WP-Safety

Audit Charitable Donations Plugin Security & Risk Analysis

wordpress.org/plugins/audit-charitable-donations

Are you looking for gainning more trust among your donors? You are at the right place. This plugin allows an admin to audit the received donations and …

20 active installs v1.0.1 PHP 5.6+ WP 4.1+ Updated May 27, 2019
audit-received-donationscharitablecharitable-addondisplay-admin-reportdonors-transparency
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Audit Charitable Donations Plugin Safe to Use in 2026?

Generally Safe

Score 85/100

Audit Charitable Donations Plugin has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago
Risk Assessment

The audit-charitable-donations plugin v1.0.1 exhibits a mixed security posture. While it has no recorded vulnerabilities or critical taint flows, and no dangerous functions or file operations are present, there are significant concerns in its code analysis. The plugin has a small attack surface of 2 entry points, but critically, one of these is an AJAX handler that lacks authentication checks. This creates a direct path for unauthenticated users to interact with plugin functionality, potentially leading to unintended actions or information disclosure if not handled carefully within the handler itself.

Furthermore, the plugin utilizes raw SQL queries without prepared statements, which is a substantial risk for SQL injection vulnerabilities. Coupled with a very low percentage of properly escaped output, this increases the likelihood of malicious data being processed or displayed insecurely. The presence of a nonce check indicates some awareness of security best practices, but its absence on other entry points, particularly the unauthenticated AJAX handler, is a notable weakness. The lack of recorded vulnerabilities in its history is positive but does not negate the identified risks in the current codebase, as undiscovered vulnerabilities or potential future exploits stemming from these weaknesses are still possible.

Key Concerns

  • Unprotected AJAX handler
  • Raw SQL queries without prepared statements
  • Low percentage of properly escaped output
  • Missing capability checks
Vulnerabilities
None known

Audit Charitable Donations Plugin Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Audit Charitable Donations Plugin Release Timeline

v1.0.1Current
v1.0
Code Analysis
Analyzed Mar 16, 2026

Audit Charitable Donations Plugin Code Analysis

Dangerous Functions
0
Raw SQL Queries
2
0 prepared
Unescaped Output
29
2 escaped
Nonce Checks
1
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

0% prepared2 total queries

Output Escaping

6% escaped31 total outputs
Attack Surface
1 unprotected

Audit Charitable Donations Plugin Attack Surface

Entry Points2
Unprotected1

AJAX Handlers 1

authwp_ajax_remove_expenseincludes\admin\audit-charitable-donations-admin-hooks.php:61

Shortcodes 1

[charitable_audit] includes\shortcodes\audit-charitable-donations-shortcodes-hooks.php:22
WordPress Hooks 11
actionplugins_loadedaudit-charitable-donations.php:54
actioninitincludes\admin\audit-charitable-donations-admin-hooks.php:14
actionadmin_menuincludes\admin\audit-charitable-donations-admin-hooks.php:35
actionadmin_enqueue_scriptsincludes\admin\audit-charitable-donations-admin-hooks.php:42
actionadmin_enqueue_scriptsincludes\admin\audit-charitable-donations-admin-hooks.php:49
actionadmin_footerincludes\admin\audit-charitable-donations-admin-hooks.php:54
actionadmin_post_expense_form_save_responseincludes\admin\audit-charitable-donations-admin-hooks.php:59
actionadmin_noticesincludes\admin\class-charitable-extension-activation.php:79
actionadmin_noticesincludes\admin\upgrades\audit-charitable-donations-upgrade-hooks.php:22
actioncharitable_startincludes\class-audit-charitable-donations.php:109
actionwp_enqueue_scriptsincludes\public\audit-charitable-donations-public-hooks.php:19
Maintenance & Trust

Audit Charitable Donations Plugin Maintenance & Trust

Maintenance Signals

WordPress version tested5.2.24
Last updatedMay 27, 2019
PHP min version5.6
Downloads2K

Community Trust

Rating100/100
Number of ratings1
Active installs20
Alternatives

Audit Charitable Donations Plugin Alternatives

Charitable – Instamojo Payment Gateway

Charitable – Instamojo Payment Gateway

integrate-charitable-instamojo

A
92

Collect donations in INR via Debit Cards, Credit Cards, Net Banking, UPI, Wallets, EMI, NEFT, IMPS by integrating Instamojo Indian Payment Gateway.

200 No CVEs
CustomDonations – Donation, Membership, and Fundraising Forms with Stripe, PayPal and DAF Pay

CustomDonations – Donation, Membership, and Fundraising Forms with Stripe, PayPal and DAF Pay

customdonations

A
100

Best WordPress plugin for highly customizable and secure online giving forms. Drag & Drop form builder. No Coding. Official PayPal & Stripe Partner.

100 No CVEs
Donation Manager for WooCommerce – Effortlessly Collect & Manage Donations

Donation Manager for WooCommerce – Effortlessly Collect & Manage Donations

wc-donation-manager

A
100

Easily manage donations and effortlessly collect donation with WooCommerce.

10 No CVEs
Developer Profile

Audit Charitable Donations Plugin Developer Profile

Himani Lotia

1 plugin · 20 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Audit Charitable Donations Plugin

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/audit-charitable-donations/includes/admin/assets/audit-charitable-donations.css/wp-content/plugins/audit-charitable-donations/includes/admin/assets/audit-charitable-donations.js
Version Parameters
audit-charitable-donations/includes/admin/assets/audit-charitable-donations.css?ver=audit-charitable-donations/includes/admin/assets/audit-charitable-donations.js?ver=

HTML / DOM Fingerprints

JS Globals
cae
FAQ

Frequently Asked Questions about Audit Charitable Donations Plugin