Does Zeffy Donate Button have any unpatched vulnerabilities?

No. All known vulnerabilities in Zeffy Donate Button have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Zeffy Donate Button compatible with WordPress 6.9.4?

According to WordPress.org data, Zeffy Donate Button 1.1.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Zeffy Donate Button compatible with PHP 7.0+?

Zeffy Donate Button requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Zeffy Donate Button updated?

Zeffy Donate Button was last updated on Feb 12, 2026. Frequent updates are generally a positive security signal.

What is Zeffy Donate Button's security score?

Zeffy Donate Button has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Zeffy Donate Button Security & Risk Analysis

wordpress.org/plugins/zeffy-donate-button

Embed Zeffy donation forms on your WordPress site with customizable popup buttons. Simple setup with no coding required.

400 active installs v1.1.0 PHP 7.0+ WP 5.0+ Updated Feb 12, 2026

donate-buttondonationdonation-formfundraisingnonprofit

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Zeffy Donate Button Safe to Use in 2026?

Generally Safe

Score 100/100

Zeffy Donate Button has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The zeffy-donate-button plugin v1.1.0 exhibits a generally strong security posture based on the static analysis. The complete absence of dangerous functions, SQL injection risks (all queries use prepared statements), and unescaped output are significant positives. The plugin also has no recorded vulnerability history, suggesting a history of stable and secure development. However, the lack of nonce checks and capability checks, despite having two shortcodes as entry points, presents a potential concern. While the static analysis didn't identify any specific flows that could be exploited due to this, it represents a deviation from best practices for securing user-facing plugin features. Therefore, while the plugin appears safe based on current data, the absence of these fundamental security measures could be a blind spot for future vulnerabilities.

Key Concerns

Missing nonce checks on shortcodes
Missing capability checks on shortcodes

Vulnerabilities

None known

Zeffy Donate Button Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Zeffy Donate Button Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

22 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped22 total outputs

Attack Surface

Zeffy Donate Button Attack Surface

Entry Points2

Unprotected0

Shortcodes 2

[zeffy-donate] zeffy-donate-button.php:483

[zeffy-donate-button] zeffy-donate-button.php:484

WordPress Hooks 4

actionwp_enqueue_scriptszeffy-donate-button.php:485

actionadmin_menuzeffy-donate-button.php:486

actionadmin_initzeffy-donate-button.php:487

filterplugin_row_metazeffy-donate-button.php:488

Maintenance & Trust

Zeffy Donate Button Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 12, 2026

PHP min version7.0

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs400

Alternatives

Zeffy Donate Button Alternatives

Click & Pledge CONNECT

click-pledge-connect

100 2 CVEs

Donorbox – Free Recurring Donation Plugin and Fundraising Platform

donorbox-donation-form

Donorbox is a powerful and secure donation management plugin for WordPress. We are the only donation plugin for WordPress that offers a fast feature-f …

9K 2 CVEs

WhyDonate – FREE Donate button – Crowdfunding – Fundraising

wp-whydonate

FREE Donation button for your website. Collect donations via Credit card, PayPal, VISA, iDeal, Sofort and Bancontact. Set up in minutes and safe!

800 3 CVEs

FundPress – WordPress Donation Plugin

fundpress

Easily build your own crowdfunding platform like Kickstarter with this free WordPress donation plugin in just a few clicks. No coding required.

300 1 CVE

Funraise Giving Form

funraise-donation-form

100

Use Funraise to add donation forms to your website with a shortcode. Manage donations and donors in Funraise's free platform.

300 No CVEs

Developer Profile

Zeffy Donate Button Developer Profile

hectorzeffy

1 plugin · 400 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Zeffy Donate Button

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/zeffy-donate-button/zeffy-donate-button.php

HTML / DOM Fingerprints

CSS Classes

zeffy-donate-button-wrapzeffy-donate-button

HTML Comments

Zeffy Donate Button by Zeffy

Embed Zeffy donation forms on your WordPress site using simple shortcodes. Easy setup with customizable donation buttons and popups. No coding required.

Data Attributes

data-zeffy-campaign-iddata-zeffy-campaign-urldata-zeffy-widthdata-zeffy-heightdata-zeffy-fullwidthdata-zeffy-align+5 more

JS Globals

window.zeffyEmbed

Shortcode Output

[zeffy-donate][zeffy-donate-button]

FAQ