WP-Safety

Buttonify-Dropshipping Security & Risk Analysis

wordpress.org/plugins/buttonify-dropshipping

Buttonify is a dropshipping app that allows you to find products from various wholesalers and add them to your WooCommerce store.

50 active installs v1.0.3 PHP 5.4+ WP 3.1+ Updated Mar 30, 2025
1688alibabaaliexpressdropshipdropshipping
92
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Buttonify-Dropshipping Safe to Use in 2026?

Generally Safe

Score 92/100

Buttonify-Dropshipping has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago
Risk Assessment

The buttonify-dropshipping plugin v1.0.3 presents a moderate security risk primarily due to its unprotected AJAX endpoints. While the plugin demonstrates good practices in output escaping and does not contain any known vulnerabilities or dangerous functions, the presence of three AJAX handlers without authentication checks is a significant concern. These unprotected entry points could potentially be leveraged by attackers to perform unauthorized actions or access sensitive information if they can be triggered externally. The taint analysis did reveal flows with unsanitized paths, but thankfully, these did not escalate to critical or high severity issues. The lack of historical vulnerabilities is a positive sign, suggesting a generally well-maintained codebase, but it does not negate the immediate risks posed by the identified unprotected AJAX handlers. Future development should prioritize implementing proper authentication and authorization checks for all AJAX endpoints to strengthen the plugin's security posture.

Key Concerns

  • Unprotected AJAX handlers
  • Taint flow with unsanitized path
  • SQL queries without prepared statements
Vulnerabilities
None known

Buttonify-Dropshipping Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Buttonify-Dropshipping Code Analysis

Dangerous Functions
0
Raw SQL Queries
2
0 prepared
Unescaped Output
0
36 escaped
Nonce Checks
3
Capability Checks
3
File Operations
1
External Requests
1
Bundled Libraries
0

SQL Query Safety

0% prepared2 total queries

Output Escaping

100% escaped36 total outputs
Data Flows
6 unsanitized

Data Flow Analysis

6 flows6 with unsanitized paths
buttonify_disconnect (Buttonify_AJAX.php:15)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
3 unprotected

Buttonify-Dropshipping Attack Surface

Entry Points3
Unprotected3

AJAX Handlers 3

authwp_ajax_buttonify_disconnectbuttonify.php:92
authwp_ajax_buttonify_connect_keybuttonify.php:93
authwp_ajax_buttonify_refreshbuttonify.php:94
WordPress Hooks 3
actionadmin_noticesbuttonify.php:40
actionplugins_loadedibuttonify.php:59
actionadmin_menuButtonify_Plugin.php:29
Maintenance & Trust

Buttonify-Dropshipping Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedMar 30, 2025
PHP min version5.4
Downloads1K

Community Trust

Rating0/100
Number of ratings0
Active installs50
Alternatives

Buttonify-Dropshipping Alternatives

Draply – Dropshipping & Wholesale

Draply – Dropshipping & Wholesale

draply

A
92

Find dropshipping and wholesale products from Aliexpress,Temu,Amazon, import them to your WooCommerce store in one click.fulfill orders automatically

30 No CVEs
ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce

ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce

woo-alidropship

A
99

Transfer data from AliExpress products to WooCommerce effortlessly and fulfill WooCommerce orders to AliExpress automatically.

10K 2 CVEs
AliExpress Dropshipping Plugin for WooCommerce – AliNext

AliExpress Dropshipping Plugin for WooCommerce – AliNext

ali2woo-lite

A
91

AliExpress Dropshipping Plugin for WooCommerce lets you import products, reviews, images, set rules, and automate orders

4K 7 CVEs
Importify – AI Dropshipping for WooCommerce

Importify – AI Dropshipping for WooCommerce

importify

A
100

Importify is a dropshipping app that allows you to find products from a variety of wholesalers, add them to your WooCommerce store, and sell them onli …

2K 1 CVE
EPROLO-Dropshipping

EPROLO-Dropshipping

eprolo-dropshipping

A
98

EPROLO dropshipping allows to import products from Aliexpress or EPROLO to wordpress, woocommerce in one click.

1K 2 CVEs
Developer Profile

Buttonify-Dropshipping Developer Profile

Buttonify

1 plugin · 50 total installs

88
trust score
Avg Security Score
92/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Buttonify-Dropshipping

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/buttonify-dropshipping/css/bootstrap.min.css/wp-content/plugins/buttonify-dropshipping/css/main.css/wp-content/plugins/buttonify-dropshipping/js/startup.js/wp-content/plugins/buttonify-dropshipping/js/bootstrap.min.js
Script Paths
/wp-content/plugins/buttonify-dropshipping/js/startup.js/wp-content/plugins/buttonify-dropshipping/js/bootstrap.min.js
Version Parameters
/wp-content/plugins/buttonify-dropshipping/js/startup.js?ver=/wp-content/plugins/buttonify-dropshipping/js/bootstrap.min.js?ver=/wp-content/plugins/buttonify-dropshipping/css/bootstrap.min.css?ver=/wp-content/plugins/buttonify-dropshipping/css/main.css?ver=

HTML / DOM Fingerprints

CSS Classes
buttonify_logo
Data Attributes
id="buttonify_store_token"id="buttonify_connected"id="buttonify_shop_url"id="buttonify_user_id"id="buttonify_file_url"name="buttonify_nonce_field"
JS Globals
ajax_startup
REST Endpoints
wp-json/buttonify/v1/products
FAQ

Frequently Asked Questions about Buttonify-Dropshipping