Does SalesPulse – Social Proof & FOMO Notifications have any unpatched vulnerabilities?

No. All known vulnerabilities in SalesPulse – Social Proof & FOMO Notifications have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is SalesPulse – Social Proof & FOMO Notifications compatible with WordPress 6.9.4?

According to WordPress.org data, SalesPulse – Social Proof & FOMO Notifications 1.0.1 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is SalesPulse – Social Proof & FOMO Notifications compatible with PHP 7.4+?

SalesPulse – Social Proof & FOMO Notifications requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is SalesPulse – Social Proof & FOMO Notifications updated?

SalesPulse – Social Proof & FOMO Notifications was last updated on Mar 12, 2026. Frequent updates are generally a positive security signal.

What is SalesPulse – Social Proof & FOMO Notifications's security score?

SalesPulse – Social Proof & FOMO Notifications has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

SalesPulse – Social Proof & FOMO Notifications Security & Risk Analysis

wordpress.org/plugins/salespulse

Boost conversions with real-time social proof & FOMO popups. Show purchases, signups, reviews, visitor counts & announcement bars.

0 active installs v1.0.1 PHP 7.4+ WP 5.8+ Updated Mar 12, 2026

conversionfomonotificationssocial-proofwoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is SalesPulse – Social Proof & FOMO Notifications Safe to Use in 2026?

Generally Safe

Score 100/100

SalesPulse – Social Proof & FOMO Notifications has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 24d ago

Risk Assessment

The salespulse v1.0.1 plugin exhibits a concerning security posture primarily due to a large attack surface with a significant number of unprotected entry points. While the code signals are generally positive, with no dangerous functions, proper output escaping, and no file operations or external HTTP requests, the sheer volume of AJAX handlers and REST API routes lacking authorization checks presents a substantial risk. These unprotected endpoints could allow unauthenticated users to trigger sensitive actions or expose information, depending on their functionality.

The taint analysis, while limited in scope with only two flows analyzed, did identify one flow with an unsanitized path. This is a critical finding that, although not classified as high severity, indicates a potential for path traversal vulnerabilities if the flow's inputs are user-controlled and not properly validated. The lack of any recorded vulnerability history is a positive sign, suggesting the plugin has not been a target or has been developed with a reasonable degree of security awareness. However, this should not overshadow the immediate risks identified in the static analysis.

In conclusion, while the plugin demonstrates good practices in areas like output escaping and the absence of dangerous functions, the extensive number of unprotected AJAX handlers and REST API routes, coupled with a single unsanitized path flow, creates significant security weaknesses. These issues require immediate attention to harden the plugin's defenses against potential exploitation.

Key Concerns

Unprotected AJAX handlers
Unprotected REST API routes
Flow with unsanitized path

Vulnerabilities

None known

SalesPulse – Social Proof & FOMO Notifications Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

SalesPulse – Social Proof & FOMO Notifications Code Analysis

Dangerous Functions

Raw SQL Queries

16 prepared

Unescaped Output

186 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

64% prepared25 total queries

Output Escaping

100% escaped186 total outputs

Data Flows

1 unsanitized

Data Flow Analysis

2 flows1 with unsanitized paths

ajax_save_settings (includes\class-salespulse.php:561)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

16 unprotected

SalesPulse – Social Proof & FOMO Notifications Attack Surface

Entry Points19

Unprotected16

AJAX Handlers 10

authwp_ajax_salespulse_get_analyticsincludes\class-analytics.php:35

authwp_ajax_salespulse_get_settingsincludes\class-salespulse.php:111

authwp_ajax_salespulse_save_settingsincludes\class-salespulse.php:112

authwp_ajax_salespulse_get_notificationsincludes\class-salespulse.php:113

authwp_ajax_salespulse_save_notificationincludes\class-salespulse.php:114

authwp_ajax_salespulse_delete_notificationincludes\class-salespulse.php:115

authwp_ajax_salespulse_get_bar_settingsincludes\class-salespulse.php:116

authwp_ajax_salespulse_save_bar_settingsincludes\class-salespulse.php:117

authwp_ajax_salespulse_get_consent_settingsincludes\class-salespulse.php:118

authwp_ajax_salespulse_save_consent_settingsincludes\class-salespulse.php:119

REST API Routes 8

POST/wp-json/salespulse/v1/trackincludes\class-analytics.php:84

GET/wp-json/salespulse/v1/analyticsincludes\class-analytics.php:90

GET/wp-json/salespulse/v1/settingsincludes\class-salespulse.php:163

GET/wp-json/salespulse/v1/notificationsincludes\class-salespulse.php:176

GET/wp-json/salespulse/v1/notifications/(?P<id>\d+)includes\class-salespulse.php:189

GET/wp-json/salespulse/v1/heartbeatincludes\class-salespulse.php:200

GET/wp-json/salespulse/v1/bar-settingsincludes\class-salespulse.php:209

GET/wp-json/salespulse/v1/consent-settingsincludes\class-salespulse.php:223

Shortcodes 1

[salespulse] includes\class-shortcode.php:30

WordPress Hooks 13

actionadmin_menuadmin\class-admin.php:28

actionadmin_enqueue_scriptsadmin\class-admin.php:29

actionwp_enqueue_scriptsfrontend\class-frontend.php:33

actionwp_footerfrontend\class-frontend.php:34

actionrest_api_initincludes\class-analytics.php:34

actioninitincludes\class-block.php:27

actionwp_footerincludes\class-cookie-consent.php:32

actionwp_footerincludes\class-notification-bar.php:32

actionrest_api_initincludes\class-salespulse.php:108

actionwoocommerce_order_status_completedincludes\integrations\class-woocommerce.php:34

actionwoocommerce_order_status_processingincludes\integrations\class-woocommerce.php:35

actionwoocommerce_payment_completeincludes\integrations\class-woocommerce.php:36

actionplugins_loadedsalespulse.php:97

Maintenance & Trust

SalesPulse – Social Proof & FOMO Notifications Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 12, 2026

PHP min version7.4

Downloads167

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

SalesPulse – Social Proof & FOMO Notifications Alternatives

Sales Push Notification

sales-push-notification

100

Boost conversions with real-time sales notifications that build trust and create FOMO. Customizable, WooCommerce-compatible, and mobile-friendly.

60 No CVEs

Social Proof for WooCommerce

social-proof-for-woocommerce

100

Motivate your customers to buy from your online store. Show them social proof that other people are already buying from your store.

30 No CVEs

Fomo for WooCommerce

fomo

100

Fomo displays recent orders on your WooCommerce storefront.

20 No CVEs

NotificationX – FOMO, Live Sales Notification, WooCommerce Sales Popup, GDPR, Social Proof, Announcement Banner & Floating Notification Bar

notificationx

Want to boost business trust & conversions? 97% of visitors hesitate to buy because of credibility. Instantly succeed with WooCommerce Sales Alert!

40K 8 CVEs

FOMO & Social Proof Notifications by TrustPulse – Best WordPress FOMO Plugin

trustpulse-api

100

TrustPulse is a FOMO social proof plugin that leverages the power of social proof to instantly boost site conversions by up to 15%!

20K No CVEs

Developer Profile

SalesPulse – Social Proof & FOMO Notifications Developer Profile

wpmatcha

2 plugins · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect SalesPulse – Social Proof & FOMO Notifications

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/salespulse/assets/fonts/fonts.css/wp-content/plugins/salespulse/admin/css/admin.css/wp-content/plugins/salespulse/admin/js/admin.js

Script Paths

/wp-content/plugins/salespulse/admin/js/admin.js

Version Parameters

salespulse/assets/fonts/fonts.css?ver=salespulse/admin/css/admin.css?ver=salespulse/admin/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

salespulse-admin-wrappersalespulse-logosp-admin-notifications-tablesp-notification-rowsp-notification-titlesp-notification-statussp-notification-actionssp-notification-edit-link+25 more

HTML Comments

+10 more

Data Attributes

data-notification-iddata-actiondata-template-iddata-toggledata-toggle-groupdata-type-requirement

JS Globals

salespulseAdmin

REST Endpoints

/salespulse/v1/notifications/salespulse/v1/notifications/(?P<id>\d+)

FAQ