Does Simple Download Manager – Hizzle Downloads have any unpatched vulnerabilities?

No. All known vulnerabilities in Simple Download Manager – Hizzle Downloads have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Simple Download Manager – Hizzle Downloads compatible with WordPress 6.9.4?

According to WordPress.org data, Simple Download Manager – Hizzle Downloads 1.2.8 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Simple Download Manager – Hizzle Downloads compatible with PHP 7.0+?

Simple Download Manager – Hizzle Downloads requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Simple Download Manager – Hizzle Downloads updated?

Simple Download Manager – Hizzle Downloads was last updated on Jan 29, 2026. Frequent updates are generally a positive security signal.

What is Simple Download Manager – Hizzle Downloads's security score?

Simple Download Manager – Hizzle Downloads has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Simple Download Manager – Hizzle Downloads Security & Risk Analysis

wordpress.org/plugins/hizzle-downloads

Easily add, restrict, and track digital downloads in WordPress — protect files with passwords, user roles, IPs, or subscriber access.

10 active installs v1.2.8 PHP 7.0+ WP 5.5+ Updated Jan 29, 2026

digital-downloadsdownload-managerdownloadsfilesrestrict-downloads

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Simple Download Manager – Hizzle Downloads Safe to Use in 2026?

Generally Safe

Score 100/100

Simple Download Manager – Hizzle Downloads has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago

Risk Assessment

The "hizzle-downloads" v1.2.8 plugin exhibits a generally strong security posture based on the provided static analysis and vulnerability history. The plugin demonstrates excellent adherence to best practices by having 100% of its outputs properly escaped and all identified SQL queries using prepared statements. Furthermore, the absence of known vulnerabilities (CVEs) and a clean taint analysis report with no unsanitized paths or critical/high severity flows are significant strengths, indicating a well-maintained and secure codebase.

However, a few areas warrant consideration for potential, albeit low, risk. The presence of file operations and external HTTP requests, while not inherently insecure, are points where vulnerabilities could potentially be introduced if not handled with extreme care. The plugin's attack surface, though currently reported as having zero unprotected entry points, consists of two shortcodes and one cron event, which, while small, are still potential avenues for interaction. The single nonce check and three capability checks suggest that while security measures are in place, a more granular approach might further strengthen its defenses.

In conclusion, "hizzle-downloads" v1.2.8 appears to be a secure plugin with a strong emphasis on core security practices. The lack of historical vulnerabilities and clean static analysis results are highly positive indicators. The identified points for potential concern are minor and are typical considerations for any plugin of this nature. The overall risk is assessed as low.

Key Concerns

Presence of file operations
Presence of external HTTP requests
Limited number of capability checks (3)
Limited number of nonce checks (1)

Vulnerabilities

None known

Simple Download Manager – Hizzle Downloads Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Simple Download Manager – Hizzle Downloads Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

95 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Select2

SQL Query Safety

50% prepared4 total queries

Output Escaping

100% escaped95 total outputs

Data Flows

All sanitized

Data Flow Analysis

1 flows

<Download_Handler> (src\Download_Handler.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Simple Download Manager – Hizzle Downloads Attack Surface

Entry Points2

Unprotected0

Shortcodes 2

[hizzle-downloads] src\Plugin.php:144

[hizzle-download] src\Plugin.php:145

WordPress Hooks 38

actionadmin_enqueue_scriptssrc\Admin\Admin.php:88

actionadmin_initsrc\Admin\Admin.php:89

actionhizzle_downloads_admin_delete_downloadsrc\Admin\Admin.php:90

actionhizzle_downloads_admin_save_downloadsrc\Admin\Downloads.php:29

actionhizzle_admin_display_downloadssrc\Admin\Downloads.php:32

filterupload_dirsrc\Admin\Downloads.php:35

filterwp_unique_filenamesrc\Admin\Downloads.php:36

actionmedia_upload_hizzle_downloadable_filesrc\Admin\Downloads.php:37

actionadmin_menusrc\Admin\Menus.php:22

actionadmin_menusrc\Admin\Menus.php:23

actionadmin_menusrc\Admin\Menus.php:24

filterset-screen-optionsrc\Admin\Menus.php:26

actionhizzle_downloads_admin_hide_noticesrc\Admin\Notices.php:39

actionadmin_print_stylessrc\Admin\Notices.php:43

actionadmin_noticessrc\Admin\Notices.php:167

actionadmin_noticessrc\Admin\Notices.php:169

actionhizzle_downloads_admin_save_settingssrc\Admin\Settings.php:27

actionhizzle_downloads_admin_display_settingssrc\Admin\Settings.php:30

actionwp_loadedsrc\Download_Handler.php:24

actionhizzle_download_file_redirectsrc\Download_Handler.php:27

actionhizzle_download_file_xsendfilesrc\Download_Handler.php:28

actionhizzle_download_file_forcesrc\Download_Handler.php:29

filterhizzle_download_conditional_logic_rule_met_ip_addresssrc\functions.php:417

filterhizzle_download_conditional_logic_rule_met_user_idsrc\functions.php:429

filterhizzle_download_conditional_logic_rule_met_user_rolesrc\functions.php:444

filterhizzle_download_conditional_logic_rule_met_noptinsrc\functions.php:459

actionrest_api_initsrc\GitHub_Updater.php:41

actionhizzle_downloads_process_github_releasesrc\GitHub_Updater.php:44

actioninitsrc\Installer.php:23

actionhizzle_downloads_verify_db_tablessrc\Installer.php:24

filterwpmu_drop_tablessrc\Installer.php:25

actioninitsrc\Plugin.php:96

actionenqueue_block_editor_assetssrc\Plugin.php:97

filterhizzle_logger_admin_show_menusrc\REST.php:47

actionrest_api_initsrc\REST_Versions.php:41

actionhizzle_download_download_createdsrc\S3_Syncer.php:31

actionhizzle_download_download_updatedsrc\S3_Syncer.php:32

actionhizzle_downloads_upload_to_s3src\S3_Syncer.php:35

Scheduled Events 1

hizzle_downloads_process_github_release

Maintenance & Trust

Simple Download Manager – Hizzle Downloads Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 29, 2026

PHP min version7.0

Downloads4K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Simple Download Manager – Hizzle Downloads Alternatives

Download Manager MS

download-manager-ms

Download manager with multisite support. Stats charts, shortcodes for download buttons and forms, easy file uploads, and much more.

10 No CVEs

Easy Media Download

easy-media-download

Easy Media Download allows you to embed download buttons on your WordPress site. Add file download functionality with this WordPress download plugin.

9K 3 CVEs

Bulk Edit Posts and Products in Spreadsheet

wp-sheet-editor-bulk-spreadsheet-editor-for-posts-and-pages

100

Modern Bulk Editor for Posts and Pages, create and edit hundreds of posts at once in a spreadsheet inside wp-admin. Search and quick edits.

9K No CVEs

WP-DownloadManager

wp-downloadmanager

Adds a simple download manager to your WordPress blog.

3K 10 CVEs

Premium Packages – Sell Digital Products Securely

wpdm-premium-packages

Premium Packages is a free, full-featured WordPress eCommerce plugin to sell digital products easily and securely.

3K 9 CVEs

Developer Profile

Simple Download Manager – Hizzle Downloads Developer Profile

Noptin Newsletter Team

5 plugins · 11K total installs

trust score

Avg Security Score

96/100

Avg Patch Time

278 days

View full developer profile

Detection Fingerprints

How We Detect Simple Download Manager – Hizzle Downloads

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/hizzle-downloads/assets/admin.css/wp-content/plugins/hizzle-downloads/assets/select2.min.css/wp-content/plugins/hizzle-downloads/assets/select2.min.js/wp-content/plugins/hizzle-downloads/assets/vue.js/wp-content/plugins/hizzle-downloads/assets/edit-download.js/wp-content/plugins/hizzle-downloads/assets/settings.js

Script Paths

Version Parameters

hizzle-downloads/assets/admin.css?ver=hizzle-downloads/assets/select2.min.css?ver=hizzle-downloads/assets/select2.min.js?ver=hizzle-downloads/assets/vue.js?ver=hizzle-downloads/assets/edit-download.js?ver=hizzle-downloads/assets/settings.js?ver=

HTML / DOM Fingerprints

CSS Classes

hizzle-downloads-password-inner

HTML Comments

fake post to prevent notices in wp_enqueue_scripts call render simple page with form in it. hide all other elements

Data Attributes

hizzle_downloads_admin_actionhizzle_downloads_nonce

FAQ