WP Roulette Wheel – Versatile Roulette Game with Pop-Up, Email Collection and Coupon Generation Security & Risk Analysis

Engage visitors, converting valuable traffic into buyers & subscribers. Visitors spin the wheel, win an auto-generated coupon or prize and have a …

40 active installs v1.0.1 PHP 5.6.20+ WP 4.8+ Updated Sep 18, 2020

casinoroulettespinwheelwheel-spin

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is WP Roulette Wheel – Versatile Roulette Game with Pop-Up, Email Collection and Coupon Generation Safe to Use in 2026?

Generally Safe

Score 85/100

WP Roulette Wheel – Versatile Roulette Game with Pop-Up, Email Collection and Coupon Generation has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago

Risk Assessment

The wp-roulette-wheel plugin v1.0.1 exhibits a mixed security posture. While it has a relatively small attack surface with all identified AJAX handlers secured, and no reported CVEs, there are significant areas of concern within the code analysis. The plugin performs two file operations and a notable 45% of its output is not properly escaped, which presents a risk of cross-site scripting (XSS) vulnerabilities. Furthermore, the taint analysis reveals two high-severity flows with unsanitized paths, indicating potential for malicious input to be processed without adequate sanitization, leading to security exploits.

The lack of reported vulnerabilities historically is a positive indicator, suggesting a history of good development practices or simply a lack of discovery. However, this should not be relied upon to overlook the present code-level risks. The absence of capability checks on AJAX handlers, despite them having authentication, is a missed opportunity for fine-grained access control. In conclusion, while the plugin benefits from a clean vulnerability history and secured AJAX endpoints, the unescaped output and high-severity taint flows are significant weaknesses that require immediate attention to improve its overall security.

Key Concerns

High severity unsanitized taint flows
Significant percentage of unescaped output
Lack of capability checks on AJAX handlers
Presence of file operations

Vulnerabilities

None known

WP Roulette Wheel – Versatile Roulette Game with Pop-Up, Email Collection and Coupon Generation Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

WP Roulette Wheel – Versatile Roulette Game with Pop-Up, Email Collection and Coupon Generation Release Timeline

v1.0.1Current

Code Analysis

Analyzed Mar 16, 2026

WP Roulette Wheel – Versatile Roulette Game with Pop-Up, Email Collection and Coupon Generation Code Analysis

Dangerous Functions

Raw SQL Queries

17 prepared

Unescaped Output

96 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

89% prepared19 total queries

Output Escaping

55% escaped173 total outputs

Data Flows · Security

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

user_is_new (includes\class-wproulettewheel-database.php:108)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

WP Roulette Wheel – Versatile Roulette Game with Pop-Up, Email Collection and Coupon Generation Attack Surface

Entry Points8

Unprotected0

AJAX Handlers 8

authwp_ajax_handleinsertrequestincludes\class-wproulettewheel.php:8

noprivwp_ajax_handleinsertrequestincludes\class-wproulettewheel.php:9

authwp_ajax_handlecouponrequestincludes\class-wproulettewheel.php:10

noprivwp_ajax_handlecouponrequestincludes\class-wproulettewheel.php:11

authwp_ajax_handlepermissionrequestincludes\class-wproulettewheel.php:12

noprivwp_ajax_handlepermissionrequestincludes\class-wproulettewheel.php:13

authwp_ajax_handledownloadrequestincludes\class-wproulettewheel.php:14

authwp_ajax_resetspinsrequestincludes\class-wproulettewheel.php:15

WordPress Hooks 10

actionadmin_enqueue_scriptsadmin\class-wproulettewheel-admin.php:7

actionadmin_initadmin\class-wproulettewheel-admin.php:9

actionadmin_menuadmin\class-wproulettewheel-admin.php:11

actionupdate_option_wprw_resetspincounter_settingadmin\class-wproulettewheel-admin.php:13

filtercron_schedulesincludes\class-wproulettewheel-database.php:401

actionwprw_reset_spins_hookincludes\class-wproulettewheel-database.php:412

actionwp_enqueue_scriptspublic\class-wproulettewheel-public.php:8

actionwp_enqueue_scriptspublic\class-wproulettewheel-public.php:13

actionwp_footerpublic\class-wproulettewheel-public.php:15

actioninitwproulettewheel.php:36

Scheduled Events 1

wprw_reset_spins_hook

Maintenance & Trust

WP Roulette Wheel – Versatile Roulette Game with Pop-Up, Email Collection and Coupon Generation Maintenance & Trust

Maintenance Signals

WordPress version tested5.3.21

Last updatedSep 18, 2020

PHP min version5.6.20

Downloads7K

Community Trust

Rating0/100

Number of ratings0

Active installs40

Alternatives

WP Roulette Wheel – Versatile Roulette Game with Pop-Up, Email Collection and Coupon Generation Alternatives

WP Optin Wheel – Gamified Optin Email Marketing Tool for WordPress and WooCommerce

wp-optin-wheel

Grow your sales and email list by offering your visitors a chance to win a prize through spinning the wheel of fortune.

1K 2 CVEs

Spin Wheel Pop Up

crazyrocket-pop-ups

Wheel and gamified popups for WooCommerce! Grow your email list and sales.

100 No CVEs

Automatic Page Load Progress Bar

automatic-page-load-progress-bar

Embed beautiful loading bar on your wordpress website in just a few clics.

70 No CVEs

WebEquipe Spin & Win Wheel

webequipe-spin-win-wheel

100

Spin-to-win for WordPress – engage visitors, capture emails, and deliver coupons to boost signups and sales.

60 No CVEs

HexCoupon – Advanced Tools for WooCommerce Coupons, BOGO, Store Credit, Loyalty Programs, and More

hex-coupon-for-woocommerce

Extend coupon functionality in your Woocommerce store.

0 No CVEs

Developer Profile

WP Roulette Wheel – Versatile Roulette Game with Pop-Up, Email Collection and Coupon Generation Developer Profile

WebWizards

5 plugins · 12K total installs

trust score

Avg Security Score

93/100

Avg Patch Time

98 days

View full developer profile

Detection Fingerprints

How We Detect WP Roulette Wheel – Versatile Roulette Game with Pop-Up, Email Collection and Coupon Generation

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wp-roulette-wheel/includes/assets/css/style.css/wp-content/plugins/wp-roulette-wheel/includes/assets/lib/semantic/semantic.min.css/wp-content/plugins/wp-roulette-wheel/includes/assets/lib/semantic/semantic.min.js/wp-content/plugins/wp-roulette-wheel/includes/assets/lib/particles/particles.min.js/wp-content/plugins/wp-roulette-wheel/includes/assets/lib/nouislider/nouislider.min.css/wp-content/plugins/wp-roulette-wheel/includes/assets/lib/nouislider/nouislider.min.js/wp-content/plugins/wp-roulette-wheel/includes/assets/lib/plyr/plyr.css/wp-content/plugins/wp-roulette-wheel/includes/assets/lib/plyr/plyr.js+4 more

Script Paths

/wp-content/plugins/wp-roulette-wheel/includes/assets/lib/semantic/semantic.min.js/wp-content/plugins/wp-roulette-wheel/admin/assets/js/admin.js/wp-content/plugins/wp-roulette-wheel/includes/assets/lib/particles/particles.min.js/wp-content/plugins/wp-roulette-wheel/includes/assets/lib/nouislider/nouislider.min.js/wp-content/plugins/wp-roulette-wheel/includes/assets/lib/plyr/plyr.js/wp-content/plugins/wp-roulette-wheel/includes/assets/js/wheelspin.js

HTML / DOM Fingerprints

CSS Classes

wprw_spin_wheelwprw_spin_buttonwprw_spinner_container

Data Attributes

data-wprw-spin-wheeldata-wprw-spin-buttondata-wprw-spinner-containerdata-wprw-trigger-id

JS Globals

wprw_admin_settingswprw_admin_translation

FAQ