WP-Safety

Opinionnaire® Survey analysis and Fast Forum® reports Security & Risk Analysis

wordpress.org/plugins/opinionnaire-survey-analysis-report-generator

A tool to import and display survey answers through customized reports.

10 active installs v1.3.9 PHP + WP 3.0.1+ Updated Mar 2, 2026
consensusdialogueopinionnairepolarizationsurvey
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Opinionnaire® Survey analysis and Fast Forum® reports Safe to Use in 2026?

Generally Safe

Score 100/100

Opinionnaire® Survey analysis and Fast Forum® reports has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago
Risk Assessment

The "opinionnaire-survey-analysis-report-generator" plugin v1.3.9 exhibits a concerning security posture due to several critical weaknesses identified in the static analysis. The most significant concern is the presence of one AJAX handler without any authentication checks, exposing a direct entry point for potential attackers. Furthermore, the complete absence of nonce checks and capability checks on this AJAX handler amplifies this risk significantly. While the plugin has no recorded vulnerability history, this absence could be due to its relative obscurity or the fact that existing vulnerabilities have not yet been publicly disclosed. The analysis also highlights the use of dangerous functions like `assert`, `unserialize`, and `create_function`, which are often associated with security vulnerabilities when not handled with extreme care, especially when combined with unsanitized input.

While the plugin demonstrates some positive security practices, such as a moderate percentage of properly escaped outputs and a portion of SQL queries using prepared statements, these strengths are overshadowed by the severe lack of input validation and authentication on its primary entry point. The taint analysis revealing 11 flows with unsanitized paths, albeit not classified as critical or high severity in this report, warrants attention as these could potentially be exploited in conjunction with other weaknesses. The overall risk is elevated due to the combination of a direct, unprotected entry point and the use of potentially risky functions.

Key Concerns

  • AJAX handler without authentication
  • Missing nonce checks on AJAX handler
  • Missing capability checks
  • Use of dangerous functions (assert, unserialize, create_function)
  • All taint flows with unsanitized paths
  • SQL queries not using prepared statements
  • Output escaping not properly implemented (22%)
Vulnerabilities
None known

Opinionnaire® Survey analysis and Fast Forum® reports Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Opinionnaire® Survey analysis and Fast Forum® reports Release Timeline

v1.3.7
v1.3.6
v1.3.5
v1.3.4
v1.3.3
v1.3.2
v1.3.1
v1.3
v1.2.1
v1.2
v1.1
v1.0
v0.79
v0.78
v0.77
v0.9
v0.5
Code Analysis
Analyzed Mar 16, 2026

Opinionnaire® Survey analysis and Fast Forum® reports Code Analysis

Dangerous Functions
14
Raw SQL Queries
10
10 prepared
Unescaped Output
90
314 escaped
Nonce Checks
0
Capability Checks
0
File Operations
117
External Requests
1
Bundled Libraries
0

Dangerous Functions Found

assertassert($this->idx>0);jpgraph\jpgraph.php:342
assertassert($aType=='x' || $aType=='y' );jpgraph\jpgraph.php:4683
assertassert($aMin<=$aMax);jpgraph\jpgraph.php:4684
assertassert($aType=="x");jpgraph\jpgraph_date.php:57
assertassert($aMin<=$aMax);jpgraph\jpgraph_date.php:58
unserialize$this->iFlagData = unserialize($rawdata);jpgraph\jpgraph_flags.php:279
assertassert( $this->prect != null ) ;jpgraph\jpgraph_plotband.php:557
assertassert( $this->prect != null ) ;jpgraph\jpgraph_plotband.php:592
unserialize$newJson = unserialize($data['serial_custom_demographic']);opinionnaire.php:61
unserialize$newJson = unserialize($data['serial_custom_demographic']);opinionnaire.php:77
unserialize$collections = unserialize($serial_obj->serial_custom_demographic);opinionnaire.php:1493
create_functionreturn create_function('$_action, &$self, $_text', $init_crypt . 'if ($_action == "encrypt") { ' . $phpseclib\Crypt\Base.php:2558
unserializeextract(unserialize($partial));phpseclib\Crypt\RSA.php:653
create_functioncreate_function('$x', 'return "\x" . bin2hex($x[0]);');phpseclib\File\X509.php:2971

SQL Query Safety

50% prepared20 total queries

Output Escaping

78% escaped404 total outputs
Data Flows · Security
11 unsanitized

Data Flow Analysis

11 flows11 with unsanitized paths
opin_sample_data_init (opinionnaire.php:99)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

Opinionnaire&reg; Survey analysis and Fast Forum&reg; reports Attack Surface

Entry Points1
Unprotected1

AJAX Handlers 1

authwp_ajax_get_custom_demosopinionnaire.php:26
WordPress Hooks 3
actionadmin_menuopinionnaire.php:25
actionwp_enqueue_scriptsopinionnaire.php:1366
actionwp_enqueue_scriptsopinionnaire.php:1612
Maintenance & Trust

Opinionnaire&reg; Survey analysis and Fast Forum&reg; reports Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 2, 2026
PHP min version
Downloads4K

Community Trust

Rating100/100
Number of ratings1
Active installs10
Alternatives

Opinionnaire&reg; Survey analysis and Fast Forum&reg; reports Alternatives

Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form Builder

Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form Builder

formidable

B
76

The most advanced WordPress forms plugin. Go beyond contact forms with our drag and drop form builder for surveys, quizzes, and more.

300K 23 CVEs
Crowdsignal Forms

Crowdsignal Forms

crowdsignal-forms

A
99

The Crowdsignal Forms plugin allows you to create and manage polls right from within the block editor.

200K 1 CVE
UserFeedback – Create Interactive Feedback Form, User Surveys, and Polls in Seconds

UserFeedback – Create Interactive Feedback Form, User Surveys, and Polls in Seconds

userfeedback-lite

A
88

Ultimate user feedback plugin to ask questions, surveys, polls, from your website in seconds

200K 9 CVEs
Everest Forms – Contact Form, Payment Form, Quiz, Survey & Custom Form Builder

Everest Forms – Contact Form, Payment Form, Quiz, Survey & Custom Form Builder

everest-forms

B
77

The best WordPress form builder. Create contact forms, payment forms, conversational forms, custom forms, surveys, & quizzes using drag and drop.

100K 15 CVEs
Crowdsignal Dashboard – Polls, Surveys & more

Crowdsignal Dashboard – Polls, Surveys & more

polldaddy

A
96

Manage your Crowdsignal polls, surveys, quizzes, and ratings directly from the WordPress dashboard.

100K 9 CVEs
Developer Profile

Opinionnaire&reg; Survey analysis and Fast Forum&reg; reports Developer Profile

NatDialogue

1 plugin · 10 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Opinionnaire&reg; Survey analysis and Fast Forum&reg; reports

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/opinionnaire-survey-analysis-report-generator/js/loading.js/wp-content/plugins/opinionnaire-survey-analysis-report-generator/js/opinionnaire.js/wp-content/plugins/opinionnaire-survey-analysis-report-generator/js/jquery.validate.min.js/wp-content/plugins/opinionnaire-survey-analysis-report-generator/js/jquery.validate.unobtrusive.min.js/wp-content/plugins/opinionnaire-survey-analysis-report-generator/js/bootstrap.min.js/wp-content/plugins/opinionnaire-survey-analysis-report-generator/css/opinionnaire.css
Script Paths
/wp-content/plugins/opinionnaire-survey-analysis-report-generator/js/loading.js/wp-content/plugins/opinionnaire-survey-analysis-report-generator/js/opinionnaire.js/wp-content/plugins/opinionnaire-survey-analysis-report-generator/js/jquery.validate.min.js/wp-content/plugins/opinionnaire-survey-analysis-report-generator/js/jquery.validate.unobtrusive.min.js/wp-content/plugins/opinionnaire-survey-analysis-report-generator/js/bootstrap.min.js
Version Parameters
opinionnaire-survey-analysis-report-generator/js/loading.js?ver=opinionnaire-survey-analysis-report-generator/js/opinionnaire.js?ver=opinionnaire-survey-analysis-report-generator/js/jquery.validate.min.js?ver=opinionnaire-survey-analysis-report-generator/js/jquery.validate.unobtrusive.min.js?ver=opinionnaire-survey-analysis-report-generator/js/bootstrap.min.js?ver=opinionnaire-survey-analysis-report-generator/css/opinionnaire.css?ver=

HTML / DOM Fingerprints

CSS Classes
opin-title
Data Attributes
data-survey-id
JS Globals
opin_db_versionopin_versionOPIN_MESSAGE_1OPIN_SAMPLE_DATA_SNAPSHOT_DATEOPIN_VERSION
FAQ

Frequently Asked Questions about Opinionnaire&reg; Survey analysis and Fast Forum&reg; reports