Surveys by Feedback Cat Security & Risk Analysis
wordpress.org/plugins/surveys-by-feedback-catSurveys by Feedback Cat Helps You Grow Your Business Or Blog By Making It Easy To Gather Feedback Using Onpage User Surveys.
Is Surveys by Feedback Cat Safe to Use in 2026?
Generally Safe
Score 85/100Surveys by Feedback Cat has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "surveys-by-feedback-cat" plugin, version 1.2.2, exhibits a generally strong security posture based on the provided static analysis. The absence of identified CVEs, combined with zero critical or high severity vulnerabilities in its history, suggests a well-maintained and relatively secure codebase. The plugin also demonstrates good practices by utilizing prepared statements for its single SQL query, indicating an awareness of SQL injection prevention.
However, a significant concern arises from the complete lack of output escaping on all identified output points. This means that any data displayed to users, if not already properly sanitized before reaching these output points, could potentially be vulnerable to Cross-Site Scripting (XSS) attacks. The presence of file operations and a nonce check also indicate areas that could be leveraged if other vulnerabilities were present or introduced.
While the plugin's attack surface appears minimal with no registered AJAX handlers, REST API routes, or shortcodes, and its vulnerability history is clean, the unescaped output is a critical oversight that needs immediate attention. The plugin's strengths lie in its lack of known exploitable vulnerabilities and its secure database interaction. Its primary weakness is the lack of output sanitization, which poses a tangible risk of XSS.
Key Concerns
- 0% output escaping
Surveys by Feedback Cat Security Vulnerabilities
Surveys by Feedback Cat Release Timeline
Surveys by Feedback Cat Code Analysis
SQL Query Safety
Output Escaping
Surveys by Feedback Cat Attack Surface
WordPress Hooks 9
Maintenance & Trust
Surveys by Feedback Cat Maintenance & Trust
Maintenance Signals
Community Trust
Surveys by Feedback Cat Alternatives
NgSurvey – Powerful, feature rich self-hosted surveys
ngsurvey
Create rich and powerful surveys in minutes. conditional/skip logic, advanced reports, statistics and many more features out of the box.
SurveyX Builder – Easy Feedback, Poll, Quiz & Survey
surveyx-builder
Create surveys, polls, quizzes, and feedback forms. Fast, lightweight, and optimized to boost responses and user engagement.
Pinpoll
pinpoll
Engage with your audience.
OpinionCamp – Poll Block
opinioncamp
OpinionCamp is a block-based poll plugin for WordPress that lets you collect polls, votes, and opinions directly inside the Gutenberg editor.
Feedback Plugin – Flowdust
flowdust
Das Feedback Tool direkt auf deiner Website. Erstelle mit dem Flowdust Plugin schnell und einfach Mini-Umfragen direkt auf Deiner Website.
Surveys by Feedback Cat Developer Profile
13 plugins · 66K total installs
How We Detect Surveys by Feedback Cat
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/surveys-by-feedback-cat/includes/FCA/FBC/Poll/Admin/Component.js/wp-content/plugins/surveys-by-feedback-cat/includes/FCA/FBC/Poll/FrontEnd/Component.js/wp-content/plugins/surveys-by-feedback-cat/assets/css/frontend.css/wp-content/plugins/surveys-by-feedback-cat/assets/js/frontend.js/wp-content/plugins/surveys-by-feedback-cat/assets/js/admin.js/wp-content/plugins/surveys-by-feedback-cat/assets/js/frontend.js/wp-content/plugins/surveys-by-feedback-cat/assets/js/admin.jssurveys-by-feedback-cat/assets/css/frontend.css?ver=surveys-by-feedback-cat/assets/js/frontend.js?ver=surveys-by-feedback-cat/assets/js/admin.js?ver=HTML / DOM Fingerprints
fca_feedback_cat_polldata-poll-idfca_fbc[feedback_cat_poll id='