WP-Safety

افزونه پیامک ایزی دیجتال دانلود ( EDD ) payamito sms easy digital download Security & Risk Analysis

wordpress.org/plugins/payamito-easy-digital-downloads-sms

افزونه ارسال پیامک پیامیتو

10 active installs v1.4.0 PHP 7.4.0+ WP 5.0.5+ Updated Unknown
sms-payamito
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is افزونه پیامک ایزی دیجتال دانلود ( EDD ) payamito sms easy digital download Safe to Use in 2026?

Generally Safe

Score 100/100

افزونه پیامک ایزی دیجتال دانلود ( EDD ) payamito sms easy digital download has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs
Risk Assessment

The "payamito-easy-digital-downloads-sms" plugin v1.4.0 exhibits a mixed security posture. While it demonstrates good practices such as utilizing prepared statements for the majority of its SQL queries and a relatively high percentage of properly escaped output, several areas raise significant concern. The presence of two "unserialize" calls is a critical red flag, as deserialization vulnerabilities can lead to arbitrary code execution if not handled with extreme caution and proper validation. Furthermore, the plugin exposes a substantial attack surface with 7 AJAX handlers, 5 of which lack authentication checks. This allows unauthenticated users to potentially interact with sensitive functionalities, increasing the risk of exploitation.

The taint analysis shows no unsanitized paths, which is a positive indicator. The plugin's vulnerability history is also clean, with no recorded CVEs. This suggests that in the past, the plugin has not been a target for known vulnerabilities or has been well-maintained in that regard. However, the lack of past vulnerabilities does not negate the current risks identified in the static analysis. The combination of dangerous functions like unserialize and a large, unprotected AJAX endpoint surface presents a clear and present danger that outweighs the positive aspects of its SQL and output escaping practices.

Key Concerns

  • Unprotected AJAX handlers
  • Dangerous function: unserialize
  • Low percentage of properly escaped output
  • Insufficient nonce checks
  • Limited capability checks
Vulnerabilities
None known

افزونه پیامک ایزی دیجتال دانلود ( EDD ) payamito sms easy digital download Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

افزونه پیامک ایزی دیجتال دانلود ( EDD ) payamito sms easy digital download Code Analysis

Dangerous Functions
2
Raw SQL Queries
5
12 prepared
Unescaped Output
15
29 escaped
Nonce Checks
1
Capability Checks
2
File Operations
0
External Requests
1
Bundled Libraries
1

Dangerous Functions Found

unserialize$other_version = unserialize( $core_version )['version'];includes\class-install.php:44
unserialize$core = unserialize( $core );includes\functions.php:18

Bundled Libraries

jQuery

SQL Query Safety

71% prepared17 total queries

Output Escaping

66% escaped44 total outputs
Data Flows
All sanitized

Data Flow Analysis

1 flows
<class-sent> (includes\core\payamito-core\admin\class-sent.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
5 unprotected

افزونه پیامک ایزی دیجتال دانلود ( EDD ) payamito sms easy digital download Attack Surface

Entry Points7
Unprotected5

AJAX Handlers 7

authwp_ajax_Payamito_requestincludes\class-ajax.php:34
noprivwp_ajax_Payamito_requestincludes\class-ajax.php:35
noprivwp_ajax_payamito_exportincludes\core\payamito-core\admin\class-payamito-admin.php:58
authwp_ajax_payamito_exportincludes\core\payamito-core\admin\class-payamito-admin.php:59
authwp_ajax_init_ajaxincludes\core\payamito-core\admin\class-payamito-admin.php:60
authwp_ajax_init_ajaxincludes\core\payamito-core\includes\class-payamito.php:163
authwp_ajax_sendincludes\core\payamito-core\includes\direct-send\class-direct-send.php:43
WordPress Hooks 29
filterpayamito_add_sectionincludes\admin\class-settings.php:30
actionadmin_footerincludes\admin\class-settings.php:32
actionadmin_enqueue_scriptsincludes\admin\class-settings.php:34
actionedd_update_payment_statusincludes\class-edd.php:39
actionedd_purchase_form_user_info_fieldsincludes\class-mobile-field.php:42
actionedd_checkout_error_checksincludes\class-mobile-field.php:44
filteredd_payment_metaincludes\class-mobile-field.php:46
actionedd_payment_personal_details_listincludes\class-mobile-field.php:48
actiontgmpa_registerincludes\class-plugins-required.php:25
actionplugins_loadedincludes\core\payamito-core\admin\class-payamito-admin.php:56
actionadmin_menuincludes\core\payamito-core\admin\class-payamito-admin.php:57
actionkianfr_options_after_headerincludes\core\payamito-core\admin\settings\summary-box.php:6
filtercron_schedulesincludes\core\payamito-core\includes\class-payamito-cron.php:12
actionpayamito_remove_logincludes\core\payamito-core\includes\class-payamito-cron.php:14
actionadmin_enqueue_scriptsincludes\core\payamito-core\includes\class-payamito.php:164
actionadmin_enqueue_scriptsincludes\core\payamito-core\includes\class-payamito.php:165
actionwp_enqueue_scriptsincludes\core\payamito-core\includes\class-payamito.php:179
actionwp_enqueue_scriptsincludes\core\payamito-core\includes\class-payamito.php:180
actionadmin_enqueue_scriptsincludes\core\payamito-core\includes\class-payamito.php:182
actionwp_enqueue_scriptsincludes\core\payamito-core\includes\class-payamito.php:184
actionplugins_loadedincludes\core\payamito-core\includes\class-payamito.php:186
actionadmin_initincludes\core\payamito-core\includes\direct-send\class-direct-send.php:32
actionadmin_enqueue_scriptsincludes\core\payamito-core\includes\direct-send\class-direct-send.php:42
filterpayamito_add_sectionincludes\core\payamito-core\includes\direct-send\class-direct-send.php:120
actionpayamito_loadedincludes\core\payamito-core\includes\direct-send\class-direct-send.php:240
actionplugins_loadedincludes\payamito-edd.php:142
actionplugins_loadedincludes\payamito-edd.php:227
actionplugins_loadedincludes\payamito-edd.php:271
actionwp_enqueue_scriptsincludes\payamito-edd.php:272

Scheduled Events 1

payamito_remove_log
Maintenance & Trust

افزونه پیامک ایزی دیجتال دانلود ( EDD ) payamito sms easy digital download Maintenance & Trust

Maintenance Signals

WordPress version tested6.5.8
Last updatedUnknown
PHP min version7.4.0
Downloads1K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

افزونه پیامک ایزی دیجتال دانلود ( EDD ) payamito sms easy digital download Alternatives

Payamito Core

Payamito Core

payamito-core

A
85

افزونه هسته پیامیتو

0 No CVEs
Developer Profile

افزونه پیامک ایزی دیجتال دانلود ( EDD ) payamito sms easy digital download Developer Profile

payamito

2 plugins · 10 total installs

89
trust score
Avg Security Score
93/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect افزونه پیامک ایزی دیجتال دانلود ( EDD ) payamito sms easy digital download

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/payamito-easy-digital-downloads-sms/includes/admin/assets/css/admin-app.css/wp-content/plugins/payamito-easy-digital-downloads-sms/includes/admin/assets/css/modal.css/wp-content/plugins/payamito-easy-digital-downloads-sms/includes/admin/assets/css/tooltipster.main.min.css/wp-content/plugins/payamito-easy-digital-downloads-sms/includes/admin/assets/js/admin-app.js/wp-content/plugins/payamito-easy-digital-downloads-sms/includes/admin/assets/js/copy.min.js/wp-content/plugins/payamito-easy-digital-downloads-sms/includes/admin/assets/js/modal.js/wp-content/plugins/payamito-easy-digital-downloads-sms/includes/admin/assets/js/tooltipster.main.min.js
Script Paths
/wp-content/plugins/payamito-easy-digital-downloads-sms/includes/admin/assets/js/modal.js/wp-content/plugins/payamito-easy-digital-downloads-sms/includes/admin/assets/js/admin-app.js/wp-content/plugins/payamito-easy-digital-downloads-sms/includes/admin/assets/js/copy.min.js/wp-content/plugins/payamito-easy-digital-downloads-sms/includes/admin/assets/js/tooltipster.main.min.js

HTML / DOM Fingerprints

CSS Classes
payamito-edd-modal
HTML Comments
<!-- payamito-edd-modal -->
Data Attributes
data-payamito-edd-modal-id
JS Globals
Payamito_Edd_Options_Panel
FAQ

Frequently Asked Questions about افزونه پیامک ایزی دیجتال دانلود ( EDD ) payamito sms easy digital download