WP-Safety

Beltoft Loyalty Rewards for WooCommerce Security & Risk Analysis

wordpress.org/plugins/beltoft-loyalty-rewards

Earn points on purchases and redeem them for cart discounts.

0 active installs v1.2.19 PHP 7.4+ WP 6.2+ Updated Unknown
discountloyaltypointsrewardswoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Beltoft Loyalty Rewards for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Beltoft Loyalty Rewards for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs
Risk Assessment

The "beltoft-loyalty-rewards" plugin v1.2.20 exhibits a generally strong security posture, with a notable absence of known vulnerabilities and a diligent use of prepared statements for SQL queries and proper output escaping. The plugin also correctly implements nonce and capability checks for its entry points where applicable. However, a significant concern arises from the REST API routes. Both identified REST API routes lack permission callbacks, creating a direct attack surface that could potentially be exploited by unauthenticated users. This oversight, despite the plugin's otherwise good practices, presents a clear risk that needs immediate attention. The static analysis did not reveal any dangerous functions, external HTTP requests, or unsanitized taint flows, which are positive indicators. The vulnerability history being clear is also a strong positive, suggesting a history of secure development or prompt patching of any past issues.

Key Concerns

  • REST API routes without permission callbacks
Vulnerabilities
None known

Beltoft Loyalty Rewards for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Beltoft Loyalty Rewards for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
30 prepared
Unescaped Output
2
142 escaped
Nonce Checks
4
Capability Checks
4
File Operations
1
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared30 total queries

Output Escaping

99% escaped144 total outputs
Attack Surface
2 unprotected

Beltoft Loyalty Rewards for WooCommerce Attack Surface

Entry Points4
Unprotected2

REST API Routes 2

GET/wp-json/beltoft-loyalty-rewards/v1/redeemsrc\Blocks\StoreApiExtension.php:219
GET/wp-json/beltoft-loyalty-rewards/v1/redeemsrc\Blocks\StoreApiExtension.php:236

Shortcodes 2

[blrw_points_message] src\Plugin.php:55
[blrw_redeem_form] src\Plugin.php:56
WordPress Hooks 40
actionbefore_woocommerce_initbeltoft-loyalty-rewards.php:43
actionplugins_loadedbeltoft-loyalty-rewards.php:54
actionadmin_noticesbeltoft-loyalty-rewards.php:56
actionadmin_post_wclr_export_ledgersrc\Admin\LedgerListTable.php:12
actionadmin_menusrc\Admin\SettingsPage.php:16
actionadmin_initsrc\Admin\SettingsPage.php:17
actionshow_user_profilesrc\Admin\UserProfile.php:12
actionedit_user_profilesrc\Admin\UserProfile.php:13
actionpersonal_options_updatesrc\Admin\UserProfile.php:14
actionedit_user_profile_updatesrc\Admin\UserProfile.php:15
actionrest_api_initsrc\Blocks\StoreApiExtension.php:44
actionwoocommerce_single_product_summarysrc\Plugin.php:48
actionwclr_product_points_messagesrc\Plugin.php:52
actionadmin_enqueue_scriptssrc\Plugin.php:59
actionwp_enqueue_scriptssrc\Plugin.php:60
actionwclr_expiry_cronsrc\Plugin.php:64
actionwoocommerce_blocks_loadedsrc\Plugin.php:80
actionwoocommerce_order_status_cancelledsrc\WooCommerce\EarnHooks.php:21
actionwoocommerce_order_status_refundedsrc\WooCommerce\EarnHooks.php:22
actionwoocommerce_order_status_failedsrc\WooCommerce\EarnHooks.php:23
actioninitsrc\WooCommerce\MyAccount.php:15
filterwoocommerce_account_menu_itemssrc\WooCommerce\MyAccount.php:18
actionwoocommerce_account_loyalty-points_endpointsrc\WooCommerce\MyAccount.php:21
filterthe_titlesrc\WooCommerce\MyAccount.php:24
actionwoocommerce_admin_order_data_after_billing_addresssrc\WooCommerce\OrderAdmin.php:10
filterwoocommerce_get_shop_coupon_datasrc\WooCommerce\RedeemHooks.php:18
filterwoocommerce_cart_totals_coupon_labelsrc\WooCommerce\RedeemHooks.php:21
filterwoocommerce_coupon_is_validsrc\WooCommerce\RedeemHooks.php:24
actionwoocommerce_before_cart_totalssrc\WooCommerce\RedeemHooks.php:28
actionwoocommerce_before_cart_totalssrc\WooCommerce\RedeemHooks.php:29
actionwoocommerce_review_order_before_paymentsrc\WooCommerce\RedeemHooks.php:32
actionwoocommerce_review_order_before_paymentsrc\WooCommerce\RedeemHooks.php:33
actionblrw_redeem_formsrc\WooCommerce\RedeemHooks.php:37
actionwc_ajax_wclr_apply_pointssrc\WooCommerce\RedeemHooks.php:40
actionwc_ajax_wclr_remove_pointssrc\WooCommerce\RedeemHooks.php:41
actionwoocommerce_checkout_order_createdsrc\WooCommerce\RedeemHooks.php:44
actionwoocommerce_payment_completesrc\WooCommerce\RedeemHooks.php:47
actionwoocommerce_order_status_processingsrc\WooCommerce\RedeemHooks.php:52
actionwoocommerce_order_status_completedsrc\WooCommerce\RedeemHooks.php:53
actionwoocommerce_removed_couponsrc\WooCommerce\RedeemHooks.php:56

Scheduled Events 1

wclr_expiry_cron
Maintenance & Trust

Beltoft Loyalty Rewards for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedUnknown
PHP min version7.4
Downloads210

Community Trust

Rating100/100
Number of ratings1
Active installs0
Alternatives

Beltoft Loyalty Rewards for WooCommerce Alternatives

Easy Loyalty Points and Rewards for WooCommerce

Easy Loyalty Points and Rewards for WooCommerce

easy-loyalty-points-and-rewards-for-woocommerce

A
85

A lightweight, easy to use customer loyalty system for WooCommerce.

400 No CVEs
Simple Points and Rewards for WooCommerce – Create a Loyalty Program

Simple Points and Rewards for WooCommerce – Create a Loyalty Program

simple-points-and-rewards

A
100

WooCommerce Points and Rewards plugin. Create a simple but powerful loyalty program. Reward purchases, referrals, and much more.

100 No CVEs
RewardsWP – Loyalty Points & Referral Program for WooCommerce

RewardsWP – Loyalty Points & Referral Program for WooCommerce

rewardswp

A
94

Turn customers into brand advocates with loyalty points and referral programs for WooCommerce and Easy Digital Downloads.

90 1 CVE
XT Points & Rewards for WooCommerce

XT Points & Rewards for WooCommerce

xt-woo-points-rewards

A
92

Points and Rewards for WooCommerce that lets you reward your customers for purchases and other actions with points that can be redeemed for discounts.

90 No CVEs
HostPlugin – WooCommerce Points & Rewards

HostPlugin – WooCommerce Points & Rewards

hostplugin-woocommerce-points-and-rewards

A
85

Reward your loyal customers for purchases and other actions using points which can be redeemed for discounts on future purchase.

50 No CVEs
Developer Profile

Beltoft Loyalty Rewards for WooCommerce Developer Profile

beltoftnet

3 plugins · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Beltoft Loyalty Rewards for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/beltoft-loyalty-rewards/assets/css/frontend.css/wp-content/plugins/beltoft-loyalty-rewards/assets/css/admin.css
Script Paths
/wp-content/plugins/beltoft-loyalty-rewards/assets/js/redeem-form.js
Version Parameters
beltoft-loyalty-rewards/assets/css/frontend.css?ver=beltoft-loyalty-rewards/assets/css/admin.css?ver=

HTML / DOM Fingerprints

CSS Classes
blrw-product-messageblrw-redeem-form-container
Data Attributes
data-product-id
Shortcode Output
<p class="blrw-product-message"<div class="blrw-redeem-form-container"
FAQ

Frequently Asked Questions about Beltoft Loyalty Rewards for WooCommerce