Does Sign-up List have any unpatched vulnerabilities?

No. All known vulnerabilities in Sign-up List have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Sign-up List compatible with WordPress 6.5.8?

According to WordPress.org data, Sign-up List 1.0.0 has been tested up to WordPress 6.5.8. Check the plugin's changelog for the latest compatibility information.

Is Sign-up List compatible with PHP 7.3+?

Sign-up List requires PHP 7.3 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Sign-up List updated?

Sign-up List was last updated on Apr 12, 2024. Frequent updates are generally a positive security signal.

What is Sign-up List's security score?

Sign-up List has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Sign-up List Security & Risk Analysis

wordpress.org/plugins/sign-up-list

Publish a sign-up list to rally up volunteers, event guests, participants and the likes. Show people who's on the list and let them sign up.

0 active installs v1.0.0 PHP 7.3+ WP 5.8+ Updated Apr 12, 2024

sign-upsignupsignupsvolunteervolunteers

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Sign-up List Safe to Use in 2026?

Generally Safe

Score 92/100

Sign-up List has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The 'sign-up-list' plugin v1.0.0 exhibits a generally good security posture with several strong practices. The vast majority of outputs are properly escaped, and there are a substantial number of nonce and capability checks in place. The absence of known CVEs and recorded vulnerabilities, as well as no critical or high-severity taint flows, further contribute to a positive security impression. However, a key concern arises from the presence of an unprotected AJAX handler. This single unprotected entry point, despite the small overall attack surface, represents a significant potential risk for unauthorized actions if not properly secured within the handler's logic. While the plugin demonstrates good defensive coding in most areas, this unprotected handler warrants careful review and immediate mitigation.

Key Concerns

AJAX handler without auth checks

Vulnerabilities

None known

Sign-up List Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Sign-up List Code Analysis

Dangerous Functions

Raw SQL Queries

5 prepared

Unescaped Output

388 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

45% prepared11 total queries

Output Escaping

98% escaped395 total outputs

Data Flows

All sanitized

Data Flow Analysis

3 flows

<render> (blocks\src\sul-sign-up\render.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

Sign-up List Attack Surface

Entry Points3

Unprotected1

AJAX Handlers 1

authwp_ajax_csv_pullsign-up-list.php:91

Shortcodes 2

[sul_entries] sign-up-list.php:146

[sul_sign_up] sign-up-list.php:147

WordPress Hooks 12

actionplugins_loadedsign-up-list.php:51

actioninitsign-up-list.php:56

actionadmin_menusign-up-list.php:89

actionadmin_initsign-up-list.php:90

actionrest_api_initsign-up-list.php:98

actioninitsign-up-list.php:114

actioninitsign-up-list.php:123

actionwp_enqueue_scriptssign-up-list.php:128

actionadmin_initsign-up-list.php:134

filterwp_privacy_personal_data_exporterssign-up-list.php:135

filterwp_privacy_personal_data_eraserssign-up-list.php:136

actioninitsign-up-list.php:143

Maintenance & Trust

Sign-up List Maintenance & Trust

Maintenance Signals

WordPress version tested6.5.8

Last updatedApr 12, 2024

PHP min version7.3

Downloads765

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Sign-up List Alternatives

Volunteer Sign Up Sheets

pta-volunteer-sign-up-sheets

Easily create and manage sign-up sheets for activities and events, while protecting the privacy of the volunteers' personal information.

1K 1 CVE

Sign-up Sheets

sign-up-sheets

Create online sign-up sheets for volunteers, events, and group scheduling.

1K 9 CVEs

Wired Impact Volunteer Management

wired-impact-volunteer-management

A free, easy way to manage your nonprofit's volunteers.

1K 2 CVEs

PTA Shortcodes

pta-shortcodes

Easily generate shortcodes for the PTA plugins from Stephen Sherrard Plugins. Adds a PTA Shortcode generator button to the TinyMCE "classic edito …

200 No CVEs

WP User Signups

wp-user-signups

WP User Signups is the best way to manage user & site sign-ups in WordPress.

30 No CVEs

Developer Profile

Sign-up List Developer Profile

robinlopulalan

4 plugins · 60 total installs

trust score

Avg Security Score

96/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Sign-up List

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/sign-up-list/public/js/sign-up.js

Script Paths

wp-content/plugins/sign-up-list/public/js/sign-up.js

Version Parameters

sign-up-list/public/js/sign-up.js?ver=

HTML / DOM Fingerprints

JS Globals

sul_sign_up

REST Endpoints

/wp-json/sign-up-list/v1/entries/wp-json/sign-up-list/v1/entries/add

Shortcode Output

[sul_entries][sul_sign_up]

FAQ