Does Randomize CSS have any unpatched vulnerabilities?

No. All known vulnerabilities in Randomize CSS have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Randomize CSS compatible with WordPress 3.7.41?

According to WordPress.org data, Randomize CSS 0.4 has been tested up to WordPress 3.7.41. Check the plugin's changelog for the latest compatibility information.

How often is Randomize CSS updated?

Randomize CSS was last updated on Jan 25, 2014. Frequent updates are generally a positive security signal.

What is Randomize CSS's security score?

Randomize CSS has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Randomize CSS Security & Risk Analysis

wordpress.org/plugins/randomize-css

Randomize CSS plugin can be configured to randomize part of the css on each page view. It can for example change random colors.

10 active installs v0.4 PHP + WP 2.0.2+ Updated Jan 25, 2014

colorcssrandomrandomizestyle

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Randomize CSS Safe to Use in 2026?

Generally Safe

Score 85/100

Randomize CSS has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 12yr ago

Risk Assessment

The "randomize-css" plugin v0.4 exhibits a mixed security posture. On the positive side, it has a very small attack surface with no apparent entry points exposed to potential attackers. The plugin also shows good practice by utilizing prepared statements for all its SQL queries, indicating a proactive approach to preventing SQL injection vulnerabilities. Furthermore, there is no recorded vulnerability history, suggesting a track record of secure development. However, a significant concern is the complete lack of output escaping. This means that any data output by the plugin, regardless of its source, is not being properly sanitized, leaving it vulnerable to cross-site scripting (XSS) attacks. The presence of file operations without explicit mention of sanitization or proper handling also warrants attention. While the absence of known CVEs is a positive sign, the identified lack of output escaping presents a clear and present risk that should be addressed.

Key Concerns

0% output escaping
File operations present without explicit sanitization checks

Vulnerabilities

None known

Randomize CSS Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Randomize CSS Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped6 total outputs

Attack Surface

Randomize CSS Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 3

actionadmin_menurandomize-css.php:178

actionwp_headrandomize-css.php:179

actioninitrandomize-css.php:182

Maintenance & Trust

Randomize CSS Maintenance & Trust

Maintenance Signals

WordPress version tested3.7.41

Last updatedJan 25, 2014

PHP min version

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Randomize CSS Alternatives

Khaos Quotes

khaos-quotes

100

A powerful quote management plugin with live preview, extensive styling options, font uploads, and JSON import/export.

0 No CVEs

Simple Custom CSS and JS

custom-css-js

100

Easily add Custom CSS or JS to your website with an awesome editor.

700K 1 CVE

Simple Custom CSS Plugin

simple-custom-css

Add Custom CSS to your WordPress site without any hassles.

100K No CVEs

WP Add Custom CSS

wp-add-custom-css

100

Add custom css to the whole website and to specific posts and pages.

60K No CVEs

Gravity Booster – Styles & Layouts for Gravity Forms

styles-and-layouts-for-gravity-forms

100

Gravity Booster - Styles and Layouts for Gravity Forms plugin lets you design and style Gravity Forms without CSS coding. You can also use it for addi …

40K No CVEs

Developer Profile

Randomize CSS Developer Profile

flocsy

4 plugins · 1K total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Randomize CSS

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/randomize-css/css.php

HTML / DOM Fingerprints

CSS Classes

radio

Data Attributes

randomize-css-sourcerandomize-css-template

JS Globals

randomize_css_onclick

FAQ