Does Booking Commerce have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Booking Commerce compatible with WordPress 6.9.4?

According to WordPress.org data, Booking Commerce 1.2.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Booking Commerce compatible with PHP 7.4+?

Booking Commerce requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Booking Commerce updated?

Booking Commerce was last updated on Unknown. Frequent updates are generally a positive security signal.

What is Booking Commerce's security score?

Booking Commerce has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Booking Commerce Security & Risk Analysis

wordpress.org/plugins/booking-commerce

The "Booking Commerce Plugin" adds a booking widget to WordPress, letting admins choose display pages for seamless booking portal integration.

10 active installs v1.2.0 PHP 7.4+ WP 6.7+ Updated Unknown

bookingbooking-commercecommercee-commerceonline-booking

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Booking Commerce Safe to Use in 2026?

Generally Safe

Score 100/100

Booking Commerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The booking-commerce plugin v1.2.0 exhibits a strong security posture based on the provided static analysis. The absence of dangerous functions, raw SQL queries, file operations, and external HTTP requests are all positive indicators. Furthermore, the high percentage of properly escaped output and the presence of nonce and capability checks demonstrate good development practices for handling potential security risks. The plugin also benefits from a very small attack surface, with only one shortcode and no unprotected entry points.

While the static analysis reveals no immediate critical or high-severity issues, the overall assessment is slightly tempered by the presence of a bundled library, Select2. Though not explicitly flagged as outdated or vulnerable in this report, bundled libraries can introduce risks if not properly managed and updated. The complete lack of historical vulnerabilities is a significant strength, suggesting a consistent commitment to security or a relatively new plugin.

In conclusion, booking-commerce v1.2.0 appears to be a securely developed plugin with a minimal attack surface and good security practices implemented. The primary area for potential improvement or continued vigilance would be the management of bundled libraries. The lack of any recorded vulnerabilities in its history is a strong positive signal.

Key Concerns

Bundled library (Select2)

Vulnerabilities

None known

Booking Commerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Booking Commerce Release Timeline

No version history available.

Code Analysis

Analyzed Mar 16, 2026

Booking Commerce Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

31 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Select2

Output Escaping

91% escaped34 total outputs

Data Flows · Security

All sanitized

Data Flow Analysis

2 flows

wkbooking_handle_form_submission (includes\admin\class-wkbooking-admin-function-handler.php:179)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Booking Commerce Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[book_widget] includes\admin\class-wkbooking-admin-function-handler.php:242

WordPress Hooks 13

actionwidgets_initbooking-commerce.php:56

actionplugins_loadedbooking-commerce.php:60

actioninitincludes\admin\class-wkbooking-admin-function-handler.php:35

actionadmin_enqueue_scriptsincludes\admin\class-wkbooking-admin-hook-handler.php:33

actionadmin_menuincludes\admin\class-wkbooking-admin-hook-handler.php:34

actionadmin_initincludes\admin\class-wkbooking-admin-hook-handler.php:36

actionwkbooking_render_settings_generalincludes\admin\class-wkbooking-admin-hook-handler.php:39

actionwkbooking_render_settings_servicesincludes\admin\class-wkbooking-admin-hook-handler.php:42

actionwkbooking_render_settings_extensionsincludes\admin\class-wkbooking-admin-hook-handler.php:43

actionadmin_post_save_booking_linkincludes\admin\class-wkbooking-admin-hook-handler.php:46

filterplugin_row_metaincludes\admin\class-wkbooking-admin-hook-handler.php:50

filterthe_contentincludes\admin\class-wkbooking-admin-hook-handler.php:54

actioninitincludes\class-wkbooking-booking-commerce.php:53

Maintenance & Trust

Booking Commerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedUnknown

PHP min version7.4

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Booking Commerce Alternatives

Cinema Seat Reservation For WooCommerce

cinema-seat-reservation

100

Cinema Seat Reservation for WooCommerce is a powerful and versatile plugin designed to enhance your online store's capabilities.

10 No CVEs

Pidex

pidex

Pidex enables you to send a parcel booking request to Pidex directly from your WooCommerce orders or automatically after checkout.

0 No CVEs

Product Filter for WooCommerce by WBW

woo-product-filter

Filter products by categories, attributes, prices, and more. Elementor Compatibility. Shoppers easily find products with WooCommerce Product Filter

60K 9 CVEs

WCBoost – Wishlist

wcboost-wishlist

100

WCBoost - Wishlist lets shoppers create wishlists for later purchases, reminding them of desired items, driving repeat visits and boost sales.

40K No CVEs

Klarna for WooCommerce

klarna-payments-for-woocommerce

100

Grow your business for increased sales and enhanced shopping experiences at no extra costs.

30K 1 CVE

Developer Profile

Booking Commerce Developer Profile

Webkul

2 plugins · 20 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Booking Commerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/booking-commerce/assets/css/booking-commerce.css/wp-content/plugins/booking-commerce/assets/js/booking-commerce.js/wp-content/plugins/booking-commerce/assets/js/main.js/wp-content/plugins/booking-commerce/assets/images/wordpress-booking-plugin-webkul_1.png

Script Paths

/wp-content/plugins/booking-commerce/assets/js/booking-commerce.js/wp-content/plugins/booking-commerce/assets/js/main.js

Version Parameters

booking-commerce/assets/css/booking-commerce.css?ver=booking-commerce/assets/js/booking-commerce.js?ver=booking-commerce/assets/js/main.js?ver=

HTML / DOM Fingerprints

CSS Classes

wkbc-headerwkbc-logo

Data Attributes

name="wkbooking_link"name="wkbooking_selected_pages"

JS Globals

WKBOOKING_PLUGIN_URL

FAQ