Does Requird have any unpatched vulnerabilities?

No. All known vulnerabilities in Requird have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Requird compatible with WordPress 4.0.38?

According to WordPress.org data, Requird 1.3 has been tested up to WordPress 4.0.38. Check the plugin's changelog for the latest compatibility information.

How often is Requird updated?

Requird was last updated on Unknown. Frequent updates are generally a positive security signal.

What is Requird's security score?

Requird has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Requird Security & Risk Analysis

wordpress.org/plugins/requird

Require users to fill selected fields before posting.

10 active installs v1.3 PHP + WP 3.x+ Updated Unknown

custom-typesforcepostpublishrequire

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Requird Safe to Use in 2026?

Generally Safe

Score 100/100

Requird has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The "requird" v1.3 plugin exhibits a generally positive security posture based on the static analysis provided. The absence of dangerous functions, raw SQL queries, file operations, and external HTTP requests is commendable. Crucially, the lack of any reported vulnerabilities (CVEs) historically and in the current state further strengthens this impression. The plugin also demonstrates some good practices like using prepared statements for SQL queries and a capability check.

However, there are notable areas for concern. The most significant is the complete lack of output escaping for all identified outputs. This represents a critical risk, as unsanitized output can lead to Cross-Site Scripting (XSS) vulnerabilities, allowing attackers to inject malicious code into web pages viewed by other users. The absence of nonce checks on any entry points is also a weakness, potentially exposing the plugin to Cross-Site Request Forgery (CSRF) attacks if any actionable operations were present.

While the plugin's history is clean, the identified issues in output escaping and nonce checks create potential vulnerabilities that could be exploited. A clean vulnerability history is positive, but it doesn't negate the risks identified in the current code analysis. The plugin needs to address the output escaping issue to significantly improve its security.

Key Concerns

All outputs are unescaped
No nonce checks on entry points

Vulnerabilities

None known

Requird Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Requird Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped3 total outputs

Attack Surface

Requird Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 6

actionplugins_loadedrequird-settings.php:31

actionadmin_menurequird-settings.php:33

actionadmin_initrequird-settings.php:35

filterplugin_action_linksrequird.php:27

actionedit_form_advancedrequird.php:29

actionedit_page_formrequird.php:30

Maintenance & Trust

Requird Maintenance & Trust

Maintenance Signals

WordPress version tested4.0.38

Last updatedUnknown

PHP min version

Downloads2K

Community Trust

Rating90/100

Number of ratings2

Active installs10

Alternatives

Requird Alternatives

Require Post Tags

require-post-tags

Require users to add at least one post tag before saving a draft, updating a post, or publishing a post. This applies to normal posts and may not be …

40 No CVEs