Does Discountly – Discount Manager for WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in Discountly – Discount Manager for WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Discountly – Discount Manager for WooCommerce compatible with WordPress 6.8.5?

According to WordPress.org data, Discountly – Discount Manager for WooCommerce 1.0.0 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Discountly – Discount Manager for WooCommerce compatible with PHP 7.4+?

Discountly – Discount Manager for WooCommerce requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

What is Discountly – Discount Manager for WooCommerce's security score?

Discountly – Discount Manager for WooCommerce has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Discountly – Discount Manager for WooCommerce Security & Risk Analysis

wordpress.org/plugins/discountly

Create advanced discount rules for WooCommerce with an intuitive admin panel – no coding required.

20 active installs v1.0.0 PHP 7.4+ WP 6.5+ Updated Jul 3, 2025

bulk-discountdiscountdynamic-pricingsalewoocommerce-discounts

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Discountly – Discount Manager for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Discountly – Discount Manager for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9mo ago

Risk Assessment

The "discountly" v1.0.0 plugin exhibits a strong security posture based on the provided static analysis. A significant strength is the complete absence of unprotected entry points across its 17 REST API routes and 0 AJAX handlers. Furthermore, all SQL queries utilize prepared statements (94%), and all output is properly escaped, indicating good defensive coding practices. The lack of file operations and external HTTP requests further reduces the attack surface. The vulnerability history is also clean, with no known CVEs, which is a positive indicator. The absence of dangerous functions and taint flows also suggests a well-developed and secure codebase.

However, a notable concern is the complete absence of nonce checks (0). While capability checks are present for all REST API routes, the lack of nonces on potential AJAX handlers (even though there are 0 reported, this is a general best practice for any future additions) could be a weakness if any AJAX functionality is ever introduced. The current data shows a very limited attack surface, but the absence of nonces represents a potential area for future risk if the plugin evolves. Overall, "discountly" v1.0.0 appears to be a secure plugin, with its primary strength being robust input validation and output sanitization, and its only noted weakness being the omission of nonce checks.

Key Concerns

Missing nonce checks

Vulnerabilities

None known

Discountly – Discount Manager for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Discountly – Discount Manager for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

32 prepared

Unescaped Output

36 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

94% prepared34 total queries

Output Escaping

100% escaped36 total outputs

Attack Surface

Discountly – Discount Manager for WooCommerce Attack Surface

Entry Points17

Unprotected0

REST API Routes 17

GET/wp-json/nwpdiscountly/v1/search-categoriesinc\rest-api\CategoriesApi.php:12

GET/wp-json/nwpdiscountly/v1/get-categories-by-discount-idinc\rest-api\CategoriesApi.php:20

GET/wp-json/nwpdiscountly/v1/get-discountsinc\rest-api\DiscountsApi.php:16

GET/wp-json/nwpdiscountly/v1/get-discount/(?P<id>\d+)inc\rest-api\DiscountsApi.php:24

POST/wp-json/nwpdiscountly/v1/create-discountinc\rest-api\DiscountsApi.php:32

PUT/wp-json/nwpdiscountly/v1/update-discount/(?P<id>\d+)inc\rest-api\DiscountsApi.php:40

POST/wp-json/nwpdiscountly/v1/update-priorityinc\rest-api\DiscountsApi.php:48

POST/wp-json/nwpdiscountly/v1/delete-discountinc\rest-api\DiscountsApi.php:56

POST/wp-json/nwpdiscountly/v1/update-statusinc\rest-api\DiscountsApi.php:64

GET/wp-json/nwpdiscountly/v1/search-productsinc\rest-api\ProductsApi.php:15

GET/wp-json/nwpdiscountly/v1/get-products-by-discount-idinc\rest-api\ProductsApi.php:23

GET/wp-json/nwpdiscountly/v1/search-tagsinc\rest-api\TagsApi.php:12

GET/wp-json/nwpdiscountly/v1/get-tags-by-discount-idinc\rest-api\TagsApi.php:20

GET/wp-json/nwpdiscountly/v1/search-usersinc\rest-api\UsersApi.php:12

GET/wp-json/nwpdiscountly/v1/search-user-rolesinc\rest-api\UsersApi.php:20

GET/wp-json/nwpdiscountly/v1/get-users-by-discount-idinc\rest-api\UsersApi.php:28

GET/wp-json/nwpdiscountly/v1/get-roles-by-discount-idinc\rest-api\UsersApi.php:36

WordPress Hooks 16

actioninitdiscountly.php:71

actionadmin_enqueue_scriptsinc\admin\AdminAsset.php:6

actionadmin_menuinc\admin\AdminMenu.php:6

actionwoocommerce_cart_calculate_feesinc\discount\CartDiscount.php:7

filterwoocommerce_get_price_htmlinc\discount\GlobalDiscount.php:6

filterwoocommerce_available_variationinc\discount\GlobalDiscount.php:7

filterwoocommerce_product_get_sale_priceinc\discount\GlobalDiscount.php:8

filterwoocommerce_product_variation_get_sale_priceinc\discount\GlobalDiscount.php:9

filterwoocommerce_product_is_on_saleinc\discount\GlobalDiscount.php:10

actionwoocommerce_before_add_to_cart_forminc\discount\GlobalDiscount.php:11

actionwoocommerce_before_calculate_totalsinc\discount\GlobalDiscount.php:12

actionrest_api_initinc\rest-api\CategoriesApi.php:8

actionrest_api_initinc\rest-api\DiscountsApi.php:8

actionrest_api_initinc\rest-api\ProductsApi.php:11

actionrest_api_initinc\rest-api\TagsApi.php:8

actionrest_api_initinc\rest-api\UsersApi.php:8

Maintenance & Trust

Discountly – Discount Manager for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedJul 3, 2025

PHP min version7.4

Downloads368

Community Trust

Rating100/100

Number of ratings1

Active installs20

Alternatives

Discountly – Discount Manager for WooCommerce Alternatives

Discount Rules for WooCommerce

woo-discount-rules

The discount plugin for WooCommerce helps you create bulk discount, quantity discount, storewide sale, dynamic pricing discount offers easily.

100K 4 CVEs

Advanced Dynamic Pricing and Discount Rules for WooCommerce

advanced-dynamic-pricing-for-woocommerce

The discount plugin for WooCommerce supports any dynamic pricing discount: bulk discount, role discount, storewide, bogo, gifts, cart discount

20K 7 CVEs

Conditional Discounts for WooCommerce – A simple yet complete woocommerce dynamic pricing plugin

woo-advanced-discounts

A powerful WooCommerce dynamic pricing plugin for bulk discounts, free gifts, BOGOs, customer role or groups based deals and much more.

10K No CVEs

Dynamic Pricing With Discount Rules for WooCommerce

aco-woo-dynamic-pricing

The Dynamic Pricing With Discount Rules plugin enables bulk discounts for WooCommerce products. Its simple design allows easy setup in minutes.

6K 2 CVEs

Finale Lite – Sales Countdown Timer & Discount for WooCommerce

finale-woocommerce-sales-countdown-timer-discount

Finale lets you create scheduled one time or recurring campaigns. It induces urgency with visual elements such as Countdown Timer and Counter Bar to m …

4K 1 unpatched

Developer Profile

Discountly – Discount Manager for WooCommerce Developer Profile

NikanWP

2 plugins · 80 total installs

trust score

Avg Security Score

89/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Discountly – Discount Manager for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/discountly/build/index.asset.php/wp-content/plugins/discountly/build/index.js/wp-content/plugins/discountly/build/index.css/wp-content/plugins/discountly/build/index-rtl.css

Script Paths

/wp-content/plugins/discountly/build/index.js

Version Parameters

/wp-content/plugins/discountly/build/index.js?ver=/wp-content/plugins/discountly/build/index.css?ver=/wp-content/plugins/discountly/build/index-rtl.css?ver=

HTML / DOM Fingerprints

JS Globals

nwpdiscountly

REST Endpoints

/wp-json/nwpdiscountly/v1/search-categories/wp-json/nwpdiscountly/v1/get-categories-by-discount-id/wp-json/nwpdiscountly/v1/search-tags/wp-json/nwpdiscountly/v1/get-tags-by-discount-id/wp-json/nwpdiscountly/v1/search-products/wp-json/nwpdiscountly/v1/get-products-by-discount-id/wp-json/nwpdiscountly/v1/get-all-discounts/wp-json/nwpdiscountly/v1/get-discount/wp-json/nwpdiscountly/v1/delete-discount/wp-json/nwpdiscountly/v1/save-discount/wp-json/nwpdiscountly/v1/save-settings/wp-json/nwpdiscountly/v1/get-settings/wp-json/nwpdiscountly/v1/search-users

FAQ