WP-Safety

Carousel Upsells and Related Product for Woocommerce Security & Risk Analysis

wordpress.org/plugins/carousel-upsells-and-related-product-for-woocommerce

The plugin replaces the standard related and upsells products on carousel slider using a script glide.js that does not depend on the jquery, which muc …

1K active installs v0.4.6 PHP 5.6+ WP 4.8+ Updated Nov 10, 2021
carouselproduct-carouselrelated-carouselupsells-carouselwoocommerce-carousel
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Carousel Upsells and Related Product for Woocommerce Safe to Use in 2026?

Generally Safe

Score 85/100

Carousel Upsells and Related Product for Woocommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago
Risk Assessment

The plugin "carousel-upsells-and-related-product-for-woocommerce" version 0.4.6 exhibits a mixed security posture. While the static analysis indicates a small attack surface with no apparent REST API routes, shortcodes, or cron events, and no critical or high severity taint flows, there are significant concerns within the code signals. Notably, 100% of the output strings are not properly escaped, creating a high risk of Cross-Site Scripting (XSS) vulnerabilities. Furthermore, the single SQL query identified is not using prepared statements, which is a common vector for SQL injection attacks. The absence of nonce checks on the AJAX handlers is another critical oversight, leaving these entry points susceptible to Cross-Site Request Forgery (CSRF) attacks. The plugin's vulnerability history is clean, with no recorded CVEs, which is a positive indicator. However, this lack of history could also mean it hasn't been extensively targeted or analyzed. Overall, the absence of proper output escaping and the use of raw SQL queries, combined with the lack of nonce checks on AJAX endpoints, pose substantial security risks that need immediate attention.

Key Concerns

  • 100% of output strings unescaped
  • SQL query not using prepared statements
  • 0 Nonce checks on AJAX handlers
Vulnerabilities
None known

Carousel Upsells and Related Product for Woocommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Carousel Upsells and Related Product for Woocommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
1
0 prepared
Unescaped Output
112
0 escaped
Nonce Checks
0
Capability Checks
4
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

0% prepared1 total queries

Output Escaping

0% escaped112 total outputs
Attack Surface

Carousel Upsells and Related Product for Woocommerce Attack Surface

Entry Points3
Unprotected0

AJAX Handlers 3

authwp_ajax_i_have_related_and_upsellsincludes\ffxf_related_and_upsells_rate.php:44
authwp_ajax_remind_me_later_related_and_upsellsincludes\ffxf_related_and_upsells_rate.php:53
authwp_ajax_leave_feedback_related_and_upsellsincludes\ffxf_related_and_upsells_rate.php:62
WordPress Hooks 24
actioninitffxf-woo-glide-related-and-upsells.php:43
actionupgrader_process_completeffxf-woo-glide-related-and-upsells.php:89
actionadmin_noticesffxf-woo-glide-related-and-upsells.php:91
actionwp_enqueue_scriptsffxf-woo-glide-related-and-upsells.php:149
actionwp_enqueue_scriptsffxf-woo-glide-related-and-upsells.php:156
filterwoocommerce_locate_templateffxf-woo-glide-related-and-upsells.php:169
filterwoocommerce_locate_templateffxf-woo-glide-related-and-upsells.php:183
filterwoocommerce_output_related_products_argsffxf-woo-glide-related-and-upsells.php:186
actionadmin_enqueue_scriptsffxf-woo-glide-related-and-upsells.php:235
filterplugin_action_linksffxf-woo-glide-related-and-upsells.php:258
actionadmin_enqueue_scriptsffxf-woo-glide-related-and-upsells.php:283
actionwoocommerce_settings_productsffxf-woo-glide-related-and-upsells.php:630
actionadmin_enqueue_scriptsffxf-woo-glide-related-and-upsells.php:648
filterwoocommerce_upsell_display_argsffxf-woo-glide-related-and-upsells.php:660
filterwoocommerce_output_related_products_argsffxf-woo-glide-related-and-upsells.php:676
actioninitffxf-woo-glide-related-and-upsells.php:690
actionwoocommerce_after_single_product_summaryffxf-woo-glide-related-and-upsells.php:703
actionadmin_noticesincludes\ffxf_related_and_upsells_rate.php:6
filterwoocommerce_get_sections_productsincludes\option_plugin_related.php:12
filterwoocommerce_get_settings_productsincludes\option_plugin_related.php:31
filterwoocommerce_get_sections_productsincludes\option_plugin_upsells.php:11
filterwoocommerce_get_settings_productsincludes\option_plugin_upsells.php:30
actionwp_footerincludes\related.php:30
actionwp_footerincludes\up-sells.php:31
Maintenance & Trust

Carousel Upsells and Related Product for Woocommerce Maintenance & Trust

Maintenance Signals

WordPress version tested5.8.13
Last updatedNov 10, 2021
PHP min version5.6
Downloads31K

Community Trust

Rating98/100
Number of ratings65
Active installs1K
Alternatives

Carousel Upsells and Related Product for Woocommerce Alternatives

Product Carousel Slider & Grid Ultimate for WooCommerce

Product Carousel Slider & Grid Ultimate for WooCommerce

woo-product-carousel-slider-and-grid-ultimate

A
86

The most intuitive solution to make your eCommerce site visually appealing. Create & customize WooCommerce product carousel, sliders, or grids easily

7K 6 CVEs
WPB Product Slider for WooCommerce

WPB Product Slider for WooCommerce

wpb-woocommerce-product-slider

A
100

Display WooCommerce products in a responsive slider or carousel with customizable layouts to boost engagement and improve product browsing.

5K No CVEs
Product Carousel For WooCommerce – WoorouSell

Product Carousel For WooCommerce – WoorouSell

woorousell

A
91

WoorouSell allows you to showcase your woocommerce products in a beautiful and responsive carousel format!

300 1 CVE
TWI Woocommerce Grid/Slider/Carousel Lite

TWI Woocommerce Grid/Slider/Carousel Lite

twi-woocommerce-gridslidercarousel-lite

A
85

Requires PHP: 5.6 Stable tag: 2.0.0 License: GPLv3 License URI: http://www.gnu.org/licenses/agpl-3.0.html Simple, easy and super flexible Awesome Woo …

10 No CVEs
Carousel Slider

Carousel Slider

carousel-slider

A
97

Create SEO friendly Image, Logo, Video, Post, WooCommerce Product Carousel, and Slider.

30K 6 CVEs
Developer Profile

Carousel Upsells and Related Product for Woocommerce Developer Profile

Dan Zakirov

4 plugins · 11K total installs

89
trust score
Avg Security Score
93/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Carousel Upsells and Related Product for Woocommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/carousel-upsells-and-related-product-for-woocommerce/assets/css/glide.core.min.css/wp-content/plugins/carousel-upsells-and-related-product-for-woocommerce/assets/css/glide.theme.min.css/wp-content/plugins/carousel-upsells-and-related-product-for-woocommerce/assets/js/glide.min.js
Script Paths
/wp-content/plugins/carousel-upsells-and-related-product-for-woocommerce/assets/js/glide.min.js
Version Parameters
carousel-upsells-and-related-product-for-woocommerce/assets/css/glide.core.min.css?ver=carousel-upsells-and-related-product-for-woocommerce/assets/css/glide.theme.min.css?ver=carousel-upsells-and-related-product-for-woocommerce/assets/js/glide.min.js?ver=

HTML / DOM Fingerprints

FAQ

Frequently Asked Questions about Carousel Upsells and Related Product for Woocommerce