Does ZimRate have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is ZimRate compatible with WordPress 6.9.4?

According to WordPress.org data, ZimRate 1.1.5 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is ZimRate compatible with PHP 7.3+?

ZimRate requires PHP 7.3 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is ZimRate updated?

ZimRate was last updated on Dec 30, 2025. Frequent updates are generally a positive security signal.

What is ZimRate's security score?

ZimRate has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

ZimRate Security & Risk Analysis

wordpress.org/plugins/zimrate

All Zimbabwean exchange rates from multiple sites in one plugin. No need to scrounge the internet for the current days rate.

0 active installs v1.1.5 PHP 7.3+ WP 4.0.0+ Updated Dec 30, 2025

currencyratetyganeutronicszimbabwezimrate

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is ZimRate Safe to Use in 2026?

Generally Safe

Score 100/100

ZimRate has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago

Risk Assessment

The "zimrate" v1.1.5 plugin exhibits a generally strong security posture based on the provided static analysis. The complete absence of known vulnerabilities (CVEs) and a robust implementation of prepared statements for all SQL queries are significant strengths. The presence of nonce checks and capability checks on potential entry points further indicates a good security-conscious development approach. However, a notable concern arises from the static analysis revealing 9 instances of the 'assert' function, which can be a double-edged sword: useful for development and debugging but potentially exploitable if not carefully managed in production environments. Additionally, a significant portion (37%) of output escaping is not properly handled, presenting a risk of cross-site scripting (XSS) vulnerabilities if user-supplied data is not adequately sanitized before being displayed.

Key Concerns

High number of 'assert' function calls
Significant unescaped output detected

Vulnerabilities

None known

ZimRate Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

ZimRate Release Timeline

v1.1.5Current

v1.1.4

v1.1.3

v1.1.2

v1.1.1

v1.1.0

v1.0.0

Code Analysis

Analyzed Apr 16, 2026

ZimRate Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

68 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

assertassert(count($arguments) >= 2, new BadMethodCallException('You need to provide at least two argumentsrc/Zimrate.php:239

assertassert(file_exists($file), new BadMethodCallException('Please provide a valid file path for ' . $namsrc/Zimrate.php:248

assertassert(is_callable($callable, true), new BadMethodCallException('Please provide a callable function src/Zimrate.php:259

assertassert(is_string($hook), new BadMethodCallException('Please provide the name of the hook for ' . $nasrc/Zimrate.php:269

assertassert(is_callable($callable, true), new BadMethodCallException('Please provide a callable function src/Zimrate.php:280

assertassert(is_numeric($priority), new BadMethodCallException('Priority should be numeric for ' . $name))src/Zimrate.php:288

assertassert(is_numeric($args), new BadMethodCallException('Number of arguments should be numeric for ' . src/Zimrate.php:296

assertassert(is_string($tag), new BadMethodCallException('Please provide the shortcode tag for ' . $name))src/Zimrate.php:304

assertassert(is_callable($callable, true), new BadMethodCallException('Please provide a callable function src/Zimrate.php:315

Bundled Libraries

Guzzle

Output Escaping

63% escaped108 total outputs

Attack Surface

ZimRate Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[zimrate] src/Zimrate.php:194

WordPress Hooks 25

filterhttp_responsesrc/Integrations/CurrencyConverter.php:62

filterberocket_ce_apis_sanitize_oersrc/Integrations/CurrencyExchangeWoocommerce.php:62

filterberocket_ce_apis_sanitize_currencylayersrc/Integrations/CurrencyExchangeWoocommerce.php:63

filterberocket_ce_apis_sanitize_fixeriosrc/Integrations/CurrencyExchangeWoocommerce.php:64

filterberocket_ce_apis_sanitize_floatratessrc/Integrations/CurrencyExchangeWoocommerce.php:65

filteralg_wc_cs_get_exchange_ratesrc/Integrations/CurrencySwitcherWoocommerce.php:62

filterhttp_responsesrc/Integrations/WcMultiCurrency.php:62

filterhttp_responsesrc/Integrations/WooMultiCurrency.php:63

filterwmc_get_exchangesrc/Integrations/WooMultiCurrency.php:64

filterwmc_get_currency_codesrc/Integrations/WooMultiCurrency.php:65

filterwoocs_add_custom_ratesrc/Integrations/Woocs.php:62

actionplugins_loadedsrc/Zimrate.php:122

actionplugins_loadedsrc/Zimrate.php:149

actionadmin_menusrc/Zimrate.php:168

actionadmin_initsrc/Zimrate.php:169

actionadmin_initsrc/Zimrate.php:170

actionadmin_initsrc/Zimrate.php:171

actionadmin_initsrc/Zimrate.php:172

actionadmin_noticessrc/Zimrate.php:173

filterwoocommerce_currenciessrc/Zimrate.php:174

filterwoocommerce_currency_symbolssrc/Zimrate.php:175

actionadmin_enqueue_scriptssrc/Zimrate.php:176

actionadmin_enqueue_scriptssrc/Zimrate.php:177

actionwp_enqueue_scriptssrc/Zimrate.php:195

actionwp_enqueue_scriptssrc/Zimrate.php:196

Maintenance & Trust

ZimRate Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 30, 2025

PHP min version7.3

Downloads1K

Community Trust

Rating100/100

Number of ratings1

Active installs0

Alternatives

ZimRate Alternatives

Currency Converter Widget

currency-converter-widget

100

Free, fast, and beautiful currency converter widget with 170+ currencies, live exchange rates, and 11 widget styles.

3K 1 CVE

Multi Currency, Currency Switcher, Exchange Rates for WooCommerce – Mudra

woo-exchange-rate

100

Allows to add exchange rates for WooCommerce store

2K No CVEs

Exchange Rates Widget

exchange-rates-widget

100

❤️‍ Is a magic and easy-to-use with beautiful UI widget. Included 190+ world currencies with popular cryptocurrencies.

1K 1 CVE

Exchange Rates

exchange-rates

Currency Converter & Exchange Rates Widgets, easy-to-use, with beautiful UI. 🔑 No API key needed, ❤️‍ plug and play.

900 2 CVEs

CurrencyConverter

currencyconverter

100

More than 170+ currency rates. The data about currency rates is free and updates each hour automatically.

800 No CVEs

Developer Profile

ZimRate Developer Profile

Richard Muvirimi

4 plugins · 4K total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect ZimRate

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/zimrate/admin/css/admin-dashboard.css/wp-content/plugins/zimrate/admin/css/admin-rating.css/wp-content/plugins/zimrate/admin/css/admin-about.css/wp-content/plugins/zimrate/admin/js/admin-rating.js/wp-content/plugins/zimrate/admin/js/admin-dashboard.js

Script Paths

/wp-content/plugins/zimrate/admin/js/admin-rating.js

Version Parameters

zimrate/admin/css/admin-dashboard.css?ver=zimrate/admin/css/admin-rating.css?ver=zimrate/admin/css/admin-about.css?ver=zimrate/admin/js/admin-rating.js?ver=zimrate/admin/js/admin-dashboard.js?ver=

HTML / DOM Fingerprints

CSS Classes

zimrate-dashboard-settings

Data Attributes

data-zimrate-id

JS Globals

zimrate

FAQ

ZimRate Security & Risk Analysis

Is ZimRate Safe to Use in 2026?

Generally Safe

Key Concerns

ZimRate Security Vulnerabilities

ZimRate Release Timeline

ZimRate Code Analysis

Dangerous Functions Found

Bundled Libraries

Output Escaping

ZimRate Attack Surface

Shortcodes 1

ZimRate Maintenance & Trust

Maintenance Signals

Community Trust

ZimRate Alternatives

Currency Converter Widget

Multi Currency, Currency Switcher, Exchange Rates for WooCommerce – Mudra

Exchange Rates Widget

Exchange Rates

CurrencyConverter

ZimRate Developer Profile

How We Detect ZimRate

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about ZimRate