WP-Safety

Easy Digital Downloads – Coming Soon Security & Risk Analysis

wordpress.org/plugins/edd-coming-soon

Allows Coming Soon or Custom Status text instead of normal pricing for downloads in Easy Digital Downloads.

100 active installs v1.3.3 PHP + WP 3.3+ Updated Sep 19, 2017
coming-soondigital-downloadse-downloadseasy-digital-downloadsedd
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Easy Digital Downloads – Coming Soon Safe to Use in 2026?

Generally Safe

Score 85/100

Easy Digital Downloads – Coming Soon has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8yr ago
Risk Assessment

The "edd-coming-soon" plugin version 1.3.3 demonstrates a generally positive security posture, with a limited attack surface and a lack of known critical vulnerabilities. The plugin adheres to some good security practices, such as using prepared statements for all SQL queries and performing a nonce check on its sole entry point. There are no recorded vulnerabilities or CVEs for this plugin, which is a strong indicator of past security diligence.

However, there are areas for improvement. The low percentage of properly escaped output (31%) is a significant concern, as it suggests a high risk of Cross-Site Scripting (XSS) vulnerabilities. While no specific XSS flows were identified in the limited taint analysis, the lack of proper output sanitization across a substantial portion of the code is a latent threat. Additionally, the absence of capability checks on the identified shortcode is a weakness, as it may allow unauthorized users to interact with plugin functionalities.

Overall, "edd-coming-soon" v1.3.3 is in a relatively secure state due to its limited attack surface and clean vulnerability history. The primary concern lies with the output escaping, which presents a tangible risk of XSS if not addressed. The lack of capability checks on the shortcode also warrants attention to ensure robust access control.

Key Concerns

  • Low percentage of properly escaped output
  • No capability checks on shortcode
Vulnerabilities
None known

Easy Digital Downloads – Coming Soon Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Easy Digital Downloads – Coming Soon Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
18
8 escaped
Nonce Checks
1
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

31% escaped26 total outputs
Data Flows
All sanitized

Data Flow Analysis

2 flows
increment_votes (edd-coming-soon.php:354)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Easy Digital Downloads – Coming Soon Attack Surface

Entry Points1
Unprotected0

Shortcodes 1

[edd_cs_vote] edd-coming-soon.php:235
WordPress Hooks 15
actionedd_download_afteredd-coming-soon.php:203
actionedd_pre_add_to_cartedd-coming-soon.php:206
actioninitedd-coming-soon.php:209
actionwp_footeredd-coming-soon.php:212
actionedd_after_download_contentedd-coming-soon.php:215
filteredd_purchase_download_formedd-coming-soon.php:218
actionplugins_loadededd-coming-soon.php:538
actionadmin_noticesincludes\class-activation.php:66
actionedd_meta_box_settings_fieldsincludes\class-admin.php:17
actionwp_dashboard_setupincludes\class-admin.php:20
actionadmin_enqueue_scriptsincludes\class-admin.php:23
actionedd_save_downloadincludes\class-admin.php:26
filteredd_download_priceincludes\class-admin.php:29
filteredd_price_rangeincludes\class-admin.php:32
filteredd_metabox_fields_saveincludes\class-admin.php:35
Maintenance & Trust

Easy Digital Downloads – Coming Soon Maintenance & Trust

Maintenance Signals

WordPress version tested4.8.28
Last updatedSep 19, 2017
PHP min version
Downloads15K

Community Trust

Rating90/100
Number of ratings4
Active installs100
Alternatives

Easy Digital Downloads – Coming Soon Alternatives

EDD Auto Register

EDD Auto Register

edd-auto-register

A
92

Automatically creates a WP user account at checkout, based on customer's email address.

1K No CVEs
Easy Digital Downloads Featured Downloads

Easy Digital Downloads Featured Downloads

edd-featured-downloads

A
100

Easily feature your downloads

1K No CVEs
EDD Downloads As Services

EDD Downloads As Services

edd-downloads-as-services

A
85

Mark Downloads As Services in Easy Digital Downloads

200 No CVEs
Easy Digital Downloads – Blocks

Easy Digital Downloads – Blocks

edd-blocks

A
85

EDD Blocks adds a "Downloads" block to the new WordPress editor, also known as Gutenberg.

100 No CVEs
EDD Download Images

EDD Download Images

edd-download-images

A
85

Easily add extra download images and display them.

100 No CVEs
Developer Profile

Easy Digital Downloads – Coming Soon Developer Profile

Andrew Munro / AffiliateWP

17 plugins · 3K total installs

71
trust score
Avg Security Score
88/100
Avg Patch Time
3200 days
View full developer profile
Detection Fingerprints

How We Detect Easy Digital Downloads – Coming Soon

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/edd-coming-soon/css/edd-coming-soon-admin.css/wp-content/plugins/edd-coming-soon/css/edd-coming-soon.css/wp-content/plugins/edd-coming-soon/js/edd-coming-soon.js
Script Paths
/wp-content/plugins/edd-coming-soon/js/edd-coming-soon.js
Version Parameters
edd-coming-soon/css/edd-coming-soon-admin.css?ver=edd-coming-soon/css/edd-coming-soon.css?ver=edd-coming-soon/js/edd-coming-soon.js?ver=

HTML / DOM Fingerprints

CSS Classes
edd-coming-soon-noticeedd-coming-soon-voting-wrapperedd-coming-soon-voting-buttonedd_cs_vote_formedd_cs_vote_description
Data Attributes
data-edd-cs-vote-iddata-edd-cs-vote-nonce
JS Globals
edd_coming_soon_ajax_object
Shortcode Output
[edd_cs_vote
FAQ

Frequently Asked Questions about Easy Digital Downloads – Coming Soon