WP-Safety

Fundrizer Lite – Donation Plugin for Transparent Fundraising Security & Risk Analysis

wordpress.org/plugins/fundrizer

A donation plugin for charity fundraising, crowdfunding campaigns, and nonprofits with WooCommerce payments, donor management, and customizable forms …

10 active installs v1.5.0 PHP 8.0+ WP 6.6+ Updated Oct 20, 2025
charitycrowdfundingdonatedonationfundraising
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Fundrizer Lite – Donation Plugin for Transparent Fundraising Safe to Use in 2026?

Generally Safe

Score 100/100

Fundrizer Lite – Donation Plugin for Transparent Fundraising has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5mo ago
Risk Assessment

The Fundrizer v1.5.0 plugin exhibits a generally strong security posture, with several good practices in place. The plugin demonstrates excellent adherence to using prepared statements for all SQL queries and a high percentage of properly escaped output. The absence of known vulnerabilities in its history is also a positive indicator. However, a notable concern lies within the attack surface. One out of six entry points lacks permission callbacks, which could be an exploitable vulnerability if not properly secured at a different layer. The presence of bundled libraries, while not inherently bad, introduces a potential risk if those libraries are outdated or contain vulnerabilities not reflected in the plugin's direct history.

Key Concerns

  • REST API route without permission callbacks
Vulnerabilities
None known

Fundrizer Lite – Donation Plugin for Transparent Fundraising Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Fundrizer Lite – Donation Plugin for Transparent Fundraising Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
7 prepared
Unescaped Output
17
446 escaped
Nonce Checks
5
Capability Checks
72
File Operations
7
External Requests
0
Bundled Libraries
1

Bundled Libraries

Select2

SQL Query Safety

100% prepared7 total queries

Output Escaping

96% escaped463 total outputs
Data Flows
All sanitized

Data Flow Analysis

2 flows
settings_page (src\Admin\Admin.php:249)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

Fundrizer Lite – Donation Plugin for Transparent Fundraising Attack Surface

Entry Points6
Unprotected1

AJAX Handlers 2

authwp_ajax_frzr_add_to_cartsrc\Hook\WooCommerce\Services.php:15
noprivwp_ajax_frzr_add_to_cartsrc\Hook\WooCommerce\Services.php:16

REST API Routes 3

PUT/wp-json/wp/v2/plugins/(?P<plugin>.+)deps\wp-graphql\src\Admin\Extensions\Extensions.php:118
POST/wp-json/rig-runner/v1/installsrc\Admin\rig-runner\rig-runner.php:73
GET/wp-json/fundrizer/v1/funding-wallsrc\Hook\REST\FundingWall.php:13

Shortcodes 1

[fundrizer] src\Shortcodes.php:12
WordPress Hooks 159
actionadmin_noticesactivation.php:7
filtergraphql_type_interfacesdeps\wp-graphql\access-functions.php:188
filtergraphql_type_namedeps\wp-graphql\access-functions.php:481
actiongraphql_register_types_latedeps\wp-graphql\access-functions.php:494
filtergraphql_excluded_typesdeps\wp-graphql\access-functions.php:573
filtergraphql_type_interfacesdeps\wp-graphql\access-functions.php:589
actiongraphql_init_settingsdeps\wp-graphql\access-functions.php:702
actiongraphql_init_settingsdeps\wp-graphql\access-functions.php:719
actiongraphql_get_debug_logdeps\wp-graphql\access-functions.php:764
actiongraphql_init_settingsdeps\wp-graphql\access-functions.php:796
actiongraphql_admin_notices_initdeps\wp-graphql\access-functions.php:924
actionadmin_menudeps\wp-graphql\src\Admin\Admin.php:56
actionadmin_noticesdeps\wp-graphql\src\Admin\AdminNotices.php:107
actionnetwork_admin_noticesdeps\wp-graphql\src\Admin\AdminNotices.php:108
actionadmin_initdeps\wp-graphql\src\Admin\AdminNotices.php:109
actionadmin_menudeps\wp-graphql\src\Admin\AdminNotices.php:110
actionadmin_menudeps\wp-graphql\src\Admin\Extensions\Extensions.php:46
actionadmin_enqueue_scriptsdeps\wp-graphql\src\Admin\Extensions\Extensions.php:47
actionrest_api_initdeps\wp-graphql\src\Admin\Extensions\Extensions.php:48
actionadmin_menudeps\wp-graphql\src\Admin\GraphiQL\GraphiQL.php:37
actionadmin_bar_menudeps\wp-graphql\src\Admin\GraphiQL\GraphiQL.php:38
actionadmin_enqueue_scriptsdeps\wp-graphql\src\Admin\GraphiQL\GraphiQL.php:40
actionenqueue_graphiql_extensiondeps\wp-graphql\src\Admin\GraphiQL\GraphiQL.php:48
actionenqueue_graphiql_extensiondeps\wp-graphql\src\Admin\GraphiQL\GraphiQL.php:49
actionenqueue_graphiql_extensiondeps\wp-graphql\src\Admin\GraphiQL\GraphiQL.php:50
actionadmin_menudeps\wp-graphql\src\Admin\Settings\Settings.php:33
actioninitdeps\wp-graphql\src\Admin\Settings\Settings.php:34
actionadmin_initdeps\wp-graphql\src\Admin\Settings\Settings.php:35
actionadmin_enqueue_scriptsdeps\wp-graphql\src\Admin\Settings\Settings.php:36
actionin_plugin_update_message-wp-graphql/wp-graphql.phpdeps\wp-graphql\src\Admin\Updates\PluginsScreenLoader.php:31
actionadmin_print_footer_scriptsdeps\wp-graphql\src\Admin\Updates\PluginsScreenLoader.php:58
filterextra_plugin_headersdeps\wp-graphql\src\Admin\Updates\Updates.php:20
filterextra_theme_headersdeps\wp-graphql\src\Admin\Updates\Updates.php:21
filterauto_update_plugindeps\wp-graphql\src\Admin\Updates\Updates.php:24
actioncurrent_screendeps\wp-graphql\src\Admin\Updates\Updates.php:27
actionadmin_initdeps\wp-graphql\src\Admin\Updates\Updates.php:30
actiongraphql_activatedeps\wp-graphql\src\Admin\Updates\Updates.php:31
actionadmin_noticesdeps\wp-graphql\src\Admin\Updates\Updates.php:32
actionadmin_enqueue_scriptsdeps\wp-graphql\src\Admin\Updates\Updates.php:35
actionadmin_print_footer_scriptsdeps\wp-graphql\src\Admin\Updates\UpdatesScreenLoader.php:31
filtercomments_clausesdeps\wp-graphql\src\Data\Config.php:31
filterposts_wheredeps\wp-graphql\src\Data\Config.php:45
filterterms_clausesdeps\wp-graphql\src\Data\Config.php:51
filterposts_orderbydeps\wp-graphql\src\Data\Config.php:64
filterpre_user_querydeps\wp-graphql\src\Data\Config.php:84
filtergraphql_users_wheredeps\wp-graphql\src\Data\Config.php:133
filtergraphql_users_orderbydeps\wp-graphql\src\Data\Config.php:146
filtersplit_the_querydeps\wp-graphql\src\Data\Loader\PostObjectLoader.php:91
actiongraphql_register_typesdeps\wp-graphql\src\Deprecated.php:36
filtergraphql_type_interfacesdeps\wp-graphql\src\Deprecated.php:49
filtergraphql_model_prepare_fieldsdeps\wp-graphql\src\Deprecated.php:75
filtersend_password_change_emaildeps\wp-graphql\src\Mutation\UserRegister.php:142
actioninit_graphql_type_registrydeps\wp-graphql\src\Registry\TypeRegistry.php:269
filtergraphql_excluded_mutationsdeps\wp-graphql\src\Registry\TypeRegistry.php:1313
filtergraphql_excluded_connectionsdeps\wp-graphql\src\Registry\TypeRegistry.php:1339
actioninitdeps\wp-graphql\src\Router.php:64
filterquery_varsdeps\wp-graphql\src\Router.php:71
actionparse_requestdeps\wp-graphql\src\Router.php:78
filterapplication_password_is_api_requestdeps\wp-graphql\src\Router.php:83
actiondo_graphql_requestdeps\wp-graphql\src\Utils\QueryAnalyzer.php:244
filtergraphql_dataloader_get_modeldeps\wp-graphql\src\Utils\QueryAnalyzer.php:247
filtergraphql_request_resultsdeps\wp-graphql\src\Utils\QueryAnalyzer.php:250
actioninitdeps\wp-graphql\src\Utils\QueryLog.php:43
filtergraphql_request_resultsdeps\wp-graphql\src\Utils\QueryLog.php:44
actiondo_graphql_requestdeps\wp-graphql\src\Utils\Tracing.php:128
actiongraphql_executedeps\wp-graphql\src\Utils\Tracing.php:129
filtergraphql_access_control_allow_headersdeps\wp-graphql\src\Utils\Tracing.php:130
filtergraphql_request_resultsdeps\wp-graphql\src\Utils\Tracing.php:131
actiongraphql_before_resolve_fielddeps\wp-graphql\src\Utils\Tracing.php:140
actiongraphql_after_resolve_fielddeps\wp-graphql\src\Utils\Tracing.php:141
actionafter_setup_themedeps\wp-graphql\src\WPGraphQL.php:182
actioninitdeps\wp-graphql\src\WPGraphQL.php:201
actionwp_loadeddeps\wp-graphql\src\WPGraphQL.php:209
actiongraphql_before_resolve_fielddeps\wp-graphql\src\WPGraphQL.php:214
actioninit_graphql_requestdeps\wp-graphql\src\WPGraphQL.php:225
actiondo_graphql_requestdeps\wp-graphql\src\WPGraphQL.php:228
actiondo_graphql_requestdeps\wp-graphql\src\WPGraphQL.php:229
actionafter_setup_themedeps\wp-graphql\src\WPGraphQL.php:232
actioninit_graphql_requestdeps\wp-graphql\src\WPGraphQL.php:234
filtergraphql_get_typedeps\wp-graphql\src\WPGraphQL.php:347
filterget_post_metadatadeps\wp-graphql\src\WPGraphQL.php:358
filterwpml_is_redirecteddeps\wp-graphql\src\WPGraphQL.php:374
filterregister_post_type_argsdeps\wp-graphql\src\WPGraphQL.php:477
filterregister_taxonomy_argsdeps\wp-graphql\src\WPGraphQL.php:478
filterregister_post_type_argsdeps\wp-graphql\src\WPGraphQL.php:481
filterregister_taxonomy_argsdeps\wp-graphql\src\WPGraphQL.php:482
actionnetwork_admin_noticesdeps\wp-graphql\wp-graphql.php:123
actionadmin_noticesdeps\wp-graphql\wp-graphql.php:124
actionadmin_noticesfundrizer.php:28
actioninitfundrizer.php:60
actionadmin_noticesfundrizer.php:61
actioninitsrc\Admin\Admin.php:15
actionadmin_menusrc\Admin\Admin.php:16
actionadmin_initsrc\Admin\Admin.php:18
filtermanage_frzr_campaign_posts_columnssrc\Admin\Admin.php:29
actionmanage_frzr_campaign_posts_custom_columnsrc\Admin\Admin.php:30
actionadmin_enqueue_scriptssrc\Admin\Admin.php:33
actionadmin_print_scriptssrc\Admin\Admin.php:37
filtergraphql_show_adminsrc\Admin\Admin.php:52
actionadmin_headsrc\Admin\Admin.php:57
filterwoocommerce_admin_order_list_actionssrc\Admin\Admin.php:67
actionadmin_enqueue_scriptssrc\Admin\rig-runner\rig-runner.php:27
actionrest_api_initsrc\Admin\rig-runner\rig-runner.php:32
actiongraphql_register_typessrc\Admin\Setting\Mutation.php:11
actiongraphql_register_typessrc\Admin\Setting\Query.php:11
actiongraphql_register_typessrc\Admin\State.php:9
filterblock_categories_allsrc\Blocks.php:17
actionenqueue_block_assetssrc\Blocks.php:37
actionenqueue_block_editor_assetssrc\Blocks.php:38
actionwp_headsrc\Elementor.php:50
actionwp_headsrc\Elementor.php:52
actionwp_enqueue_scriptssrc\Elementor.php:77
filterdefault_template_typessrc\FSE.php:63
actiongraphql_register_typessrc\Helper\WPGraphQL.php:9
actiongraphql_register_typessrc\Hook\GraphQL\Funder\Query.php:9
actiongraphql_register_typessrc\Hook\GraphQL\Insight\Query.php:9
filterrwmb_currency_valuesrc\Hook\MetaBox\Currency_Field.php:27
actionrwmb_enqueue_scriptssrc\Hook\MetaBox\Currency_Field.php:34
actionadmin_print_scriptssrc\Hook\MetaBox\Currency_Field.php:35
filterrwmb_meta_boxessrc\Hook\MetaBox\Fields.php:19
actionrest_api_initsrc\Hook\REST\FundingWall.php:12
actionsave_post_frzr_campaignsrc\Hook\WooCommerce\Admin.php:18
actionadd_meta_boxessrc\Hook\WooCommerce\Admin.php:158
actionsave_post_productsrc\Hook\WooCommerce\Admin.php:169
actionpre_get_postssrc\Hook\WooCommerce\Admin.php:215
actionadmin_initsrc\Hook\WooCommerce\Admin.php:240
filterviews_edit-productsrc\Hook\WooCommerce\Admin.php:242
filterwoocommerce_email_enabled_new_ordersrc\Hook\WooCommerce\Email.php:13
filterwoocommerce_email_enabled_customer_completed_ordersrc\Hook\WooCommerce\Email.php:14
filterwoocommerce_email_enabled_customer_processing_ordersrc\Hook\WooCommerce\Email.php:15
filterwoocommerce_email_enabled_customer_on_hold_ordersrc\Hook\WooCommerce\Email.php:16
filterwoocommerce_email_classessrc\Hook\WooCommerce\Email.php:18
actionwoocommerce_email_footersrc\Hook\WooCommerce\Email.php:19
actionwoocommerce_order_status_changedsrc\Hook\WooCommerce\Email.php:21
actionwp_headsrc\Hook\WooCommerce\Fields.php:20
filterwoocommerce_get_country_localesrc\Hook\WooCommerce\Fields.php:40
actionwoocommerce_sanitize_additional_fieldsrc\Hook\WooCommerce\Fields.php:129
actionwoocommerce_validate_additional_fieldsrc\Hook\WooCommerce\Fields.php:137
actionwoocommerce_set_additional_field_valuesrc\Hook\WooCommerce\Fields.php:148
actionwp_enqueue_scriptssrc\Hook\WooCommerce\Front.php:15
filterwoocommerce_product_classsrc\Hook\WooCommerce\Module.php:25
filterproduct_type_selectorsrc\Hook\WooCommerce\Module.php:32
filterwoocommerce_is_purchasablesrc\Hook\WooCommerce\Module.php:37
filterwoocommerce_admin_order_preview_actionssrc\Hook\WooCommerce\Module.php:45
actionwoocommerce_new_ordersrc\Hook\WooCommerce\Module.php:102
actionwoocommerce_update_options_generalsrc\Hook\WooCommerce\Module.php:114
filtertemplate_includesrc\Hook\WooCommerce\Module.php:168
filterwpseo_exclude_from_sitemap_by_post_idssrc\Hook\WooCommerce\Module.php:187
actionwoocommerce_before_calculate_totalssrc\Hook\WooCommerce\Services.php:18
actionwp_loadedsrc\Hook\WooCommerce\Services.php:20
actionenqueue_block_assetssrc\Loader.php:25
actioninitsrc\Loader.php:39
actionwoocommerce_initsrc\Loader.php:40
actionsave_postsrc\Modules\Campaign\Module.php:11
actionbefore_delete_postsrc\Modules\Campaign\Module.php:12
filterpre_render_blocksrc\Modules\Campaign\Module.php:13
filterquery_loop_block_query_varssrc\Modules\Campaign\Module.php:72
actionadmin_initsrc\Modules\Campaign\Posttypes.php:27
actionadmin_initsrc\Setup.php:10
Maintenance & Trust

Fundrizer Lite – Donation Plugin for Transparent Fundraising Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedOct 20, 2025
PHP min version8.0
Downloads3K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

Fundrizer Lite – Donation Plugin for Transparent Fundraising Alternatives

GiveWP – Donation Plugin and Fundraising Platform

GiveWP – Donation Plugin and Fundraising Platform

give

B
76

Accept donations and begin fundraising with GiveWP, the highest rated WordPress donation plugin for online giving.

100K 69 CVEs
Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More

Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More

charitable

B
80

The best WordPress donation plugin. Create fundraising donation forms, accept recurring donations, easy donor management, add crowdfunding, and more.

10K 14 CVEs
WhyDonate – FREE Donate button – Crowdfunding – Fundraising

WhyDonate – FREE Donate button – Crowdfunding – Fundraising

wp-whydonate

A
96

FREE Donation button for your website. Collect donations via Credit card, PayPal, VISA, iDeal, Sofort and Bancontact. Set up in minutes and safe!

800 3 CVEs
ActBlue Contributions

ActBlue Contributions

actblue-contributions

A
85

Easily embed your ActBlue contribution forms on any WordPress page. Designed and built by Upstatement.

400 No CVEs
Fundraising Thermometer by CouponBirds

Fundraising Thermometer by CouponBirds

fundraising-thermometer-by-couponbirds

A
85

Thousands of online campaigns are using this gauge. It is the No.1 rating giving thermometer WordPress plugin. And it is Totally FREE!

400 No CVEs
Developer Profile

Fundrizer Lite – Donation Plugin for Transparent Fundraising Developer Profile

LokusWP

3 plugins · 130 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Fundrizer Lite – Donation Plugin for Transparent Fundraising

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/fundrizer/assets/css/admin-style.css/wp-content/plugins/fundrizer/assets/css/frontend.css/wp-content/plugins/fundrizer/assets/js/admin-script.js/wp-content/plugins/fundrizer/assets/js/frontend.js
Script Paths
/wp-content/plugins/fundrizer/assets/js/admin-script.js/wp-content/plugins/fundrizer/assets/js/frontend.js
Version Parameters
fundrizer/assets/css/admin-style.css?ver=fundrizer/assets/css/frontend.css?ver=fundrizer/assets/js/admin-script.js?ver=fundrizer/assets/js/frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
fundrizer-admin-wrapfundrizer-donate-formfundrizer-campaign-loop
HTML Comments
<!-- Fundrizer Lite by LokusWP --><!-- Fundrizer Lite Shortcode --><!-- Fundrizer Lite Admin Notice -->
Data Attributes
data-fundrizer-campaign-iddata-fundrizer-goal-amountdata-fundrizer-currency
JS Globals
fundrizer_ajax_objectfundrizer_frontend_params
REST Endpoints
/wp-json/fundrizer/v1/donate/wp-json/fundrizer/v1/campaigns
Shortcode Output
[fundrizer_donate_form][fundrizer_campaign_list][fundrizer_single_campaign]
FAQ

Frequently Asked Questions about Fundrizer Lite – Donation Plugin for Transparent Fundraising