WP DS FAQ Plus Security & Risk Analysis
wordpress.org/plugins/wp-ds-faq-plusWP DS FAQ Plus is the plugin which was improved based on WP DS FAQ 1.3.3.
Is WP DS FAQ Plus Safe to Use in 2026?
Generally Safe
Score 99/100WP DS FAQ Plus has a strong security track record. Known vulnerabilities have been patched promptly.
The "wp-ds-faq-plus" v2.0.0 plugin exhibits a mixed security posture. On the positive side, it demonstrates strong practices in handling SQL queries with 100% prepared statements and a significant number of capability checks. The absence of file operations and external HTTP requests further reduces potential attack vectors. However, a notable concern is the presence of one unprotected AJAX handler, representing a direct entry point that could be exploited if not properly secured by other means. While the static analysis found no critical or high severity taint flows, the 55% rate of proper output escaping indicates a potential for Cross-Site Scripting (XSS) vulnerabilities, which is corroborated by its vulnerability history.
Key Concerns
- Unprotected AJAX handler
- Output escaping only 55% proper
- Known high severity CVE (historic)
WP DS FAQ Plus Security Vulnerabilities
CVEs by Year
Severity Breakdown
1 total CVE
WP DS FAQ Plus < 1.4.2 - Cross-Site Scripting
WP DS FAQ Plus Code Analysis
SQL Query Safety
Output Escaping
Data Flow Analysis
WP DS FAQ Plus Attack Surface
AJAX Handlers 1
Shortcodes 1
WordPress Hooks 5
Maintenance & Trust
WP DS FAQ Plus Maintenance & Trust
Maintenance Signals
Community Trust
WP DS FAQ Plus Alternatives
Happy WooCommerce FAQs – Ultimate Product FAQ Plugin
faq-for-woocommerce
WooCommerce Product FAQ Plugin and accordion plugin create FAQs with Google FAQ schema, AI Generator, Comment and customization support.
FAQ Block
faq-block
Very simple and clean Gutenberg Block for FAQ (Frequently Asked Questions).
WP Super FAQ
wp-super-faq
A lightweight FAQ/QNA plugin that includes an FAQ shortcode for your site. A simple jQuery animation is included to show/hide each question.
Question answer
question-answer-faq
Question-answer, ajax, bootstrap, gravatar avatar plugin with email notification and Google reCaptcha 2. It looks like a chat.
Simple FAQ
simple-faq
Simple FAQ gives you ability to create very simple FAQ on your site (questions and answers)
WP DS FAQ Plus Developer Profile
9 plugins · 54K total installs
How We Detect WP DS FAQ Plus
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/wp-ds-faq-plus/dsfaq.css/wp-content/plugins/wp-ds-faq-plus/dsfaq.js/wp-content/plugins/wp-ds-faq-plus/dsfaq.jswp-ds-faq-plus/dsfaq.css?ver=wp-ds-faq-plus/dsfaq.js?ver=HTML / DOM Fingerprints
dsfaq_qa_blockdsfaq_ol_questdsfaq_quest_titledsfaq_questdsfaq_answer_titledsfaq_answerdsfaq_toolsdsfaq_copyright<!-- dsfaq: FAQ display start --><!-- dsfaq: FAQ display end --><!-- dsfaq: faq edit start --><!-- dsfaq: faq edit end -->+78 moredata-dsfaq-iddsfaq_ajax_object/wp-json/dsfaq/v1/add_faq/wp-json/dsfaq/v1/delete_faqbook/wp-json/dsfaq/v1/save_quest/wp-json/dsfaq/v1/delete_quest/wp-json/dsfaq/v1/edit_quest/wp-json/dsfaq/v1/front_edit_quest/wp-json/dsfaq/v1/front_cancel_edit/wp-json/dsfaq/v1/update_quest/wp-json/dsfaq/v1/front_update_quest/wp-json/dsfaq/v1/q_change/wp-json/dsfaq/v1/save_settings/wp-json/dsfaq/v1/edit_name_book/wp-json/dsfaq/v1/save_name_book/wp-json/dsfaq/v1/change_faqdisplay/wp-json/dsfaq/v1/change_faqdisplaysort/wp-json/dsfaq/v1/change_faqdisplayorder/wp-json/dsfaq/v1/dsfaq_faqdisplay_visible/wp-json/dsfaq/v1/open_quest/wp-json/dsfaq/v1/restore_settings[dsfaq]