WP-Safety

Accredible Certificates & Open Badges Security & Risk Analysis

wordpress.org/plugins/accredible-certificates

Certificates, open badges and blockchain credentials. Create, update and manage them on your Wordpress site.

90 active installs v1.6.1 PHP + WP 6.2+ Updated Feb 27, 2026
accrediblecertificatecertificatesdigital-certificatesonline-course
98
A · Safe
CVEs total2
Unpatched0
Last CVEApr 9, 2025
Plugin page Download
Safety Verdict

Is Accredible Certificates & Open Badges Safe to Use in 2026?

Generally Safe

Score 98/100

Accredible Certificates & Open Badges has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Apr 9, 2025Updated 1mo ago
Risk Assessment

The "accredible-certificates" plugin v1.6.1 exhibits a generally good security posture based on static analysis. The absence of unauthenticated AJAX handlers and REST API routes, along with a low number of entry points and the presence of nonces and capability checks, indicates a commitment to basic security practices. The code also demonstrates strong adherence to secure coding by using prepared statements for all SQL queries and properly escaping almost all output, with no file operations or external HTTP requests observed. However, the plugin's vulnerability history is a significant concern. It has a history of two medium-severity CVEs, one of which was a SQL Injection and the other Cross-Site Scripting. While currently unpatched vulnerabilities are reported as zero, the past occurrences of these common vulnerability types suggest that developers should remain vigilant in their security audits and patching processes. The bundled Guzzle library, if outdated, could also represent a latent risk, though its specific version and any known vulnerabilities are not detailed here.

Key Concerns

  • Two medium severity CVEs in history
  • Bundled Guzzle library (potential for outdated version)
Vulnerabilities
2

Accredible Certificates & Open Badges Security Vulnerabilities

CVEs by Year

1 CVE in 2023
2023
1 CVE in 2025
2025
Patched Has unpatched

Severity Breakdown

Medium
2

2 total CVEs

CVE-2024-13909medium · 4.9Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Accredible Certificates & Open Badges <= 1.4.9 - Authenticated (Administrator+) SQL Injection via orderby Parameter

Apr 9, 2025 Patched in 1.5.0 (44d)
CVE-2023-50827medium · 4.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Accredible Certificates & Open Badges <= 1.4.8 - Authenticated (Administrator+) Stored Cross-Site Scripting via settings

Dec 19, 2023 Patched in 1.4.9 (520d)
Code Analysis
Analyzed Mar 16, 2026

Accredible Certificates & Open Badges Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
1 prepared
Unescaped Output
1
46 escaped
Nonce Checks
1
Capability Checks
2
File Operations
0
External Requests
0
Bundled Libraries
1

Bundled Libraries

Guzzle

SQL Query Safety

100% prepared1 total queries

Output Escaping

98% escaped47 total outputs
Attack Surface

Accredible Certificates & Open Badges Attack Surface

Entry Points1
Unprotected0

Shortcodes 1

[accredible_credential] class-accredible-widget.php:189
WordPress Hooks 10
actionadmin_initclass-accredible-certificates-settings.php:24
actionadmin_menuclass-accredible-certificates-settings.php:25
actionadmin_menuclass-accredible-certificates.php:69
actionadmin_enqueue_scriptsclass-accredible-certificates.php:72
actionhourly_certificate_issuanceclass-accredible-certificates.php:74
actionwidgets_initclass-accredible-widget.php:186
actioninitpost-types\post_type_template.php:26
actionadmin_initpost-types\post_type_template.php:27
actionsave_postpost-types\post_type_template.php:36
actionadd_meta_boxespost-types\post_type_template.php:86

Scheduled Events 1

hourly_certificate_issuance
Maintenance & Trust

Accredible Certificates & Open Badges Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedFeb 27, 2026
PHP min version
Downloads19K

Community Trust

Rating40/100
Number of ratings5
Active installs90
Alternatives

Accredible Certificates & Open Badges Alternatives

Accredible LearnDash Add-on

Accredible LearnDash Add-on

accredible-learndash-add-on

A
100

Issue credentials, certificates, or badges for your LearnDash courses through Accredible digital credentialing.

80 No CVEs
ValidateCertify Free

ValidateCertify Free

validar-certificados-de-cursos

B
77

ValidateCertify is the ultimate plugin for ensuring the authenticity and integrity of issued certificates.

1K 1 unpatched
IssueBadge – Bulk Certificate Generator

IssueBadge – Bulk Certificate Generator

issuebadge-bulk-certificate-generator

A
100

Generate and issue digital certificates and badges using the IssueBadge API directly from your WordPress admin panel.

0 No CVEs
PW WooCommerce Gift Cards

PW WooCommerce Gift Cards

pw-woocommerce-gift-cards

A
100

Sell gift cards to your WooCommerce store, in just a few minutes!

20K No CVEs
Ultimate Gift Cards for WooCommerce

Ultimate Gift Cards for WooCommerce

woo-gift-cards-lite

A
97

Create, sell and manage WooCommerce gift cards to attract more sales and multiply your revenue at your online store.

7K 3 CVEs
Developer Profile

Accredible Certificates & Open Badges Developer Profile

accredible

2 plugins · 170 total installs

78
trust score
Avg Security Score
99/100
Avg Patch Time
282 days
View full developer profile
Detection Fingerprints

How We Detect Accredible Certificates & Open Badges

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/accredible-certificates/css/style.css
Version Parameters
accredible-certificates/css/style.css?ver=

HTML / DOM Fingerprints

CSS Classes
accredible-widget
Data Attributes
data-accredible-credentials-url
JS Globals
Accredible
FAQ

Frequently Asked Questions about Accredible Certificates & Open Badges