WP-Safety

Coinsnap Bitcoin Voting Security & Risk Analysis

wordpress.org/plugins/coinsnap-bitcoin-voting

Collect small Bitcoin (Satoshi) payments for every vote on your WordPress site. Great for monetized polls, community engagement and SPAM-free surveys

0 active installs v1.2.3 PHP + WP + Updated Feb 15, 2026
bitcoinbtcpaylightningpollingvoting
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Coinsnap Bitcoin Voting Safe to Use in 2026?

Generally Safe

Score 100/100

Coinsnap Bitcoin Voting has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago
Risk Assessment

The "coinsnap-bitcoin-voting" plugin version 1.2.3 exhibits a mixed security posture. On the positive side, it demonstrates good practices by using prepared statements for all SQL queries and has a high percentage of properly escaped output. The absence of known vulnerabilities in its history and no critical taint flows are also strong indicators of a relatively secure codebase. However, there are significant concerns regarding its attack surface and authorization mechanisms. A substantial portion of its AJAX handlers and REST API routes lack proper authentication and capability checks, creating potential entry points for unauthorized actions. While no dangerous functions or critical taint flows were identified in this analysis, the presence of unprotected entry points remains a notable risk that could be exploited if vulnerabilities are introduced in the future. The plugin's history of no recorded vulnerabilities is positive but should not be seen as a guarantee of future safety, especially given the identified unprotected endpoints. Overall, the plugin has strengths in data handling but weaknesses in access control for its exposed interfaces.

Key Concerns

  • AJAX handlers without auth checks
  • REST API routes without permission callbacks
  • Unprotected entry points (AJAX and REST)
Vulnerabilities
None known

Coinsnap Bitcoin Voting Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Coinsnap Bitcoin Voting Release Timeline

v1.2.3Current
v1.2.1
v1.2.0
v1.1.0
v1.0.0
Code Analysis
Analyzed Mar 17, 2026

Coinsnap Bitcoin Voting Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
12 prepared
Unescaped Output
42
369 escaped
Nonce Checks
7
Capability Checks
4
File Operations
3
External Requests
4
Bundled Libraries
0

SQL Query Safety

100% prepared12 total queries

Output Escaping

90% escaped411 total outputs
Attack Surface
5 unprotected

Coinsnap Bitcoin Voting Attack Surface

Entry Points9
Unprotected5

AJAX Handlers 3

authwp_ajax_coinsnap_bitcoin_voting_btcpay_apiurl_handlercoinsnap-bitcoin-voting.php:69
authwp_ajax_coinsnap_bitcoin_voting_connection_handlercoinsnap-bitcoin-voting.php:70
authwp_ajax_refresh_donationsincludes\class-coinsnap-bitcoin-voting-list.php:7

REST API Routes 5

GET/wp-json/voting/v1/voting_results/(?P<poll_id>\d+)includes\class-coinsnap-bitcoin-voting-webhooks.php:14
GET/wp-json/voting/v1/get-wh-secretincludes\class-coinsnap-bitcoin-voting-webhooks.php:31
GET/wp-json/voting/v1/payment-status-long-poll/(?P<payment_id>[a-zA-Z0-9]+)/(?P<poll_id>\d+)includes\class-coinsnap-bitcoin-voting-webhooks.php:45
GET/wp-json/voting/v1/check-payment-status/(?P<payment_id>[a-zA-Z0-9]+)includes\class-coinsnap-bitcoin-voting-webhooks.php:68
GET/wp-json/coinsnap-bitcoin-voting/v1webhookincludes\class-coinsnap-bitcoin-voting-webhooks.php:151

Shortcodes 1

[coinsnap_bitcoin_voting] includes\class-coinsnap-bitcoin-voting-shortcode-voting.php:7
WordPress Hooks 24
actionwp_enqueue_scriptscoinsnap-bitcoin-voting.php:67
actionadmin_enqueue_scriptscoinsnap-bitcoin-voting.php:68
actioninitcoinsnap-bitcoin-voting.php:345
filterrequestcoinsnap-bitcoin-voting.php:351
actiontemplate_redirectcoinsnap-bitcoin-voting.php:373
actioninitincludes\class-coinsnap-bitcoin-voting-polls.php:6
actioninitincludes\class-coinsnap-bitcoin-voting-polls.php:7
actionadd_meta_boxesincludes\class-coinsnap-bitcoin-voting-polls.php:8
actionsave_postincludes\class-coinsnap-bitcoin-voting-polls.php:9
filtermanage_coinsnap-polls_posts_columnsincludes\class-coinsnap-bitcoin-voting-polls.php:10
actionmanage_coinsnap-polls_posts_custom_columnincludes\class-coinsnap-bitcoin-voting-polls.php:11
actioninitincludes\class-coinsnap-bitcoin-voting-public-donors.php:6
actioninitincludes\class-coinsnap-bitcoin-voting-public-donors.php:7
actionadd_meta_boxesincludes\class-coinsnap-bitcoin-voting-public-donors.php:8
actionsave_postincludes\class-coinsnap-bitcoin-voting-public-donors.php:9
filtermanage_coinsnap-pds_posts_columnsincludes\class-coinsnap-bitcoin-voting-public-donors.php:10
actionmanage_coinsnap-pds_posts_custom_columnincludes\class-coinsnap-bitcoin-voting-public-donors.php:11
actionadmin_menuincludes\class-coinsnap-bitcoin-voting-settings.php:13
actionadmin_initincludes\class-coinsnap-bitcoin-voting-settings.php:14
actionrest_api_initincludes\class-coinsnap-bitcoin-voting-webhooks.php:6
actionrest_api_initincludes\class-coinsnap-bitcoin-voting-webhooks.php:7
actionrest_api_initincludes\class-coinsnap-bitcoin-voting-webhooks.php:8
actionrest_api_initincludes\class-coinsnap-bitcoin-voting-webhooks.php:9
actionrest_api_initincludes\class-coinsnap-bitcoin-voting-webhooks.php:10
Maintenance & Trust

Coinsnap Bitcoin Voting Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 15, 2026
PHP min version
Downloads557

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Coinsnap Bitcoin Voting Alternatives

BTCPay Server – Accept Bitcoin payments in WooCommerce

BTCPay Server – Accept Bitcoin payments in WooCommerce

btcpay-greenfield-for-woocommerce

A
100

BTCPay Server is a free and open-source bitcoin payment processor which allows you to receive payments in Bitcoin and altcoins directly, with no fees, &hellip;

1K No CVEs
Coinsnap Bitcoin Donation

Coinsnap Bitcoin Donation

coinsnap-bitcoin-donation

A
100

Let visitors donate Bitcoin anywhere on your WordPress site. Simple setup, optional shoutouts, and display messages beside or below the donation form

10 No CVEs
Coinsnap Bitcoin Crowdfunding

Coinsnap Bitcoin Crowdfunding

coinsnap-bitcoin-crowdfunding

A
100

Collect Bitcoin with Coinsnap or BTCPay Server from your community to fund personal, creative or social projects – directly on your WordPress site.

0 No CVEs
Bitcoin Invoice Form

Bitcoin Invoice Form

coinsnap-bitcoin-invoice-form

A
100

Generate and embed customizable Bitcoin Invoice Forms on your website (Coinsnap & BTCPay server Integration).

0 No CVEs
Coinsnap Bitcoin Paywall

Coinsnap Bitcoin Paywall

coinsnap-paywall

A
100

Offer pay-per-text, -video/audio, -digital goods with a Coinsnap Bitcoin paywall. Buyers get instant access after sending Bitcoin/Sats to your wallet

0 No CVEs
Developer Profile

Coinsnap Bitcoin Voting Developer Profile

Coinsnap

14 plugins · 60 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Coinsnap Bitcoin Voting

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/coinsnap-bitcoin-voting/assets/css/coinsnap-bitcoin-voting.css/wp-content/plugins/coinsnap-bitcoin-voting/assets/js/coinsnap-bitcoin-voting.js/wp-content/plugins/coinsnap-bitcoin-voting/assets/js/coinsnap-bitcoin-voting-admin.js
Script Paths
/wp-content/plugins/coinsnap-bitcoin-voting/assets/js/coinsnap-bitcoin-voting.js/wp-content/plugins/coinsnap-bitcoin-voting/assets/js/coinsnap-bitcoin-voting-admin.js
Version Parameters
coinsnap-bitcoin-voting/assets/css/coinsnap-bitcoin-voting.css?ver=coinsnap-bitcoin-voting/assets/js/coinsnap-bitcoin-voting.js?ver=coinsnap-bitcoin-voting/assets/js/coinsnap-bitcoin-voting-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
coinsnap_bitcoin_voting_poll
HTML Comments
<!-- coinsnap_bitcoin_voting_poll --><!-- coinsnap_bitcoin_voting_poll_option -->
Data Attributes
data-poll-iddata-option-iddata-noncedata-api-urldata-api-keydata-store-id+2 more
JS Globals
coinsnap_bitcoin_voting_ajax_object
REST Endpoints
/wp-json/coinsnap-bitcoin-voting/v1/payment_handler
Shortcode Output
[coinsnap_bitcoin_voting_poll]
FAQ

Frequently Asked Questions about Coinsnap Bitcoin Voting