WP-Safety

Happy Coders OTP Login for WooCommerce Security & Risk Analysis

wordpress.org/plugins/happy-coders-otp-login

Secure OTP login for WordPress & WooCommerce using SMS, WhatsApp, and Email. Send automated order alerts with the MSG91 API. Be passwordless!

10 active installs v2.6 PHP 7.4+ WP 5.0+ Updated Unknown
email-otpmsg91otpwhatsapp-otpwoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Happy Coders OTP Login for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Happy Coders OTP Login for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs
Risk Assessment

The "happy-coders-otp-login" plugin v2.6 demonstrates a generally strong security posture, particularly concerning its handling of input and output. The static analysis shows an impressive 98% of outputs are properly escaped, and 93% of SQL queries utilize prepared statements, which significantly mitigates common web vulnerabilities like Cross-Site Scripting (XSS) and SQL Injection. The absence of any recorded vulnerabilities in its history further supports this positive assessment, indicating a history of responsible development and maintenance. The plugin also appears to have a well-defined attack surface with all identified entry points protected by either nonce or capability checks, and no unsanitized taint flows were detected.

Vulnerabilities
None known

Happy Coders OTP Login for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Happy Coders OTP Login for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
1
14 prepared
Unescaped Output
5
307 escaped
Nonce Checks
9
Capability Checks
2
File Operations
0
External Requests
4
Bundled Libraries
0

SQL Query Safety

93% prepared15 total queries

Output Escaping

98% escaped312 total outputs
Data Flows
All sanitized

Data Flow Analysis

2 flows
hcotp_send_otp_ajax (happy-coders-otp-login.php:754)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Happy Coders OTP Login for WooCommerce Attack Surface

Entry Points13
Unprotected0

AJAX Handlers 12

authwp_ajax_hcotp_send_otp_ajaxhappy-coders-otp-login.php:334
noprivwp_ajax_hcotp_send_otp_ajaxhappy-coders-otp-login.php:335
authwp_ajax_hcotp_send_otp_ajaxhappy-coders-otp-login.php:935
noprivwp_ajax_hcotp_send_otp_ajaxhappy-coders-otp-login.php:936
authwp_ajax_hcotp_auto_login_userhappy-coders-otp-login.php:937
noprivwp_ajax_hcotp_auto_login_userhappy-coders-otp-login.php:938
authwp_ajax_hcotp_verify_otp_ajaxhappy-coders-otp-login.php:999
noprivwp_ajax_hcotp_verify_otp_ajaxhappy-coders-otp-login.php:1000
authwp_ajax_hcotp_send_email_otpincludes\hc-email-otp-functions.php:394
noprivwp_ajax_hcotp_send_email_otpincludes\hc-email-otp-functions.php:395
authwp_ajax_hcotp_verify_email_otpincludes\hc-email-otp-functions.php:471
noprivwp_ajax_hcotp_verify_email_otpincludes\hc-email-otp-functions.php:472

Shortcodes 1

[msg91_otp_form] happy-coders-otp-login.php:466
WordPress Hooks 30
actionplugins_loadedhappy-coders-otp-login.php:44
filterplugin_row_metahappy-coders-otp-login.php:147
actionwp_enqueue_scriptshappy-coders-otp-login.php:221
actionadmin_enqueue_scriptshappy-coders-otp-login.php:236
actionwp_footerhappy-coders-otp-login.php:496
actioninithappy-coders-otp-login.php:1208
filterwc_order_statuseshappy-coders-otp-login.php:1237
actionwoocommerce_before_customer_login_formhappy-coders-otp-login.php:1281
actionwoocommerce_after_customer_login_formhappy-coders-otp-login.php:1282
actionwoocommerce_before_registration_formhappy-coders-otp-login.php:1287
actionwoocommerce_after_registration_formhappy-coders-otp-login.php:1288
actiontemplate_redirecthappy-coders-otp-login.php:1290
actionadmin_noticeshappy-coders-otp-login.php:1389
actionadmin_inithappy-coders-otp-login.php:1405
actionadmin_inithappy-coders-otp-login.php:1436
actiontemplate_redirecthappy-coders-otp-login.php:1494
actionwoocommerce_before_account_navigationhappy-coders-otp-login.php:1540
actionwoocommerce_save_account_details_errorshappy-coders-otp-login.php:1542
actionwoocommerce_edit_account_form_fieldshappy-coders-otp-login.php:1588
actionwp_mail_failedincludes\hc-email-otp-functions.php:364
actionadmin_menuincludes\hc-msg91-settings.php:26
actionadmin_enqueue_scriptsincludes\hc-msg91-settings.php:43
actionadmin_initincludes\hc-msg91-settings.php:99
actionwoocommerce_thankyouincludes\hc-msg91-transactional-sms.php:187
actionwoocommerce_order_status_changedincludes\hc-msg91-transactional-sms.php:190
actionwoocommerce_cart_updatedincludes\hc-msg91-transactional-sms.php:193
actionhcotp_trigger_abandoned_cart_smsincludes\hc-msg91-transactional-sms.php:194
actionwoocommerce_checkout_order_processedincludes\hc-msg91-transactional-sms.php:195
actionadd_meta_boxesincludes\hc-msg91-transactional-sms.php:629
actionwoocommerce_process_shop_order_metaincludes\hc-msg91-transactional-sms.php:711

Scheduled Events 1

hcotp_trigger_abandoned_cart_sms
Maintenance & Trust

Happy Coders OTP Login for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedUnknown
PHP min version7.4
Downloads957

Community Trust

Rating100/100
Number of ratings6
Active installs10
Alternatives

Happy Coders OTP Login for WooCommerce Alternatives

WSMS (formerly WP SMS) – SMS & MMS Notifications with OTP and 2FA for WooCommerce

WSMS (formerly WP SMS) – SMS & MMS Notifications with OTP and 2FA for WooCommerce

wp-sms

A
95

Send SMS/MMS notifications, OTP & 2FA messages, and WooCommerce updates with support for multiple gateways and plugin integrations.

9K 15 CVEs
User Verification by PickPlugins

User Verification by PickPlugins

user-verification

A
88

Email verification for user registration to protect spam.

5K 2 CVEs
SMS Alert – SMS & OTP for WooCommerce, Order Notifications & Abandoned Cart Recovery

SMS Alert – SMS & OTP for WooCommerce, Order Notifications & Abandoned Cart Recovery

sms-alert

B
82

Send WooCommerce SMS notifications, OTP verification, abandoned cart recovery alerts, and real-time order updates to customers and admins.

4K 12 CVEs
OTP Login & Register Woocommerce

OTP Login & Register Woocommerce

mobile-login-woocommerce

A
96

Allow users to log in/sign up with a one-time password (OTP) sent to their mobile device.

2K 3 CVEs
OTP Login With Phone Number, OTP Verification

OTP Login With Phone Number, OTP Verification

login-with-phone-number

A
86

OTP login with phone, SMS, or WhatsApp. OTP verification for WordPress & WooCommerce using custom gateways. GDPR-compliant. Login with otp

1K 13 CVEs
Developer Profile

Happy Coders OTP Login for WooCommerce Developer Profile

Happy Coders

4 plugins · 70 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Happy Coders OTP Login for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/happy-coders-otp-login/assets/js/hc-msg91-otp.js/wp-content/plugins/happy-coders-otp-login/assets/css/hc-msg91-otp.css
Script Paths
/wp-content/plugins/happy-coders-otp-login/assets/js/hc-msg91-otp.js
Version Parameters
happy-coders-otp-login/assets/js/hc-msg91-otp.js?ver=happy-coders-otp-login/assets/css/hc-msg91-otp.css?ver=

HTML / DOM Fingerprints

CSS Classes
hcotp-login-formhcotp-otp-formhcotp-login-fieldshcotp-otp-fieldshcotp-resend-otp-btnhcotp-verify-otp-btnhcotp-otp-resend-timer
Data Attributes
data-site-urldata-ajax-urldata-noncedata-resend-timerdata-otp-lengthdata-email-otp-enabled+3 more
JS Globals
hcotp_params
FAQ

Frequently Asked Questions about Happy Coders OTP Login for WooCommerce