Does Checkout Upsell Funnel for WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in Checkout Upsell Funnel for WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Checkout Upsell Funnel for WooCommerce compatible with WordPress 6.9.4?

According to WordPress.org data, Checkout Upsell Funnel for WooCommerce 1.0.17 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Checkout Upsell Funnel for WooCommerce compatible with PHP 7.0+?

Checkout Upsell Funnel for WooCommerce requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Checkout Upsell Funnel for WooCommerce updated?

Checkout Upsell Funnel for WooCommerce was last updated on Jan 21, 2026. Frequent updates are generally a positive security signal.

What is Checkout Upsell Funnel for WooCommerce's security score?

Checkout Upsell Funnel for WooCommerce has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Checkout Upsell Funnel for WooCommerce Security & Risk Analysis

wordpress.org/plugins/checkout-upsell-funnel-for-woo

Elevate your checkout experience with enticing product suggestions and smart order bumps, all featuring attractive discounts

700 active installs v1.0.17 PHP 7.0+ WP 5.0+ Updated Jan 21, 2026

checkout-upsell-funnel-for-wooorder-bumpupsell-funnelwoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Checkout Upsell Funnel for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Checkout Upsell Funnel for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago

Risk Assessment

The "checkout-upsell-funnel-for-woo" plugin v1.0.17 exhibits a generally strong security posture based on the static analysis. The absence of critical or high-severity taint flows, dangerous functions, raw SQL queries, and file operations indicates a well-developed and secure codebase. The high percentage of prepared SQL statements and properly escaped output further reinforces this. Furthermore, the plugin's vulnerability history is clean, with no recorded CVEs, suggesting a proactive approach to security by the developers.

Despite the strong analysis, there are minor areas for improvement. The presence of external HTTP requests, while not inherently a vulnerability, can introduce risks if not handled with utmost care, as they can be susceptible to man-in-the-middle attacks or DNS spoofing if not properly secured. While the static analysis shows a significant number of nonce and capability checks, it's crucial to ensure these are implemented effectively on all AJAX handlers. The plugin has a moderate attack surface, with 5 AJAX handlers, and while the analysis states 0 are unprotected, continuous vigilance is needed to maintain this.

Overall, this plugin appears to be secure and well-maintained. The lack of historical vulnerabilities is a significant positive indicator. The strengths in code hygiene, SQL handling, and output escaping far outweigh the minor concerns. Developers should continue to prioritize secure coding practices, especially around external requests, to maintain this excellent security record.

Key Concerns

External HTTP requests found

Vulnerabilities

None known

Checkout Upsell Funnel for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Checkout Upsell Funnel for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

7 prepared

Unescaped Output

1151 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Select2

SQL Query Safety

88% prepared8 total queries

Output Escaping

94% escaped1222 total outputs

Data Flows

All sanitized

Data Flow Analysis

4 flows

settings_callback (includes\admin\report.php:33)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Checkout Upsell Funnel for WooCommerce Attack Surface

Entry Points7

Unprotected0

AJAX Handlers 5

authwp_ajax_viwcuf_search_product_includeincludes\admin\settings.php:8

authwp_ajax_viwcuf_search_productincludes\admin\settings.php:9

authwp_ajax_viwcuf_search_catsincludes\admin\settings.php:10

authwp_ajax_viwcuf_search_couponincludes\admin\settings.php:11

authwp_ajax_viwcuf_search_userincludes\admin\settings.php:12

Shortcodes 2

[viwcuf_checkout_order_bump] includes\frontend\ob-shortcode.php:22

[viwcuf_checkout_upsell_funnel] includes\frontend\us-shortcode.php:31

WordPress Hooks 73

actionbefore_woocommerce_initcheckout-upsell-funnel-for-woo.php:36

actionactivated_plugincheckout-upsell-funnel-for-woo.php:43

actionplugins_loadedcheckout-upsell-funnel-for-woo.php:44

actioninitincludes\admin\admin.php:8

filterplugin_action_links_checkout-upsell-funnel-for-woo/checkout-upsell-funnel-for-woo.phpincludes\admin\admin.php:9

actionadmin_menuincludes\admin\order-bump.php:11

actionadmin_initincludes\admin\order-bump.php:12

actionadmin_enqueue_scriptsincludes\admin\order-bump.php:13

actionadmin_menuincludes\admin\report.php:12

actionadmin_enqueue_scriptsincludes\admin\report.php:13

actionwoocommerce_delete_order_refundincludes\admin\report.php:14

actionwoocommerce_delete_orderincludes\admin\report.php:15

actionadmin_menuincludes\admin\upsell-funnel.php:11

actionadmin_initincludes\admin\upsell-funnel.php:12

actionadmin_enqueue_scriptsincludes\admin\upsell-funnel.php:13

filterwoocommerce_before_calculate_totalsincludes\frontend\frontend.php:13

filterwp_kses_allowed_htmlincludes\frontend\frontend.php:14

filterwoocommerce_add_to_cart_sold_individually_found_in_cartincludes\frontend\ob-cart.php:16

filterwoocommerce_before_calculate_totalsincludes\frontend\ob-cart.php:18

filterwoocommerce_cart_item_quantityincludes\frontend\ob-cart.php:21

filtervi_wcaio_mini_cart_pd_qtyincludes\frontend\ob-cart.php:22

filterwoocommerce_add_cart_item_dataincludes\frontend\ob-cart.php:25

actionwoocommerce_checkout_create_order_line_itemincludes\frontend\ob-checkout.php:16

actionwoocommerce_checkout_update_order_metaincludes\frontend\ob-checkout.php:17

actioninitincludes\frontend\ob-shortcode.php:15

actionviwcuf_ob_simple_add_to_cartincludes\frontend\ob-shortcode.php:16

actionviwcuf_ob_variable_add_to_cartincludes\frontend\ob-shortcode.php:17

actionviwcuf_ob_variation_add_to_cartincludes\frontend\ob-shortcode.php:18

filterwoocommerce_update_order_review_fragmentsincludes\frontend\order-bump.php:38

actionwp_enqueue_scriptsincludes\frontend\order-bump.php:39

actionvi_wcaio_before_checkout_formincludes\frontend\order-bump.php:41

filterwoocommerce_update_order_review_fragmentsincludes\frontend\upsell-funnel.php:66

actionwp_enqueue_scriptsincludes\frontend\upsell-funnel.php:67

actionwpincludes\frontend\upsell-funnel.php:69

filterwoocommerce_get_query_varsincludes\frontend\upsell-funnel.php:72

filterwc_get_templateincludes\frontend\upsell-funnel.php:73

actionvi_wcaio_before_checkout_formincludes\frontend\upsell-funnel.php:75

filterviwcuf_ob_enableincludes\frontend\upsell-funnel.php:109

filterwoocommerce_add_to_cart_sold_individually_found_in_cartincludes\frontend\us-cart.php:18

filterwoocommerce_after_calculate_totalsincludes\frontend\us-cart.php:20

filterwoocommerce_add_to_cart_quantityincludes\frontend\us-cart.php:23

filterwoocommerce_cart_item_quantityincludes\frontend\us-cart.php:26

filtervi_wcaio_mini_cart_pd_qtyincludes\frontend\us-cart.php:27

filterwoocommerce_add_cart_item_dataincludes\frontend\us-cart.php:30

filterwoocommerce_get_cart_item_from_sessionincludes\frontend\us-cart.php:31

filterwoocommerce_product_get_priceincludes\frontend\us-cart.php:32

filterwoocommerce_product_variation_get_priceincludes\frontend\us-cart.php:33

filterviredis_get_priceincludes\frontend\us-cart.php:34

actionwoocommerce_checkout_after_order_reviewincludes\frontend\us-checkout.php:18

actionwoocommerce_checkout_update_user_metaincludes\frontend\us-checkout.php:22

actionwoocommerce_checkout_create_order_line_itemincludes\frontend\us-checkout.php:25

actionwoocommerce_checkout_update_order_metaincludes\frontend\us-checkout.php:26

actioninitincludes\frontend\us-shortcode.php:17

actionviwcuf_us_before_shop_loop_item_titleincludes\frontend\us-shortcode.php:18

actionviwcuf_us_shop_loop_item_titleincludes\frontend\us-shortcode.php:19

actionviwcuf_us_single_product_summaryincludes\frontend\us-shortcode.php:20

actionviwcuf_us_simple_add_to_cartincludes\frontend\us-shortcode.php:21

actionviwcuf_us_variable_add_to_cartincludes\frontend\us-shortcode.php:22

actionviwcuf_us_variation_add_to_cartincludes\frontend\us-shortcode.php:23

actionviwcuf_us_after_shop_loop_item_titleincludes\frontend\us-shortcode.php:25

actionviwcuf_us_after_shop_loop_item_titleincludes\frontend\us-shortcode.php:26

filtersctv_get_countdown_on_available_variationincludes\frontend\us-shortcode.php:530

actionadmin_enqueue_scriptsincludes\support.php:32

actionadmin_noticesincludes\support.php:33

actionadmin_initincludes\support.php:34

actionadmin_menuincludes\support.php:35

filterplugin_row_metaincludes\support.php:37

actionadmin_initincludes\support.php:39

actionadmin_bar_menuincludes\support.php:41

actionadmin_noticesincludes\support.php:52

actionadmin_footerincludes\support.php:669

actionadmin_bar_menuincludes\support.php:807

actionadmin_noticesincludes\support.php:953

Maintenance & Trust

Checkout Upsell Funnel for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 21, 2026

PHP min version7.0

Downloads15K

Community Trust

Rating100/100

Number of ratings1

Active installs700

Alternatives

Checkout Upsell Funnel for WooCommerce Alternatives

CartFlows – Funnel Builder & Checkout Plugin for WooCommerce

cartflows

1 WordPress funnel builder & WooCommerce checkout plugin. Boost AOV with one-click upsells, order bumps & high-converting checkout pages.

200K 6 CVEs

WPFunnels – Funnel Builder for WooCommerce with Checkout & One Click Upsell

wpfunnels

WPFunnels is a powerful funnel builder for WooCommerce that helps store owners create high-converting WooCommerce checkout pages, sales funnels, one-c …

6K 11 CVEs

UpsellWP – WooCommerce Upsell and Related Products Offers

checkout-upsell-and-order-bumps

Best WooCommerce Upsell plugin to create checkout upsells, cross-sells, order bumps and frequently bought together bundles to increase AOV.

5K 1 unpatched

Offermative – WooCommerce Discount Rules, Upsells & BOGO Powered by AI

offermative-discount-pricing-related-products-upsell-funnels-for-woocommerce

100

Grow revenue and AOV with targeted and automated WooCommerce discount rules, upsells, cross-sells, order bumps, and dynamic pricing offers.

50 No CVEs

Checkout Upsell Order Bump for WooCommerce

wc-upsell-and-order-bump

100

Boost sales with Checkout Upsell Order Bump for WooCommerce! Offer product suggestions and enticing discounts directly on the checkout page.

20 No CVEs

Developer Profile

Checkout Upsell Funnel for WooCommerce Developer Profile

VillaTheme

58 plugins · 167K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

217 days

View full developer profile

Detection Fingerprints

How We Detect Checkout Upsell Funnel for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/checkout-upsell-funnel-for-woo/assets/css/admin/gift.css/wp-content/plugins/checkout-upsell-funnel-for-woo/assets/css/admin/main.css/wp-content/plugins/checkout-upsell-funnel-for-woo/assets/css/admin/report.css/wp-content/plugins/checkout-upsell-funnel-for-woo/assets/css/admin/setting.css/wp-content/plugins/checkout-upsell-funnel-for-woo/assets/css/admin/style.css/wp-content/plugins/checkout-upsell-funnel-for-woo/assets/js/admin/admin.js/wp-content/plugins/checkout-upsell-funnel-for-woo/assets/js/admin/gift.js/wp-content/plugins/checkout-upsell-funnel-for-woo/assets/js/admin/main.js+3 more

Script Paths

/wp-content/plugins/checkout-upsell-funnel-for-woo/assets/js/admin/admin.js/wp-content/plugins/checkout-upsell-funnel-for-woo/assets/js/admin/gift.js/wp-content/plugins/checkout-upsell-funnel-for-woo/assets/js/admin/main.js/wp-content/plugins/checkout-upsell-funnel-for-woo/assets/js/admin/report.js/wp-content/plugins/checkout-upsell-funnel-for-woo/assets/js/admin/setting.js

Version Parameters

checkout-upsell-funnel-for-woo/assets/css/admin/gift.css?ver=checkout-upsell-funnel-for-woo/assets/css/admin/main.css?ver=checkout-upsell-funnel-for-woo/assets/css/admin/report.css?ver=checkout-upsell-funnel-for-woo/assets/css/admin/setting.css?ver=checkout-upsell-funnel-for-woo/assets/css/admin/style.css?ver=checkout-upsell-funnel-for-woo/assets/js/admin/admin.js?ver=checkout-upsell-funnel-for-woo/assets/js/admin/gift.js?ver=checkout-upsell-funnel-for-woo/assets/js/admin/main.js?ver=checkout-upsell-funnel-for-woo/assets/js/admin/report.js?ver=checkout-upsell-funnel-for-woo/assets/js/admin/setting.js?ver=checkout-upsell-funnel-for-woo/includes/support.php?ver=

HTML / DOM Fingerprints

CSS Classes

viwcuf_woo_checkout_upsell_funnel_reportviwcuf-noticeviwcuf-wrap

HTML Comments

Detect plugin. For use on Front End only.Create table to save logMulti site activate actionSingle site activate action+1 more

Data Attributes

data-noncedata-action

JS Globals

viwcuf_admin_settingviwcuf_admin_reportviwcuf_admin_gift

REST Endpoints

/wp-json/viwcuf/v1/get-product/wp-json/viwcuf/v1/get-coupon/wp-json/viwcuf/v1/get-user

FAQ