[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fHK1xDybM1JE0uagc3NXNgu1PBCgSVjbfF5x53nIj5go":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":15,"requires_php":15,"tags":16,"homepage":17,"download_link":18,"security_score":19,"vuln_count":13,"unpatched_count":13,"last_vuln_date":20,"fetched_at":21,"vulnerabilities":22,"developer":23,"crawl_stats":20,"alternatives":30,"analysis":31,"fingerprints":83},"quizz","Quizz","1.02","Amit Sharma","https:\u002F\u002Fprofiles.wordpress.org\u002F13llama\u002F","\u003Cp>Create a sequential quiz on WordPress with the Quizz plugin.\u003C\u002Fp>\n\u003Cp>You can create rich questions, with rich text, images, videos, audio, as you would in any other WordPress post, and let the user answer in plain text, and move on to the next question if they’ve answered correctly.\u003C\u002Fp>\n\u003Cp>The answer conditions can be either ‘exact match & case-sensitive’, or can be phrase-matched (eg. the list of correct answers can be “xyz, abc, def”, and if the user enters “abc”, it’s counted as the right answer.\u003C\u002Fp>\n\u003Cp>The plugin also raises the following hooks:\u003Cbr \u002F>\nquizz_level_updated: raised when the user’s answer is considered correct and they’re pushed to the next question\u003Cbr \u002F>\nquizz_ended: raised when the list of questions comes to an end, and the user is sent to a designated page (eg. a congratulations page)\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Under Questions in the WordPress admin menu, click on Add New Question. \u003C\u002Fli>\n\u003Cli>Enter the question in the big post area. This can be plain text, images, or embedded multimedia. \u003C\u002Fli>\n\u003Cli>Enter the correct answer in the Answer field below the question field.\u003C\u002Fli>\n\u003Cli>Choose whether you will accept only exact matches, or a part answer (eg. you enter a series of answers delimited by commas) is valid.\u003C\u002Fli>\n\u003Cli>Select which question leads to the current question.\u003C\u002Fli>\n\u003Cli>Select whether this is the final question of the series, and if it is, choose the Page which will be displayed when the player is done with the quiz. Eg. a thank you page, or a success page.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Uninstall\u003C\u002Fh3>\n\u003Cp>In the Plugins screen of your WordPress admin area, navigate to Quizz, click on Deactivate. On the refreshed screen, click on Delete.\u003Cbr \u002F>\nNote: You will lose all your questions if you uninstall the plugin. Take a backup of your data before you uninstall.\u003C\u002Fp>\n","A simple quiz plugin Contributors: 13llama Tags: quiz, question Author: 13 Llama Studio Author URI: http:\u002F\u002Fwww.13llama.com\u002F Version: 1.",20,3035,0,"2014-03-30T19:47:00.000Z","",[],"http:\u002F\u002Fwww.13llama.com\u002Fquizz","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fquizz.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":24,"display_name":7,"profile_url":8,"plugin_count":25,"total_installs":26,"avg_security_score":19,"avg_patch_time_days":27,"trust_score":28,"computed_at":29},"13llama",2,70,30,84,"2026-04-04T07:12:40.004Z",[],{"attackSurface":32,"codeSignals":57,"taintFlows":75,"riskAssessment":76,"analyzedAt":82},{"hooks":33,"ajaxHandlers":53,"restRoutes":54,"shortcodes":55,"cronEvents":56,"entryPointCount":13,"unprotectedCount":13},[34,40,45,49],{"type":35,"name":36,"callback":37,"file":38,"line":39},"action","init","create_quiz_post","quizz.php",58,{"type":41,"name":42,"callback":43,"file":38,"line":44},"filter","the_content","quiz_show_form",130,{"type":35,"name":46,"callback":47,"file":38,"line":48},"add_meta_boxes","quizz_add_custom_box",147,{"type":35,"name":50,"callback":51,"file":38,"line":52},"save_post","quizz_save_postdata",275,[],[],[],[],{"dangerousFunctions":58,"sqlUsage":59,"outputEscaping":61,"fileOperations":13,"externalRequests":13,"nonceChecks":73,"capabilityChecks":25,"bundledLibraries":74},[],{"prepared":25,"raw":13,"locations":60},[],{"escaped":25,"rawEcho":62,"locations":63},4,[64,67,69,71],{"file":38,"line":65,"context":66},108,"raw output",{"file":38,"line":68,"context":66},109,{"file":38,"line":70,"context":66},196,{"file":38,"line":72,"context":66},218,1,[],[],{"summary":77,"deductions":78},"The \"quizz\" v1.02 plugin exhibits a generally strong security posture, particularly in its handling of database interactions and its limited attack surface.  The complete absence of AJAX handlers, REST API routes, shortcodes, and cron events with exploitable entry points, combined with the use of prepared statements for all SQL queries, indicates a good understanding of secure development practices.  Furthermore, the presence of nonce and capability checks on its limited code signals suggests an effort to protect against common WordPress attacks. The plugin also has no recorded vulnerability history, further contributing to its positive security profile.\n\nHowever, a significant concern arises from the output escaping. With only 33% of its output properly escaped, the plugin is susceptible to Cross-Site Scripting (XSS) vulnerabilities. While the static analysis did not explicitly identify XSS flows, this high percentage of unescaped output creates a clear and present risk. The lack of any identified taint flows might suggest that the specific data processed by the plugin doesn't currently lend itself to critical vulnerabilities through those paths, but this doesn't negate the XSS risk from unescaped output. The plugin's strengths lie in its minimal attack surface and secure database handling, but the output escaping deficiency is a notable weakness that requires attention.",[79],{"reason":80,"points":81},"Poor output escaping (33% proper)",7,"2026-03-16T23:06:19.083Z",{"wat":84,"direct":89},{"assetPaths":85,"generatorPatterns":86,"scriptPaths":87,"versionParams":88},[],[],[],[],{"cssClasses":90,"htmlComments":97,"htmlAttributes":98,"restEndpoints":104,"jsGlobals":105,"shortcodeOutput":107},[91,92,93,94,95,96],"quiz_error","quiz_message","quiz_form","quiz_answer","quiz_button","answers",[],[99,100,101,102,103],"quizz_answer","quizz_exact","quizz_prevlevel","quizz_last","quizz_lastpage",[],[106],"window.location",[]]