Does Discounts & Promotions Automation have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Discounts & Promotions Automation compatible with WordPress 6.9.4?

According to WordPress.org data, Discounts & Promotions Automation 3.7.2 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Discounts & Promotions Automation compatible with PHP 7.0+?

Discounts & Promotions Automation requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Discounts & Promotions Automation updated?

Discounts & Promotions Automation was last updated on Mar 14, 2026. Frequent updates are generally a positive security signal.

What is Discounts & Promotions Automation's security score?

Discounts & Promotions Automation has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Discounts & Promotions Automation Security & Risk Analysis

wordpress.org/plugins/woocommerce-discounts-plus

An amazing WooCommerce extension to implement multiple discount criterias and its compatible with s2Member plugin as well.

90 active installs v3.7.2 PHP 7.0+ WP 3.5+ Updated Mar 14, 2026

cart-discountdiscountspercentages2memberwoocommerceorder-discount

A · Safe

CVEs total1

Unpatched0

Last CVEOct 12, 2021

Plugin page Download

Safety Verdict

Is Discounts & Promotions Automation Safe to Use in 2026?

Generally Safe

Score 100/100

Discounts & Promotions Automation has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

1 known CVELast CVE: Oct 12, 2021Updated 2mo ago

Risk Assessment

The 'woocommerce-discounts-plus' v3.7.2 plugin exhibits a generally good security posture, with a significant majority of its outputs being properly escaped and all SQL queries utilizing prepared statements. The plugin also demonstrates a strong use of nonce and capability checks across its AJAX handlers and other entry points, with no unprotected entry points identified in the static analysis. However, there is one identified flow with an unsanitized path, indicating a potential for vulnerabilities if user-controlled input is not handled with sufficient sanitization in that specific instance. While this flow is not categorized as critical or high severity by the taint analysis, it warrants attention. The plugin's vulnerability history shows one medium severity CVE recorded in 2021, related to Cross-Site Scripting. The absence of currently unpatched vulnerabilities and the fact that the last known vulnerability is over two years old suggests that past issues have been addressed, but the past occurrence of XSS highlights the importance of continued vigilance in input sanitization and output escaping.

Key Concerns

Flow with unsanitized path detected
Past medium severity XSS vulnerability

Vulnerabilities

1 published

Discounts & Promotions Automation Security Vulnerabilities

CVEs by Year

1 CVE in 2021

2021

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

WF-a2c9b82a-b63c-4647-a561-d567b6e9ff0a-woocommerce-discounts-plusmedium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Discounts Manager for Products <= 3.4.4 - Reflected Cross-Site Scripting

Oct 12, 2021 Patched in 3.4.5 (833d)

Version History

Discounts & Promotions Automation Release Timeline

v3.7.2Current

v3.7.1

v3.7.0

v3.6.9

v3.6.8

v3.6.7

v3.6.6

v3.6.5

v3.6.4

v3.6.3

v3.6.2

v3.6.1

Code Analysis

Analyzed Apr 16, 2026

Discounts & Promotions Automation Code Analysis

Dangerous Functions

Raw SQL Queries

5 prepared

Unescaped Output

525 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared5 total queries

Output Escaping

90% escaped586 total outputs

Data Flows · Security

1 unsanitized

Data Flow Analysis

12 flows1 with unsanitized paths

wdp_show_urgent_sale (inc/functions-automation.php:2053)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Discounts & Promotions Automation Attack Surface

Entry Points8

Unprotected0

AJAX Handlers 5

authwp_ajax_save_urgent_sale_pageinc/functions-automation.php:405

authwp_ajax_save_sale_banner_statusinc/functions-automation.php:463

authwp_ajax_save_sale_emails_statusinc/functions-automation.php:497

authwp_ajax_wcdp_update_sales_email_settingsinc/functions-automation.php:1335

authwp_ajax_wcdp_update_sales_html_emailinc/functions-automation.php:1459

Shortcodes 3

[WCDP-UNSUBSCRIBE] inc/functions-automation.php:1327

[URGENT-SALE] inc/functions-inner.php:1536

[URGENT-SALE-BANNER] inc/functions-inner.php:1538

WordPress Hooks 54

actionadmin_enqueue_scriptsinc/classes/Woo_Discounts_Plus_Plugin.php:137

actionwp_headinc/classes/Woo_Discounts_Plus_Plugin.php:139

actionwoocommerce_settings_tabsinc/classes/Woo_Discounts_Plus_Plugin.php:153

actionwoocommerce_settings_plus_discountinc/classes/Woo_Discounts_Plus_Plugin.php:171

actionwoocommerce_before_calculate_totalsinc/classes/Woo_Discounts_Plus_Plugin.php:708

actionwoocommerce_calculate_totalsinc/classes/Woo_Discounts_Plus_Plugin.php:710

actionwoocommerce_before_cart_tableinc/classes/Woo_Discounts_Plus_Plugin.php:712

actionwoocommerce_single_product_summaryinc/classes/Woo_Discounts_Plus_Plugin.php:714

filterwoocommerce_cart_item_subtotalinc/classes/Woo_Discounts_Plus_Plugin.php:716

filterwoocommerce_checkout_item_subtotalinc/classes/Woo_Discounts_Plus_Plugin.php:718

filterwoocommerce_order_formatted_line_subtotalinc/classes/Woo_Discounts_Plus_Plugin.php:720

filterwoocommerce_product_write_panel_tabsinc/classes/Woo_Discounts_Plus_Plugin.php:724

filterwoocommerce_product_data_panelsinc/classes/Woo_Discounts_Plus_Plugin.php:726

actionwoocommerce_process_product_metainc/classes/Woo_Discounts_Plus_Plugin.php:728

filterwoocommerce_cart_product_subtotalinc/classes/Woo_Discounts_Plus_Plugin.php:732

actionwoocommerce_checkout_update_order_metainc/classes/Woo_Discounts_Plus_Plugin.php:734

actionwoocommerce_cart_totals_before_order_totalinc/classes/Woo_Discounts_Plus_Plugin.php:742

actionwoocommerce_review_order_before_shippinginc/classes/Woo_Discounts_Plus_Plugin.php:744

filterwoocommerce_cart_subtotalinc/classes/Woo_Discounts_Plus_Plugin.php:754

filterwoocommerce_get_order_item_totalsinc/classes/Woo_Discounts_Plus_Plugin.php:758

actionwoocommerce_cart_totals_after_shippinginc/classes/Woo_Discounts_Plus_Plugin.php:760

actionwoocommerce_review_order_after_shippinginc/classes/Woo_Discounts_Plus_Plugin.php:762

filterwoocommerce_cart_item_priceinc/classes/Woo_Discounts_Plus_Plugin.php:772

filterwoocommerce_get_price_htmlinc/classes/Woo_Discounts_Plus_Plugin.php:774

filterwoocommerce_update_cart_validationinc/classes/Woo_Discounts_Plus_Plugin.php:780

filterwoocommerce_cart_item_price_htmlinc/classes/Woo_Discounts_Plus_Plugin.php:786

actionadmin_noticesinc/functions-automation.php:2824

actionwcdp_update_daily_product_mappinginc/functions-automation.php:2930

filtercron_schedulesinc/functions-automation.php:2946

actionwoocommerce_thankyouinc/functions-inner.php:1170

actionwoocommerce_cart_totals_before_order_totalinc/functions-inner.php:1442

actionwoocommerce_review_order_before_order_totalinc/functions-inner.php:1444

actionwoocommerce_checkout_order_processedinc/functions-inner.php:1446

filterwoocommerce_get_order_item_totalsinc/functions-inner.php:1448

actionwoocommerce_admin_order_totals_after_taxinc/functions-inner.php:1456

filtermanage_edit-product_columnsinc/functions-inner.php:1540

actionmanage_product_posts_custom_columninc/functions-inner.php:1545

actioninitinc/functions.php:5

actioninitinc/functions.php:21

actionadmin_menuinc/functions.php:147

actioninitinc/functions.php:307

filterwoocommerce_cart_item_nameinc/functions.php:783

actionwoocommerce_before_checkout_forminc/functions.php:787

actionwp_headinc/functions.php:1155

filterwoocommerce_checkout_fieldsinc/functions.php:1159

actioninitindex.php:295

actioninitindex.php:408

filterwoocommerce_short_descriptionindex.php:417

actioninitindex.php:423

filterwoocommerce_short_descriptionindex.php:429

actionadmin_headindex.php:447

actionadmin_initindex.php:449

actionadmin_initindex.php:451

actionadmin_initindex.php:453

Scheduled Events 1

wcdp_update_daily_product_mapping

Maintenance & Trust

Discounts & Promotions Automation Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 14, 2026

PHP min version7.0

Downloads52K

Community Trust

Rating94/100

Number of ratings23

Active installs90

Alternatives

Discounts & Promotions Automation Alternatives

Discount Rules for WooCommerce

woo-discount-rules

The discount plugin for WooCommerce helps you create bulk discount, quantity discount, storewide sale, dynamic pricing discount offers easily.

100K 4 CVEs

Smart Coupons For WooCommerce Coupons

wt-smart-coupons-for-woocommerce

Best WooCommerce coupons plugin to create advanced coupons and discount codes with auto-apply, BOGO, free shipping, giveaways, and discount rules.

30K 1 CVE

Advanced Dynamic Pricing and Discount Rules for WooCommerce

advanced-dynamic-pricing-for-woocommerce

The discount plugin for WooCommerce supports any dynamic pricing discount: bulk discount, role discount, storewide, bogo, gifts, cart discount

20K 7 CVEs

Power Coupons for WooCommerce

power-coupons

100

WordPress coupon plugin for WooCommerce that auto-applies discounts with flexible rules and dynamic cart incentives—no codes required.

10K No CVEs

Dynamic Pricing With Discount Rules for WooCommerce

aco-woo-dynamic-pricing

The Dynamic Pricing With Discount Rules plugin enables bulk discounts for WooCommerce products. Its simple design allows easy setup in minutes.

6K 2 CVEs

Developer Profile

Discounts & Promotions Automation Developer Profile

Fahad Mahmood

44 plugins · 33K total installs

trust score

Avg Security Score

95/100

Avg Patch Time

228 days

View full developer profile

Detection Fingerprints

How We Detect Discounts & Promotions Automation

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/woocommerce-discounts-plus/inc/functions.php/wp-content/plugins/woocommerce-discounts-plus/inc/functions-inner.php/wp-content/plugins/woocommerce-discounts-plus/inc/classes/wdp_core_factory.php/wp-content/plugins/woocommerce-discounts-plus/inc/classes/Woo_Discounts_Plus_Plugin.php/wp-content/plugins/woocommerce-discounts-plus/inc/functions-automation.php

Version Parameters

woocommerce-discounts-plus/style.css?ver=woocommerce-discounts-plus/admin/css/style.css?ver=woocommerce-discounts-plus/admin/js/settings.js?ver=woocommerce-discounts-plus/admin/js/product-tab.js?ver=woocommerce-discounts-plus/admin/js/dashboard.js?ver=woocommerce-discounts-plus/admin/js/promo-popup.js?ver=

HTML / DOM Fingerprints

CSS Classes

wdp_dashboard_widgetwdp_promo_wrapper

HTML Comments

Data Attributes

data-product-idsdata-cart-item-idsdata-rule-iddata-discount-type

JS Globals

wcdp_ajax_objectwdp_varsWDPSettingsWDPSales

REST Endpoints

/wp-json/wdp/v1/get_products/wp-json/wdp/v1/get_product_categories/wp-json/wdp/v1/get_coupons

FAQ