WP-Safety

The Holy Quran Security & Risk Analysis

wordpress.org/plugins/quran

Displays random verse from the holy quran.

10 active installs v0.5 PHP + WP 2.4+ Updated Apr 17, 2011
arabicislamquran
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is The Holy Quran Safe to Use in 2026?

Generally Safe

Score 85/100

The Holy Quran has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 14yr ago
Risk Assessment

The "quran" plugin v0.5 presents a mixed security posture. On the positive side, there are no known vulnerabilities (CVEs) in its history, and the static analysis indicates no dangerous functions, external HTTP requests, or taint flows. All SQL queries utilize prepared statements, which is a strong practice for preventing SQL injection. However, significant concerns arise from the complete lack of output escaping for all identified outputs. This means that any data displayed by the plugin could be vulnerable to cross-site scripting (XSS) attacks. Furthermore, the absence of nonce checks and capability checks, coupled with zero detected entry points that require authentication, suggests a potentially wide-open attack surface if any of the identified file operations or code paths were to be exposed or manipulated in unexpected ways. The plugin's history of zero vulnerabilities might be a result of its limited scope or recent release, rather than a proven track record of robust security.

Key Concerns

  • 0% output escaping
  • 0 nonce checks
  • 0 capability checks
Vulnerabilities
None known

The Holy Quran Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

The Holy Quran Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
4 prepared
Unescaped Output
6
0 escaped
Nonce Checks
0
Capability Checks
0
File Operations
2
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared4 total queries

Output Escaping

0% escaped6 total outputs
Attack Surface

The Holy Quran Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 1
actionwidgets_initquran.php:107
Maintenance & Trust

The Holy Quran Maintenance & Trust

Maintenance Signals

WordPress version tested3.1.4
Last updatedApr 17, 2011
PHP min version
Downloads5K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

The Holy Quran Alternatives

Hindi Quran Viewer

Hindi Quran Viewer

hindi-quran-viewer

A
100

A WordPress plugin to display Quranic verses in Arabic, Hindi, and English, stored locally for offline access.

0 No CVEs
Quran multilanguage Text & Audio

Quran multilanguage Text & Audio

quran-text-multilanguage

A
98

Quran plugin with 30 languages, 32 reciters, and customizable interface.

600 2 CVEs
Quran Verse Inserter

Quran Verse Inserter

quran-verse-inserter

A
100

Beautifully display Quran verses with translations & audio recitations in your WordPress posts & pages. Easy Gutenberg block integration for I …

40 No CVEs
Ayah of the Day WordPress Widget

Ayah of the Day WordPress Widget

ayah-of-the-day

A
85

It displays translation of a verse from Holy Quran(Muslim's holy book) on your blog sidebar.

10 No CVEs
Bangla Al Quraner Bani

Bangla Al Quraner Bani

bangla-al-quran

A
100

Randomly Display Bangla meaning from Holy Al Quran.

10 No CVEs
Developer Profile

The Holy Quran Developer Profile

holooli

3 plugins · 30 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect The Holy Quran

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/quran/css/style.css

HTML / DOM Fingerprints

CSS Classes
quran_versequran_verse_numberquran_suraquran_error
FAQ

Frequently Asked Questions about The Holy Quran