WP-Safety

AI Virtual Try-On for WooCommerce Security & Risk Analysis

wordpress.org/plugins/ai-virtual-try-on-for-woocommerce

AI-powered virtual try-on plugin for WooCommerce products using Replicate.com's IDM-VTON model.

0 active installs v1.0.2 PHP 7.4+ WP 6.0+ Updated Feb 1, 2026
aiclothingfashionvirtual-tryonwoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is AI Virtual Try-On for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

AI Virtual Try-On for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago
Risk Assessment

The "ai-virtual-try-on-for-woocommerce" plugin version 1.0.2 exhibits a generally strong security posture based on static analysis. It successfully implements input sanitization for outputs, utilizes prepared statements for the majority of its SQL queries, and incorporates nonces and capability checks for its AJAX endpoints, indicating good development practices. The absence of known CVEs and a clean vulnerability history further contributes to this positive assessment.

However, the taint analysis reveals a concerning area: three flows with unsanitized paths, categorized as high severity. While the static analysis did not identify specific SQL injection or cross-site scripting vulnerabilities, these unsanitized paths represent potential avenues for attackers to inject malicious code or data if exploited. The plugin also makes three external HTTP requests, which, while not inherently insecure, could be a vector if the remote services are compromised or if the plugin improperly handles responses from these requests. The limited attack surface of five AJAX handlers, all with authentication checks, is a positive sign, but the presence of these taint flows warrants careful attention.

In conclusion, the plugin demonstrates a commitment to secure coding principles, particularly in output handling and SQL query preparation. The lack of historical vulnerabilities is encouraging. The primary concern lies with the identified high-severity taint flows, which require further investigation to ensure they do not lead to exploitable vulnerabilities. Addressing these specific code weaknesses is crucial for maintaining a robust security profile.

Key Concerns

  • High severity unsanitized paths in taint analysis
  • External HTTP requests present
Vulnerabilities
None known

AI Virtual Try-On for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

AI Virtual Try-On for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
4
13 prepared
Unescaped Output
0
126 escaped
Nonce Checks
6
Capability Checks
7
File Operations
0
External Requests
3
Bundled Libraries
0

SQL Query Safety

76% prepared17 total queries

Output Escaping

100% escaped126 total outputs
Data Flows
3 unsanitized

Data Flow Analysis

5 flows3 with unsanitized paths
render_page (admin\class-rwpvto-dashboard.php:72)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

AI Virtual Try-On for WooCommerce Attack Surface

Entry Points5
Unprotected0

AJAX Handlers 5

authwp_ajax_rwpvto_generate_tryonincludes\class-rwpvto-ajax-handler.php:42
authwp_ajax_rwpvto_delete_imageincludes\class-rwpvto-ajax-handler.php:45
authwp_ajax_rwpvto_get_product_imagesincludes\class-rwpvto-ajax-handler.php:48
authwp_ajax_rwpvto_add_to_galleryincludes\class-rwpvto-ajax-handler.php:51
authwp_ajax_rwpvto_test_apiincludes\class-rwpvto-ajax-handler.php:54
WordPress Hooks 11
actionadmin_menuadmin\class-rwpvto-dashboard.php:41
actionadd_meta_boxesadmin\class-rwpvto-product-meta.php:45
actionadmin_menuadmin\class-rwpvto-settings.php:45
actionadmin_initadmin\class-rwpvto-settings.php:46
actionplugins_loadedai-virtual-tryon-for-woocommerce.php:89
actionbefore_woocommerce_initai-virtual-tryon-for-woocommerce.php:92
actionadmin_enqueue_scriptsai-virtual-tryon-for-woocommerce.php:98
filterupload_mimesai-virtual-tryon-for-woocommerce.php:101
filterfile_is_displayable_imageai-virtual-tryon-for-woocommerce.php:102
actionadmin_noticesai-virtual-tryon-for-woocommerce.php:111
filterhttp_request_timeoutincludes\class-rwpvto-ajax-handler.php:324
Maintenance & Trust

AI Virtual Try-On for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 1, 2026
PHP min version7.4
Downloads115

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

AI Virtual Try-On for WooCommerce Alternatives

Tryly.ai Virtual Try-On for WooCommerce

Tryly.ai Virtual Try-On for WooCommerce

tryly-ai-virtual-try-on-for-woocommerce

A
100

Transform your fashion store with virtual try-on technology. Let customers see how clothes look on them before buying - boost sales, reduce returns!

50 No CVEs
LookCheck AI

LookCheck AI

lookcheck-ai

A
100

LookCheck AI-powered virtual try-on plugin for WooCommerce. Let your customers virtually try on clothing items using advanced AI technology.

0 No CVEs
Virtual Try-On for Shops

Virtual Try-On for Shops

virtual-try-on-for-shops

A
100

AI-powered virtual try-on for WooCommerce. Let customers see how clothes, glasses, jewelry, and pet accessories look before buying.

0 No CVEs
MailPoet – Newsletters, Email Marketing, and Automation

MailPoet – Newsletters, Email Marketing, and Automation

mailpoet

A
98

Send beautiful newsletters from WordPress. Collect subscribers with signup forms, automate your emails for WooCommerce, blog post notifications & more

500K 3 CVEs
Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns

Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns

essential-blocks

B
83

Gutenberg block editor with AI. 70+ Gutenberg blocks, patterns, WooCommerce blocks, post grid, gallery, menu with Gutenberg block library.

200K 28 CVEs
Developer Profile

AI Virtual Try-On for WooCommerce Developer Profile

replicatewp

1 plugin · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect AI Virtual Try-On for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/ai-virtual-try-on-for-woocommerce/assets/css/admin.css/wp-content/plugins/ai-virtual-try-on-for-woocommerce/assets/js/admin.js
Script Paths
/wp-content/plugins/ai-virtual-try-on-for-woocommerce/assets/js/admin.js
Version Parameters
ai-virtual-try-on-for-woocommerce/assets/css/admin.css?ver=ai-virtual-try-on-for-woocommerce/assets/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
rwpvto-admin-cssrwpvto-admin-js
Data Attributes
rwpvtoAdmin
JS Globals
rwpvtoAdmin
FAQ

Frequently Asked Questions about AI Virtual Try-On for WooCommerce