Does Store credit / Gift cards for woocommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in Store credit / Gift cards for woocommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Store credit / Gift cards for woocommerce compatible with WordPress 6.9.4?

According to WordPress.org data, Store credit / Gift cards for woocommerce 1.0.49.91 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

How often is Store credit / Gift cards for woocommerce updated?

Store credit / Gift cards for woocommerce was last updated on Mar 10, 2026. Frequent updates are generally a positive security signal.

What is Store credit / Gift cards for woocommerce's security score?

Store credit / Gift cards for woocommerce has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Store credit / Gift cards for woocommerce Security & Risk Analysis

wordpress.org/plugins/store-credit-for-woocommerce

Offer store credit or gift cards to customers that they can use until their credit is finished

100 active installs v1.0.49.91 PHP + WP 3.0.1+ Updated Mar 10, 2026

gift-cardsgift-certificatesgift-vouchersstore-creditwoocommerce-gift-cards

A · Safe

CVEs total1

Unpatched0

Last CVEJan 6, 2025

Plugin page Download

Safety Verdict

Is Store credit / Gift cards for woocommerce Safe to Use in 2026?

Generally Safe

Score 99/100

Store credit / Gift cards for woocommerce has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Jan 6, 2025Updated 24d ago

Risk Assessment

The static analysis of "store-credit-for-woocommerce" v1.0.49.91 indicates a generally good security posture with several strong practices in place. The plugin exhibits a complete lack of direct SQL injection vulnerabilities due to 100% usage of prepared statements and a high percentage (95%) of properly escaped output, minimizing the risk of cross-site scripting. Furthermore, all identified AJAX entry points have proper capability checks, and there are no unprotected REST API routes or shortcodes. However, there are two concerning "flows with unsanitized paths" identified in the taint analysis, which, while not classified as critical or high, warrant attention as they could potentially lead to unexpected behavior or vulnerabilities if exploited.

The vulnerability history reveals one known medium-severity CVE related to Cross-site Scripting, which is thankfully no longer present. The fact that the plugin has had a past XSS vulnerability, even if patched, suggests a potential recurring weakness in input sanitization for certain pathways. While the current version shows good output escaping, the past XSS points to the need for continued vigilance in handling user-supplied data. Overall, the plugin demonstrates a commitment to security best practices, but the presence of unsanitized paths and past XSS history suggest a need for ongoing code review and thorough testing to ensure no new vulnerabilities are introduced.

Key Concerns

Flows with unsanitized paths
Bundled outdated library DataTables v1.11.4

Vulnerabilities

Store credit / Gift cards for woocommerce Security Vulnerabilities

CVEs by Year

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2024-11369medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Store credit / Gift cards for woocommerce <= 1.0.49.46 - Reflected Cross-Site Scripting

Jan 6, 2025 Patched in 1.0.49.47 (1d)

Code Analysis

Analyzed Mar 16, 2026

Store credit / Gift cards for woocommerce Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

342 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

DataTables1.11.4

Output Escaping

95% escaped359 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

15 flows2 with unsanitized paths

tab_content (admin\report.php:65)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Store credit / Gift cards for woocommerce Attack Surface

Entry Points5

Unprotected0

AJAX Handlers 5

authwp_ajax_pi_send_store_credit_emailsadmin\class-coupon.php:31

authwp_ajax_pi_send_store_credit_emailadmin\class-coupon.php:33

authwp_ajax_pi_download_reportadmin\report.php:40

authwp_ajax_woocommerce_apply_couponpublic\class-apply-coupon-overwrite.php:29

noprivwp_ajax_woocommerce_apply_couponpublic\class-apply-coupon-overwrite.php:30

WordPress Hooks 65

actionadmin_initadmin\basic.php:32

filterwoocommerce_coupon_discount_typesadmin\class-coupon.php:19

filterwoocommerce_coupon_data_tabsadmin\class-coupon.php:21

actionwoocommerce_coupon_data_panelsadmin\class-coupon.php:23

actionwoocommerce_coupon_optionsadmin\class-coupon.php:25

actionwoocommerce_coupon_object_updated_propsadmin\class-coupon.php:27

actionadmin_noticesadmin\class-coupon.php:29

filterproduct_type_selectoradmin\class-store-credit-product-handling.php:35

actionwoocommerce_product_data_panelsadmin\class-store-credit-product-handling.php:37

filterwoocommerce_product_data_tabsadmin\class-store-credit-product-handling.php:38

actionwoocommerce_process_product_metaadmin\class-store-credit-product-handling.php:40

actionwoocommerce_single_product_summaryadmin\class-store-credit-product-handling.php:42

filterwoocommerce_product_add_to_cart_textadmin\class-store-credit-product-handling.php:44

actionwoocommerce_add_to_cart_handler_pi_store_credit_rangeadmin\class-store-credit-product-handling.php:46

actionwoocommerce_add_to_cart_handler_pi_store_credit_optionadmin\class-store-credit-product-handling.php:48

filterwoocommerce_get_cart_item_from_sessionadmin\class-store-credit-product-handling.php:53

filterwoocommerce_get_item_dataadmin\class-store-credit-product-handling.php:55

actionwoocommerce_new_order_itemadmin\class-store-credit-product-handling.php:57

filterwoocommerce_attribute_labeladmin\class-store-credit-product-handling.php:59

filterwoocommerce_hidden_order_itemmetaadmin\class-store-credit-product-handling.php:61

actionwoocommerce_order_status_completedadmin\class-store-credit-product-handling.php:63

actionwoocommerce_order_item_meta_endadmin\class-store-credit-product-handling.php:65

actionwoocommerce_after_order_itemmetaadmin\class-store-credit-product-handling.php:66

filterwoocommerce_cart_item_quantityadmin\class-store-credit-product-handling.php:68

actionadmin_menuadmin\menu.php:27

filterinstall_plugins_nonmenu_tabsadmin\plugins.php:72

filterinstall_plugins_table_api_args_rajeshsingh520admin\plugins.php:76

actionadmin_initadmin\reminder-email.php:28

actionpi_delete_report_file_eventadmin\report.php:42

actionadmin_initadmin\setting.php:29

actionplugins_loadedincludes\class-store-credit-for-woocommerce.php:146

actionadmin_enqueue_scriptsincludes\class-store-credit-for-woocommerce.php:161

actionadmin_enqueue_scriptsincludes\class-store-credit-for-woocommerce.php:162

actionwp_enqueue_scriptsincludes\class-store-credit-for-woocommerce.php:177

actionwp_enqueue_scriptsincludes\class-store-credit-for-woocommerce.php:178

actionplugins_loadedincludes\includes.php:22

actionadmin_footerincludes\pisol.class.form.php:415

actionadmin_noticesincludes\review.php:33

actionwp_loadedpublic\class-apply-coupon-overwrite.php:24

actionwc_ajax_apply_couponpublic\class-apply-coupon-overwrite.php:31

actionwp_footerpublic\class-apply-coupon-overwrite.php:36

actionwoocommerce_after_calculate_totalspublic\class-auto-apply-credit.php:22

filterwoocommerce_coupon_sortpublic\class-auto-apply-credit.php:24

actionwoocommerce_update_orderpublic\class-credit-score-counting.php:25

filterwoocommerce_coupon_get_free_shippingpublic\class-disable-other-fields.php:19

filterwoocommerce_coupon_get_exclude_sale_itemspublic\class-disable-other-fields.php:22

filterwoocommerce_coupon_get_product_idspublic\class-disable-other-fields.php:24

filterwoocommerce_coupon_get_excluded_product_idspublic\class-disable-other-fields.php:25

filterwoocommerce_coupon_get_product_categoriespublic\class-disable-other-fields.php:28

filterwoocommerce_coupon_get_excluded_product_categoriespublic\class-disable-other-fields.php:29

filterwoocommerce_coupon_get_usage_limitpublic\class-disable-other-fields.php:30

filterwoocommerce_coupon_get_limit_usage_to_x_itemspublic\class-disable-other-fields.php:31

filterwoocommerce_coupon_get_usage_limit_per_userpublic\class-disable-other-fields.php:32

filterwoocommerce_coupon_is_validpublic\class-discount-validation.php:19

filterwoocommerce_coupon_get_email_restrictionspublic\class-discount-validation.php:24

filterwoocommerce_coupon_get_amountpublic\class-discount.php:21

filterwoocommerce_coupon_get_discount_typepublic\class-discount.php:23

filterwoocommerce_cart_coupon_typespublic\class-discount.php:25

actionwp_footerpublic\class-email.php:176

filterwoocommerce_account_menu_itemspublic\class-my-account.php:23

actioninitpublic\class-my-account.php:24

actioninitpublic\class-reminder-email-scheduler.php:31

actionwp_footerpublic\class-reminder-email.php:156

actionadmin_noticesstore-credit-for-woocommerce.php:50

actionbefore_woocommerce_initstore-credit-for-woocommerce.php:58

Scheduled Events 1

pi_delete_report_file_event

Maintenance & Trust

Store credit / Gift cards for woocommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 10, 2026

PHP min version

Downloads17K

Community Trust

Rating82/100

Number of ratings10

Active installs100

Alternatives

Store credit / Gift cards for woocommerce Alternatives

Ultimate Gift Cards for WooCommerce

woo-gift-cards-lite

Create, sell and manage WooCommerce gift cards to attract more sales and multiply your revenue at your online store.

7K 3 CVEs

Wyseme Gift Cards for WooCommerce by Saara INC – Create Gift card for https://wyse.me/ platform.

wyseme-giftcard-by-saara

100

This plugin is made for specifically for the merchant those are using https://wyse.me/ platform. This plugin should not be consider as a general giftc …

0 No CVEs

PW WooCommerce Gift Cards

pw-woocommerce-gift-cards

100

Sell gift cards to your WooCommerce store, in just a few minutes!

20K No CVEs

Gift Up Gift Cards for WordPress and WooCommerce

gift-up

The simplest way to sell gift cards online. Sell your own gift cards, gift certificates and gift vouchers from inside your WordPress website easily wi …

5K 3 CVEs

WebToffee Gift Cards for WooCommerce

wt-gift-cards-woocommerce

100

Create and sell WooCommerce gift cards in your store. Allow your customers to buy, redeem, and share gift vouchers easily.

1K No CVEs

Developer Profile

Store credit / Gift cards for woocommerce Developer Profile

PI Web Solution

30 plugins · 93K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

235 days

View full developer profile

Detection Fingerprints

How We Detect Store credit / Gift cards for woocommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/store-credit-for-woocommerce/js/store-credit-for-woocommerce-admin.js/wp-content/plugins/store-credit-for-woocommerce/css/store-credit-for-woocommerce-admin.css

Version Parameters

store-credit-for-woocommerce/js/store-credit-for-woocommerce-admin.js?ver=store-credit-for-woocommerce/css/store-credit-for-woocommerce-admin.css?ver=

HTML / DOM Fingerprints

FAQ