Does Customize Discount have any unpatched vulnerabilities?

No. All known vulnerabilities in Customize Discount have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Customize Discount compatible with WordPress 5.8.13?

According to WordPress.org data, Customize Discount 1.0.0 has been tested up to WordPress 5.8.13. Check the plugin's changelog for the latest compatibility information.

How often is Customize Discount updated?

Customize Discount was last updated on Aug 20, 2021. Frequent updates are generally a positive security signal.

What is Customize Discount's security score?

Customize Discount has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Customize Discount Security & Risk Analysis

wordpress.org/plugins/customize-discount

This Plugin will allow the user to give the discount to users. Through this plugins customer can give their clients an auto

0 active installs v1.0.0 PHP + WP 5.1+ Updated Aug 20, 2021

custom-discountcustomise-discountdiscountwoocommerce-custom-discountwoocommerce-discount

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Customize Discount Safe to Use in 2026?

Generally Safe

Score 85/100

Customize Discount has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago

Risk Assessment

The "customize-discount" plugin v1.0.0 exhibits several significant security concerns despite a lack of publicly known vulnerabilities. The primary area of weakness lies in its attack surface, with all three identified AJAX handlers lacking authentication checks. This means that any authenticated user, regardless of their role or permissions, could potentially trigger these AJAX actions, opening the door for unauthorized modifications or unintended actions within the plugin. While the plugin demonstrates good practices by exclusively using prepared statements for SQL queries and having a high percentage of properly escaped output, the absence of proper authorization on entry points is a critical oversight that undermines these positive aspects. The lack of any recorded vulnerability history is a positive indicator, suggesting that the developers have either been diligent or lucky, but it doesn't negate the immediate risks present in the current code. The plugin's overall security posture is therefore fragile, heavily reliant on the assumption that unauthenticated access to these AJAX endpoints will not be exploited, which is an unreliable security strategy.

Key Concerns

AJAX handlers without authentication checks
All AJAX handlers lack authentication checks
No nonce checks on entry points
No capability checks on entry points

Vulnerabilities

None known

Customize Discount Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Customize Discount Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

9 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

82% escaped11 total outputs

Attack Surface

3 unprotected

Customize Discount Attack Surface

Entry Points3

Unprotected3

AJAX Handlers 3

authwp_ajax_sayhelloadmin\class-zwk-customize-discount-admin.php:59

authwp_ajax_zwk_apply_couponpublic\class-zwk-customize-discount-public.php:61

noprivwp_ajax_zwk_apply_couponpublic\class-zwk-customize-discount-public.php:62

WordPress Hooks 12

actionadmin-initadmin\class-zwk-customize-discount-admin.php:55

filterwoocommerce_get_settings_pagesadmin\class-zwk-customize-discount-admin.php:56

actionviews_edit-shop_couponadmin\class-zwk-customize-discount-admin.php:57

actionplugins_loadedincludes\class-zwk-customize-discount.php:142

actionadmin_enqueue_scriptsincludes\class-zwk-customize-discount.php:157

actionadmin_enqueue_scriptsincludes\class-zwk-customize-discount.php:158

actionwp_enqueue_scriptsincludes\class-zwk-customize-discount.php:173

actionwp_enqueue_scriptsincludes\class-zwk-customize-discount.php:174

actionwoocommerce_before_thankyoupublic\class-zwk-customize-discount-public.php:59

actionwoocommerce_cart_couponpublic\class-zwk-customize-discount-public.php:60

actionwp_headpublic\class-zwk-customize-discount-public.php:63

actionadmin_noticeszwk-customize-discount.php:53

Maintenance & Trust

Customize Discount Maintenance & Trust

Maintenance Signals

WordPress version tested5.8.13

Last updatedAug 20, 2021

PHP min version

Downloads794

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Customize Discount Alternatives

Smart Coupons For WooCommerce Coupons

wt-smart-coupons-for-woocommerce

Best WooCommerce coupons plugin to create advanced coupons and discount codes with auto-apply, BOGO, free shipping, giveaways, and discount rules.

30K 1 CVE

Conditional Discounts for WooCommerce – A simple yet complete woocommerce dynamic pricing plugin

woo-advanced-discounts

A powerful WooCommerce dynamic pricing plugin for bulk discounts, free gifts, BOGOs, customer role or groups based deals and much more.

10K No CVEs

Dynamic Pricing With Discount Rules for WooCommerce

aco-woo-dynamic-pricing

The Dynamic Pricing With Discount Rules plugin enables bulk discounts for WooCommerce products. Its simple design allows easy setup in minutes.

6K 2 CVEs

Simple Discount Rules for Woocommerce

woo-product-category-discount

100

Simple Discount Rules for Woocommerce allows administrator to add and remove discount to products based on Category.

5K 1 CVE

ELEX WooCommerce Product Price Custom Text (Before & After Text) and Discount

elex-product-price-custom-text-before-after-text-and-discount-for-woocommerce

100

Add a text before and after the product price both globally and individually. Also, apply a quick discount for your products.

2K No CVEs

Developer Profile

Customize Discount Developer Profile

Zworthkey

5 plugins · 30 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Customize Discount

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/customize-discount/css/zwk-customize-discount-admin.css/wp-content/plugins/customize-discount/js/zwk-customize-discount-admin.js/wp-content/plugins/customize-discount/js/zwk-customize-discount.js

Script Paths

js/zwk-customize-discount.js

Version Parameters

customize-discount/css/zwk-customize-discount-admin.css?ver=customize-discount/js/zwk-customize-discount-admin.js?ver=customize-discount/js/zwk-customize-discount.js?ver=

HTML / DOM Fingerprints

CSS Classes

zwkcd-notice-error

HTML Comments

<!-- This file is read by WordPress to generate the plugin information in the plugin
 * admin area. This file also includes all of the dependencies used by the plugin,
 * registers the activation and deactivation functions, and defines a function
 * that starts the plugin. -->

+19 more

Data Attributes

id="sync_coupon"

JS Globals

window.zwk_customize_discount_obj

REST Endpoints

/wp-json/zwk-customize-discount/v1

FAQ