WP-Safety

Easy Digital Downloads – Additional Shortcodes Security & Risk Analysis

wordpress.org/plugins/edd-additional-shortcodes

Add powerful conditional page content support to WordPress based on Easy Digital Downloads conditions.

400 active installs v1.4.2 PHP 5.3+ WP 4.9+ Updated Nov 2, 2022
conditional-logiceasy-digital-downloadslanding-pageshopping-cartshortcodes
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Easy Digital Downloads – Additional Shortcodes Safe to Use in 2026?

Generally Safe

Score 85/100

Easy Digital Downloads – Additional Shortcodes has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago
Risk Assessment

The static analysis of "edd-additional-shortcodes" v1.4.2 reveals a generally strong security posture. The code demonstrates excellent practices by exclusively using prepared statements for SQL queries and ensuring all outputs are properly escaped. The absence of dangerous functions, file operations, and external HTTP requests further contributes to a reduced attack surface. Taint analysis shows no critical or high severity flows, indicating that user-supplied data is likely handled safely within the analyzed code paths.

However, the plugin's security is not without potential concerns. The presence of 12 shortcodes, while not inherently a vulnerability, represents a significant attack surface. The static analysis report indicates that none of these shortcodes have explicit capability checks or nonce checks. This lack of authorization and validation on shortcode execution could potentially be exploited if the shortcodes themselves contain logic that can be manipulated by unauthenticated or unauthorized users, especially if they interact with other plugin features or WordPress core in sensitive ways.

The plugin's vulnerability history is remarkably clean, with zero known CVEs. This suggests a consistent track record of secure development or a lack of targeted attacks. While this is a positive indicator, the absence of capability and nonce checks on the shortcodes remains a weakness that could be a blind spot for both developers and security researchers, potentially leading to future vulnerabilities if not addressed.

Key Concerns

  • Shortcodes lack capability checks
  • Shortcodes lack nonce checks
Vulnerabilities
None known

Easy Digital Downloads – Additional Shortcodes Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Easy Digital Downloads – Additional Shortcodes Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
0 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0
Attack Surface

Easy Digital Downloads – Additional Shortcodes Attack Surface

Entry Points12
Unprotected0

Shortcodes 12

[edd_has_active_licenses] includes\integrations\software-licensing.php:10
[edd_has_expired_licenses] includes\integrations\software-licensing.php:11
[edd_has_all_expired_licenses] includes\integrations\software-licensing.php:12
[edd_cart_has_contents] includes\shortcodes.php:10
[edd_items_in_cart] includes\shortcodes.php:11
[edd_items_not_in_cart] includes\shortcodes.php:12
[edd_cart_is_empty] includes\shortcodes.php:13
[edd_user_has_purchases] includes\shortcodes.php:14
[edd_user_has_purchased] includes\shortcodes.php:15
[edd_user_has_no_purchases] includes\shortcodes.php:16
[edd_is_user_logged_in] includes\shortcodes.php:17
[edd_is_user_logged_out] includes\shortcodes.php:18
Maintenance & Trust

Easy Digital Downloads – Additional Shortcodes Maintenance & Trust

Maintenance Signals

WordPress version tested6.1.10
Last updatedNov 2, 2022
PHP min version5.3
Downloads11K

Community Trust

Rating90/100
Number of ratings2
Active installs400
Alternatives

Easy Digital Downloads – Additional Shortcodes Alternatives

EDD Hide Download

EDD Hide Download

edd-hide-download

A
85

Hide the default Easy Digital Downloads product page from the user, and redirect them to a custom page.

600 No CVEs
Easy Digital Downloads – Empty Cart

Easy Digital Downloads – Empty Cart

easy-digital-downloads-empty-cart

A
85

Easily add content to the empty cart display in Easy Digital Downloads.

90 No CVEs
Easy Digital Downloads – Continue Shopping

Easy Digital Downloads – Continue Shopping

easy-digital-downloads-continue-shopping

A
85

Adds a Continue Shopping link to the Easy Digital Downloads checkout cart.

70 No CVEs
Easy Digital Downloads – Clear Cart

Easy Digital Downloads – Clear Cart

easy-digital-downloads-clear-cart

A
85

Adds a Clear Cart link to the Easy Digital Downloads checkout cart.

20 No CVEs
Elementor Website Builder – More Than Just a Page Builder

Elementor Website Builder – More Than Just a Page Builder

elementor

A
88

The Elementor Website Builder has it all: drag and drop page builder, pixel perfect design, mobile responsive editing, and more. Get started now!

10.0M 45 CVEs
Developer Profile

Easy Digital Downloads – Additional Shortcodes Developer Profile

Chris Klosowski

9 plugins · 860 total installs

85
trust score
Avg Security Score
87/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Easy Digital Downloads – Additional Shortcodes

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/edd-additional-shortcodes/includes/shortcodes.php/wp-content/plugins/edd-additional-shortcodes/includes/integrations/software-licensing.php/wp-content/plugins/edd-additional-shortcodes/includes/backwards-compatibility.php

HTML / DOM Fingerprints

Shortcode Output
[edd_cart_has_contents][edd_items_in_cart][edd_items_not_in_cart][edd_cart_is_empty]
FAQ

Frequently Asked Questions about Easy Digital Downloads – Additional Shortcodes