Does Easy Paypal Buttons have any unpatched vulnerabilities?

No. All known vulnerabilities in Easy Paypal Buttons have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Easy Paypal Buttons compatible with WordPress 5.5.18?

According to WordPress.org data, Easy Paypal Buttons 1.0 has been tested up to WordPress 5.5.18. Check the plugin's changelog for the latest compatibility information.

Is Easy Paypal Buttons compatible with PHP 5.2.4+?

Easy Paypal Buttons requires PHP 5.2.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Easy Paypal Buttons updated?

Easy Paypal Buttons was last updated on Sep 12, 2020. Frequent updates are generally a positive security signal.

What is Easy Paypal Buttons's security score?

Easy Paypal Buttons has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Easy Paypal Buttons Security & Risk Analysis

wordpress.org/plugins/easy-paypal-buttons

Easy PayPal Buttons Provide Buy, Donate and Subscribe functionality. It Works With Any type of Paypal account. Super Easy to Use and Setup.

10 active installs v1.0 PHP 5.2.4+ WP 3.8+ Updated Sep 12, 2020

paypal-buy-buttonpaypal-donate-buttonpaypal-subscribe-button

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Easy Paypal Buttons Safe to Use in 2026?

Generally Safe

Score 85/100

Easy Paypal Buttons has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago

Risk Assessment

The "easy-paypal-buttons" v1.0 plugin exhibits a generally positive security posture with no recorded vulnerabilities or critical code signals. The absence of dangerous functions, raw SQL queries, file operations, external HTTP requests, and the use of prepared statements for all SQL queries are strong indicators of good development practices. The plugin also has a minimal attack surface, with only one shortcode and no unprotected entry points identified.

However, a significant concern lies in the output escaping. With 107 total outputs and only 36% properly escaped, there is a high risk of Cross-Site Scripting (XSS) vulnerabilities. This lack of proper sanitization allows untrusted data to be rendered directly in the browser, potentially enabling attackers to inject malicious scripts. Additionally, the absence of nonce checks and capability checks, while not explicitly flagged as an issue due to the limited attack surface and lack of auth checks on entry points, suggests a reliance on WordPress's core security for its single shortcode, which might not be sufficient in all contexts.

The vulnerability history showing zero known CVEs is reassuring and suggests a maintainer who addresses security issues promptly or a plugin that has historically been secure. Despite the strong foundation, the prevalent output escaping deficiency presents a clear and present danger that requires immediate attention to mitigate XSS risks.

Key Concerns

Insufficient output escaping (36% proper)
No nonce checks implemented
No capability checks implemented

Vulnerabilities

None known

Easy Paypal Buttons Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Easy Paypal Buttons Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

38 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

36% escaped107 total outputs

Attack Surface

Easy Paypal Buttons Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[easy_paypal_button] index.php:20

WordPress Hooks 3

actionadmin_enqueue_scriptsadmin\admin.php:12

actionadmin_enqueue_scriptsadmin\admin.php:16

actionadmin_menuadmin\admin.php:32

Maintenance & Trust

Easy Paypal Buttons Maintenance & Trust

Maintenance Signals

WordPress version tested5.5.18

Last updatedSep 12, 2020

PHP min version5.2.4

Downloads1K

Community Trust

Rating100/100

Number of ratings2

Active installs10

Alternatives

Easy Paypal Buttons Alternatives

No alternatives data available yet.

Developer Profile

Easy Paypal Buttons Developer Profile

Creative Salahu

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Easy Paypal Buttons

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/easy-paypal-buttons/admin/imgs/buy/b27.png/wp-content/plugins/easy-paypal-buttons/admin/imgs/d26.png/wp-content/plugins/easy-paypal-buttons/admin/imgs/subs/s3.PNG/wp-content/plugins/easy-paypal-buttons/admin/css/style.css/wp-content/plugins/easy-paypal-buttons/admin/font-awesome/css/font-awesome.min.css/wp-content/plugins/easy-paypal-buttons/admin/js/logic.js/wp-content/plugins/easy-paypal-buttons/admin/js/custom-script.js

Script Paths

/wp-content/plugins/easy-paypal-buttons/admin/js/logic.js/wp-content/plugins/easy-paypal-buttons/admin/js/custom-script.js

HTML / DOM Fingerprints

CSS Classes

easy-paypal-btn-tabnav-tab-wrappereasy-paypal-btn-navnav-tabnav-tab-activeeasy-paypal-btnTabsgen-setttab-1field-layout+16 more

HTML Comments

/*
** adding necessarey files
*/

+6 more

Data Attributes

data-tab="first"data-tab="second"data-tab="third"

JS Globals

easy_paypal_button

Shortcode Output

[easy_paypal_button email="" currency="usd" donation_amount="" return_url="" item_name="" btn_type="" img_id="" max-width="" ]

FAQ