Does Cart Dropdown – Webaddict have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Cart Dropdown – Webaddict compatible with WordPress 4.9.29?

According to WordPress.org data, Cart Dropdown – Webaddict 1.0.0 has been tested up to WordPress 4.9.29. Check the plugin's changelog for the latest compatibility information.

Is Cart Dropdown – Webaddict compatible with PHP 5.2.4+?

Cart Dropdown – Webaddict requires PHP 5.2.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Cart Dropdown – Webaddict updated?

Cart Dropdown – Webaddict was last updated on Aug 28, 2018. Frequent updates are generally a positive security signal.

What is Cart Dropdown – Webaddict's security score?

Cart Dropdown – Webaddict has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Cart Dropdown – Webaddict Security & Risk Analysis

wordpress.org/plugins/cart-dropdown-webaddict

WooCommerce Cart Dropdown A simple WordPress plugin for WooCommerce to show cart items as dropdown.

10 active installs v1.0.0 PHP 5.2.4+ WP 3.0+ Updated Aug 28, 2018

cartcart-dropdowncart-itemswoocommercewoocommerce-cart

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Cart Dropdown – Webaddict Safe to Use in 2026?

Generally Safe

Score 85/100

Cart Dropdown – Webaddict has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7yr ago

Risk Assessment

The "cart-dropdown-webaddict" plugin v1.0.0 exhibits a mixed security posture. On the positive side, the absence of known CVEs and a clean taint analysis suggest a lack of historically exploited or severe vulnerabilities. The plugin also demonstrates good practices by exclusively using prepared statements for SQL queries and not performing file operations or external HTTP requests. However, significant concerns arise from the static analysis. The most critical issue is the complete lack of nonce checks and capability checks. With one entry point via a shortcode, this absence creates a substantial risk of unauthorized actions or data manipulation if the shortcode's functionality is sensitive. Furthermore, a very low percentage of output escaping (11%) indicates a high likelihood of Cross-Site Scripting (XSS) vulnerabilities, as user-supplied data is likely being rendered without proper sanitization. The plugin's attack surface is minimal, but the unprotected nature of its single entry point and the poor output escaping are serious weaknesses.

Key Concerns

Missing Nonce Checks
Missing Capability Checks
Low Output Escaping Percentage (XSS Risk)

Vulnerabilities

None known

Cart Dropdown – Webaddict Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Cart Dropdown – Webaddict Release Timeline

v1.0

Code Analysis

Analyzed Mar 17, 2026

Cart Dropdown – Webaddict Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

1 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

11% escaped9 total outputs

Attack Surface

Cart Dropdown – Webaddict Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[wd-mini-cart] cart-dropdown-webaddict.php:83

WordPress Hooks 3

filterWH_Filter_Textcart-dropdown-webaddict.php:13

filterWH_Filter_Iconcart-dropdown-webaddict.php:14

actionwp_enqueue_scriptscart-dropdown-webaddict.php:29

Maintenance & Trust

Cart Dropdown – Webaddict Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29

Last updatedAug 28, 2018

PHP min version5.2.4

Downloads2K

Community Trust

Rating100/100

Number of ratings1

Active installs10

Alternatives

Cart Dropdown – Webaddict Alternatives

Sliding Cart for WooCommerce by FunnelKit – Skip Cart & Reach WooCommerce Checkout Faster

cart-for-woocommerce

100

FunnelKit Cart adds a beautiful sliding cart to your WooCommerce store. Let the buyers add items, edit quantity and add upsells on the side cart.

30K No CVEs

Abandoned Cart Lite for WooCommerce

woocommerce-abandoned-cart

Track abandoned carts and send automated, customizable abandoned cart recovery emails. Reduce cart abandonment, recover lost revenue & increase sales.

20K 12 CVEs

Disable Cart Fragments by Optimocha

disable-cart-fragments

100

A better way to disable WooCommerce's cart fragments script, and re-enqueue it when the cart is updated. Works with all caching plugins.

10K No CVEs

Metorik – Reports & Email Automation for WooCommerce

metorik-helper

The Metorik Helper helps provide your WooCommerce store with powerful analytics, reports, and tools.

10K 1 CVE

Mobile Contact Bar

mobile-contact-bar

Allow your visitors to contact you via mobile phones, or access your site's pages instantly.

10K 1 CVE

Developer Profile

Cart Dropdown – Webaddict Developer Profile

webaddict

2 plugins · 20 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Cart Dropdown – Webaddict

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/cart-dropdown-webaddict/style.css

Version Parameters

cart-dropdown-webaddict/style.css?ver=

HTML / DOM Fingerprints

CSS Classes

woo_mini_cartbasket-item-counthover_cart_boxbtn-center

Shortcode Output

<div class="woo_mini_cart"><div class="basket-item-count"><div class="hover_cart_box"><table>

FAQ