Does Ultimate Gift Cards for WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in Ultimate Gift Cards for WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Ultimate Gift Cards for WooCommerce compatible with WordPress 6.9.4?

According to WordPress.org data, Ultimate Gift Cards for WooCommerce 3.2.5 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Ultimate Gift Cards for WooCommerce compatible with PHP 7.4+?

Ultimate Gift Cards for WooCommerce requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Ultimate Gift Cards for WooCommerce updated?

Ultimate Gift Cards for WooCommerce was last updated on Feb 12, 2026. Frequent updates are generally a positive security signal.

What is Ultimate Gift Cards for WooCommerce's security score?

Ultimate Gift Cards for WooCommerce has a WP-Safety security score of 97/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Ultimate Gift Cards for WooCommerce Security & Risk Analysis

wordpress.org/plugins/woo-gift-cards-lite

Create, sell and manage WooCommerce gift cards to attract more sales and multiply your revenue at your online store.

7K active installs v3.2.5 PHP 7.4+ WP 6.7+ Updated Feb 12, 2026

giftgift-cardgift-certificatesgift-voucherswoocommerce-gift-cards

A · Safe

CVEs total3

Unpatched0

Last CVEJun 2, 2025

Plugin page Download

Safety Verdict

Is Ultimate Gift Cards for WooCommerce Safe to Use in 2026?

Generally Safe

Score 97/100

Ultimate Gift Cards for WooCommerce has a strong security track record. Known vulnerabilities have been patched promptly.

3 known CVEsLast CVE: Jun 2, 2025Updated 1mo ago

Risk Assessment

The "woo-gift-cards-lite" plugin version 3.2.5 presents a mixed security posture. While the static analysis indicates good practices in areas like output escaping and SQL query preparation (96% and 71% respectively), and no critical or high severity taint flows were found, significant concerns arise from the substantial attack surface with missing authorization checks. A large number of AJAX handlers (18 out of 20) lack authentication, creating a broad entry point for potential unauthorized actions. The vulnerability history reveals a past pattern of medium severity issues including SQL Injection, Missing Authorization, and CSRF. Although there are currently no unpatched vulnerabilities, the historical prevalence of these types of flaws, particularly those related to authorization and SQL, combined with the current lack of authorization checks on many AJAX endpoints, suggests a recurring weakness that could be exploited if new vulnerabilities are introduced or discovered.

Key Concerns

Large attack surface without authorization
Missing nonce checks on AJAX handlers
SQL queries without prepared statements
Past medium severity vulnerabilities

Vulnerabilities

Ultimate Gift Cards for WooCommerce Security Vulnerabilities

CVEs by Year

1 CVE in 2021

2021

1 CVE in 2024

2024

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Medium

3 total CVEs

CVE-2025-5103medium · 4.9Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Ultimate Gift Cards for WooCommerce <= 3.1.4 - Authenticated (Administrator+) SQL Injection via wps_wgm_save_post Function

Jun 2, 2025 Patched in 3.1.5 (1d)

CVE-2024-1857medium · 5.3Missing Authorization

Ultimate Gift Cards for WooCommerce – Create, Redeem & Manage Digital Gift Certificates with Personalized Templates <= 2.6.6 - Missing Authorization to Unauthenticated Information Exposure

Mar 15, 2024 Patched in 2.6.7 (1d)

CVE-2021-4391medium · 4.3Cross-Site Request Forgery (CSRF)

Ultimate Gift Cards for WooCommerce <= 2.1.1 - Cross-Site Request Forgery Bypass

Jun 21, 2021 Patched in 2.1.2 (946d)

Code Analysis

Analyzed Mar 16, 2026

Ultimate Gift Cards for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

10 prepared

Unescaped Output

679 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

71% prepared14 total queries

Output Escaping

96% escaped706 total outputs

Data Flows

All sanitized

Data Flow Analysis

4 flows

wps_wgm_preview_report_details (admin\class-woocommerce-gift-cards-lite-admin.php:1985)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

18 unprotected

Ultimate Gift Cards for WooCommerce Attack Surface

Entry Points24

Unprotected18

AJAX Handlers 20

authwp_ajax_send_onboarding_dataincludes\class-makewebbetter-onboarding-helper.php:131

noprivwp_ajax_send_onboarding_dataincludes\class-makewebbetter-onboarding-helper.php:132

authwp_ajax_skip_onboarding_popupincludes\class-makewebbetter-onboarding-helper.php:135

noprivwp_ajax_skip_onboarding_popupincludes\class-makewebbetter-onboarding-helper.php:136

authwp_ajax_wps_wgm_dismiss_noticeincludes\class-woocommerce-gift-cards-lite.php:189

authwp_ajax_wps_wgm_dismiss_notice_bannerincludes\class-woocommerce-gift-cards-lite.php:190

authwp_ajax_wgm_ajax_callbacksincludes\class-woocommerce-gift-cards-lite.php:198

authwp_ajax_wps_uwgc_gift_card_detailsincludes\class-woocommerce-gift-cards-lite.php:223

noprivwp_ajax_wps_uwgc_gift_card_detailsincludes\class-woocommerce-gift-cards-lite.php:224

authwp_ajax_wps_migrate_smart_coupons_to_giftcardsincludes\class-woocommerce-gift-cards-lite.php:238

noprivwp_ajax_wps_migrate_smart_coupons_to_giftcardsincludes\class-woocommerce-gift-cards-lite.php:239

authwp_ajax_wps_wgc_preview_thickbox_rqstincludes\class-woocommerce-gift-cards-lite.php:266

noprivwp_ajax_wps_wgc_preview_thickbox_rqstincludes\class-woocommerce-gift-cards-lite.php:267

authwp_ajax_wps_uwgc_check_gift_balance_orgincludes\class-woocommerce-gift-cards-lite.php:271

noprivwp_ajax_wps_uwgc_check_gift_balance_orgincludes\class-woocommerce-gift-cards-lite.php:272

authwp_ajax_wps_recharge_wallet_via_giftcardincludes\class-woocommerce-gift-cards-lite.php:296

noprivwp_ajax_wps_recharge_wallet_via_giftcardincludes\class-woocommerce-gift-cards-lite.php:297

authwp_ajax_wps_wgm_append_variable_priceincludes\class-woocommerce-gift-cards-lite.php:300

noprivwp_ajax_wps_wgm_append_variable_priceincludes\class-woocommerce-gift-cards-lite.php:301

authwp_ajax_redeem_gift_card_couponincludes\class-woocommerce-gift-cards-lite.php:311

REST API Routes 3

POST/wp-json/gifting/redeem-giftcardincludes\giftcard-redeem-api-addon.php:17

POST/wp-json/gifting/get-giftcardincludes\giftcard-redeem-api-addon.php:28

POST/wp-json/gifting/recharge-giftcardincludes\giftcard-redeem-api-addon.php:39

Shortcodes 1

[wps_check_your_gift_card_balance] public\class-woocommerce-gift-cards-lite-public.php:2485

WordPress Hooks 96

actionadmin_enqueue_scriptsincludes\class-makewebbetter-onboarding-helper.php:123

actionadmin_enqueue_scriptsincludes\class-makewebbetter-onboarding-helper.php:124

actionadmin_footerincludes\class-makewebbetter-onboarding-helper.php:125

actionadmin_footerincludes\class-makewebbetter-onboarding-helper.php:126

filterwps_on_boarding_form_fieldsincludes\class-makewebbetter-onboarding-helper.php:127

filterwps_deactivation_form_fieldsincludes\class-makewebbetter-onboarding-helper.php:128

actionplugins_loadedincludes\class-woocommerce-gift-cards-lite.php:148

actionadmin_enqueue_scriptsincludes\class-woocommerce-gift-cards-lite.php:162

actionadmin_enqueue_scriptsincludes\class-woocommerce-gift-cards-lite.php:163

actionadmin_menuincludes\class-woocommerce-gift-cards-lite.php:164

filterproduct_type_selectorincludes\class-woocommerce-gift-cards-lite.php:165

actionwoocommerce_product_options_general_product_dataincludes\class-woocommerce-gift-cards-lite.php:166

actionsave_postincludes\class-woocommerce-gift-cards-lite.php:167

actionwoocommerce_product_data_tabsincludes\class-woocommerce-gift-cards-lite.php:168

actionwoocommerce_after_order_itemmetaincludes\class-woocommerce-gift-cards-lite.php:169

filterwoocommerce_hidden_order_itemmetaincludes\class-woocommerce-gift-cards-lite.php:170

actionadmin_noticesincludes\class-woocommerce-gift-cards-lite.php:171

actioninitincludes\class-woocommerce-gift-cards-lite.php:174

actionedit_form_after_titleincludes\class-woocommerce-gift-cards-lite.php:175

actioninitincludes\class-woocommerce-gift-cards-lite.php:177

actioninitincludes\class-woocommerce-gift-cards-lite.php:178

actioninitincludes\class-woocommerce-gift-cards-lite.php:179

actioninitincludes\class-woocommerce-gift-cards-lite.php:180

filterpost_row_actionsincludes\class-woocommerce-gift-cards-lite.php:181

actioninitincludes\class-woocommerce-gift-cards-lite.php:182

filterplugin_row_metaincludes\class-woocommerce-gift-cards-lite.php:183

actionadmin_initincludes\class-woocommerce-gift-cards-lite.php:186

actionwps_wgm_check_for_notification_updateincludes\class-woocommerce-gift-cards-lite.php:187

actionadmin_noticesincludes\class-woocommerce-gift-cards-lite.php:188

filterwps_helper_valid_frontend_screensincludes\class-woocommerce-gift-cards-lite.php:192

filterwps_deactivation_supported_slugincludes\class-woocommerce-gift-cards-lite.php:194

filterpost_row_actionsincludes\class-woocommerce-gift-cards-lite.php:196

actionadmin_menuincludes\class-woocommerce-gift-cards-lite.php:199

actionpre_get_postsincludes\class-woocommerce-gift-cards-lite.php:202

filterwps_wgm_other_settingincludes\class-woocommerce-gift-cards-lite.php:207

actionwps_points_admin_table_logincludes\class-woocommerce-gift-cards-lite.php:208

actioninitincludes\class-woocommerce-gift-cards-lite.php:215

actionwps_reset_gifting_requestincludes\class-woocommerce-gift-cards-lite.php:217

actionwp_before_admin_bar_renderincludes\class-woocommerce-gift-cards-lite.php:220

actionwoocommerce_admin_reportsincludes\class-woocommerce-gift-cards-lite.php:221

actioninitincludes\class-woocommerce-gift-cards-lite.php:222

actionwps_wgm_coupon_reporting_with_orderincludes\class-woocommerce-gift-cards-lite.php:225

filterbulk_actions-edit-shop_couponincludes\class-woocommerce-gift-cards-lite.php:228

filterhandle_bulk_actions-edit-shop_couponincludes\class-woocommerce-gift-cards-lite.php:229

actionadmin_noticesincludes\class-woocommerce-gift-cards-lite.php:230

filtermanage_edit-shop_coupon_columnsincludes\class-woocommerce-gift-cards-lite.php:233

actionmanage_shop_coupon_posts_custom_columnincludes\class-woocommerce-gift-cards-lite.php:234

actionwp_dashboard_setupincludes\class-woocommerce-gift-cards-lite.php:236

actionwp_enqueue_scriptsincludes\class-woocommerce-gift-cards-lite.php:251

actionwp_enqueue_scriptsincludes\class-woocommerce-gift-cards-lite.php:252

filterwoocommerce_get_price_htmlincludes\class-woocommerce-gift-cards-lite.php:253

actionwoocommerce_before_add_to_cart_buttonincludes\class-woocommerce-gift-cards-lite.php:254

filterwoocommerce_add_cart_item_dataincludes\class-woocommerce-gift-cards-lite.php:255

filterwoocommerce_get_item_dataincludes\class-woocommerce-gift-cards-lite.php:256

actionwoocommerce_before_calculate_totalsincludes\class-woocommerce-gift-cards-lite.php:257

actionwoocommerce_order_status_changedincludes\class-woocommerce-gift-cards-lite.php:258

actionwoocommerce_checkout_create_order_line_itemincludes\class-woocommerce-gift-cards-lite.php:259

actionwoocommerce_wgm_gift_card_add_to_cartincludes\class-woocommerce-gift-cards-lite.php:260

filterwoocommerce_loop_add_to_cart_linkincludes\class-woocommerce-gift-cards-lite.php:261

filterwoocommerce_product_is_taxableincludes\class-woocommerce-gift-cards-lite.php:262

actionwoocommerce_before_single_productincludes\class-woocommerce-gift-cards-lite.php:263

actionwoocommerce_product_queryincludes\class-woocommerce-gift-cards-lite.php:264

filterwc_shipping_enabledincludes\class-woocommerce-gift-cards-lite.php:265

actioninitincludes\class-woocommerce-gift-cards-lite.php:268

actioninitincludes\class-woocommerce-gift-cards-lite.php:270

filterwoocommerce_coupons_enabledincludes\class-woocommerce-gift-cards-lite.php:277

filterwoocommerce_order_item_get_formatted_meta_dataincludes\class-woocommerce-gift-cards-lite.php:280

filterwc_price_based_country_product_types_overridenincludes\class-woocommerce-gift-cards-lite.php:281

filterwoocommerce_hold_stock_for_checkoutincludes\class-woocommerce-gift-cards-lite.php:282

filterwoocommerce_cart_item_priceincludes\class-woocommerce-gift-cards-lite.php:284

filterwps_currency_switcher_get_custom_product_typeincludes\class-woocommerce-gift-cards-lite.php:286

actionwoocommerce_order_status_changedincludes\class-woocommerce-gift-cards-lite.php:287

actionwoocommerce_order_status_cancelledincludes\class-woocommerce-gift-cards-lite.php:288

actionwoocommerce_order_status_refundedincludes\class-woocommerce-gift-cards-lite.php:289

filterwoocommerce_coupon_is_validincludes\class-woocommerce-gift-cards-lite.php:290

filterwoocommerce_coupon_get_discount_amountincludes\class-woocommerce-gift-cards-lite.php:291

actionwps_wsfw_add_wallet_register_endpointincludes\class-woocommerce-gift-cards-lite.php:294

filterwps_wsfw_add_wallet_tabsincludes\class-woocommerce-gift-cards-lite.php:295

actionwoocommerce_product_thumbnailsincludes\class-woocommerce-gift-cards-lite.php:303

actionwoocommerce_add_to_cartincludes\class-woocommerce-gift-cards-lite.php:305

actionwps_extend_point_tab_sectionincludes\class-woocommerce-gift-cards-lite.php:310

actionwps_points_on_first_orderincludes\class-woocommerce-gift-cards-lite.php:312

actionwps_wgm_send_mail_to_senderincludes\class-woocommerce-gift-cards-lite.php:315

actionrest_api_initincludes\giftcard-redeem-api-addon.php:14

actionbefore_woocommerce_initwoocommerce_gift_cards_lite.php:58

filterplugin_action_linkswoocommerce_gift_cards_lite.php:96

actionplugins_loadedwoocommerce_gift_cards_lite.php:229

actionwpwoocommerce_gift_cards_lite.php:327

actionwp_initialize_sitewoocommerce_gift_cards_lite.php:347

actionadmin_initwoocommerce_gift_cards_lite.php:377

actionadmin_initwoocommerce_gift_cards_lite.php:503

actionadmin_noticeswoocommerce_gift_cards_lite.php:525

actionadmin_noticeswoocommerce_gift_cards_lite.php:570

actionadmin_initwps-wgc-lite-gdpr.php:42

filterwp_privacy_personal_data_exporterswps-wgc-lite-gdpr.php:65

filterwp_privacy_personal_data_eraserswps-wgc-lite-gdpr.php:202

Scheduled Events 2

wps_wgm_check_for_notification_update

wps_reset_gifting_request

Maintenance & Trust

Ultimate Gift Cards for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 12, 2026

PHP min version7.4

Downloads315K

Community Trust

Rating94/100

Number of ratings235

Active installs7K

Alternatives

Ultimate Gift Cards for WooCommerce Alternatives

Store credit / Gift cards for woocommerce

store-credit-for-woocommerce

Offer store credit or gift cards to customers that they can use until their credit is finished

100 1 CVE

Wyseme Gift Cards for WooCommerce by Saara INC – Create Gift card for https://wyse.me/ platform.

wyseme-giftcard-by-saara

100

This plugin is made for specifically for the merchant those are using https://wyse.me/ platform. This plugin should not be consider as a general giftc …

0 No CVEs

Gift Up Gift Cards for WordPress and WooCommerce

gift-up

The simplest way to sell gift cards online. Sell your own gift cards, gift certificates and gift vouchers from inside your WordPress website easily wi …

5K 3 CVEs

WebToffee Gift Cards for WooCommerce

wt-gift-cards-woocommerce

100

Create and sell WooCommerce gift cards in your store. Allow your customers to buy, redeem, and share gift vouchers easily.

1K No CVEs

VaocherApp – Gift cards/vouchers system for WordPress & WooCommerce

vaocher-app

Sell your own gift cards, gift vouchers and gift certificates from your WordPress website (WooCommerce compatible) easily in just a few minutes

40 No CVEs

Developer Profile

Ultimate Gift Cards for WooCommerce Developer Profile

WP Swings

13 plugins · 43K total installs

trust score

Avg Security Score

97/100

Avg Patch Time

101 days

View full developer profile

Detection Fingerprints

How We Detect Ultimate Gift Cards for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/woo-gift-cards-lite/assets/css/backend.css/wp-content/plugins/woo-gift-cards-lite/assets/css/frontend.css/wp-content/plugins/woo-gift-cards-lite/assets/css/wps-wgc-public.css/wp-content/plugins/woo-gift-cards-lite/assets/js/wps-wgc-admin-script.js/wp-content/plugins/woo-gift-cards-lite/assets/js/wps-wgc-public.js/wp-content/plugins/woo-gift-cards-lite/wps-wgc-lite-gdpr.php

Script Paths

/wp-content/plugins/woo-gift-cards-lite/assets/js/wps-wgc-admin-script.js/wp-content/plugins/woo-gift-cards-lite/assets/js/wps-wgc-public.js

Version Parameters

woo-gift-cards-lite/assets/css/backend.css?ver=woo-gift-cards-lite/assets/css/frontend.css?ver=woo-gift-cards-lite/assets/css/wps-wgc-public.css?ver=woo-gift-cards-lite/assets/js/wps-wgc-admin-script.js?ver=woo-gift-cards-lite/assets/js/wps-wgc-public.js?ver=

HTML / DOM Fingerprints

CSS Classes

wps-wgc-admin-csswps-wgm-go-prowps-wgc-gift-card-formwps-wgc-gift-card-pagewps-wgc-gift-card-detailswps-wgc-gift-card-recipient-namewps-wgc-gift-card-recipient-emailwps-wgc-gift-card-message+11 more

HTML Comments

+6 more

Data Attributes

data-wps-wgc-gift-card-iddata-wps-wgc-gift-card-amountdata-wps-wgc-gift-card-codedata-wps-wgc-gift-card-recipient-namedata-wps-wgc-gift-card-recipient-emaildata-wps-wgc-gift-card-message+6 more

JS Globals

wps_wgc_admin_objwps_wgc_public_obj

Shortcode Output

[product_category category='wps_wgm_giftcard']

FAQ