WP-Safety

Bitcoin Easy Digital Downloads – Blockonomics Security & Risk Analysis

wordpress.org/plugins/edd-blockonomics

Accept bitcoin payments and altcoins on your Easy Digital Downloads website. Bitcoin payments go directly to your wallet.

10 active installs v1.4 PHP + WP 4.6+ Updated Dec 22, 2023
accept-bitcoinbitcoinbitcoin-paymentseasy-digital-downloadsedd
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Bitcoin Easy Digital Downloads – Blockonomics Safe to Use in 2026?

Generally Safe

Score 85/100

Bitcoin Easy Digital Downloads – Blockonomics has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2yr ago
Risk Assessment

The "edd-blockonomics" plugin version 1.4 presents a mixed security posture. On the positive side, it demonstrates good practices regarding SQL queries, exclusively using prepared statements, and has no known past vulnerabilities or unpatched CVEs. However, significant concerns arise from the static analysis. The plugin has a single entry point identified as an AJAX handler, which importantly lacks any authentication checks. This is a major security flaw, as it allows unauthenticated users to potentially interact with sensitive functionalities. Furthermore, the output escaping is critically low at only 4%, meaning a large percentage of data processed and displayed by the plugin is not properly sanitized, opening the door for cross-site scripting (XSS) vulnerabilities. The taint analysis also indicated a flow with unsanitized paths, though without a critical or high severity, suggesting a potential for manipulation but not an immediate critical exploit. In conclusion, while the plugin benefits from a clean vulnerability history and secure SQL handling, the unprotected AJAX handler and severely lacking output escaping create substantial risks that require immediate attention.

Key Concerns

  • AJAX handler without auth checks
  • Low output escaping percentage
  • Taint flow with unsanitized paths
  • No nonce checks on AJAX
  • No capability checks
Vulnerabilities
None known

Bitcoin Easy Digital Downloads – Blockonomics Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Bitcoin Easy Digital Downloads – Blockonomics Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
68
3 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
2
Bundled Libraries
0

Output Escaping

4% escaped71 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

1 flows1 with unsanitized paths
<track> (track.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

Bitcoin Easy Digital Downloads – Blockonomics Attack Surface

Entry Points1
Unprotected1

AJAX Handlers 1

authwp_ajax_testsetupedd-blockonomics.php:60
WordPress Hooks 14
actionedd_gateway_blockonomicsedd-blockonomics.php:57
actioninitedd-blockonomics.php:58
actionedd_blockonomics_cc_formedd-blockonomics.php:59
filteredd_payment_gatewaysedd-blockonomics.php:61
filteredd_currenciesedd-blockonomics.php:62
filteredd_sanitize_amount_decimalsedd-blockonomics.php:63
filteredd_format_amount_decimalsedd-blockonomics.php:64
filteredd_settings_gatewaysedd-blockonomics.php:65
filteredd_settings_sections_gatewaysedd-blockonomics.php:66
filteredd_accepted_payment_iconsedd-blockonomics.php:67
filteredd_view_order_details_payment_meta_afteredd-blockonomics.php:68
actionplugins_loadededd-blockonomics.php:904
filteredd_update_optionedd-blockonomics.php:906
actionplugins_loadededd-blockonomics.php:950
Maintenance & Trust

Bitcoin Easy Digital Downloads – Blockonomics Maintenance & Trust

Maintenance Signals

WordPress version tested6.4.8
Last updatedDec 22, 2023
PHP min version
Downloads6K

Community Trust

Rating100/100
Number of ratings4
Active installs10
Alternatives

Bitcoin Easy Digital Downloads – Blockonomics Alternatives

Bitcoin Payments – Blockonomics

Bitcoin Payments – Blockonomics

blockonomics-bitcoin-payments

A
99

Accept Bitcoin/USDT payments on your WooCommerce website. Crypto payments go directly to your wallet.

3K 2 CVEs
GoUrl Bitcoin Payment Gateway & Paid Downloads & Membership

GoUrl Bitcoin Payment Gateway & Paid Downloads & Membership

gourl-bitcoin-payment-gateway-paid-downloads-membership

C
62

GoUrl Official Bitcoin/Altcoin Payment Gateway for Wordpress. Accept Bitcoin, Bitcoin Cash, Litecoin, Dash, Dogecoin, etc. Payments Online

900 1 unpatched
GoUrl WooCommerce – Bitcoin Altcoin Payment Gateway Addon

GoUrl WooCommerce – Bitcoin Altcoin Payment Gateway Addon

gourl-woocommerce-bitcoin-altcoin-payment-gateway-addon

A
85

Provides Bitcoin/Altcoin Payment Gateway for WooCommerce 2.1+ or higher. White Label Product. Accept Bitcoin, Bitcoin Cash, Bitcoin SV, Litecoin, Dash &hellip;

700 No CVEs
Speed Bitcoin and Stablecoin Payments for WooCommerce

Speed Bitcoin and Stablecoin Payments for WooCommerce

speed-accept-bitcoin-payments

A
100

Start accepting bitcoin or stablecoin payments instantly on your platform using Speed, without exchange rate volatility risk.

80 No CVEs
GoUrl Easy Digital Downloads (EDD) – Bitcoin Altcoin Payment Gateway

GoUrl Easy Digital Downloads (EDD) – Bitcoin Altcoin Payment Gateway

gourl-bitcoin-easy-digital-downloads-edd

A
85

Provides Bitcoin/Altcoin Payment Gateway for Easy Digital Downloads (EDD) 2.4 or higher. Accept Bitcoin, Bitcoin Cash, Litecoin, Dogecoin, Dash, etc o &hellip;

50 No CVEs
Developer Profile

Bitcoin Easy Digital Downloads – Blockonomics Developer Profile

blockonomics

2 plugins · 3K total installs

73
trust score
Avg Security Score
92/100
Avg Patch Time
676 days
View full developer profile
Detection Fingerprints

How We Detect Bitcoin Easy Digital Downloads – Blockonomics

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/edd-blockonomics/img/bitcoin.png
Version Parameters
edd-blockonomics/style.css?ver=edd-blockonomics/js/blockonomics.js?ver=

HTML / DOM Fingerprints

CSS Classes
edd-order-tx-idedd-admin-box-insidelabel
Data Attributes
data-plugin-name="edd-blockonomics"data-plugin-version="1.4"
JS Globals
blockonomics_payment_params
REST Endpoints
/wp-json/edd-blockonomics/v1/testsetup
Shortcode Output
[blockonomics_checkout][blockonomics_payment_status]
FAQ

Frequently Asked Questions about Bitcoin Easy Digital Downloads – Blockonomics