WP-Safety

CartResQ – Recover Abandoned Carts for WooCommerce Security & Risk Analysis

wordpress.org/plugins/cartresq

Abandoned cart tracking for WooCommerce. Monitor, analyze, and recover lost sales with real-time detection and analytics.

0 active installs v1.0.4 PHP 7.2+ WP 5.0+ Updated Mar 12, 2026
abandoned-cartanalyticscart-recoverysaaswoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is CartResQ – Recover Abandoned Carts for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

CartResQ – Recover Abandoned Carts for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 22d ago
Risk Assessment

The 'cartresq' plugin v1.0.4 exhibits a generally strong security posture with excellent practices in key areas. The static analysis reveals a high percentage of properly escaped outputs and a significant use of prepared statements for SQL queries, indicating a proactive approach to preventing common vulnerabilities like XSS and SQL injection. The presence of numerous nonce and capability checks on entry points further strengthens its defense against unauthorized access and malicious manipulation. The absence of known CVEs and a clean vulnerability history is a strong indicator of past security diligence. However, a notable concern arises from the presence of one AJAX handler without any authentication checks. While the taint analysis did not reveal critical or high severity unsanitized flows, the existence of an unprotected AJAX endpoint, even with a single unsanitized path flow, presents a direct attack vector that could potentially be exploited if sensitive functionality is exposed. This specific weakness, though isolated, warrants attention as it bypasses essential security layers.

Key Concerns

  • AJAX handler without auth checks
Vulnerabilities
None known

CartResQ – Recover Abandoned Carts for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

CartResQ – Recover Abandoned Carts for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
1
4 prepared
Unescaped Output
2
151 escaped
Nonce Checks
12
Capability Checks
13
File Operations
0
External Requests
1
Bundled Libraries
0

SQL Query Safety

80% prepared5 total queries

Output Escaping

99% escaped153 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

7 flows1 with unsanitized paths
settings_page (includes\class-woo-cart-tracker-admin.php:400)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

CartResQ – Recover Abandoned Carts for WooCommerce Attack Surface

Entry Points10
Unprotected1

AJAX Handlers 8

authwp_ajax_cartresq_select_keyincludes\class-woo-cart-tracker-admin.php:42
authwp_ajax_cartresq_clear_api_keysincludes\class-woo-cart-tracker-admin.php:43
authwp_ajax_cartresq_save_manual_keysincludes\class-woo-cart-tracker-admin.php:44
authwp_ajax_cartresq_generate_real_keysincludes\class-woo-cart-tracker-admin.php:45
authwp_ajax_cartresq_test_connectionincludes\class-woo-cart-tracker-admin.php:46
authwp_ajax_cartresq_sync_nowincludes\class-woo-cart-tracker-admin.php:47
authwp_ajax_cartresq_clear_logsincludes\class-woo-cart-tracker-admin.php:48
authwp_ajax_cartresq_generate_api_keysincludes\class-woo-cart-tracker-admin.php:50

REST API Routes 2

GET/wp-json/wc/v3/cart-trackerincludes\class-woo-cart-tracker-admin.php:2193
GET/wp-json/wc/v3/cart-trackerincludes\class-woo-cart-tracker.php:326
WordPress Hooks 20
actionplugins_loadedcartresq.php:28
actionadmin_noticescartresq.php:32
actionadmin_menuincludes\class-woo-cart-tracker-admin.php:37
actionadmin_initincludes\class-woo-cart-tracker-admin.php:38
actionadmin_enqueue_scriptsincludes\class-woo-cart-tracker-admin.php:39
actionwoocommerce_cart_updatedincludes\class-woo-cart-tracker-admin.php:53
actionwoocommerce_add_to_cartincludes\class-woo-cart-tracker-admin.php:54
actionwoocommerce_remove_cart_itemincludes\class-woo-cart-tracker-admin.php:55
actionwoocommerce_checkout_update_order_metaincludes\class-woo-cart-tracker-admin.php:56
actionwoocommerce_checkout_processincludes\class-woo-cart-tracker-admin.php:57
actionrest_api_initincludes\class-woo-cart-tracker-admin.php:60
actionwoocommerce_cart_updatedincludes\class-woo-cart-tracker.php:36
actionwoocommerce_add_to_cartincludes\class-woo-cart-tracker.php:37
actionwoocommerce_remove_cart_itemincludes\class-woo-cart-tracker.php:38
actionwoocommerce_cart_item_removedincludes\class-woo-cart-tracker.php:39
actionwoocommerce_cart_item_restoredincludes\class-woo-cart-tracker.php:40
actionwoocommerce_checkout_update_order_metaincludes\class-woo-cart-tracker.php:43
actionwoocommerce_checkout_processincludes\class-woo-cart-tracker.php:44
actionwoocommerce_checkout_update_order_reviewincludes\class-woo-cart-tracker.php:45
actionrest_api_initincludes\class-woo-cart-tracker.php:48
Maintenance & Trust

CartResQ – Recover Abandoned Carts for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedMar 12, 2026
PHP min version7.2
Downloads376

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

CartResQ – Recover Abandoned Carts for WooCommerce Alternatives

ShopMetrics for WooCommerce

ShopMetrics for WooCommerce

shopmetrics

A
100

Easy and Smart Analytics Dashboard with Automatic Cart Recovery for WooCommerce stores.

0 No CVEs
ShopNotify – Personalized Cart Recovery for WooCommerce

ShopNotify – Personalized Cart Recovery for WooCommerce

shopnotify

A
100

Track abandoned carts for logged-in and guest users in WooCommerce, send automated WhatsApp reminders, and gain insights into cart recovery and abando …

0 No CVEs
Booster for WooCommerce – PDF Invoices, Abandoned Cart, Variation Swatches & 100+ Tools

Booster for WooCommerce – PDF Invoices, Abandoned Cart, Variation Swatches & 100+ Tools

woocommerce-jetpack

B
82

Supercharge WooCommerce with FREE Abandoned Cart Recovery, Product Variation Swatches, PDF Invoices & 100+ tools. Boost sales & save time.

30K 31 CVEs
Abandoned Cart Recovery for WooCommerce

Abandoned Cart Recovery for WooCommerce

woo-abandoned-cart-recovery

A
100

A simple, effective solution to capture abandoned carts and auto-send reminders. Track logs and generate reports on carts, emails, and more

4K 1 CVE
Cart Lift – Abandoned Cart Recovery for WooCommerce and EDD

Cart Lift – Abandoned Cart Recovery for WooCommerce and EDD

cart-lift

A
99

Track abandoned carts and send automated, customizable abandoned cart recovery emails. Get more leads, reduce cart abandonment, and increase revenue.

1K 2 CVEs
Developer Profile

CartResQ – Recover Abandoned Carts for WooCommerce Developer Profile

Jexla

1 plugin · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect CartResQ – Recover Abandoned Carts for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/cartresq/assets/css/admin.css/wp-content/plugins/cartresq/assets/js/admin.js
Script Paths
/wp-content/plugins/cartresq/assets/js/admin.js
Version Parameters
cartresq/assets/css/admin.css?ver=cartresq/assets/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
cartresq-dashboardcartresq-settingscartresq-api-keyscartresq-reportscartresq-logscartresq-help
Data Attributes
data-cartresq-key-name
JS Globals
cartresq_ajax_object
REST Endpoints
/wp-json/cartresq/v1/sync/wp-json/cartresq/v1/settings
FAQ

Frequently Asked Questions about CartResQ – Recover Abandoned Carts for WooCommerce