Does Simple Feature Requests Free – User Feedback Board have any unpatched vulnerabilities?

No. All known vulnerabilities in Simple Feature Requests Free – User Feedback Board have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Simple Feature Requests Free – User Feedback Board compatible with WordPress 6.9.4?

According to WordPress.org data, Simple Feature Requests Free – User Feedback Board 2.4.9.3 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Simple Feature Requests Free – User Feedback Board compatible with PHP 7.4+?

Simple Feature Requests Free – User Feedback Board requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

What is Simple Feature Requests Free – User Feedback Board's security score?

Simple Feature Requests Free – User Feedback Board has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Simple Feature Requests Free – User Feedback Board Security & Risk Analysis

wordpress.org/plugins/simple-feature-requests

Collect and manage user feedback using your existing WordPress website. Prioritize the product features important to you and your customers.

100 active installs v2.4.9.3 PHP 7.4+ WP 6.0+ Updated Feb 18, 2026

customer-feedbackfeature-requestidea-managementroadmapuser-feedback

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Simple Feature Requests Free – User Feedback Board Safe to Use in 2026?

Generally Safe

Score 100/100

Simple Feature Requests Free – User Feedback Board has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The "simple-feature-requests" plugin v2.4.9.3 presents a mixed security posture. While it demonstrates good practices in its handling of SQL queries by exclusively using prepared statements and appears to have a clean vulnerability history with zero recorded CVEs, there are significant concerns stemming from its static analysis results. The presence of 22 "dangerous functions," including `unserialize`, `shell_exec`, and `proc_open`, is a major red flag, indicating potential for severe code execution vulnerabilities if data processed by these functions is not meticulously sanitized. Furthermore, the taint analysis revealing 3 flows with unsanitized paths, though not classified as critical or high severity in this report, points to a potential for vulnerabilities if user-supplied data can reach these sensitive functions without proper validation and sanitization. The limited number of entry points and the absence of directly unprotected ones are positive, but the underlying use of risky functions and unsanitized flows overshadows these strengths.

Key Concerns

Use of dangerous functions like unserialize, shell_exec
Taint flows with unsanitized paths
Low percentage of properly escaped output
Bundled library (Freemius v1.0) might be outdated

Vulnerabilities

None known

Simple Feature Requests Free – User Feedback Board Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Simple Feature Requests Free – User Feedback Board Code Analysis

Dangerous Functions

Raw SQL Queries

51 prepared

Unescaped Output

113 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserializereturn @unserialize( $data, $options ); // @phpcs:ignorevendor-prefixed\deliciousbrains\wp-background-processing\classes\wp-background-process.php:877

unserializereturn get_class(unserialize($job));vendor-prefixed\illuminate\support\Testing\Fakes\BusFake.php:378

unserializereturn get_class(unserialize($job));vendor-prefixed\illuminate\support\Testing\Fakes\QueueFake.php:162

unserialize$instance = @unserialize((string) $value);vendor-prefixed\nesbot\carbon\src\Carbon\Traits\Serialization.php:89

unserializeparent::__construct($date, unserialize($timezone));vendor-prefixed\nesbot\carbon\src\Carbon\Traits\Serialization.php:199

unserialize$this->__construct($date, unserialize($timezone));vendor-prefixed\nesbot\carbon\src\Carbon\Traits\Serialization.php:237

shell_exec$sttyMode = shell_exec('stty -g');vendor-prefixed\symfony\console\Application.php:1007

shell_execshell_exec('stty '.$sttyMode);vendor-prefixed\symfony\console\Application.php:1011

proc_open$isTtySupported = (bool) @proc_open('echo 1 >/dev/null', [['file', '/dev/tty', 'r'], ['file', '/dev/vendor-prefixed\symfony\console\Cursor.php:187

shell_exec$sttyMode = shell_exec('stty -g');vendor-prefixed\symfony\console\Cursor.php:194

shell_execshell_exec('stty -icanon -echo');vendor-prefixed\symfony\console\Cursor.php:195

shell_execshell_exec(sprintf('stty %s', $sttyMode));vendor-prefixed\symfony\console\Cursor.php:201

shell_exec$sttyMode = shell_exec('stty -g');vendor-prefixed\symfony\console\Helper\QuestionHelper.php:265

shell_execshell_exec('stty -icanon -echo');vendor-prefixed\symfony\console\Helper\QuestionHelper.php:271

shell_execshell_exec('stty '.$sttyMode);vendor-prefixed\symfony\console\Helper\QuestionHelper.php:286

shell_execshell_exec('stty '.$sttyMode);vendor-prefixed\symfony\console\Helper\QuestionHelper.php:391

shell_exec$sExec = shell_exec('"'.$exe.'"');vendor-prefixed\symfony\console\Helper\QuestionHelper.php:431

shell_exec$sttyMode = shell_exec('stty -g');vendor-prefixed\symfony\console\Helper\QuestionHelper.php:443

shell_execshell_exec('stty -echo');vendor-prefixed\symfony\console\Helper\QuestionHelper.php:444

shell_execshell_exec('stty '.$sttyMode);vendor-prefixed\symfony\console\Helper\QuestionHelper.php:452

shell_execreturn self::$stty = (bool) shell_exec('stty 2> '.('\\' === \DIRECTORY_SEPARATOR ? 'NUL' : '/dev/nulvendor-prefixed\symfony\console\Terminal.php:72

proc_openif (!$process = @proc_open($command, $descriptorspec, $pipes, null, null, ['suppress_errors' => truevendor-prefixed\symfony\console\Terminal.php:161

Bundled Libraries

Freemius1.0

SQL Query Safety

100% prepared51 total queries

Output Escaping

66% escaped170 total outputs

Data Flows

3 unsanitized

Data Flow Analysis

4 flows3 with unsanitized paths

log (vendor-prefixed\symfony\console\Command\CompleteCommand.php:196)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Simple Feature Requests Free – User Feedback Board Attack Surface

Entry Points3

Unprotected0

Shortcodes 3

[simple-feature-requests-form] inc\class-shortcodes.php:18

[simple-feature-requests] inc\class-shortcodes.php:19

[simple-feature-requests-sidebar] inc\class-shortcodes.php:20

WordPress Hooks 82

filterwpsf_register_settings_sfrinc\admin\overrides.php:20

actionadmin_noticesinc\admin\php-check.php:18

actionadmin_noticesinc\admin\php-check.php:20

actionadmin_noticesinc\admin\php-check.php:22

actionadmin_noticesinc\admin\php-check.php:24

actionadmin_noticesinc\admin\php-check.php:26

actionadmin_noticesinc\admin\php-check.php:28

actionadmin_noticesinc\admin\php-check.php:30

actionadmin_initinc\admin\php-check.php:133

actionrestrict_manage_postsinc\class-admin-filters.php:12

filterpre_get_postsinc\class-admin-filters.php:13

filterpre_get_postsinc\class-admin-filters.php:14

actionadmin_enqueue_scriptsinc\class-admin-filters.php:15

actionadmin_headinc\class-admin-filters.php:16

filtermonths_dropdown_resultsinc\class-admin-filters.php:17

filterpre_get_postsinc\class-admin-filters.php:18

actionwp_enqueue_scriptsinc\class-assets.php:15

filterget_post_metadatainc\class-compat-astra.php:21

actiondo_meta_boxesinc\class-compat-astra.php:22

filtersfr_spawn_croninc\class-compat-edd.php:19

filterget_post_metadatainc\class-compat-elementor.php:20

filterelementor/documents/get/post_idinc\class-compat-elementor.php:21

actionwp_enqueue_scriptsinc\class-compat-elementor.php:22

filtershow_trialinc\class-core-licence.php:134

filtertemplates/account.phpinc\class-core-licence.php:135

filterplugin_iconinc\class-core-licence.php:141

filterhide_account_tabsinc\class-core-licence.php:147

actionadmin_noticesinc\class-core-licence.php:149

actioninitinc\class-core-settings.php:70

actionadmin_menuinc\class-core-settings.php:71

actionin_admin_headerinc\class-core-settings.php:72

filterwoocommerce_allow_marketplace_suggestionsinc\class-core-settings.php:73

actionsave_postinc\class-factory.php:15

actionsfr_status_updatedinc\class-factory.php:16

actionsave_postinc\class-factory.php:61

actionshutdowninc\class-notifications.php:76

actioninitinc\class-post-types.php:40

actioninitinc\class-post-types.php:41

actiontemplate_redirectinc\class-post-types.php:42

filterquery_varsinc\class-post-types.php:43

filtermanage_cpt_feature_requests_posts_columnsinc\class-post-types.php:44

actionmanage_cpt_feature_requests_posts_custom_columninc\class-post-types.php:45

filtermanage_edit-cpt_feature_requests_sortable_columnsinc\class-post-types.php:51

actionpre_get_postsinc\class-post-types.php:52

actionadd_meta_boxesinc\class-post-types.php:53

filterpost_type_linkinc\class-post-types.php:54

filterbody_classinc\class-post-types.php:60

actiontemplate_redirectinc\class-post-types.php:62

filterthe_postsinc\class-post-types.php:63

filterthe_postinc\class-post-types.php:69

actionadmin_bar_menuinc\class-post-types.php:75

filterget_post_metadatainc\class-post-types.php:76

filterregister_post_type_argsinc\class-post-types.php:86

actionpre_get_postsinc\class-query.php:27

actionpre_get_postsinc\class-query.php:33

actionpre_get_postsinc\class-query.php:39

actionsfr_status_updatedinc\class-query.php:45

actionpost_updateinc\class-query.php:51

actiondelete_postinc\class-query.php:57

actionsave_postinc\class-query.php:63

actionadmin_menuinc\class-settings.php:17

actionadmin_headinc\class-settings.php:18

filterwpsf_menu_icon_url_sfrinc\class-settings.php:19

filterwpsf_menu_position_sfrinc\class-settings.php:20

filterwpsf_register_settings_sfrinc\class-settings.php:21

filterwpsf_register_settings_sfrinc\class-settings.php:22

actionupdate_option_sfr_settingsinc\class-settings.php:23

actionadd_option_sfr_settingsinc\class-settings.php:24

actionadmin_noticesinc\class-settings.php:25

actiontemplate_redirectinc\class-submission.php:15

filtercomments_templateinc\class-template-hooks.php:119

filtercomments_openinc\class-template-hooks.php:301

actiontemplate_redirectinc\class-user.php:52

actioninitinc\deprecated.php:53

actionadmin_initsimple-feature-requests.php:91

actioninitsimple-feature-requests.php:103

filtersfr_statusessimple-feature-requests.php:104

filtersfr_single_request_namesimple-feature-requests.php:110

filtersfr_plural_request_namesimple-feature-requests.php:116

filtersfr_status_descriptionssimple-feature-requests.php:122

filtersfr_status_colorssimple-feature-requests.php:128

filtercron_schedulesvendor-prefixed\deliciousbrains\wp-background-processing\classes\wp-background-process.php:110

Maintenance & Trust

Simple Feature Requests Free – User Feedback Board Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 18, 2026

PHP min version7.4

Downloads21K

Community Trust

Rating80/100

Number of ratings10

Active installs100

Alternatives

Simple Feature Requests Free – User Feedback Board Alternatives

Mopinion Feedback Form

mopinion-feedback-form

Easy add feedback buttons and feedback forms to your website with the Mopinion.com Wordpress Plugin. Easy install, fast user insights.

100 1 unpatched

WP Customer Feedback

wp-customer-feedback

Give users a quick and easy way to provide feedback. Feedback is sent directly to you, away from competitors eyes. Increases leads and conversions.

50 No CVEs

Roadmap

roadmap

Easily add a product roadmap and feedback form to your WordPress site, blog or members area. Keep your users up to date on your progress, product idea …

20 No CVEs

Product Roadmap

product-roadmap

100

Create public product roadmaps to share your vision, collect user feedback, and build products your customers actually want.

10 No CVEs

FeedHub – Feedback Widget

feedhub-feedback-widget

100

Easily collect user feedback on your WordPress site with FeedHub's beautiful feedback widget.

0 No CVEs

Developer Profile

Simple Feature Requests Free – User Feedback Board Developer Profile

Patrick Garman

1 plugin · 100 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Simple Feature Requests Free – User Feedback Board

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/simple-feature-requests/assets/css/frontend.css/wp-content/plugins/simple-feature-requests/assets/js/frontend.js/wp-content/plugins/simple-feature-requests/assets/css/backend.css/wp-content/plugins/simple-feature-requests/assets/js/backend.js/wp-content/plugins/simple-feature-requests/assets/js/admin.js

Script Paths

/wp-content/plugins/simple-feature-requests/assets/js/frontend.js/wp-content/plugins/simple-feature-requests/assets/js/backend.js/wp-content/plugins/simple-feature-requests/assets/js/admin.js

Version Parameters

simple-feature-requests/assets/css/frontend.css?ver=simple-feature-requests/assets/js/frontend.js?ver=simple-feature-requests/assets/css/backend.css?ver=simple-feature-requests/assets/js/backend.js?ver=simple-feature-requests/assets/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

sfr-request-formsfr-request-listsfr-request-itemsfr-request-detailssfr-request-titlesfr-request-descriptionsfr-request-statussfr-request-submitter+5 more

HTML Comments

+2 more

Data Attributes

data-sfr-request-iddata-sfr-request-statusdata-sfr-actiondata-sfr-nonce

JS Globals

SimpleFeatureRequestsFrontendSimpleFeatureRequestsAdmin

REST Endpoints

/wp-json/simple-feature-requests/v1/requests/wp-json/simple-feature-requests/v1/request

Shortcode Output

[simple_feature_requests][sfr_form][sfr_list]

FAQ

Simple Feature Requests Free – User Feedback Board Security & Risk Analysis

Is Simple Feature Requests Free – User Feedback Board Safe to Use in 2026?

Generally Safe

Key Concerns

Simple Feature Requests Free – User Feedback Board Security Vulnerabilities

Simple Feature Requests Free – User Feedback Board Code Analysis

Dangerous Functions Found

Bundled Libraries

SQL Query Safety

Output Escaping

Data Flow Analysis

Simple Feature Requests Free – User Feedback Board Attack Surface

Shortcodes 3

Simple Feature Requests Free – User Feedback Board Maintenance & Trust

Maintenance Signals

Community Trust

Simple Feature Requests Free – User Feedback Board Alternatives

Mopinion Feedback Form

WP Customer Feedback

Roadmap

Product Roadmap

FeedHub – Feedback Widget

Simple Feature Requests Free – User Feedback Board Developer Profile

How We Detect Simple Feature Requests Free – User Feedback Board

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Simple Feature Requests Free – User Feedback Board