WP-Safety

WP Quizr Security & Risk Analysis

wordpress.org/plugins/wp-quizr

Create Buzzfeed-style quizzes and share results on social media.

20 active installs v2.0.0 PHP + WP 3.0.1+ Updated Unknown
buzzfeed-quizquizquizzesviralviral-quiz
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is WP Quizr Safe to Use in 2026?

Generally Safe

Score 100/100

WP Quizr has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs
Risk Assessment

The "wp-quizr" v2.0.0 plugin exhibits a mixed security posture. On the positive side, it demonstrates strong adherence to secure coding practices by avoiding dangerous functions, having no SQL queries that aren't prepared, and zero file operations or external HTTP requests. The absence of any recorded vulnerabilities or CVEs in its history is also a significant strength, suggesting a historically stable and secure codebase. However, there are notable concerns regarding its attack surface. The plugin exposes two AJAX handlers without any authentication checks, which represent a direct entry point for potential malicious activity. While nonce and capability checks are present in some areas, their absence on these AJAX handlers is a critical oversight. The output escaping, while high at 98 total outputs, has a significant portion (40%) that are not properly escaped, posing a risk of Cross-Site Scripting (XSS) vulnerabilities. Overall, the plugin's lack of known vulnerabilities is promising, but the unprotected AJAX endpoints and potential XSS risks due to insufficient output escaping warrant careful consideration and mitigation.

Key Concerns

  • AJAX handlers without authentication checks
  • Insufficient output escaping
Vulnerabilities
None known

WP Quizr Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

WP Quizr Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
39
59 escaped
Nonce Checks
2
Capability Checks
3
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

60% escaped98 total outputs
Attack Surface
2 unprotected

WP Quizr Attack Surface

Entry Points3
Unprotected2

AJAX Handlers 2

noprivwp_ajax_wp_quizr_ajaxincludes\class-wp-quizr.php:229
authwp_ajax_wp_quizr_ajaxincludes\class-wp-quizr.php:231

Shortcodes 1

[wp_quizr] public\class-wp-quizr-public.php:111
WordPress Hooks 15
actionadmin_initadmin\class-wp-quizr-admin.php:121
actionadd_meta_boxes_wp_quizradmin\class-wp-quizr-admin.php:203
actionsave_postadmin\class-wp-quizr-admin.php:206
actioninitincludes\class-wp-quizr.php:64
actionplugins_loadedincludes\class-wp-quizr.php:183
actionadmin_menuincludes\class-wp-quizr.php:198
actionload-post.phpincludes\class-wp-quizr.php:201
actionload-post-new.phpincludes\class-wp-quizr.php:203
actionadmin_enqueue_scriptsincludes\class-wp-quizr.php:205
actionadmin_enqueue_scriptsincludes\class-wp-quizr.php:207
actionwp_enqueue_scriptsincludes\class-wp-quizr.php:222
actionwp_enqueue_scriptsincludes\class-wp-quizr.php:224
actioninitincludes\class-wp-quizr.php:226
actionwp_headincludes\class-wp-quizr.php:233
actionwp_headincludes\class-wp-quizr.php:235
Maintenance & Trust

WP Quizr Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29
Last updatedUnknown
PHP min version
Downloads4K

Community Trust

Rating100/100
Number of ratings4
Active installs20
Alternatives

WP Quizr Alternatives

Quiz Cat – WordPress Quiz Plugin

Quiz Cat – WordPress Quiz Plugin

quiz-cat

A
99

Quiz Cat Lets You Create Beautiful Viral BuzzFeed-style Quizzes That Drive Social Shares & User Engagement. Set It Up In 2 Minutes.

5K 1 CVE
Quiz Maker

Quiz Maker

quiz-maker

B
82

QUIZ MAKER plugin allows you to make an unlimited number of Quizzes, Exams and Tests

20K 22 CVEs
HD Quiz

HD Quiz

hd-quiz

A
95

Create a Quiz. An easy-to-use feature rich plugin to create quizzes with quiz timer, pagination, hints, advanced marking, and leading help and support

7K 4 CVEs
ARI Stream Quiz – WordPress Quizzes Builder

ARI Stream Quiz – WordPress Quizzes Builder

ari-stream-quiz

A
98

Easy to use WordPress Viral Quiz Plugin. Create Trivia and Personality quizzes in BuzzFeed style and collect unlimited leads.

2K 7 CVEs
Woorise – Landing Pages, Forms & Surveys

Woorise – Landing Pages, Forms & Surveys

woorise

A
100

Create landing pages, forms, surveys, quizzes and viral giveaways.

2K No CVEs
Developer Profile

WP Quizr Developer Profile

Amir Candido

2 plugins · 30 total installs

91
trust score
Avg Security Score
96/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect WP Quizr

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wp-quizr/admin/css/wp-quizr-admin.min.css/wp-content/plugins/wp-quizr/admin/css/balloon.min.css/wp-content/plugins/wp-quizr/admin/fonts/fontawesome/css/all.css/wp-content/plugins/wp-quizr/admin/js/wp-quizr-admin.min.js/wp-content/plugins/wp-quizr/admin/js/meta-box-image.min.js/wp-content/plugins/wp-quizr/admin/fonts/fontawesome/js/all.js
Script Paths
/wp-content/plugins/wp-quizr/admin/js/wp-quizr-admin.min.js/wp-content/plugins/wp-quizr/admin/js/meta-box-image.min.js/wp-content/plugins/wp-quizr/admin/fonts/fontawesome/js/all.js
Version Parameters
wp-quizr/admin/css/wp-quizr-admin.min.css?ver=wp-quizr/admin/js/wp-quizr-admin.min.js?ver=wp-quizr/admin/js/meta-box-image.min.js?ver=

HTML / DOM Fingerprints

Data Attributes
data-balloon
JS Globals
meta_image
FAQ

Frequently Asked Questions about WP Quizr