Does Login with QR have any unpatched vulnerabilities?

No. All known vulnerabilities in Login with QR have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Login with QR compatible with WordPress 4.6.30?

According to WordPress.org data, Login with QR 1.0.0 has been tested up to WordPress 4.6.30. Check the plugin's changelog for the latest compatibility information.

How often is Login with QR updated?

Login with QR was last updated on Apr 30, 2017. Frequent updates are generally a positive security signal.

What is Login with QR's security score?

Login with QR has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Login with QR Security & Risk Analysis

wordpress.org/plugins/login-with-qr

Make your users login via link or QR code.

10 active installs v1.0.0 PHP + WP 4.6+ Updated Apr 30, 2017

loginqr

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Login with QR Safe to Use in 2026?

Generally Safe

Score 85/100

No known CVEs Updated 8yr ago

Risk Assessment

The "login-with-qr" plugin v1.0.0 presents a generally positive security posture, with no known vulnerabilities and a good approach to core security practices. The static analysis indicates a small attack surface and diligent use of prepared statements for SQL queries. The presence of nonce and capability checks is also a strength. However, the analysis does reveal a concerning taint flow with an unsanitized path, which, despite not being flagged as critical or high severity, warrants attention as it represents a potential entry point for attackers if not properly handled. The 57% output escaping rate, while not terrible, suggests room for improvement to prevent cross-site scripting (XSS) vulnerabilities in the remaining outputs.

Key Concerns

Taint flow with unsanitized path
Partial output escaping

Vulnerabilities

None known

Login with QR Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Login with QR Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

4 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared2 total queries

Output Escaping

57% escaped7 total outputs

Data Flows

1 unsanitized

Data Flow Analysis

2 flows1 with unsanitized paths

pkg_autologin_authenticate (qr-user-login.php:420)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Login with QR Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 10

actionedit_user_profileqr-user-login.php:49

actionshow_user_profileqr-user-login.php:50

actionlogin_headqr-user-login.php:51

actionadmin_bar_menuqr-user-login.php:202

actioninitqr-user-login.php:413

actioninitqr-user-login.php:419

actionlogin_headqr-user-login.php:469

actionadmin_enqueue_scriptsqr-user-login.php:491

actionpersonal_options_updateqr-user-login.php:519

actionedit_user_profile_updateqr-user-login.php:520

Maintenance & Trust

Login with QR Maintenance & Trust

Maintenance Signals

WordPress version tested4.6.30

Last updatedApr 30, 2017

PHP min version

Downloads2K

Community Trust

Rating60/100

Number of ratings1

Active installs10

Alternatives

Login with QR Alternatives

SQRL Login

sqrl-login

Secure Quick Reliable Login, this plugin will enable logging in using SQRL clients.

100 No CVEs

IDer Login for WordPress

ider-login

This plugin provides functionality to register and connect to your WordPress via IDer Service.

90 1 unpatched

QR Code Login Admin

qr-code-login-admin

100

Permette l'accesso al tuo sito web senza inserire username e password, generando semplicemente un qr-code. Abilitato solo per gli amministratori.

10 No CVEs

QR User Login

qr-user-login

Allow users to login using a link (or QR code). This plugin can be used for create custom event invitation, for example: wedding, etc.

10 No CVEs

qrLogin

qrlogin

qrLogin is an authentication system based on the reading of the qr code by the mobile phone and the transfer of authentication data via the http/https …

10 No CVEs

Developer Profile

Login with QR Developer Profile

dessainsaraiva

3 plugins · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Login with QR

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

Data Attributes

id="pkg_autologin_code"id="pkg_autologin_new_link_button"id="pkg_autologin_delete_link_button"id="pkg_autologin_link"

JS Globals

pkg_autologin_get_page_user_idpkg_autologin_check_view_permissionspkg_autologin_check_modify_permissionspkg_autologin_new_link_clickpkg_autologin_delete_link_clickPKG_AUTOLOGIN_USER_META_KEY+2 more

FAQ

Login with QR Security & Risk Analysis

Is Login with QR Safe to Use in 2026?

Generally Safe

Key Concerns

Login with QR Security Vulnerabilities

Login with QR Code Analysis

SQL Query Safety

Output Escaping

Data Flow Analysis

Login with QR Attack Surface

Login with QR Maintenance & Trust

Maintenance Signals

Community Trust

Login with QR Alternatives

SQRL Login

IDer Login for WordPress

QR Code Login Admin

QR User Login

qrLogin

Login with QR Developer Profile

How We Detect Login with QR

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Login with QR