WP-Safety

LoyaltyX – Points and Rewards for WooCommerce – Build Customer Loyalty Program and Reward Purchases Security & Risk Analysis

wordpress.org/plugins/loyaltyx-points-and-rewards-for-woocommerce

Add a WooCommerce points and rewards program to your store. Customers earn points on every purchase and redeem them for discounts on cart & checkout.

10 active installs v1.0.1 PHP 7.4+ WP 6.5+ Updated Mar 15, 2026
customer-retentionloyalty-programpoints-and-rewardswoocommerce-loyaltywoocommerce-rewards
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is LoyaltyX – Points and Rewards for WooCommerce – Build Customer Loyalty Program and Reward Purchases Safe to Use in 2026?

Generally Safe

Score 100/100

LoyaltyX – Points and Rewards for WooCommerce – Build Customer Loyalty Program and Reward Purchases has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 19d ago
Risk Assessment

The "loyaltyx-points-and-rewards-for-woocommerce" plugin version 1.0.2 exhibits a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for nearly all SQL queries and properly escaping a high percentage of output. The absence of known CVEs and a clean vulnerability history are strong indicators of responsible development and maintenance. However, a significant concern arises from the substantial attack surface presented by 16 AJAX handlers, of which 7 lack authentication checks. This leaves a considerable portion of the plugin's functionality potentially accessible to unauthenticated users, creating a notable risk.

Key Concerns

  • 7 AJAX handlers without auth checks
  • 9 unsanitized taint flows (high severity)
Vulnerabilities
None known

LoyaltyX – Points and Rewards for WooCommerce – Build Customer Loyalty Program and Reward Purchases Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

LoyaltyX – Points and Rewards for WooCommerce – Build Customer Loyalty Program and Reward Purchases Code Analysis

Dangerous Functions
0
Raw SQL Queries
5
64 prepared
Unescaped Output
49
1193 escaped
Nonce Checks
22
Capability Checks
4
File Operations
0
External Requests
5
Bundled Libraries
1

Bundled Libraries

Select2

SQL Query Safety

93% prepared69 total queries

Output Escaping

96% escaped1242 total outputs
Data Flows
9 unsanitized

Data Flow Analysis

20 flows9 with unsanitized paths
ddfw_verify_license (devdiggers-framework\includes\class-ddfw-ajax.php:50)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
7 unprotected

LoyaltyX – Points and Rewards for WooCommerce – Build Customer Loyalty Program and Reward Purchases Attack Surface

Entry Points16
Unprotected7

AJAX Handlers 16

authwp_ajax_ddfw_verify_licensedevdiggers-framework\includes\class-ddfw-ajax.php:37
authwp_ajax_ddfw_get_products_listdevdiggers-framework\includes\class-ddfw-ajax.php:38
authwp_ajax_ddfw_get_categories_listdevdiggers-framework\includes\class-ddfw-ajax.php:39
authwp_ajax_ddfw_get_users_listdevdiggers-framework\includes\class-ddfw-ajax.php:40
authwp_ajax_ddfw_refresh_plugins_cachedevdiggers-framework\includes\class-ddfw-ajax.php:41
authwp_ajax_ddfw_newsletter_subscribedevdiggers-framework\includes\class-ddfw-ajax.php:42
authwp_ajax_ddfw_dismiss_review_noticedevdiggers-framework\includes\class-ddfw-review-notice.php:45
authwp_ajax_devdiggers_dismiss_notificationdevdiggers-framework\includes\class-devdiggers-notifications.php:51
authwp_ajax_ddwcpr_batch_import_pointsincludes\admin\admin-ajax-hooks.php:26
authwp_ajax_ddwcpr_batch_manual_adjustmentincludes\admin\admin-ajax-hooks.php:27
authwp_ajax_ddwcpr_get_all_usersincludes\admin\admin-ajax-hooks.php:28
authwp_ajax_ddwcpr_get_table_rowsincludes\front\front-ajax-hooks.php:26
noprivwp_ajax_ddwcpr_get_table_rowsincludes\front\front-ajax-hooks.php:27
authwp_ajax_ddwcpr_get_variation_points_messageincludes\front\front-ajax-hooks.php:28
noprivwp_ajax_ddwcpr_get_variation_points_messageincludes\front\front-ajax-hooks.php:29
authwp_ajax_ddwcpr_batch_import_pointsincludes\import-wizard.php:25
WordPress Hooks 44
actioninitdevdiggers-framework\global-functions.php:296
actionadmin_menudevdiggers-framework\includes\class-ddfw-admin.php:37
actionadmin_headdevdiggers-framework\includes\class-ddfw-admin.php:38
filterextra_plugin_headersdevdiggers-framework\includes\class-ddfw-admin.php:40
actionadmin_enqueue_scriptsdevdiggers-framework\includes\class-ddfw-assets.php:53
actionadmin_menudevdiggers-framework\includes\class-ddfw-plugin-dashboard.php:60
actionadmin_headdevdiggers-framework\includes\class-ddfw-plugin-dashboard.php:61
actionadmin_menudevdiggers-framework\includes\class-ddfw-plugin-dashboard.php:101
actionadmin_noticesdevdiggers-framework\includes\class-ddfw-review-notice.php:44
actionadmin_initdevdiggers-framework\includes\class-devdiggers-notifications.php:39
actionadmin_noticesdevdiggers-framework\includes\class-devdiggers-notifications.php:50
actionadmin_footerdevdiggers-framework\includes\class-devdiggers-notifications.php:54
actioninitfunctions.php:47
filterplugin_row_metafunctions.php:49
actionadmin_noticesfunctions.php:80
actionplugins_loadedfunctions.php:148
actionbefore_woocommerce_initfunctions.php:181
filterwoocommerce_enable_admin_help_tabincludes\admin\admin-hooks.php:26
actionadmin_initincludes\admin\admin-hooks.php:28
actionshow_user_profileincludes\admin\admin-hooks.php:30
actionedit_user_profileincludes\admin\admin-hooks.php:32
actionpersonal_options_updateincludes\admin\admin-hooks.php:34
actionedit_user_profile_updateincludes\admin\admin-hooks.php:36
actionwoocommerce_refund_createdincludes\admin\admin-hooks.php:38
filtertiny_mce_before_initincludes\admin\admin-hooks.php:40
actionadmin_noticesincludes\admin\admin-hooks.php:42
actionadmin_enqueue_scriptsincludes\admin-dashboard.php:45
filteradmin_footer_textincludes\admin-dashboard.php:46
filterddfw_modify_svg_iconsincludes\common\common-hooks.php:26
filterwoocommerce_email_classesincludes\common\common-hooks.php:28
filterwoocommerce_email_actionsincludes\common\common-hooks.php:30
filterwoocommerce_order_status_changedincludes\common\common-hooks.php:32
filterwoocommerce_cart_totals_coupon_labelincludes\common\common-hooks.php:35
actionwoocommerce_checkout_create_orderincludes\common\common-hooks.php:38
actionddwcpr_mail_notificationincludes\email-notification-handler.php:42
actionwp_enqueue_scriptsincludes\front\front-hooks.php:25
actionwoocommerce_after_single_product_summaryincludes\front\front-hooks.php:30
actionwoocommerce_product_thumbnailsincludes\front\front-hooks.php:32
actionwoocommerce_single_product_summaryincludes\front\front-hooks.php:34
filterquery_varsincludes\front\front-hooks.php:63
filterwoocommerce_account_menu_itemsincludes\front\front-hooks.php:66
filterthe_titleincludes\front\front-hooks.php:70
filtersidebars_widgetsincludes\front\front-hooks.php:72
actionwp_loadedincludes\front\front-hooks.php:75
Maintenance & Trust

LoyaltyX – Points and Rewards for WooCommerce – Build Customer Loyalty Program and Reward Purchases Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 15, 2026
PHP min version7.4
Downloads355

Community Trust

Rating100/100
Number of ratings4
Active installs10
Alternatives

LoyaltyX – Points and Rewards for WooCommerce – Build Customer Loyalty Program and Reward Purchases Alternatives

Simple Points and Rewards for WooCommerce – Create a Loyalty Program

Simple Points and Rewards for WooCommerce – Create a Loyalty Program

simple-points-and-rewards

A
100

WooCommerce Points and Rewards plugin. Create a simple but powerful loyalty program. Reward purchases, referrals, and much more.

100 No CVEs
XT Points & Rewards for WooCommerce

XT Points & Rewards for WooCommerce

xt-woo-points-rewards

A
92

Points and Rewards for WooCommerce that lets you reward your customers for purchases and other actions with points that can be redeemed for discounts.

90 No CVEs
HostPlugin – WooCommerce Points & Rewards

HostPlugin – WooCommerce Points & Rewards

hostplugin-woocommerce-points-and-rewards

A
85

Reward your loyal customers for purchases and other actions using points which can be redeemed for discounts on future purchase.

50 No CVEs
Customers Loyalty Program – Points and Rewards

Customers Loyalty Program – Points and Rewards

customers-loyalty-program-points-and-rewards

A
85

Complete solution for Customers Loyalty Program making.

10 No CVEs
Loystar for WooCommerce

Loystar for WooCommerce

loystar-woocommerce-loyalty-program

A
100

Integrate your WooCommerce store with Loystar loyalty platform for comprehensive customer retention and omni-channel loyalty programs.

10 No CVEs
Developer Profile

LoyaltyX – Points and Rewards for WooCommerce – Build Customer Loyalty Program and Reward Purchases Developer Profile

DevDiggers

2 plugins · 310 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect LoyaltyX – Points and Rewards for WooCommerce – Build Customer Loyalty Program and Reward Purchases

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/loyaltyx-points-and-rewards-for-woocommerce/assets/css/backend/ddwcpr-admin-style.css/wp-content/plugins/loyaltyx-points-and-rewards-for-woocommerce/assets/js/backend/ddwcpr-admin-script.js/wp-content/plugins/loyaltyx-points-and-rewards-for-woocommerce/assets/css/frontend/ddwcpr-frontend-style.css/wp-content/plugins/loyaltyx-points-and-rewards-for-woocommerce/assets/js/frontend/ddwcpr-frontend-script.js
Script Paths
/wp-content/plugins/loyaltyx-points-and-rewards-for-woocommerce/devdiggers-framework/assets/js/ddfw-app.js/wp-content/plugins/loyaltyx-points-and-rewards-for-woocommerce/devdiggers-framework/assets/js/ddfw-framework.js
Version Parameters
loyaltyx-points-and-rewards-for-woocommerce/assets/css/backend/ddwcpr-admin-style.css?ver=loyaltyx-points-and-rewards-for-woocommerce/assets/js/backend/ddwcpr-admin-script.js?ver=loyaltyx-points-and-rewards-for-woocommerce/assets/css/frontend/ddwcpr-frontend-style.css?ver=loyaltyx-points-and-rewards-for-woocommerce/assets/js/frontend/ddwcpr-frontend-script.js?ver=loyaltyx-points-and-rewards-for-woocommerce/devdiggers-framework/assets/js/ddfw-app.js?ver=loyaltyx-points-and-rewards-for-woocommerce/devdiggers-framework/assets/js/ddfw-framework.js?ver=

HTML / DOM Fingerprints

CSS Classes
ddwcpr-admin-styleddwcpr-admin-scriptddwcpr-frontend-styleddwcpr-frontend-script
HTML Comments
<!-- ddwcpr: LoyaltyX - Points and Rewards for WooCommerce. -->
Data Attributes
data-plugin-name="LoyaltyX - Points and Rewards for WooCommerce"data-plugin-prefix="ddwcpr"data-review-url="https://wordpress.org/support/plugin/loyaltyx-points-and-rewards-for-woocommerce/reviews/#new-post"
JS Globals
DDWCPR_ADMIN_SCRIPT_OBJECTDDWCPR_FRONTEND_SCRIPT_OBJECT
FAQ

Frequently Asked Questions about LoyaltyX – Points and Rewards for WooCommerce – Build Customer Loyalty Program and Reward Purchases