Does Gift upon purchase for WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in Gift upon purchase for WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Gift upon purchase for WooCommerce compatible with WordPress 6.8.5?

According to WordPress.org data, Gift upon purchase for WooCommerce 2.0.1 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Gift upon purchase for WooCommerce compatible with PHP 7.4.0+?

Gift upon purchase for WooCommerce requires PHP 7.4.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Gift upon purchase for WooCommerce updated?

Gift upon purchase for WooCommerce was last updated on Nov 12, 2025. Frequent updates are generally a positive security signal.

What is Gift upon purchase for WooCommerce's security score?

Gift upon purchase for WooCommerce has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Gift upon purchase for WooCommerce Security & Risk Analysis

wordpress.org/plugins/gift-upon-purchase-for-woocommerce

This plugin will help create a gift when buying for WooCommerce.

200 active installs v2.0.1 PHP 7.4.0+ WP 5.9+ Updated Nov 12, 2025

bonusdiscountgiftproductwoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Gift upon purchase for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Gift upon purchase for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago

Risk Assessment

The "gift-upon-purchase-for-woocommerce" plugin version 2.0.1 exhibits a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all SQL queries and a very high percentage of properly escaped output. The absence of known CVEs and any recorded past vulnerabilities is also a strong indicator of a well-maintained and secure codebase over time.

However, a significant concern arises from the presence of an unprotected AJAX handler. With one total entry point and one unprotected, this represents a potential avenue for unauthorized actions. While taint analysis did not reveal critical or high-severity unsanitized paths, the 3 flows with unsanitized paths warrant attention, as they could lead to unintended consequences if further exploited. The plugin also utilizes a bundled library, Select2, which, if not kept up-to-date by the plugin developer, could introduce vulnerabilities.

Overall, the plugin's current state is relatively secure due to its robust SQL and output handling and lack of historical vulnerabilities. The primary risk lies in the single unprotected AJAX endpoint. Addressing this specific weakness, along with ensuring the bundled library is up-to-date, would significantly enhance its security.

Key Concerns

Unprotected AJAX handler
Flows with unsanitized paths (3)
Bundled library (Select2)

Vulnerabilities

None known

Gift upon purchase for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Gift upon purchase for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

107 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Select2

Output Escaping

97% escaped110 total outputs

Data Flows

3 unsanitized

Data Flow Analysis

7 flows3 with unsanitized paths

save_plugin_set (admin\class-gupfw-admin.php:399)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

Gift upon purchase for WooCommerce Attack Surface

Entry Points1

Unprotected1

AJAX Handlers 1

authwp_ajax_gupfw_select2includes\class-gupfw.php:247

WordPress Hooks 45

actionadmin_noticesgift-upon-purchase-for-woocommerce.php:152

actionadmin_noticesgift-upon-purchase-for-woocommerce.php:172

actionbefore_woocommerce_initgift-upon-purchase-for-woocommerce.php:184

actionshutdownincludes\class-gupfw-autoloader.php:96

actionadmin_print_footer_scriptsincludes\class-gupfw-feedback.php:83

actionadmin_initincludes\class-gupfw-feedback.php:90

filterwp_mail_content_typeincludes\class-gupfw-feedback.php:277

actionplugins_loadedincludes\class-gupfw.php:189

actionadmin_enqueue_scriptsincludes\class-gupfw.php:206

actionadmin_enqueue_scriptsincludes\class-gupfw.php:207

actioninitincludes\class-gupfw.php:210

actionwoocommerce_product_data_tabsincludes\class-gupfw.php:213

actionadmin_footerincludes\class-gupfw.php:214

actionwoocommerce_product_data_panelsincludes\class-gupfw.php:215

actionsave_postincludes\class-gupfw.php:216

actionadmin_footerincludes\class-gupfw.php:219

actionadmin_menuincludes\class-gupfw.php:227

actionadmin_initincludes\class-gupfw.php:230

actionadmin_initincludes\class-gupfw.php:233

filtergupfw_f_flag_save_if_emptyincludes\class-gupfw.php:236

actiongupfw_f_feedback_additional_infoincludes\class-gupfw.php:254

actionwp_enqueue_scriptsincludes\class-gupfw.php:271

actionwp_enqueue_scriptsincludes\class-gupfw.php:272

actionwoocommerce_before_add_to_cart_buttonincludes\class-gupfw.php:286

actionwoocommerce_before_quantity_input_fieldincludes\class-gupfw.php:291

actionwoocommerce_after_quantity_input_fieldincludes\class-gupfw.php:296

actionwoocommerce_product_meta_endincludes\class-gupfw.php:301

actionwoocommerce_product_meta_startincludes\class-gupfw.php:306

actionwoocommerce_product_meta_startincludes\class-gupfw.php:311

actionwoocommerce_shop_loop_item_titleincludes\class-gupfw.php:321

actionwoocommerce_after_shop_loop_item_titleincludes\class-gupfw.php:326

actionwoocommerce_after_shop_loop_itemincludes\class-gupfw.php:331

actionwoocommerce_shop_loop_item_titleincludes\class-gupfw.php:336

actiontemplate_redirectincludes\class-gupfw.php:341

actionwoocommerce_before_calculate_totalsincludes\class-gupfw.php:344

actionwoocommerce_before_mini_cart_contentsincludes\class-gupfw.php:345

filterwoocommerce_cart_item_remove_linkincludes\class-gupfw.php:348

actionwoocommerce_cart_item_removedincludes\class-gupfw.php:350

filterwoocommerce_cart_item_nameincludes\class-gupfw.php:352

actionset_current_userincludes\class-gupfw.php:355

actionwoocommerce_cart_couponincludes\class-gupfw.php:356

actionadmin_print_footer_scriptsincludes\common-libs\class-icpd-promo.php:145

actionadmin_noticesincludes\common-libs\class-icpd-set-admin-notices.php:68

actionplugins_loadedpublic\class-gupfw-public.php:973

actionplugins_loadedpublic\class-gupfw-public.php:981

Maintenance & Trust

Gift upon purchase for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedNov 12, 2025

PHP min version7.4.0

Downloads9K

Community Trust

Rating100/100

Number of ratings9

Active installs200

Alternatives

Gift upon purchase for WooCommerce Alternatives

GIFTiT – Free Gifts for WooCommerce

ithemeland-free-gifts-for-woo

100

Free Gifts for WooCommerce allows you to offer Free Gifts to your customers whenever they make a purchase on your site.

2K No CVEs

First Order Discount Woocommerce

first-order-discount-woocommerce

100

First Order Discount Woocommerce allows admin to offer discount to their customers on their first order with various conditions.

1K 1 CVE

Free Gift Product For Woocommerce

free-gifts-product-for-woocommerce

100

Free Gifts Product For Woocommerce Set a fee for gift and up your revenue with every order. WooCommerce Multiple Free Gift make to many way to gift p …

800 No CVEs

Free Gift for WooCommerce

woo-free-gift

100

Boost your WooCommerce store's conversions by offering automatic free gifts! This plugin lets you reward customers with free products based on ca …

300 No CVEs

MH Free Gifts for WooCommerce

mh-free-gifts-for-woocommerce

100

Offer free gifts automatically in WooCommerce! Set up smart rules based on cart value, items, or user roles — fully supports WooCommerce Blocks.

100 No CVEs

Developer Profile

Gift upon purchase for WooCommerce Developer Profile

icopydoc

14 plugins · 16K total installs

trust score

Avg Security Score

94/100

Avg Patch Time

102 days

View full developer profile

Detection Fingerprints

How We Detect Gift upon purchase for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/gift-upon-purchase-for-woocommerce/css/gupfw-admin.css/wp-content/plugins/gift-upon-purchase-for-woocommerce/css/gupfw-frontend.css/wp-content/plugins/gift-upon-purchase-for-woocommerce/js/gupfw-admin.js/wp-content/plugins/gift-upon-purchase-for-woocommerce/js/gupfw-frontend.js

Script Paths

/wp-content/plugins/gift-upon-purchase-for-woocommerce/js/gupfw-admin.js/wp-content/plugins/gift-upon-purchase-for-woocommerce/js/gupfw-frontend.js

Version Parameters

gift-upon-purchase-for-woocommerce/css/gupfw-admin.css?ver=gift-upon-purchase-for-woocommerce/css/gupfw-frontend.css?ver=gift-upon-purchase-for-woocommerce/js/gupfw-admin.js?ver=gift-upon-purchase-for-woocommerce/js/gupfw-frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes

gupfw-admin-noticegupfw-admin-setting-labelgupfw-admin-setting-inputgupfw-gift-in-cart-messagegupfw-gift-product-display

HTML Comments

Data Attributes

data-gupfw-product-iddata-gupfw-gift-iddata-gupfw-add-to-cart

JS Globals

window.gupfw_admin_paramswindow.gupfw_frontend_params

Shortcode Output

[gupfw_gift_display][gupfw_gift_button]

FAQ