Does Sell BTC – Cryptocurrency Selling Calculator have any unpatched vulnerabilities?

No. All known vulnerabilities in Sell BTC – Cryptocurrency Selling Calculator have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Sell BTC – Cryptocurrency Selling Calculator compatible with WordPress 6.9.4?

According to WordPress.org data, Sell BTC – Cryptocurrency Selling Calculator 1.6 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Sell BTC – Cryptocurrency Selling Calculator compatible with PHP 5.6+?

Sell BTC – Cryptocurrency Selling Calculator requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Sell BTC – Cryptocurrency Selling Calculator updated?

Sell BTC – Cryptocurrency Selling Calculator was last updated on Jan 30, 2026. Frequent updates are generally a positive security signal.

What is Sell BTC – Cryptocurrency Selling Calculator's security score?

Sell BTC – Cryptocurrency Selling Calculator has a WP-Safety security score of 97/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Sell BTC – Cryptocurrency Selling Calculator Security & Risk Analysis

wordpress.org/plugins/sell-btc-by-hayyatapps

Use this calculator plugin to sell bitcoin and other cryptocurrencies on your website with option to set custom margins fees and minimum convertible a …

10 active installs v1.6 PHP 5.6+ WP 5.0+ Updated Jan 30, 2026

cryptocurrency-calculatorsell-bitcoinsell-cryptocurrency

A · Safe

CVEs total1

Unpatched0

Last CVEJan 30, 2026

Plugin page Download

Safety Verdict

Is Sell BTC – Cryptocurrency Selling Calculator Safe to Use in 2026?

Generally Safe

Score 97/100

Sell BTC – Cryptocurrency Selling Calculator has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Jan 30, 2026Updated 2mo ago

Risk Assessment

The 'sell-btc-by-hayyatapps' v1.6 plugin exhibits a mixed security posture. While it demonstrates good practices with a high percentage of properly escaped output and no reported critical or high severity taint flows, significant concerns arise from its attack surface and lack of robust authentication checks. The presence of two AJAX handlers without any authentication or capability checks creates a direct entry point for unauthenticated users, which is a major security weakness. This lack of protection could allow malicious actors to trigger unintended actions or access sensitive data if these handlers are not sufficiently secured internally. The plugin's vulnerability history shows one known high severity CVE, although it is currently unpatched. This, coupled with the existing unprotected entry points, suggests a potential for exploitation if similar vulnerabilities are introduced or if the current unprotected handlers are found to be susceptible to common web attacks. While the plugin avoids dangerous functions and external HTTP requests, and a good portion of its SQL queries use prepared statements, the identified unprotected AJAX endpoints and past high-severity vulnerability are critical areas that require immediate attention to improve its overall security.

Key Concerns

AJAX handlers without auth checks
0 Nonce checks
0 Capability checks
One high severity CVE in history
SQL queries without prepared statements

Vulnerabilities

Sell BTC – Cryptocurrency Selling Calculator Security Vulnerabilities

CVEs by Year

1 CVE in 2026

2026

Patched Has unpatched

Severity Breakdown

High

1 total CVE

CVE-2025-14554high · 7.2Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Sell BTC - Cryptocurrency Selling Calculator <= 1.5 - Unauthenticated Stored Cross-Site Scripting via 'orderform_data' AJAX Action

Jan 30, 2026 Patched in 1.6 (2d)

Code Analysis

Analyzed Mar 16, 2026

Sell BTC – Cryptocurrency Selling Calculator Code Analysis

Dangerous Functions

Raw SQL Queries

1 prepared

Unescaped Output

19 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

33% prepared3 total queries

Output Escaping

90% escaped21 total outputs

Attack Surface

2 unprotected

Sell BTC – Cryptocurrency Selling Calculator Attack Surface

Entry Points2

Unprotected2

AJAX Handlers 2

noprivwp_ajax_orderform_datasell-btc.php:36

authwp_ajax_orderform_datasell-btc.php:37

WordPress Hooks 3

actionadmin_enqueue_scriptssell-btc.php:31

actionadmin_menusell-btc.php:33

actionwp_enqueue_scriptssell-btc.php:34

Maintenance & Trust

Sell BTC – Cryptocurrency Selling Calculator Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 30, 2026

PHP min version5.6

Downloads4K

Community Trust

Rating100/100

Number of ratings1

Active installs10

Alternatives

Sell BTC – Cryptocurrency Selling Calculator Alternatives

No alternatives data available yet.

Developer Profile

Sell BTC – Cryptocurrency Selling Calculator Developer Profile

hayyatapps

5 plugins · 390 total installs

trust score

Avg Security Score

99/100

Avg Patch Time

2 days

View full developer profile

Detection Fingerprints

How We Detect Sell BTC – Cryptocurrency Selling Calculator

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/sell-btc-by-hayyatapps/CSS/style.css/wp-content/plugins/sell-btc-by-hayyatapps/JS/tipx/jqu.css/wp-content/plugins/sell-btc-by-hayyatapps/JS/tipx/style.css/wp-content/plugins/sell-btc-by-hayyatapps/CSS/admin.css/wp-content/plugins/sell-btc-by-hayyatapps/JS/a81368914c.js/wp-content/plugins/sell-btc-by-hayyatapps/wpbox-admin.js/wp-content/plugins/sell-btc-by-hayyatapps/JS/feedback.js/wp-content/plugins/sell-btc-by-hayyatapps/JS/pages.js+10 more

Script Paths

/wp-content/plugins/sell-btc-by-hayyatapps/JS/a81368914c.js/wp-content/plugins/sell-btc-by-hayyatapps/wpbox-admin.js/wp-content/plugins/sell-btc-by-hayyatapps/JS/feedback.js/wp-content/plugins/sell-btc-by-hayyatapps/JS/pages.js/wp-content/plugins/sell-btc-by-hayyatapps/JS/a81368914c.js/wp-content/plugins/sell-btc-by-hayyatapps/lib/js/formatters.js+5 more

Version Parameters

sell-btc-by-hayyatapps/CSS/style.css?v=2.1sell-btc-by-hayyatapps/lib/js/script.js?ver=2.1sell-btc-by-hayyatapps/lib/js/menu-haaps.js?ver=2.1sell-btc-by-hayyatapps/lib/js/orders.js?ver=2.1sell-btc-by-hayyatapps/lib/js/ex.js?ver=2.1sell-btc-by-hayyatapps/lib/js/hayyatapps.js?ver=2.1

HTML / DOM Fingerprints

CSS Classes

happs-dropdownhapps-noselecthapps-list-btnhapps-menu-itemhapps-selectedhapps-iconshapps-down-arrowhapps-list

Data Attributes

happs-curr-fromlisthapps-curr-todata-listdata-value-1data-f+3 more

Shortcode Output

<div class="happs-dropdown happs-noselect">

  <div class="happs-list-btn" happs-curr-from="USD" list="happs-from">
      <span class="happs-menu-item happs-selected"><img src="

" class="happs-icons"> USD <i class="fas fa-chevron-down happs-down-arrow"></i></span>
</div>

  <div class="happs-list" data-list="happs-from">
   <span class="happs-menu-item" data-value-1="USD" data-f="2.5%" data-mf="1" data-ma="10">
<img src="

" class="happs-icons"> USD</span>
  </div>
</div>

<div class="happs-dropdown happs-noselect">
  <div class="happs-list-btn" happs-curr-to="BTC" list="happs-to">
        <span class="happs-menu-item happs-selected"><img src="

FAQ