Does Dynamic Donation paypal payflow have any unpatched vulnerabilities?

No. All known vulnerabilities in Dynamic Donation paypal payflow have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Dynamic Donation paypal payflow compatible with WordPress 5.0.25?

According to WordPress.org data, Dynamic Donation paypal payflow 1.0 has been tested up to WordPress 5.0.25. Check the plugin's changelog for the latest compatibility information.

How often is Dynamic Donation paypal payflow updated?

Dynamic Donation paypal payflow was last updated on Jan 25, 2019. Frequent updates are generally a positive security signal.

What is Dynamic Donation paypal payflow's security score?

Dynamic Donation paypal payflow has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Dynamic Donation paypal payflow Security & Risk Analysis

wordpress.org/plugins/dynamic-donation

Create Donation form by adding various type of fields, export form html to theme directory, paypal,payflow and paypal pro.

10 active installs v1.0 PHP + WP 3.3+ Updated Jan 25, 2019

donationdonation-formpayflow-pro-donationpaypal-donationpaypal-website-pro-donation

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Dynamic Donation paypal payflow Safe to Use in 2026?

Generally Safe

Score 85/100

Dynamic Donation paypal payflow has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7yr ago

Risk Assessment

The 'dynamic-donation' plugin v1.0 exhibits a concerning security posture due to a significant number of unprotected entry points. While the plugin doesn't appear to use dangerous functions or make external HTTP requests that are immediately flagged as risky, the static analysis reveals that all 4 AJAX handlers are exposed without authentication or capability checks. This presents a substantial attack surface, allowing any authenticated user to potentially interact with these handlers without proper authorization. Furthermore, the taint analysis indicates 4 high-severity flows with unsanitized paths, which, when combined with the unprotected AJAX handlers, strongly suggests the possibility of vulnerabilities such as Cross-Site Scripting (XSS) or other injection attacks if user input is not adequately validated and sanitized before use within these flows.

The plugin's vulnerability history is notably clean, with no known CVEs. This might suggest that the plugin has not been a target of extensive security research or that its current implementation, despite the identified weaknesses, hasn't led to publicly disclosed vulnerabilities. However, the absence of past vulnerabilities should not be taken as a guarantee of future security, especially given the clear indicators of risk from the static analysis. The lack of nonce checks and capability checks on the AJAX handlers are critical oversights that directly contribute to the high-risk findings.

In conclusion, 'dynamic-donation' v1.0 has several critical security weaknesses that outweigh its lack of historical vulnerabilities. The unprotected AJAX endpoints and high-severity unsanitized taint flows are significant concerns that require immediate attention. While the absence of dangerous functions and external HTTP request issues are positive signs, they are overshadowed by the critical entry point vulnerabilities. It is strongly recommended that these issues be addressed before the plugin is widely deployed or used in production environments.

Key Concerns

Unprotected AJAX handlers
High severity taint flows with unsanitized paths
Missing nonce checks on AJAX
Missing capability checks
Unescaped output

Vulnerabilities

None known

Dynamic Donation paypal payflow Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Dynamic Donation paypal payflow Code Analysis

Dangerous Functions

Raw SQL Queries

6 prepared

Unescaped Output

10 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

55% prepared11 total queries

Output Escaping

50% escaped20 total outputs

Data Flows

5 unsanitized

Data Flow Analysis

5 flows5 with unsanitized paths

process_payment (wp-dynamic-donation.php:238)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

4 unprotected

Dynamic Donation paypal payflow Attack Surface

Entry Points5

Unprotected4

AJAX Handlers 4

authwp_ajax_ddf_field_statuswp-dynamic-donation.php:46

authwp_ajax_ddf_field_newwp-dynamic-donation.php:48

authwp_ajax_ddf_field_deletewp-dynamic-donation.php:50

authwp_ajax_ddf_field_editwp-dynamic-donation.php:52

Shortcodes 1

[render_donation_form] wp-dynamic-donation.php:64

WordPress Hooks 6

actionadmin_menuwp-dynamic-donation.php:42

actioninitwp-dynamic-donation.php:44

actionadmin_headwp-dynamic-donation.php:56

actionadmin_initwp-dynamic-donation.php:62

actiontemplate_redirectwp-dynamic-donation.php:66

actionadd_meta_boxeswp-dynamic-donation.php:68

Maintenance & Trust

Dynamic Donation paypal payflow Maintenance & Trust

Maintenance Signals

WordPress version tested5.0.25

Last updatedJan 25, 2019

PHP min version

Downloads2K

Community Trust

Rating100/100

Number of ratings1

Active installs10

Alternatives

Dynamic Donation paypal payflow Alternatives

Stripe Payment Forms by WP Full Pay – Accept Credit Card Payments, Donations & Subscriptions

wp-full-stripe-free

🚀 Create Stripe payment forms for WordPress. Accept credit cards, Apple Pay, donations, subscriptions & more. Easy setup, no coding needed!

10K 5 CVEs

Easy Accept Payments via PayPal

wordpress-easy-paypal-payment-or-donation-accept-plugin

Easy to use Wordpress plugin to accept PayPal payments for a service or product or donation in one click

7K 2 CVEs

CP Contact Form with PayPal

cp-contact-form-with-paypal

Easily create contact forms with integrated PayPal payments. Accept service payments, orders, and more with a drag-and-drop form builder.

900 7 CVEs

AidWP – Donation & Payment Forms (Stripe Powered)

wp-stripe-donation

Create fast donation and payment forms. Accept payments on WordPress with Stripe — no WooCommerce required.

900 2 CVEs

Accept PayPal Payments using Contact Form 7

contact-form-7-paypal-extension

100

Integrate PayPal Submit button in Contact Form 7 to Enjoy Quick Online Payments.

600 No CVEs

Developer Profile

Dynamic Donation paypal payflow Developer Profile

faaiq

6 plugins · 630 total installs

trust score

Avg Security Score

89/100

Avg Patch Time

498 days

View full developer profile

Detection Fingerprints

How We Detect Dynamic Donation paypal payflow

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/dynamic-donation/css/ddf_style.css/wp-content/plugins/dynamic-donation/js/ddf_script.js

Script Paths

/wp-content/plugins/dynamic-donation/js/ddf_script.js

Version Parameters

dynamic-donation/css/ddf_style.css?ver=dynamic-donation/js/ddf_script.js?ver=

HTML / DOM Fingerprints

CSS Classes

ddf_fields_tabledonate_formdonation-form-submission

HTML Comments

Data Attributes

data-post-iddata-donation-amount

JS Globals

window.ddf_ajax_url

Shortcode Output

[render_donation_form]

FAQ