WP-Safety

Custom Cart Link for WooCommerce Security & Risk Analysis

wordpress.org/plugins/cart-link-for-woocommerce

Create, customize and share the direct cart links which once clicked will automatically fill the customers' cart with the selected products.

800 active installs v1.5.0 PHP 7.2+ WP 6.1+ Updated Nov 2, 2023
cart-linkcart-urlcustom-add-to-cart-linkcustom-cart-linklink-to-cart
84
B · Generally Safe
CVEs total1
Unpatched0
Last CVEApr 13, 2022
Plugin page Download
Safety Verdict

Is Custom Cart Link for WooCommerce Safe to Use in 2026?

Mostly Safe

Score 84/100

Custom Cart Link for WooCommerce is generally safe to use though it hasn't been updated recently. 1 past CVE were resolved. Keep it updated.

1 known CVELast CVE: Apr 13, 2022Updated 2yr ago
Risk Assessment

The static analysis of cart-link-for-woocommerce v1.5.0 reveals a generally strong security posture, with no identified dangerous functions, file operations, or external HTTP requests. The plugin demonstrates good practices by using prepared statements for all SQL queries and ensuring a high percentage of output is properly escaped. The presence of nonce and capability checks also indicates an effort to secure its functionality. However, the total lack of analyzed taint flows is a significant weakness, meaning potential vulnerabilities in data handling might have been missed. The vulnerability history, showing one high-severity Cross-Site Request Forgery (CSRF) in the past, is a concerning pattern. While this vulnerability is reported as unpatched, it's important to understand if this refers to a past version or if the current version has addressed it. The absence of any identified attack surface with missing authentication is positive, but the fact that a CSRF vulnerability has occurred in the past warrants caution and suggests that careful code review for such issues is still important for this plugin.

Key Concerns

  • High severity CVE in vulnerability history
  • No taint flows analyzed
Vulnerabilities
1

Custom Cart Link for WooCommerce Security Vulnerabilities

CVEs by Year

1 CVE in 2022
2022
Patched Has unpatched

Severity Breakdown

High
1

1 total CVE

WF-3aa537bc-90fa-4d87-9dd5-e32aef4273c7-cart-link-for-woocommercehigh · 8.8Cross-Site Request Forgery (CSRF)

Cart Link for WooCommerce <= 2.0.2 - Cross-Site Request Forgery

Apr 13, 2022 Patched in 1.1.0 (650d)
Code Analysis
Analyzed Mar 16, 2026

Custom Cart Link for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
3
47 escaped
Nonce Checks
3
Capability Checks
2
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

94% escaped50 total outputs
Attack Surface

Custom Cart Link for WooCommerce Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 23
actionwoocommerce_initindex.php:50
actionbefore_woocommerce_initindex.php:82
actionadmin_enqueue_scriptssrc\Assets.php:32
actionwoocommerce_before_calculate_totalssrc\Campaign\CampaignActions\AddProductsAction\ModifyProductPrice.php:17
filterdisable_months_dropdownsrc\Campaign\CampaignList.php:18
filterpost_row_actionssrc\Campaign\CampaignList.php:20
filterwoocommerce_form_fieldsrc\Campaign\CampaignList.php:45
actionadd_meta_boxessrc\Campaign\Metabox\MetaboxActions.php:34
actionadd_meta_boxessrc\Campaign\Metabox\MetaboxProducts.php:35
filterpost_type_linksrc\Campaign\ModifyPermalink.php:12
filterget_sample_permalinksrc\Campaign\ModifyPermalink.php:13
actioninitsrc\Campaign\RegisterPostType.php:15
filterwoocommerce_screen_idssrc\Campaign\RegisterPostType.php:16
actiontemplate_redirectsrc\Campaign\TriggerAction.php:20
actionadmin_noticessrc\Notice\NoticeNoCampaigns.php:27
actionadmin_noticessrc\Notice\NoticeWooCommerceRequired.php:25
filterwoocommerce_order_item_display_meta_keysrc\Order\DisplayOrderCampaign.php:13
filterwoocommerce_order_item_display_meta_valuesrc\Order\DisplayOrderCampaign.php:14
actionpre_get_postssrc\Order\FilterOrderByCampaign.php:29
actionrestrict_manage_postssrc\Order\FilterOrderByCampaign.php:31
actionwoocommerce_checkout_order_createdsrc\Order\SaveOrderCampaign.php:21
actionwoocommerce_checkout_create_order_line_itemsrc\Order\SaveOrderCampaign.php:22
filterplugin_action_linkssrc\PluginLinks.php:22
Maintenance & Trust

Custom Cart Link for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.4.8
Last updatedNov 2, 2023
PHP min version7.2
Downloads10K

Community Trust

Rating100/100
Number of ratings11
Active installs800
Alternatives

Custom Cart Link for WooCommerce Alternatives

WC Share Cart URL

WC Share Cart URL

wc-share-cart-url

A
92

Share WooCommerce cart by URL. Send the cart to any Customer in WooCommerce store.

400 No CVEs
Add Product To Cart Via URL

Add Product To Cart Via URL

add-product-to-cart-via-url

A
85

Allows a CMS users (eg shop admin) to create a URL (for WooCommerce only) with specific product(s) and quantity info. When clicked by a user this URL &hellip;

0 No CVEs
Lean Cart Share and Save for Later for WooCommerce

Lean Cart Share and Save for Later for WooCommerce

lean-cart-share-and-save

A
100

Lightweight cart sharing and saving for WooCommerce - let customers share carts via URLs and save carts for later.

0 No CVEs
WPC Share Cart for WooCommerce

WPC Share Cart for WooCommerce

wpc-share-cart

A
100

WPC Share Cart is a simple but powerful tool that can help your customer share their cart.

1K No CVEs
Add bulk cart packages

Add bulk cart packages

add-bulk-cart-packages

A
92

Add bulk cart packages allows you to create custom product packages in WooCommerce and add them to the cart with a single click.

0 No CVEs
Developer Profile

Custom Cart Link for WooCommerce Developer Profile

Sebastian Pisula

3 plugins · 3K total installs

69
trust score
Avg Security Score
85/100
Avg Patch Time
650 days
View full developer profile
Detection Fingerprints

How We Detect Custom Cart Link for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/cart-link-for-woocommerce/assets/dist/campaign-manager.css/wp-content/plugins/cart-link-for-woocommerce/assets/dist/campaign-manager.js
Script Paths
/wp-content/plugins/cart-link-for-woocommerce/assets/dist/campaign-manager.js
Version Parameters
cart-link-for-woocommerce/assets/dist/campaign-manager.css?ver=cart-link-for-woocommerce/assets/dist/campaign-manager.js?ver=

HTML / DOM Fingerprints

Data Attributes
name="cart-link-for-woocommerce/campaign-manager"id="cart-link-for-woocommerce/campaign-manager"data-type="cart-link-for-woocommerce/campaign-manager"
JS Globals
__jsVars
REST Endpoints
/wp-json/cart-link-for-woocommerce/
FAQ

Frequently Asked Questions about Custom Cart Link for WooCommerce