Does StatsFC Poll have any unpatched vulnerabilities?

No. All known vulnerabilities in StatsFC Poll have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is StatsFC Poll compatible with WordPress 6.2.9?

According to WordPress.org data, StatsFC Poll 2.0.1 has been tested up to WordPress 6.2.9. Check the plugin's changelog for the latest compatibility information.

How often is StatsFC Poll updated?

StatsFC Poll was last updated on Jun 21, 2023. Frequent updates are generally a positive security signal.

What is StatsFC Poll's security score?

StatsFC Poll has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

StatsFC Poll Security & Risk Analysis

wordpress.org/plugins/statsfc-poll

This widget will place a custom poll on your website.

10 active installs v2.0.1 PHP + WP 3.3+ Updated Jun 21, 2023

pollsurveywidget

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is StatsFC Poll Safe to Use in 2026?

Generally Safe

Score 85/100

StatsFC Poll has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2yr ago

Risk Assessment

The "statsfc-poll" v2.0.1 plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices by avoiding dangerous functions, performing all SQL queries using prepared statements, and having no known historical vulnerabilities or currently unpatched CVEs. It also has a very small attack surface with only one entry point (a shortcode) and no external HTTP requests or file operations, which are all positive indicators. However, there are notable areas of concern. The plugin lacks any nonce checks or capability checks, meaning that even though the entry point is limited, there's no validation to ensure the requests are legitimate or authorized. Furthermore, half of the output operations are not properly escaped, creating a risk of Cross-Site Scripting (XSS) vulnerabilities. The taint analysis revealed flows with unsanitized paths, which, while not categorized as critical or high, still represent potential avenues for injection attacks if they are reachable by user-controlled input.

Key Concerns

0 Nonce checks
0 Capability checks
50% Output escaping
2 Flows with unsanitized paths

Vulnerabilities

None known

StatsFC Poll Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

StatsFC Poll Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

6 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

50% escaped12 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

widget (statsfc-poll.php:134)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

StatsFC Poll Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[statsfc-poll] statsfc-poll.php:222

WordPress Hooks 2

actionwp_print_footer_scriptsstatsfc-poll.php:195

actionwidgets_initstatsfc-poll.php:218

Maintenance & Trust

StatsFC Poll Maintenance & Trust

Maintenance Signals

WordPress version tested6.2.9

Last updatedJun 21, 2023

PHP min version

Downloads2K

Community Trust

Rating60/100

Number of ratings2

Active installs10

Alternatives

StatsFC Poll Alternatives

Refiner Microsurveys Plugin

refiner

100

Install Refiner on your WordPress site and launch microsurveys within your website or web applicaiton.

10 No CVEs

Crowdsignal Forms

crowdsignal-forms

The Crowdsignal Forms plugin allows you to create and manage polls right from within the block editor.

100K 1 CVE

Crowdsignal Dashboard – Polls, Surveys & more

polldaddy

Manage your Crowdsignal polls, surveys, quizzes, and ratings directly from the WordPress dashboard.

100K 9 CVEs

Democracy Poll

democracy-poll

WordPress polls plugin with multiple-choice, custom answers, cache compatibility, widgets, and shortcodes.

7K 1 unpatched

Quiz, Poll & Survey Maker by Opinion Stage

social-polls-by-opinionstage

Boost engagement and capture leads with interactive quizzes, polls, and surveys. Built for marketers, publishers, and businesses

7K 7 CVEs

Developer Profile

StatsFC Poll Developer Profile

Will Woodward

13 plugins · 360 total installs

trust score

Avg Security Score

88/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect StatsFC Poll

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/statsfc-poll/poll.css/wp-content/plugins/statsfc-poll/poll.js

Script Paths

/wp-content/plugins/statsfc-poll/poll.js

Version Parameters

statsfc-poll/poll.css?ver=statsfc-poll/poll.js?ver=

HTML / DOM Fingerprints

Data Attributes

id="statsfc-poll-name="statsfc-poll-statsfc-poll-

JS Globals

StatsFC_Pollstatsfc_poll_

Shortcode Output

<div id="statsfc-poll-statsfc-poll-

FAQ