WP-Safety

Lootly Loyalty & Rewards Security & Risk Analysis

wordpress.org/plugins/lootly-for-woocommerce

Version 1.43 Lootly helps you build relationships with customers by rewarding them for interacting with your store or for driving referral sales.

10 active installs v1.43 PHP 5.6+ WP 3.7.1+ Updated Unknown
lootlyloyaltyreferralsrewardsvip-program
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Lootly Loyalty & Rewards Safe to Use in 2026?

Generally Safe

Score 100/100

Lootly Loyalty & Rewards has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs
Risk Assessment

The 'lootly-for-woocommerce' plugin version 1.43 presents a generally positive security posture based on the static analysis. The complete absence of identified vulnerabilities in its history, combined with a lack of critical or high-severity taint flows, suggests a well-maintained and secure codebase. The plugin also demonstrates good security practices such as using prepared statements for all SQL queries and implementing capability checks.

Key Concerns

  • Low output escaping coverage
  • External HTTP requests
Vulnerabilities
None known

Lootly Loyalty & Rewards Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Lootly Loyalty & Rewards Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
3 prepared
Unescaped Output
12
13 escaped
Nonce Checks
1
Capability Checks
2
File Operations
2
External Requests
11
Bundled Libraries
0

SQL Query Safety

100% prepared3 total queries

Output Escaping

52% escaped25 total outputs
Attack Surface

Lootly Loyalty & Rewards Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 26
actionadmin_menuclasses\Admin.php:37
actionwoocommerce_coupon_options_usage_restrictionclasses\Admin.php:38
actionwoocommerce_coupon_options_saveclasses\Admin.php:39
actionwoocommerce_order_status_changedclasses\api\Events.php:36
actionwoocommerce_after_order_object_saveclasses\api\Events.php:37
actionwoocommerce_add_to_cartclasses\api\Events.php:38
actionwoocommerce_calculate_totalsclasses\api\Events.php:39
actionwoocommerce_removed_couponclasses\api\Events.php:40
actionuser_registerclasses\api\Events.php:41
actionwoocommerce_refund_createdclasses\api\Events.php:42
actionprofile_updateclasses\api\Events.php:43
actionwp_loginclasses\api\Events.php:44
actionrender_block_woocommerce/cart-line-items-blockclasses\CartWidget.php:36
actionwoocommerce_before_cart_collateralsclasses\CartWidget.php:37
actionparse_requestclasses\rest\Router.php:39
actionrest_api_initclasses\rest\Router.php:40
actionwp_footerclasses\Widget.php:35
filterplugin_row_metalootly-woocommerce.php:48
actionplugins_loadedlootly-woocommerce.php:50
actionwp_enqueue_scriptslootly-woocommerce.php:52
actionwp_enqueue_scriptslootly-woocommerce.php:53
actionadmin_enqueue_scriptslootly-woocommerce.php:54
actionadmin_enqueue_scriptslootly-woocommerce.php:55
actionwoocommerce_coupon_is_validlootly-woocommerce.php:56
actionwoocommerce_coupon_is_valid_for_productlootly-woocommerce.php:57
actionwoocommerce_coupon_validate_minimum_amountlootly-woocommerce.php:58
Maintenance & Trust

Lootly Loyalty & Rewards Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5
Last updatedUnknown
PHP min version5.6
Downloads6K

Community Trust

Rating100/100
Number of ratings1
Active installs10
Alternatives

Lootly Loyalty & Rewards Alternatives

MyRewards

MyRewards

woorewards

A
98

Free top-rated points and rewards program to retain your customers, grow your sales and get new customers.

3K 2 CVEs
Loyalty Points Rewards and Referral for WooCommerce – WPLoyalty

Loyalty Points Rewards and Referral for WooCommerce – WPLoyalty

wployalty

A
100

Create WooCommerce points and rewards program with WPLoyalty to increase customer loyalty and boost sales. Reward customers to drive repeat purchases.

3K No CVEs
RewardsWP – Loyalty Points & Referral Program for WooCommerce

RewardsWP – Loyalty Points & Referral Program for WooCommerce

rewardswp

A
94

Turn customers into brand advocates with loyalty points and referral programs for WooCommerce and Easy Digital Downloads.

90 1 CVE
Lynked Loyalty

Lynked Loyalty

lynked-loyalty

A
100

Lynked Loyalty's Woocommerce plugin lets businesses integrate our rewards system both online and in-store, offering a seamless and modern loyalty …

0 No CVEs
ReferralYard

ReferralYard

referralyard

A
85

ReferralYard helps you build relationships with customers by rewarding them for driving referral sales.

0 No CVEs
Developer Profile

Lootly Loyalty & Rewards Developer Profile

ryanlootly

1 plugin · 10 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Lootly Loyalty & Rewards

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/lootly-for-woocommerce/assets/css/styles.css/wp-content/plugins/lootly-for-woocommerce/assets/css/admin-styles.css/wp-content/plugins/lootly-for-woocommerce/assets/js/widget.js/wp-content/plugins/lootly-for-woocommerce/assets/js/cart-widget.js
Script Paths
https://lootly.io/js/integrations/common/script.js
Version Parameters
lootly-styles?ver=lootly-admin-styles?ver=lootly-widget-js?ver=1lootly-cart-widget-script?ver=1.0.13

HTML / DOM Fingerprints

CSS Classes
lootly-widget-container
Data Attributes
data-lootly-widgetdata-lootly-cart
JS Globals
lootly_options
REST Endpoints
/wp-json/lootly/v1/cart/add/wp-json/lootly/v1/cart/update/wp-json/lootly/v1/cart/delete/wp-json/lootly/v1/cart/get/wp-json/lootly/v1/points/add/wp-json/lootly/v1/points/subtract/wp-json/lootly/v1/points/get
Shortcode Output
[lootly_widget][lootly_referral_widget][lootly_points_widget]
FAQ

Frequently Asked Questions about Lootly Loyalty & Rewards