Advanced COGS & Profit for WooCommerce Security & Risk Analysis

wordpress.org/plugins/advanced-cogs-profit-for-woocommerce

Unlock profit insights for your WooCommerce store. This plugin extends WooCommerce's native Cost of Goods Sold (COGS) functionality, allowing you …

0 active installs v1.1.0 PHP 7.4+ WP 5.8+ Updated Sep 8, 2025
analyticscogscost-of-goods-soldprofitwoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Advanced COGS & Profit for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Advanced COGS & Profit for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10mo ago
Risk Assessment

The plugin "advanced-cogs-profit-for-woocommerce" v1.1.0 presents a generally positive security posture based on the static analysis. The complete absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits the plugin's attack surface. Furthermore, the code demonstrates strong practices with all SQL queries using prepared statements and a high percentage of output being properly escaped. The lack of file operations and external HTTP requests also contributes to a reduced risk profile. The taint analysis shows a small number of flows with unsanitized paths, but critically, these did not escalate to any high or critical severity issues. The plugin also has no recorded vulnerability history, which is a strong indicator of its current stability and the development team's attention to security. However, the complete absence of nonce and capability checks across all identified entry points, while currently theoretical given the zero entry points, represents a potential future concern if the plugin's functionality were to expand. This plugin appears to be built with security in mind, but a lack of explicit authorization checks on potential future entry points is a minor weakness.

Key Concerns

  • No nonce checks on any entry points
  • No capability checks on any entry points
  • 2 unsanitized path flows in taint analysis
Vulnerabilities
None known

Advanced COGS & Profit for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Advanced COGS & Profit for WooCommerce Release Timeline

No version history available.
Code Analysis
Analyzed Apr 16, 2026

Advanced COGS & Profit for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
7
48 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

87% escaped55 total outputs
Data Flows · Security
2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths
save_settings (advanced-cogs-profit-for-woocommerce.php:185)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Advanced COGS & Profit for WooCommerce Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 8
filterwoocommerce_get_sections_advancedadvanced-cogs-profit-for-woocommerce.php:56
filterwoocommerce_get_settings_advancedadvanced-cogs-profit-for-woocommerce.php:57
actionwoocommerce_settings_advancedadvanced-cogs-profit-for-woocommerce.php:58
actionwoocommerce_settings_save_advancedadvanced-cogs-profit-for-woocommerce.php:59
filterwoocommerce_product_data_tabsadvanced-cogs-profit-for-woocommerce.php:61
actionwoocommerce_product_data_panelsadvanced-cogs-profit-for-woocommerce.php:62
actionadd_meta_boxesadvanced-cogs-profit-for-woocommerce.php:65
actionadmin_enqueue_scriptsadvanced-cogs-profit-for-woocommerce.php:68
Maintenance & Trust

Advanced COGS & Profit for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedSep 8, 2025
PHP min version7.4
Downloads266

Community Trust

Rating0/100
Number of ratings0
Active installs0
Developer Profile

Advanced COGS & Profit for WooCommerce Developer Profile

Tag Concierge

5 plugins · 1K total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Advanced COGS & Profit for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/advanced-cogs-profit-for-woocommerce/assets/js/admin-settings.js
Version Parameters
advanced-cogs-profit-for-woocommerce/assets/js/admin-settings.js?ver=

HTML / DOM Fingerprints

CSS Classes
advanced-cogs-profit-woo-insertadvanced-cogs-profit-woo-removeadvanced_page_options-description
Data Attributes
advanced_cogs_profit_woo_payment_processing_costadvanced_cogs_profit_woo_fulfilment_cost
FAQ

Frequently Asked Questions about Advanced COGS & Profit for WooCommerce