Does Soccr have any unpatched vulnerabilities?

No. All known vulnerabilities in Soccr have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Soccr compatible with WordPress 4.5.33?

According to WordPress.org data, Soccr 1.6.1 has been tested up to WordPress 4.5.33. Check the plugin's changelog for the latest compatibility information.

How often is Soccr updated?

Soccr was last updated on Apr 16, 2016. Frequent updates are generally a positive security signal.

What is Soccr's security score?

Soccr has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Soccr Security & Risk Analysis

wordpress.org/plugins/soccr

Provides a widget to display the last or next match for a specified team. Currently supporting German Bundesliga 1-3. Powered by openligadb.de

10 active installs v1.6.1 PHP + WP 2.8.6+ Updated Apr 16, 2016

bundesligafussballresultssoccersport

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Soccr Safe to Use in 2026?

Generally Safe

Score 85/100

Soccr has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9yr ago

Risk Assessment

The "soccr" plugin v1.6.1 presents a mixed security posture. On the positive side, it has no recorded historical vulnerabilities and avoids dangerous functions. The lack of raw SQL queries and external HTTP requests are also good indicators. However, the plugin has a significant security concern due to a single unprotected AJAX handler, representing its entire attack surface. Furthermore, a very low percentage of its outputs are properly escaped, indicating a high risk of cross-site scripting (XSS) vulnerabilities. The absence of nonce and capability checks on its entry points exacerbates these risks.

Key Concerns

Unprotected AJAX handler
Low percentage of properly escaped output
Missing nonce checks
Missing capability checks

Vulnerabilities

None known

Soccr Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Soccr Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

1 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

2% escaped45 total outputs

Attack Surface

1 unprotected

Soccr Attack Surface

Entry Points1

Unprotected1

AJAX Handlers 1

authwp_ajax_soccr_get_availible_teamscontroller\class-ajax-controller.php:5

WordPress Hooks 4

actioninitcontroller\class-plugin-controller.php:6

actionwidgets_initcontroller\class-plugin-controller.php:7

actionadmin_print_scripts-widgets.phpcontroller\class-plugin-controller.php:8

actionwp_enqueue_scriptscontroller\class-plugin-controller.php:9

Maintenance & Trust

Soccr Maintenance & Trust

Maintenance Signals

WordPress version tested4.5.33

Last updatedApr 16, 2016

PHP min version

Downloads5K

Community Trust

Rating100/100

Number of ratings1

Active installs10

Alternatives

Soccr Alternatives

AnWP Football Leagues

football-leagues-by-anwppro

A complete solution for any football site. Knockout and round-robin competitions, player profiles and statistics, squads, standings and stadiums.

1K 2 CVEs

Soccer Widgets – Football Results & Rankings

webeki-soccer-scores

Soccer Widgets: use shortcodes to deliver updated soccer data like various table rankings and football results by competition.

100 No CVEs

Soccer Engine – Soccer Plugin for WordPress

soccer-engine-lite

Soccer Engine is a plugin that lets bloggers and clubs add results, fixtures, match commentaries, transfers, and a wide range of stats to articles.

90 1 CVE

StatsFC Results

statsfc-results

This widget will place list of football results in your website.

40 No CVEs

wp-championship

wp-championship is a plugin for wordpress letting you play a guessing game of a tournament e.g. soccer

40 2 CVEs

Developer Profile

Soccr Developer Profile

rockschtar

2 plugins · 510 total installs

trust score

Avg Security Score

93/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Soccr

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/soccr/assets/soccr.css/wp-content/plugins/soccr/assets/admin-soccr-widget.js

Script Paths

/wp-content/plugins/soccr/assets/admin-soccr-widget.js

Version Parameters

soccr/assets/soccr.css?ver=soccr/assets/admin-soccr-widget.js?ver=

HTML / DOM Fingerprints

JS Globals

soccr_widget

FAQ