WP-Safety

B2BKing — Ultimate WooCommerce B2B and Wholesale Solution — Dynamic Pricing, Wholesale Order Form & More Security & Risk Analysis

wordpress.org/plugins/b2bking-wholesale-for-woocommerce

B2BKing is the complete solution for running a Wholesale, B2B or B2B + B2C hybrid store with WooCommerce.

10K active installs v5.0.25 PHP 5.6.20+ WP 4.8+ Updated Mar 7, 2026
b2bwholesalewholesale-priceswoocommerce-b2bwoocommerce-wholesale
99
A · Safe
CVEs total2
Unpatched0
Last CVEJun 3, 2023
Plugin page Download
Safety Verdict

Is B2BKing — Ultimate WooCommerce B2B and Wholesale Solution — Dynamic Pricing, Wholesale Order Form & More Safe to Use in 2026?

Generally Safe

Score 99/100

B2BKing — Ultimate WooCommerce B2B and Wholesale Solution — Dynamic Pricing, Wholesale Order Form & More has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Jun 3, 2023Updated 27d ago
Risk Assessment

The "b2bking-wholesale-for-woocommerce" plugin v5.0.25 exhibits a generally good security posture with strong adherence to output escaping and nonce checks, indicating developers are aware of common WordPress vulnerabilities. The majority of its AJAX handlers are protected, and there are no REST API routes or shortcodes without proper permission callbacks, which are excellent practices for limiting attack vectors. The absence of direct file operations and external HTTP requests also contributes positively to its security. However, a significant concern arises from one AJAX handler lacking authentication checks. This presents a direct entry point for unauthenticated users to potentially interact with sensitive plugin functionality, which is a critical oversight.

The static analysis also revealed a high severity taint flow, suggesting a potential pathway for malicious data to be processed without proper sanitization, though its exact impact is not detailed. The vulnerability history shows two medium-severity CVEs in the past, both related to missing authorization. While currently unpatched, this historical pattern, especially the recurring theme of missing authorization, reinforces the risk posed by the unprotected AJAX handler. The plugin's reliance on bundled libraries like DataTables and Select2, if not kept up-to-date, could also introduce indirect risks.

In conclusion, the plugin has solid foundational security practices. However, the presence of an unprotected AJAX handler and past vulnerabilities related to authorization are significant weaknesses. The high severity taint flow warrants immediate investigation. Addressing these specific points of concern would substantially improve the plugin's overall security. The overall security is decent but has critical points needing immediate attention.

Key Concerns

  • AJAX handler without auth check
  • High severity taint flow
  • SQL queries with low prepare usage (15%)
  • Medium severity CVEs in history (2)
  • Bundled libraries (DataTables, Select2)
Vulnerabilities
2

B2BKing — Ultimate WooCommerce B2B and Wholesale Solution — Dynamic Pricing, Wholesale Order Form & More Security Vulnerabilities

CVEs by Year

2 CVEs in 2023
2023
Patched Has unpatched

Severity Breakdown

Medium
2

2 total CVEs

CVE-2023-3125medium · 6.5Missing Authorization

B2BKing <= 4.6.00 - Missing Authorization to Authenticated(Subscriber+) Price Modification

Jun 3, 2023 Patched in 4.6.20 (234d)
CVE-2023-3126medium · 4.3Missing Authorization

B2BKing <= 4.6.00 - Missing Authorization to Authenticated(Subscriber+) Information Disclosure

Jun 3, 2023 Patched in 4.6.20 (234d)
Code Analysis
Analyzed Mar 16, 2026

B2BKing — Ultimate WooCommerce B2B and Wholesale Solution — Dynamic Pricing, Wholesale Order Form & More Code Analysis

Dangerous Functions
0
Raw SQL Queries
11
2 prepared
Unescaped Output
116
1155 escaped
Nonce Checks
30
Capability Checks
24
File Operations
0
External Requests
1
Bundled Libraries
2

Bundled Libraries

DataTablesSelect2

SQL Query Safety

15% prepared13 total queries

Output Escaping

91% escaped1271 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

8 flows2 with unsanitized paths
load_global_admin_resources (admin\class-b2bking-admin.php:7434)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

B2BKing — Ultimate WooCommerce B2B and Wholesale Solution — Dynamic Pricing, Wholesale Order Form & More Attack Surface

Entry Points29
Unprotected1

AJAX Handlers 29

authwp_ajax_b2bkingapproveuserincludes\class-b2bking.php:106
authwp_ajax_b2bkingrejectuserincludes\class-b2bking.php:107
authwp_ajax_b2bking_dismiss_activate_woocommerce_admin_noticeincludes\class-b2bking.php:110
authwp_ajax_b2bking_dismiss_groups_howto_admin_noticeincludes\class-b2bking.php:113
authwp_ajax_b2bking_dismiss_groupsrules_howto_admin_noticeincludes\class-b2bking.php:114
authwp_ajax_b2bking_dismiss_quotefields_howto_admin_noticeincludes\class-b2bking.php:116
authwp_ajax_b2bking_dismiss_customers_howto_admin_noticeincludes\class-b2bking.php:119
authwp_ajax_b2bking_dismiss_conversations_howto_admin_noticeincludes\class-b2bking.php:120
authwp_ajax_b2bking_dismiss_rules_howto_admin_noticeincludes\class-b2bking.php:121
authwp_ajax_b2bking_dismiss_roles_howto_admin_noticeincludes\class-b2bking.php:122
authwp_ajax_b2bking_dismiss_fields_howto_admin_noticeincludes\class-b2bking.php:123
authwp_ajax_b2bking_dismiss_offers_howto_admin_noticeincludes\class-b2bking.php:124
authwp_ajax_b2bking_dismiss_onboarding_admin_noticeincludes\class-b2bking.php:126
authwp_ajax_b2bking_dismiss_review_admin_noticeincludes\class-b2bking.php:127
authwp_ajax_b2bking_dismiss_review_admin_notice_temporaryincludes\class-b2bking.php:128
authwp_ajax_b2bking_b2c_special_group_save_settingsincludes\class-b2bking.php:131
authwp_ajax_b2bking_logged_out_special_group_save_settingsincludes\class-b2bking.php:132
authwp_ajax_b2bking_admin_customers_ajaxincludes\class-b2bking.php:135
authwp_ajax_b2bkingupdateuserdataincludes\class-b2bking.php:138
authwp_ajax_b2bking_get_page_contentincludes\class-b2bking.php:141
authwp_ajax_b2bking_refresh_dashboard_dataincludes\class-b2bking.php:144
authwp_ajax_b2bking_reports_get_dataincludes\class-b2bking.php:147
authwp_ajax_b2bkingchangefieldincludes\class-b2bking.php:150
authwp_ajax_b2bking_clear_rules_cachesincludes\class-b2bking.php:152
authwp_ajax_b2bkingchangefieldrequiredincludes\class-b2bking.php:154
authwp_ajax_b2bkingsavefieldplaceholderincludes\class-b2bking.php:156
authwp_ajax_b2bkingsavefieldlabelincludes\class-b2bking.php:158
authwp_ajax_b2bking_save_posts_per_pageincludes\class-b2bking.php:160
authwp_ajax_b2bking_update_sort_menu_orderincludes\class-b2bking.php:162
WordPress Hooks 133
actionadmin_noticesadmin\class-b2bking-admin.php:8
actionadmin_noticesadmin\class-b2bking-admin.php:9
actionadmin_noticesadmin\class-b2bking-admin.php:10
actionadmin_noticesadmin\class-b2bking-admin.php:11
actionadmin_noticesadmin\class-b2bking-admin.php:12
actionadmin_noticesadmin\class-b2bking-admin.php:13
actionadmin_noticesadmin\class-b2bking-admin.php:14
actionadmin_noticesadmin\class-b2bking-admin.php:15
actionadmin_noticesadmin\class-b2bking-admin.php:18
actionadmin_enqueue_scriptsadmin\class-b2bking-admin.php:20
actionplugins_loadedadmin\class-b2bking-admin.php:23
filterenter_title_hereadmin\class-b2bking-admin.php:42
actioninitadmin\class-b2bking-admin.php:52
actionadd_meta_boxesadmin\class-b2bking-admin.php:54
actionsave_postadmin\class-b2bking-admin.php:56
filtermanage_b2bking_group_posts_columnsadmin\class-b2bking-admin.php:58
actionmanage_b2bking_group_posts_custom_columnadmin\class-b2bking-admin.php:60
actioninitadmin\class-b2bking-admin.php:64
actionadd_meta_boxesadmin\class-b2bking-admin.php:66
actionsave_postadmin\class-b2bking-admin.php:68
filtermanage_b2bking_rule_posts_columnsadmin\class-b2bking-admin.php:70
actionmanage_b2bking_rule_posts_custom_columnadmin\class-b2bking-admin.php:72
actioninitadmin\class-b2bking-admin.php:76
actionadd_meta_boxesadmin\class-b2bking-admin.php:78
actionsave_postadmin\class-b2bking-admin.php:80
filtermanage_b2bking_custom_role_posts_columnsadmin\class-b2bking-admin.php:82
actionmanage_b2bking_custom_role_posts_custom_columnadmin\class-b2bking-admin.php:84
actionuser_new_formadmin\class-b2bking-admin.php:89
actionshow_user_profileadmin\class-b2bking-admin.php:90
actionedit_user_profileadmin\class-b2bking-admin.php:91
actionpersonal_options_updateadmin\class-b2bking-admin.php:93
actionedit_user_profile_updateadmin\class-b2bking-admin.php:94
actionuser_registeradmin\class-b2bking-admin.php:95
filtermanage_users_columnsadmin\class-b2bking-admin.php:97
filtermanage_users_custom_columnadmin\class-b2bking-admin.php:99
actionproduct_cat_add_form_fieldsadmin\class-b2bking-admin.php:103
actionproduct_cat_edit_form_fieldsadmin\class-b2bking-admin.php:105
actionedited_product_catadmin\class-b2bking-admin.php:107
actioncreate_product_catadmin\class-b2bking-admin.php:108
actionadd_meta_boxesadmin\class-b2bking-admin.php:112
actionsave_postadmin\class-b2bking-admin.php:114
filterwoocommerce_order_get_formatted_billing_addressadmin\class-b2bking-admin.php:118
filterwoocommerce_product_data_tabsadmin\class-b2bking-admin.php:121
actionwoocommerce_product_data_panelsadmin\class-b2bking-admin.php:122
actionsave_postadmin\class-b2bking-admin.php:124
actionwoocommerce_product_options_pricingadmin\class-b2bking-admin.php:128
actionwoocommerce_process_product_metaadmin\class-b2bking-admin.php:129
actionwoocommerce_variation_options_pricingadmin\class-b2bking-admin.php:131
actionwoocommerce_save_product_variationadmin\class-b2bking-admin.php:132
actionin_admin_headeradmin\class-b2bking-admin.php:135
actionadmin_enqueue_scriptsadmin\class-b2bking-admin.php:140
actionadmin_enqueue_scriptsadmin\class-b2bking-admin.php:142
actionadmin_enqueue_scriptsadmin\class-b2bking-admin.php:144
actionadmin_initadmin\class-b2bking-admin.php:150
actionadmin_menuadmin\class-b2bking-admin.php:152
actioninitb2bking.php:36
actionplugins_loadedb2bking.php:61
actionadmin_noticesb2bking.php:67
actionbefore_woocommerce_initb2bking.php:75
filterplugin_localeincludes\class-b2bking-global-helper.php:1484
actionplugins_loadedincludes\class-b2bking.php:10
actionplugins_loadedincludes\class-b2bking.php:24
filterwoocommerce_product_get_priceincludes\class-b2bking.php:42
filterwoocommerce_product_get_regular_priceincludes\class-b2bking.php:43
filterwoocommerce_product_variation_get_regular_priceincludes\class-b2bking.php:45
filterwoocommerce_product_variation_get_priceincludes\class-b2bking.php:46
filterwoocommerce_variation_prices_priceincludes\class-b2bking.php:47
filterwoocommerce_variation_prices_regular_priceincludes\class-b2bking.php:48
filterwoocommerce_product_get_sale_priceincludes\class-b2bking.php:50
filterwoocommerce_product_variation_get_sale_priceincludes\class-b2bking.php:51
filterwoocommerce_variation_prices_priceincludes\class-b2bking.php:52
filterwoocommerce_variation_prices_sale_priceincludes\class-b2bking.php:53
filterwoocommerce_get_price_htmlincludes\class-b2bking.php:56
actionwoocommerce_before_calculate_totalsincludes\class-b2bking.php:58
filterwoocommerce_cart_item_priceincludes\class-b2bking.php:60
actionwoocommerce_cart_calculate_feesincludes\class-b2bking.php:71
filterwoocommerce_product_get_regular_priceincludes\class-b2bking.php:79
filterwoocommerce_product_variation_get_regular_priceincludes\class-b2bking.php:80
filterwoocommerce_product_get_sale_priceincludes\class-b2bking.php:82
filterwoocommerce_product_variation_get_sale_priceincludes\class-b2bking.php:83
filterwoocommerce_variation_prices_priceincludes\class-b2bking.php:84
filterwoocommerce_variation_prices_sale_priceincludes\class-b2bking.php:85
filterwoocommerce_get_variation_prices_hashincludes\class-b2bking.php:86
filterwoocommerce_get_price_htmlincludes\class-b2bking.php:89
actionwoocommerce_before_calculate_totalsincludes\class-b2bking.php:91
filterwoocommerce_cart_item_priceincludes\class-b2bking.php:93
filterwoocommerce_sale_flashincludes\class-b2bking.php:96
filterwoocommerce_email_classesincludes\class-b2bking.php:167
filterwoocommerce_email_actionsincludes\class-b2bking.php:169
filterdisplay_post_statesincludes\class-b2bking.php:172
filterwoocommerce_screen_idsincludes\class-b2bking.php:181
actionwoocommerce_created_customer_notificationincludes\emails\class-b2bking-new-customer-email.php:39
actionwoocommerce_created_customer_notificationincludes\emails\class-b2bking-new-customer-requires-approval-email.php:39
actionb2bking_new_message_notificationincludes\emails\class-b2bking-new-message-email.php:31
actionb2bking_account_approved_finish_notificationincludes\emails\class-b2bking-your-account-approved-email.php:34
actionplugins_loadedpublic\class-b2bking-public.php:10
actionwoocommerce_register_formpublic\class-b2bking-public.php:27
actionwoocommerce_after_checkout_billing_formpublic\class-b2bking-public.php:32
actionuser_registerpublic\class-b2bking-public.php:37
actionwoocommerce_created_customerpublic\class-b2bking-public.php:38
actionwoocommerce_registration_redirectpublic\class-b2bking-public.php:40
filterwoocommerce_process_login_errorspublic\class-b2bking-public.php:42
actionwoocommerce_thankyoupublic\class-b2bking-public.php:44
actionwoocommerce_email_footerpublic\class-b2bking-public.php:47
actionwoocommerce_cart_calculate_feespublic\class-b2bking-public.php:59
filterwoocommerce_product_get_regular_pricepublic\class-b2bking-public.php:68
filterwoocommerce_product_variation_get_regular_pricepublic\class-b2bking-public.php:69
filterwoocommerce_product_get_sale_pricepublic\class-b2bking-public.php:71
filterwoocommerce_product_variation_get_sale_pricepublic\class-b2bking-public.php:72
filterwoocommerce_variation_prices_pricepublic\class-b2bking-public.php:73
filterwoocommerce_variation_prices_sale_pricepublic\class-b2bking-public.php:74
filterwoocommerce_get_variation_prices_hashpublic\class-b2bking-public.php:75
filterwoocommerce_get_price_htmlpublic\class-b2bking-public.php:78
actionwoocommerce_before_calculate_totalspublic\class-b2bking-public.php:80
filterwoocommerce_cart_item_pricepublic\class-b2bking-public.php:82
filterwoocommerce_sale_flashpublic\class-b2bking-public.php:85
filterwoocommerce_product_get_pricepublic\class-b2bking-public.php:93
filterwoocommerce_product_get_regular_pricepublic\class-b2bking-public.php:94
filterwoocommerce_product_variation_get_regular_pricepublic\class-b2bking-public.php:96
filterwoocommerce_product_variation_get_pricepublic\class-b2bking-public.php:97
filterwoocommerce_variation_prices_pricepublic\class-b2bking-public.php:98
filterwoocommerce_variation_prices_regular_pricepublic\class-b2bking-public.php:99
filterwoocommerce_product_get_sale_pricepublic\class-b2bking-public.php:101
filterwoocommerce_product_variation_get_sale_pricepublic\class-b2bking-public.php:102
filterwoocommerce_variation_prices_pricepublic\class-b2bking-public.php:103
filterwoocommerce_variation_prices_sale_pricepublic\class-b2bking-public.php:104
filterwoocommerce_get_price_htmlpublic\class-b2bking-public.php:107
actionwoocommerce_before_calculate_totalspublic\class-b2bking-public.php:109
filterwoocommerce_cart_item_pricepublic\class-b2bking-public.php:111
filterwoocommerce_get_variation_prices_hashpublic\class-b2bking-public.php:112
actionwoocommerce_package_ratespublic\class-b2bking-public.php:122
filterwoocommerce_available_payment_gatewayspublic\class-b2bking-public.php:129
actionwp_enqueue_scriptspublic\class-b2bking-public.php:135
Maintenance & Trust

B2BKing — Ultimate WooCommerce B2B and Wholesale Solution — Dynamic Pricing, Wholesale Order Form & More Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 7, 2026
PHP min version5.6.20
Downloads222K

Community Trust

Rating98/100
Number of ratings98
Active installs10K
Alternatives

B2BKing — Ultimate WooCommerce B2B and Wholesale Solution — Dynamic Pricing, Wholesale Order Form & More Alternatives

Whols – Wholesale Prices and B2B Store Solution for WooCommerce

Whols – Wholesale Prices and B2B Store Solution for WooCommerce

whols

A
100

WooCommerce Wholesale plugin for WooCommerce wholesale pricing. It is a b2b plugin for WooCommerce. WooCommerce B2B or B2B + B2C hybrid Store Solution

1K No CVEs
Private Store for WooCommerce B2B & Wholesale by B2BKing

Private Store for WooCommerce B2B & Wholesale by B2BKing

b2bking-private-store-for-woocommerce

A
100

Hide prices for logged out users, or even hide the store completely! Perfect solution for Private, B2B, and Wholesale stores.

600 No CVEs
WholesaleX – Migration Tool

WholesaleX – Migration Tool

wholesalex-migration-tool

A
100

Move your B2B store's users, groups, dynamic rules, and more from existing Wholesale solutions to the ultimate WooCommerce B2B solution.

20 No CVEs
WholeSale Products Dynamic Pricing Management WooCommerce

WholeSale Products Dynamic Pricing Management WooCommerce

wholesale-products-dynamic-pricing-management-woocommerce

A
92

WholeSale Products Dynamic Pricing Management for Multiple User Roles plugin to manage WooCommerce B2B Store

10 No CVEs
B2B plugin for Woocommerce

B2B plugin for Woocommerce

b2b-for-woo

A
100

The "B2B plugin for Woocommerce" plugin is designed to help store owners easily manage both wholesale (B2B) and retail (B2C) customers withi &hellip;

0 No CVEs
Developer Profile

B2BKing — Ultimate WooCommerce B2B and Wholesale Solution — Dynamic Pricing, Wholesale Order Form & More Developer Profile

WebWizards

5 plugins · 12K total installs

74
trust score
Avg Security Score
93/100
Avg Patch Time
98 days
View full developer profile
Detection Fingerprints

How We Detect B2BKing — Ultimate WooCommerce B2B and Wholesale Solution — Dynamic Pricing, Wholesale Order Form & More

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/b2bking-wholesale-for-woocommerce/assets/css/b2bking-frontend.css/wp-content/plugins/b2bking-wholesale-for-woocommerce/assets/css/b2bking-frontend-responsive.css/wp-content/plugins/b2bking-wholesale-for-woocommerce/assets/js/b2bking-frontend.js/wp-content/plugins/b2bking-wholesale-for-woocommerce/assets/js/b2bking-admin-frontend.js
Version Parameters
/wp-content/plugins/b2bking-wholesale-for-woocommerce/assets/css/b2bking-frontend.css?ver=/wp-content/plugins/b2bking-wholesale-for-woocommerce/assets/css/b2bking-frontend-responsive.css?ver=/wp-content/plugins/b2bking-wholesale-for-woocommerce/assets/js/b2bking-frontend.js?ver=/wp-content/plugins/b2bking-wholesale-for-woocommerce/assets/js/b2bking-admin-frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
b2bking_notice_iconb2bking_notice_left_screenb2bking_notice_right_screenb2bking_notice_buttonb2bking_main_noticeb2bking-discount-tableb2bking-table-wrapperb2bking-customer-discount-row+7 more
HTML Comments
<!-- B2BKing Core --><!-- if B2BKING PRO EXISTS --><!-- if over 4.4, please activate --><!-- if under 4.4 please update plugin, very old and no activation yet -->+6 more
Data Attributes
data-b2bking-pricedata-b2bking-regular-pricedata-b2bking-discount-percentagedata-b2bking-roledata-b2bking-user-id
JS Globals
b2bking_frontend_params
REST Endpoints
/wp-json/b2bking/v1/get_customer_roles/wp-json/b2bking/v1/get_product_discount
Shortcode Output
<div class="b2bking-discount-table"><div class="b2bking-wholesale-price-display"><div class="b2bking-price-regulator-message">
FAQ

Frequently Asked Questions about B2BKing — Ultimate WooCommerce B2B and Wholesale Solution — Dynamic Pricing, Wholesale Order Form & More