Does Notify For Purchase have any unpatched vulnerabilities?

No. All known vulnerabilities in Notify For Purchase have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Notify For Purchase compatible with WordPress 6.7.5?

According to WordPress.org data, Notify For Purchase 1.5.3 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

How often is Notify For Purchase updated?

Notify For Purchase was last updated on Nov 28, 2024. Frequent updates are generally a positive security signal.

What is Notify For Purchase's security score?

Notify For Purchase has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Notify For Purchase Security & Risk Analysis

wordpress.org/plugins/notify-for-purchase

Notify For Purchase allows you to get notified about every new purchase on your website instantly when a customer completes their order!

0 active installs v1.5.3 PHP + WP 5.8+ Updated Nov 28, 2024

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Notify For Purchase Safe to Use in 2026?

Generally Safe

Score 92/100

Notify For Purchase has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The "notify-for-purchase" v1.5.3 plugin demonstrates a strong security posture based on the provided static analysis and vulnerability history. The complete absence of identified entry points like AJAX handlers, REST API routes, shortcodes, and cron events, particularly those without authentication checks, significantly minimizes the plugin's attack surface. Furthermore, the code signals indicate good development practices, with all SQL queries utilizing prepared statements and all output being properly escaped. The lack of file operations and the controlled use of external HTTP requests also contribute positively to its security.

The taint analysis shows no flows with unsanitized paths, indicating that user-supplied data is likely being handled safely. The vulnerability history is also remarkably clean, with zero known CVEs, unpatched vulnerabilities, or recorded common vulnerability types. This suggests a history of secure development and maintenance.

Overall, the plugin appears to be very secure. The primary area of potential concern, though minimal, lies in the 4 external HTTP requests, which could theoretically be a vector if the external services are compromised or if the requests themselves are not properly secured (though the data doesn't explicitly indicate this is an issue). However, given the lack of other detected vulnerabilities and the positive indicators in the analysis, the risk is assessed as low. The plugin's strengths lie in its minimal attack surface and adherence to secure coding practices.

Vulnerabilities

None known

Notify For Purchase Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Notify For Purchase Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

88 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped88 total outputs

Data Flows

All sanitized

Data Flow Analysis

3 flows

<settings> (bin\settings.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Notify For Purchase Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 6

actionadmin_menunotify-for-new-purchase.php:26

actionwoocommerce_thankyounotify-for-new-purchase.php:135

actionwoocommerce_thankyounotify-for-new-purchase.php:136

actionadmin_noticesnotify-for-new-purchase.php:196

actionadmin_noticesnotify-for-new-purchase.php:259

actionadmin_enqueue_scriptsnotify-for-new-purchase.php:270

Maintenance & Trust

Notify For Purchase Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedNov 28, 2024

PHP min version

Downloads823

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Notify For Purchase Alternatives

No alternatives data available yet.

Developer Profile

Notify For Purchase Developer Profile

duckname

1 plugin · 0 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Notify For Purchase

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/notify-for-purchase/css/notify-admin-style.css/wp-content/plugins/notify-for-purchase/css/notify-frontend-style.css/wp-content/plugins/notify-for-purchase/js/notify-admin-script.js/wp-content/plugins/notify-for-purchase/js/notify-frontend-script.js

Script Paths

/wp-content/plugins/notify-for-purchase/js/notify-admin-script.js/wp-content/plugins/notify-for-purchase/js/notify-frontend-script.js

Version Parameters

notify-for-purchase/css/notify-admin-style.css?ver=notify-for-purchase/css/notify-frontend-style.css?ver=notify-for-purchase/js/notify-admin-script.js?ver=notify-for-purchase/js/notify-frontend-script.js?ver=

HTML / DOM Fingerprints

CSS Classes

notify-admin-tabsnav-tab-activenotify-admin-settingsnotify-new-purchase-noticenotify-purchase-details

Data Attributes

data-notify-order-iddata-notify-product-namedata-notify-customer-namedata-notify-order-total

JS Globals

notify_vars

FAQ