys and get results with charts. /*** License This program is free software: you can redistribute it and …

60 active installs v0.8.0.1 PHP + WP 5.0+ Updated Apr 4, 2023
likert-surveysurvey
63
C · Use Caution
CVEs total1
Unpatched1
Last CVESep 20, 2025
Plugin page Download
Safety Verdict

Is Likert Survey Master Safe to Use in 2026?

Use With Caution

Score 63/100

Likert Survey Master has 1 unpatched vulnerability. Evaluate alternatives or apply available mitigations.

1 known CVE 1 unpatched Last CVE: Sep 20, 2025Updated 3yr ago
Risk Assessment

The likert-survey-master plugin v0.8.0.1 exhibits a mixed security posture. While it demonstrates a strong adherence to secure SQL practices by utilizing prepared statements for 96% of its queries, and avoids file operations and external HTTP requests, significant concerns remain. The presence of two unprotected AJAX handlers exposes a considerable attack surface, making it susceptible to unauthorized actions. Furthermore, a high number of unsanitized tainted flows, all classified as high severity, indicate a substantial risk of Cross-Site Scripting (XSS) vulnerabilities. The plugin's history, marked by a known medium severity CVE related to XSS, further amplifies these concerns. The recent nature of this CVE (2025-09-20) suggests a recurring vulnerability pattern and a potential lack of robust input validation. While the plugin's strengths lie in its SQL handling and avoidance of other risky practices, the unprotected entry points and the prevalence of high-severity taint flows, coupled with past XSS issues, present a notable risk to WordPress installations.

Key Concerns

  • Unprotected AJAX handlers
  • High severity unsanitized taint flows
  • Unpatched medium severity CVE
  • Low percentage of properly escaped output
  • No capability checks on AJAX
Vulnerabilities
1

Likert Survey Master Security Vulnerabilities

CVEs by Year

1 CVE in 2025 · unpatched
2025
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2025-53426medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Likert Survey Master <= 0.8.0.1 - Reflected Cross-Site Scripting

Sep 20, 2025Unpatched
Code Analysis
Analyzed Mar 16, 2026

Likert Survey Master Code Analysis

Dangerous Functions
0
Raw SQL Queries
5
112 prepared
Unescaped Output
73
44 escaped
Nonce Checks
7
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

96% prepared117 total queries

Output Escaping

38% escaped117 total outputs
Data Flows
11 unsanitized

Data Flow Analysis

16 flows11 with unsanitized paths
create (controllers\main.php:6)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

Likert Survey Master Attack Surface

Entry Points4
Unprotected2

AJAX Handlers 2

authwp_ajax_likertm_ajaxlikert-survey.php:137
noprivwp_ajax_likertm_ajaxlikert-survey.php:138

Shortcodes 2

[likertm] likert-survey.php:141
[likertm-barchart] likert-survey.php:142
WordPress Hooks 8
actioninitlikert-survey.php:27
actionadmin_menulikert-survey.php:134
actionwp_enqueue_scriptslikert-survey.php:135
filterlikertm_contentlikert-survey.php:201
filterlikertm_contentlikert-survey.php:202
filterlikertm_contentlikert-survey.php:203
filterlikertm_contentlikert-survey.php:204
filterlikertm_contentlikert-survey.php:205
Maintenance & Trust

Likert Survey Master Maintenance & Trust

Maintenance Signals

WordPress version tested6.2.9
Last updatedApr 4, 2023
PHP min version
Downloads4K

Community Trust

Rating74/100
Number of ratings3
Active installs60
Alternatives

Likert Survey Master Alternatives

Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form Builder

Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form Builder

formidable

B
76

The most advanced WordPress forms plugin. Go beyond contact forms with our drag and drop form builder for surveys, quizzes, and more.

300K 23 CVEs
UserFeedback – Create Interactive Feedback Form, User Surveys, and Polls in Seconds

UserFeedback – Create Interactive Feedback Form, User Surveys, and Polls in Seconds

userfeedback-lite

A
88

Ultimate user feedback plugin to ask questions, surveys, polls, from your website in seconds

200K 7 CVEs
Crowdsignal Forms

Crowdsignal Forms

crowdsignal-forms

A
99

The Crowdsignal Forms plugin allows you to create and manage polls right from within the block editor.

100K 1 CVE
Everest Forms – Contact Form, Payment Form, Quiz, Survey & Custom Form Builder

Everest Forms – Contact Form, Payment Form, Quiz, Survey & Custom Form Builder

everest-forms

B
84

The best WordPress form builder. Create contact forms, payment forms, conversational forms, custom forms, surveys, & quizzes using drag and drop.

100K 12 CVEs
Crowdsignal Dashboard – Polls, Surveys & more

Crowdsignal Dashboard – Polls, Surveys & more

polldaddy

A
96

Manage your Crowdsignal polls, surveys, quizzes, and ratings directly from the WordPress dashboard.

100K 9 CVEs
Developer Profile

Likert Survey Master Developer Profile

Bob

9 plugins · 5K total installs

66
trust score
Avg Security Score
81/100
Avg Patch Time
725 days
View full developer profile
Detection Fingerprints

How We Detect Likert Survey Master

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/likert-survey-master/css/main.css/wp-content/plugins/likert-survey-master/js/main.js
Script Paths
/wp-content/plugins/likert-survey-master/js/main.js

HTML / DOM Fingerprints

CSS Classes
likertm-survey-form
HTML Comments
<!-- start likert survey --><!-- end likert survey --><!-- start likert barchart --><!-- end likert barchart -->
Data Attributes
data-survey-id
JS Globals
likertm_ajax_object
Shortcode Output
[likertm][likertm-barchart]
FAQ

Frequently Asked Questions about Likert Survey Master