Wishlist and Save for later for Woocommerce Security & Risk Analysis
wordpress.org/plugins/aco-wishlist-for-woocommerceWishlist for WooCommerce helps to manage Wishlist and save for later feature in a WooCommerce store
Is Wishlist and Save for later for Woocommerce Safe to Use in 2026?
Generally Safe
Score 99/100Wishlist and Save for later for Woocommerce has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.
The aco-wishlist-for-woocommerce plugin v1.1.25 exhibits a mixed security posture. While it demonstrates good practices like using prepared statements for all SQL queries and avoiding external HTTP requests, significant concerns arise from its attack surface and the presence of dangerous functions. A substantial portion of its AJAX handlers (12 out of 14) lack authentication checks, creating a considerable entry point for potential exploits. The discovery of the `unserialize` function, a known vector for remote code execution if not handled with extreme care and validation, is also a notable risk. Although the plugin has no currently unpatched vulnerabilities, its history includes a medium-severity vulnerability related to authorization bypass, suggesting a pattern of past security weaknesses. The combination of a large, unprotected attack surface and the use of potentially dangerous functions outweighs the strengths, indicating a moderate to high risk that warrants immediate attention and remediation.
Key Concerns
- Large number of unprotected AJAX handlers
- Presence of unserialize function
- Medium severity historical vulnerability
- Missing nonce checks on AJAX
- Low percentage of properly escaped output
Wishlist and Save for later for Woocommerce Security Vulnerabilities
CVEs by Year
Severity Breakdown
1 total CVE
Wishlist and Save for later for Woocommerce <= 1.1.22 - Insecure Direct Object Reference to Authenticated (Subscriber+) Wishlist Item Deletion
Wishlist and Save for later for Woocommerce Release Timeline
Wishlist and Save for later for Woocommerce Code Analysis
Dangerous Functions Found
Output Escaping
Wishlist and Save for later for Woocommerce Attack Surface
AJAX Handlers 14
REST API Routes 8
Shortcodes 3
WordPress Hooks 35
Maintenance & Trust
Wishlist and Save for later for Woocommerce Maintenance & Trust
Maintenance Signals
Community Trust
Wishlist and Save for later for Woocommerce Alternatives
Wishlist for WooCommerce
wt-woocommerce-wishlist
This WooCommerce wishlist plugin adds a wishlist feature to your store. Let users add and manage products from their wishlist page.
YITH WooCommerce Wishlist
yith-woocommerce-wishlist
YITH WooCommerce Wishlist add all Wishlist features to your website. Needs WooCommerce to work. WooCommerce 10.7.x compatible.
Addonify – WooCommerce Wishlist
addonify-wishlist
Addonify WooCommerce Wishlist is a light-weight yet powerful tool that adds a wishlist functionality to your e-commerce shop.
Flexible Wishlist for WooCommerce – Ecommerce Wishlist & Save for later
flexible-wishlist
Lightweight and simple WooCommerce wishlist. Increases sales. Fits any theme. Customizes texts and icons. Add to ecommerce wishlist with just 1 click.
Wishlist for WooCommerce
jvm-woocommerce-wishlist
Supercharge your sales with WooCommerce Wishlist - a powerful tool that empowers customers to create wishlists and enhances their shopping experience.
Wishlist and Save for later for Woocommerce Developer Profile
14 plugins · 74K total installs
How We Detect Wishlist and Save for later for Woocommerce
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/aco-wishlist-for-woocommerce/assets/css/backend.css/wp-content/plugins/aco-wishlist-for-woocommerce/assets/js/frontend.js/wp-content/plugins/aco-wishlist-for-woocommerce/assets/js/backend.js/wp-content/plugins/aco-wishlist-for-woocommerce/assets/js/frontend.min.js/wp-content/plugins/aco-wishlist-for-woocommerce/assets/js/backend.min.js/wp-content/plugins/aco-wishlist-for-woocommerce/assets/js/frontend.js/wp-content/plugins/aco-wishlist-for-woocommerce/assets/js/backend.jsaco-wishlist-for-woocommerce/assets/css/backend.css?ver=aco-wishlist-for-woocommerce/assets/js/frontend.js?ver=aco-wishlist-for-woocommerce/assets/js/backend.js?ver=HTML / DOM Fingerprints
awwlm-add-to-wishlistdata-awwlm-product-idAWWLM_DATA/wp-json/awwlm/v1/add/wp-json/awwlm/v1/remove/wp-json/awwlm/v1/get