Does Catalog for Woocommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in Catalog for Woocommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Catalog for Woocommerce compatible with WordPress 5.6.17?

According to WordPress.org data, Catalog for Woocommerce 1.2.0 has been tested up to WordPress 5.6.17. Check the plugin's changelog for the latest compatibility information.

How often is Catalog for Woocommerce updated?

Catalog for Woocommerce was last updated on Dec 16, 2020. Frequent updates are generally a positive security signal.

What is Catalog for Woocommerce's security score?

Catalog for Woocommerce has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Catalog for Woocommerce Security & Risk Analysis

wordpress.org/plugins/catalog-for-woocommerce

You can convert your store into catalog mode by hiding add to cart button, price tag, ratings, reviews.

1K active installs v1.2.0 PHP + WP 4.0+ Updated Dec 16, 2020

buttoncatalogproductwoocommercewoocommerce-catalog

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Catalog for Woocommerce Safe to Use in 2026?

Generally Safe

Score 85/100

Catalog for Woocommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago

Risk Assessment

The "catalog-for-woocommerce" plugin exhibits a generally strong security posture based on the provided static analysis. The absence of any identified CVEs in its history, coupled with the lack of detected critical or high-severity taint flows, suggests a well-maintained and secure codebase. The plugin also demonstrates good practices by utilizing prepared statements for all SQL queries and implementing nonce checks.

However, the analysis does highlight a notable concern regarding output escaping, with nearly 41% of outputs not being properly escaped. This could potentially lead to cross-site scripting (XSS) vulnerabilities if user-supplied data is directly outputted without proper sanitization. While there are no immediate critical risks identified, this weakness warrants attention and remediation to ensure comprehensive security. The plugin's small attack surface and lack of bundled libraries are positive indicators, but the unescaped output remains the primary area for improvement.

Key Concerns

Improperly escaped output detected

Vulnerabilities

None known

Catalog for Woocommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Catalog for Woocommerce Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

32 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

59% escaped54 total outputs

Attack Surface

Catalog for Woocommerce Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 14

actionadmin_menumainplugin.php:22

actionadmin_headmainplugin.php:32

actionadmin_enqueue_scriptsmainplugin.php:48

filterwoocommerce_product_tabsmainplugin.php:113

actionwoocommerce_single_product_summarymainplugin.php:196

actionwoocommerce_after_shop_loop_itemmainplugin.php:215

actioninitmainplugin.php:274

actioninitmainplugin.php:276

actioninitmainplugin.php:278

actioninitmainplugin.php:280

actioninitmainplugin.php:282

actioninitmainplugin.php:284

actioninitmainplugin.php:287

actionwoocommerce_single_product_summarymainplugin.php:289

Maintenance & Trust

Catalog for Woocommerce Maintenance & Trust

Maintenance Signals

WordPress version tested5.6.17

Last updatedDec 16, 2020

PHP min version

Downloads45K

Community Trust

Rating90/100

Number of ratings6

Active installs1K

Alternatives

Catalog for Woocommerce Alternatives

YITH WooCommerce Catalog Mode

yith-woocommerce-catalog-mode

YITH WooCommerce Catalog Mode, a plugin for disabling sales in your e-commerce and turn it into an e-commerce into an online catalogue.

60K 1 CVE

Product Enquiry for WooCommerce

gm-woocommerce-quote-popup

Allow customers to request quotes, send product enquiries, and run WooCommerce in catalog mode by hiding prices and replacing the Add to Cart button.

3K 5 CVEs

PiWeb Product Enquiry or product catalog for WooCommerce

enquiry-quotation-for-woocommerce

Product enquiry for WooCommerce and quote request plugin that can save enquiries and email the WooCommerce product enquiry as well

1K 2 CVEs

Price & Cart Hider – WooCommerce Catalog Mode, Wholesale & B2B

price-cart-hider-for-woocommerce

100

Turn WooCommerce into Catalog Mode. Hide prices & Add to Cart. Perfect for Wholesale, B2B, and Members-only stores. No coding needed.

100 No CVEs

Prices By User Role Lite

prices-by-user-role-lite

Prices by User Role Lite it is a plugin designed to extend the default WooCommerce functionality by hiding Add to Cart button and product prices from …

10 No CVEs

Developer Profile

Catalog for Woocommerce Developer Profile

Phoeniixx

25 plugins · 5K total installs

trust score

Avg Security Score

87/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Catalog for Woocommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/catalog-for-woocommerce/assets/js/wpscripts.js/wp-content/plugins/catalog-for-woocommerce/includes/catalgsettings.php/wp-content/plugins/catalog-for-woocommerce/includes/btnsettings.php/wp-content/plugins/catalog-for-woocommerce/includes/phoen_premium_tab.php/wp-content/plugins/catalog-for-woocommerce/assets/css/btn-style.php

Script Paths

/wp-content/plugins/catalog-for-woocommerce/assets/js/wpscripts.js

HTML / DOM Fingerprints

CSS Classes

woo-nav-tab-wrapper

HTML Comments

Data Attributes

data-tabdata-tab-active

Shortcode Output

<a href="" target="_blank"><button type="submit" style="color:

FAQ