Does ARViewz have any unpatched vulnerabilities?

No. All known vulnerabilities in ARViewz have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is ARViewz compatible with WordPress 6.6.5?

According to WordPress.org data, ARViewz 1.1.2 has been tested up to WordPress 6.6.5. Check the plugin's changelog for the latest compatibility information.

Is ARViewz compatible with PHP 7.4+?

ARViewz requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is ARViewz updated?

ARViewz was last updated on Nov 12, 2024. Frequent updates are generally a positive security signal.

What is ARViewz's security score?

ARViewz has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

ARViewz Security & Risk Analysis

wordpress.org/plugins/arviewz

This plugin integrates ARViewz functionality into WordPress.

0 active installs v1.1.2 PHP 7.4+ WP 6.0+ Updated Nov 12, 2024

3d-modelarviewzaugmented-reality

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is ARViewz Safe to Use in 2026?

Generally Safe

Score 92/100

ARViewz has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The arviewz plugin v1.1.2 exhibits a generally good security posture based on static analysis, with no direct vulnerabilities identified in its attack surface or through taint analysis. The plugin avoids dangerous functions, uses prepared statements for all SQL queries, and properly escapes the vast majority of its output. The lack of file operations and external HTTP requests also reduces potential attack vectors.

However, there are areas for improvement. The absence of nonce checks and capability checks on its entry points is a significant concern, as this could allow for unauthorized actions if any entry points are discovered or added in the future. While the current attack surface is zero, the lack of these checks means any future additions to the entry points would be inherently unprotected. The plugin also makes one external HTTP request, which, while not immediately problematic, introduces a dependency on external service availability and security.

The plugin has no recorded vulnerability history, which is a positive indicator of its current security. This suggests a proactive approach to security or a lack of discovered vulnerabilities so far. However, it's important to note that a clean history doesn't guarantee future safety, especially given the identified lack of protective checks on potential entry points.

Key Concerns

Missing nonce checks on potential entry points
Missing capability checks on potential entry points
External HTTP request

Vulnerabilities

None known

ARViewz Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

ARViewz Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

54 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

96% escaped56 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

arviewz_add_model_url_page (inc\functions.php:144)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

ARViewz Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 15

actionadmin_noticesarviewz.php:57

actionadmin_noticesarviewz.php:65

actionadmin_initarviewz.php:71

actionadmin_enqueue_scriptsarviewz.php:79

actionwp_enqueue_scriptsarviewz.php:100

actionadmin_enqueue_scriptsarviewz.php:126

actionadmin_menuinc\functions.php:18

filtermanage_edit-product_columnsinc\functions.php:26

actionmanage_product_posts_custom_columninc\functions.php:40

filterquery_varsinc\functions.php:110

actionadmin_initinc\functions.php:263

filterwoocommerce_single_product_image_thumbnail_htmlinc\functions.php:284

filterwoocommerce_single_product_image_thumbnail_htmlinc\functions.php:304

filterwoocommerce_single_product_image_htmlinc\functions.php:305

actionadmin_initinc\functions.php:432

Maintenance & Trust

ARViewz Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5

Last updatedNov 12, 2024

PHP min version7.4

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

ARViewz Alternatives

Augmented Reality Viewer – 3D Model Viewer

ar-viewer

100

By using this plugin, you can easily create an augmented reality viewer or 3D model viewer anywhere on your website.

500 No CVEs

AR for WordPress

ar-for-wordpress

Augmented Reality for WordPress lets you showcase 3D models in an interactive viewer and AR on iOS and Android, with no app downloads needed.

400 1 unpatched

SwiftXR (3D/AR/VR) Viewer

swiftxr-3darvr-viewer

Easily enhance customer engagement with immersive 3D, AR, and VR experiences

100 1 unpatched

3D Viewer – Display Interactive 3D Models

3d-viewer

100

3D Viewer lets you embed interactive 3D models and 360 product views on WordPress sites with support for GLB, GLTF, OBJ, STL, FBX, DAE, and BIM.

10K No CVEs

3D Viewer Block – Interactive 3D Model Display

3d-viewer-block

100

Embed 3D models. Display interactive 3D models within a few clicks using the Gutenberg Editor.

900 No CVEs

Developer Profile

ARViewz Developer Profile

arviewz

1 plugin · 0 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect ARViewz

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/arviewz/assets/css/style.css/wp-content/plugins/arviewz/assets/css/styles.css/wp-content/plugins/arviewz/assets/js/modelapi.js/wp-content/plugins/arviewz/assets/css/admin-styles.css/wp-content/plugins/arviewz/assets/css/select.full.css/wp-content/plugins/arviewz/assets/js/select.full.js

Script Paths

/wp-content/plugins/arviewz/assets/js/modelapi.js/wp-content/plugins/arviewz/assets/js/select.full.js

Version Parameters

arviewz/assets/css/style.css?ver=arviewz/assets/css/styles.css?ver=arviewz/assets/js/modelapi.js?ver=arviewz/assets/css/admin-styles.css?ver=arviewz/assets/css/select.full.css?ver=arviewz/assets/js/select.full.js?ver=

HTML / DOM Fingerprints

CSS Classes

arviewz-select2

Data Attributes

data-product_id

JS Globals

pluginData

FAQ