Does Quizz have any unpatched vulnerabilities?

No. All known vulnerabilities in Quizz have been patched as of the latest data update. Always keep the plugin updated to the latest version.

How often is Quizz updated?

Quizz was last updated on Mar 30, 2014. Frequent updates are generally a positive security signal.

What is Quizz's security score?

Quizz has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Quizz Security & Risk Analysis

wordpress.org/plugins/quizz

A simple quiz plugin Contributors: 13llama Tags: quiz, question Author: 13 Llama Studio Author URI: http://www.13llama.com/ Version: 1.

20 active installs v1.02 PHP + WP + Updated Mar 30, 2014

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Quizz Safe to Use in 2026?

Generally Safe

Score 85/100

Quizz has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 12yr ago

Risk Assessment

The "quizz" v1.02 plugin exhibits a generally strong security posture, particularly in its handling of database interactions and its limited attack surface. The complete absence of AJAX handlers, REST API routes, shortcodes, and cron events with exploitable entry points, combined with the use of prepared statements for all SQL queries, indicates a good understanding of secure development practices. Furthermore, the presence of nonce and capability checks on its limited code signals suggests an effort to protect against common WordPress attacks. The plugin also has no recorded vulnerability history, further contributing to its positive security profile.

However, a significant concern arises from the output escaping. With only 33% of its output properly escaped, the plugin is susceptible to Cross-Site Scripting (XSS) vulnerabilities. While the static analysis did not explicitly identify XSS flows, this high percentage of unescaped output creates a clear and present risk. The lack of any identified taint flows might suggest that the specific data processed by the plugin doesn't currently lend itself to critical vulnerabilities through those paths, but this doesn't negate the XSS risk from unescaped output. The plugin's strengths lie in its minimal attack surface and secure database handling, but the output escaping deficiency is a notable weakness that requires attention.

Key Concerns

Poor output escaping (33% proper)

Vulnerabilities

None known

Quizz Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Quizz Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

2 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared2 total queries

Output Escaping

33% escaped6 total outputs

Attack Surface

Quizz Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 4

actioninitquizz.php:58

filterthe_contentquizz.php:130

actionadd_meta_boxesquizz.php:147

actionsave_postquizz.php:275

Maintenance & Trust

Quizz Maintenance & Trust

Maintenance Signals

WordPress version tested

Last updatedMar 30, 2014

PHP min version

Downloads3K

Community Trust

Rating0/100

Number of ratings0

Active installs20

Alternatives

Quizz Alternatives

No alternatives data available yet.

Developer Profile

Quizz Developer Profile

Amit Sharma

2 plugins · 70 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Quizz

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

CSS Classes

quiz_errorquiz_messagequiz_formquiz_answerquiz_buttonanswers

Data Attributes

quizz_answerquizz_exactquizz_prevlevelquizz_lastquizz_lastpage

JS Globals

window.location

FAQ