WP-Safety

ingenidev Gift Unlocker for woocommerce Security & Risk Analysis

wordpress.org/plugins/ingenidev-gift-unlocker-for-woocommerce

NEW Plugin! A powerful WooCommerce plugin that allows you to offer gift products to customers when they reach specific cart total thresholds.

0 active installs v1.0.0 PHP 7.4+ WP 5.0+ Updated Feb 9, 2026
cartfree-productsgiftspromotionswoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is ingenidev Gift Unlocker for woocommerce Safe to Use in 2026?

Generally Safe

Score 100/100

ingenidev Gift Unlocker for woocommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The plugin 'ingenidev-gift-unlocker-for-woocommerce' v1.0.0 exhibits a generally strong security posture based on the provided static analysis. All identified AJAX entry points have authorization checks, and there are no known vulnerabilities in its history. The code demonstrates good practices with a high percentage of properly escaped outputs and a significant number of nonce and capability checks. The absence of dangerous functions, file operations, and external HTTP requests further contributes to its secure design.

However, a notable concern arises from the handling of SQL queries. All four identified SQL queries are not using prepared statements. This is a significant risk as it makes the plugin vulnerable to SQL injection attacks, especially if any of the data used in these queries originates from user input. While no taint flows with unsanitized paths were detected in this specific analysis, the raw SQL usage presents a latent vulnerability that could be exploited with crafted input. The vulnerability history being clear is positive, but it does not negate the inherent risks posed by insecure database interactions.

In conclusion, the plugin has several strengths, including a well-protected attack surface and good output sanitization. The lack of past vulnerabilities is encouraging. The primary weakness, and a critical one, is the universal lack of prepared statements for SQL queries. This requires immediate attention to prevent potential data breaches and ensure the integrity of the WordPress site. Addressing this SQL query issue would significantly improve the overall security of the plugin.

Key Concerns

  • All SQL queries lack prepared statements
Vulnerabilities
None known

ingenidev Gift Unlocker for woocommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

ingenidev Gift Unlocker for woocommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
4
0 prepared
Unescaped Output
9
97 escaped
Nonce Checks
9
Capability Checks
6
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

0% prepared4 total queries

Output Escaping

92% escaped106 total outputs
Attack Surface

ingenidev Gift Unlocker for woocommerce Attack Surface

Entry Points11
Unprotected0

AJAX Handlers 11

authwp_ajax_ingenidev_save_gift_productincludes\class-gift-admin.php:36
authwp_ajax_ingenidev_delete_gift_productincludes\class-gift-admin.php:37
authwp_ajax_ingenidev_get_gift_productincludes\class-gift-admin.php:38
authwp_ajax_ingenidev_search_productsincludes\class-gift-admin.php:39
authwp_ajax_ingenidev_get_gift_products_stockincludes\class-gift-admin.php:40
authwp_ajax_ingenidev_toggle_product_statusincludes\class-gift-admin.php:41
authwp_ajax_ingenidev_gift_unlocker_get_cart_totalincludes\class-gift-manager.php:60
noprivwp_ajax_ingenidev_gift_unlocker_get_cart_totalincludes\class-gift-manager.php:61
authwp_ajax_ingenidev_gift_unlocker_get_cart_totalincludes\gift-ajax.php:49
noprivwp_ajax_ingenidev_gift_unlocker_get_cart_totalincludes\gift-ajax.php:50
authwp_ajax_ingenidev_search_simple_productsincludes\gift-ajax.php:96
WordPress Hooks 38
actionadmin_initincludes\class-gift-admin.php:26
actionadmin_menuincludes\class-gift-admin.php:34
actionadmin_enqueue_scriptsincludes\class-gift-admin.php:35
filterwoocommerce_coupon_errorincludes\class-gift-manager.php:34
actionwoocommerce_cart_item_removedincludes\class-gift-manager.php:37
filterwoocommerce_is_purchasableincludes\class-gift-manager.php:40
filterwoocommerce_loop_add_to_cart_linkincludes\class-gift-manager.php:43
actionwoocommerce_single_product_summaryincludes\class-gift-manager.php:44
actionwoocommerce_single_product_summaryincludes\class-gift-manager.php:47
actionwoocommerce_before_calculate_totalsincludes\class-gift-manager.php:50
filterwoocommerce_add_to_cart_validationincludes\class-gift-manager.php:53
actionwoocommerce_after_cart_item_quantity_updateincludes\class-gift-manager.php:54
filterwoocommerce_loop_add_to_cart_linkincludes\class-gift-manager.php:57
filterwoocommerce_coupon_errorincludes\gift-hooks.php:25
actionwoocommerce_cart_item_removedincludes\gift-hooks.php:28
filterwoocommerce_is_purchasableincludes\gift-hooks.php:31
filterwoocommerce_loop_add_to_cart_linkincludes\gift-hooks.php:34
actionwoocommerce_single_product_summaryincludes\gift-hooks.php:35
actionwoocommerce_single_product_summaryincludes\gift-hooks.php:38
actionwoocommerce_before_calculate_totalsincludes\gift-hooks.php:41
filterwoocommerce_get_cart_item_from_sessionincludes\gift-hooks.php:44
filterwoocommerce_add_to_cart_validationincludes\gift-hooks.php:47
actionwoocommerce_after_cart_item_quantity_updateincludes\gift-hooks.php:48
filterwoocommerce_loop_add_to_cart_linkincludes\gift-hooks.php:51
actionwoocommerce_before_shop_loopincludes\gift-hooks.php:54
actionwp_enqueue_scriptsincludes\gift-hooks.php:57
filterwoocommerce_product_get_priceincludes\gift-hooks.php:60
filterwoocommerce_product_get_sale_priceincludes\gift-hooks.php:61
filterwoocommerce_product_variation_get_priceincludes\gift-hooks.php:62
filterwoocommerce_product_variation_get_sale_priceincludes\gift-hooks.php:63
filterwoocommerce_cart_item_priceincludes\gift-hooks.php:119
filterwoocommerce_cart_item_subtotalincludes\gift-hooks.php:120
filterwoocommerce_get_price_htmlincludes\gift-hooks.php:121
filterwoocommerce_cart_subtotalincludes\gift-hooks.php:123
filterwoocommerce_cart_totalincludes\gift-hooks.php:124
actionplugins_loadedingenidev-gift-unlocker.php:74
actionadmin_noticesingenidev-gift-unlocker.php:84
actionbefore_woocommerce_initingenidev-gift-unlocker.php:89
Maintenance & Trust

ingenidev Gift Unlocker for woocommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 9, 2026
PHP min version7.4
Downloads101

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

ingenidev Gift Unlocker for woocommerce Alternatives

Cart Abandonment Recovery for WooCommerce – Recover Lost Sales with Automated Emails

Cart Abandonment Recovery for WooCommerce – Recover Lost Sales with Automated Emails

woo-cart-abandonment-recovery

A
100

Every store loses sales to cart abandonment. But with Cart Abandonment Recovery for WooCommerce, you can win them back—automatically.

300K 1 CVE
ShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce Solution

ShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce Solution

shopengine

A
96

WooCommerce builder for Elementor and Gutenberg. It offers product templates, product sliders, shopping cart, quick view, Woo wishlist, product filter …

90K 4 CVEs
Side Cart Woocommerce | Woocommerce Cart

Side Cart Woocommerce | Woocommerce Cart

side-cart-woocommerce

A
98

Manage your cart from just a click away with an interactive design

80K 3 CVEs
Direct Checkout for WooCommerce

Direct Checkout for WooCommerce

woocommerce-direct-checkout

A
100

Formerly "WooCommerce Direct Checkout". This plugin simplifies the entire WooCommerce checkout process to improve your sales rate.

80K No CVEs
Menu Cart for WooCommerce

Menu Cart for WooCommerce

woocommerce-menu-bar-cart

A
100

Automatically displays a shopping cart in your menu bar. Works with WooCommerce and Easy Digital Downloads (EDD)

80K 1 CVE
Developer Profile

ingenidev Gift Unlocker for woocommerce Developer Profile

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect ingenidev Gift Unlocker for woocommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/ingenidev-gift-unlocker-for-woocommerce/assets/css/gift-unlocker-admin.css/wp-content/plugins/ingenidev-gift-unlocker-for-woocommerce/assets/js/gift-unlocker-admin.js/wp-content/plugins/ingenidev-gift-unlocker-for-woocommerce/assets/js/gift-unlocker-frontend.js
Version Parameters
ingenidev-gift-unlocker-for-woocommerce/assets/css/gift-unlocker-admin.css?ver=ingenidev-gift-unlocker-for-woocommerce/assets/js/gift-unlocker-admin.js?ver=ingenidev-gift-unlocker-for-woocommerce/assets/js/gift-unlocker-frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
ingenidev-gift-unlocker-settings
HTML Comments
Prevent direct accessAdmin Interface ClassHandles the admin interface for managing gift productsGift Admin Class+28 more
Data Attributes
data-gift-product-iddata-min-cart-totaldata-max-quantitydata-categories
JS Globals
ingenidev_gift_unlocker_admin_paramsingenidev_gift_unlocker_frontend_params
REST Endpoints
/wp-json/ingenidev-gift-unlocker/v1/gift-products
FAQ

Frequently Asked Questions about ingenidev Gift Unlocker for woocommerce