WP-Safety

UncommonGood Donation Widget Security & Risk Analysis

wordpress.org/plugins/uncommongood-donation-widget

Accept donations and begin fundraising with the UncommonGood Donation Widget. The settings are very simple: one input box for the donation Widget Embe …

0 active installs v1.3 PHP 7.0+ WP 5.0+ Updated Apr 26, 2023
donatedonationfundraisingnonprofitrecurring-donations
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is UncommonGood Donation Widget Safe to Use in 2026?

Generally Safe

Score 85/100

UncommonGood Donation Widget has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago
Risk Assessment

The uncommongood-donation-widget v1.3 plugin exhibits a generally strong security posture based on the static analysis and vulnerability history provided. The complete absence of dangerous functions, SQL queries without prepared statements, and unsanitized output flows are excellent indicators of secure coding practices. The plugin also benefits from a clean vulnerability history, with no known CVEs, suggesting a history of responsible development and maintenance. However, the analysis does highlight potential areas for improvement. The presence of a shortcode without any apparent authorization or capability checks represents a potential attack vector, albeit a limited one given the other security measures in place. The complete lack of nonce checks across all entry points, including the shortcode, is a notable weakness that could be exploited if other input validation or sanitization were to fail. Despite these minor concerns, the overall security of this plugin appears to be good, with developers demonstrating awareness of fundamental security principles.

Key Concerns

  • Shortcode without auth checks
  • Missing nonce checks
Vulnerabilities
None known

UncommonGood Donation Widget Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

UncommonGood Donation Widget Release Timeline

v1.3Current
v1.2
v1.1
Code Analysis
Analyzed Apr 16, 2026

UncommonGood Donation Widget Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
11 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

100% escaped11 total outputs
Attack Surface

UncommonGood Donation Widget Attack Surface

Entry Points1
Unprotected0

Shortcodes 1

[ug_donate] uncommongood_donation_widget.php:253
WordPress Hooks 5
actionadmin_menuuncommongood_donation_widget.php:254
actionadmin_inituncommongood_donation_widget.php:255
actionwp_headuncommongood_donation_widget.php:256
filterplugin_row_metauncommongood_donation_widget.php:257
filterwp_enqueue_scriptsuncommongood_donation_widget.php:258
Maintenance & Trust

UncommonGood Donation Widget Maintenance & Trust

Maintenance Signals

WordPress version tested6.1.10
Last updatedApr 26, 2023
PHP min version7.0
Downloads1K

Community Trust

Rating100/100
Number of ratings3
Active installs0
Alternatives

UncommonGood Donation Widget Alternatives

GiveWP – Donation Plugin and Fundraising Platform

GiveWP – Donation Plugin and Fundraising Platform

give

B
76

Accept donations and begin fundraising with GiveWP, the highest rated WordPress donation plugin for online giving.

100K 72 CVEs
Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More

Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More

charitable

B
80

The best WordPress donation plugin. Create fundraising donation forms, accept recurring donations, easy donor management, add crowdfunding, and more.

10K 16 CVEs
Zeffy Donate Button

Zeffy Donate Button

zeffy-donate-button

A
100

Embed Zeffy donation forms on your WordPress site with customizable popup buttons. Simple setup with no coding required.

600 No CVEs
Fundraising Bar – A Sticky Customizable Donation Bar for WordPress

Fundraising Bar – A Sticky Customizable Donation Bar for WordPress

fundraising-bar

A
100

A WordPress plugin that displays a donation bar for PayPal donations (one-time or recurring), with sandbox mode, custom amounts, fee coverage, and a l …

0 No CVEs
Donorbox – Free Recurring Donation Plugin and Fundraising Platform

Donorbox – Free Recurring Donation Plugin and Fundraising Platform

donorbox-donation-form

A
99

Donorbox is a powerful and secure donation management plugin for WordPress. We are the only donation plugin for WordPress that offers a fast feature-f …

9K 2 CVEs
Developer Profile

UncommonGood Donation Widget Developer Profile

UncommonGood

1 plugin · 0 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect UncommonGood Donation Widget

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/uncommongood-donation-widget/public/css/ugdw-public.css/wp-content/plugins/uncommongood-donation-widget/public/js/ugdw-public.js
Script Paths
/wp-content/plugins/uncommongood-donation-widget/public/js/ugdw-public.js
Version Parameters
uncommongood-donation-widget/public/css/ugdw-public.css?ver=uncommongood-donation-widget/public/js/ugdw-public.js?ver=

HTML / DOM Fingerprints

CSS Classes
ugdw-uncommongood-widget-iconugdw-uncommongood-widget-icon-logowp-block-buttonwp-block-button__linkbtn
Data Attributes
organization-widget
Shortcode Output
<div class="wp-block-button"> <a class="wp-block-button__link btn" href="#https://uncommongood.io/widget">Donate</a> </div>
FAQ

Frequently Asked Questions about UncommonGood Donation Widget