Simple Graph Security & Risk Analysis
wordpress.org/plugins/simple-graphDraws a line graph of single set of date related data. Graph can be made public (i.e. sidebar widget or static page) and the data can be edited throug …
Is Simple Graph Safe to Use in 2026?
Generally Safe
Score 85/100Simple Graph has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "simple-graph" v1.0.5 plugin presents a mixed security picture. On the positive side, the plugin has no recorded vulnerabilities (CVEs) and a seemingly small attack surface with no apparent direct entry points like AJAX handlers, REST API routes, or shortcodes. The code also demonstrates some good practices, such as the majority of SQL queries using prepared statements and the presence of capability checks.
However, significant concerns arise from the static analysis. The most critical issue is the complete lack of output escaping, meaning any data rendered to the user could be vulnerable to cross-site scripting (XSS) attacks. While the taint analysis shows no critical severity issues, it does highlight one high severity flow with unsanitized paths, which could potentially lead to unintended behavior or data exposure if exploited. The absence of nonce checks on any potential entry points (though none were identified) is a missed opportunity for standard WordPress security. Given the lack of recorded CVEs, the plugin might have been historically secure, but the current analysis indicates potential weaknesses that need addressing.
Key Concerns
- All output unescaped
- Taint analysis: 1 High severity flow
- Taint analysis: 2 unsanitized paths
- No nonce checks
Simple Graph Security Vulnerabilities
Simple Graph Code Analysis
SQL Query Safety
Output Escaping
Data Flow Analysis
Simple Graph Attack Surface
WordPress Hooks 5
Maintenance & Trust
Simple Graph Maintenance & Trust
Maintenance Signals
Community Trust
Simple Graph Alternatives
Charts and Graphs for Elementor
charts-and-graphs-for-elementor
Create beautiful, interactive charts with Graphs & Charts
Fotherplot
fotherplot
A WordPress plugin for plotting some data in a custom field against time. It uses the Google charts API to render a simple line chart.
Plot Over Time
plot-over-time
Uses the Google Chart Tools API for charting data in posts. Tracks up to 10 different data points, 4 chart types, & lots of customization.
Plot Over Time – Extended
plot-over-time-extended
I have used Plot Over Time for a long time when found that I needed to put multiple charts on one page and category restrictions.
Post Popularity Chart Widget
post-popularity-chart-widget-lite
Post Popularity Chart Widget, by which you display a graph with statistics of visits of any article on your site.
Simple Graph Developer Profile
1 plugin · 20 total installs
How We Detect Simple Graph
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/simple-graph/pjm_graph.cssHTML / DOM Fingerprints
id="pjm_graph_user_table_id-name="pjm_graph_user_table_id-id="pjm_graph_title-name="pjm_graph_title-id="pjm_graph_text-name="pjm_graph_text-+32 more<p><?php /*pjm_graph($number);*/pjm_graph($number,$options[$number]['width'],$options[$number]['height'],$options[$number]['show_trend'],$options[$number]['show_target'],FALSE,FALSE,FALSE,$options[$number]['user_id'],$options[$number]['table_id'],FALSE,$options[$number]['gchart']); ?></p><?php if ($options[$number]['show_text']) echo pjm_graph_tags($options[$number]['text'],$tags); ?>