Does Petitioner have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Petitioner compatible with WordPress 6.9.4?

According to WordPress.org data, Petitioner 0.8.1 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Petitioner compatible with PHP 8.0+?

Petitioner requires PHP 8.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Petitioner updated?

Petitioner was last updated on Mar 29, 2026. Frequent updates are generally a positive security signal.

What is Petitioner's security score?

Petitioner has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Petitioner Security & Risk Analysis

wordpress.org/plugins/petitioner

Create, target, and track high-impact petitions with Petitioner: automate delivery to decision-makers, manage approvals, and export rich submission da …

100 active installs v0.8.1 PHP 8.0+ WP 5.9+ Updated Mar 29, 2026

activismcommunityemailformpetition

A · Safe

CVEs total1

Unpatched0

Last CVEMar 27, 2026

Download

Safety Verdict

Is Petitioner Safe to Use in 2026?

Generally Safe

Score 99/100

Petitioner has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

1 known CVELast CVE: Mar 27, 2026Updated 1mo ago

Risk Assessment

The "petitioner" v0.8.0 plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all SQL queries and has a high percentage of properly escaped output. The absence of known CVEs and a clean vulnerability history are also strong indicators of responsible development. However, a significant concern lies in its attack surface. With 15 unprotected AJAX handlers, this presents a considerable risk for attackers to potentially exploit without proper authentication or authorization mechanisms. While taint analysis shows no current critical or high-severity flows, the sheer number of unprotected entry points leaves it susceptible to future discovery of vulnerabilities. The plugin's strengths in SQL handling and output escaping are commendable, but the lack of security checks on its AJAX endpoints significantly undermines its overall security.

Key Concerns

Unprotected AJAX handlers
Large attack surface without auth checks

Vulnerabilities

1 published

Petitioner Security Vulnerabilities

CVEs by Year

1 CVE in 2026

2026

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2026-32514medium · 4.3Missing Authorization

Petitioner <= 0.7.3 - Missing Authorization

Mar 27, 2026 Patched in 0.7.4 (1d)

Version History

Petitioner Release Timeline

v0.8.1Current

v0.8.0

v0.7.4

v0.7.31 CVE

Petitioner Security & Risk Analysis

Is Petitioner Safe to Use in 2026?

Generally Safe

Key Concerns

Petitioner Security Vulnerabilities

CVEs by Year

Severity Breakdown

Petitioner Release Timeline

Petitioner Code Analysis

SQL Query Safety

Output Escaping

Petitioner Attack Surface

AJAX Handlers 15

Shortcodes 6

Petitioner Maintenance & Trust

Maintenance Signals

Community Trust

Petitioner Alternatives

SpeakOut! Email Petitions

MC4WP: Mailchimp for WordPress

Creative Mail – Easier WordPress & WooCommerce Email Marketing

Newsletter – Send awesome emails from WordPress

Brevo – Email, SMS, Web Push, Chat, and more.

Petitioner Developer Profile

How We Detect Petitioner

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Petitioner