WP-Safety

Free Gift Product For Woocommerce Security & Risk Analysis

wordpress.org/plugins/free-gifts-product-for-woocommerce

Free Gifts Product For Woocommerce Set a fee for gift and up your revenue with every order. WooCommerce Multiple Free Gift make to many way to gift p …

800 active installs v1.1 PHP 5.0+ WP + Updated Jan 24, 2026
free-giftfree-gift-product-woocommercegift-productgift-woocommercewoo-gift
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Free Gift Product For Woocommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Free Gift Product For Woocommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago
Risk Assessment

The "free-gifts-product-for-woocommerce" plugin version 1.1 presents a generally good security posture based on the provided static analysis. The plugin effectively utilizes prepared statements for all SQL queries and exhibits a reasonable rate of output escaping (65%). Importantly, there are no known unpatched CVEs, and the vulnerability history is clean, suggesting a history of responsible development and maintenance.

However, there are areas for improvement. The presence of 28 instances of the `unserialize` function is a significant concern. If user-controlled data is being unserialized without proper sanitization and validation, it can lead to Remote Code Execution (RCE) vulnerabilities. While the taint analysis did not identify any unsanitized flows in this specific scan, the sheer number of `unserialize` calls increases the potential attack surface and risk. Furthermore, while the overall attack surface is small and all identified entry points have some form of protection, the reliance on only 3 nonce checks and 1 capability check for 4 AJAX handlers might be insufficient depending on the nature of the data processed by those handlers.

In conclusion, the plugin demonstrates strengths in database security and output escaping, and its lack of past vulnerabilities is commendable. The primary weakness lies in the extensive use of `unserialize` without clear evidence of robust sanitization, which poses a latent risk. Addressing this specific concern, along with potentially strengthening authentication checks on AJAX endpoints, would further enhance the plugin's security.

Key Concerns

  • High usage of unserialize function
  • Limited nonce checks on AJAX handlers
  • Limited capability checks on entry points
  • Output escaping not fully implemented
Vulnerabilities
None known

Free Gift Product For Woocommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Free Gift Product For Woocommerce Code Analysis

Dangerous Functions
28
Raw SQL Queries
0
0 prepared
Unescaped Output
58
109 escaped
Nonce Checks
3
Capability Checks
1
File Operations
0
External Requests
0
Bundled Libraries
1

Dangerous Functions Found

unserialize$table_minimum_custom = unserialize(get_option('minimum_custom'));main\backend\free-gifts-backend.php:198
unserialize$table_maximum_custom = unserialize(get_option('maximum_custom'));main\backend\free-gifts-backend.php:199
unserialize$table_allowed_custom = unserialize(get_option('allowed_custom'));main\backend\free-gifts-backend.php:200
unserialize$table_fgw_combo_custom = unserialize(get_option('fgw_combo_custom'));main\backend\free-gifts-backend.php:201
unserialize$table_product_multiple_custom = unserialize(get_option('fgw_gift_multiple_custom'));main\backend\free-gifts-backend.php:202
unserialize$table_minimum_price = unserialize(get_option('minimum_price'));main\backend\free-gifts-backend.php:275
unserialize$table_maximum_price = unserialize(get_option('maximum_price'));main\backend\free-gifts-backend.php:276
unserialize$table_allowed_price = unserialize(get_option('allowed_price'));main\backend\free-gifts-backend.php:277
unserialize$table_product_multiple_price = unserialize(get_option('fgw_gift_multiple_price'));main\backend\free-gifts-backend.php:278
unserialize$table_minimum_category = unserialize(get_option('minimum_category'));main\backend\free-gifts-backend.php:332
unserialize$table_maximum_category = unserialize(get_option('maximum_category'));main\backend\free-gifts-backend.php:333
unserialize$table_allowed_category = unserialize(get_option('allowed_category'));main\backend\free-gifts-backend.php:334
unserialize$table_fgw_select_cats_category = unserialize(get_option('fgw_select_cats_category'));main\backend\free-gifts-backend.php:335
unserialize$table_product_multiple_category = unserialize(get_option('fgw_gift_multiple_category'));main\backend\free-gifts-backend.php:336
unserialize$minimum_custom = unserialize(get_option('minimum_custom'));main\backend\free-gifts-comman.php:42
unserialize$maximum_custom = unserialize(get_option('maximum_custom'));main\backend\free-gifts-comman.php:43
unserialize$allowed_custom = unserialize(get_option('allowed_custom'));main\backend\free-gifts-comman.php:44
unserialize$fgw_combo_custom = unserialize(get_option('fgw_combo_custom'));main\backend\free-gifts-comman.php:45
unserialize$fgw_gift_multiple_custom = unserialize(get_option('fgw_gift_multiple_custom'));main\backend\free-gifts-comman.php:47
unserialize$fgw_gift_multiple_price = unserialize(get_option('fgw_gift_multiple_price'));main\backend\free-gifts-comman.php:92
unserialize$minimum_price = unserialize(get_option('minimum_price'));main\backend\free-gifts-comman.php:93
unserialize$maximum_price = unserialize(get_option('maximum_price'));main\backend\free-gifts-comman.php:94
unserialize$allowed_price = unserialize(get_option('allowed_price'));main\backend\free-gifts-comman.php:95
unserialize$minimum_category = unserialize(get_option('minimum_category'));main\backend\free-gifts-comman.php:109
unserialize$maximum_category = unserialize(get_option('maximum_category'));main\backend\free-gifts-comman.php:110
unserialize$allowed_category = unserialize(get_option('allowed_category'));main\backend\free-gifts-comman.php:111
unserialize$fgw_select_cats_category = unserialize(get_option('fgw_select_cats_category'));main\backend\free-gifts-comman.php:112
unserialize$fgw_gift_multiple_category = unserialize(get_option('fgw_gift_multiple_category'));main\backend\free-gifts-comman.php:113

Bundled Libraries

Select2

Output Escaping

65% escaped167 total outputs
Data Flows
All sanitized

Data Flow Analysis

2 flows
FGWP_save_options (main\backend\free-gifts-backend.php:698)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Free Gift Product For Woocommerce Attack Surface

Entry Points6
Unprotected0

AJAX Handlers 4

noprivwp_ajax_fgw_product_ajaxmain\backend\free-gifts-backend.php:619
authwp_ajax_fgw_product_ajaxmain\backend\free-gifts-backend.php:620
noprivwp_ajax_fgw_cats_ajaxmain\backend\free-gifts-backend.php:669
authwp_ajax_fgw_cats_ajaxmain\backend\free-gifts-backend.php:670

Shortcodes 2

[fgfwp_block_gift] main\frontend\free-gifts-frontend.php:20
[fgwp_products] main\frontend\free-gifts-frontend.php:113
WordPress Hooks 41
filterplugin_row_metafree-gifts-woocommerce.php:56
actionadmin_menumain\backend\free-gifts-backend.php:7
actioninitmain\backend\free-gifts-backend.php:697
actioninitmain\backend\free-gifts-comman.php:7
actioninitmain\backend\free-gifts-comman.php:530
actionwoocommerce_before_calculate_totalsmain\backend\free-gifts-comman.php:536
actionwoocommerce_before_calculate_totalsmain\backend\free-gifts-comman.php:539
actioninitmain\frontend\free-gifts-frontend-action.php:8
actionwpmain\frontend\free-gifts-frontend-action.php:14
filterwoocommerce_cart_item_namemain\frontend\free-gifts-frontend-action.php:15
actionwpmain\frontend\free-gifts-frontend-action.php:18
filterwoocommerce_cart_item_namemain\frontend\free-gifts-frontend-action.php:19
actioninitmain\frontend\free-gifts-frontend-function.php:7
filterwoocommerce_cart_item_subtotalmain\frontend\free-gifts-frontend-function.php:13
filterwoocommerce_cart_item_pricemain\frontend\free-gifts-frontend-function.php:14
filterwoocommerce_order_formatted_line_subtotalmain\frontend\free-gifts-frontend-function.php:15
actionwoocommerce_new_order_itemmain\frontend\free-gifts-frontend-function.php:16
filterwoocommerce_hidden_order_itemmetamain\frontend\free-gifts-frontend-function.php:17
filterwoocommerce_cart_item_quantitymain\frontend\free-gifts-frontend-function.php:18
actionwoocommerce_before_order_itemmetamain\frontend\free-gifts-frontend-function.php:19
filterwoocommerce_cart_item_subtotalmain\frontend\free-gifts-frontend-function.php:22
filterwoocommerce_cart_item_pricemain\frontend\free-gifts-frontend-function.php:23
filterwoocommerce_order_formatted_line_subtotalmain\frontend\free-gifts-frontend-function.php:24
actionwoocommerce_new_order_itemmain\frontend\free-gifts-frontend-function.php:25
filterwoocommerce_hidden_order_itemmetamain\frontend\free-gifts-frontend-function.php:26
filterwoocommerce_cart_item_quantitymain\frontend\free-gifts-frontend-function.php:27
actionwoocommerce_before_order_itemmetamain\frontend\free-gifts-frontend-function.php:28
filterrender_blockmain\frontend\free-gifts-frontend.php:37
actionwp_footermain\frontend\free-gifts-frontend.php:318
actioninitmain\frontend\free-gifts-frontend.php:320
actionwoocommerce_before_cart_tablemain\frontend\free-gifts-frontend.php:326
actionwoocommerce_before_checkout_formmain\frontend\free-gifts-frontend.php:328
actionwoocommerce_before_cart_tablemain\frontend\free-gifts-frontend.php:332
actionwoocommerce_before_checkout_formmain\frontend\free-gifts-frontend.php:334
filterwoocommerce_get_item_datamain\frontend\free-gifts-frontend.php:356
actionadmin_initmain\resources\free-gifts-installation-require.php:4
actionadmin_noticesmain\resources\free-gifts-installation-require.php:12
actionplugins_loadedmain\resources\free-gifts-language.php:4
filterload_textdomain_mofilemain\resources\free-gifts-language.php:17
actionadmin_enqueue_scriptsmain\resources\free-gifts-load-js-css.php:4
actionwp_enqueue_scriptsmain\resources\free-gifts-load-js-css.php:33
Maintenance & Trust

Free Gift Product For Woocommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 24, 2026
PHP min version5.0
Downloads11K

Community Trust

Rating94/100
Number of ratings14
Active installs800
Alternatives

Free Gift Product For Woocommerce Alternatives

GIFTiT – Free Gifts for WooCommerce

GIFTiT – Free Gifts for WooCommerce

ithemeland-free-gifts-for-woo

A
100

Free Gifts for WooCommerce allows you to offer Free Gifts to your customers whenever they make a purchase on your site.

2K No CVEs
MH Free Gifts for WooCommerce

MH Free Gifts for WooCommerce

mh-free-gifts-for-woocommerce

A
100

Offer free gifts automatically in WooCommerce! Set up smart rules based on cart value, items, or user roles — fully supports WooCommerce Blocks.

100 No CVEs
First Order Discount Woocommerce

First Order Discount Woocommerce

first-order-discount-woocommerce

A
100

First Order Discount Woocommerce allows admin to offer discount to their customers on their first order with various conditions.

1K 1 CVE
Free Gift for WooCommerce

Free Gift for WooCommerce

woo-free-gift

A
100

Boost your WooCommerce store's conversions by offering automatic free gifts! This plugin lets you reward customers with free products based on ca …

300 No CVEs
Jagif – WooCommerce Free Gift

Jagif – WooCommerce Free Gift

jagif-woo-free-gift

A
100

Offer free gifts with purchases using custom rules. Highlight eligible products with visual gift icons to inform and entice customers

90 No CVEs
Developer Profile

Free Gift Product For Woocommerce Developer Profile

silverplugins217

21 plugins · 12K total installs

93
trust score
Avg Security Score
99/100
Avg Patch Time
10 days
View full developer profile
Detection Fingerprints

How We Detect Free Gift Product For Woocommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/free-gifts-product-for-woocommerce/assets/css/back.css/wp-content/plugins/free-gifts-product-for-woocommerce/assets/select2/js/select2.js/wp-content/plugins/free-gifts-product-for-woocommerce/assets/js/back.js/wp-content/plugins/free-gifts-product-for-woocommerce/assets/js/wp-color-picker-alpha.js/wp-content/plugins/free-gifts-product-for-woocommerce/assets/css/front.css/wp-content/plugins/free-gifts-product-for-woocommerce/assets/js/front.js
Script Paths
/wp-content/plugins/free-gifts-product-for-woocommerce/assets/js/back.js/wp-content/plugins/free-gifts-product-for-woocommerce/assets/js/front.js
Version Parameters
/wp-content/plugins/free-gifts-product-for-woocommerce/assets/css/back.css?ver=1.0.0/wp-content/plugins/free-gifts-product-for-woocommerce/assets/js/back.js?ver=1.0.0/wp-content/plugins/free-gifts-product-for-woocommerce/assets/js/wp-color-picker-alpha.js?ver=1.0.0/wp-content/plugins/free-gifts-product-for-woocommerce/assets/css/front.css?ver=1.0.0/wp-content/plugins/free-gifts-product-for-woocommerce/assets/js/front.js?ver=1.0.0

HTML / DOM Fingerprints

CSS Classes
oc5_shortcode_gift
JS Globals
FGW_DATAFGWWdata
Shortcode Output
[fgfwp_block_gift][fgwp_products
FAQ

Frequently Asked Questions about Free Gift Product For Woocommerce