Does WP responsive FAQ with category plugin have any unpatched vulnerabilities?

No. All known vulnerabilities in WP responsive FAQ with category plugin have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WP responsive FAQ with category plugin compatible with WordPress 6.8.5?

According to WordPress.org data, WP responsive FAQ with category plugin 3.9.4 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

How often is WP responsive FAQ with category plugin updated?

WP responsive FAQ with category plugin was last updated on Nov 12, 2025. Frequent updates are generally a positive security signal.

What is WP responsive FAQ with category plugin's security score?

WP responsive FAQ with category plugin has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WP responsive FAQ with category plugin Security & Risk Analysis

wordpress.org/plugins/sp-faq

A quick, easy way to add an responsive FAQs page. You can use this plugin as a jQuery UI accordion. Also work with Gutenberg shortcode block.

4K active installs v3.9.4 PHP + WP 4.0+ Updated Nov 12, 2025

faq-listfaq-with-accordionfrequently-asked-questionsjquery-ui-accordionwp-faq-with-category

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is WP responsive FAQ with category plugin Safe to Use in 2026?

Generally Safe

Score 100/100

WP responsive FAQ with category plugin has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago

Risk Assessment

The "sp-faq" plugin version 3.9.4 exhibits a generally good security posture, with a strong emphasis on utilizing prepared statements for SQL queries and a high percentage of properly escaped outputs. The absence of known CVEs and a clean vulnerability history are positive indicators, suggesting a well-maintained and secure codebase. The plugin also implements nonce and capability checks for its entry points, further strengthening its defenses.

However, the static analysis does reveal a potential area of concern: the presence of the `unserialize` function. While not directly flagged as a vulnerability in the taint analysis, the `unserialize` function can be a significant security risk if used with untrusted or user-controlled input, as it can lead to Remote Code Execution vulnerabilities. The file operations and external HTTP requests, while present, do not show any immediate red flags in the taint analysis, but their context would need further review to confirm their safety.

Overall, the plugin appears to be developed with security in mind, as evidenced by its robust use of prepared statements and output escaping. The lack of historical vulnerabilities is a significant positive. The primary weakness identified is the potential risk associated with the `unserialize` function, which, if exploited, could undermine the otherwise strong security foundations. Vigilance regarding any future updates or potential issues related to this function would be prudent.

Key Concerns

Use of unserialize function

Vulnerabilities

None known

WP responsive FAQ with category plugin Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

WP responsive FAQ with category plugin Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

242 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$info = @unserialize($data);wpos-analytics\includes\class-anylc-admin.php:670

Output Escaping

93% escaped260 total outputs

Data Flows

All sanitized

Data Flow Analysis

1 flows

<solutions-features> (includes\admin\settings\solution-features\solutions-features.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

WP responsive FAQ with category plugin Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[sp_faq] includes\shortcode\wp-faq.php:126

WordPress Hooks 32

actionplugins_loadedfaq.php:93

actionupdate_option_active_pluginsfaq.php:129

actionadmin_noticesfaq.php:188

actionadmin_menuincludes\admin\class-wp-faq-admin.php:20

actionadd_meta_boxesincludes\admin\class-wp-faq-admin.php:23

actionadmin_initincludes\admin\class-wp-faq-admin.php:26

filtermanage_faq_cat_custom_columnincludes\admin\class-wp-faq-admin.php:29

filtermanage_edit-faq_cat_columnsincludes\admin\class-wp-faq-admin.php:30

actioninitincludes\admin\supports\gutenberg-block.php:58

actionenqueue_block_editor_assetsincludes\admin\supports\gutenberg-block.php:81

filterblock_categories_allincludes\admin\supports\gutenberg-block.php:102

actionadmin_enqueue_scriptsincludes\class-wp-faq-script.php:19

actionwp_enqueue_scriptsincludes\class-wp-faq-script.php:22

actioninitincludes\wp-faq-post-types.php:55

actioninitincludes\wp-faq-post-types.php:96

filterpost_updated_messagesincludes\wp-faq-post-types.php:126

actionadmin_menuwpos-analytics\includes\class-anylc-admin.php:38

actionadmin_menuwpos-analytics\includes\class-anylc-admin.php:41

actionadmin_initwpos-analytics\includes\class-anylc-admin.php:44

actionadmin_noticeswpos-analytics\includes\class-anylc-admin.php:47

actionadmin_footerwpos-analytics\includes\class-anylc-admin.php:50

actionwp_loadedwpos-analytics\includes\class-anylc-admin.php:53

actioninitwpos-analytics\includes\class-anylc-admin.php:56

filtercron_scheduleswpos-analytics\includes\class-anylc-admin.php:59

actionwpos_monthly_cron_hookwpos-analytics\includes\class-anylc-admin.php:62

actionrest_api_initwpos-analytics\includes\class-anylc-admin.php:65

actionadmin_enqueue_scriptswpos-analytics\includes\class-anylc-script.php:20

actionactivated_pluginwpos-analytics\wpos-analytics.php:244

actionplugins_loadedwpos-analytics\wpos-analytics.php:258

actionadmin_menuwpos-plugins\includes\admin\class-espbw-admin.php:19

actionadmin_enqueue_scriptswpos-plugins\includes\class-espbw-script.php:19

actionplugins_loadedwpos-plugins\wpos-recommendation.php:185

Scheduled Events 1

wpos_monthly_cron_hook

Maintenance & Trust

WP responsive FAQ with category plugin Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedNov 12, 2025

PHP min version

Downloads156K

Community Trust

Rating80/100

Number of ratings18

Active installs4K

Alternatives

WP responsive FAQ with category plugin Alternatives

Accordion FAQ – Compatible With All Page Builder (Elementor, Gutenberg)

responsive-accordion-and-collapse

100

Accordion And Collapse is the most easiest drag & drop accordion builder for WordPress. You can add multiple accordion and collapse with this.

40K No CVEs

SFN Easy FAQ Manager

wordpress-faq-manager

100

Uses custom post types and taxonomies to manage an FAQ section for your site.

2K No CVEs

Master Accordion ( Former WP Awesome FAQ Plugin )

wp-awesome-faq

Best WordPress Accordion Plugin for WordPress. Master Accordion re-branded with lots new features and customization options

800 No CVEs

FAQ Concertina

faq-concertina

Display FAQs in an expandable concertina or accordion section. FAQs can be ordered and categorised, and their appearance can be customised.

700 No CVEs

OtFm Gutenberg Spoiler – (or FAQ) collapse block

otfm-gutenberg-spoiler

The plugin provides in the block editor 2 types of spoilers. Need FAQ or Spoiler?

600 No CVEs

Developer Profile

WP responsive FAQ with category plugin Developer Profile

Essential Plugin

33 plugins · 205K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

219 days

View full developer profile

Detection Fingerprints

How We Detect WP responsive FAQ with category plugin

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/sp-faq/assets/css/sp-faq-public.css/wp-content/plugins/sp-faq/assets/css/sp-faq-pro-public.css/wp-content/plugins/sp-faq/assets/js/sp-faq-public.js/wp-content/plugins/sp-faq/assets/js/sp-faq-admin.js/wp-content/plugins/sp-faq/assets/js/sp-faq-frontend.js/wp-content/plugins/sp-faq/assets/js/sp-faq-backend.js/wp-content/plugins/sp-faq/assets/js/sp-faq-backend-style.js/wp-content/plugins/sp-faq/assets/js/sp-faq-public-style.js+1 more

Script Paths

/wp-content/plugins/sp-faq/assets/js/blocks.build.js

Version Parameters

sp-faq/assets/css/sp-faq-public.css?ver=sp-faq/assets/css/sp-faq-pro-public.css?ver=sp-faq/assets/js/sp-faq-public.js?ver=sp-faq/assets/js/sp-faq-admin.js?ver=sp-faq/assets/js/sp-faq-frontend.js?ver=sp-faq/assets/js/sp-faq-backend.js?ver=sp-faq/assets/js/sp-faq-backend-style.js?ver=sp-faq/assets/js/sp-faq-public-style.js?ver=sp-faq/assets/js/sp-faq-layout-style.js?ver=sp-faq/assets/js/blocks.build.js?ver=

HTML / DOM Fingerprints

CSS Classes

sp-faq-mainsp-faq-titlesp-faq-contentsp-faq-singlesp-faq-all-catsp-faq-single-catsp-faq-searchsp-faq-layout+2 more

HTML Comments

Data Attributes

data-toggledata-parentdata-targetaria-expandedaria-controlsrole+2 more

JS Globals

SPFAQ_Block

Shortcode Output

[sp_faq][sp_faq_category][sp_faq_search][sp_faq_layout]

FAQ