Does GamiPress – Reset User have any unpatched vulnerabilities?

No. All known vulnerabilities in GamiPress – Reset User have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is GamiPress – Reset User compatible with WordPress 6.6.5?

According to WordPress.org data, GamiPress – Reset User 1.0.1 has been tested up to WordPress 6.6.5. Check the plugin's changelog for the latest compatibility information.

How often is GamiPress – Reset User updated?

GamiPress – Reset User was last updated on Dec 1, 2025. Frequent updates are generally a positive security signal.

What is GamiPress – Reset User's security score?

GamiPress – Reset User has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

GamiPress – Reset User Security & Risk Analysis

wordpress.org/plugins/gamipress-reset-user

Reset all user earnings and logs from a single button.

400 active installs v1.0.1 PHP + WP 4.4+ Updated Dec 1, 2025

achievementsawardbadgesgamipresspoints

A · Safe

CVEs total1

Unpatched0

Last CVESep 4, 2024

Plugin page Download

Safety Verdict

Is GamiPress – Reset User Safe to Use in 2026?

Generally Safe

Score 99/100

GamiPress – Reset User has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Sep 4, 2024Updated 4mo ago

Risk Assessment

The gamipress-reset-user plugin v1.0.1 presents a mixed security picture. On the positive side, the static analysis shows a very limited attack surface with no exposed AJAX handlers, REST API routes, shortcodes, or cron events that lack authentication or permission checks. The taint analysis also indicates no identified critical or high-severity unsanitized flows, which is a strong positive. However, a significant concern is the handling of SQL queries, as 100% of the 5 detected queries do not use prepared statements. This makes the plugin vulnerable to SQL injection if any of the inputs feeding these queries are not strictly sanitized, which is not explicitly detailed in the static analysis but is a high risk given the context.

The plugin's vulnerability history, while having only one medium-severity CVE, is noteworthy. The fact that it was a Cross-Site Request Forgery (CSRF) vulnerability and the last one was very recent (2024-09-04) suggests a pattern of potentially insecure coding practices. While the current version has no unpatched CVEs, this history warrants caution. The presence of a nonce check and capability checks are good practices, but the complete lack of SQL prepared statements is a major weakness that overshadows the otherwise clean attack surface and taint analysis.

Key Concerns

100% of SQL queries use raw SQL, not prepared statements
Medium severity CSRF vulnerability in vulnerability history

Vulnerabilities

GamiPress – Reset User Security Vulnerabilities

CVEs by Year

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2024-8245medium · 4.3Cross-Site Request Forgery (CSRF)

GamiPress - Reset User <= 1.0.0 - Cross-Site Request Forgery to GamiPress User Data Removal

Sep 4, 2024 Patched in 1.0.1 (269d)

Code Analysis

Analyzed Mar 16, 2026

GamiPress – Reset User Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

4 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared5 total queries

Output Escaping

80% escaped5 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

gamipress_reset_user_process_user_data (includes\admin.php:58)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

GamiPress – Reset User Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 5

actionadmin_noticesgamipress-reset-users.php:93

actionplugins_loadedgamipress-reset-users.php:198

actionshow_user_profileincludes\admin.php:50

actionedit_user_profileincludes\admin.php:51

actionadmin_initincludes\admin.php:103

Maintenance & Trust

GamiPress – Reset User Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5

Last updatedDec 1, 2025

PHP min version

Downloads8K

Community Trust

Rating0/100

Number of ratings0

Active installs400

Alternatives

GamiPress – Reset User Alternatives

GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPress

gamipress

Boost your gamification marketing & reward your users with points, achievements, badges & ranks to increase your site activity & loyalty!

10K 15 CVEs

GamiPress – BadgeOS Importer

gamipress-badgeos-importer

100

Tool to migrate all stored data from BadgeOS to GamiPress

50 No CVEs

Connect GamiPress to Discord

connect-gamipress-and-discord

100

Create a community of your Members by connecting your GamiPress Website to your Discord server.

30 No CVEs

GamiPress – WPAchievements Importer

gamipress-wpachievements-importer

100

Tool to migrate all stored data from WPAchievements to GamiPress

10 No CVEs

Points Management System For Gamification, Ranks, Badges, and Loyalty Rewards Program – myCred

mycred

A WordPress gamification plugin is also a points management system. Award ranks, loyalty points and rewards or WooCommerce rewards to your users.

10K 1 unpatched

Developer Profile

GamiPress – Reset User Developer Profile

Ruben Garcia

30 plugins · 25K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

139 days

View full developer profile

Detection Fingerprints

How We Detect GamiPress – Reset User

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/gamipress-reset-user/includes/admin.php

Version Parameters

gamipress-reset-user/includes/admin.php?ver=gamipress-reset-user.php?ver=

HTML / DOM Fingerprints

CSS Classes

gamipress-reset-user-information

JS Globals

gamipress_reset_user

FAQ