Does Easy Digital Downloads – Digital Badge have any unpatched vulnerabilities?

No. All known vulnerabilities in Easy Digital Downloads – Digital Badge have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Easy Digital Downloads – Digital Badge compatible with WordPress 4.7.32?

According to WordPress.org data, Easy Digital Downloads – Digital Badge 1.0 has been tested up to WordPress 4.7.32. Check the plugin's changelog for the latest compatibility information.

How often is Easy Digital Downloads – Digital Badge updated?

Easy Digital Downloads – Digital Badge was last updated on Nov 7, 2016. Frequent updates are generally a positive security signal.

What is Easy Digital Downloads – Digital Badge's security score?

Easy Digital Downloads – Digital Badge has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Easy Digital Downloads – Digital Badge Security & Risk Analysis

wordpress.org/plugins/edd-digital-badge

Allow a product to be marked as Digital and have a badge after it's title to indicate as such.

30 active installs v1.0 PHP + WP 3.0+ Updated Nov 7, 2016

badgesdigital-productsdownloadseasy-digital-downloads

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Easy Digital Downloads – Digital Badge Safe to Use in 2026?

Generally Safe

Score 85/100

Easy Digital Downloads – Digital Badge has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9yr ago

Risk Assessment

The "edd-digital-badge" v1.0 plugin exhibits a strong security posture based on the provided static analysis and vulnerability history. The absence of identified AJAX handlers, REST API routes, shortcodes, or cron events significantly limits the plugin's attack surface. Furthermore, the code signals show no dangerous functions, all SQL queries are prepared, and there are no file operations or external HTTP requests, which are all positive security indicators. The lack of any known CVEs, past or present, and the absence of recorded vulnerability types in its history suggest a well-maintained and secure codebase.

However, a critical concern arises from the output escaping. With 4 total outputs and only 25% properly escaped, this indicates that 75% of the plugin's output is potentially vulnerable to Cross-Site Scripting (XSS) attacks. The complete lack of nonce checks and capability checks, especially in the context of potential future additions to the attack surface, also presents a risk. While the current attack surface is zero, any future functionality introduced without these fundamental security checks could be easily exploited. In conclusion, the plugin is strong in its current limited scope and history, but the significant unescaped output and absence of authorization checks are notable weaknesses that require immediate attention.

Key Concerns

Unescaped output (75% of outputs)
Missing nonce checks
Missing capability checks

Vulnerabilities

None known

Easy Digital Downloads – Digital Badge Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Easy Digital Downloads – Digital Badge Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

1 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

25% escaped4 total outputs

Attack Surface

Easy Digital Downloads – Digital Badge Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 8

filteredd_settings_extensionsedd-digital-badge.php:94

actionplugins_loadededd-digital-badge.php:190

filteredd_metabox_fields_saveincludes\functions.php:23

actionedd_meta_box_settings_fieldsincludes\functions.php:51

filterthe_titleincludes\functions.php:168

actionedd_checkout_table_body_lastincludes\functions.php:197

actionedd_checkout_table_header_lastincludes\functions.php:208

actionwp_enqueue_scriptsincludes\scripts.php:13

Maintenance & Trust

Easy Digital Downloads – Digital Badge Maintenance & Trust

Maintenance Signals

WordPress version tested4.7.32

Last updatedNov 7, 2016

PHP min version

Downloads4K

Community Trust

Rating100/100

Number of ratings1

Active installs30

Alternatives

Easy Digital Downloads – Digital Badge Alternatives

GamiPress – Easy Digital Downloads Points Per Purchase Total

gamipress-edd-points-per-purchase-total

100

Award points based on Easy Digital Downloads purchase total.

20 No CVEs

Bulk Edit Posts and Products in Spreadsheet

wp-sheet-editor-bulk-spreadsheet-editor-for-posts-and-pages

100

Modern Bulk Editor for Posts and Pages, create and edit hundreds of posts at once in a spreadsheet inside wp-admin. Search and quick edits.

9K No CVEs

Premium Packages – Sell Digital Products Securely

wpdm-premium-packages

Premium Packages is a free, full-featured WordPress eCommerce plugin to sell digital products easily and securely.

3K 9 CVEs

AffiliateWP – Affiliate Product Rates

affiliatewp-affiliate-product-rates

100

Allows you to set product referral rates on a per-affiliate level in AffiliateWP.

2K No CVEs

AffiliateWP – Allowed Products

affiliatewp-allowed-products

100

Allows only specific products to generate commission in AffiliateWP.

1K No CVEs

Developer Profile

Easy Digital Downloads – Digital Badge Developer Profile

Syed Balkhi

94 plugins · 23.5M total installs

trust score

Avg Security Score

91/100

Avg Patch Time

795 days

View full developer profile

Detection Fingerprints

How We Detect Easy Digital Downloads – Digital Badge

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/edd-digital-badge/assets/styles.css

HTML / DOM Fingerprints

CSS Classes

edd-db-badge

Data Attributes

name="_edd_db_display_badge"id="_edd_db_display_badge"name="_edd_db_display_subscription_badge"id="_edd_db_display_subscription_badge"

FAQ