Does Steeply QR have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Steeply QR compatible with WordPress 5.3.21?

According to WordPress.org data, Steeply QR 1.0.5 has been tested up to WordPress 5.3.21. Check the plugin's changelog for the latest compatibility information.

How often is Steeply QR updated?

Steeply QR was last updated on Nov 26, 2019. Frequent updates are generally a positive security signal.

What is Steeply QR's security score?

Steeply QR has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Steeply QR Security & Risk Analysis

wordpress.org/plugins/steeply-qr

Generate QR Codes for your Posts, Pages and Custom Post Types.

0 active installs v1.0.5 PHP + WP 4.7+ Updated Nov 26, 2019

qrqr-codeqr-codesqr-generateqr-post

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Steeply QR Safe to Use in 2026?

Generally Safe

Score 85/100

Steeply QR has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago

Risk Assessment

The 'steeply-qr' plugin v1.0.5 presents a mixed security posture. While it demonstrates good practices like using prepared statements for all SQL queries and a lack of known historical vulnerabilities, significant concerns exist regarding its attack surface and data handling. The plugin exposes three AJAX handlers without any authentication or capability checks, creating a direct entry point for unauthenticated users to potentially interact with sensitive functionalities. Furthermore, a critical finding is the complete absence of output escaping for all detected output points, meaning user-supplied data could be rendered directly into the browser, opening the door for Cross-Site Scripting (XSS) vulnerabilities. The presence of the 'exec' function is also a red flag, suggesting a potential for arbitrary code execution if not handled with extreme care and robust sanitization, especially in conjunction with unauthenticated entry points.

Key Concerns

Unprotected AJAX handlers
No output escaping
Dangerous function 'exec' found
No capability checks

Vulnerabilities

None known

Steeply QR Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Steeply QR Release Timeline

No version history available.

Code Analysis

Analyzed Mar 17, 2026

Steeply QR Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

execexec("rmdir /s /q $sqr_directory");uninstall.php:19

Output Escaping

0% escaped12 total outputs

Attack Surface

3 unprotected

Steeply QR Attack Surface

Entry Points4

Unprotected3

AJAX Handlers 3

authwp_ajax_sqr_generate_allincludes\class-steeply-qr.php:167

authwp_ajax_sqr_generate_manualincludes\class-steeply-qr.php:168

authwp_ajax_sqr_regenerate_oneincludes\class-steeply-qr.php:169

Shortcodes 1

[sqr] includes\class-steeply-qr.php:187

WordPress Hooks 8

actionplugins_loadedincludes\class-steeply-qr.php:142

actionadmin_enqueue_scriptsincludes\class-steeply-qr.php:157

actionadmin_enqueue_scriptsincludes\class-steeply-qr.php:158

actionadmin_menuincludes\class-steeply-qr.php:160

actionadmin_initincludes\class-steeply-qr.php:161

actionadmin_initincludes\class-steeply-qr.php:162

actionadd_meta_boxesincludes\class-steeply-qr.php:164

actionsave_postincludes\class-steeply-qr.php:165

Maintenance & Trust

Steeply QR Maintenance & Trust

Maintenance Signals

WordPress version tested5.3.21

Last updatedNov 26, 2019

PHP min version

Downloads928

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Steeply QR Alternatives

WPQR QR-Code Generator

wpqr-qr-code

QR-Code widget and shortcode in one QR-Code generator plugin. Use the QR-Code widget in your sidebars or generate QR-Codes in pages and articles.

40 No CVEs

Qr Code Adv

qr-code-adv

Qr code widget plugin for your WordPress sidebar. Qr code Adv displays QR codes of your site or any other external URL

10 No CVEs

Tori Codes

toric

100

Tori Codes adds QR barcodes to your site with ease. Provides UI to edit the QR content and display it on numerous pages using a shortcode.

0 No CVEs

Kaya QR Code Generator

kaya-qr-code-generator

Generate QR Code through Widgets and Shortcodes, without any dependencies.

20K 2 CVEs

UPI QR Code Payment Gateway for WooCommerce

upi-qr-code-payment-for-woocommerce

This Plugin enables WooCommerce shop owners to get direct and instant payments through UPI apps like BHIM, GooglePay, PhonePe or any banking UPI app.

20K 1 CVE

Developer Profile

Steeply QR Developer Profile

Artur Khylskyi

2 plugins · 0 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Steeply QR

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/steeply-qr/css/steeply-qr-admin.css/wp-content/plugins/steeply-qr/js/steeply-qr-admin.js

Script Paths

/wp-content/plugins/steeply-qr/js/steeply-qr-admin.js

Version Parameters

steeply-qr-admin.css?ver=steeply-qr-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

sqr-select

Data Attributes

data-sqr_post_id

FAQ