Does Poll-Dude have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Poll-Dude compatible with WordPress 5.9.13?

According to WordPress.org data, Poll-Dude 2.0.0 has been tested up to WordPress 5.9.13. Check the plugin's changelog for the latest compatibility information.

How often is Poll-Dude updated?

Poll-Dude was last updated on Jun 1, 2022. Frequent updates are generally a positive security signal.

What is Poll-Dude's security score?

Poll-Dude has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Poll-Dude Security — No Known CVEs

Safety Verdict

Is Poll-Dude Safe to Use in 2026?

Generally Safe

Score 85/100

Poll-Dude has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago

Risk Assessment

The Poll Dude v2.0.0 plugin exhibits a generally good security posture with a clean vulnerability history. The absence of known CVEs and the presence of a robust number of nonce and capability checks for its entry points are positive indicators. The plugin also demonstrates good practice by largely employing prepared statements for its SQL queries and properly escaping a majority of its output.

However, the static analysis reveals some areas for concern. Specifically, the taint analysis indicates three high-severity flows with unsanitized paths. While these are not explicitly labeled as vulnerabilities in the history, unsanitized paths are a common precursor to security flaws and warrant careful investigation. The fact that 5 out of 9 analyzed flows had unsanitized paths is a significant red flag.

In conclusion, while Poll Dude v2.0.0 is not demonstrably vulnerable based on its history, the taint analysis findings highlight potential weaknesses that could be exploited if not addressed. The plugin's strengths lie in its adherence to WordPress security best practices for its entry points and data handling. The weaknesses are primarily in the potential for insecure data processing as identified by the taint analysis, which requires further scrutiny and remediation.

Key Concerns

High severity unsanitized taint flows (3)
Unsanitized paths in taint analysis (5/9 flows)
SQL queries not using prepared statements (37%)
Output not properly escaped (31%)

Vulnerabilities

None known

Poll-Dude Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Poll-Dude Release Timeline

v2.0.0Current

v1.0.2

v1.0.1

v1.0.0

Code Analysis

Analyzed Mar 17, 2026

Poll-Dude Code Analysis

Dangerous Functions

0

Raw SQL Queries

30

50 prepared

Unescaped Output

73

161 escaped

Nonce Checks

17

Capability Checks

3

File Operations

0

External Requests

1

Bundled Libraries

0

SQL Query Safety

63% prepared80 total queries

Output Escaping

69% escaped234 total outputs

Data Flows · Security

5 unsanitized

Data Flow Analysis

9 flows5 with unsanitized paths

show_vote_form (includes\class-poll-dude-shortcodes.php:158)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Poll-Dude Attack Surface

Entry Points4

Unprotected0

AJAX Handlers 3

authwp_ajax_poll-dude-controladmin\class-poll-dude-admin.php:47

authwp_ajax_poll-dudeincludes\class-poll-dude-shortcodes.php:19

noprivwp_ajax_poll-dudeincludes\class-poll-dude-shortcodes.php:20

Shortcodes 1

[poll_dude] includes\class-poll-dude-shortcodes.php:18

WordPress Hooks 6

actionadmin_menuadmin\class-poll-dude-admin.php:45

actionadmin_enqueue_scriptsadmin\class-poll-dude-admin.php:46

actionpoll_dude_cronadmin\class-poll-dude-admin.php:48

actionplugins_loadedincludes\class-poll-dude.php:129

actionwidgets_initincludes\class-poll-dude.php:130

actionwp_enqueue_scriptspublic\class-poll-dude-public.php:44

Scheduled Events 1

poll_dude_cron

Maintenance & Trust

Poll-Dude Maintenance & Trust

Maintenance Signals

WordPress version tested5.9.13

Last updatedJun 1, 2022

PHP min version

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Poll-Dude Alternatives

Kento Vote

kento-vote

A

85

Vote on Post and Display Who Voted via gravatar thumbnail.

10 No CVEs

Crowdsignal Dashboard – Polls, Surveys & more

polldaddy

A

96

Manage your Crowdsignal polls, surveys, quizzes, and ratings directly from the WordPress dashboard.

100K 9 CVEs

WP-Polls

wp-polls

B

84

Adds an AJAX poll system to your WordPress blog. You can also easily add a poll into your WordPress's blog post/page.

40K 6 CVEs

Democracy Poll

democracy-poll

B

77

WordPress polls plugin with multiple-choice, custom answers, cache compatibility, widgets, and shortcodes.

7K 1 unpatched

Poll Maker – Versus Polls, Anonymous Polls, Image Polls

poll-maker

A

90

Poll Maker is a FREE WordPress poll plugin that will let you create customizable and professional online polls and voting for your WordPress website.

7K 23 CVEs

Developer Profile

Poll-Dude Developer Profile

liaison

6 plugins · 0 total installs

98

trust score

Avg Security Score

97/100

Avg Patch Time

1 days

View full developer profile

Detection Fingerprints

How We Detect Poll-Dude

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/poll-dude/css/poll-dude-admin.css/wp-content/plugins/poll-dude/js/poll-dude-admin.js/wp-content/plugins/poll-dude/js/lib/chart.min.js

Script Paths

js/poll-dude-admin.jsjs/lib/chart.min.js

Version Parameters

poll-dude-admin.css?ver=poll-dude-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

poll-dude

HTML Comments

Data Attributes

data-delete_logs_yesdata-dodata-nonce

JS Globals

pdAdminL10n

FAQ

Poll-Dude Security & Risk Analysis