Does Cart tracking for WooCommerce have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Cart tracking for WooCommerce compatible with WordPress 6.8.5?

According to WordPress.org data, Cart tracking for WooCommerce 1.0.19 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

How often is Cart tracking for WooCommerce updated?

Cart tracking for WooCommerce was last updated on Aug 12, 2025. Frequent updates are generally a positive security signal.

What is Cart tracking for WooCommerce's security score?

Cart tracking for WooCommerce has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Cart tracking for WooCommerce Security & Risk Analysis

wordpress.org/plugins/cart-tracking-for-woocommerce

Keep track of what people are adding or removing from their cart. See most added/removed products lists.

200 active installs v1.0.19 PHP + WP 4.0+ Updated Aug 12, 2025

abandoned-cartsanalyticsreportswoocommerce

A · Safe

CVEs total2

Unpatched0

Last CVEMay 7, 2025

Plugin page Download

Safety Verdict

Is Cart tracking for WooCommerce Safe to Use in 2026?

Generally Safe

Score 99/100

Cart tracking for WooCommerce has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

2 known CVEsLast CVE: May 7, 2025Updated 9mo ago

Risk Assessment

The "cart-tracking-for-woocommerce" plugin exhibits a generally positive security posture with a substantial majority of SQL queries using prepared statements and output escaping being well-implemented. The static analysis reveals no critical or high-severity taint flows, and the attack surface appears to be minimal, with no identified unprotected entry points. This suggests that the developers have taken steps to prevent common web vulnerabilities.

However, the vulnerability history presents a notable concern. The plugin has had two medium-severity vulnerabilities in the past, specifically SQL injection flaws. While there are no currently unpatched vulnerabilities, the existence of past SQL injection issues, even if fixed, indicates a recurring weakness. The absence of nonce checks and capability checks in the static analysis is also a potential area for improvement, as these are fundamental security mechanisms for WordPress plugins. The bundled Freemius library, if outdated, could also represent a risk.

In conclusion, while the current version of "cart-tracking-for-woocommerce" appears to have good internal security practices, the past vulnerability history of SQL injection and the lack of some standard WordPress security checks warrant careful consideration. Ongoing vigilance and regular updates are crucial to mitigate any potential future risks, especially considering the past trend.

Key Concerns

Past medium severity SQL Injection vulnerabilities
No nonce checks
No capability checks
Bundled Freemius library v1.0 (potential for outdated features)

Vulnerabilities

2 published

Cart tracking for WooCommerce Security Vulnerabilities

CVEs by Year

2 CVEs in 2025

2025

Patched Has unpatched

Severity Breakdown

Medium

2 total CVEs

CVE-2025-47538medium · 4.9Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Cart tracking for WooCommerce <= 1.0.17 - Authenticated (Administrator+) SQL Injection

May 7, 2025 Patched in 1.0.18 (7d)

CVE-2025-30791medium · 4.9Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Cart tracking for WooCommerce <= 1.0.16 - Authenticated (Administrator+) SQL Injection

Mar 27, 2025 Patched in 1.0.17 (8d)

Version History

Cart tracking for WooCommerce Release Timeline

No version history available.

Code Analysis

Analyzed Mar 16, 2026

Cart tracking for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

41 prepared

Unescaped Output

26 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Freemius1.0

SQL Query Safety

89% prepared46 total queries

Output Escaping

90% escaped29 total outputs

Data Flows · Security

All sanitized

Data Flow Analysis

2 flows

wtrackt_complex_main (admin\admin.php:240)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Cart tracking for WooCommerce Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 12

actionadmin_menuadmin\admin.php:7

actionadmin_enqueue_scriptsadmin\admin.php:8

actionplugins_loadedcart-tracking.php:56

actionbefore_woocommerce_initcart-tracking.php:63

filteris_submenu_visiblecart-tracking.php:75

actionafter_uninstallcart-tracking.php:81

actionwoocommerce_add_to_cartincludes\woocommerce_cart.php:4

actionwoocommerce_update_cart_action_cart_updatedincludes\woocommerce_cart.php:10

actionwoocommerce_remove_cart_itemincludes\woocommerce_cart.php:17

actionwoocommerce_cart_updatedincludes\woocommerce_cart.php:24

actionwoocommerce_new_orderincludes\woocommerce_cart.php:25

actionwp_loginincludes\woocommerce_cart.php:27

Maintenance & Trust

Cart tracking for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedAug 12, 2025

PHP min version

Downloads4K

Community Trust

Rating74/100

Number of ratings3

Active installs200

Alternatives

Cart tracking for WooCommerce Alternatives

REPORTiT – Advanced Reporting for WooCommerce

ithemelandco-woo-report

Stop guessing. Grow your sales with powerful, easy-to-understand reports and analytics for WooCommerce.

800 2 CVEs

Smart Reporter For WooCommerce and WP eCommerce

smart-reporter-for-wp-e-commerce

A phenomenal plugin that solves all your business related issues, from business analysis to reporting on your WooCommerce and WordPress eCommerce site …

300 No CVEs

Payment Method Order Reporting (PMOR) for WooCommerce

pmor-reports

100

Advanced reporting for WooCommerce orders with filtering by payment method and date ranges.

100 No CVEs

Dashboard and Analytics for WooCommerce

dashboard-and-analytics-for-woocommerce

100

The ultimate analytics dashboard for WooCommerce. See sales, orders, and reports at a glance. A simple, clean, and powerful analytics solution.

70 No CVEs

WooReports — Advanced Reporting for WooCommerce

wc-reports-lite

Free sales reports for WooCommerce — 11 report modules including orders, products, stock, tax, coupons and payment gateways. No API key needed.

60 1 CVE

Developer Profile

Cart tracking for WooCommerce Developer Profile

wpdever

2 plugins · 1K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

70 days

View full developer profile

Detection Fingerprints

How We Detect Cart tracking for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/cart-tracking-for-woocommerce/assets/css/wtrackt_style.css/wp-content/plugins/cart-tracking-for-woocommerce/assets/js/wtrackt_script.js

Script Paths

/wp-content/plugins/cart-tracking-for-woocommerce/assets/js/wtrackt_script.js

Version Parameters

cart-tracking-for-woocommerce/assets/css/wtrackt_style.css?ver=cart-tracking-for-woocommerce/assets/js/wtrackt_script.js?ver=

HTML / DOM Fingerprints

CSS Classes

wtrackt_style

Data Attributes

data-cartiddata-productid

JS Globals

wtrackt_settings

FAQ