Brillocraft Connector Security & Risk Analysis
wordpress.org/plugins/brillocraft-connectorA secure connector plugin that enables WooCommerce stores to integrate with the Brillocraft mobile app builder platform.
Is Brillocraft Connector Safe to Use in 2026?
Generally Safe
Score 100/100Brillocraft Connector has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The brillocraft-connector plugin v1.0.0 exhibits a mixed security posture. On the positive side, it demonstrates strong coding practices by not using dangerous functions, all SQL queries utilize prepared statements, and output escaping is consistently applied. The absence of file operations and external HTTP requests also reduces potential attack vectors. However, a significant concern arises from the presence of 6 REST API routes, with 4 of them lacking proper permission callbacks. This creates an unprotected attack surface that could be exploited by unauthenticated users. The static analysis found no critical or high-severity taint flows, and the vulnerability history is clean, indicating no known exploitable issues. Despite these strengths, the unprotected REST API routes represent a clear and present risk that needs immediate attention. The plugin's lack of a security history, while generally a good sign, also means there's no long-term track record to fully gauge its resilience against future, unknown vulnerabilities. The focus should be on securing these exposed REST API endpoints.
Key Concerns
- Unprotected REST API routes
- No nonce checks on entry points
- No capability checks on REST API routes
Brillocraft Connector Security Vulnerabilities
Brillocraft Connector Code Analysis
Brillocraft Connector Attack Surface
REST API Routes 6
WordPress Hooks 7
Maintenance & Trust
Brillocraft Connector Maintenance & Trust
Maintenance Signals
Community Trust
Brillocraft Connector Alternatives
WooCommerce Legacy REST API
woocommerce-legacy-rest-api
The WooCommerce Legacy REST API, which is now part of WooCommerce itself but will be removed in WooCommerce 9.0.
Bit integrations – Easy Automator with no-code automation, integrate Webhook and automate 300+ Platform
bit-integrations
Perfect Automation and integration plugin: Connect 300+ platforms and automate CRM, Email marketing tools, Google Sheets, Contact forms, LMS and more
AppMySite – WordPress & WooCommerce Mobile App Builder (No-Code Android & iOS App Maker)
appmysite
Turn your WordPress or WooCommerce site into a native Android & iOS app in minutes — no coding required.
MStore API – Create Native Android & iOS Apps On The Cloud
mstore-api
Take your WordPress store mobile with MStore API! This plugin bridges the gap between your WordPress website and the powerful FluxBuilder app builder.
CoCart – Headless REST API for WooCommerce
cart-rest-api-for-woocommerce
A developer-first REST API to decouple WooCommerce on the frontend to help build modern and scalable storefronts. Fast, secure, customizable, easy.
Brillocraft Connector Developer Profile
1 plugin · 0 total installs
How We Detect Brillocraft Connector
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
HTML / DOM Fingerprints
wraptarget="_blank"/wp-json/brillocraft/v1/forgot-password/wp-json/brillocraft/v1/login/wp-json/brillocraft/v1/me/wp-json/brillocraft/v1/delete-account/wp-json/brillocraft/v1/ping/wp-json/brillocraft/v1/validate-password