WP-Safety

Fundrizer Lite – Donation Plugin for Transparent Fundraising Security & Risk Analysis

wordpress.org/plugins/fundrizer

A donation plugin for charity fundraising, crowdfunding campaigns, and nonprofits with WooCommerce payments, donor management, and customizable forms …

10 active installs v1.5.0 PHP 8.0+ WP 6.6+ Updated Oct 20, 2025
charitycrowdfundingdonatedonationfundraising
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Fundrizer Lite – Donation Plugin for Transparent Fundraising Safe to Use in 2026?

Generally Safe

Score 100/100

Fundrizer Lite – Donation Plugin for Transparent Fundraising has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7mo ago
Risk Assessment

The Fundrizer v1.5.0 plugin exhibits a generally strong security posture, with several good practices in place. The plugin demonstrates excellent adherence to using prepared statements for all SQL queries and a high percentage of properly escaped output. The absence of known vulnerabilities in its history is also a positive indicator. However, a notable concern lies within the attack surface. One out of six entry points lacks permission callbacks, which could be an exploitable vulnerability if not properly secured at a different layer. The presence of bundled libraries, while not inherently bad, introduces a potential risk if those libraries are outdated or contain vulnerabilities not reflected in the plugin's direct history.

Key Concerns

  • REST API route without permission callbacks
Vulnerabilities
None known

Fundrizer Lite – Donation Plugin for Transparent Fundraising Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Fundrizer Lite – Donation Plugin for Transparent Fundraising Release Timeline

v1.5.0Current
v1.4.2
v1.4.1
v1.4.0
v1.3.1
v1.3.0
v1.2.0
v1.1.0
v1.0.2
v1.0.1
v1.0.0
v0.9.2
v0.9.1
v0.9.0
v0.8.0
v0.7.0
v0.6.0
v0.5.0
v0.4.0
v0.3.0
Code Analysis
Analyzed Mar 16, 2026

Fundrizer Lite – Donation Plugin for Transparent Fundraising Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
7 prepared
Unescaped Output
17
446 escaped
Nonce Checks
5
Capability Checks
72
File Operations
7
External Requests
0
Bundled Libraries
1

Bundled Libraries

Select2

SQL Query Safety

100% prepared7 total queries

Output Escaping

96% escaped463 total outputs
Data Flows · Security
All sanitized

Data Flow Analysis

2 flows
settings_page (src\Admin\Admin.php:249)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

Fundrizer Lite – Donation Plugin for Transparent Fundraising Attack Surface

Entry Points6
Unprotected1

AJAX Handlers 2

authwp_ajax_frzr_add_to_cartsrc\Hook\WooCommerce\Services.php:15
noprivwp_ajax_frzr_add_to_cartsrc\Hook\WooCommerce\Services.php:16

REST API Routes 3

PUT/wp-json/wp/v2/plugins/(?P<plugin>.+)deps\wp-graphql\src\Admin\Extensions\Extensions.php:118
POST/wp-json/rig-runner/v1/installsrc\Admin\rig-runner\rig-runner.php:73
GET/wp-json/fundrizer/v1/funding-wallsrc\Hook\REST\FundingWall.php:13

Shortcodes 1

[fundrizer] src\Shortcodes.php:12
WordPress Hooks 159
actionadmin_noticesactivation.php:7
filtergraphql_type_interfacesdeps\wp-graphql\access-functions.php:188
filtergraphql_type_namedeps\wp-graphql\access-functions.php:481
actiongraphql_register_types_latedeps\wp-graphql\access-functions.php:494
filtergraphql_excluded_typesdeps\wp-graphql\access-functions.php:573
filtergraphql_type_interfacesdeps\wp-graphql\access-functions.php:589
actiongraphql_init_settingsdeps\wp-graphql\access-functions.php:702
actiongraphql_init_settingsdeps\wp-graphql\access-functions.php:719
actiongraphql_get_debug_logdeps\wp-graphql\access-functions.php:764
actiongraphql_init_settingsdeps\wp-graphql\access-functions.php:796
actiongraphql_admin_notices_initdeps\wp-graphql\access-functions.php:924
actionadmin_menudeps\wp-graphql\src\Admin\Admin.php:56
actionadmin_noticesdeps\wp-graphql\src\Admin\AdminNotices.php:107
actionnetwork_admin_noticesdeps\wp-graphql\src\Admin\AdminNotices.php:108
actionadmin_initdeps\wp-graphql\src\Admin\AdminNotices.php:109
actionadmin_menudeps\wp-graphql\src\Admin\AdminNotices.php:110
actionadmin_menudeps\wp-graphql\src\Admin\Extensions\Extensions.php:46
actionadmin_enqueue_scriptsdeps\wp-graphql\src\Admin\Extensions\Extensions.php:47
actionrest_api_initdeps\wp-graphql\src\Admin\Extensions\Extensions.php:48
actionadmin_menudeps\wp-graphql\src\Admin\GraphiQL\GraphiQL.php:37
actionadmin_bar_menudeps\wp-graphql\src\Admin\GraphiQL\GraphiQL.php:38
actionadmin_enqueue_scriptsdeps\wp-graphql\src\Admin\GraphiQL\GraphiQL.php:40
actionenqueue_graphiql_extensiondeps\wp-graphql\src\Admin\GraphiQL\GraphiQL.php:48
actionenqueue_graphiql_extensiondeps\wp-graphql\src\Admin\GraphiQL\GraphiQL.php:49
actionenqueue_graphiql_extensiondeps\wp-graphql\src\Admin\GraphiQL\GraphiQL.php:50
actionadmin_menudeps\wp-graphql\src\Admin\Settings\Settings.php:33
actioninitdeps\wp-graphql\src\Admin\Settings\Settings.php:34
actionadmin_initdeps\wp-graphql\src\Admin\Settings\Settings.php:35
actionadmin_enqueue_scriptsdeps\wp-graphql\src\Admin\Settings\Settings.php:36
actionin_plugin_update_message-wp-graphql/wp-graphql.phpdeps\wp-graphql\src\Admin\Updates\PluginsScreenLoader.php:31
actionadmin_print_footer_scriptsdeps\wp-graphql\src\Admin\Updates\PluginsScreenLoader.php:58
filterextra_plugin_headersdeps\wp-graphql\src\Admin\Updates\Updates.php:20
filterextra_theme_headersdeps\wp-graphql\src\Admin\Updates\Updates.php:21
filterauto_update_plugindeps\wp-graphql\src\Admin\Updates\Updates.php:24
actioncurrent_screendeps\wp-graphql\src\Admin\Updates\Updates.php:27
actionadmin_initdeps\wp-graphql\src\Admin\Updates\Updates.php:30
actiongraphql_activatedeps\wp-graphql\src\Admin\Updates\Updates.php:31
actionadmin_noticesdeps\wp-graphql\src\Admin\Updates\Updates.php:32
actionadmin_enqueue_scriptsdeps\wp-graphql\src\Admin\Updates\Updates.php:35
actionadmin_print_footer_scriptsdeps\wp-graphql\src\Admin\Updates\UpdatesScreenLoader.php:31
filtercomments_clausesdeps\wp-graphql\src\Data\Config.php:31
filterposts_wheredeps\wp-graphql\src\Data\Config.php:45
filterterms_clausesdeps\wp-graphql\src\Data\Config.php:51
filterposts_orderbydeps\wp-graphql\src\Data\Config.php:64
filterpre_user_querydeps\wp-graphql\src\Data\Config.php:84
filtergraphql_users_wheredeps\wp-graphql\src\Data\Config.php:133
filtergraphql_users_orderbydeps\wp-graphql\src\Data\Config.php:146
filtersplit_the_querydeps\wp-graphql\src\Data\Loader\PostObjectLoader.php:91
actiongraphql_register_typesdeps\wp-graphql\src\Deprecated.php:36
filtergraphql_type_interfacesdeps\wp-graphql\src\Deprecated.php:49
filtergraphql_model_prepare_fieldsdeps\wp-graphql\src\Deprecated.php:75
filtersend_password_change_emaildeps\wp-graphql\src\Mutation\UserRegister.php:142
actioninit_graphql_type_registrydeps\wp-graphql\src\Registry\TypeRegistry.php:269
filtergraphql_excluded_mutationsdeps\wp-graphql\src\Registry\TypeRegistry.php:1313
filtergraphql_excluded_connectionsdeps\wp-graphql\src\Registry\TypeRegistry.php:1339
actioninitdeps\wp-graphql\src\Router.php:64
filterquery_varsdeps\wp-graphql\src\Router.php:71
actionparse_requestdeps\wp-graphql\src\Router.php:78
filterapplication_password_is_api_requestdeps\wp-graphql\src\Router.php:83
actiondo_graphql_requestdeps\wp-graphql\src\Utils\QueryAnalyzer.php:244
filtergraphql_dataloader_get_modeldeps\wp-graphql\src\Utils\QueryAnalyzer.php:247
filtergraphql_request_resultsdeps\wp-graphql\src\Utils\QueryAnalyzer.php:250
actioninitdeps\wp-graphql\src\Utils\QueryLog.php:43
filtergraphql_request_resultsdeps\wp-graphql\src\Utils\QueryLog.php:44
actiondo_graphql_requestdeps\wp-graphql\src\Utils\Tracing.php:128
actiongraphql_executedeps\wp-graphql\src\Utils\Tracing.php:129
filtergraphql_access_control_allow_headersdeps\wp-graphql\src\Utils\Tracing.php:130
filtergraphql_request_resultsdeps\wp-graphql\src\Utils\Tracing.php:131
actiongraphql_before_resolve_fielddeps\wp-graphql\src\Utils\Tracing.php:140
actiongraphql_after_resolve_fielddeps\wp-graphql\src\Utils\Tracing.php:141
actionafter_setup_themedeps\wp-graphql\src\WPGraphQL.php:182
actioninitdeps\wp-graphql\src\WPGraphQL.php:201
actionwp_loadeddeps\wp-graphql\src\WPGraphQL.php:209
actiongraphql_before_resolve_fielddeps\wp-graphql\src\WPGraphQL.php:214
actioninit_graphql_requestdeps\wp-graphql\src\WPGraphQL.php:225
actiondo_graphql_requestdeps\wp-graphql\src\WPGraphQL.php:228
actiondo_graphql_requestdeps\wp-graphql\src\WPGraphQL.php:229
actionafter_setup_themedeps\wp-graphql\src\WPGraphQL.php:232
actioninit_graphql_requestdeps\wp-graphql\src\WPGraphQL.php:234
filtergraphql_get_typedeps\wp-graphql\src\WPGraphQL.php:347
filterget_post_metadatadeps\wp-graphql\src\WPGraphQL.php:358
filterwpml_is_redirecteddeps\wp-graphql\src\WPGraphQL.php:374
filterregister_post_type_argsdeps\wp-graphql\src\WPGraphQL.php:477
filterregister_taxonomy_argsdeps\wp-graphql\src\WPGraphQL.php:478
filterregister_post_type_argsdeps\wp-graphql\src\WPGraphQL.php:481
filterregister_taxonomy_argsdeps\wp-graphql\src\WPGraphQL.php:482
actionnetwork_admin_noticesdeps\wp-graphql\wp-graphql.php:123
actionadmin_noticesdeps\wp-graphql\wp-graphql.php:124
actionadmin_noticesfundrizer.php:28
actioninitfundrizer.php:60
actionadmin_noticesfundrizer.php:61
actioninitsrc\Admin\Admin.php:15
actionadmin_menusrc\Admin\Admin.php:16
actionadmin_initsrc\Admin\Admin.php:18
filtermanage_frzr_campaign_posts_columnssrc\Admin\Admin.php:29
actionmanage_frzr_campaign_posts_custom_columnsrc\Admin\Admin.php:30
actionadmin_enqueue_scriptssrc\Admin\Admin.php:33
actionadmin_print_scriptssrc\Admin\Admin.php:37
filtergraphql_show_adminsrc\Admin\Admin.php:52
actionadmin_headsrc\Admin\Admin.php:57
filterwoocommerce_admin_order_list_actionssrc\Admin\Admin.php:67
actionadmin_enqueue_scriptssrc\Admin\rig-runner\rig-runner.php:27
actionrest_api_initsrc\Admin\rig-runner\rig-runner.php:32
actiongraphql_register_typessrc\Admin\Setting\Mutation.php:11
actiongraphql_register_typessrc\Admin\Setting\Query.php:11
actiongraphql_register_typessrc\Admin\State.php:9
filterblock_categories_allsrc\Blocks.php:17
actionenqueue_block_assetssrc\Blocks.php:37
actionenqueue_block_editor_assetssrc\Blocks.php:38
actionwp_headsrc\Elementor.php:50
actionwp_headsrc\Elementor.php:52
actionwp_enqueue_scriptssrc\Elementor.php:77
filterdefault_template_typessrc\FSE.php:63
actiongraphql_register_typessrc\Helper\WPGraphQL.php:9
actiongraphql_register_typessrc\Hook\GraphQL\Funder\Query.php:9
actiongraphql_register_typessrc\Hook\GraphQL\Insight\Query.php:9
filterrwmb_currency_valuesrc\Hook\MetaBox\Currency_Field.php:27
actionrwmb_enqueue_scriptssrc\Hook\MetaBox\Currency_Field.php:34
actionadmin_print_scriptssrc\Hook\MetaBox\Currency_Field.php:35
filterrwmb_meta_boxessrc\Hook\MetaBox\Fields.php:19
actionrest_api_initsrc\Hook\REST\FundingWall.php:12
actionsave_post_frzr_campaignsrc\Hook\WooCommerce\Admin.php:18
actionadd_meta_boxessrc\Hook\WooCommerce\Admin.php:158
actionsave_post_productsrc\Hook\WooCommerce\Admin.php:169
actionpre_get_postssrc\Hook\WooCommerce\Admin.php:215
actionadmin_initsrc\Hook\WooCommerce\Admin.php:240
filterviews_edit-productsrc\Hook\WooCommerce\Admin.php:242
filterwoocommerce_email_enabled_new_ordersrc\Hook\WooCommerce\Email.php:13
filterwoocommerce_email_enabled_customer_completed_ordersrc\Hook\WooCommerce\Email.php:14
filterwoocommerce_email_enabled_customer_processing_ordersrc\Hook\WooCommerce\Email.php:15
filterwoocommerce_email_enabled_customer_on_hold_ordersrc\Hook\WooCommerce\Email.php:16
filterwoocommerce_email_classessrc\Hook\WooCommerce\Email.php:18
actionwoocommerce_email_footersrc\Hook\WooCommerce\Email.php:19
actionwoocommerce_order_status_changedsrc\Hook\WooCommerce\Email.php:21
actionwp_headsrc\Hook\WooCommerce\Fields.php:20
filterwoocommerce_get_country_localesrc\Hook\WooCommerce\Fields.php:40
actionwoocommerce_sanitize_additional_fieldsrc\Hook\WooCommerce\Fields.php:129
actionwoocommerce_validate_additional_fieldsrc\Hook\WooCommerce\Fields.php:137
actionwoocommerce_set_additional_field_valuesrc\Hook\WooCommerce\Fields.php:148
actionwp_enqueue_scriptssrc\Hook\WooCommerce\Front.php:15
filterwoocommerce_product_classsrc\Hook\WooCommerce\Module.php:25
filterproduct_type_selectorsrc\Hook\WooCommerce\Module.php:32
filterwoocommerce_is_purchasablesrc\Hook\WooCommerce\Module.php:37
filterwoocommerce_admin_order_preview_actionssrc\Hook\WooCommerce\Module.php:45
actionwoocommerce_new_ordersrc\Hook\WooCommerce\Module.php:102
actionwoocommerce_update_options_generalsrc\Hook\WooCommerce\Module.php:114
filtertemplate_includesrc\Hook\WooCommerce\Module.php:168
filterwpseo_exclude_from_sitemap_by_post_idssrc\Hook\WooCommerce\Module.php:187
actionwoocommerce_before_calculate_totalssrc\Hook\WooCommerce\Services.php:18
actionwp_loadedsrc\Hook\WooCommerce\Services.php:20
actionenqueue_block_assetssrc\Loader.php:25
actioninitsrc\Loader.php:39
actionwoocommerce_initsrc\Loader.php:40
actionsave_postsrc\Modules\Campaign\Module.php:11
actionbefore_delete_postsrc\Modules\Campaign\Module.php:12
filterpre_render_blocksrc\Modules\Campaign\Module.php:13
filterquery_loop_block_query_varssrc\Modules\Campaign\Module.php:72
actionadmin_initsrc\Modules\Campaign\Posttypes.php:27
actionadmin_initsrc\Setup.php:10
Maintenance & Trust

Fundrizer Lite – Donation Plugin for Transparent Fundraising Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedOct 20, 2025
PHP min version8.0
Downloads3K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

Fundrizer Lite – Donation Plugin for Transparent Fundraising Alternatives

GiveWP – Donation Plugin and Fundraising Platform

GiveWP – Donation Plugin and Fundraising Platform

give

B
76

Accept donations and begin fundraising with GiveWP, the highest rated WordPress donation plugin for online giving.

100K 72 CVEs
Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More

Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More

charitable

B
80

The best WordPress donation plugin. Create fundraising donation forms, accept recurring donations, easy donor management, add crowdfunding, and more.

10K 16 CVEs
WhyDonate – FREE Donate button – Crowdfunding – Fundraising

WhyDonate – FREE Donate button – Crowdfunding – Fundraising

wp-whydonate

A
97

FREE Donation button for your website. Collect donations via Credit card, PayPal, VISA, iDeal, Sofort and Bancontact. Set up in minutes and safe!

800 3 CVEs
ActBlue Contributions

ActBlue Contributions

actblue-contributions

A
85

Easily embed your ActBlue contribution forms on any WordPress page. Designed and built by Upstatement.

400 No CVEs
Fundraising Thermometer by CouponBirds

Fundraising Thermometer by CouponBirds

fundraising-thermometer-by-couponbirds

A
85

Thousands of online campaigns are using this gauge. It is the No.1 rating giving thermometer WordPress plugin. And it is Totally FREE!

400 No CVEs
Developer Profile

Fundrizer Lite – Donation Plugin for Transparent Fundraising Developer Profile

LokusWP

3 plugins · 130 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Fundrizer Lite – Donation Plugin for Transparent Fundraising

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/fundrizer/assets/css/admin-style.css/wp-content/plugins/fundrizer/assets/css/frontend.css/wp-content/plugins/fundrizer/assets/js/admin-script.js/wp-content/plugins/fundrizer/assets/js/frontend.js
Script Paths
/wp-content/plugins/fundrizer/assets/js/admin-script.js/wp-content/plugins/fundrizer/assets/js/frontend.js
Version Parameters
fundrizer/assets/css/admin-style.css?ver=fundrizer/assets/css/frontend.css?ver=fundrizer/assets/js/admin-script.js?ver=fundrizer/assets/js/frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
fundrizer-admin-wrapfundrizer-donate-formfundrizer-campaign-loop
HTML Comments
<!-- Fundrizer Lite by LokusWP --><!-- Fundrizer Lite Shortcode --><!-- Fundrizer Lite Admin Notice -->
Data Attributes
data-fundrizer-campaign-iddata-fundrizer-goal-amountdata-fundrizer-currency
JS Globals
fundrizer_ajax_objectfundrizer_frontend_params
REST Endpoints
/wp-json/fundrizer/v1/donate/wp-json/fundrizer/v1/campaigns
Shortcode Output
[fundrizer_donate_form][fundrizer_campaign_list][fundrizer_single_campaign]
FAQ

Frequently Asked Questions about Fundrizer Lite – Donation Plugin for Transparent Fundraising