Does TDP Ring Builder have any unpatched vulnerabilities?

No. All known vulnerabilities in TDP Ring Builder have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is TDP Ring Builder compatible with WordPress 6.6.5?

According to WordPress.org data, TDP Ring Builder 1.0.0 has been tested up to WordPress 6.6.5. Check the plugin's changelog for the latest compatibility information.

Is TDP Ring Builder compatible with PHP 7.0+?

TDP Ring Builder requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is TDP Ring Builder updated?

TDP Ring Builder was last updated on Oct 7, 2024. Frequent updates are generally a positive security signal.

What is TDP Ring Builder's security score?

TDP Ring Builder has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

TDP Ring Builder Security & Risk Analysis

wordpress.org/plugins/tdp-ring-builder

This plugin allows users to build custom diamond engagement rings, offering both lab and natural diamonds, as well as loose rings and loose diamonds.

10 active installs v1.0.0 PHP 7.0+ WP 5.0+ Updated Oct 7, 2024

diamondsengagement-ringlab-diamondnatural-diamondring-builder

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is TDP Ring Builder Safe to Use in 2026?

Generally Safe

Score 92/100

TDP Ring Builder has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The tdp-ring-builder plugin version 1.0.0 presents a mixed security posture. On the positive side, it demonstrates good practices in handling SQL queries, exclusively using prepared statements, and exhibits excellent output escaping with 99% of outputs properly handled. The absence of known CVEs and critical or high severity taint flows is also a strong indicator of a relatively secure codebase in these areas.

However, significant concerns arise from the substantial attack surface that lacks authentication and authorization checks. A large number of AJAX handlers (18 out of 18) and a REST API route (1 out of 1) are exposed without proper verification. This means any unauthenticated user could potentially interact with these endpoints, leading to unintended behavior or exploitation if the plugin logic is not inherently secure against anonymous input. While the static analysis did not reveal dangerous functions or unsanitized paths, the sheer volume of unprotected entry points is a major risk.

In conclusion, while the plugin excels in data handling and output sanitization, the lack of authorization on a majority of its entry points is a critical weakness. The absence of historical vulnerabilities could be due to the plugin's maturity (version 1.0.0) or simply a lack of past audits. The current risk is primarily driven by the potential for privilege escalation or unauthorized actions through its unprotected AJAX and REST API endpoints.

Key Concerns

18 AJAX handlers without auth checks
1 REST API route without permission callback
Total entry points: 20, Unprotected: 19

Vulnerabilities

None known

TDP Ring Builder Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

TDP Ring Builder Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

693 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

99% escaped700 total outputs

Data Flows

All sanitized

Data Flow Analysis

5 flows

tdprb_token_save_callback (admin\class-tdprb-admin.php:192)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

19 unprotected

TDP Ring Builder Attack Surface

Entry Points20

Unprotected19

AJAX Handlers 18

authwp_ajax_tdprb_token_saveincludes\class-tdprb.php:138

noprivwp_ajax_tdprb_token_saveincludes\class-tdprb.php:139

authwp_ajax_tdprb_token_deactivateincludes\class-tdprb.php:140

noprivwp_ajax_tdprb_token_deactivateincludes\class-tdprb.php:141

authwp_ajax_tdprb_diamond_list_ajaxincludes\class-tdprb.php:162

noprivwp_ajax_tdprb_diamond_list_ajaxincludes\class-tdprb.php:163

authwp_ajax_tdprb_diamond_details_ajaxincludes\class-tdprb.php:164

noprivwp_ajax_tdprb_diamond_details_ajaxincludes\class-tdprb.php:165

authwp_ajax_tdprb_rings_list_ajaxincludes\class-tdprb.php:166

noprivwp_ajax_tdprb_rings_list_ajaxincludes\class-tdprb.php:167

authwp_ajax_tdprb_ring_details_ajaxincludes\class-tdprb.php:168

noprivwp_ajax_tdprb_ring_details_ajaxincludes\class-tdprb.php:169

authwp_ajax_tdprb_loosediamond_add_to_cartincludes\class-tdprb.php:171

noprivwp_ajax_tdprb_loosediamond_add_to_cartincludes\class-tdprb.php:172

authwp_ajax_tdprb_loosering_add_to_cartincludes\class-tdprb.php:173

noprivwp_ajax_tdprb_loosering_add_to_cartincludes\class-tdprb.php:174

authwp_ajax_tdprb_completering_add_to_cartincludes\class-tdprb.php:175

noprivwp_ajax_tdprb_completering_add_to_cartincludes\class-tdprb.php:176

REST API Routes 1

GET/wp-json/tdp-rb/v1/front-datapublic\class-tdprb-public.php:179

Shortcodes 1

[Ring_Builder] includes\class-tdprb.php:157

WordPress Hooks 18

actionadmin_enqueue_scriptsincludes\class-tdprb.php:131

actionadmin_enqueue_scriptsincludes\class-tdprb.php:132

actionadmin_menuincludes\class-tdprb.php:133

actionadmin_initincludes\class-tdprb.php:134

actionadmin_initincludes\class-tdprb.php:135

actionadmin_initincludes\class-tdprb.php:136

actionadmin_initincludes\class-tdprb.php:137

actionwp_enqueue_scriptsincludes\class-tdprb.php:155

actionwp_enqueue_scriptsincludes\class-tdprb.php:156

actionrest_api_initincludes\class-tdprb.php:158

actioninitincludes\class-tdprb.php:159

filterquery_varsincludes\class-tdprb.php:160

filtertemplate_includeincludes\class-tdprb.php:161

filterwoocommerce_cart_item_permalinkincludes\class-tdprb.php:170

filterwoocommerce_get_item_dataincludes\class-tdprb.php:177

actionwoocommerce_checkout_create_order_line_itemincludes\class-tdprb.php:178

filterallowed_http_originsincludes\class-tdprb.php:181

actionwoocommerce_thankyouincludes\class-tdprb.php:182

Maintenance & Trust

TDP Ring Builder Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5

Last updatedOct 7, 2024

PHP min version7.0

Downloads722

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

TDP Ring Builder Alternatives

Keyideas Jewelry Filter & Search

keyideas-jewelry-ring-filter-search

100

https://www.youtube.com/playlist?list=PLxIkMlb2za2UbligOxt8k82ITiUSn1o1z

0 No CVEs

BuildARing

buildaring

100

Create custom diamond jewelry sets by selecting shapes, carat, and price. Bundle rings, earrings, necklaces, and more.

0 No CVEs

Developer Profile

TDP Ring Builder Developer Profile

thediamondport

1 plugin · 10 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect TDP Ring Builder

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/tdp-ring-builder/admin/css/tdprb-admin.css/wp-content/plugins/tdp-ring-builder/admin/js/tdprb-admin.js

Script Paths

/wp-content/plugins/tdp-ring-builder/admin/js/tdprb-admin.js

Version Parameters

tdp-ring-builder/admin/css/tdprb-admin.css?ver=tdp-ring-builder/admin/js/tdprb-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

tdprb-admin-settings-form

Data Attributes

data-tdprb-element

JS Globals

tdprbajax

FAQ