WP-Safety

Rencontre – Dating Site Security & Risk Analysis

wordpress.org/plugins/rencontre

A free powerful and exhaustive dating plugin with private messaging, webcam chat, search by profile and automatic sending of email. No third party.

300 active installs v3.13.8 PHP 7.0+ WP 5.0+ Updated Feb 23, 2026
datinglovematchmeetsocial
76
B · Generally Safe
CVEs total11
Unpatched0
Last CVEDec 15, 2025
Plugin page Download
Safety Verdict

Is Rencontre – Dating Site Safe to Use in 2026?

Mostly Safe

Score 76/100

Rencontre – Dating Site is generally safe to use. 11 past CVEs were resolved. Keep it updated.

11 known CVEsLast CVE: Dec 15, 2025Updated 1mo ago
Risk Assessment

The "rencontre" plugin version 3.13.8 exhibits a concerning security posture due to a significant number of unprotected entry points and poor handling of SQL queries and output escaping. The static analysis reveals 11 out of 28 total entry points lack authentication checks, posing a direct risk for unauthorized access and actions. Furthermore, the extremely low percentage (1%) of SQL queries using prepared statements, coupled with 4 high-severity taint flows, strongly suggests a high likelihood of SQL injection vulnerabilities. The plugin's history of 11 known CVEs, including critical and high-severity issues like CSRF, Unrestricted File Upload, Deserialization, Improper Access Control, XSS, and SQL Injection, paints a picture of recurrent and serious security flaws. While the absence of unpatched CVEs and the presence of nonce and capability checks are positive signs, they are heavily overshadowed by the fundamental weaknesses in data handling and the historical pattern of exploitable vulnerabilities.

Key Concerns

  • Unprotected AJAX handlers (11)
  • Low percentage of prepared SQL statements (1%)
  • Low percentage of properly escaped output (15%)
  • High severity taint flows (4)
  • History of 2 critical CVEs
  • History of 4 high CVEs
  • History of 5 medium CVEs
  • Flows with unsanitized paths (7)
Vulnerabilities
11

Rencontre – Dating Site Security Vulnerabilities

CVEs by Year

6 CVEs in 2019
2019
3 CVEs in 2023
2023
2 CVEs in 2025
2025
Patched Has unpatched

Severity Breakdown

Critical
2
High
4
Medium
5

11 total CVEs

CVE-2025-67558medium · 4.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Rencontre <= 3.13.7 - Authenticated (Administrator+) Stored Cross-Site Scripting

Dec 15, 2025 Patched in 3.13.8 (5d)
CVE-2025-67534medium · 4.3Cross-Site Request Forgery (CSRF)

Rencontre <= 3.13.7 - Cross-Site Request Forgery

Nov 30, 2025 Patched in 3.13.8 (12d)
CVE-2023-51468critical · 9.8Unrestricted Upload of File with Dangerous Type

Rencontre – Dating Site <= 3.10.1 - Unauthenticated Arbitrary File Upload

Dec 27, 2023 Patched in 3.11 (27d)
CVE-2023-51470high · 8.8Deserialization of Untrusted Data

Rencontre – Dating Site <= 3.11.1 - Authenticated (Subscriber+) PHP Object Injection

Dec 27, 2023 Patched in 3.11.2 (27d)
CVE-2023-51425critical · 9.8Improper Access Control

Rencontre – Dating Site <= 3.10.1 - Privilege Escalation

Dec 27, 2023 Patched in 3.11 (27d)
WF-96288db4-2758-4562-8b26-0523926c9156-rencontrehigh · 8.8Cross-Site Request Forgery (CSRF)

Rencontre – Dating Site <= 3.2.2 - Cross-Site Request Forgery

Dec 11, 2019 Patched in 3.2.3 (1504d)
WF-cf665438-20d2-4df9-b3ff-54123343a46d-rencontremedium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Rencontre – Dating Site <= 3.2.1 - Authenticated (Admin+) Stored Cross-Site Scripting

Aug 3, 2019 Patched in 3.2.2 (1634d)
CVE-2019-13414medium · 4.8Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Rencontre – Dating Site <= 3.1.2 - Cross-Site Scripting

Jul 8, 2019 Patched in 3.1.3 (1660d)
CVE-2019-13413high · 7.2Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Rencontre – Dating Site <= 3.1.2 - SQL Injection

Jul 8, 2019 Patched in 3.1.3 (1660d)
WF-45e61d76-085d-48ba-b5ae-cc75f91d1250-rencontremedium · 5.5Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Rencontre – Dating Site <= 3.1.3 - Authenticated (Admin+) Stored Cross-Site Scripting

Apr 8, 2019 Patched in 3.2 (1751d)
WF-7b4f63af-cb43-4287-8fdd-0ff1df70c6d6-rencontrehigh · 7.2Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Rencontre – Dating Site <= 3.2.1 - Authenticated (Admin+) SQL Injection

Mar 8, 2019 Patched in 3.2.2 (1782d)
Code Analysis
Analyzed Mar 16, 2026

Rencontre – Dating Site Code Analysis

Dangerous Functions
0
Raw SQL Queries
275
3 prepared
Unescaped Output
1154
199 escaped
Nonce Checks
28
Capability Checks
64
File Operations
215
External Requests
0
Bundled Libraries
0

SQL Query Safety

1% prepared278 total queries

Output Escaping

15% escaped1353 total outputs
Data Flows
7 unsanitized

Data Flow Analysis

23 flows7 with unsanitized paths
rencFastreg_form (inc\rencontre_filter.php:902)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
11 unprotected

Rencontre – Dating Site Attack Surface

Entry Points28
Unprotected11

AJAX Handlers 22

authwp_ajax_regionBDDinc\rencontre_filter.php:41
authwp_ajax_voirMsginc\rencontre_filter.php:42
authwp_ajax_testPassinc\rencontre_filter.php:43
authwp_ajax_miniPortrait2inc\rencontre_filter.php:44
authwp_ajax_fastregMailinc\rencontre_filter.php:45
authwp_ajax_dynSearchinc\rencontre_filter.php:46
authwp_ajax_gpsnavigatorinc\rencontre_filter.php:48
authwp_ajax_isoinc\rencontre_filter.php:115
authwp_ajax_drapinc\rencontre_filter.php:116
authwp_ajax_exportCsvinc\rencontre_filter.php:117
authwp_ajax_importCsvinc\rencontre_filter.php:118
authwp_ajax_updowninc\rencontre_filter.php:119
authwp_ajax_profilAinc\rencontre_filter.php:120
authwp_ajax_statinc\rencontre_filter.php:121
authwp_ajax_newMemberinc\rencontre_filter.php:122
authwp_ajax_regeneratePhotosinc\rencontre_filter.php:123
authwp_ajax_geoDataRegioninc\rencontre_filter.php:146
authwp_ajax_rencGeoDataCityinc\rencontre_filter.php:147
authwp_ajax_cronasyncinc\rencontre_filter.php:152
noprivwp_ajax_cronasyncinc\rencontre_filter.php:153
authwp_ajax_cronasyncinc\rencontre_filter.php:202
noprivwp_ajax_cronasyncinc\rencontre_filter.php:203

Shortcodes 6

[rencontre_libre] inc\rencontre_filter.php:136
[rencontre_nbmembre] inc\rencontre_filter.php:137
[rencontre_search] inc\rencontre_filter.php:138
[rencontre_login] inc\rencontre_filter.php:139
[rencontre_imgreg] inc\rencontre_filter.php:140
[rencontre] inc\rencontre_filter.php:141
WordPress Hooks 32
filtershow_admin_barinc\rencontre_filter.php:6
actioninitinc\rencontre_filter.php:7
actioninitinc\rencontre_filter.php:8
actioninitinc\rencontre_filter.php:9
actionwp_logoutinc\rencontre_filter.php:10
filterlogin_redirectinc\rencontre_filter.php:11
filterwp_authenticate_userinc\rencontre_filter.php:12
actionadmin_bar_menuinc\rencontre_filter.php:13
filterget_avatarinc\rencontre_filter.php:14
actionregister_forminc\rencontre_filter.php:16
filterregistration_errorsinc\rencontre_filter.php:17
actionuser_registerinc\rencontre_filter.php:18
filterwp_privacy_personal_data_exportersinc\rencontre_filter.php:124
actionwp_privacy_personal_data_export_file_createdinc\rencontre_filter.php:125
actioninitinc\rencontre_filter.php:128
filterwp_setup_nav_menu_iteminc\rencontre_filter.php:133
filterwp_get_nav_menu_itemsinc\rencontre_filter.php:134
actionwp_enqueue_scriptsinc\rencontre_filter.php:142
actionwpGeonames_location_taxonomy_tplinc\rencontre_filter.php:144
filterget_footerinc\rencontre_filter.php:177
filterget_footerinc\rencontre_filter.php:181
actionwp_enqueue_scriptsinc\rencontre_filter.php:446
filterlocalerencontre.php:10
actioninitrencontre.php:179
actioninitrencontre.php:193
actionwidgets_initrencontre.php:216
actionadmin_menurencontre.php:218
actionadmin_print_scriptsrencontre.php:219
actioncustomize_registerrencontre.php:221
actionafter_setup_themerencontre.php:222
actionadmin_initrencontre.php:226
actionin_plugin_update_message-rencontre/rencontre.phprencontre.php:1079
Maintenance & Trust

Rencontre – Dating Site Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedFeb 23, 2026
PHP min version7.0
Downloads94K

Community Trust

Rating76/100
Number of ratings49
Active installs300
Alternatives

Rencontre – Dating Site Alternatives

WeLovez Social Login For WoWonder Php Social Script

WeLovez Social Login For WoWonder Php Social Script

welovez-social-login

A
85

WeLovez Social Login For WoWonder Php Social Script a free powerful WordPress plugin that will allow wowonder (your social media) users to login to an &hellip;

10 No CVEs
Meetup Login

Meetup Login

wp-meetup-login

A
85

One click registration/login using Meetup.com account.

10 No CVEs
Vibe Testimonial Shoutouts

Vibe Testimonial Shoutouts

vibe-testimonial-shoutouts

A
100

Collect and display user testimonials with a "Wall of Love", Grid, or Marquee design. Make your testimonials to get shouted out with Vibe!

0 No CVEs
AddToAny Share Buttons

AddToAny Share Buttons

add-to-any

A
99

Share buttons for WordPress including the AddToAny button, Facebook, Bluesky, Mastodon, WhatsApp, Pinterest, Reddit, many more, and follow icons too.

300K 3 CVEs
Astra Widgets

Astra Widgets

astra-widgets

A
96

Quickest solution to add widgets like Address, Social Profiles and List icons on a website built with Astra.

200K 3 CVEs
Developer Profile

Rencontre – Dating Site Developer Profile

Jacques Malgrange

4 plugins · 530 total installs

69
trust score
Avg Security Score
86/100
Avg Patch Time
777 days
View full developer profile
Detection Fingerprints

How We Detect Rencontre – Dating Site

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/rencontre/css/style_rencontre.css/wp-content/plugins/rencontre/css/style_profil.css/wp-content/plugins/rencontre/css/style_widget.css/wp-content/plugins/rencontre/css/style_admin.css/wp-content/plugins/rencontre/css/jquery.datetimepicker.min.css/wp-content/plugins/rencontre/css/cropper.min.css/wp-content/plugins/rencontre/css/jquery.ui.widget.css/wp-content/plugins/rencontre/css/jquery.jcrop.min.css+10 more
Script Paths
/wp-content/plugins/rencontre/js/admin.js/wp-content/plugins/rencontre/js/base.js/wp-content/plugins/rencontre/js/widget.js/wp-content/plugins/rencontre/js/rencontre.js/wp-content/plugins/rencontre/js/jquery.js/wp-content/plugins/rencontre/js/jquery.datetimepicker.full.min.js+4 more
Version Parameters
rencontre/css/style_rencontre.css?ver=rencontre/css/style_profil.css?ver=rencontre/css/style_widget.css?ver=rencontre/css/style_admin.css?ver=rencontre/css/jquery.datetimepicker.min.css?ver=rencontre/css/cropper.min.css?ver=rencontre/css/jquery.ui.widget.css?ver=rencontre/css/jquery.jcrop.min.css?ver=rencontre/js/admin.js?ver=rencontre/js/base.js?ver=rencontre/js/widget.js?ver=rencontre/js/rencontre.js?ver=rencontre/js/jquery.js?ver=rencontre/js/jquery.datetimepicker.full.min.js?ver=rencontre/js/cropper.min.js?ver=rencontre/js/jquery.form.min.js?ver=rencontre/js/jquery.jcrop.min.js?ver=rencontre/js/jquery-ui.min.js?ver=

HTML / DOM Fingerprints

CSS Classes
rencontre_formrencontre_listrencontre_widgetrencontre_bloc_photorencontre_profilerencontre_msg_writerencontre_adminrencontre_users_list
HTML Comments
<!-- INSTALLATION DU PLUGIN - Creation des tables en BDD --><!-- CLASSE Rencontre --><!-- Variables globale Rencontre --><!-- LANG - Modif with WP 6.7 and Rencontre 3.13 -->+2 more
Data Attributes
data-rencontre-actiondata-rencontre-iddata-rencontre-user
JS Globals
window.rencDivwindow.rencOptwindow.rencCustomwindow.rencWPLANGrencontre_ajax_urlrencontre_options
Shortcode Output
[rencontre][rencontre_form][rencontre_list][rencontre_widget]
FAQ

Frequently Asked Questions about Rencontre – Dating Site