WP-Safety

Seraphinite Bulk Discounts for WooCommerce Security & Risk Analysis

wordpress.org/plugins/seraphinite-discount-for-woocommerce

Increase your sales by providing products bulk discounts.

30 active installs v2.4.7 PHP 5.4+ WP 4.5+ Updated Dec 11, 2024
bulkdiscountproductwoowoocommerce
91
A · Safe
CVEs total1
Unpatched0
Last CVEDec 11, 2024
Plugin page Download
Safety Verdict

Is Seraphinite Bulk Discounts for WooCommerce Safe to Use in 2026?

Generally Safe

Score 91/100

Seraphinite Bulk Discounts for WooCommerce has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

1 known CVELast CVE: Dec 11, 2024Updated 1yr ago
Risk Assessment

The "seraphinite-discount-for-woocommerce" plugin v2.4.7 exhibits a mixed security posture. While it has a low number of entry points and no critical or high severity taint flows, significant concerns exist regarding its handling of user input and its vulnerability history. The presence of two AJAX handlers without authentication checks presents a substantial attack surface that could be leveraged for unauthorized actions. Furthermore, the use of the `unserialize` function, especially without proper input sanitization, is a known risk that can lead to Remote Code Execution vulnerabilities. The plugin's history of a medium severity Cross-Site Scripting (XSS) vulnerability, even though currently patched, indicates a pattern of potential weaknesses in output escaping or input validation, suggesting that previous vulnerabilities may not have been fully addressed with robust defenses. Overall, while the plugin has some good practices like a moderate number of nonce and capability checks, the unprotected AJAX endpoints and the use of dangerous functions like `unserialize` elevate the risk profile, making diligent monitoring and updates essential.

Key Concerns

  • Unprotected AJAX handlers
  • Use of dangerous function unserialize
  • Low percentage of properly escaped output
  • Medium severity vulnerability history
Vulnerabilities
1 published

Seraphinite Bulk Discounts for WooCommerce Security Vulnerabilities

CVEs by Year

1 CVE in 2024
2024
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2024-12160medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Seraphinite Bulk Discounts for WooCommerce <= 2.4.6 - Reflected Cross-Site Scripting

Dec 11, 2024 Patched in 2.4.7 (1d)
Version History

Seraphinite Bulk Discounts for WooCommerce Release Timeline

v2.4.7Current
v2.4.61 CVE
CVE-2024-12160
v2.4.51 CVE
CVE-2024-12160
v2.4.41 CVE
CVE-2024-12160
v2.4.31 CVE
CVE-2024-12160
v2.4.21 CVE
CVE-2024-12160
v2.4.11 CVE
CVE-2024-12160
v2.41 CVE
CVE-2024-12160
v2.3.41 CVE
CVE-2024-12160
v2.3.31 CVE
CVE-2024-12160
v2.3.21 CVE
CVE-2024-12160
v2.3.11 CVE
CVE-2024-12160
v2.31 CVE
CVE-2024-12160
v2.21 CVE
CVE-2024-12160
v2.11 CVE
CVE-2024-12160
v2.01 CVE
CVE-2024-12160
v1.2.11 CVE
CVE-2024-12160
v1.21 CVE
CVE-2024-12160
v1.1.31 CVE
CVE-2024-12160
v1.1.21 CVE
CVE-2024-12160
Code Analysis
Analyzed Mar 16, 2026

Seraphinite Bulk Discounts for WooCommerce Code Analysis

Dangerous Functions
3
Raw SQL Queries
2
2 prepared
Unescaped Output
227
90 escaped
Nonce Checks
5
Capability Checks
4
File Operations
31
External Requests
4
Bundled Libraries
0

Dangerous Functions Found

unserialize$v = @unserialize( $data );Cmn\Gen.php:291
unserialize$chunk -> a = @unserialize( $chunk -> a );Cmn\Gen.php:2642
unserialize$val = ( $val !== false ) ? @unserialize( $val ) : null;Cmn\Plugin.php:148

SQL Query Safety

50% prepared4 total queries

Output Escaping

28% escaped317 total outputs
Data Flows · Security
All sanitized

Data Flow Analysis

3 flows
Init (Cmn\Plugin.php:459)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

Seraphinite Bulk Discounts for WooCommerce Attack Surface

Entry Points2
Unprotected2

AJAX Handlers 2

authwp_ajax_seraph_wd_actCmn\Plugin.php:478
authwp_ajax_seraph_wd_apiCmn\Plugin.php:574
WordPress Hooks 85
filtersafe_style_cssCmn\Gen.php:4677
filteroption_homeCmn\Gen.php:4770
filteroption_homeCmn\Gen.php:4771
filterhome_urlCmn\Gen.php:4774
filteroption_siteurlCmn\Gen.php:4802
filteroption_siteurlCmn\Gen.php:4803
filtersite_urlCmn\Gen.php:4805
actionrequests-requests.before_requestCmn\Gen.php:4925
actionrequests-requests.before_parseCmn\Gen.php:4926
filterhome_urlCmn\Gen.php:5753
filterwpml_get_language_from_urlCmn\Gen.php:5758
filterhome_urlCmn\Gen.php:5763
filterload_textdomain_mofileCmn\Gen.php:6137
filterpost_linkCmn\Gen.php:6288
actionadmin_noticesCmn\Plugin.php:468
actionnetwork_admin_noticesCmn\Plugin.php:469
actionplugins_loadedCmn\Plugin.php:473
actionchange_localeCmn\Plugin.php:474
filterremovable_query_argsCmn\Plugin.php:480
actionadmin_initCmn\Plugin.php:488
actionseraph_wd_postOpsResCmn\Plugin.php:502
actionadmin_enqueue_scriptsCmn\Plugin.php:520
actionwp_loadedCmn\Plugin.php:559
filterplugins_update_check_localesCmn\Plugin.php:567
actionadmin_post_nopriv_seraph_wd_apiCmn\Plugin.php:569
actionadmin_post_seraph_wd_apiCmn\Plugin.php:570
actionadmin_footerCmn\Plugin.php:629
filteradmin_footer_textCmn\Plugin.php:809
actionwoocommerce_after_template_partcommon.php:136
actionwoocommerce_after_single_productmain.php:27
actionwoocommerce_product_loop_endmain.php:36
actionthe_postmain.php:50
actionwoocommerce_before_template_partmain.php:61
actionwoocommerce_after_template_partmain.php:87
actionwoocommerce_after_add_to_cart_formmain.php:164
actionadmin_menumain.php:200
actionadmin_initmain.php:210
actionseraph_wd_postOpsResmain.php:222
actionadd_meta_boxesmain.php:230
actionadmin_menumain.php:245
actionsave_postmain.php:253
actionwoocommerce_before_calculate_totalsmain.php:1106
actionwoocommerce_after_calculate_totalsmain.php:1107
filterwoocommerce_cart_product_subtotalmain.php:1109
filterwoocommerce_cart_product_subtotalmain.php:1110
filterwoocommerce_cart_product_subtotalmain.php:1111
filterwoocommerce_variation_prices_pricemain.php:1120
filterwoocommerce_product_variation_get_pricemain.php:1146
filterwoocommerce_product_variation_get_sale_pricemain.php:1147
filterwoocommerce_variation_prices_pricemain.php:1148
filterwoocommerce_variation_prices_sale_pricemain.php:1149
filterwoocommerce_get_price_htmlmain.php:1180
filterwoocommerce_variation_prices_pricemain.php:1181
filterwoocommerce_variation_prices_sale_pricemain.php:1182
filterwoocommerce_product_get_pricemain.php:1277
filterwoocommerce_product_variation_get_pricemain.php:1278
filterwoocommerce_product_get_sale_pricemain.php:1282
filterwoocommerce_product_variation_get_sale_pricemain.php:1283
filterwoocommerce_product_get_pricemain.php:1320
filterwoocommerce_product_get_sale_pricemain.php:1329
filterwoocommerce_product_variation_get_pricemain.php:1340
filterwoocommerce_subscriptions_product_sign_up_feemain.php:1353
filterwoocommerce_product_variation_get__subscription_sign_up_feemain.php:1362
filterwoocommerce_product_variation_get_pricemain.php:1378
filterwoocommerce_variation_prices_pricemain.php:1389
filterwoocommerce_product_variation_get_sale_pricemain.php:1398
filterwoocommerce_variation_prices_sale_pricemain.php:1421
filterwoocommerce_subscriptions_product_sign_up_feemain.php:1430
filterwoocommerce_product_variation_get__subscription_sign_up_feemain.php:1431
filterwoocommerce_before_shop_loop_itemprice_normalize.php:34
filterwoocommerce_after_shop_loop_itemprice_normalize.php:35
filterwoocommerce_before_single_productprice_normalize.php:40
filterwoocommerce_after_single_productprice_normalize.php:41
filterwoocommerce_cart_item_productprice_normalize.php:47
filterwoocommerce_product_variation_get__subscription_priceprice_normalize.php:134
filterwoocommerce_variable_subscription_price_htmlprice_normalize.php:135
filterwoocommerce_product_get_priceprice_normalize.php:137
filterwoocommerce_product_variation_get_priceprice_normalize.php:138
filterwoocommerce_product_get_sale_priceprice_normalize.php:139
filterwoocommerce_product_variation_get_sale_priceprice_normalize.php:140
filterwoocommerce_product_get_regular_priceprice_normalize.php:141
filterwoocommerce_product_variation_get_regular_priceprice_normalize.php:142
filterwoocommerce_product_get__min_price_variation_idprice_normalize.php:143
filterwoocommerce_subscriptions_product_periodprice_normalize.php:145
filterwoocommerce_subscriptions_product_period_intervalprice_normalize.php:146
Maintenance & Trust

Seraphinite Bulk Discounts for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedDec 11, 2024
PHP min version5.4
Downloads5K

Community Trust

Rating100/100
Number of ratings5
Active installs30
Alternatives

Seraphinite Bulk Discounts for WooCommerce Alternatives

WhizManage — Management Suite for WooCommerce

WhizManage — Management Suite for WooCommerce

whizmanage

A
100

The all-in-one WooCommerce management dashboard. Edit products, orders, coupons, customers, and discount rules — all from one blazing-fast interface.

30 No CVEs
DiscountKit – Discount Rules, Bulk Pricing & Dynamic Pricing for WooCommerce

DiscountKit – Discount Rules, Bulk Pricing & Dynamic Pricing for WooCommerce

discountkit

A
100

Create flexible WooCommerce discount rules with percentage discounts, fixed discounts, and bulk pricing options.

0 No CVEs
Discount Rules for WooCommerce

Discount Rules for WooCommerce

woo-discount-rules

A
97

The discount plugin for WooCommerce helps you create bulk discount, quantity discount, storewide sale, dynamic pricing discount offers easily.

100K 4 CVEs
BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net

BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net

woo-bulk-editor

A
95

BEAR - WooCommerce Bulk Editor Professional (former WOOBE) is plugin for bulk edit/manage woocommerce products their data in the flexible way

40K 20 CVEs
Advanced Dynamic Pricing and Discount Rules for WooCommerce

Advanced Dynamic Pricing and Discount Rules for WooCommerce

advanced-dynamic-pricing-for-woocommerce

A
93

The discount plugin for WooCommerce supports any dynamic pricing discount: bulk discount, role discount, storewide, bogo, gifts, cart discount

20K 7 CVEs
Developer Profile

Seraphinite Bulk Discounts for WooCommerce Developer Profile

Seraphinite Solutions

5 plugins · 61K total installs

84
trust score
Avg Security Score
94/100
Avg Patch Time
36 days
View full developer profile
Detection Fingerprints

How We Detect Seraphinite Bulk Discounts for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/seraphinite-discount-for-woocommerce/assets/css/seraph_wd_admin_discount.css/wp-content/plugins/seraphinite-discount-for-woocommerce/assets/js/seraph_wd_admin_discount.js/wp-content/plugins/seraphinite-discount-for-woocommerce/assets/css/seraph_wd_discount.css/wp-content/plugins/seraphinite-discount-for-woocommerce/assets/js/seraph_wd_discount.js
Script Paths
/wp-content/plugins/seraphinite-discount-for-woocommerce/assets/js/seraph_wd_admin_discount.js/wp-content/plugins/seraphinite-discount-for-woocommerce/assets/js/seraph_wd_discount.js
Version Parameters
seraphinite-discount-for-woocommerce/assets/css/seraph_wd_admin_discount.css?ver=seraphinite-discount-for-woocommerce/assets/js/seraph_wd_admin_discount.js?ver=seraphinite-discount-for-woocommerce/assets/css/seraph_wd_discount.css?ver=seraphinite-discount-for-woocommerce/assets/js/seraph_wd_discount.js?ver=

HTML / DOM Fingerprints

CSS Classes
seraph_wd_discount_coupon_tdseraph_wd_discount_coupon_nameseraph_wd_discount_coupon_addseraph_wd_discount_coupon_removeseraph_wd_discount_coupon_td_value
Data Attributes
data-seraph-wd-options
JS Globals
seraph_wd_discount_coupon_params
FAQ

Frequently Asked Questions about Seraphinite Bulk Discounts for WooCommerce