WP-Safety

Add to Cart Redirect for WooCommerce Security & Risk Analysis

wordpress.org/plugins/add-to-cart-direct-checkout-for-woocommerce

Features offered: Add to cart redirect, Quick purchase button, Buy now button, Quick View product, option to change quantity on checkout page.

9K active installs v2.1.92 PHP + WP 3.0.1+ Updated Mar 6, 2026
direct-checkoutone-page-checkoutredirect-to-checkoutwoocommerce-direct-checkoutwoocommerce-single-page-checkout
100
A · Safe
CVEs total1
Unpatched0
Last CVEMar 30, 2023
Plugin page Download
Safety Verdict

Is Add to Cart Redirect for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Add to Cart Redirect for WooCommerce has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Mar 30, 2023Updated 28d ago
Risk Assessment

This plugin exhibits a mixed security posture, with some strong security practices but also notable areas of concern. The extensive use of prepared statements for SQL queries and a high percentage of properly escaped output are positive indicators of secure coding. However, the presence of 10 AJAX handlers, with a significant 8 lacking authentication checks, presents a considerable attack surface. The taint analysis revealing unsanitized paths, though not reaching critical or high severity in this scan, warrants attention as it indicates potential for input manipulation. The plugin's vulnerability history shows one known CVE, classified as medium, and a past instance of Cross-Site Scripting, which, while patched, suggests a historical tendency for input sanitization issues. Overall, the lack of robust authentication on a substantial portion of its AJAX endpoints is the most pressing concern, overshadowing the otherwise good practices in data handling and SQL.

Key Concerns

  • 8 unprotected AJAX handlers
  • 3 unsanitized paths in taint analysis
  • 1 medium severity CVE historically
  • Past XSS vulnerability history
  • Only 3 nonce checks for 10 entry points
Vulnerabilities
1

Add to Cart Redirect for WooCommerce Security Vulnerabilities

CVEs by Year

1 CVE in 2023
2023
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2023-28988medium · 4.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Direct checkout, Add to cart redirect for Woocommerce <= 2.1.48 - Authenticated (Administrator+) Stored Cross-Site Scripting

Mar 30, 2023 Patched in 2.1.49 (299d)
Code Analysis
Analyzed Mar 16, 2026

Add to Cart Redirect for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
9
303 escaped
Nonce Checks
3
Capability Checks
0
File Operations
0
External Requests
1
Bundled Libraries
0

Output Escaping

97% escaped312 total outputs
Data Flows
3 unsanitized

Data Flow Analysis

14 flows3 with unsanitized paths
tab (admin\class-pi-dcw-add-to-cart.php:76)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
8 unprotected

Add to Cart Redirect for WooCommerce Attack Surface

Entry Points10
Unprotected8

AJAX Handlers 10

noprivwp_ajax_pisol_dcw_update_quantitypublic\class-change-quantity-checkout.php:20
authwp_ajax_pisol_dcw_update_quantitypublic\class-change-quantity-checkout.php:21
noprivwp_ajax_pisol_dcw_remove_itempublic\class-change-quantity-checkout.php:23
authwp_ajax_pisol_dcw_remove_itempublic\class-change-quantity-checkout.php:24
authwp_ajax_pi_dcw_generate_captchapublic\class-checkout-captcha.php:62
noprivwp_ajax_pi_dcw_generate_captchapublic\class-checkout-captcha.php:63
authwp_ajax_pi_dcw_refresh_captchapublic\class-checkout-captcha.php:64
noprivwp_ajax_pi_dcw_refresh_captchapublic\class-checkout-captcha.php:65
authwp_ajax_pisol_get_productpublic\quickview\class.frontend.php:41
noprivwp_ajax_pisol_get_productpublic\quickview\class.frontend.php:42
WordPress Hooks 70
actionadmin_enqueue_scriptsadmin\class-analytics.php:34
actionadmin_footer-plugins.phpadmin\class-analytics.php:35
actionadmin_noticesadmin\class-analytics.php:38
filterwoocommerce_product_single_add_to_cart_textadmin\class-pi-dcw-add-to-cart.php:58
filterwoocommerce_product_add_to_cart_textadmin\class-pi-dcw-add-to-cart.php:62
actioninitadmin\class-pi-dcw-add-to-cart.php:142
actionadmin_initadmin\class-pi-dcw-admin.php:56
actioninitadmin\class-pi-dcw-buy-now.php:116
actioninitadmin\class-pi-dcw-checkout.php:194
actionadmin_menuadmin\class-pi-dcw-menu.php:13
actioninitadmin\class-pi-dcw-option.php:117
actionwoocommerce_product_options_general_product_dataadmin\class-pi-dcw-woo.php:53
actionwoocommerce_product_options_sold_individuallyadmin\class-sold-individually.php:19
actionwoocommerce_process_product_metaadmin\class-sold-individually.php:21
actionwoocommerce_product_after_variable_attributesadmin\class-sold-individually.php:23
actionwoocommerce_save_product_variationadmin\class-sold-individually.php:25
filterinstall_plugins_nonmenu_tabsadmin\plugins.php:41
actionplugins_loadedincludes\class-pi-dcw.php:145
actionadmin_enqueue_scriptsincludes\class-pi-dcw.php:160
actionadmin_enqueue_scriptsincludes\class-pi-dcw.php:161
actionwp_enqueue_scriptsincludes\class-pi-dcw.php:176
actionwp_enqueue_scriptsincludes\class-pi-dcw.php:177
actionadmin_footerincludes\pisol.class.form.php:415
actionafter_plugin_row_add-to-cart-direct-checkout-for-woocommerce-pro/pi-dcw.phpincludes\Pro_Warning.php:17
actionadmin_noticesincludes\review.php:108
actionadmin_noticespi-dcw.php:48
actionadmin_noticespi-dcw.php:61
actionbefore_woocommerce_initpi-dcw.php:95
filterwoocommerce_cart_item_namepublic\class-change-quantity-checkout.php:14
filterwoocommerce_checkout_cart_item_quantitypublic\class-change-quantity-checkout.php:16
actionwp_loadedpublic\class-change-quantity-checkout.php:18
filterwp_kses_allowed_htmlpublic\class-change-quantity-checkout.php:26
actionwp_enqueue_scriptspublic\class-change-quantity-checkout.php:96
actionplugins_loadedpublic\class-checkout-authentication.php:12
actiontemplate_redirectpublic\class-checkout-authentication.php:40
actionwp_headpublic\class-checkout-authentication.php:41
filterwoocommerce_registration_redirectpublic\class-checkout-authentication.php:43
filterwoocommerce_login_redirectpublic\class-checkout-authentication.php:44
actionwp_headpublic\class-checkout-authentication.php:45
actionadmin_noticespublic\class-checkout-captcha.php:37
filterwoocommerce_checkout_posted_datapublic\class-checkout-captcha.php:57
actionwoocommerce_after_checkout_validationpublic\class-checkout-captcha.php:58
actionwoocommerce_checkout_order_processedpublic\class-checkout-captcha.php:60
actionwp_enqueue_scriptspublic\class-checkout-captcha.php:67
filterwoocommerce_add_to_cart_redirectpublic\class-pi-dcw-public.php:76
filterwoocommerce_get_script_datapublic\class-pi-dcw-public.php:79
filterwc_add_to_cart_message_htmlpublic\class-pi-dcw-public.php:83
actiontemplate_redirectpublic\class-pi-dcw-public.php:87
filterthe_contentpublic\class-pi-dcw-public.php:95
actionwoocommerce_before_checkout_formpublic\class-pi-dcw-public.php:97
filterwoocommerce_checkout_fieldspublic\class-pi-dcw-public.php:101
filterwoocommerce_enable_order_notes_fieldpublic\class-pi-dcw-public.php:102
filterwoocommerce_coupons_enabledpublic\class-pi-dcw-public.php:104
actioninitpublic\class-pi-dcw-public.php:109
actionwoocommerce_add_to_cart_sold_individually_found_in_cartpublic\class-sold-individually.php:19
filterwoocommerce_is_sold_individuallypublic\class-sold-individually.php:20
filterwoocommerce_cart_product_cannot_add_another_messagepublic\class-sold-individually.php:37
actioninitpublic\quickview\class-pi-dcw-quickview.php:111
actionwp_enqueue_scriptspublic\quickview\class.frontend.php:38
actionwoocommerce_after_shop_loop_itempublic\quickview\class.frontend.php:39
actionwp_footerpublic\quickview\class.frontend.php:40
actionpisol_show_product_sale_flashpublic\quickview\class.frontend.php:44
actionpisol_show_product_imagespublic\quickview\class.frontend.php:45
actionpisol_product_datapublic\quickview\class.frontend.php:48
actionpisol_product_datapublic\quickview\class.frontend.php:49
actionpisol_product_datapublic\quickview\class.frontend.php:50
actionpisol_product_datapublic\quickview\class.frontend.php:51
actionpisol_product_datapublic\quickview\class.frontend.php:52
actionpisol_product_datapublic\quickview\class.frontend.php:53
filterwoocommerce_add_to_cart_form_actionpublic\quickview\class.frontend.php:55
Maintenance & Trust

Add to Cart Redirect for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 6, 2026
PHP min version
Downloads725K

Community Trust

Rating98/100
Number of ratings101
Active installs9K
Alternatives

Add to Cart Redirect for WooCommerce Alternatives

Direct Checkout for WooCommerce

Direct Checkout for WooCommerce

woocommerce-direct-checkout

A
100

Formerly "WooCommerce Direct Checkout". This plugin simplifies the entire WooCommerce checkout process to improve your sales rate.

80K No CVEs
Quick Buy Now Button for WooCommerce

Quick Buy Now Button for WooCommerce

quick-buy-now-button-for-woocommerce

A
100

WooCommerce Buy Now Button makes your customers' checkout process easier and faster.

20K No CVEs
One page checkout and layouts for woocommerce

One page checkout and layouts for woocommerce

custom-checkout-layouts-for-woocommerce

A
100

One Page Checkout and Layouts streamlines the entire checkout process by combining the cart and checkout into a single page.

4K No CVEs
Instantio — Side Cart & One-Page Checkout for WooCommerce

Instantio — Side Cart & One-Page Checkout for WooCommerce

instantio

A
94

Instantio adds side cart, popup cart, floating button, and one-page checkout layouts to WooCommerce for a faster, more convenient shopping and checkou &hellip;

900 3 CVEs
One Page Quick Checkout for WooCommerce

One Page Quick Checkout for WooCommerce

one-page-quick-checkout-for-woocommerce

A
100

One Page Checkout for WooCommerce with popup, direct, and single-page checkout options for faster checkout, more sales, and reduced cart abandonment.

200 No CVEs
Developer Profile

Add to Cart Redirect for WooCommerce Developer Profile

PI Web Solution

30 plugins · 93K total installs

78
trust score
Avg Security Score
99/100
Avg Patch Time
235 days
View full developer profile
Detection Fingerprints

How We Detect Add to Cart Redirect for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/add-to-cart-direct-checkout-for-woocommerce/admin/css/pi-dcw-admin.css/wp-content/plugins/add-to-cart-direct-checkout-for-woocommerce/admin/js/pi-dcw-admin.js
Script Paths
/wp-content/plugins/add-to-cart-direct-checkout-for-woocommerce/admin/js/pi-dcw-admin.js
Version Parameters
add-to-cart-direct-checkout-for-woocommerce/admin/css/pi-dcw-admin.css?ver=add-to-cart-direct-checkout-for-woocommerce/admin/js/pi-dcw-admin.js?ver=

HTML / DOM Fingerprints

FAQ

Frequently Asked Questions about Add to Cart Redirect for WooCommerce