Does Yes/No Chart have any unpatched vulnerabilities?

No. All known vulnerabilities in Yes/No Chart have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Yes/No Chart compatible with WordPress 6.9.4?

According to WordPress.org data, Yes/No Chart 1.0.12 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Yes/No Chart compatible with PHP 7.0+?

Yes/No Chart requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Yes/No Chart updated?

Yes/No Chart was last updated on Jan 6, 2026. Frequent updates are generally a positive security signal.

What is Yes/No Chart's security score?

Yes/No Chart has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Yes/No Chart Security & Risk Analysis

wordpress.org/plugins/yesno

This plugin provides the function to create a set of questions to answer with "yes / no (/or other)". Yes/Noチャートを作れるプラグインです。

2K active installs v1.0.12 PHP 7.0+ WP 4.4+ Updated Jan 6, 2026

answerchartquestionquestionnaireyesno

A · Safe

CVEs total1

Unpatched0

Last CVEMay 31, 2021

Plugin page Download

Safety Verdict

Is Yes/No Chart Safe to Use in 2026?

Generally Safe

Score 100/100

Yes/No Chart has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: May 31, 2021Updated 2mo ago

Risk Assessment

The 'yesno' plugin v1.0.12 exhibits a mixed security posture. While it demonstrates good practices in output escaping (98%) and a high percentage of prepared SQL statements (90%), significant concerns exist regarding its attack surface and taint analysis. Two AJAX handlers are exposed without authentication checks, creating an immediate risk of unauthorized access or malicious manipulation. The presence of `unserialize` as a dangerous function, coupled with two high-severity taint flows, suggests potential vulnerabilities in how data is processed. The plugin's vulnerability history, with one medium-severity CVE related to SQL injection, indicates a past weakness that, although currently patched, warrants attention and suggests a need for ongoing vigilance. The lack of critical or high severity vulnerabilities currently is a positive sign, but the identified unprotected entry points and taint flows present tangible risks that could be exploited.

Key Concerns

Unprotected AJAX handlers
High severity taint flows
Dangerous function 'unserialize' used
Medium severity CVE in history

Vulnerabilities

Yes/No Chart Security Vulnerabilities

CVEs by Year

1 CVE in 2021

2021

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2021-24360medium · 6.5Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Yes/No Chart < 1.0.12 - Authenticated SQL Injection

May 31, 2021 Patched in 1.0.12 (967d)

Code Analysis

Analyzed Mar 16, 2026

Yes/No Chart Code Analysis

Dangerous Functions

Raw SQL Queries

37 prepared

Unescaped Output

173 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$ret['choices'] = unserialize( $ret['choices'] );class\class-ajax.php:37

unserialize$clist = unserialize( $q['choices'] );class\class-functions.php:86

unserialize$choices = unserialize( $r['choices'] );class\class-question.php:786

SQL Query Safety

90% prepared41 total queries

Output Escaping

98% escaped177 total outputs

Data Flows

4 unsanitized

Data Flow Analysis

7 flows4 with unsanitized paths

admin_page (class\class-question.php:525)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

Yes/No Chart Attack Surface

Entry Points3

Unprotected2

AJAX Handlers 2

authwp_ajax_YESNO_next_questionclass\class-ajax.php:7

noprivwp_ajax_YESNO_next_questionclass\class-ajax.php:8

Shortcodes 1

[yesno_chart] class\class-functions.php:19

WordPress Hooks 24

actioninitclass\class-adminpage.php:11

actionadmin_menuclass\class-adminpage.php:18

actionadmin_enqueue_scriptsclass\class-adminpage.php:19

actionwp_headclass\class-ajax.php:6

actioninitclass\class-functions.php:11

actionwp_enqueue_scriptsclass\class-functions.php:18

actionplugins_loadedclass\class-question.php:5

actioninitclass\class-question.php:15

filteryesno_question_list_filterclass\class-question.php:22

filteryesno_question_list_orderclass\class-question.php:23

actionadmin_initclass\class-question.php:24

actionplugins_loadedclass\class-set.php:5

actioninitclass\class-set.php:15

filteradmin_data_list_filterclass\class-set.php:22

filteradmin_data_list_orderclass\class-set.php:23

filteryesno_allow_generateclass\class-set.php:25

actionplugins_loadedclass\class-updation.php:11

actioninitclass\class-updation.php:12

actionplugins_loadedclass\class-yesno.php:52

actiontemplate_redirectclass\class-yesno.php:53

actionadmin_initclass\class-yesno.php:54

actionplugins_loadedclass\class-yesno.php:56

actionplugins_loadedclass\class-yesno.php:57

actionplugins_loadedclass\class-yesno.php:58

Maintenance & Trust

Yes/No Chart Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 6, 2026

PHP min version7.0

Downloads22K

Community Trust

Rating90/100

Number of ratings2

Active installs2K

Alternatives

Yes/No Chart Alternatives

Product QA For Woocommerce

product-qa-for-woocommerce

100

This is an woocommerce addon for product QA which supports user interaction to give live answers, Admin can add/edit/delete/approve all questions and …

10 No CVEs

Survey Maker

survey-maker

Create free online surveys and get your visitors' feedbacks directly on your WordPress website with WordPress Survey Plugin

6K 23 CVEs

AnsPress – Question and answer

anspress-question-answer

A free question and answer plugin for WordPress. Made with developers in mind, and highly customizable.

3K No CVEs

Chained Quiz

chained-quiz

Create a quiz where the next question depends on the answer to the previous question. Final quiz results depend on the amount of collected points.

1K 24 CVEs

Happy WooCommerce FAQs – Ultimate Product FAQ Plugin

faq-for-woocommerce

WooCommerce Product FAQ Plugin and accordion plugin create FAQs with Google FAQ schema, AI Generator, Comment and customization support.

1K 3 CVEs

Developer Profile

Yes/No Chart Developer Profile

kohseiworks

1 plugin · 2K total installs

trust score

Avg Security Score

100/100

Avg Patch Time

967 days

View full developer profile

Detection Fingerprints

How We Detect Yes/No Chart

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/yesno/css/style-admin.css/wp-content/plugins/yesno/js/yesno-admin.js/wp-content/plugins/yesno/css/style.css/wp-content/plugins/yesno/js/yesno.js

Script Paths

/wp-content/plugins/yesno/js/yesno-admin.js/wp-content/plugins/yesno/js/yesno.js

Version Parameters

yesno/style.css?ver=yesno-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

nav-tab-active

Data Attributes

id="yesno"class="wrap"

JS Globals

yesno_text

Shortcode Output

<p>Question Set ID is not specified.</p><p>Invalid Question Set ID.</p>

FAQ