WP-Safety

ThankRedirect – Custom Thank You Pages for WooCommerce Security & Risk Analysis

wordpress.org/plugins/wc-thank-you-page

Redirect customers to beautiful custom thank you pages and turn every WooCommerce order into repeat sales.

90 active installs v2.0.1 PHP 7.4+ WP 6.2+ Updated Nov 3, 2025
custom-thank-you-pagethank-you-pagewoo-thank-you-pagewoocommerce-thank-youwoocommerce-thank-you-page
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is ThankRedirect – Custom Thank You Pages for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

ThankRedirect – Custom Thank You Pages for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5mo ago
Risk Assessment

The "wc-thank-you-page" plugin v2.0.1 exhibits a generally strong security posture, largely due to its adherence to WordPress security best practices. All identified entry points (REST API routes) have permission callbacks, indicating proper authorization checks are in place. The plugin also exclusively uses prepared statements for SQL queries, which is a critical defense against SQL injection vulnerabilities. Furthermore, the presence of nonce checks and capability checks, even if limited in number, suggests an awareness of common WordPress security vulnerabilities. The absence of known CVEs and a clean vulnerability history further bolster its perceived security. The plugin also avoids dangerous functions and external HTTP requests, which are common vectors for exploitation.

However, a significant concern arises from the taint analysis, which identified two flows with unsanitized paths. While no critical or high severity issues were flagged here, unsanitized paths can lead to directory traversal or arbitrary file read/write vulnerabilities if exploited in conjunction with other weaknesses. The output escaping, while present for a majority of outputs, is not perfect (68% properly escaped), leaving a portion of outputs potentially vulnerable to cross-site scripting (XSS) attacks if user-supplied data is directly reflected. The bundled Freemius library is also at version 1.0, which may be outdated and could have its own unpatched vulnerabilities.

In conclusion, the "wc-thank-you-page" plugin v2.0.1 is built on a solid foundation of security best practices, particularly regarding its handling of core WordPress features like AJAX, REST API, and database interactions. The lack of historical vulnerabilities is a positive indicator. Nevertheless, the presence of unsanitized paths in taint analysis and partially unescaped output represent potential weaknesses that require attention. The bundled library's version also warrants a review for potential security implications.

Key Concerns

  • Taint flows with unsanitized paths
  • Output escaping not fully implemented
  • Bundled outdated library (Freemius v1.0)
Vulnerabilities
None known

ThankRedirect – Custom Thank You Pages for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

ThankRedirect – Custom Thank You Pages for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
13
27 escaped
Nonce Checks
1
Capability Checks
3
File Operations
2
External Requests
0
Bundled Libraries
1

Bundled Libraries

Freemius1.0

Output Escaping

68% escaped40 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths
wpkin_add_analytics_scripts (includes\Frontend\WPKIN_Thank_You_Redirect.php:25)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

ThankRedirect – Custom Thank You Pages for WooCommerce Attack Surface

Entry Points6
Unprotected0

REST API Routes 6

GET/wp-json/wpkin-thankyou-page/v1/settingsincludes\API\Routers.php:26
POST/wp-json/wpkin-thankyou-page/v1/save-settingsincludes\API\Routers.php:34
GET/wp-json/templatex/v1/templatesincludes\Templates\Elementor\Includes\TemplateX_Library.php:39
GET/wp-json/templatex/v1/templates/(?P<id>[a-zA-Z0-9-]+)includes\Templates\Elementor\Includes\TemplateX_Library.php:46
GET/wp-json/templatex/v1/gutenberg-templatesincludes\Templates\Gutenberg\Includes\TemplateX_Library.php:39
GET/wp-json/templatex/v1/gutenberg-templates/(?P<id>[a-zA-Z0-9-]+)includes\Templates\Gutenberg\Includes\TemplateX_Library.php:46
WordPress Hooks 18
actionadmin_menuincludes\Admin\Menu.php:15
actioninitincludes\Admin\Notice.php:15
actionadmin_noticesincludes\Admin\Notice.php:54
actionadmin_noticesincludes\Admin\Notice.php:60
actionadmin_noticesincludes\Admin\Notice.php:66
actionrest_api_initincludes\API\Routers.php:22
actionadmin_enqueue_scriptsincludes\Assets.php:14
actionwoocommerce_thankyouincludes\Frontend\WPKIN_Thank_You_Redirect.php:16
actionwp_headincludes\Frontend\WPKIN_Thank_You_Redirect.php:18
actionplugins_loadedincludes\Templates\Elementor\ElementorX.php:28
actionelementor/editor/before_enqueue_scriptsincludes\Templates\Elementor\Includes\TemplateX_Elementor.php:31
actionelementor/editor/after_enqueue_stylesincludes\Templates\Elementor\Includes\TemplateX_Elementor.php:32
actionrest_api_initincludes\Templates\Elementor\Includes\TemplateX_Library.php:31
actionplugins_loadedincludes\Templates\Gutenberg\GutenbergX.php:28
actionenqueue_block_editor_assetsincludes\Templates\Gutenberg\Includes\TemplateX_Gutenberg.php:48
actionrest_api_initincludes\Templates\Gutenberg\Includes\TemplateX_Library.php:31
actionplugins_loadedwc-thank-you-page.php:100
actionadmin_initwc-thank-you-page.php:101
Maintenance & Trust

ThankRedirect – Custom Thank You Pages for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedNov 3, 2025
PHP min version7.4
Downloads2K

Community Trust

Rating0/100
Number of ratings0
Active installs90
Alternatives

ThankRedirect – Custom Thank You Pages for WooCommerce Alternatives

Thank You Page for WooCommerce

Thank You Page for WooCommerce

wc-thanks-redirect

A
100

Thank You Page for WooCommerce allows adding Thank You Page or Thank You URL for WooCommerce Products for your Customers.

10K No CVEs
NextMove Lite – Thank You Page for WooCommerce

NextMove Lite – Thank You Page for WooCommerce

woo-thank-you-page-nextmove-lite

D
42

The only plugin in WooCommerce that empowers you to build profit-pulling Thank You Pages with plug & play components.

10K 4 unpatched
Thank You Page Customizer for WooCommerce – Increase Your Sales

Thank You Page Customizer for WooCommerce – Increase Your Sales

woo-thank-you-page-customizer

A
95

Craft a stunning thank you page effortlessly with our user-friendly customization tools, offer coupons to customers after purchase.

4K 5 CVEs
Custom Thank You Page Customize For WooCommerce by Binary Carpenter

Custom Thank You Page Customize For WooCommerce by Binary Carpenter

bc-woo-custom-thank-you-pages

A
91

Create thank you pages for all products, per products or per category

2K 1 CVE
Custom Thank You Page For Woocommerce

Custom Thank You Page For Woocommerce

custom-thank-you-page-for-woocommerce-product

A
85

This is a modification of the CloudSkyrocket.com plugin. It is very simple and strait forward Plugin for Woocommerce Shop Owners that would like to se &hellip;

10 No CVEs
Developer Profile

ThankRedirect – Custom Thank You Pages for WooCommerce Developer Profile

WPKIN

5 plugins · 30K total installs

76
trust score
Avg Security Score
96/100
Avg Patch Time
613 days
View full developer profile
Detection Fingerprints

How We Detect ThankRedirect – Custom Thank You Pages for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wc-thank-you-page/build/admin.bundle.css/wp-content/plugins/wc-thank-you-page/build/admin.bundle.js
Script Paths
/wp-content/plugins/wc-thank-you-page/build/admin.bundle.js
Version Parameters
wc-thank-you-page/build/admin.bundle.css?ver=wc-thank-you-page/build/admin.bundle.js?ver=

HTML / DOM Fingerprints

JS Globals
wpkinThankYouPage
FAQ

Frequently Asked Questions about ThankRedirect – Custom Thank You Pages for WooCommerce