WP-Safety

FraudLabs Pro for Easy Digital Downloads Security & Risk Analysis

wordpress.org/plugins/fraudlabs-pro-for-easy-digital-downloads

Description: Fraud prevention plugin for Easy Digital Downloads to help businesses minimize payment fraud and chargebacks.

0 active installs v2.4.6 PHP + WP 4.6+ Updated Dec 9, 2025
chargebackeasy-digital-downloadseddfraud-preventionfraudlabspro
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is FraudLabs Pro for Easy Digital Downloads Safe to Use in 2026?

Generally Safe

Score 100/100

FraudLabs Pro for Easy Digital Downloads has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago
Risk Assessment

The security posture of the "fraudlabs-pro-for-easy-digital-downloads" plugin v2.4.6 appears generally good in terms of its attack surface and vulnerability history. All identified entry points (AJAX handlers) have authentication checks, and there are no known CVEs associated with this plugin, suggesting a history of responsible development and patching. The absence of bundled libraries also reduces the risk of introducing outdated components with known vulnerabilities.

However, there are several areas of concern highlighted by the static analysis. The significant percentage of SQL queries not using prepared statements is a critical risk, potentially exposing the database to SQL injection vulnerabilities. Additionally, the taint analysis reveals flows with unsanitized paths, which, while not classified as critical or high severity in this instance, still represent a risk of insecure data handling. The relatively low percentage of properly escaped output, coupled with file operations and external HTTP requests, could be vectors for cross-site scripting (XSS) or other injection attacks if not handled with extreme care.

In conclusion, while the plugin benefits from a clean vulnerability history and a well-controlled attack surface, the static analysis points to potential weaknesses in data handling, particularly concerning SQL queries and unsanitized paths. The developers should prioritize addressing these code-level risks to strengthen the plugin's overall security.

Key Concerns

  • SQL queries not using prepared statements
  • Flows with unsanitized paths identified
  • Low percentage of properly escaped output
Vulnerabilities
None known

FraudLabs Pro for Easy Digital Downloads Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

FraudLabs Pro for Easy Digital Downloads Code Analysis

Dangerous Functions
0
Raw SQL Queries
1
0 prepared
Unescaped Output
7
15 escaped
Nonce Checks
4
Capability Checks
0
File Operations
2
External Requests
7
Bundled Libraries
0

SQL Query Safety

0% prepared1 total queries

Output Escaping

68% escaped22 total outputs
Data Flows
3 unsanitized

Data Flow Analysis

4 flows3 with unsanitized paths
edd_fraudlabspro_process_purchase (includes\class.edd-fraudlabspro.php:497)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

FraudLabs Pro for Easy Digital Downloads Attack Surface

Entry Points3
Unprotected0

AJAX Handlers 3

authwp_ajax_fraudlabspro_edd_submit_feedbackincludes\class.edd-fraudlabspro.php:31
authwp_ajax_fraudlabspro_edd_validate_api_keyincludes\class.edd-fraudlabspro.php:32
authwp_ajax_fraudlabspro_edd_create_test_orderincludes\class.edd-fraudlabspro.php:33
WordPress Hooks 15
actionadmin_enqueue_scriptsincludes\class.edd-fraudlabspro.php:27
actionadmin_footer_textincludes\class.edd-fraudlabspro.php:28
actionadmin_menuincludes\class.edd-fraudlabspro.php:29
actionadmin_noticesincludes\class.edd-fraudlabspro.php:30
actionwp_loadedincludes\class.edd-fraudlabspro.php:34
actionedd_checkout_error_checksincludes\class.edd-fraudlabspro.php:37
actionedd_purchase_form_bottomincludes\class.edd-fraudlabspro.php:38
actionedd_payment_view_detailsincludes\class.edd-fraudlabspro.php:39
actionedd_update_payment_statusincludes\class.edd-fraudlabspro.php:40
actionedd_update_payment_statusincludes\class.edd-fraudlabspro.php:592
actionedd_update_payment_statusincludes\class.edd-fraudlabspro.php:597
actionedd_insert_paymentincludes\class.edd-fraudlabspro.php:608
actionplugins_loadedinit.php:22
actionadmin_initinit.php:28
actionadmin_noticesinit.php:44
Maintenance & Trust

FraudLabs Pro for Easy Digital Downloads Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedDec 9, 2025
PHP min version
Downloads5K

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

FraudLabs Pro for Easy Digital Downloads Alternatives

FraudLabs Pro for WooCommerce

FraudLabs Pro for WooCommerce

fraudlabs-pro-for-woocommerce

A
98

Fraud prevention plugin for WooCommerce to minimize payment fraud and avoid chargebacks. With the FraudLabs Pro Micro Plan, you can get 500 free fraud …

1K 2 CVEs
Easy Digital Downloads Free Link

Easy Digital Downloads Free Link

easy-digital-downloads-free-link

A
100

replace EDD add-to-cart button with download link when product is free

1K No CVEs
EDD Auto Register

EDD Auto Register

edd-auto-register

A
92

Automatically creates a WP user account at checkout, based on customer's email address.

1K No CVEs
Easy Digital Downloads Featured Downloads

Easy Digital Downloads Featured Downloads

edd-featured-downloads

A
100

Easily feature your downloads

1K No CVEs
Counten- Sale Counter Advanced

Counten- Sale Counter Advanced

counten-sale-counter-advanced

A
92

A Sale Counter Plugin work with the Easy Digital Download Products

300 No CVEs
Developer Profile

FraudLabs Pro for Easy Digital Downloads Developer Profile

fraudlabspro

3 plugins · 1K total installs

93
trust score
Avg Security Score
99/100
Avg Patch Time
11 days
View full developer profile
Detection Fingerprints

How We Detect FraudLabs Pro for Easy Digital Downloads

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/fraudlabs-pro-for-easy-digital-downloads/assets/css/edd-flp.css/wp-content/plugins/fraudlabs-pro-for-easy-digital-downloads/assets/js/edd-flp.js
Script Paths
/wp-content/plugins/fraudlabs-pro-for-easy-digital-downloads/assets/js/edd-flp.js
Version Parameters
fraudlabs-pro-for-easy-digital-downloads/assets/css/edd-flp.css?ver=fraudlabs-pro-for-easy-digital-downloads/assets/js/edd-flp.js?ver=

HTML / DOM Fingerprints

CSS Classes
dashicons-admin-fraudlabs-pro
Data Attributes
id="edd-fraudlabs-pro-settings"data-api-keydata-approve-statusdata-review-statusdata-sync-statusdata-fraud-message+3 more
JS Globals
EDD_FLPSettings
REST Endpoints
/wp-json/fraudlabsproedd/v1/settings
FAQ

Frequently Asked Questions about FraudLabs Pro for Easy Digital Downloads