
Sided Security & Risk Analysis
wordpress.org/plugins/sidedUse the Sided plugin to create and insert discussion polls into your content.
Is Sided Safe to Use in 2026?
Generally Safe
Score 99/100Sided has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.
The "sided" plugin v1.4.12 presents a mixed security posture. On the positive side, it demonstrates good practices with 100% of SQL queries utilizing prepared statements and a very high percentage (98%) of outputs being properly escaped. The absence of dangerous functions and file operations is also encouraging. However, a significant concern lies within its attack surface, particularly the 16 unprotected AJAX handlers, which represent a substantial entry point for potential attacks if not properly secured by other means.
Taint analysis reveals a concerning number of flows with unsanitized paths (21 out of 29), although none are categorized as critical or high severity. This suggests a potential for input manipulation that could lead to unintended behavior or vulnerabilities, even if not immediately exploitable in a critical way. The plugin's history includes one medium-severity Cross-Site Scripting (XSS) vulnerability, with the last recorded incident being recent. While currently unpatched CVEs are zero, the presence of past XSS issues combined with the taint analysis findings warrants caution regarding input handling.
Overall, "sided" v1.4.12 has strengths in its database interaction and output sanitization. However, the large number of unprotected AJAX endpoints and the prevalence of unsanitized input paths in taint analysis introduce notable risks. The past XSS vulnerability, while medium and resolved, highlights an area that requires ongoing vigilance. The plugin's security is therefore moderate, with specific areas demanding immediate attention.
Key Concerns
- Unprotected AJAX handlers
- Flows with unsanitized paths
- Past medium XSS vulnerability
- Limited nonce checks on AJAX
Sided Security Vulnerabilities
CVEs by Year
Severity Breakdown
1 total CVE
Sided <= 1.4.5 - Authenticated (Contributor+) Stored Cross-Site Scripting
Sided Release Timeline
Sided Code Analysis
Output Escaping
Data Flow Analysis
Sided Attack Surface
AJAX Handlers 24
Shortcodes 2
WordPress Hooks 20
Maintenance & Trust
Sided Maintenance & Trust
Maintenance Signals
Community Trust
Sided Alternatives
Crowdsignal Dashboard – Polls, Surveys & more
polldaddy
Manage your Crowdsignal polls, surveys, quizzes, and ratings directly from the WordPress dashboard.
Social Polls by Wedgies.com
wedgies-shortcode
Wedgies are polls that you can embed in your WordPress site and templates.
Crowdsignal Forms
crowdsignal-forms
The Crowdsignal Forms plugin allows you to create and manage polls right from within the block editor.
WP-Polls
wp-polls
Adds an AJAX poll system to your WordPress blog. You can also easily add a poll into your WordPress's blog post/page.
Democracy Poll
democracy-poll
WordPress polls plugin with multiple-choice, custom answers, cache compatibility, widgets, and shortcodes.
Sided Developer Profile
2 plugins · 10 total installs
How We Detect Sided
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/sided/assets/js/sided-widget.js/wp-content/plugins/sided/assets/css/sided-widget.css/wp-content/plugins/sided/assets/js/sided-widget.jssided/assets/js/sided-widget.js?ver=sided/assets/css/sided-widget.css?ver=HTML / DOM Fingerprints
sided-widgetcustom-sidebar-boxclientIdplacementId[sided_debate][sided_poll]