WP-Safety

Kount Fraud Prevention Security & Risk Analysis

wordpress.org/plugins/kount-fraud-prevention

Kount provides industry-leading fraud protection to reduce chargebacks and manual reviews while increasing approval rates and revenue.

40 active installs v2.3.0 PHP + WP + Updated Apr 14, 2026
chargebackfraud-preventionkountwoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Kount Fraud Prevention Safe to Use in 2026?

Generally Safe

Score 100/100

Kount Fraud Prevention has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The "kount-fraud-prevention" plugin version 2.3.0 exhibits a mixed security posture. On the positive side, the plugin demonstrates good practices by utilizing prepared statements for all SQL queries and ensuring a very high percentage of output escaping. The absence of known vulnerabilities in its history is also a strong indicator of diligent security practices. However, significant concerns arise from the attack surface analysis. The plugin exposes two REST API routes without any permission callbacks, making them accessible to unauthenticated users. This lack of authorization controls on entry points is a critical security weakness. Additionally, the taint analysis, though limited to a single flow, identified a flow with an unsanitized path, which could potentially lead to issues if exploited in conjunction with the unprotected REST API endpoints. The absence of nonce checks and capability checks further exacerbates the risk associated with these unprotected entry points.

Key Concerns

  • REST API routes without permission callbacks
  • Flow with unsanitized path identified in taint analysis
  • No nonce checks implemented
  • No capability checks implemented
Vulnerabilities
None known

Kount Fraud Prevention Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Kount Fraud Prevention Release Timeline

v2023.08.15b002
v2.3.0Current
v2.2.2
v2.2.1
v2.2.0
v2.1.2
v2.1.1
v2.1.0
v2.0.4
v2.0.3
v2.0.2
v2.0.1
v2.0.0
v1.1.5
v1.1.4
v1.1.3
v1.1.2
v1.1.1
vv1.1.1
v1.1.0
Code Analysis
Analyzed Apr 16, 2026

Kount Fraud Prevention Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
2 prepared
Unescaped Output
3
107 escaped
Nonce Checks
0
Capability Checks
0
File Operations
5
External Requests
3
Bundled Libraries
0

SQL Query Safety

100% prepared2 total queries

Output Escaping

97% escaped110 total outputs
Data Flows · Security
1 unsanitized

Data Flow Analysis

1 flows1 with unsanitized paths
<kount-admin-display> (admin/partials/kount-admin-display.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

Kount Fraud Prevention Attack Surface

Entry Points2
Unprotected2

REST API Routes 2

POST/wp-json/kountevent_responseadmin/class-kount-admin.php:93
GET/wp-json/kountlogadmin/class-kount-admin.php:102
WordPress Hooks 26
actionadmin_menuadmin/class-kount-admin.php:88
actionadmin_initadmin/class-kount-admin.php:89
actionrest_api_initadmin/class-kount-admin.php:92
actionrest_api_initadmin/class-kount-admin.php:101
actionwoocommerce_admin_order_data_after_order_detailsadmin/class-kount-admin.php:112
filtermanage_users_columnsincludes/class-kount-deactivator.php:51
actionplugins_loadedincludes/class-kount.php:257
actionadmin_enqueue_scriptsincludes/class-kount.php:271
actionadmin_enqueue_scriptsincludes/class-kount.php:272
actionlogin_initincludes/class-kount.php:273
actionlogin_initincludes/class-kount.php:274
actionwp_enqueue_scriptsincludes/class-kount.php:289
actionkfpwoo_retry_api_callincludes/class-kount.php:299
filterwoocommerce_thankyou_order_received_textincludes/class-kount.php:304
filterwoocommerce_new_order_note_dataincludes/class-kount.php:305
actionwoocommerce_order_status_changedincludes/class-kount.php:307
actionwoocommerce_order_payment_status_changedincludes/class-kount.php:308
actionwoocommerce_store_api_checkout_order_processedincludes/class-kount.php:311
actionwoocommerce_blocks_checkout_before_renderincludes/class-kount.php:312
actionwoocommerce_order_status_pending_to_cancelledincludes/class-kount.php:313
actionwoocommerce_checkout_order_createdincludes/class-kount.php:316
actionwoocommerce_checkout_order_processedincludes/class-kount.php:317
actionwoocommerce_before_checkout_form_cart_noticesincludes/class-kount.php:318
actionwoocommerce_before_checkout_formincludes/class-kount.php:319
actionwoocommerce_check_cart_itemsincludes/class-kount.php:320
actionwoocommerce_thankyouincludes/class-kount.php:324
Maintenance & Trust

Kount Fraud Prevention Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedApr 14, 2026
PHP min version
Downloads7K

Community Trust

Rating20/100
Number of ratings1
Active installs40
Alternatives

Kount Fraud Prevention Alternatives

FraudLabs Pro for WooCommerce

FraudLabs Pro for WooCommerce

fraudlabs-pro-for-woocommerce

A
98

Fraud prevention plugin for WooCommerce to minimize payment fraud and avoid chargebacks. With the FraudLabs Pro Micro Plan, you can get 500 free fraud &hellip;

1K 2 CVEs
BadActors.io Fraud Review for WooCommerce

BadActors.io Fraud Review for WooCommerce

badactorsio

A
100

Integrates WooCommerce with BadActors.io fraud detection API to help merchants identify, prevent and report fraudulent orders.

0 No CVEs
TrustLens – Customer Risk Intelligence & Abuse Detection for WooCommerce

TrustLens – Customer Risk Intelligence & Abuse Detection for WooCommerce

trustlens

A
100

Detect return abuse, coupon abuse, risky customers, and linked accounts in WooCommerce with behavior-based trust scores and risk segments.

0 No CVEs
Fraud Prevention For WooCommerce and EDD

Fraud Prevention For WooCommerce and EDD

woo-blocker-lite-prevent-fake-orders-and-blacklist-fraud-customers

A
95

It will Prevent fake orders and Blacklist fraud customers of your store.

5K 3 CVEs
Blacklist Manager – WooCommerce Anti-Fraud & Checkout Verification & Spam Prevention

Blacklist Manager – WooCommerce Anti-Fraud & Checkout Verification & Spam Prevention

wc-blacklist-manager

A
100

Anti-fraud, checkout verification and spam prevention plugin for WooCommerce and WordPress forms.

2K No CVEs
Developer Profile

Kount Fraud Prevention Developer Profile

Kount-TPA

1 plugin · 40 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Kount Fraud Prevention

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/kount-fraud-prevention/css/kount-public-style.css/wp-content/plugins/kount-fraud-prevention/js/kount-public-script.js/wp-content/plugins/kount-fraud-prevention/js/kount-admin-script.js
Script Paths
/wp-content/plugins/kount-fraud-prevention/js/kount-public-script.js/wp-content/plugins/kount-fraud-prevention/js/kount-admin-script.js/wp-content/plugins/kount-fraud-prevention/js/kount-ddc-script.js
Version Parameters
/wp-content/plugins/kount-fraud-prevention/css/kount-public-style.css?ver=/wp-content/plugins/kount-fraud-prevention/js/kount-public-script.js?ver=/wp-content/plugins/kount-fraud-prevention/js/kount-admin-script.js?ver=/wp-content/plugins/kount-fraud-prevention/js/kount-ddc-script.js?ver=

HTML / DOM Fingerprints

CSS Classes
kount-data-collector
HTML Comments
<!-- Kount Fraud Prevention Data Collector -->
Data Attributes
data-kount-data-collector-id
JS Globals
kfpwoo_ddc_paramsKount
REST Endpoints
/wp-json/kount/event_response/wp-json/kount/log
FAQ

Frequently Asked Questions about Kount Fraud Prevention