WP-Safety

WP Blockchain Security & Risk Analysis

wordpress.org/plugins/wp-blockchain

Timestamp all your posts, pages, users and custom post types in the Bitcoin blockchain. By Good Rebels Inc.

10 active installs v3.2.1 PHP 5.4+ WP 4.0+ Updated Feb 4, 2019
bitcoinblockchainethereumlitecointimestamp
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is WP Blockchain Safe to Use in 2026?

Generally Safe

Score 85/100

WP Blockchain has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7yr ago
Risk Assessment

The wp-blockchain v3.2.1 plugin exhibits a generally good security posture with a clean vulnerability history and a low count of unprotected entry points. The static analysis reveals a significant percentage of SQL queries utilizing prepared statements, which is a positive indicator for preventing SQL injection. However, there are notable areas of concern regarding output escaping and taint analysis. A low percentage of properly escaped outputs (24%) suggests a risk of cross-site scripting (XSS) vulnerabilities, where malicious scripts could be injected into the content displayed to users. Furthermore, the taint analysis indicates several flows with unsanitized paths, with three identified as high severity. These unsanitized paths, especially when combined with limited output escaping, present a real risk of arbitrary code execution or sensitive data leakage.

The lack of known CVEs and a clean vulnerability history for this plugin are strengths, suggesting it has been relatively secure in the past. However, this should not lead to complacency. The current static analysis findings, particularly concerning output sanitization and unsanitized data flows, indicate potential weaknesses that could be exploited. While the attack surface is small and entry points are protected by default, the internal code quality regarding sanitization and escaping needs improvement to mitigate risks like XSS and potential data manipulation.

Key Concerns

  • High severity unsanitized taint flows
  • Low percentage of properly escaped output
  • Unsanitized paths identified in taint analysis
Vulnerabilities
None known

WP Blockchain Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

WP Blockchain Code Analysis

Dangerous Functions
0
Raw SQL Queries
9
74 prepared
Unescaped Output
199
64 escaped
Nonce Checks
1
Capability Checks
24
File Operations
4
External Requests
2
Bundled Libraries
0

SQL Query Safety

89% prepared83 total queries

Output Escaping

24% escaped263 total outputs
Data Flows
9 unsanitized

Data Flow Analysis

12 flows9 with unsanitized paths
wpbc_output_page (inc\api.php:246)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

WP Blockchain Attack Surface

Entry Points3
Unprotected0

Shortcodes 3

[wpbc_donate] inc\donate.php:17
[wpbc] inc\stamp.php:1741
[wpbc_stamp] inc\stamp.php:1742
WordPress Hooks 52
filterquery_varsinc\api.php:18
actionpre_get_postsinc\api.php:24
actioninitinc\api.php:275
filtercron_schedulesinc\cron.php:17
actionwpbc_cron_add_every_minuteinc\cron.php:30
actiontemplate_redirectinc\cron.php:36
actionwpbc_poormaninc\cron.php:83
actionwpbc_croninc\cron.php:151
actionwp_enqueue_scriptsinc\css.php:66
actionadmin_enqueue_scriptsinc\css.php:67
actionwp_print_stylesinc\css.php:89
actionwpbc_donateinc\donate.php:16
actionwp_headinc\donate.php:46
filterwpbc_fetch_headersinc\helpers.php:733
filterwpbc_fetch_waitinc\helpers.php:749
actionwpbc_api_errorinc\helpers.php:774
filterwpbc_fetch_returninc\helpers.php:821
filterplugin_localeinc\init.php:46
actiontemplate_redirectinc\init.php:84
actionwp_enqueue_scriptsinc\js.php:15
actionadmin_enqueue_scriptsinc\js.php:16
actionwp_headinc\js.php:28
actionadmin_headinc\js.php:29
actionwp_enqueue_scriptsinc\js.php:98
filterrocket_exclude_async_cssinc\mods\wprocket.php:26
actionwpbc_before_pageinc\mods\wprocket.php:28
filterdo_rocket_generate_caching_filesinc\mods\wprocket.php:31
actionwpbc_before_pageinc\mods\yoast.php:14
filterwpseo_titleinc\mods\yoast.php:15
filterwpseo_robotsinc\mods\yoast.php:16
actionadmin_initinc\preinit.php:16
actioninitinc\preinit.php:17
actionadmin_menuinc\settings.php:16
actionadmin_noticesinc\settings.php:58
actionadmin_noticesinc\settings.php:106
actionprofile_updateinc\settings.php:840
actionsave_postinc\settings.php:855
actionadd_meta_boxesinc\settings.php:876
actionshow_user_profileinc\settings.php:889
actionedit_user_profileinc\settings.php:890
filterthe_contentinc\settings.php:933
filtermanage_posts_columnsinc\settings.php:951
filtermanage_pages_columnsinc\settings.php:952
filtermanage_users_columnsinc\settings.php:953
actionmanage_posts_custom_columninc\settings.php:954
actionmanage_pages_custom_columninc\settings.php:955
filtermanage_users_custom_columninc\settings.php:956
actionadmin_bar_menuinc\settings.php:987
filterpre_get_document_titleinc\settings.php:1044
filterwp_titleinc\settings.php:1045
actionadmin_headinc\settings.php:1113
actionwpbcinc\stamp.php:1768

Scheduled Events 1

wpbc_cron_add_every_minute
Maintenance & Trust

WP Blockchain Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29
Last updatedFeb 4, 2019
PHP min version5.4
Downloads4K

Community Trust

Rating70/100
Number of ratings2
Active installs10
Alternatives

WP Blockchain Alternatives

Cryptocurrency Payments & Donations with Copperx

Cryptocurrency Payments & Donations with Copperx

copperx

A
92

Copperx is the best plugin to accept cryptocurrency payments for your e-commerce store. We support Bitcoin, Ethereum, USDC, USDT, Binance, Coinbase, a …

10 No CVEs
Coinbase Commerce – Crypto Gateway for WooCommerce

Coinbase Commerce – Crypto Gateway for WooCommerce

commerce-coinbase-for-woocommerce

B
78

Coinbase Commerce is the best crypto gateway, allows users to checkout with popular crypto currencies such as Bitcoin, Bitcoin Cash, DAI, Ethereum, Do …

1K 1 unpatched
Accept Cryptocurrencies with Plisio

Accept Cryptocurrencies with Plisio

plisio-payment-gateway-for-woocommerce

A
100

The easiest and quickest way to accept Bitcoin, Litecoin, Ethereum and other cryptocurrencies.

1K No CVEs
CoinGate for WooCommerce

CoinGate for WooCommerce

coingate-for-woocommerce

A
100

Accept Crypto Payments with CoinGate for WooCommerce

500 No CVEs
ATLOS Crypto Payments for WooCommerce

ATLOS Crypto Payments for WooCommerce

atlos-payments

A
100

ATLOS is a permissionless non-custodial crypto payment gateway with recurring billing support. One-click signup. No KYC. No paperwork. No middleman.

50 No CVEs
Developer Profile

WP Blockchain Developer Profile

peaxi

1 plugin · 10 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect WP Blockchain

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wp-blockchain/assets/lib/font-awesome-4.7.0/css/font-awesome.min.css/wp-content/plugins/wp-blockchain/assets/css/certificate.css/wp-content/plugins/wp-blockchain/assets/css/stamps.css/wp-content/plugins/wp-blockchain/assets/css/settings.css/wp-content/plugins/wp-blockchain/assets/css/panel.css/wp-content/plugins/wp-blockchain/assets/js/stamp.js/wp-content/plugins/wp-blockchain/assets/js/settings.js
Script Paths
/wp-content/plugins/wp-blockchain/assets/js/stamp.js/wp-content/plugins/wp-blockchain/assets/js/settings.js
Version Parameters
wp-blockchain/style.css?ver=wp-blockchain/script.js?ver=wp-blockchain/assets/lib/font-awesome-4.7.0/css/font-awesome.min.css?ver=wpbc-stampwpbc-settingswpbc-fa

HTML / DOM Fingerprints

CSS Classes
wpbc-live-paused-icon
Data Attributes
data-wpbc-action
JS Globals
WPBC
Shortcode Output
[wpbc_donate]
FAQ

Frequently Asked Questions about WP Blockchain