Does WoWRecrut have any unpatched vulnerabilities?

No. All known vulnerabilities in WoWRecrut have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WoWRecrut compatible with WordPress 3.1.4?

According to WordPress.org data, WoWRecrut 0.1.2 has been tested up to WordPress 3.1.4. Check the plugin's changelog for the latest compatibility information.

How often is WoWRecrut updated?

WoWRecrut was last updated on Jan 22, 2013. Frequent updates are generally a positive security signal.

What is WoWRecrut's security score?

WoWRecrut has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WoWRecrut Security & Risk Analysis

wordpress.org/plugins/wowrecrut

WoWRecrut is a World of Warcraft Class recruitment Widget.

10 active installs v0.1.2 PHP + WP 2.8+ Updated Jan 22, 2013

classesguildrecruitmentworld-of-warcraftwow

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is WoWRecrut Safe to Use in 2026?

Generally Safe

Score 85/100

WoWRecrut has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 13yr ago

Risk Assessment

The "wowrecrut" plugin v0.1.2 demonstrates a strong foundation in certain security practices, notably the absence of known vulnerabilities and CVEs, which is a significant positive indicator. The static analysis also reveals a lack of common dangerous functions, SQL queries that exclusively use prepared statements, file operations, and external HTTP requests, further suggesting a cautious approach to development. However, a critical weakness lies in the extremely low percentage of properly escaped output (6%). This indicates a high likelihood of cross-site scripting (XSS) vulnerabilities, as unsanitized user-supplied data could be rendered directly in the browser. The complete absence of nonce checks and capability checks, coupled with zero unprotected entry points (AJAX, REST API, shortcodes, cron events), is a mixed bag: while the attack surface appears limited and technically protected, the lack of specific authorization checks on any potential future entry points or even on the existing, albeit zero, handlers is concerning. This suggests a potential over-reliance on the absence of known attack vectors rather than explicit security controls for each potential interaction.

Key Concerns

Low output escaping (6%)
No nonce checks
No capability checks

Vulnerabilities

None known

WoWRecrut Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

WoWRecrut Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

3 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

6% escaped48 total outputs

Attack Surface

WoWRecrut Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 2

actionwidgets_initwowrecrut.php:345

actionwp_headwowrecrut.php:346

Maintenance & Trust

WoWRecrut Maintenance & Trust

Maintenance Signals

WordPress version tested3.1.4

Last updatedJan 22, 2013

PHP min version

Downloads7K

Community Trust

Rating60/100

Number of ratings1

Active installs10

Alternatives

WoWRecrut Alternatives

WOW Recruitment Widget

wow-recruit-widget

A widget that helps to display recruitment message of a World of Warcraft guild, also can be used for other games that have different classes.

20 No CVEs

WoW Progress

wow-progress

100

A widget that helps to display guild raid progress.

30 No CVEs

Simple WoW Recruitment

simple-wow-recruitment

Dieses Plugin ermöglicht das einfache Rekrutieren von neuen Spieler für eine World of Warcraft Gilde.

10 No CVEs

Simple WoW Recruitment DE

simple-wow-recruitment-de

Dieses Plugin ermöglicht das einfache Rekrutieren von neuen Spielern für eine World of Warcraft-Gilde.

10 No CVEs

Warcraft Bundle

warcraft-bundle

100

Warcraft Bundle for WordPress. World of Warcraft collection pages and widgets for WordPress.

10 No CVEs

Developer Profile

WoWRecrut Developer Profile

Alexander Rauscha

3 plugins · 80 total installs

trust score

Avg Security Score

90/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WoWRecrut

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wowrecrut/wowrecrut.css/wp-content/plugins/wowrecrut/wowrlight/wowrlight.css

HTML / DOM Fingerprints

CSS Classes

wowr-classwowr-skill

Data Attributes

id="wowr-style="background-position:title="class="wowr-skillclass="wowr-class

JS Globals

WoWclasseswowRecrutStyles

Shortcode Output

<ul style="list-style:none" ><li class="wowr-class"<a class="wowr-skill<li style="clear:both"></li></ul>

FAQ

WoWRecrut Security & Risk Analysis

Is WoWRecrut Safe to Use in 2026?

Generally Safe

Key Concerns

WoWRecrut Security Vulnerabilities

WoWRecrut Code Analysis

Output Escaping

WoWRecrut Attack Surface

WoWRecrut Maintenance & Trust

Maintenance Signals

Community Trust

WoWRecrut Alternatives

WOW Recruitment Widget

WoW Progress

Simple WoW Recruitment

Simple WoW Recruitment DE

Warcraft Bundle

WoWRecrut Developer Profile

How We Detect WoWRecrut

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about WoWRecrut