WP-Safety

Woo Simple Gift Wrapping Security & Risk Analysis

wordpress.org/plugins/woo-simple-gift-wrapping

Small plugin create to help store owner add gift wrapping fee to order and let buyer select a gift card if they want

10 active installs v1.1 PHP + WP 3.0.1+ Updated Dec 23, 2015
gift-wrappingwoocommerce
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Woo Simple Gift Wrapping Safe to Use in 2026?

Generally Safe

Score 85/100

Woo Simple Gift Wrapping has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10yr ago
Risk Assessment

The 'woo-simple-gift-wrapping' v1.1 plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices by exclusively using prepared statements for all SQL queries and has no recorded vulnerability history, suggesting a potentially stable and secure codebase in the past. The absence of external HTTP requests and bundled libraries also reduces common attack vectors. However, significant concerns arise from the plugin's attack surface. Two AJAX handlers are present, and critically, both lack authentication checks, exposing them to unauthorized access and potential manipulation. This is a major weakness. Furthermore, the low percentage of properly escaped output (20%) indicates a high risk of Cross-Site Scripting (XSS) vulnerabilities, as user-supplied data may be rendered without sufficient sanitization, allowing attackers to inject malicious scripts.

Key Concerns

  • AJAX handlers without authentication
  • Low percentage of properly escaped output
Vulnerabilities
None known

Woo Simple Gift Wrapping Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Woo Simple Gift Wrapping Release Timeline

v1.1.0
v1.0.0
Code Analysis
Analyzed Mar 17, 2026

Woo Simple Gift Wrapping Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
4
1 escaped
Nonce Checks
0
Capability Checks
0
File Operations
1
External Requests
0
Bundled Libraries
0

Output Escaping

20% escaped5 total outputs
Attack Surface
2 unprotected

Woo Simple Gift Wrapping Attack Surface

Entry Points2
Unprotected2

AJAX Handlers 2

authwp_ajax_woocommerce_add_gift_boxwoo-simple-gift-wrapping.php:42
noprivwp_ajax_woocommerce_add_gift_boxwoo-simple-gift-wrapping.php:43
WordPress Hooks 14
actioninitwoo-simple-gift-wrapping.php:20
filterwoocommerce_get_settings_productswoo-simple-gift-wrapping.php:27
filterwoocommerce_get_sections_productswoo-simple-gift-wrapping.php:28
actionwoocommerce_update_options_productswoo-simple-gift-wrapping.php:29
actionwp_enqueue_scriptswoo-simple-gift-wrapping.php:33
actionwoocommerce_cart_calculate_feeswoo-simple-gift-wrapping.php:41
actionwoocommerce_before_checkout_shipping_formwoo-simple-gift-wrapping.php:244
actionwoocommerce_after_checkout_shipping_formwoo-simple-gift-wrapping.php:247
actionwoocommerce_before_checkout_billing_formwoo-simple-gift-wrapping.php:250
actionwoocommerce_after_checkout_billing_formwoo-simple-gift-wrapping.php:253
actionwoocommerce_before_order_noteswoo-simple-gift-wrapping.php:256
actionwoocommerce_after_order_noteswoo-simple-gift-wrapping.php:259
actionwoocommerce_before_checkout_formwoo-simple-gift-wrapping.php:262
filterwoocommerce_form_field_checkboxwoo-simple-gift-wrapping.php:273
Maintenance & Trust

Woo Simple Gift Wrapping Maintenance & Trust

Maintenance Signals

WordPress version tested4.3.34
Last updatedDec 23, 2015
PHP min version
Downloads2K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

Woo Simple Gift Wrapping Alternatives

Gift Wrapping for WooCommerce

Gift Wrapping for WooCommerce

gift-wrapping-for-woocommerce

A
92

Allow customers to select a gift wrapper for their orders.

1K No CVEs
Essential Addons for Elementor – Popular Elementor Templates & Widgets

Essential Addons for Elementor – Popular Elementor Templates & Widgets

essential-addons-for-elementor-lite

B
76

Elementor addon offering 110+ widgets and templates — Elementor Gallery, Slider, Form, Post Grid, Menu, Accordion, WooCommerce & more.

2.0M 59 CVEs
Limit Login Attempts Reloaded – Login Security, 2FA, Brute Force Protection & Firewall

Limit Login Attempts Reloaded – Login Security, 2FA, Brute Force Protection & Firewall

limit-login-attempts-reloaded

A
98

Stop password guessing attacks, secure WooCommerce, block bad IPs, block by countries (Pro), and add email 2FA. Lightweight with better performance.

2.0M 4 CVEs
Google for WooCommerce

Google for WooCommerce

google-listings-and-ads

A
99

Native integration with Google that allows merchants to easily display their products across Google’s network.

900K 1 CVE
WooPayments: Integrated WooCommerce Payments

WooPayments: Integrated WooCommerce Payments

woocommerce-payments

A
89

Securely accept credit and debit cards on your WooCommerce store. Manage payments without leaving your WordPress dashboard. Only with WooPayments.

900K 7 CVEs
Developer Profile

Woo Simple Gift Wrapping Developer Profile

lamlnq

1 plugin · 10 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Woo Simple Gift Wrapping

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/woo-simple-gift-wrapping/js/wo-gift-wrapping.min.js/wp-content/plugins/woo-simple-gift-wrapping/css/woo-gift-wrapping.min.css
Script Paths
js/wo-gift-wrapping.min.js
Version Parameters
woo-simple-gift-wrapping/js/wo-gift-wrapping.min.js?ver=woo-simple-gift-wrapping/css/woo-gift-wrapping.min.css?ver=

HTML / DOM Fingerprints

CSS Classes
na-woo-gift-wrapping-checkbox
HTML Comments
<!-- NA Gift Wrapping -->
Data Attributes
data-fee-iddata-add-fee-url
JS Globals
na_woo_gift_wrapping_ajax_object
REST Endpoints
/wp-json/na-woo-gift-wrapping/v1/add-fee
FAQ

Frequently Asked Questions about Woo Simple Gift Wrapping