Does Vite Rewards for Woocommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in Vite Rewards for Woocommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Vite Rewards for Woocommerce compatible with WordPress 6.9.4?

According to WordPress.org data, Vite Rewards for Woocommerce 1.0.8 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Vite Rewards for Woocommerce compatible with PHP 7.2+?

Vite Rewards for Woocommerce requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Vite Rewards for Woocommerce updated?

Vite Rewards for Woocommerce was last updated on Feb 22, 2026. Frequent updates are generally a positive security signal.

What is Vite Rewards for Woocommerce's security score?

Vite Rewards for Woocommerce has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Vite Rewards for Woocommerce Security & Risk Analysis

wordpress.org/plugins/vite-rewards

ViteRewards is a powerful and flexible loyalty points plugin designed specifically for WooCommerce.

50 active installs v1.0.8 PHP 7.2+ WP 5.2+ Updated Feb 22, 2026

loyaltyloyalty-programrewardreward-pluginvitepos

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Vite Rewards for Woocommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Vite Rewards for Woocommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The "vite-rewards" v1.0.8 plugin exhibits a mixed security posture. While it demonstrates good practices in several areas, such as a lack of dangerous functions, file operations, and external HTTP requests, and a high percentage of properly escaped output, significant concerns remain regarding its attack surface and authorization mechanisms. The presence of two AJAX handlers without authentication checks is a notable vulnerability, providing potential entry points for attackers to exploit if these handlers perform sensitive operations. Furthermore, the complete absence of capability checks on any entry points is a serious oversight, as it implies that any logged-in user, regardless of their role, could potentially trigger these actions.

The static analysis revealed no critical or high-severity taint flows, which is a positive sign. The SQL queries, while not all prepared, are a minor concern given the limited number and the absence of other critical findings. The plugin's vulnerability history is currently clean, with no recorded CVEs. This lack of historical issues is encouraging, but it does not negate the risks identified in the current code analysis. The plugin's strengths lie in its clean code regarding potentially dangerous operations and its handling of output, but its weaknesses in authorization and its exposed AJAX endpoints present clear security risks that need to be addressed.

Key Concerns

AJAX handlers without authentication checks
No capability checks on any entry points
SQL queries not using prepared statements (50%)
Only one nonce check for four entry points

Vulnerabilities

None known

Vite Rewards for Woocommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Vite Rewards for Woocommerce Code Analysis

Dangerous Functions

Raw SQL Queries

1 prepared

Unescaped Output

41 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

25% prepared4 total queries

Output Escaping

91% escaped45 total outputs

Attack Surface

2 unprotected

Vite Rewards for Woocommerce Attack Surface

Entry Points4

Unprotected2

AJAX Handlers 2

authwp_ajax_remove_couponvite_reward_lite\modules\class-vite-reward-settings.php:63

noprivwp_ajax_remove_couponvite_reward_lite\modules\class-vite-reward-settings.php:64

Shortcodes 2

[VRD_USER_ACCOUNT] vite_reward_lite\modules\class-vite-reward-settings.php:75

[VRD_APPLY_REWARD] vite_reward_lite\modules\class-vite-reward-settings.php:76

WordPress Hooks 31

actionadmin_print_stylesvite_reward_lite\core\class-vite-reward-lite.php:63

actionadmin_enqueue_scriptsvite_reward_lite\core\class-vite-reward-lite.php:64

actionadmin_menuvite_reward_lite\core\class-vite-reward-lite.php:79

filterappsbd/input/html/fieldsvite_reward_lite\modules\class-vite-email-template.php:34

filterappsbd/vite-reward/filter/rulesvite_reward_lite\modules\class-vite-product-reward.php:38

actionwoocommerce_order_status_completedvite_reward_lite\modules\class-vite-product-reward.php:39

actionappsbd/reward/action/apply-order-rewardvite_reward_lite\modules\class-vite-reward-settings.php:61

actionappsbd/vite-reward/action/send-emailvite_reward_lite\modules\class-vite-reward-settings.php:66

actionwoocommerce_order_status_completedvite_reward_lite\modules\class-vite-reward-settings.php:68

actionuser_registervite_reward_lite\modules\class-vite-reward-settings.php:69

filterwoocommerce_account_menu_itemsvite_reward_lite\modules\class-vite-reward-settings.php:70

actionwoocommerce_account_reward-tab_endpointvite_reward_lite\modules\class-vite-reward-settings.php:72

actionwoocommerce_flush_rewrite_rulesvite_reward_lite\modules\class-vite-reward-settings.php:74

filterthe_contentvite_reward_lite\modules\class-vite-reward-settings.php:77

actionwoocommerce_cart_actionsvite_reward_lite\modules\class-vite-reward-settings.php:112

actionwoocommerce_before_checkout_formvite_reward_lite\modules\class-vite-reward-settings.php:126

filterwoocommerce_get_shop_coupon_datavite_reward_lite\modules\class-vite-reward-settings.php:133

actionwoocommerce_applied_couponvite_reward_lite\modules\class-vite-reward-settings.php:134

filterwoocommerce_cart_totals_coupon_labelvite_reward_lite\modules\class-vite-reward-settings.php:135

filterwoocommerce_cart_totals_coupon_htmlvite_reward_lite\modules\class-vite-reward-settings.php:141

actionwoocommerce_checkout_order_processedvite_reward_lite\modules\class-vite-reward-settings.php:143

actionwoocommerce_store_api_checkout_order_processedvite_reward_lite\modules\class-vite-reward-settings.php:144

actionappsbd/vite-reward/action/conditional-hookvite_reward_lite\modules\class-vite-reward-settings.php:145

filterwoocommerce_get_shop_coupon_datavite_reward_lite\modules\class-vite-reward-settings.php:155

filterappsbd/vite-reward/filter/rulesvite_reward_lite\modules\class-vite-user-reward.php:38

actionuser_registervite_reward_lite\modules\class-vite-user-reward.php:39

filterappsbd/vite-reward/filter/rulesvite_reward_lite\modules\class-vite-woocom-reward.php:58

actionappsbd/vite-reward/action/update-rule-ordervite_reward_lite\modules\class-vite-woocom-reward.php:59

actionwoocommerce_order_status_completedvite_reward_lite\modules\class-vite-woocom-reward.php:60

actionwoocommerce_order_refundedvite_reward_lite\modules\class-vite-woocom-reward.php:61

actionwoocommerce_before_cartvite_reward_lite\modules\class-vite-woocom-reward.php:63

Maintenance & Trust

Vite Rewards for Woocommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 22, 2026

PHP min version7.2

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs50

Alternatives

Vite Rewards for Woocommerce Alternatives

Points Management System For Gamification, Ranks, Badges, and Loyalty Rewards Program – myCred

mycred

A WordPress gamification plugin is also a points management system. Award ranks, loyalty points and rewards or WooCommerce rewards to your users.

10K 1 unpatched

HostPlugin – WooCommerce Points & Rewards

hostplugin-woocommerce-points-and-rewards

Reward your loyal customers for purchases and other actions using points which can be redeemed for discounts on future purchase.

50 No CVEs

WupSales – Reward Points for WooCommerce

wupsales-reward-points-for-woocommerce

Reward points and loyalty program with WupSales points management system for WooCommerce. Reward your Customers for Purchase, Reviews, Sign up, etc

30 No CVEs

Customers Loyalty Program – Points and Rewards

customers-loyalty-program-points-and-rewards

Complete solution for Customers Loyalty Program making.

10 No CVEs

Leat

leat-crm

100

Create and manage customer loyalty programs with points, rewards, and automated marketing - works both online and in-store.

10 No CVEs

Developer Profile

Vite Rewards for Woocommerce Developer Profile

appsbd

7 plugins · 3K total installs

trust score

Avg Security Score

98/100

Avg Patch Time

68 days

View full developer profile

Detection Fingerprints

How We Detect Vite Rewards for Woocommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/vite-rewards/assets/css/style.css/wp-content/plugins/vite-rewards/assets/js/vite-rewards.js

Script Paths

/wp-content/plugins/vite-rewards/assets/js/vite-rewards.js

Version Parameters

vite-rewards/style.css?ver=vite-rewards/script.js?ver=

HTML / DOM Fingerprints

CSS Classes

custom_rwd

JS Globals

vite_reward_frontend_params

REST Endpoints

/wp-json/appsbd/v1/vite-reward

Shortcode Output

[VRD_USER_ACCOUNT][VRD_APPLY_REWARD]

FAQ