WP-Safety

Force Coupon for WooCommerce Security & Risk Analysis

wordpress.org/plugins/woo-force-coupon

A lightweight WooCommerce based plugin to force the customer to enter a coupon code during checkout

10 active installs v1.0.1 PHP + WP 3.0.1+ Updated Sep 28, 2025
checkoutcouponforcewoowoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Force Coupon for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Force Coupon for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7mo ago
Risk Assessment

The "woo-force-coupon" v1.0.1 plugin exhibits a mixed security posture. On the positive side, the plugin demonstrates good practices in several areas. It has no known CVEs, a zero attack surface of unprotected entry points (AJAX handlers, REST API routes, shortcodes, cron events), and all SQL queries are properly prepared, indicating a strong defense against SQL injection. There are also no file operations or external HTTP requests, further limiting potential attack vectors. However, the presence of the `create_function` function is a significant concern. This function is deprecated and notoriously insecure as it can be exploited to execute arbitrary PHP code. Furthermore, the low percentage of properly escaped output (36%) raises concerns about potential Cross-Site Scripting (XSS) vulnerabilities.

Key Concerns

  • Use of deprecated and insecure create_function
  • Low percentage of properly escaped output
  • Missing nonce checks
  • Missing capability checks
Vulnerabilities
None known

Force Coupon for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Force Coupon for WooCommerce Release Timeline

v1.0.1Current
v1.0.0
Code Analysis
Analyzed Mar 16, 2026

Force Coupon for WooCommerce Code Analysis

Dangerous Functions
1
Raw SQL Queries
0
0 prepared
Unescaped Output
14
8 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Dangerous Functions Found

create_function$callback = create_function('', 'echo "'.str_replace('"', '\"', $section['desc']).'";');admin\class-settings-api.php:84

Output Escaping

36% escaped22 total outputs
Attack Surface

Force Coupon for WooCommerce Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 6
actionadmin_enqueue_scriptsadmin\class-settings-api.php:19
actionadmin_initadmin\class-woo-force-coupon-admin.php:15
actionadmin_menuadmin\class-woo-force-coupon-admin.php:16
actionplugins_loadedpublic\class-woo-force-coupon.php:11
actionwoocommerce_checkout_processpublic\class-woo-force-coupon.php:12
actionwoocommerce_checkout_coupon_messagepublic\class-woo-force-coupon.php:13
Maintenance & Trust

Force Coupon for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested5.2.24
Last updatedSep 28, 2025
PHP min version
Downloads3K

Community Trust

Rating100/100
Number of ratings2
Active installs10
Alternatives

Force Coupon for WooCommerce Alternatives

Checkout Simulator for WooCommerce

Checkout Simulator for WooCommerce

checkout-simulator-for-woocommerce

A
100

Preview WooCommerce checkout in the admin: zones, shipping, coupons, payments, and totals. No order placed; all on your server.

0 No CVEs
Magic Deal Links for WooCommerce

Magic Deal Links for WooCommerce

magic-deal-links-for-woocommerce

A
100

Create promo links that add a WooCommerce product to cart, apply a coupon, and send customers to checkout.

0 No CVEs
Simple multi-currency for Woocommerce by Invelity

Simple multi-currency for Woocommerce by Invelity

simple-multi-currency-for-woocommerce

A
85

Access to documentation

0 No CVEs
Limit Login Attempts Reloaded – Login Security, 2FA, Brute Force Protection & Firewall

Limit Login Attempts Reloaded – Login Security, 2FA, Brute Force Protection & Firewall

limit-login-attempts-reloaded

A
98

Stop password guessing attacks, secure WooCommerce, block bad IPs, block by countries (Pro), and add email 2FA. Lightweight with better performance.

2.0M 4 CVEs
Checkout Field Editor (Checkout Manager) for WooCommerce

Checkout Field Editor (Checkout Manager) for WooCommerce

woo-checkout-field-editor-pro

A
93

Checkout Field Editor (Checkout Manager) for WooCommerce – The best WooCommerce checkout manager plugin to manage WooCommerce checkout fields.

500K 3 CVEs
Developer Profile

Force Coupon for WooCommerce Developer Profile

Kowsar Hossain

3 plugins · 4K total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Force Coupon for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/woo-force-coupon/public/css/public.css/wp-content/plugins/woo-force-coupon/public/js/public.js
Script Paths
/wp-content/plugins/woo-force-coupon/public/js/public.js
Version Parameters
woo-force-coupon/public/css/public.css?ver=woo-force-coupon/public/js/public.js?ver=

HTML / DOM Fingerprints

CSS Classes
wfc-coupon-notice
JS Globals
wfc_params
FAQ

Frequently Asked Questions about Force Coupon for WooCommerce