Does MaxiCharts have any unpatched vulnerabilities?

No. All known vulnerabilities in MaxiCharts have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is MaxiCharts compatible with WordPress 5.8.13?

According to WordPress.org data, MaxiCharts 1.7.6 has been tested up to WordPress 5.8.13. Check the plugin's changelog for the latest compatibility information.

How often is MaxiCharts updated?

MaxiCharts was last updated on Sep 20, 2021. Frequent updates are generally a positive security signal.

What is MaxiCharts's security score?

MaxiCharts has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

MaxiCharts Security & Risk Analysis

wordpress.org/plugins/maxicharts

Create beautiful HTML5 charts from Gravity Forms submission data with a simple shortcode. You can also visualise CSV files as graphs.

200 active installs v1.7.6 PHP + WP 4.0+ Updated Sep 20, 2021

chartchartsjsformsgraphgravity

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is MaxiCharts Safe to Use in 2026?

Generally Safe

Score 85/100

MaxiCharts has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago

Risk Assessment

The maxicharts v1.7.6 plugin exhibits a generally strong security posture based on the provided static analysis. The absence of any known CVEs and a clean vulnerability history, coupled with the fact that all SQL queries utilize prepared statements, are significant positive indicators. The plugin also demonstrates good practices with the presence of nonce and capability checks on its entry points, ensuring that most interactions require proper authorization. Furthermore, the analysis shows no critical or high severity taint flows, and a high percentage of output is properly escaped, minimizing the risk of common vulnerabilities like cross-site scripting (XSS).

Key Concerns

High percentage of output not properly escaped
Bundled library (TinyMCE) could be outdated

Vulnerabilities

None known

MaxiCharts Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

MaxiCharts Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

33 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

TinyMCE

Output Escaping

87% escaped38 total outputs

Attack Surface

MaxiCharts Attack Surface

Entry Points2

Unprotected0

AJAX Handlers 1

authwp_ajax_gf_forms_listmaxicharts.php:138

Shortcodes 1

[maxicharts] maxicharts.php:128

WordPress Hooks 17

filtermce_external_pluginsmaxicharts.php:72

filtermce_buttonsmaxicharts.php:76

actionwp_enqueue_scriptsmaxicharts.php:117

actionwp_headmaxicharts.php:122

filtermaxicharts_get_data_from_sourcemaxicharts.php:133

actionbefore_wp_tiny_mcemaxicharts.php:142

actionadmin_headmaxicharts.php:148

filtermcharts_modify_colorsmaxicharts.php:159

filtermcharts_filter_chart_titlemaxicharts.php:163

filtermcharts_filter_chart_labelsmaxicharts.php:167

actionplugins_loadedmaxicharts.php:172

filtermcharts_modify_custom_search_criteriamcharts_custom_criteria_plugin.php:21

filtermcharts_gf_filter_fields_after_countmcharts_data_conversion_plugin.php:20

actionadmin_menumcharts_settings.php:20

actionadmin_initmcharts_settings.php:21

filtermcharts_display_table_from_chart_data_filtermcharts_table_plugin.php:16

actionwp_enqueue_scriptsmcharts_table_plugin.php:21

Maintenance & Trust

MaxiCharts Maintenance & Trust

Maintenance Signals

WordPress version tested5.8.13

Last updatedSep 20, 2021

PHP min version

Downloads20K

Community Trust

Rating88/100

Number of ratings9

Active installs200

Alternatives

MaxiCharts Alternatives

MaxiCharts Gravity Forms Source add-on

maxicharts-gravity-forms-source-add-on

Extends MaxiCharts to chart Gravity Forms data.

200 No CVEs

Gravity Forms Light Blue API Add-On

gravity-forms-light-blue-api-add-on

Send information directly from your Gravity Forms forms to your Light Blue account.

100 No CVEs

FortressDB

fortressdb

High-speed, secure database plugin for WordPress form data

40 No CVEs

Embed charts graphs tables and forms with Vixo

vixo-embeddable-tables-charts-and-spreadsheets

Lets you embed graphs and graphs, tables, spreadsheets, forms and quotation engines from the Vixo online spreadsheet.

20 No CVEs

Gravity Forms Zero Spam

gravity-forms-zero-spam

100

Enhance your Gravity Forms to include anti-spam measures originally based on the work of David Walsh's "Zero Spam" technique.

100K No CVEs

Developer Profile

MaxiCharts Developer Profile

termel

14 plugins · 800 total installs

trust score

Avg Security Score

84/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect MaxiCharts

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/maxicharts/css/maxicharts.css/wp-content/plugins/maxicharts/js/maxicharts.js/wp-content/plugins/maxicharts/js/tinymce/plugins/maxicharts/plugin.min.js/wp-content/plugins/maxicharts/js/tinymce/plugins/maxicharts/plugin.js

Script Paths

/wp-content/plugins/maxicharts/js/maxicharts.js/wp-content/plugins/maxicharts/js/tinymce/plugins/maxicharts/plugin.min.js/wp-content/plugins/maxicharts/js/tinymce/plugins/maxicharts/plugin.js

Version Parameters

maxicharts/css/maxicharts.css?ver=maxicharts/js/maxicharts.js?ver=maxicharts/js/tinymce/plugins/maxicharts/plugin.min.js?ver=maxicharts/js/tinymce/plugins/maxicharts/plugin.js?ver=

HTML / DOM Fingerprints

CSS Classes

maxicharts-chart-container

Data Attributes

data-maxicharts-chart

JS Globals

maxicharts_params

Shortcode Output

[maxicharts

FAQ