Does Nice Quotes Rotator have any unpatched vulnerabilities?

No. All known vulnerabilities in Nice Quotes Rotator have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Nice Quotes Rotator compatible with WordPress 3.4.2?

According to WordPress.org data, Nice Quotes Rotator 1.0 has been tested up to WordPress 3.4.2. Check the plugin's changelog for the latest compatibility information.

How often is Nice Quotes Rotator updated?

Nice Quotes Rotator was last updated on Oct 12, 2012. Frequent updates are generally a positive security signal.

What is Nice Quotes Rotator's security score?

Nice Quotes Rotator has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Nice Quotes Rotator Security & Risk Analysis

wordpress.org/plugins/nice-quotes-rotator

Allows display of random quotes via shortcode, a sidebar widget, and/or on the admin page. Quotes can be user-entered, post excerpts or links.

90 active installs v1.0 PHP + WP 2.9+ Updated Oct 12, 2012

quotationquotationsquotequotesrandom

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Nice Quotes Rotator Safe to Use in 2026?

Generally Safe

Score 85/100

Nice Quotes Rotator has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 13yr ago

Risk Assessment

The 'nice-quotes-rotator' v1.0 plugin exhibits a mixed security posture. On the positive side, the absence of known CVEs and a clean vulnerability history suggest a relatively stable plugin. The code analysis also shows no direct SQL injection risks due to the use of prepared statements and no file operations or external HTTP requests, which are common attack vectors. However, significant concerns arise from the static code analysis. The use of `create_function` is a dangerous practice that can lead to code injection vulnerabilities. Furthermore, the plugin demonstrates a very low rate of output escaping (4%), indicating a high risk of Cross-Site Scripting (XSS) vulnerabilities where user-supplied data might be rendered without proper sanitization. The lack of nonce checks and capability checks, while not directly tied to an exposed attack surface in this analysis, means that if any functionality were to be exposed through future updates or interactions, it would be inherently less secure.

Key Concerns

Use of dangerous function create_function
Low output escaping rate (4%)
Missing nonce checks
Missing capability checks

Vulnerabilities

None known

Nice Quotes Rotator Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Nice Quotes Rotator Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

1 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

create_functionadd_action('widgets_init', create_function('', 'return register_widget("nqWidget");'));nice_quotes.php:263

Output Escaping

4% escaped26 total outputs

Attack Surface

Nice Quotes Rotator Attack Surface

Entry Points2

Unprotected0

Shortcodes 2

[nice-quote] nice_quotes.php:152

[nicequote] nice_quotes.php:153

WordPress Hooks 8

actionadmin_menuadmin_page.php:64

actionadmin_initadmin_page.php:65

actionplugins_loadednice_quotes.php:13

filterposts_wherenice_quotes.php:124

actionadmin_footernice_quotes.php:217

actionadmin_headnice_quotes.php:218

actionwidgets_initnice_quotes.php:263

filterget_append_plugin_quotespluggable_example.php:12

Maintenance & Trust

Nice Quotes Rotator Maintenance & Trust

Maintenance Signals

WordPress version tested3.4.2

Last updatedOct 12, 2012

PHP min version

Downloads13K

Community Trust

Rating100/100

Number of ratings1

Active installs90

Alternatives

Nice Quotes Rotator Alternatives

Say4U

say4u

Requires at least: 3.6.0 Tested up to: 4.9.4 Stable tag: 4.9.4 License: GPLv3 or later License URI: http://www.gnu.org/licenses/gpl-3.0.

0 No CVEs

Quote of the Day by BrainyQuote

quote-of-the-day-by-brainyquote

This plugin lets you add a Quote of the Day widget to your WordPress page.

300 No CVEs

Quote of the Day and Random Quote

quote-of-the-day-and-random-quote

This plugins shows a Quote of the Day, or a Random Quote.

100 No CVEs

Quote of the Day – ITslum

quote-of-the-day-itslum

Show a new Quote of the Day to your website visitors with this widget on your WordPress website.

60 No CVEs

Quote of the Day Site2Quotes Widget

quote-of-the-day-site2quotes-widget

This plugin lets you add a Quote of the Day widget to your WordPress page.

30 No CVEs

Developer Profile

Nice Quotes Rotator Developer Profile

CodeAndReload

4 plugins · 370 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Nice Quotes Rotator

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

CSS Classes

niceQuote

Shortcode Output

<p class='niceQuote'><ul><li></li></ul>

FAQ