WP-Safety

Advance Coupons for Woocommerce Security & Risk Analysis

wordpress.org/plugins/advance-coupons-for-woocommerce

Create gift vouchers, store credits, special discounts based on the amount spent, etc.

10 active installs v1.0.1 PHP 7.0+ WP 4.0+ Updated Jun 13, 2022
couponwoocommerce-coupon
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Advance Coupons for Woocommerce Safe to Use in 2026?

Generally Safe

Score 85/100

Advance Coupons for Woocommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago
Risk Assessment

The plugin "advance-coupons-for-woocommerce" v1.0.1 exhibits a mixed security posture. On the positive side, it demonstrates good practices regarding database interactions, with 100% of SQL queries utilizing prepared statements and a very high rate (94%) of output escaping. The absence of known CVEs and dangerous function usage further contributes to a favorable impression. However, a significant concern arises from its attack surface. With 8 AJAX handlers, 7 of which lack authentication checks, there is a substantial risk of unauthorized actions being performed on a WordPress site. The presence of 2 nonce checks is a positive step, but their limited scope leaves the majority of AJAX endpoints vulnerable.

The code analysis reveals no critical or high-severity taint flows, and the plugin avoids file operations and external HTTP requests, which are common sources of vulnerabilities. The vulnerability history is clean, with no recorded CVEs, suggesting a history of secure development or a lack of past exploitation, which is encouraging. Despite these strengths, the unprotected AJAX endpoints represent a critical weakness. The absence of capability checks on these handlers means any user, even an unauthenticated one, could potentially trigger them, leading to unintended consequences or exploitation.

In conclusion, while the plugin employs sound practices for database security and output sanitization, its substantial unprotected AJAX attack surface is a significant security concern. The lack of robust authentication and authorization on these critical entry points outweighs the positive aspects of its code and vulnerability history. A user of this plugin should be aware of this risk and potentially seek mitigation strategies or consider alternatives if this functionality is exposed.

Key Concerns

  • Unprotected AJAX handlers
  • Missing capability checks on AJAX
  • High output unescaped percentage
Vulnerabilities
None known

Advance Coupons for Woocommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Advance Coupons for Woocommerce Release Timeline

No version history available.
Code Analysis
Analyzed Apr 16, 2026

Advance Coupons for Woocommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
1
17 escaped
Nonce Checks
2
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

94% escaped18 total outputs
Attack Surface
7 unprotected

Advance Coupons for Woocommerce Attack Surface

Entry Points8
Unprotected7

AJAX Handlers 8

authwp_ajax_sdwac_coupon_product_searchincludes/Ajax.php:13
authwp_ajax_sdwac_coupon_get_filtersincludes/Ajax.php:14
authwp_ajax_sdwac_coupon_save_filtersincludes/Ajax.php:15
authwp_ajax_sdwac_coupon_get_mainincludes/Ajax.php:16
authwp_ajax_sdwac_coupon_get_discountsincludes/Ajax.php:17
authwp_ajax_sdwac_coupon_get_rulesincludes/Ajax.php:18
authwp_ajax_sdwac_coupon_get_woocouponsincludes/Ajax.php:19
authwp_ajax_sdwac_coupon_get_sdwac_coupon_panelincludes/Ajax.php:20
WordPress Hooks 31
actionplugins_loadedcoupons.php:82
actionadmin_noticescoupons.php:157
actioninitcoupons.php:210
actioninitcoupons.php:213
actionedit_form_topincludes/Admin/Coupon.php:12
actionadmin_enqueue_scriptsincludes/Admin/Coupon.php:13
actionsave_post_shop_couponincludes/Admin/Coupon.php:14
actionadd_meta_boxesincludes/Admin/MetaBoxes.php:13
filterwoocommerce_order_item_get_discountincludes/Admin/Order.php:11
filterwoocommerce_settings_tabs_arrayincludes/Admin/Setting.php:13
filterwoocommerce_settings_tabs_sdevs_couponincludes/Admin/Setting.php:14
actionwoocommerce_update_options_sdevs_couponincludes/Admin/Setting.php:15
filterwoocommerce_coupon_data_tabsincludes/Admin/sdwac_Panels.php:13
filterwoocommerce_coupon_data_panelsincludes/Admin/sdwac_Panels.php:14
actionsave_post_shop_couponincludes/Admin/sdwac_Panels.php:15
actionrest_api_initincludes/Api.php:16
actionadmin_enqueue_scriptsincludes/Assets.php:16
actionwp_enqueue_scriptsincludes/Assets.php:18
actionwp_headincludes/Frontend/Auto.php:17
actionwoocommerce_checkout_update_order_metaincludes/Frontend/Checkout.php:10
filterwoocommerce_product_get_priceincludes/Frontend/Coupon.php:17
filterwoocommerce_cart_item_priceincludes/Frontend/Coupon.php:18
filterwoocommerce_coupon_custom_discounts_arrayincludes/Frontend/Coupon.php:19
filterwoocommerce_cart_totals_coupon_htmlincludes/Frontend/Coupon.php:20
filterwoocommerce_product_variation_get_priceincludes/Frontend/Coupon.php:21
filterwoocommerce_variation_prices_priceincludes/Frontend/Coupon.php:22
actioninitincludes/Frontend/Url.php:14
actionwoocommerce_add_to_cartincludes/Frontend/Url.php:16
actionwoocommerce_before_cartincludes/Frontend/Url.php:18
filterwoocommerce_coupon_is_validincludes/Frontend/Validation.php:13
filterwoocommerce_coupon_discount_typesincludes/Illuminate/Coupon.php:12
Maintenance & Trust

Advance Coupons for Woocommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.0.11
Last updatedJun 13, 2022
PHP min version7.0
Downloads1K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

Advance Coupons for Woocommerce Alternatives

Smart Coupons For WooCommerce Coupons

Smart Coupons For WooCommerce Coupons

wt-smart-coupons-for-woocommerce

A
99

Best WooCommerce coupons plugin to create advanced coupons and discount codes with auto-apply, BOGO, free shipping, giveaways, and discount rules.

30K 1 CVE
Advanced Coupons for WooCommerce Coupons & Store Credit

Advanced Coupons for WooCommerce Coupons & Store Credit

advanced-coupons-for-woocommerce-free

A
93

Enhance WooCommerce coupons with new coupon types, BOGO coupons, store credit, discount rules, url coupons, gift cards, loyalty program + more!

20K 4 CVEs
Coupon Generator for WooCommerce

Coupon Generator for WooCommerce

coupon-generator-for-woocommerce

A
92

Generate WooCommerce coupons easily and fast.

10K No CVEs
Power Coupons for WooCommerce

Power Coupons for WooCommerce

power-coupons

A
100

WordPress coupon plugin for WooCommerce that auto-applies discounts with flexible rules and dynamic cart incentives—no codes required.

10K No CVEs
First Order Coupon Manager for WooCommerce

First Order Coupon Manager for WooCommerce

first-order-coupon-manager-for-woocommerce

A
85

Maintain the first-order discount using this plugin.

1K No CVEs
Developer Profile

Advance Coupons for Woocommerce Developer Profile

Abu Huraira Bin Aman

9 plugins · 9K total installs

68
trust score
Avg Security Score
84/100
Avg Patch Time
238 days
View full developer profile
Detection Fingerprints

How We Detect Advance Coupons for Woocommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/advance-coupons-for-woocommerce/assets/css/app.css/wp-content/plugins/advance-coupons-for-woocommerce/assets/js/app.js/wp-content/plugins/advance-coupons-for-woocommerce/assets/js/admin-coupon.js
Script Paths
/wp-content/plugins/advance-coupons-for-woocommerce/assets/js/app.js/wp-content/plugins/advance-coupons-for-woocommerce/assets/js/admin-coupon.js
Version Parameters
advance-coupons-for-woocommerce/assets/css/app.css?ver=advance-coupons-for-woocommerce/assets/js/app.js?ver=advance-coupons-for-woocommerce/assets/js/admin-coupon.js?ver=

HTML / DOM Fingerprints

JS Globals
sdwac_coupon_helper_objsdwac_coupon_app_obj
FAQ

Frequently Asked Questions about Advance Coupons for Woocommerce