Does myCred for TotalPoll have any unpatched vulnerabilities?

No. All known vulnerabilities in myCred for TotalPoll have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is myCred for TotalPoll compatible with WordPress 6.8.5?

According to WordPress.org data, myCred for TotalPoll 1.3.2 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is myCred for TotalPoll compatible with PHP 7.0+?

myCred for TotalPoll requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is myCred for TotalPoll updated?

myCred for TotalPoll was last updated on Apr 17, 2025. Frequent updates are generally a positive security signal.

What is myCred for TotalPoll's security score?

myCred for TotalPoll has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

myCred for TotalPoll Security & Risk Analysis

wordpress.org/plugins/mycred-for-totalpoll

📢🚨 Important Notice: myCred for TotalPoll is now part of the myCred Toolkit and will no longer receive updates here. Only security fixes will be provi …

30 active installs v1.3.2 PHP 7.0+ WP 4.8+ Updated Apr 17, 2025

contestmycredpollpollstotal-poll

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is myCred for TotalPoll Safe to Use in 2026?

Generally Safe

Score 100/100

myCred for TotalPoll has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11mo ago

Risk Assessment

The static analysis of mycred-for-totalpoll v1.3.2 indicates a generally strong security posture. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events in the attack surface is a significant positive, as it minimizes the number of potential entry points for attackers. Furthermore, the code signals reveal excellent practices, with all SQL queries using prepared statements, 100% of output being properly escaped, and no observed file operations or external HTTP requests. The lack of known vulnerabilities in its history also suggests a mature and well-maintained plugin.

However, the analysis does highlight a critical area of concern: the complete absence of nonce checks and capability checks. While the attack surface is currently zero, this lack of built-in authorization mechanisms means that if any entry points were to be introduced in the future, they would be inherently vulnerable to unauthorized access and execution. The taint analysis also shows zero flows, which is excellent, but the overall security is heavily reliant on the current minimal attack surface rather than robust, layered defenses. In conclusion, the plugin exhibits strengths in code hygiene and lack of past vulnerabilities, but the absence of essential security checks like nonces and capabilities represents a significant potential weakness that could be exploited if the plugin's scope expands.

Key Concerns

Missing nonce checks
Missing capability checks

Vulnerabilities

None known

myCred for TotalPoll Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

myCred for TotalPoll Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

26 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped26 total outputs

Attack Surface

myCred for TotalPoll Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 8

actionadmin_noticesmycred-totalpoll.php:95

filtermycred_setup_hooksmycred-totalpoll.php:96

actionmycred_initmycred-totalpoll.php:97

actionmycred_all_referencesmycred-totalpoll.php:98

actionmycred_load_hooksmycred-totalpoll.php:99

actiontp_add_votemycred-totalpoll.php:233

actiontotalpoll/actions/poll/votemycred-totalpoll.php:234

actiontotalpoll/actions/after/poll/command/logmycred-totalpoll.php:235

Maintenance & Trust

myCred for TotalPoll Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedApr 17, 2025

PHP min version7.0

Downloads7K

Community Trust

Rating0/100

Number of ratings0

Active installs30

Alternatives

myCred for TotalPoll Alternatives

Showdown

showdown

Showdown popularity contests on your site!

10 No CVEs

Crowdsignal Forms

crowdsignal-forms

The Crowdsignal Forms plugin allows you to create and manage polls right from within the block editor.

100K 1 unpatched

Crowdsignal Dashboard – Polls, Surveys & more

polldaddy

Manage your Crowdsignal polls, surveys, quizzes, and ratings directly from the WordPress dashboard.

100K 9 CVEs

WP-Polls

wp-polls

Adds an AJAX poll system to your WordPress blog. You can also easily add a poll into your WordPress's blog post/page.

40K 6 CVEs

YOP Poll

yop-poll

Use a full option polling solution to get the answers you need. YOP Poll is the perfect, easy to use poll plugin for your WordPress site.

10K 14 CVEs

Developer Profile

myCred for TotalPoll Developer Profile

Saad Iqbal

84 plugins · 1.4M total installs

trust score

Avg Security Score

96/100

Avg Patch Time

287 days

View full developer profile

Detection Fingerprints

How We Detect myCred for TotalPoll

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/mycred-for-totalpoll/assets/css/style.css/wp-content/plugins/mycred-for-totalpoll/assets/js/totalpoll.js

Script Paths

/wp-content/plugins/mycred-for-totalpoll/assets/js/totalpoll.js

Version Parameters

mycred-for-totalpoll/assets/css/style.css?ver=mycred-for-totalpoll/assets/js/totalpoll.js?ver=

HTML / DOM Fingerprints

CSS Classes

mycred-totalpoll-votermycred-totalpoll-poll-wrapper

HTML Comments

Data Attributes

data-mycred-totalpoll-pollid

JS Globals

mycred_totalpoll_frontend

FAQ