WP-Safety

C4D Woo Quickview Security & Risk Analysis

wordpress.org/plugins/c4d-woo-quickview

Create quickview button for product.

10 active installs v2.1.0 PHP + WP 4.0+ Updated Jul 25, 2018
e-commerceecommercefree-quick-viewthemewoocommerce
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is C4D Woo Quickview Safe to Use in 2026?

Generally Safe

Score 85/100

C4D Woo Quickview has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7yr ago
Risk Assessment

The "c4d-woo-quickview" plugin version 2.1.0 exhibits a mixed security posture. On the positive side, it demonstrates good practices regarding SQL queries, utilizing prepared statements exclusively, and shows no history of known vulnerabilities (CVEs). There are also no recorded file operations or external HTTP requests, which are common vectors for exploits. However, the static analysis reveals significant concerns related to its attack surface. Two of the three identified entry points, specifically AJAX handlers, lack authentication checks. This leaves them exposed to unauthorized access and potential exploitation if they handle sensitive data or actions. Additionally, while taint analysis did not uncover critical or high severity issues, the presence of two flows with unsanitized paths warrants attention, as these could potentially lead to vulnerabilities if combined with other weaknesses or specific input.

In conclusion, while the plugin benefits from a clean vulnerability history and secure SQL practices, the unprotected AJAX endpoints represent a tangible and immediate risk. The unsanitized paths, though not flagged as critical, suggest a need for more robust input validation. The plugin would be significantly more secure if these entry points were properly authenticated and their data flows thoroughly sanitized.

Key Concerns

  • Unprotected AJAX handlers
  • Flows with unsanitized paths
  • Missing nonce checks on AJAX
  • Missing capability checks
Vulnerabilities
None known

C4D Woo Quickview Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

C4D Woo Quickview Release Timeline

v2.0.0
v1.0.0
Code Analysis
Analyzed Apr 16, 2026

C4D Woo Quickview Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
4
9 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

69% escaped13 total outputs
Data Flows · Security
2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths
c4d_woo_qv_get_product (c4d-woo-quickview.php:46)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

C4D Woo Quickview Attack Surface

Entry Points3
Unprotected2

AJAX Handlers 2

authwp_ajax_c4d_woo_qv_get_productc4d-woo-quickview.php:15
noprivwp_ajax_c4d_woo_qv_get_productc4d-woo-quickview.php:16

Shortcodes 1

[c4d-woo-qv] c4d-woo-quickview.php:18
WordPress Hooks 2
actionwp_enqueue_scriptsc4d-woo-quickview.php:14
filterplugin_row_metac4d-woo-quickview.php:17
Maintenance & Trust

C4D Woo Quickview Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29
Last updatedJul 25, 2018
PHP min version
Downloads2K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

C4D Woo Quickview Alternatives

C4D Woo Category Grid Zoom

C4D Woo Category Grid Zoom

c4d-woo-category-grid-zoom

A
85

Zoom In Out product in category page

10 No CVEs
C4D Woo Category Product Perpage

C4D Woo Category Product Perpage

c4d-woo-category-product-perpage

A
85

Add a product per page box at Woocommerce category page.

10 No CVEs
C4D Woo Compare

C4D Woo Compare

c4d-woo-compare

A
85

Add quickview button for product.

10 No CVEs
Klarna for WooCommerce

Klarna for WooCommerce

klarna-payments-for-woocommerce

A
100

Grow your business for increased sales and enhanced shopping experiences at no extra costs.

30K 1 CVE
Conversion Tracking for WooCommerce

Conversion Tracking for WooCommerce

woocommerce-conversion-tracking

A
98

Adds various conversion tracking codes to cart, checkout, registration success and product page on WooCommerce

20K 4 CVEs
Developer Profile

C4D Woo Quickview Developer Profile

coffee4dev

26 plugins · 470 total installs

84
trust score
Avg Security Score
86/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect C4D Woo Quickview

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/c4d-woo-quickview/assets/default.css/wp-content/plugins/c4d-woo-quickview/assets/default.js/wp-content/plugins/c4d-woo-quickview/libs/jquery.fancybox.min.css/wp-content/plugins/c4d-woo-quickview/libs/jquery.fancybox.min.js/wp-content/plugins/c4d-woo-quickview/libs/slick/slick.css/wp-content/plugins/c4d-woo-quickview/libs/slick/slick-theme.css/wp-content/plugins/c4d-woo-quickview/libs/slick/slick.js
Script Paths
/wp-content/plugins/c4d-woo-quickview/assets/default.js/wp-content/plugins/c4d-woo-quickview/libs/jquery.fancybox.min.js/wp-content/plugins/c4d-woo-quickview/libs/slick/slick.js

HTML / DOM Fingerprints

CSS Classes
c4d-woo-qv__linkc4d-woo-qv
Data Attributes
data-uiddata-product_id
JS Globals
c4d_woo_qv
Shortcode Output
<a rel="group" href="#[a-z0-9-]+" data-uid="#[a-z0-9-]+" data-product_id="[0-9]+" class="c4d-woo-qv__link" href="[^"]+"><span class="loading"><i class="fa fa-sun-o fa-spin"></i></span><span class="icon [^"]*"></span>
FAQ

Frequently Asked Questions about C4D Woo Quickview