Does Wallkit Subscriptions & Paywall Plugin for WordPress have any unpatched vulnerabilities?

No. All known vulnerabilities in Wallkit Subscriptions & Paywall Plugin for WordPress have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Wallkit Subscriptions & Paywall Plugin for WordPress compatible with WordPress 6.6.5?

According to WordPress.org data, Wallkit Subscriptions & Paywall Plugin for WordPress 3.4.4 has been tested up to WordPress 6.6.5. Check the plugin's changelog for the latest compatibility information.

Is Wallkit Subscriptions & Paywall Plugin for WordPress compatible with PHP 5.6+?

Wallkit Subscriptions & Paywall Plugin for WordPress requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

Wallkit Subscriptions & Paywall Plugin for WordPress Security & Risk Analysis

wordpress.org/plugins/wallkit

A Plug & Play paid-content system to manage subscribers, gather fees and drive additional content sales.

20 active installs v3.4.4 PHP 5.6+ WP 4.0+ Updated Mar 26, 2025

membershipspaid-membershippaywallrecurring-paymentssubscriptions

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Wallkit Subscriptions & Paywall Plugin for WordPress Safe to Use in 2026?

Generally Safe

Score 92/100

Wallkit Subscriptions & Paywall Plugin for WordPress has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The Wallkit plugin v3.4.4 exhibits a mixed security posture. On the positive side, it demonstrates good practices by exclusively using prepared statements for SQL queries, showing a high percentage of properly escaped outputs, and avoiding file operations and external HTTP requests. The absence of any recorded vulnerabilities or CVEs in its history is also a significant strength, suggesting a history of stable and secure development. However, several areas raise concern. The plugin exposes six AJAX handlers without any authentication checks, creating a substantial attack surface that could be exploited by unauthenticated users. Furthermore, the presence of the `unserialize` function, while not directly linked to a vulnerability in this analysis, is a known risky function that can lead to serious security issues if not handled with extreme caution and proper input validation. The lack of capability checks on any of its entry points is another significant oversight that could allow unauthorized users to trigger actions they shouldn't have access to. The taint analysis showing zero flows is good, but the overall risk is elevated by the known insecure code patterns and lack of proper authorization checks.

Key Concerns

Unprotected AJAX handlers
Presence of unserialize function
No capability checks on entry points

Vulnerabilities

None known

Wallkit Subscriptions & Paywall Plugin for WordPress Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Wallkit Subscriptions & Paywall Plugin for WordPress Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

108 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$option = unserialize(wp_unslash($option));includes\class-wallkit-wp-settings.php:146

unserialize$settings = unserialize(wp_unslash($settings));includes\class-wallkit-wp-settings.php:193

unserialize$option = unserialize(wp_unslash($option));includes\class-wallkit-wp-settings.php:253

Output Escaping

91% escaped119 total outputs

Attack Surface

6 unprotected

Wallkit Subscriptions & Paywall Plugin for WordPress Attack Surface

Entry Points18

Unprotected6

AJAX Handlers 6

authwp_ajax_wk_run_sync_taskincludes\class-wallkit-wp.php:267

authwp_ajax_wk_continue_sync_taskincludes\class-wallkit-wp.php:269

authwp_ajax_wk_stop_sync_taskincludes\class-wallkit-wp.php:271

authwp_ajax_wk_pause_sync_taskincludes\class-wallkit-wp.php:273

authwp_ajax_wk_check_sync_taskincludes\class-wallkit-wp.php:275

authwp_ajax_wk_chart_analyticincludes\class-wallkit-wp.php:277

Shortcodes 12

[wk-account-page] includes\class-wallkit-wp.php:315

[wk_my_account] includes\class-wallkit-wp.php:316

[wk_site_logo] includes\class-wallkit-wp.php:317

[wk_my_account_button] includes\class-wallkit-wp.php:318

[wk_my_account_img] includes\class-wallkit-wp.php:319

[wk_full_name] includes\class-wallkit-wp.php:320

[wk_first_name] includes\class-wallkit-wp.php:321

[wk_last_name] includes\class-wallkit-wp.php:322

[wk_email] includes\class-wallkit-wp.php:323

[wk_id] includes\class-wallkit-wp.php:324

[wk_company] includes\class-wallkit-wp.php:325

[wk_job] includes\class-wallkit-wp.php:326

WordPress Hooks 35

filterwallkit_override_integration_settingsadmin\class-wallkit-wp-admin.php:461

filterthe_contentadmin\class-wallkit-wp-admin.php:655

actionadmin_print_footer_scriptsadmin\class-wallkit-wp-admin.php:764

filtertiny_mce_before_initadmin\class-wallkit-wp-admin.php:796

filterwallkit_check_post_accessincludes\class-wallkit-wp-access.php:34

actioninitincludes\class-wallkit-wp.php:235

actionadmin_enqueue_scriptsincludes\class-wallkit-wp.php:237

actionadmin_enqueue_scriptsincludes\class-wallkit-wp.php:239

actionadmin_initincludes\class-wallkit-wp.php:241

actionadmin_initincludes\class-wallkit-wp.php:243

actionadmin_initincludes\class-wallkit-wp.php:245

actionadmin_menuincludes\class-wallkit-wp.php:247

actionsave_postincludes\class-wallkit-wp.php:251

actionbefore_delete_postincludes\class-wallkit-wp.php:252

filterthe_contentincludes\class-wallkit-wp.php:255

filterthe_contentincludes\class-wallkit-wp.php:257

actionadd_meta_boxesincludes\class-wallkit-wp.php:259

actionsave_postincludes\class-wallkit-wp.php:261

actionwpwkp_task_createincludes\class-wallkit-wp.php:263

actionwpwkp_task_continueincludes\class-wallkit-wp.php:265

actioninitincludes\class-wallkit-wp.php:294

actionrest_api_initincludes\class-wallkit-wp.php:295

actionwp_headincludes\class-wallkit-wp.php:296

filterbody_classincludes\class-wallkit-wp.php:297

actionwp_enqueue_scriptsincludes\class-wallkit-wp.php:298

actionwp_enqueue_scriptsincludes\class-wallkit-wp.php:299

actionwp_enqueue_scriptsincludes\class-wallkit-wp.php:300

actionwp_headincludes\class-wallkit-wp.php:302

actionwp_headincludes\class-wallkit-wp.php:305

actionwp_footerincludes\class-wallkit-wp.php:307

filterwp_nav_menu_itemsincludes\class-wallkit-wp.php:312

filterdisable_wallkit_default_setup_integrationincludes\class-wallkit-wp.php:329

actionwp_headpublic\class-wallkit-wp-public.php:183

actionwp_footerpublic\class-wallkit-wp-public.php:185

filterscript_loader_tagpublic\class-wallkit-wp-public.php:191

Scheduled Events 2

wpwkp_task_create

wpwkp_task_continue

Maintenance & Trust

Wallkit Subscriptions & Paywall Plugin for WordPress Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5

Last updatedMar 26, 2025

PHP min version5.6

Downloads4K

Community Trust

Rating0/100

Number of ratings0

Active installs20

Alternatives

Wallkit Subscriptions & Paywall Plugin for WordPress Alternatives

Memberful – Membership Plugin

memberful-wp

Sell memberships and restrict access to content with WordPress and Memberful.

1K 3 CVEs

Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction

paid-member-subscriptions

Feature-packed membership plugin for creating subscription plans, adding recurring payments & content restriction on your membership site.

10K 16 CVEs

Pay with Vipps and MobilePay for WooCommerce

woo-vipps

100

Official Vipps MobilePay payment plugin for WooCommerce.

5K 1 CVE

Subscriptions & Memberships for PayPal

subscriptions-memberships-for-paypal

A simple and easy way to sell subscriptions and / or memberships with PayPal. No Coding Required. Official PayPal Partner.

1K 4 CVEs

Recurio – Ultimate Subscription Plugin for WooCommerce

recurio

100

A powerful and comprehensive WooCommerce subscription management plugin with advanced analytics, automated billing, and customer portal.

400 No CVEs

Developer Profile

Wallkit Subscriptions & Paywall Plugin for WordPress Developer Profile

wallkit

1 plugin · 20 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Wallkit Subscriptions & Paywall Plugin for WordPress

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wallkit/admin/css/wallkit-wp-admin.min.css/wp-content/plugins/wallkit/public/js/wallkit-wp-public.min.js/wp-content/plugins/wallkit/admin/js/wallkit-wp-admin.min.js

Script Paths

/wp-content/plugins/wallkit/admin/js/wallkit-wp-admin.min.js/wp-content/plugins/wallkit/public/js/wallkit-wp-public.min.js

Version Parameters

wallkit-wp-admin.min.css?ver=wallkit-wp-admin.min.js?ver=wallkit-wp-public.min.js?ver=

HTML / DOM Fingerprints

CSS Classes

wallkit-admin-wrapwallkit-admin-tabswallkit-inputwallkit-page-settings-wrap

HTML Comments

Data Attributes

data-wallkit-fielddata-wallkit-type

JS Globals

window.wallkit_publiccodemirror_paywall_stylescodemirror_ad

REST Endpoints

/wp-json/wallkit/v1/settings/wp-json/wallkit/v1/content/wp-json/wallkit/v1/users

Shortcode Output

[wallkit_protected_content][wallkit_subscribe_button][wallkit_membership_level]

FAQ