Does ELEX WooCommerce Dynamic Pricing and Discounts have any unpatched vulnerabilities?

No. All known vulnerabilities in ELEX WooCommerce Dynamic Pricing and Discounts have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is ELEX WooCommerce Dynamic Pricing and Discounts compatible with WordPress 6.9.4?

According to WordPress.org data, ELEX WooCommerce Dynamic Pricing and Discounts 2.2.6 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is ELEX WooCommerce Dynamic Pricing and Discounts compatible with PHP 7.4+?

ELEX WooCommerce Dynamic Pricing and Discounts requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

What is ELEX WooCommerce Dynamic Pricing and Discounts's security score?

ELEX WooCommerce Dynamic Pricing and Discounts has a WP-Safety security score of 97/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

ELEX WooCommerce Dynamic Pricing and Discounts Security & Risk Analysis

wordpress.org/plugins/elex-woocommerce-dynamic-pricing-and-discounts

Create custom dynamic pricing rules, discounts, and offers based on user roles, cart totals, product categories and more!

900 active installs v2.2.6 PHP 7.4+ WP 3.0.1+ Updated Feb 2, 2026

bulk-discountdynamic-discountdynamic-pricingprice-rulewoocommerce

A · Safe

CVEs total4

Unpatched0

Last CVEDec 23, 2024

Plugin page Download

Safety Verdict

Is ELEX WooCommerce Dynamic Pricing and Discounts Safe to Use in 2026?

Generally Safe

Score 97/100

ELEX WooCommerce Dynamic Pricing and Discounts has a strong security track record. Known vulnerabilities have been patched promptly.

4 known CVEsLast CVE: Dec 23, 2024Updated 2mo ago

Risk Assessment

The plugin exhibits a mixed security posture. While it demonstrates good practices in SQL query sanitization (94% prepared statements) and output escaping (84% properly escaped), there are notable areas of concern. The presence of two AJAX handlers without authentication checks significantly increases the attack surface, posing a risk of unauthorized actions if these endpoints can be triggered by unauthenticated users.

Historically, the plugin has a pattern of medium-severity vulnerabilities, including missing authorization, CSRF, and XSS. Although there are currently no unpatched CVEs, this history suggests a recurring tendency towards flaws in access control and input validation. The taint analysis did not reveal critical or high severity unsanitized paths, which is positive, but the two flows with unsanitized paths, even if not deemed critical in this analysis, warrant attention.

Overall, the plugin has strengths in its use of prepared statements and output escaping. However, the unprotected AJAX endpoints and the historical pattern of medium-severity vulnerabilities, particularly around authorization and input validation, indicate a need for careful review and patching. The current version appears to be free of known unpatched vulnerabilities, but the identified architectural weaknesses and historical trends suggest a moderate risk profile.

Key Concerns

Unprotected AJAX handlers
Historical medium severity CVEs
Flows with unsanitized paths
Limited capability checks

Vulnerabilities

ELEX WooCommerce Dynamic Pricing and Discounts Security Vulnerabilities

CVEs by Year

4 CVEs in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

4 total CVEs

CVE-2024-12266medium · 6.5Missing Authorization

ELEX WooCommerce Dynamic Pricing and Discounts <= 2.1.7 - Missing Authorization

Dec 23, 2024 Patched in 2.1.8 (1d)

CVE-2024-32105medium · 5.3Cross-Site Request Forgery (CSRF)

ELEX WooCommerce Dynamic Pricing and Discounts <= 2.1.2 - Cross-Site Request Forgery

Apr 11, 2024 Patched in 2.1.3 (6d)

CVE-2024-31364medium · 4.3Cross-Site Request Forgery (CSRF)

ELEX WooCommerce Dynamic Pricing and Discounts <= 2.1.2 - Cross-Site Request Forgery

Apr 8, 2024 Patched in 2.1.3 (9d)

CVE-2024-31255medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

ELEX WooCommerce Dynamic Pricing and Discounts <= 2.1.2 - Reflected Cross-Site Scripting

Apr 5, 2024 Patched in 2.1.3 (7d)

Code Analysis

Analyzed Mar 16, 2026

ELEX WooCommerce Dynamic Pricing and Discounts Code Analysis

Dangerous Functions

Raw SQL Queries

16 prepared

Unescaped Output

440 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

94% prepared17 total queries

Output Escaping

84% escaped523 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

7 flows2 with unsanitized paths

elex_dp_export_rules (admin\elex-exporter.php:9)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

ELEX WooCommerce Dynamic Pricing and Discounts Attack Surface

Entry Points4

Unprotected2

AJAX Handlers 3

authwp_ajax_update_rules_arrangementadmin\elex-admin-actions-function.php:115

authwp_ajax_update_coupons_fieldadmin\elex-admin-actions-function.php:173

authwp_ajax_xa_get_attributes_value_for_taxonomyadmin\elex-ajax-function.php:9

Shortcodes 1

[eha_dynamic_pricing_offers_list_short_code] includes\elex-common-functions.php:2

WordPress Hooks 43

actionadmin_initadmin\elex-exporter.php:7

actionadmin_initadmin\elex-importer.php:6

actionadmin_noticesadmin\elex-importer.php:104

actionadmin_noticesadmin\elex-importer.php:123

actionadmin_noticeselex-dynamic-pricing-and-discounts-for-woocommerce-basic-version.php:44

actionbefore_woocommerce_initelex-dynamic-pricing-and-discounts-for-woocommerce-basic-version.php:92

actionupgrader_process_completeelex-dynamic-pricing-and-discounts-for-woocommerce-basic-version.php:115

actioninitelex-dynamic-pricing-and-discounts-for-woocommerce-basic-version.php:122

actioninitelex-dynamic-pricing-and-discounts-for-woocommerce-basic-version.php:123

actionplugins_loadedincludes\elex-dynamic-pricing-plugin.php:85

actionplugins_loadedincludes\elex-dynamic-pricing-plugin.php:160

actionadmin_enqueue_scriptsincludes\elex-dynamic-pricing-plugin.php:185

actionadmin_enqueue_scriptsincludes\elex-dynamic-pricing-plugin.php:186

actionadmin_print_stylesincludes\elex-dynamic-pricing-plugin.php:187

actionadmin_enqueue_scriptsincludes\elex-dynamic-pricing-plugin.php:188

actionadmin_enqueue_scriptsincludes\elex-dynamic-pricing-plugin.php:189

actionadmin_enqueue_scriptsincludes\elex-dynamic-pricing-plugin.php:192

actionadmin_menuincludes\elex-dynamic-pricing-plugin.php:197

actionadmin_noticesincludes\review_and_troubleshoot_notify\review-and-troubleshoot-notify-class.php:20

actionadmin_initincludes\review_and_troubleshoot_notify\review-and-troubleshoot-notify-class.php:21

actionwp_loadedpublic\elex-dynamic-pricing-plugin-public.php:9

actionwp_footerpublic\elex-dynamic-pricing-plugin-public.php:11

actionwoocommerce_cart_calculate_feespublic\elex-dynamic-pricing-plugin-public.php:43

actionwoocommerce_before_calculate_totalspublic\elex-dynamic-pricing-plugin-public.php:44

actionwoocommerce_before_cart_totalspublic\elex-dynamic-pricing-plugin-public.php:46

filterwoocommerce_product_is_on_salepublic\elex-dynamic-pricing-plugin-public.php:126

filterwoocommerce_get_price_htmlpublic\elex-dynamic-pricing-plugin-public.php:170

filterwoocommerce_product_variation_get_pricepublic\elex-dynamic-pricing-plugin-public.php:173

filterwoocommerce_product_variation_get_sale_pricepublic\elex-dynamic-pricing-plugin-public.php:174

filterwoocommerce_cart_item_pricepublic\elex-dynamic-pricing-plugin-public.php:221

actionwc_ajax_get_refreshed_fragmentspublic\elex-dynamic-pricing-plugin-public.php:229

actionwoocommerce_cart_totals_get_fees_from_cart_taxespublic\elex-dynamic-pricing-plugin-public.php:242

actionsave_post_productpublic\elex-dynamic-pricing-plugin-public.php:244

actionwoocommerce_update_product_variationpublic\elex-dynamic-pricing-plugin-public.php:265

actionwoocommerce_cart_calculate_feespublic\elex-new-calculation-handler.php:104

filterwoocommerce_product_variation_get_pricepublic\elex-new-calculation-handler.php:137

actionsave_post_productpublic\elex-new-calculation-handler.php:139

actionwoocommerce_update_productpublic\elex-new-calculation-handler.php:140

actionwoocommerce_after_cart_item_quantity_updatepublic\elex-new-calculation-handler.php:141

filterwoocommerce_product_variation_get_pricepublic\elex-new-calculation-handler.php:277

filterwoocommerce_product_variation_get_sale_pricepublic\elex-new-calculation-handler.php:278

filterwoocommerce_product_variation_get_pricepublic\elex-new-calculation-handler.php:399

filterwoocommerce_product_variation_get_sale_pricepublic\elex-new-calculation-handler.php:400

Maintenance & Trust

ELEX WooCommerce Dynamic Pricing and Discounts Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 2, 2026

PHP min version7.4

Downloads66K

Community Trust

Rating86/100

Number of ratings13

Active installs900

Alternatives

ELEX WooCommerce Dynamic Pricing and Discounts Alternatives

Dynamic Pricing and Discount Rules for WooCommerce

woo-conditional-discount-rules-for-checkout

100

Conditional Discount Rules For WooCommerce Checkout Plugin will help you to create and manage complex discount rules based on your requirement.

800 1 CVE

Dynamic Pricing & Discounts Lite

woo-dynamic-pricing-discounts-lite

Eminent plugin for WooCommerce stores with all type of discounts – dynamic pricing & discounts, category discount, product discount, BOGO rule & more.

500 1 unpatched

PiWeb Conditional Discount / Bulk discounts for WooCommerce

conditional-discount-rule-for-woocommerce

100

Discount woocommerce plugin / Bulk discounts for woocommerce / dynamic pricing rule like product discount, product category discounts etc..

100 No CVEs

Discount Rules for WooCommerce

woo-discount-rules

The discount plugin for WooCommerce helps you create bulk discount, quantity discount, storewide sale, dynamic pricing discount offers easily.

100K 4 CVEs

Advanced Dynamic Pricing and Discount Rules for WooCommerce

advanced-dynamic-pricing-for-woocommerce

The discount plugin for WooCommerce supports any dynamic pricing discount: bulk discount, role discount, storewide, bogo, gifts, cart discount

20K 7 CVEs

Developer Profile

ELEX WooCommerce Dynamic Pricing and Discounts Developer Profile

ELEXtensions

22 plugins · 28K total installs

trust score

Avg Security Score

98/100

Avg Patch Time

53 days

View full developer profile

Detection Fingerprints

How We Detect ELEX WooCommerce Dynamic Pricing and Discounts

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/elex-woocommerce-dynamic-pricing-and-discounts/assets/css/elex-dp-admin-styles.css/wp-content/plugins/elex-woocommerce-dynamic-pricing-and-discounts/assets/js/elex-dp-admin-scripts.js/wp-content/plugins/elex-woocommerce-dynamic-pricing-and-discounts/assets/js/elex-dp-product-bulk-edit.js/wp-content/plugins/elex-woocommerce-dynamic-pricing-and-discounts/assets/js/elex-dp-product-price-settings.js/wp-content/plugins/elex-woocommerce-dynamic-pricing-and-discounts/assets/js/elex-dp-product-rules.js/wp-content/plugins/elex-woocommerce-dynamic-pricing-and-discounts/assets/js/elex-dp-variable-product-price-settings.js/wp-content/plugins/elex-woocommerce-dynamic-pricing-and-discounts/assets/js/elex-dp-woocommerce-cart.js/wp-content/plugins/elex-woocommerce-dynamic-pricing-and-discounts/assets/js/elex-dp-woocommerce-checkout.js+1 more

Script Paths

admin/ui/js/select2.min.jsadmin/ui/js/elex-admin-script.jsadmin/ui/js/elex-product-bulk-edit.jsadmin/ui/js/elex-product-price-settings.jsadmin/ui/js/elex-product-rules.jsadmin/ui/js/elex-variable-product-price-settings.js+3 more

Version Parameters

/wp-content/plugins/elex-woocommerce-dynamic-pricing-and-discounts/assets/css/elex-dp-admin-styles.css?ver=/wp-content/plugins/elex-woocommerce-dynamic-pricing-and-discounts/assets/js/elex-dp-admin-scripts.js?ver=/wp-content/plugins/elex-woocommerce-dynamic-pricing-and-discounts/assets/js/elex-dp-product-bulk-edit.js?ver=/wp-content/plugins/elex-woocommerce-dynamic-pricing-and-discounts/assets/js/elex-dp-product-price-settings.js?ver=/wp-content/plugins/elex-woocommerce-dynamic-pricing-and-discounts/assets/js/elex-dp-product-rules.js?ver=

/wp-content/plugins/elex-woocommerce-dynamic-pricing-and-discounts/assets/js/elex-dp-variable-product-price-settings.js?ver=

/wp-content/plugins/elex-woocommerce-dynamic-pricing-and-discounts/assets/js/elex-dp-woocommerce-cart.js?ver=/wp-content/plugins/elex-woocommerce-dynamic-pricing-and-discounts/assets/js/elex-dp-woocommerce-checkout.js?ver=/wp-content/plugins/elex-woocommerce-dynamic-pricing-and-discounts/assets/js/elex-dp-woocommerce-product.js?ver=

HTML / DOM Fingerprints

CSS Classes

elex-dp-rule-settingelex-dp-add-rule-btnelex-dp-rule-nameelex-dp-rule-priorityelex-dp-rule-statuselex-dp-conditions-wrapelex-dp-conditions-addelex-dp-actions-wrap+7 more

HTML Comments

Data Attributes

data-elex-dp-product-iddata-elex-dp-rule-iddata-elex-dp-cart-item-keydata-elex-dp-rule-type

JS Globals

elex_dp_admin_ajax_objelex_dp_frontend_objelex_dp_wc_cart_obj

FAQ