WP-Safety

Quiz Creator – Easy Quiz, Survey & Test Maker Security & Risk Analysis

wordpress.org/plugins/quiz-creator

Create and manage interactive quizzes with multiple question types, automatic scoring, timed quizzes, and email notifications.

20 active installs v1.1.5 PHP 7.0+ WP 6.2+ Updated Dec 4, 2025
examquizsurveytesttrivia
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Quiz Creator – Easy Quiz, Survey & Test Maker Safe to Use in 2026?

Generally Safe

Score 100/100

Quiz Creator – Easy Quiz, Survey & Test Maker has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago
Risk Assessment

The quiz-creator plugin v1.1.5 exhibits a generally good security posture based on the provided static analysis and vulnerability history. The plugin demonstrates strong adherence to secure coding practices by utilizing prepared statements for all SQL queries and a high percentage of properly escaped output. The absence of any recorded CVEs, both historically and currently, is a significant strength, suggesting a well-maintained and robust codebase.

However, the presence of 12 instances of the `unserialize` function represents a notable concern. While the static analysis did not reveal any direct taint flows leading to unsanitized paths, the `unserialize` function is inherently risky. If user-supplied data is not strictly validated before being passed to `unserialize`, it can lead to object injection vulnerabilities. The limited attack surface and the presence of nonce and capability checks on some entry points are positive indicators, but the `unserialize` function remains a potential entry point for attackers if misapplied.

In conclusion, the plugin is in a strong security position due to its clean vulnerability history and good SQL and output sanitization. The primary area for improvement lies in mitigating the risks associated with the `unserialize` function, even in the absence of immediate exploitable flows in the current analysis. Further scrutiny of how user data interacts with `unserialize` would be prudent.

Key Concerns

  • Use of unserialize function
Vulnerabilities
None known

Quiz Creator – Easy Quiz, Survey & Test Maker Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Quiz Creator – Easy Quiz, Survey & Test Maker Code Analysis

Dangerous Functions
12
Raw SQL Queries
0
41 prepared
Unescaped Output
28
261 escaped
Nonce Checks
6
Capability Checks
1
File Operations
0
External Requests
0
Bundled Libraries
0

Dangerous Functions Found

unserialize$options = unserialize($question->options);qc-admin.php:807
unserialize$correct_answers = $is_multiple_correct ? unserialize($question->correct_answer) : [];qc-admin.php:808
unserialize$correct_answers_array = @unserialize($answer->correct_answer);qc-admin.php:1246
unserialize$options = @unserialize($answer->options);qc-admin.php:1247
unserialize$correct_answers_array = unserialize($question->correct_answer);qc-frontend.php:142
unserialize$options = unserialize($question->options);qc-frontend.php:143
unserialize$options = unserialize($question->options);qc-frontend.php:370
unserialize$correct_answers_array = unserialize($question->correct_answer);qc-frontend.php:388
unserialize$options = unserialize($question->options);qc-frontend.php:389
unserialize$options = unserialize($question->options);qc-frontend.php:447
unserialize$correct_answers_array = unserialize($question->correct_answer);qc-frontend.php:702
unserialize$options = unserialize($question->options);qc-frontend.php:703

SQL Query Safety

100% prepared41 total queries

Output Escaping

90% escaped289 total outputs
Data Flows
All sanitized

Data Flow Analysis

6 flows
quizCreator_admin_page (qc-admin.php:70)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Quiz Creator – Easy Quiz, Survey & Test Maker Attack Surface

Entry Points1
Unprotected0

Shortcodes 1

[quiz_creator] quiz-creator.php:269
WordPress Hooks 5
actionadmin_menuqc-admin.php:64
actionadmin_initqc-admin.php:1457
actionadmin_initqc-admin.php:1616
actionplugins_loadedquiz-creator.php:70
actionadmin_enqueue_scriptsquiz-creator.php:277
Maintenance & Trust

Quiz Creator – Easy Quiz, Survey & Test Maker Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedDec 4, 2025
PHP min version7.0
Downloads809

Community Trust

Rating0/100
Number of ratings0
Active installs20
Alternatives

Quiz Creator – Easy Quiz, Survey & Test Maker Alternatives

Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker

Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker

quiz-master-next

B
76

Create quizzes, surveys, and tests easily on WordPress with this versatile plugin. Perfect for engaging any audience and gathering valuable insights!

40K 57 CVEs
Watu Quiz

Watu Quiz

watu

A
88

Creates exams, surveys, and quizzes with unlimited number of questions and answers. Mobile/touch - friendly.

3K 17 CVEs
ARI Stream Quiz – WordPress Quizzes Builder

ARI Stream Quiz – WordPress Quizzes Builder

ari-stream-quiz

A
98

Easy to use WordPress Viral Quiz Plugin. Create Trivia and Personality quizzes in BuzzFeed style and collect unlimited leads.

2K 7 CVEs
Chained Quiz

Chained Quiz

chained-quiz

A
91

Create a quiz where the next question depends on the answer to the previous question. Final quiz results depend on the amount of collected points.

1K 24 CVEs
Watu to MailChimp

Watu to MailChimp

watu-bridge-to-mailchimp

A
85

A bridge between the Watu Quiz plugin and MailChimp /*** This program is free software: you can redistribute it and/or modify it under the terms of …

10 No CVEs
Developer Profile

Quiz Creator – Easy Quiz, Survey & Test Maker Developer Profile

NETT.PRO

3 plugins · 430 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Quiz Creator – Easy Quiz, Survey & Test Maker

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/quiz-creator/qc-assets/css/qc-frontend.css/wp-content/plugins/quiz-creator/qc-assets/js/qc-frontend.js/wp-content/plugins/quiz-creator/qc-assets/js/qc-countdown.js/wp-content/plugins/quiz-creator/qc-assets/js/qc-timer.js/wp-content/plugins/quiz-creator/qc-assets/js/qc-chart.min.js
Script Paths
/wp-content/plugins/quiz-creator/qc-assets/js/qc-frontend.js/wp-content/plugins/quiz-creator/qc-assets/js/qc-countdown.js/wp-content/plugins/quiz-creator/qc-assets/js/qc-timer.js/wp-content/plugins/quiz-creator/qc-assets/js/qc-chart.min.js
Version Parameters
quiz-creator/qc-assets/css/qc-frontend.css?ver=quiz-creator/qc-assets/js/qc-frontend.js?ver=quiz-creator/qc-assets/js/qc-countdown.js?ver=quiz-creator/qc-assets/js/qc-timer.js?ver=quiz-creator/qc-assets/js/qc-chart.min.js?ver=

HTML / DOM Fingerprints

CSS Classes
qc-quiz-containerqc-quiz-titleqc-quiz-descriptionqc-question-containerqc-question-textqc-options-containerqc-option-itemqc-option-label+7 more
HTML Comments
<!-- Quiz Creator Plugin --><!-- Admin Panel --><!-- Frontend Display -->
Data Attributes
data-quiz-iddata-question-iddata-user-iddata-timer-enableddata-quiz-timer-secondsdata-question-timer-seconds
JS Globals
quizCreatorFrontendqc_frontend_params
Shortcode Output
[quiz-creator id="1"][quiz id="1"]
FAQ

Frequently Asked Questions about Quiz Creator – Easy Quiz, Survey & Test Maker