WP-Safety

2Download Connector for 2DL Hosted Checkout Security & Risk Analysis

wordpress.org/plugins/2download-connector

2Download Connector for 2DL Hosted Checkout – a WordPress connector for hosted checkout and secure digital delivery via 2dl.app.

0 active installs v0.1.5 PHP 8.1+ WP 6.0+ Updated Jan 19, 2026
digital-downloadsecommercelicenses
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is 2Download Connector for 2DL Hosted Checkout Safe to Use in 2026?

Generally Safe

Score 100/100

2Download Connector for 2DL Hosted Checkout has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago
Risk Assessment

The 2download-connector plugin version 0.1.5 exhibits a generally strong security posture, as indicated by a significant number of capability and nonce checks, and a high percentage of SQL queries using prepared statements and properly escaped output. The absence of known CVEs and critical or high severity taint flows is also a positive indicator.

However, there are areas for improvement. The presence of four unsanitized paths in the taint analysis, while not currently flagged as critical or high severity, represents a potential risk. If these paths were to interact with user-supplied input without proper validation or sanitization, they could lead to vulnerabilities such as path traversal or arbitrary file access. Additionally, the plugin performs file operations and external HTTP requests, which, if not handled with extreme care, could also introduce security risks.

Overall, the plugin demonstrates good adherence to common WordPress security practices. The lack of historical vulnerabilities is reassuring, but the identified unsanitized paths warrant further investigation and mitigation to ensure a robust security posture.

Key Concerns

  • Taint flows with unsanitized paths
Vulnerabilities
None known

2Download Connector for 2DL Hosted Checkout Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

2Download Connector for 2DL Hosted Checkout Release Timeline

v0.1.5Current
v0.1.4
Code Analysis
Analyzed Apr 16, 2026

2Download Connector for 2DL Hosted Checkout Code Analysis

Dangerous Functions
0
Raw SQL Queries
3
66 prepared
Unescaped Output
21
1864 escaped
Nonce Checks
47
Capability Checks
74
File Operations
2
External Requests
5
Bundled Libraries
0

SQL Query Safety

96% prepared69 total queries

Output Escaping

99% escaped1885 total outputs
Data Flows · Security
4 unsanitized

Data Flow Analysis

21 flows4 with unsanitized paths
render_cart (src/Blocks/Blocks.php:170)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

2Download Connector for 2DL Hosted Checkout Attack Surface

Entry Points14
Unprotected0

AJAX Handlers 1

authwp_ajax_ToDownload_upsells_searchsrc/PostTypes/DownloadPostType.php:20

Shortcodes 13

[ToDownload_reviews] src/Reviews/Reviews.php:20
[ToDownload_downloads] src/Shortcodes/Shortcodes.php:59
[ToDownload_purchase_link] src/Shortcodes/Shortcodes.php:60
[ToDownload_cart] src/Shortcodes/Shortcodes.php:61
[ToDownload_cart_link] src/Shortcodes/Shortcodes.php:62
[ToDownload_checkout] src/Shortcodes/Shortcodes.php:63
[ToDownload_purchase_history] src/Shortcodes/Shortcodes.php:64
[ToDownload_account] src/Shortcodes/Shortcodes.php:65
[ToDownload_subscriptions] src/Shortcodes/Shortcodes.php:66
[ToDownload_downloads_library] src/Shortcodes/Shortcodes.php:67
[ToDownload_receipt] src/Shortcodes/Shortcodes.php:68
[ToDownload_storefront] src/Shortcodes/Shortcodes.php:70
[ToDownload_all_products] src/Shortcodes/Shortcodes.php:71
WordPress Hooks 89
actionadmin_notices2download.php:19
actionadmin_notices2download.php:48
actionwp_loginsrc/Accounts/Accounts.php:12
actionuser_registersrc/Accounts/Accounts.php:13
actionprofile_updatesrc/Accounts/Accounts.php:14
actionadmin_menusrc/Admin/Admin.php:52
actionadmin_initsrc/Admin/Admin.php:53
actionadmin_initsrc/Admin/Admin.php:54
actionadmin_enqueue_scriptssrc/Admin/Admin.php:55
actionadmin_post_ToDownload_save_settingssrc/Admin/Admin.php:56
actionadmin_post_ToDownload_clear_webhook_logssrc/Admin/Admin.php:57
actionadmin_post_ToDownload_admin_test_plan_purchasesrc/Admin/Admin.php:58
actionadmin_post_ToDownload_admin_grant_accesssrc/Admin/Admin.php:59
actionadmin_post_ToDownload_admin_create_plan_discountsrc/Admin/Admin.php:60
actionadmin_post_ToDownload_order_actionsrc/Admin/Admin.php:61
actioninitsrc/Blocks/Blocks.php:17
actioninitsrc/Blocks/Blocks.php:18
actionenqueue_block_editor_assetssrc/Blocks/Blocks.php:19
actioninitsrc/Cart/Cart.php:25
actionwp_enqueue_scriptssrc/Checkout/Assets.php:10
actioninitsrc/Checkout/Checkout.php:31
filterallowed_redirect_hostssrc/Checkout/Checkout.php:315
actioninitsrc/Discounts/Discounts.php:18
actionadd_meta_boxessrc/Discounts/Discounts.php:19
actionadmin_enqueue_scriptssrc/Discounts/Discounts.php:21
actiontransition_post_statussrc/Discounts/Discounts.php:22
actionwp_trash_postsrc/Discounts/Discounts.php:23
actionbefore_delete_postsrc/Discounts/Discounts.php:24
actionToDownload_after_order_completesrc/Discounts/Discounts.php:26
actiontemplate_redirectsrc/Fulfillment/DownloadDelivery.php:67
filterquery_varssrc/Fulfillment/DownloadDelivery.php:68
actioninitsrc/Fulfillment/DownloadDelivery.php:75
actionToDownload_after_order_completesrc/Fulfillment/EmailDelivery.php:26
actioninitsrc/Gateways/GatewayRegistry.php:21
actionToDownload_after_order_completesrc/Licenses/Licenses.php:12
actioninitsrc/Plugin.php:42
actionplugins_loadedsrc/Plugin.php:44
actionadmin_noticessrc/Plugin.php:48
actionadmin_noticessrc/Plugin.php:132
actionadmin_post_todownload_setup_pagessrc/Plugin.php:133
filterwp_authenticate_usersrc/Plugin.php:160
actionadmin_initsrc/Plugin.php:173
filtermap_meta_capsrc/Plugin.php:233
filterwp_nav_menu_objectssrc/Plugin.php:485
filterwp_get_nav_menu_itemssrc/Plugin.php:492
filterrender_blocksrc/Plugin.php:501
filteroption_blognamesrc/Plugin.php:810
filterget_custom_logosrc/Plugin.php:824
actioninitsrc/PostTypes/DownloadPostType.php:16
actionadd_meta_boxessrc/PostTypes/DownloadPostType.php:17
actionadmin_enqueue_scriptssrc/PostTypes/DownloadPostType.php:19
actionadmin_noticessrc/PostTypes/DownloadPostType.php:21
actioninitsrc/Reviews/Reviews.php:18
actioninitsrc/Reviews/Reviews.php:19
actionToDownload_after_order_completesrc/Sellers/Memberships.php:14
actionadmin_menusrc/Sellers/SellerAdmin.php:299
actionadmin_initsrc/Sellers/SellerAdmin.php:301
actionadmin_initsrc/Sellers/SellerAdmin.php:302
actionall_admin_noticessrc/Sellers/SellerAdmin.php:304
actionadmin_enqueue_scriptssrc/Sellers/SellerAdmin.php:305
actionadmin_post_ToDownload_seller_buy_plansrc/Sellers/SellerAdmin.php:306
actionadmin_post_ToDownload_seller_comp_accesssrc/Sellers/SellerAdmin.php:307
actionadmin_post_ToDownload_hosted_connect_startsrc/Sellers/SellerAdmin.php:308
actionadmin_post_ToDownload_hosted_connect_callbacksrc/Sellers/SellerAdmin.php:309
actionadmin_post_ToDownload_hosted_products_syncsrc/Sellers/SellerAdmin.php:310
actionadmin_post_ToDownload_seller_save_settingssrc/Sellers/SellerAdmin.php:311
actionadmin_post_ToDownload_seller_save_onboardingsrc/Sellers/SellerAdmin.php:312
actionadmin_post_ToDownload_seller_export_reportssrc/Sellers/SellerAdmin.php:313
actionadmin_post_ToDownload_seller_stripe_connectsrc/Sellers/SellerAdmin.php:314
actionadmin_post_ToDownload_seller_stripe_connect_hostedsrc/Sellers/SellerAdmin.php:315
actionadmin_enqueue_scriptssrc/Sellers/SellerAdmin.php:316
actionadmin_enqueue_scriptssrc/Sellers/SellerAdmin.php:317
actionadmin_headsrc/Sellers/SellerAdmin.php:318
filterallowed_redirect_hostssrc/Sellers/SellerAdmin.php:383
filterallowed_redirect_hostssrc/Sellers/SellerAdmin.php:620
filterallowed_redirect_hostssrc/Sellers/SellerAdmin.php:1249
filterallowed_redirect_hostssrc/Sellers/SellerAdmin.php:1357
actioninitsrc/Sellers/Sellers.php:234
filterlogin_redirectsrc/Sellers/Sellers.php:235
actionadmin_initsrc/Sellers/Sellers.php:236
actionshow_user_profilesrc/Sellers/Sellers.php:240
actionedit_user_profilesrc/Sellers/Sellers.php:241
actionshow_user_profilesrc/Sellers/Sellers.php:242
actionedit_user_profilesrc/Sellers/Sellers.php:243
actionpersonal_options_updatesrc/Sellers/Sellers.php:244
actionedit_user_profile_updatesrc/Sellers/Sellers.php:245
actionadmin_post_ToDownload_admin_disconnect_seller_storesrc/Sellers/Sellers.php:246
actionadmin_enqueue_scriptssrc/Sellers/Sellers.php:247
filterthe_contentsrc/Upsells/Upsells.php:12
Maintenance & Trust

2Download Connector for 2DL Hosted Checkout Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 19, 2026
PHP min version8.1
Downloads192

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

2Download Connector for 2DL Hosted Checkout Alternatives

Premium Packages – Sell Digital Products Securely

Premium Packages – Sell Digital Products Securely

wpdm-premium-packages

A
94

Premium Packages is a free, full-featured WordPress eCommerce plugin to sell digital products easily and securely.

3K 9 CVEs
EDD Hide Download

EDD Hide Download

edd-hide-download

A
85

Hide the default Easy Digital Downloads product page from the user, and redirect them to a custom page.

600 No CVEs
Easy Digital Downloads – Empty Cart

Easy Digital Downloads – Empty Cart

easy-digital-downloads-empty-cart

A
85

Easily add content to the empty cart display in Easy Digital Downloads.

80 No CVEs
Easy Digital Downloads – Continue Shopping

Easy Digital Downloads – Continue Shopping

easy-digital-downloads-continue-shopping

A
85

Adds a Continue Shopping link to the Easy Digital Downloads checkout cart.

70 No CVEs
EasyCommerce – AI-Powered WordPress Ecommerce Plugin to Sell Digital Products, Subscriptions & Physical Goods

EasyCommerce – AI-Powered WordPress Ecommerce Plugin to Sell Digital Products, Subscriptions & Physical Goods

easycommerce

A
95

The only AI-powered WordPress ecommerce plugin. Generate content, create images, analyze sales automatically. Sell digital products, subscriptions, ph …

50 1 CVE
Developer Profile

2Download Connector for 2DL Hosted Checkout Developer Profile

2download

1 plugin · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect 2Download Connector for 2DL Hosted Checkout

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/2download-connector/assets/admin-datepicker.css/wp-content/plugins/2download-connector/assets/admin-datepicker.js/wp-content/plugins/2download-connector/assets/admin-copy.js/wp-content/plugins/2download-connector/assets/admin-plan-discount.js
Script Paths
/wp-content/plugins/2download-connector/assets/admin-datepicker.js/wp-content/plugins/2download-connector/assets/admin-copy.js/wp-content/plugins/2download-connector/assets/admin-plan-discount.js
Version Parameters
2download-connector/assets/admin-datepicker.css?ver=2download-connector/assets/admin-datepicker.js?ver=2download-connector/assets/admin-copy.js?ver=2download-connector/assets/admin-plan-discount.js?ver=

HTML / DOM Fingerprints

Data Attributes
todownload-datepicker
JS Globals
ToDownloadAdminCopy
FAQ

Frequently Asked Questions about 2Download Connector for 2DL Hosted Checkout