WP-Safety

User Admin Purchases Column for Easy Digital Downloads Security & Risk Analysis

wordpress.org/plugins/edd-user-admin-purchases-column

See basic statistics of customers for the Easy Digital Downloads e-commerce plugin.

0 active installs v1.0.6 PHP 7.0+ WP 4.1+ Updated Jan 10, 2026
customer-statisticseasy-digital-downloadseddstatistics
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is User Admin Purchases Column for Easy Digital Downloads Safe to Use in 2026?

Generally Safe

Score 100/100

User Admin Purchases Column for Easy Digital Downloads has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago
Risk Assessment

The security analysis of "edd-user-admin-purchases-column" v1.0.6 indicates a generally good security posture with no immediately obvious critical vulnerabilities identified in the static analysis or vulnerability history. The absence of identified CVEs and the lack of dangerous functions or file operations are positive signs. The plugin also demonstrates responsible use of prepared statements for SQL queries.

However, a significant concern arises from the output escaping analysis. With three total outputs and zero properly escaped, this presents a high risk of Cross-Site Scripting (XSS) vulnerabilities. Any user-supplied data displayed on the frontend or admin area could potentially be injected with malicious scripts, leading to session hijacking or other attacks. The lack of nonce checks and capability checks, while not directly flagged as issues in this specific analysis, are important security mechanisms that should be considered for any plugin with user interaction points, especially if the attack surface were to expand.

Given the current data, the primary risk lies in the unescaped output. While the plugin has a clean vulnerability history, the potential for XSS due to improper output sanitization is a serious concern that needs immediate attention. Developers should prioritize implementing proper escaping functions for all output to mitigate this risk.

Key Concerns

  • 0% of outputs are properly escaped
Vulnerabilities
None known

User Admin Purchases Column for Easy Digital Downloads Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

User Admin Purchases Column for Easy Digital Downloads Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
3
0 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

0% escaped3 total outputs
Attack Surface

User Admin Purchases Column for Easy Digital Downloads Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 5
filtermanage_users_columnsedd-user-admin-purchases-column.php:55
filtermanage_users_custom_columnedd-user-admin-purchases-column.php:91
actionshow_user_profileedd-user-admin-purchases-column.php:163
actionedit_user_profileedd-user-admin-purchases-column.php:164
actionadmin_initedd-user-admin-purchases-column.php:177
Maintenance & Trust

User Admin Purchases Column for Easy Digital Downloads Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 10, 2026
PHP min version7.0
Downloads2K

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

User Admin Purchases Column for Easy Digital Downloads Alternatives

EDD Metrics

EDD Metrics

edd-metrics

A
85

Better reports for Easy Digital Downloads, similar to Baremetrics.

80 No CVEs
Easy Digital Downloads – Geckoboard

Easy Digital Downloads – Geckoboard

edd-geckoboard

A
100

Allow site owners to display EDD statistics through Geckoboard

10 No CVEs
Easy Digital Downloads Free Link

Easy Digital Downloads Free Link

easy-digital-downloads-free-link

A
100

replace EDD add-to-cart button with download link when product is free

1K No CVEs
EDD Auto Register

EDD Auto Register

edd-auto-register

A
92

Automatically creates a WP user account at checkout, based on customer's email address.

1K No CVEs
Easy Digital Downloads Featured Downloads

Easy Digital Downloads Featured Downloads

edd-featured-downloads

A
100

Easily feature your downloads

1K No CVEs
Developer Profile

User Admin Purchases Column for Easy Digital Downloads Developer Profile

Marcel Pol

18 plugins · 82K total installs

78
trust score
Avg Security Score
99/100
Avg Patch Time
1119 days
View full developer profile
Detection Fingerprints

How We Detect User Admin Purchases Column for Easy Digital Downloads

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

CSS Classes
edd-uapc
FAQ

Frequently Asked Questions about User Admin Purchases Column for Easy Digital Downloads