Does Alister have any unpatched vulnerabilities?

No. All known vulnerabilities in Alister have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Alister compatible with WordPress 6.4.8?

According to WordPress.org data, Alister 0.9.2 has been tested up to WordPress 6.4.8. Check the plugin's changelog for the latest compatibility information.

Is Alister compatible with PHP 7.0+?

Alister requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Alister updated?

Alister was last updated on Oct 30, 2023. Frequent updates are generally a positive security signal.

What is Alister's security score?

Alister has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Alister Security & Risk Analysis

wordpress.org/plugins/alister

A tool that helps woocommerce based stores import aliexpress products.

20 active installs v0.9.2 PHP 7.0+ WP 4.7+ Updated Oct 30, 2023

aliexpressaliexpress-product-importeraliexpress-product-managementartificial-intelligencedropshipping

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Alister Safe to Use in 2026?

Generally Safe

Score 85/100

Alister has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2yr ago

Risk Assessment

The "alister" plugin version 0.9.2 exhibits a significantly concerning security posture primarily due to its vast unprotected attack surface. With 25 AJAX handlers, all lacking authentication checks, the plugin presents a wide entry point for potential attackers. The presence of the `unserialize` function, a known vulnerability vector when handling untrusted input, further exacerbates this risk. While taint analysis did not reveal critical or high severity issues, the fact that all analyzed flows had unsanitized paths is a red flag, suggesting potential for future exploitation if input validation is not rigorously applied. The plugin's history of zero known CVEs is a positive indicator, but it cannot compensate for the evident weaknesses in its current implementation, especially the lack of nonces and limited capability checks.

Key Concerns

25 unprotected AJAX handlers
Use of unserialize function
0 Nonce checks for AJAX
SQL queries not always prepared
Output not always escaped
Limited capability checks (2)
All taint flows have unsanitized paths

Vulnerabilities

None known

Alister Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Alister Code Analysis

Dangerous Functions

Raw SQL Queries

1 prepared

Unescaped Output

41 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$p->args = unserialize($p->args);endpoints.php:299

SQL Query Safety

20% prepared5 total queries

Output Escaping

59% escaped69 total outputs

Data Flows

4 unsanitized

Data Flow Analysis

4 flows4 with unsanitized paths

alister_add_product (endpoints.php:9)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

25 unprotected

Alister Attack Surface

Entry Points25

Unprotected25

AJAX Handlers 25

authwp_ajax_get_product_dataendpoints.php:516

authwp_ajax_alister_get_existing_productendpoints.php:517

authwp_ajax_get_categoriesendpoints.php:518

authwp_ajax_get_tagsendpoints.php:519

authwp_ajax_alister_add_productendpoints.php:520

authwp_ajax_alister_ai_descriptionendpoints.php:521

authwp_ajax_alister_update_pricesendpoints.php:522

authwp_ajax_alister_get_remaining_requestsendpoints.php:523

authwp_ajax_alister_get_optionsendpoints.php:525

authwp_ajax_alister_delete_property_dictendpoints.php:543

authwp_ajax_alister_set_optionendpoints.php:557

authwp_ajax_alister_add_description_templateendpoints.php:576

authwp_ajax_alister_add_ai_description_templateendpoints.php:582

authwp_ajax_alister_add_ai_title_templateendpoints.php:588

authwp_ajax_alister_get_description_title_templatesendpoints.php:594

authwp_ajax_alister_get_import_rulesendpoints.php:600

authwp_ajax_alister_add_import_ruleendpoints.php:606

authwp_ajax_alister_remove_productendpoints.php:613

authwp_ajax_alister_get_product_queueendpoints.php:639

authwp_ajax_alister_edit_product_metaendpoints.php:645

authwp_ajax_alister_add_product_to_queueendpoints.php:662

authwp_ajax_alister_poll_products_from_queueendpoints.php:674

authwp_ajax_alister_get_ai_product_titleendpoints.php:714

authwp_ajax_alister_get_open_ai_product_dataendpoints.php:723

authwp_ajax_alister_get_ai_product_titleendpoints.php:740

WordPress Hooks 8

actionadmin_menualister.php:31

actionwoocommerce_product_options_general_product_dataalister.php:32

actionwoocommerce_process_product_metaalister.php:33

actionplugins_loadedendpoints.php:514

actionalister_import_ruleendpoints.php:704

actionbefore_delete_postendpoints.php:732

actionalister_update_priceendpoints.php:749

actioninitendpoints.php:750

Maintenance & Trust

Alister Maintenance & Trust

Maintenance Signals

WordPress version tested6.4.8

Last updatedOct 30, 2023

PHP min version7.0

Downloads4K

Community Trust

Rating100/100

Number of ratings4

Active installs20

Alternatives

Alister Alternatives

ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce

woo-alidropship

Transfer data from AliExpress products to WooCommerce effortlessly and fulfill WooCommerce orders to AliExpress automatically.

10K 2 CVEs

AliExpress Dropshipping Plugin for WooCommerce – AliNext

ali2woo-lite

AliExpress Dropshipping Plugin for WooCommerce lets you import products, reviews, images, set rules, and automate orders

4K 7 CVEs

Importify – AI Dropshipping for WooCommerce

importify

100

Importify is a dropshipping app that allows you to find products from a variety of wholesalers, add them to your WooCommerce store, and sell them onli …

2K 1 CVE

EPROLO-Dropshipping

eprolo-dropshipping

EPROLO dropshipping allows to import products from Aliexpress or EPROLO to wordpress, woocommerce in one click.

1K 2 CVEs

Sharkdropship & affiliate for AliExpress

wooshark-aliexpress-importer

Transform your WooCommerce store into a profitable AliExpress dropshipping or affiliate business with ease!

300 2 CVEs

Developer Profile

Alister Developer Profile

elephantfishing

1 plugin · 20 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Alister

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/alister/app/build/index.css/wp-content/plugins/alister/app/build/index.js

Script Paths

/wp-content/plugins/alister/app/build/index.js

Version Parameters

alister-stylealister-script

HTML / DOM Fingerprints

CSS Classes

options_group

Data Attributes

id="alisterApp"

JS Globals

alisterData

REST Endpoints

/wp-json/alister-elephantfishing/v1/add-product/wp-json/alister-elephantfishing/v1/get-product-data/wp-json/alister-elephantfishing/v1/get-existing-product/wp-json/alister-elephantfishing/v1/get-description/wp-json/alister-elephantfishing/v1/get-product-categories/wp-json/alister-elephantfishing/v1/get-product-tags/wp-json/alister-elephantfishing/v1/update-product-price/wp-json/alister-elephantfishing/v1/get-remaining-requests

FAQ