Does WooPOS Gift Cards for WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in WooPOS Gift Cards for WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WooPOS Gift Cards for WooCommerce compatible with WordPress 6.9.4?

According to WordPress.org data, WooPOS Gift Cards for WooCommerce 2.6 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is WooPOS Gift Cards for WooCommerce compatible with PHP 7.2+?

WooPOS Gift Cards for WooCommerce requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is WooPOS Gift Cards for WooCommerce updated?

WooPOS Gift Cards for WooCommerce was last updated on Dec 17, 2025. Frequent updates are generally a positive security signal.

What is WooPOS Gift Cards for WooCommerce's security score?

WooPOS Gift Cards for WooCommerce has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WooPOS Gift Cards for WooCommerce Security & Risk Analysis

wordpress.org/plugins/woopos-gift-cards-for-woocommerce

WooPOS Gift Cards for WooCommerce allows your customers to purchase and redeem gift cards in both online store and physical stores.

90 active installs v2.6 PHP 7.2+ WP 4.0+ Updated Dec 17, 2025

cardgiftgift-cardgift-certifiatewoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is WooPOS Gift Cards for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

WooPOS Gift Cards for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago

Risk Assessment

The "woopos-gift-cards-for-woocommerce" v2.6 plugin exhibits a mixed security posture. While it demonstrates good practices by utilizing prepared statements for all SQL queries and performing a decent number of capability checks, significant concerns arise from its attack surface and code signals. The presence of two AJAX handlers without authentication checks is a major vulnerability, potentially allowing unauthorized actions. Furthermore, the high percentage of unsanitized paths identified in the taint analysis (14 out of 16 flows) is alarming and suggests a high likelihood of exploitable vulnerabilities, even though no critical or high severity taint flows were explicitly categorized.

The plugin's vulnerability history is clean, with no recorded CVEs. This could indicate robust security practices in the past or simply a lack of focused targeting. However, the static analysis reveals inherent risks that could be exploited regardless of past vulnerability history. The use of `unserialize` is a potential danger if the serialized data originates from an untrusted source, and the low percentage of properly escaped output (49%) indicates a risk of cross-site scripting (XSS) vulnerabilities.

In conclusion, while the plugin benefits from a clean vulnerability history and secure SQL practices, the unprotected AJAX endpoints and the concerning taint analysis results, coupled with poor output escaping, present a notable risk. The potential for unauthorized execution of actions and XSS attacks needs to be addressed.

Key Concerns

Unprotected AJAX handlers
High percentage of unsanitized paths
Low percentage of proper output escaping
Use of unserialize function

Vulnerabilities

None known

WooPOS Gift Cards for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

WooPOS Gift Cards for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

10 prepared

Unescaped Output

77 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$custom = unserialize( $paypal_args["custom"] );includes\giftcard-paypal.php:12

SQL Query Safety

100% prepared10 total queries

Output Escaping

49% escaped157 total outputs

Data Flows

14 unsanitized

Data Flow Analysis

16 flows14 with unsanitized paths

wooposgc_setup_send_later (includes\features\auto.php:386)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

WooPOS Gift Cards for WooCommerce Attack Surface

Entry Points6

Unprotected2

AJAX Handlers 2

authwp_ajax_woocommerce_apply_giftcardincludes\giftcard-checkout.php:176

noprivwp_ajax_woocommerce_apply_giftcardincludes\giftcard-checkout.php:187

Shortcodes 4

[convertgiftcardbalance] includes\features\isc\shortcode.php:87

[displaystorecredit] includes\features\isc\shortcode.php:120

[giftcardbalance] includes\shortcodes.php:66

[giftcarddebt] includes\shortcodes.php:143

WordPress Hooks 92

actionload-post.phpadmin\metabox.php:16

actionload-post-new.phpadmin\metabox.php:17

actionadd_meta_boxesadmin\metabox.php:30

actionsave_postadmin\metabox.php:31

actionpost_submitbox_misc_actionsadmin\metabox.php:35

filterwoocommerce_get_settings_pagesgiftcards.php:235

filterwoocommerce_calculated_totalgiftcards.php:236

actionwoocommerce_checkout_order_processedgiftcards.php:239

actionplugins_loadedgiftcards.php:242

actionplugins_loadedgiftcards.php:245

filterwooposgc_get_giftcard_balancegiftcards.php:300

filterwooposgc_convert_current_to_defaultgiftcards.php:301

actionplugins_loadedgiftcards.php:377

actionload-post.phpincludes\admin\metabox.php:7

actionload-post-new.phpincludes\admin\metabox.php:8

actionadd_meta_boxesincludes\admin\metabox.php:21

actionsave_postincludes\admin\metabox.php:22

actionpost_submitbox_misc_actionsincludes\admin\metabox.php:26

filterwoocommerce_api_classesincludes\class-wooposgc-api.php:19

actionrest_api_initincludes\class-wooposgc-api.php:21

actionadmin_noticesincludes\class.activation.php:67

filterwoocommerce_settings_tabs_arrayincludes\class.settings.php:16

actionwoocommerce_admin_field_addon_settingsincludes\class.settings.php:21

actionwoocommerce_admin_field_excludeProductincludes\class.settings.php:22

actionget_giftcard_settingsincludes\features\auto.php:121

filterwoocommerce_add_section_giftcardincludes\features\auto.php:122

filterget_giftcard_settingsincludes\features\auto.php:123

actionwooposgc_woocommerce_options_after_personalizeincludes\features\auto.php:124

actionwoocommerce_order_status_completedincludes\features\auto.php:134

actionwoocommerce_order_status_completedincludes\features\auto.php:135

actionwoocommerce_order_status_processingincludes\features\auto.php:137

actionwoocommerce_order_status_processingincludes\features\auto.php:138

actionwooposgc_after_product_fieldsincludes\features\auto.php:141

filterwooposgc_giftcard_dataincludes\features\auto.php:142

actionwp_loadedincludes\features\auto.php:143

actionget_giftcard_settingsincludes\features\import.php:38

filterwoocommerce_add_section_giftcardincludes\features\import.php:39

actionwoocommerce_admin_field_import_settingsincludes\features\import.php:40

actionwoocommerce_thankyou_iscincludes\features\isc\isc-class.php:47

actionwoocommerce_email_before_order_tableincludes\features\isc\isc-class.php:50

actionget_giftcard_settingsincludes\features\number.php:42

filterwoocommerce_add_section_giftcardincludes\features\number.php:43

filterwooposgc_generate_numberincludes\features\number.php:46

filterwooposgc_regen_numberincludes\features\number.php:47

actionget_giftcard_settingsincludes\features\price.php:38

filterwoocommerce_add_section_giftcardincludes\features\price.php:39

filterwoocommerce_add_to_cart_validationincludes\features\price.php:42

filterwoocommerce_cart_item_nameincludes\features\price.php:43

actionwoocommerce_before_calculate_totalsincludes\features\price.php:44

filterwooposgc_giftcard_dataincludes\features\price.php:45

filterwoocommerce_get_price_htmlincludes\features\price.php:46

actionwooposgc_before_all_giftcard_fieldsincludes\features\price.php:47

filterwooposgc_preventAddToCartincludes\features\price.php:48

filterwoocommerce_cart_item_priceincludes\features\price.php:49

actionwoocommerce_product_options_giftcard_dataincludes\features\price.php:52

actionsave_postincludes\features\price.php:53

filterpre_post_titleincludes\functions.php:21

actionwooposgc_woocommerce_after_saveincludes\functions.php:34

actionwp_loadedincludes\functions.php:49

filterwoocommerce_coupons_enabledincludes\functions.php:51

actionwoocommerce_cart_actionsincludes\giftcard-checkout.php:23

actionwoocommerce_before_checkout_formincludes\giftcard-checkout.php:55

actionwoocommerce_after_cart_tableincludes\giftcard-checkout.php:115

actionwoocommerce_before_cartincludes\giftcard-checkout.php:197

actionwooposgc_before_checkout_formincludes\giftcard-checkout.php:198

actionwoocommerce_review_order_before_order_totalincludes\giftcard-checkout.php:259

actionwoocommerce_cart_totals_before_order_totalincludes\giftcard-checkout.php:260

actionwoocommerce_checkout_order_processedincludes\giftcard-checkout.php:367

actionwoocommerce_order_details_after_order_tableincludes\giftcard-checkout.php:430

actionwoocommerce_email_after_order_tableincludes\giftcard-checkout.php:431

filterwoocommerce_get_order_item_totalsincludes\giftcard-checkout.php:469

actionwoocommerce_admin_order_totals_after_taxincludes\giftcard-checkout.php:490

filterwoocommerce_paypal_argsincludes\giftcard-paypal.php:30

filterproduct_type_optionsincludes\giftcard-product.php:25

actionsave_postincludes\giftcard-product.php:64

filterwoocommerce_add_cart_item_dataincludes\giftcard-product.php:81

filterwoocommerce_loop_add_to_cart_linkincludes\giftcard-product.php:102

actionwoocommerce_before_add_to_cart_buttonincludes\giftcard-product.php:188

filterwoocommerce_add_to_cart_validationincludes\giftcard-product.php:235

actionwoocommerce_add_to_cartincludes\giftcard-product.php:285

actionwoocommerce_ajax_added_to_cartincludes\giftcard-product.php:334

filterwoocommerce_product_data_tabsincludes\giftcard-product.php:352

actionwoocommerce_product_data_panelsincludes\giftcard-product.php:374

actioninitincludes\post-type.php:50

filtermanage_edit-wooposgc_giftcard_columnsincludes\post-type.php:79

actionmanage_wooposgc_giftcard_posts_custom_columnincludes\post-type.php:135

filterenter_title_hereincludes\post-type.php:150

actionadmin_enqueue_scriptsincludes\scripts.php:39

actionwp_enqueue_scriptsincludes\scripts.php:68

filterwooposgc_giftcard_price_settingsincludes\selector.php:22

filterwooposgc_giftcard_auto_settingsincludes\selector.php:41

filterwooposgc_giftcard_number_settingsincludes\selector.php:60

Maintenance & Trust

WooPOS Gift Cards for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 17, 2025

PHP min version7.2

Downloads6K

Community Trust

Rating100/100

Number of ratings1

Active installs90

Alternatives

WooPOS Gift Cards for WooCommerce Alternatives

PW WooCommerce Gift Cards

pw-woocommerce-gift-cards

100

Sell gift cards to your WooCommerce store, in just a few minutes!

20K No CVEs

Ultimate Gift Cards for WooCommerce

woo-gift-cards-lite

Create, sell and manage WooCommerce gift cards to attract more sales and multiply your revenue at your online store.

7K 3 CVEs

Gift Up Gift Cards for WordPress and WooCommerce

gift-up

The simplest way to sell gift cards online. Sell your own gift cards, gift certificates and gift vouchers from inside your WordPress website easily wi …

5K 3 CVEs

mPDF add-on for RTL and Unicode Support

mpdf-addon-for-pdf-invoices

100

RTL and Unicode support add-on for WebToffee WooCommerce Gift Cards, WebToffee WooCommerce Request a Quote and WooCommerce PDF Invoices, Packing Slips …

4K No CVEs

WebToffee Gift Cards for WooCommerce

wt-gift-cards-woocommerce

100

Create and sell WooCommerce gift cards in your store. Allow your customers to buy, redeem, and share gift vouchers easily.

1K No CVEs

Developer Profile

WooPOS Gift Cards for WooCommerce Developer Profile

WooPOS

3 plugins · 500 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WooPOS Gift Cards for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/woopos-gift-cards-for-woocommerce/assets/css/giftcards.css/wp-content/plugins/woopos-gift-cards-for-woocommerce/assets/js/giftcards.js

Version Parameters

woopos-gift-cards-for-woocommerce/assets/css/giftcards.css?ver=woopos-gift-cards-for-woocommerce/assets/js/giftcards.js?ver=

HTML / DOM Fingerprints

CSS Classes

wooposgc-giftcard-wrapperwooposgc_giftcard_applywooposgc_giftcard_templatewooposgc_giftcard_inputwooposgc_giftcard_submitwooposgc_giftcard_displaywooposgc_giftcard_discount

HTML Comments

+2 more

Data Attributes

data-giftcard-iddata-giftcard-amountdata-giftcard-code

JS Globals

wooposgc_giftcard_params

REST Endpoints

/wp-json/wooposgc/v1/giftcards/wp-json/wooposgc/v1/giftcard

Shortcode Output

[wooposgc_giftcard_apply][wooposgc_giftcard_display][wooposgc_giftcard_discount][wooposgc_giftcard_input]

FAQ