Does Giveaway Lottery for WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in Giveaway Lottery for WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Giveaway Lottery for WooCommerce compatible with WordPress 6.9.4?

According to WordPress.org data, Giveaway Lottery for WooCommerce 1.1.7 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Giveaway Lottery for WooCommerce compatible with PHP 8.1+?

Giveaway Lottery for WooCommerce requires PHP 8.1 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Giveaway Lottery for WooCommerce updated?

Giveaway Lottery for WooCommerce was last updated on Mar 10, 2026. Frequent updates are generally a positive security signal.

What is Giveaway Lottery for WooCommerce's security score?

Giveaway Lottery for WooCommerce has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Giveaway Lottery for WooCommerce Security & Risk Analysis

wordpress.org/plugins/giveaway-lottery

Sell tickets, run giveaways, raffles, lotteries, and lucky draws in WooCommerce to boost engagement, sales, and customer loyalty.

200 active installs v1.1.7 PHP 8.1+ WP 6.5+ Updated Mar 10, 2026

giveawaylotterylucky-wheelrafflereward-points

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Giveaway Lottery for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Giveaway Lottery for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 24d ago

Risk Assessment

The "giveaway-lottery" v1.1.7 plugin exhibits a generally good security posture with a high percentage of prepared SQL statements and properly escaped output. The absence of known CVEs and critical severity taint flows are positive indicators. However, the plugin presents several areas of concern that warrant attention.

Specifically, the presence of 4 AJAX handlers without authentication checks significantly expands the attack surface. Coupled with 4 taint flows identified with unsanitized paths, these unprotected entry points pose a credible risk. While no critical or high severity taint flows were explicitly detailed, the nature of unsanitized paths in an unprotected context is inherently dangerous and could lead to vulnerabilities like path traversal or file inclusion if not handled carefully by subsequent code.

The plugin's vulnerability history is clean, suggesting a history of secure development or effective patching. However, the static analysis findings, particularly the unprotected AJAX handlers and unsanitized paths, highlight potential weaknesses that could be exploited even without a prior history of known vulnerabilities. A balanced conclusion suggests that while the plugin benefits from good coding practices in many areas, the identified attack vectors require immediate remediation to ensure robust security.

Key Concerns

Unprotected AJAX handlers (4)
Taint flows with unsanitized paths (4)
Capability checks missing on 4 AJAX handlers

Vulnerabilities

None known

Giveaway Lottery for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Giveaway Lottery for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

122 prepared

Unescaped Output

709 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

88% prepared139 total queries

Output Escaping

89% escaped797 total outputs

Data Flows

4 unsanitized

Data Flow Analysis

13 flows4 with unsanitized paths

wxgiveaway_admin_get_winner_details (inc\admin\check-winner-details\wxgiveaway-check-winner.php:24)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

4 unprotected

Giveaway Lottery for WooCommerce Attack Surface

Entry Points16

Unprotected4

AJAX Handlers 13

authwp_ajax_wxgiveaway_dismiss_reviewclass-giveaway-lottery.php:702

authwp_ajax_wxgiveaway_admin_get_winner_detailsinc\admin\check-winner-details\wxgiveaway-check-winner.php:22

authwp_ajax_giveaway_lottery_dismiss_noticeinc\admin\menu\class-bfcm-notice.php:16

authwp_ajax_get_lucky_wheel_winnersinc\admin\menu\lucky-wheel-admin.php:1662

noprivwp_ajax_get_lucky_wheel_winnersinc\admin\menu\lucky-wheel-admin.php:1663

authwp_ajax_download_lucky_wheel_winners_csvinc\admin\menu\lucky-wheel-admin.php:1851

noprivwp_ajax_download_lucky_wheel_winners_csvinc\admin\menu\lucky-wheel-admin.php:1852

authwp_ajax_wxgiveaway_get_analyticsinc\admin\menu\wxgiveaway-analytic-tab.php:275

authwp_ajax_wxgiveaway_calculate_drawsinc\admin\menu\wxgiveaway-analytic-tab.php:298

authwp_ajax_wxgiveaway_load_giveawaysinc\admin\menu\wxgiveaway-analytic-tab.php:568

authwp_ajax_wxgiveaway_welcome_api_callinc\admin\menu\wxgiveaway-dashboard-left-sid.php:629

authwp_ajax_wxgiveaway_spin_wheelinc\frontend\lucky-wheel.php:1516

noprivwp_ajax_wxgiveaway_spin_wheelinc\frontend\lucky-wheel.php:1517

Shortcodes 3

[wcs_lucky_wheel] inc\frontend\lucky-wheel.php:7

[wxg_winner_reveal] inc\frontend\winner.php:105

[ticket-check] inc\frontend\wxgiveaway-function.php:4

WordPress Hooks 74

actionwp_enqueue_scriptsclass-giveaway-lottery.php:5

actionadmin_enqueue_scriptsclass-giveaway-lottery.php:179

actionwxgiveaway_giveaway_winner_selection_actionclass-giveaway-lottery.php:608

actionwoocommerce_product_duplicateclass-giveaway-lottery.php:610

filterwoocommerce_cart_item_nameclass-giveaway-lottery.php:651

actionadmin_noticesclass-giveaway-lottery.php:690

actionadmin_initclass-giveaway-lottery.php:704

actioninitclass-giveaway-lottery.php:764

filterwoocommerce_quantity_input_argsclass-giveaway-lottery.php:931

actioninitgiveaway-lottery.php:288

filterplugin_row_metagiveaway-lottery.php:325

actionadmin_noticesgiveaway-lottery.php:334

filterwoocommerce_duplicate_product_exclude_metagiveaway-lottery.php:369

actionupgrader_process_completegiveaway-lottery.php:393

actionadmin_footerinc\admin\check-winner-details\wxgiveaway-check-winner.php:4

actionadmin_footerinc\admin\client-side-validation.php:2

filtermanage_edit-product_columnsinc\admin\giveaway-options.php:16

actionmanage_product_posts_custom_columninc\admin\giveaway-options.php:95

actioninitinc\admin\giveaway-options.php:100

filtermanage_woocommerce_page_wc-orders_columnsinc\admin\giveaway-options.php:179

actionmanage_woocommerce_page_wc-orders_custom_columninc\admin\giveaway-options.php:187

filterproduct_type_optionsinc\admin\giveaway-settings.php:4

filterwoocommerce_product_data_tabsinc\admin\giveaway-settings.php:19

actionwoocommerce_product_data_panelsinc\admin\giveaway-settings.php:32

actionwoocommerce_process_product_metainc\admin\giveaway-settings.php:131

actionwoocommerce_product_after_variable_attributesinc\admin\giveaway-settings.php:220

actionwoocommerce_save_product_variationinc\admin\giveaway-settings.php:243

actionadmin_noticesinc\admin\menu\class-bfcm-notice.php:14

actionadmin_enqueue_scriptsinc\admin\menu\class-bfcm-notice.php:15

actionadmin_enqueue_scriptsinc\admin\menu\wxgiveaway-analytic-tab.php:919

actionadmin_menuinc\admin\menu\wxgiveaway-dashboard-left-sid.php:5

actionadmin_menuinc\admin\menu\wxgiveaway-dashboard-left-sid.php:20

actionadmin_menuinc\admin\menu\wxgiveaway-dashboard-left-sid.php:31

actionadmin_enqueue_scriptsinc\admin\menu\wxgiveaway-dashboard-left-sid.php:659

actionwp_enqueue_scriptsinc\frontend\add-up\button-range-style.php:119

actionwoocommerce_shop_loop_item_titleinc\frontend\add-up\no-of-ticket.php:38

actionwoocommerce_before_add_to_cart_buttoninc\frontend\add-up\no-of-ticket.php:208

actionwoocommerce_shop_loop_item_titleinc\frontend\add-up\ticket-range.php:8

actionwoocommerce_before_add_to_cart_forminc\frontend\add-up\ticket-range.php:117

actionwoocommerce_after_shop_loop_iteminc\frontend\add-up\winner-button.php:6

actionwoocommerce_before_single_productinc\frontend\add-up\winner-button.php:42

actionwoocommerce_after_add_to_cart_buttoninc\frontend\add-up\winner-button.php:95

filterwoocommerce_post_classinc\frontend\add-up\wxgiveaway_class.php:39

filterwoocommerce_add_to_cart_validationinc\frontend\cart-checkout-validation.php:4

actionwoocommerce_after_checkout_validationinc\frontend\cart-checkout-validation.php:78

actionwoocommerce_store_api_cart_errorsinc\frontend\cart-checkout-validation.php:131

actionwoocommerce_order_status_changedinc\frontend\giveaway-tickets.php:38

actionwxgiveaway_after_ticket_generateinc\frontend\giveaway-tickets.php:187

filterwp_mail_content_typeinc\frontend\giveaway-tickets.php:293

filterwoocommerce_order_item_display_meta_keyinc\frontend\giveaway-tickets.php:558

actionwoocommerce_thankyouinc\frontend\giveaway-tickets.php:569

actionwoocommerce_view_orderinc\frontend\giveaway-tickets.php:571

filterwoocommerce_account_orders_columnsinc\frontend\giveaway-tickets.php:624

actionwoocommerce_my_account_my_orders_column_order-ticketsinc\frontend\giveaway-tickets.php:643

actionwoocommerce_after_order_itemmetainc\frontend\giveaway-tickets.php:704

filterwoocommerce_order_actionsinc\frontend\giveaway-tickets.php:775

actionwoocommerce_order_action_wxgiveaway_send_ticketsinc\frontend\giveaway-tickets.php:788

actionadmin_initinc\frontend\lucky-wheel-quantity-tracking.php:6

actionwoocommerce_cart_calculate_feesinc\frontend\lucky-wheel-quantity-tracking.php:83

actionwoocommerce_order_status_completedinc\frontend\lucky-wheel-quantity-tracking.php:174

actionwoocommerce_order_status_processinginc\frontend\lucky-wheel-quantity-tracking.php:175

filterwoocommerce_account_menu_itemsinc\frontend\lucky-wheel-quantity-tracking.php:275

actioninitinc\frontend\lucky-wheel-quantity-tracking.php:288

filterquery_varsinc\frontend\lucky-wheel-quantity-tracking.php:295

actionwoocommerce_account_lucky-wheel-products_endpointinc\frontend\lucky-wheel-quantity-tracking.php:302

actionwp_footerinc\frontend\lucky-wheel.php:1344

actionwp_footerinc\frontend\winner.php:214

filterbody_classinc\frontend\winner.php:237

actionwoocommerce_shop_loop_item_titleinc\frontend\winner.php:280

actionwoocommerce_before_add_to_cart_forminc\frontend\winner.php:317

actionwoocommerce_product_meta_startinc\frontend\winner.php:318

filterbody_classinc\frontend\wxgiveaway-function.php:105

filterwoocommerce_locate_templateinc\frontend\wxgiveaway-function.php:145

actionwoocommerce_before_add_to_cart_forminc\frontend\wxgiveaway-function.php:151

Scheduled Events 2

wxgiveaway_giveaway_winner_selection_action

Maintenance & Trust

Giveaway Lottery for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 10, 2026

PHP min version8.1

Downloads6K

Community Trust

Rating100/100

Number of ratings10

Active installs200

Alternatives

Giveaway Lottery for WooCommerce Alternatives

Raffle Play Woocommerce

raffle-play-woo

100

Raffle Play Woo is generating raffle tickets for woocommerce products, based on the number defined by the admin. Adds raffle tickets to your woocommer …

900 No CVEs

Raffle for WooCommerce

raffle-for-woocommerce

100

Run raffles with WooCommerce. Sell tickets, draw winners, and let customers buy tickets for friends and family.

10 No CVEs

Lucky Wheel Giveaway

wp-lucky-wheel

Collect customer's emails by spinning the lucky wheel game to get discount coupons.

600 1 CVE

Run Contests, Raffles, and Giveaways with ContestsWP

contest-code-checker

An easy to use WordPress plugin to do giveaways.

100 1 unpatched

SweepWidget – Contests, Giveaways, Sweepstakes & Photo Contests

sweepwidget

The best free WordPress contest tool to run giveaways, sweepstakes, photo contests, voting contests, raffles, and instant coupons.

100 1 CVE

Developer Profile

Giveaway Lottery for WooCommerce Developer Profile

WebCartisan

4 plugins · 370 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Giveaway Lottery for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/giveaway-lottery/assets/css/style.css/wp-content/plugins/giveaway-lottery/assets/css/frontend.css/wp-content/plugins/giveaway-lottery/assets/css/datetimepicker.css/wp-content/plugins/giveaway-lottery/assets/js/frontend.js/wp-content/plugins/giveaway-lottery/assets/js/datetimepicker.js

Script Paths

/wp-content/plugins/giveaway-lottery/assets/js/frontend.js/wp-content/plugins/giveaway-lottery/assets/js/datetimepicker.js

Version Parameters

giveaway-lottery/assets/css/style.css?ver=giveaway-lottery/assets/css/frontend.css?ver=giveaway-lottery/assets/css/datetimepicker.css?ver=giveaway-lottery/assets/js/frontend.js?ver=giveaway-lottery/assets/js/datetimepicker.js?ver=

HTML / DOM Fingerprints

CSS Classes

giveaway-lottery-wrappergiveaway-lottery-countdown-containergiveaway-lottery-winners-listwxgiveaway-countdownwxgiveaway-winners-tablewxgiveaway-ticket-generator-form

HTML Comments

Data Attributes

data-giveaway-iddata-product-iddata-end-timedata-countdown-formatdata-winner-reveal-page

JS Globals

wxgiveaway_frontend_params

Shortcode Output

[wxg_giveaway_countdown][wxg_giveaway_winners][wxg_winner_reveal]

FAQ