Does BeyondCart Connector have any unpatched vulnerabilities?

No. All known vulnerabilities in BeyondCart Connector have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is BeyondCart Connector compatible with WordPress 6.8.5?

According to WordPress.org data, BeyondCart Connector 3.1.2 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is BeyondCart Connector compatible with PHP 7.4+?

BeyondCart Connector requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is BeyondCart Connector updated?

BeyondCart Connector was last updated on Nov 20, 2025. Frequent updates are generally a positive security signal.

What is BeyondCart Connector's security score?

BeyondCart Connector has a WP-Safety security score of 95/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

BeyondCart Connector Security & Risk Analysis

wordpress.org/plugins/beyondcart

Transform your eCommerce to a mobile app instantly and build customers for life! Analyze their behavior and drive repeat sales with targeted push noti …

20 active installs v3.1.2 PHP 7.4+ WP + Updated Nov 20, 2025

beyondcartengagement-platformmobile-appmobile-app-for-woocommercepush-notifications

A · Safe

CVEs total1

Unpatched0

Last CVESep 10, 2025

Plugin page Download

Safety Verdict

Is BeyondCart Connector Safe to Use in 2026?

Generally Safe

Score 95/100

BeyondCart Connector has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Sep 10, 2025Updated 4mo ago

Risk Assessment

The BeyondCart plugin, at version 3.1.2, exhibits a mixed security posture. While it shows strengths in its use of prepared statements for SQL queries and proper output escaping, significant concerns arise from its static analysis and vulnerability history. The presence of the `unserialize` function, especially without readily apparent nonce checks on potential input sources, is a notable risk. Taint analysis revealing a high number of flows with unsanitized paths, even if not critical, indicates a potential for vulnerabilities if malicious input were to reach these points. The plugin's vulnerability history, including a past critical CVE related to hard-coded credentials, suggests a pattern of past security weaknesses. While there are currently no unpatched CVEs and the attack surface appears limited in terms of entry points, the combination of a dangerous function, potential for unsanitized data flow, and past critical issues warrants careful consideration and vigilance.

Key Concerns

Dangerous function: unserialize used
High number of unsanitized taint flows
Past critical CVE: Hard-coded Credentials
No nonce checks on potential input
Bundled library (Stripe PHP) potential outdatedness

Vulnerabilities

BeyondCart Connector Security Vulnerabilities

CVEs by Year

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Critical

1 total CVE

CVE-2025-8570critical · 9.8Use of Hard-coded Credentials

BeyondCart Connector <= 3.0.1 - Missing Configuration of JWT Secret to Unauthenticated Privilege Escalation via determine_current_user Filter

Sep 10, 2025 Patched in 3.0.2 (16d)

Code Analysis

Analyzed Mar 16, 2026

BeyondCart Connector Code Analysis

Dangerous Functions

Raw SQL Queries

24 prepared

Unescaped Output

108 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$settings = unserialize($settings_serialized);Includes\Integrations\FlycartWooDiscountRules\FlycartWooDiscountRulesIntegration.php:122

Bundled Libraries

Stripe PHP

SQL Query Safety

86% prepared28 total queries

Output Escaping

91% escaped119 total outputs

Data Flows

9 unsanitized

Data Flow Analysis

10 flows9 with unsanitized paths

add_mobile_parameter_hook (Api\Auth.php:212)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

BeyondCart Connector Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 101

actionwpAdmin\Categories.php:16

actioncron_update_cached_terms_by_categoryAdmin\Categories.php:18

actioninitAdmin\Categories.php:23

filterwoocommerce_rest_product_tag_queryAdmin\Categories.php:29

actionwoocommerce_coupon_optionsAdmin\Coupons.php:12

actionwoocommerce_coupon_options_saveAdmin\Coupons.php:21

filterwoocommerce_coupon_is_validAdmin\Coupons.php:33

actionadmin_menuAdmin\Nav.php:13

filtermanage_edit-shop_order_columnsAdmin\Orders.php:15

actionmanage_shop_order_posts_custom_columnAdmin\Orders.php:27

filtermanage_woocommerce_page_wc-orders_columnsAdmin\Orders.php:49

actionmanage_woocommerce_page_wc-orders_custom_columnAdmin\Orders.php:61

filterwoocommerce_checkout_fieldsAdmin\Orders.php:127

filterwoocommerce_checkout_get_valueAdmin\Orders.php:137

actionwoocommerce_checkout_update_order_metaAdmin\Orders.php:152

actionwoocommerce_admin_order_data_after_billing_addressAdmin\Orders.php:165

filterwoocommerce_rest_prepare_shop_order_objectAdmin\Orders.php:181

actionadmin_noticesAdmin\Pages.php:102

actionadmin_noticesAdmin\Pages.php:108

actionwoocommerce_initAdmin\Shipping.php:20

actionwoocommerce_initAdmin\Shipping.php:56

actionwoocommerce_initAdmin\Shipping.php:107

actionwp_enqueue_scriptsAdmin\SmartBanner.php:17

actionwp_headAdmin\SmartBanner.php:18

actionwp_footerAdmin\SmartBanner.php:19

actiontemplate_redirectApi\Auth.php:214

filterwoocommerce_get_checkout_urlApi\Auth.php:304

actionwpApi\Auth.php:351

actionshutdownApi\Cart.php:369

filterwoocommerce_coupon_is_validApi\Cart.php:397

filterwoocommerce_coupon_is_validApi\Cart.php:427

filterwoocommerce_coupon_is_validApi\Cart.php:479

filterwoocommerce_coupon_is_validApi\Cart.php:489

filterwoocommerce_coupon_is_validApi\Cart.php:496

filterwoocommerce_coupon_is_validApi\Cart.php:514

filterwoocommerce_coupon_is_validApi\Cart.php:550

filterwoocommerce_coupon_is_validApi\Cart.php:600

filterwoocommerce_coupon_is_validApi\Cart.php:611

filterwoocommerce_coupon_is_validApi\Cart.php:620

filterwoocommerce_coupon_is_validApi\Cart.php:630

filterwoocommerce_coupon_is_validApi\Cart.php:636

filterwoocommerce_coupon_is_validApi\Cart.php:662

filterwoocommerce_coupon_is_validApi\Cart.php:673

filterwoocommerce_coupon_is_validApi\Cart.php:679

filterwoocommerce_coupon_is_validApi\Cart.php:704

filterwoocommerce_coupon_is_validApi\Cart.php:717

filterwoocommerce_coupon_is_validApi\Cart.php:734

filterwoocommerce_coupon_is_validApi\Cart.php:807

filterwoocommerce_coupon_is_validApi\Cart.php:834

filterwoocommerce_coupon_is_validApi\Cart.php:845

filterwoocommerce_coupon_is_validApi\Cart.php:863

filterposts_clausesApi\Category.php:112

filterposts_clausesApi\Category.php:115

filterposts_clausesApi\Category.php:118

filterposts_clausesApi\Category.php:297

filterposts_clausesApi\Category.php:300

filterposts_clausesApi\Category.php:303

actionpre_get_postsApi\Category.php:418

actionshutdownIncludes\BeyondCartSessionHandler.php:68

actionwp_logoutIncludes\BeyondCartSessionHandler.php:70

filternonce_user_logged_outIncludes\BeyondCartSessionHandler.php:73

filterwoocommerce_rest_prepare_product_variation_objectIncludes\Integrations\FlycartWooDiscountRules\FlycartWooDiscountRulesIntegration.php:12

filterwoocommerce_rest_prepare_product_objectIncludes\Integrations\FlycartWooDiscountRules\FlycartWooDiscountRulesIntegration.php:14

filterwoocommerce_rest_prepare_product_objectIncludes\Integrations\FlycartWooDiscountRules\FlycartWooDiscountRulesIntegration.php:16

actionrest_api_initIncludes\Loader.php:31

actionrest_api_initIncludes\Loader.php:42

filterdigits_rest_token_dataIncludes\Loader.php:43

actionrest_api_initIncludes\Loader.php:48

actionrest_api_initIncludes\Loader.php:49

filterrest_prepare_postIncludes\Loader.php:50

actionwp_loadedIncludes\Loader.php:54

actionrest_api_initIncludes\Loader.php:55

filterwoocommerce_persistent_cart_enabledIncludes\Loader.php:56

actionwoocommerce_load_cart_from_sessionIncludes\Loader.php:57

actionrest_api_initIncludes\Loader.php:61

actionwoocommerce_thankyouIncludes\Loader.php:62

actionwp_enqueue_scriptsIncludes\Loader.php:63

actionrest_api_initIncludes\Loader.php:72

filterdetermine_current_userIncludes\Loader.php:73

actionrest_api_initIncludes\Loader.php:77

filterwoocommerce_rest_product_object_queryIncludes\Loader.php:78

actionrest_api_initIncludes\Loader.php:82

filterwoocommerce_rest_prepare_product_objectIncludes\Loader.php:83

filterwoocommerce_rest_prepare_product_catIncludes\Loader.php:84

filterthe_titleIncludes\Loader.php:85

filterwoocommerce_rest_product_variation_object_queryIncludes\Loader.php:88

filterwoocommerce_rest_prepare_product_variation_objectIncludes\Loader.php:89

filterwoocommerce_rest_prepare_product_attributeIncludes\Loader.php:92

filterwoocommerce_rest_prepare_pa_colorIncludes\Loader.php:93

filterwoocommerce_rest_prepare_pa_imageIncludes\Loader.php:94

actionrest_api_initIncludes\Loader.php:98

filterwcml_client_currencyIncludes\Loader.php:104

actionrest_api_initIncludes\Loader.php:120

actionbefore_woocommerce_initIncludes\Loader.php:124

actionwoocommerce_store_api_cart_loaded_from_sessionIncludes\Loader.php:131

actionplugins_loadedIncludes\Loader.php:178

filterwoocommerce_rest_customer_queryIncludes\Loader.php:184

filterwoocommerce_rest_product_object_queryIncludes\Loader.php:200

filterwoocommerce_rest_orders_prepare_object_queryIncludes\Loader.php:214

actionwp_headIncludes\Tracking.php:54

actionwp_footerIncludes\Tracking.php:56

Scheduled Events 1

cron_update_cached_terms_by_category

Maintenance & Trust

BeyondCart Connector Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedNov 20, 2025

PHP min version7.4

Downloads3K

Community Trust

Rating0/100

Number of ratings0

Active installs20

Alternatives

BeyondCart Connector Alternatives

Progressify – All-in-One Progressive Web App (PWA) on Autopilot

progressify

100

Turn your site into an app-like PWA with install prompts, offline use, push notifications, and more to boost engagement, repeat visits, and sales.

100 No CVEs

AppiFire for Mobile Apps

appifire-for-mobile-apps

This plugin is developed for AppiFire app users. AppiFire product convert your WordPress website into Android & iOS app.

0 No CVEs

Direktt

direktt

100

Connect your WordPress site to the Direktt mobile customer care platform for instant messaging and real-time user engagement.

0 No CVEs

OneSignal – Web Push Notifications

onesignal-free-web-push-notifications

Increase engagement and drive more repeat traffic to your WordPress site with push notifications. Now a WordPress VIP Gold Partner.

70K 2 CVEs

PushEngage – Web Push notification, WA Automation & Multi-Channel Chat Widget ( WA, Messenger, X, Telegram, TikTok & More)

pushengage

100

Send order updates, recover abandoned carts, and boost retention with push notifications, WhatsApp automation + multichannel Chat widget.

10K No CVEs

Developer Profile

BeyondCart Connector Developer Profile

beyondcart

1 plugin · 20 total installs

trust score

Avg Security Score

95/100

Avg Patch Time

16 days

View full developer profile

Detection Fingerprints

How We Detect BeyondCart Connector

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/beyondcart/Public/smartbanner/smartbanner.min.css/wp-content/plugins/beyondcart/Public/smartbanner/smartbanner.min.js/wp-content/plugins/beyondcart/Public/smartbanner/appdesktopbanner.css/wp-content/plugins/beyondcart/Public/smartbanner/appdesktopbanner.js

Script Paths

/wp-content/plugins/beyondcart/Public/smartbanner/smartbanner.min.js/wp-content/plugins/beyondcart/Public/smartbanner/appdesktopbanner.js

HTML / DOM Fingerprints

CSS Classes

smartbanner

HTML Comments

Data Attributes

name="smartbanner:disable-positioning"content="true"name="smartbanner:title"name="smartbanner:author"name="smartbanner:price"content=" "+11 more

FAQ

BeyondCart Connector Security & Risk Analysis

Is BeyondCart Connector Safe to Use in 2026?

Generally Safe

Key Concerns

BeyondCart Connector Security Vulnerabilities

CVEs by Year

Severity Breakdown

BeyondCart Connector Code Analysis

Dangerous Functions Found

Bundled Libraries

SQL Query Safety

Output Escaping

Data Flow Analysis

BeyondCart Connector Attack Surface

Scheduled Events 1

BeyondCart Connector Maintenance & Trust

Maintenance Signals

Community Trust

BeyondCart Connector Alternatives

Progressify – All-in-One Progressive Web App (PWA) on Autopilot

AppiFire for Mobile Apps

Direktt

OneSignal – Web Push Notifications

PushEngage – Web Push notification, WA Automation & Multi-Channel Chat Widget ( WA, Messenger, X, Telegram, TikTok & More)

BeyondCart Connector Developer Profile

How We Detect BeyondCart Connector

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about BeyondCart Connector