Does Discount Master for WooCommerce have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Discount Master for WooCommerce compatible with WordPress 6.8.5?

According to WordPress.org data, Discount Master for WooCommerce 1.0.4 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Discount Master for WooCommerce compatible with PHP 7.4+?

Discount Master for WooCommerce requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Discount Master for WooCommerce updated?

Discount Master for WooCommerce was last updated on Apr 14, 2026. Frequent updates are generally a positive security signal.

What is Discount Master for WooCommerce's security score?

Discount Master for WooCommerce has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Discount Master for WooCommerce Security & Risk Analysis

wordpress.org/plugins/discount-master-for-woocommerce

Discount Master for WooCommerce is a powerful plugin for dynamic pricing and multiple discount types in WooCommerce.

20 active installs v1.0.4 PHP 7.4+ WP 5.2+ Updated Apr 14, 2026

couponsdiscountpricingupsellswoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Discount Master for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Discount Master for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The "discount-master-for-woocommerce" v1.0.4 plugin exhibits a mixed security posture. On the positive side, it demonstrates strong adherence to secure coding practices in several areas. It boasts a very high rate of properly escaped output and uses prepared statements exclusively for all SQL queries, significantly reducing the risk of SQL injection. The plugin also implements nonce checks and capability checks, which are essential for securing WordPress actions. Its vulnerability history is clean, with no recorded CVEs, suggesting a good track record.

However, a significant concern arises from the attack surface analysis. The plugin exposes a single AJAX handler without any authentication checks. This unprotected entry point is a prime target for attackers and could be exploited if it performs sensitive operations or handles user-supplied data without proper validation or authorization. Furthermore, the presence of the `unserialize` function, even if not directly linked to a taint flow in this analysis, is a known risky function that can lead to remote code execution if improperly handled. While the taint analysis shows no critical or high severity flows, the single flow with unsanitized paths still warrants attention, as it indicates a potential avenue for injection vulnerabilities.

Key Concerns

AJAX handler without auth check
Dangerous function: unserialize
Flow with unsanitized paths

Vulnerabilities

None known

Discount Master for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Discount Master for WooCommerce Release Timeline

v1.0.4Current

v1.0.3

v1.0.2

v1.0.1

v1.0.0

Code Analysis

Analyzed Apr 16, 2026

Discount Master for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

387 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$meta_item_value = unserialize( $meta_item_value[0] );admin/class-dmfwc-admin.php:1369

unserialize$meta = unserialize( $meta );includes/class-dmfwc-helper.php:386

Output Escaping

99% escaped390 total outputs

Data Flows · Security

1 unsanitized

Data Flow Analysis

2 flows1 with unsanitized paths

<class-dmfwc-admin> (admin/class-dmfwc-admin.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

Discount Master for WooCommerce Attack Surface

Entry Points1

Unprotected1

AJAX Handlers 1

authwp_ajax_admin_ajax_endpointincludes/class-dmfwc.php:99

WordPress Hooks 27

actionplugins_loadeddmfwc.php:74

actionplugins_loadedincludes/class-dmfwc.php:82

actionadmin_enqueue_scriptsincludes/class-dmfwc.php:95

actionadmin_enqueue_scriptsincludes/class-dmfwc.php:96

actionadmin_menuincludes/class-dmfwc.php:97

actioninitincludes/class-dmfwc.php:98

actiondmfwc_settings_tab_contentincludes/class-dmfwc.php:100

filteradmin_body_classincludes/class-dmfwc.php:102

filterposts_whereincludes/class-dmfwc.php:103

filterpaginate_links_outputincludes/class-dmfwc.php:104

filterplugin_row_metaincludes/class-dmfwc.php:106

actionwp_enqueue_scriptsincludes/class-dmfwc.php:120

actionwp_enqueue_scriptsincludes/class-dmfwc.php:121

actionwoocommerce_before_calculate_totalsincludes/class-dmfwc.php:122

actionwoocommerce_after_calculate_totalsincludes/class-dmfwc.php:123

actionwoocommerce_cart_totals_order_total_htmlincludes/class-dmfwc.php:124

actionwoocommerce_cart_subtotalincludes/class-dmfwc.php:125

actionwoocommerce_cart_totals_after_order_totalincludes/class-dmfwc.php:126

actionwoocommerce_review_order_after_order_totalincludes/class-dmfwc.php:127

actionwoocommerce_checkout_update_order_metaincludes/class-dmfwc.php:128

filterwoocommerce_post_classincludes/class-dmfwc.php:131

filterwoocommerce_cart_item_priceincludes/class-dmfwc.php:132

filterwoocommerce_cart_item_subtotalincludes/class-dmfwc.php:133

filterwoocommerce_cart_item_classincludes/class-dmfwc.php:134

filterwoocommerce_order_item_classincludes/class-dmfwc.php:135

filterwoocommerce_get_price_htmlincludes/class-dmfwc.php:136

filterwoocommerce_available_variationincludes/class-dmfwc.php:137

Maintenance & Trust

Discount Master for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedApr 14, 2026

PHP min version7.4

Downloads639

Community Trust

Rating100/100

Number of ratings1

Active installs20

Alternatives

Discount Master for WooCommerce Alternatives

Discount Rules for WooCommerce

woo-discount-rules

The discount plugin for WooCommerce helps you create bulk discount, quantity discount, storewide sale, dynamic pricing discount offers easily.

100K 4 CVEs

Advanced Dynamic Pricing and Discount Rules for WooCommerce

advanced-dynamic-pricing-for-woocommerce

The discount plugin for WooCommerce supports any dynamic pricing discount: bulk discount, role discount, storewide, bogo, gifts, cart discount

20K 7 CVEs

Coupons+

coupons-plus-for-woocommerce

100

Next-generation coupon offers builder for WooCommerce. Create advanced BOGO coupons, brand discounts, quantity-based rules, and auto-applied offers!

100 No CVEs

Offermative – WooCommerce Discount Rules, Upsells & BOGO Powered by AI

offermative-discount-pricing-related-products-upsell-funnels-for-woocommerce

100

Grow revenue and AOV with targeted and automated WooCommerce discount rules, upsells, cross-sells, order bumps, and dynamic pricing offers.

50 No CVEs

Coupon Rules for WooCommerce – Create WooCommerce Coupons & Discounts, BOGO Coupons

coupon-rules

100

The plugin allows to give discounted product using coupon code.

0 No CVEs

Developer Profile

Discount Master for WooCommerce Developer Profile

PrecisionWP

2 plugins · 50 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Discount Master for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/discount-master-for-woocommerce/css/dmfwc-admin-global.css/wp-content/plugins/discount-master-for-woocommerce/css/flatpickr.min.css/wp-content/plugins/discount-master-for-woocommerce/css/flexboxgrid.min.css/wp-content/plugins/discount-master-for-woocommerce/css/dmfwc-admin.css/wp-content/plugins/discount-master-for-woocommerce/css/dmfwc-admin-rtl.css/wp-content/plugins/discount-master-for-woocommerce/js/flatpickr.min.js/wp-content/plugins/discount-master-for-woocommerce/js/sortable.min.js/wp-content/plugins/discount-master-for-woocommerce/js/dmfwc-admin.js

Script Paths

js/flatpickr.min.jsjs/sortable.min.jsjs/dmfwc-admin.js

Version Parameters

discount-master-for-woocommerce/css/dmfwc-admin-global.css?ver=discount-master-for-woocommerce/css/flatpickr.min.css?ver=discount-master-for-woocommerce/css/flexboxgrid.min.css?ver=discount-master-for-woocommerce/css/dmfwc-admin.css?ver=discount-master-for-woocommerce/css/dmfwc-admin-rtl.css?ver=discount-master-for-woocommerce/js/flatpickr.min.js?ver=discount-master-for-woocommerce/js/sortable.min.js?ver=discount-master-for-woocommerce/js/dmfwc-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

dmfwc-admin-globaldmfwc-flatpickrdmfwc-flexboxgriddmfwc-admindmfwc-admin-rtl

JS Globals

dmfwcAjaxObj

FAQ