Does WPQR QR-Code Generator have any unpatched vulnerabilities?

No. All known vulnerabilities in WPQR QR-Code Generator have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WPQR QR-Code Generator compatible with WordPress 3.4.2?

According to WordPress.org data, WPQR QR-Code Generator 0.2.6 has been tested up to WordPress 3.4.2. Check the plugin's changelog for the latest compatibility information.

How often is WPQR QR-Code Generator updated?

WPQR QR-Code Generator was last updated on Nov 6, 2012. Frequent updates are generally a positive security signal.

What is WPQR QR-Code Generator's security score?

WPQR QR-Code Generator has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WPQR QR-Code Generator Security & Risk Analysis

wordpress.org/plugins/wpqr-qr-code

QR-Code widget and shortcode in one QR-Code generator plugin. Use the QR-Code widget in your sidebars or generate QR-Codes in pages and articles.

40 active installs v0.2.6 PHP + WP 2.6+ Updated Nov 6, 2012

generatorqr-codeqr-code-generatorqr-codesqrcode

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is WPQR QR-Code Generator Safe to Use in 2026?

Generally Safe

Score 85/100

WPQR QR-Code Generator has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 13yr ago

Risk Assessment

The wpqr-qr-code plugin exhibits a mixed security posture. On the positive side, the plugin has no recorded vulnerabilities (CVEs) and utilizes prepared statements for all SQL queries, which is a significant strength. The absence of file operations and external HTTP requests also reduces potential attack vectors. However, a critical concern arises from the static analysis revealing that 100% of the 51 output operations are not properly escaped. This opens the door to potential Cross-Site Scripting (XSS) vulnerabilities, where malicious scripts could be injected and executed in the user's browser. Additionally, the taint analysis indicates a flow with an unsanitized path, which, although not classified as critical or high severity in this report, warrants attention as it signifies a potential data leakage or manipulation risk. The lack of nonce checks and capability checks on its single shortcode entry point is another area of concern, as it doesn't prevent unauthorized users from potentially triggering its functionality.

Key Concerns

All output not properly escaped
Taint flow with unsanitized path
Lack of nonce checks
Lack of capability checks

Vulnerabilities

None known

WPQR QR-Code Generator Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

WPQR QR-Code Generator Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped51 total outputs

Data Flows

1 unsanitized

Data Flow Analysis

1 flows1 with unsanitized paths

<wpqr_qr-code-generator> (wpqr_qr-code-generator.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

WPQR QR-Code Generator Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[qr-code] wpqr_qr-code-generator.php:194

WordPress Hooks 2

actionadmin_menuwpqr_qr-code-generator.php:41

actionwidgets_initwpqr_qr-code-generator.php:213

Maintenance & Trust

WPQR QR-Code Generator Maintenance & Trust

Maintenance Signals

WordPress version tested3.4.2

Last updatedNov 6, 2012

PHP min version

Downloads15K

Community Trust

Rating80/100

Number of ratings1

Active installs40

Alternatives

WPQR QR-Code Generator Alternatives

QR Code Composer – QR Code Generator

qr-code-composer

Generate QR codes for URLs, text, WiFi, email & more in seconds. No setup needed.

3K 1 CVE

Master QR Code Generator – Static QR Code Generator

master-qr-generator

100

Generates QR codes for every page, post, product, and custom post for the WordPress website.

400 No CVEs

Easy QR Code Generator

easy-qr-code-generator

Generate custom and automatic site page URL QR codes.

100 No CVEs

API QRCode Generator

api-qrcode-generator

Use QRCode Generator to create a image QRCode on any site of your blog.

10 No CVEs

QR Code Generator

bms-qr-code

100

QR Code Wordpress plugin to insert a QR code in your blog. The qr code contains the current URL or any other text you like.

10 No CVEs

Developer Profile

WPQR QR-Code Generator Developer Profile

QRtool

1 plugin · 40 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WPQR QR-Code Generator

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

CSS Classes

wpqr_qr_code

HTML Comments

QR-Code powered by http://qrtool.de/

Data Attributes

alignclasscolorbackground_colorsizemargin+2 more

Shortcode Output

<a href="http://qrtool.de/qr-code-generator/" style="cursor:default;border:0;text-decoration:none;"><img alt="qr code generator" src="http://encode.qrtool.de/encode?ct=qr&fg=

&bg=&size=&level=

FAQ