WP-Safety

Cirrusly Commerce Security & Risk Analysis

wordpress.org/plugins/cirrusly-commerce

The Financial Operating System for WooCommerce that doesn't cost an arm and a leg. Stop guessing if your Google Ads are profitable.

0 active installs v1.7 PHP 8.1+ WP 5.8+ Updated Dec 25, 2025
google-merchant-centermsrppricingprofit-marginwoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Cirrusly Commerce Safe to Use in 2026?

Generally Safe

Score 100/100

Cirrusly Commerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago
Risk Assessment

The cirrusly-commerce plugin v1.7 exhibits a generally good security posture, primarily due to its diligent use of prepared statements for SQL queries and a high rate of output escaping. The complete absence of known vulnerabilities in its history is a strong indicator of developer attention to security. However, the presence of three AJAX handlers without authentication checks represents a significant potential attack vector. While the taint analysis shows no critical or high-severity unsanitized paths, the four flows with unsanitized paths warrant further investigation, as they could potentially be exploited if user input is not properly handled downstream. The plugin also relies on the Freemius v1.0 bundled library, which, if outdated, could introduce vulnerabilities.

Key Concerns

  • AJAX handlers without authentication checks
  • Flows with unsanitized paths
  • Bundled outdated library (Freemius v1.0)
Vulnerabilities
None known

Cirrusly Commerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Cirrusly Commerce Release Timeline

v1.6.9
v1.6.7
v1.6.6
v1.4.5
Code Analysis
Analyzed Apr 16, 2026

Cirrusly Commerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
5 prepared
Unescaped Output
26
999 escaped
Nonce Checks
34
Capability Checks
32
File Operations
0
External Requests
1
Bundled Libraries
1

Bundled Libraries

Freemius1.0

SQL Query Safety

100% prepared5 total queries

Output Escaping

97% escaped1025 total outputs
Data Flows · Security
4 unsanitized

Data Flow Analysis

11 flows4 with unsanitized paths
render_debug_page (includes/admin/class-debug-ui.php:21)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
3 unprotected

Cirrusly Commerce Attack Surface

Entry Points18
Unprotected3

AJAX Handlers 16

authwp_ajax_cirrusly_get_quota_statusincludes/admin/class-admin-assets.php:13
authwp_ajax_cirrusly_toggle_quota_barincludes/admin/class-admin-assets.php:14
authwp_ajax_cirrusly_clear_cacheincludes/admin/class-settings-manager.php:10
authwp_ajax_cirrusly_reset_gmc_importincludes/admin/class-settings-manager.php:11
authwp_ajax_cirrusly_export_settingsincludes/admin/class-settings-manager.php:12
authwp_ajax_cirrusly_import_settingsincludes/admin/class-settings-manager.php:13
authwp_ajax_cirrusly_validate_api_keyincludes/admin/class-settings-manager.php:16
authwp_ajax_cirrusly_regenerate_api_keyincludes/admin/class-settings-manager.php:17
authwp_ajax_cirrusly_link_manual_keyincludes/admin/class-settings-manager.php:18
authwp_ajax_cirrusly_generate_api_keyincludes/admin/class-settings-manager.php:19
authwp_ajax_cirrusly_send_test_emailincludes/admin/class-settings-manager.php:22
authwp_ajax_cirrusly_clear_email_logincludes/admin/class-settings-manager.php:23
authwp_ajax_cirrusly_dismiss_announcementincludes/class-announcements.php:300
authwp_ajax_cirrusly_audit_saveincludes/class-core.php:98
authwp_ajax_cirrusly_submit_bug_reportincludes/class-help.php:13
authwp_ajax_cc_submit_bug_reportincludes/class-help.php:16

Shortcodes 2

[cirrusly_countdown] includes/class-countdown.php:17
[cw_countdown] includes/class-countdown.php:20
WordPress Hooks 77
actionafter_account_connectioncirrusly-commerce.php:59
actionafter_license_activationcirrusly-commerce.php:82
actionafter_plan_changecirrusly-commerce.php:106
actionafter_license_deactivationcirrusly-commerce.php:121
filtershow_admin_noticecirrusly-commerce.php:146
filtershow_activation_noticecirrusly-commerce.php:147
filtershow_trial_noticecirrusly-commerce.php:148
actionadmin_initcirrusly-commerce.php:152
filtercron_schedulescirrusly-commerce.php:245
filterwp_mail_content_typeclass-mailer.php:24
actionadmin_footerincludes/admin/class-admin-assets.php:12
actionadmin_noticesincludes/admin/class-api-key-migration-notice.php:31
actionadmin_initincludes/admin/class-api-key-migration-notice.php:32
actionadmin_menuincludes/admin/class-debug-ui.php:7
filtermanage_edit-product_columnsincludes/admin/class-gmc-ui.php:13
actionmanage_product_posts_custom_columnincludes/admin/class-gmc-ui.php:14
actionwoocommerce_product_options_inventory_product_dataincludes/admin/class-gmc-ui.php:15
actionquick_edit_custom_boxincludes/admin/class-gmc-ui.php:16
actionadmin_noticesincludes/admin/class-gmc-ui.php:17
actionadmin_enqueue_scriptsincludes/admin/class-gmc-ui.php:19
actionwoocommerce_product_options_pricingincludes/admin/class-pricing-ui.php:10
actionwoocommerce_variation_options_pricingincludes/admin/class-pricing-ui.php:11
actionwoocommerce_process_product_metaincludes/admin/class-pricing-ui.php:17
actionwoocommerce_save_product_variationincludes/admin/class-pricing-ui.php:18
filtermanage_edit-product_columnsincludes/admin/class-pricing-ui.php:21
actionmanage_product_posts_custom_columnincludes/admin/class-pricing-ui.php:22
actionadmin_noticesincludes/admin/class-pricing-ui.php:25
actionadmin_menuincludes/admin/class-setup-wizard.php:17
actionadmin_initincludes/admin/class-setup-wizard.php:18
actionadmin_initincludes/admin/class-setup-wizard.php:21
actionadmin_initincludes/admin/class-setup-wizard.php:22
actionadmin_initincludes/admin/class-setup-wizard.php:25
actionadmin_noticesincludes/admin/class-setup-wizard.php:27
actionadmin_enqueue_scriptsincludes/admin/class-setup-wizard.php:29
actionadmin_initincludes/class-announcements.php:45
actionadmin_noticesincludes/class-announcements.php:263
actioncirrusly_commerce_scan_settings_uiincludes/class-automated-discounts.php:16
actiontemplate_redirectincludes/class-automated-discounts.php:19
filterwoocommerce_get_price_htmlincludes/class-automated-discounts.php:20
filterwoocommerce_product_get_priceincludes/class-automated-discounts.php:21
filterwoocommerce_product_variation_get_priceincludes/class-automated-discounts.php:22
actionwoocommerce_before_calculate_totalsincludes/class-automated-discounts.php:23
actionsend_headersincludes/class-automated-discounts.php:24
actionwpincludes/class-badges.php:15
actionwoocommerce_single_product_summaryincludes/class-badges.php:30
actionwoocommerce_after_shop_loop_itemincludes/class-badges.php:31
actionwp_enqueue_scriptsincludes/class-badges.php:34
actioninitincludes/class-blocks.php:20
filterblock_categories_allincludes/class-blocks.php:22
filterwoosea_custom_attributesincludes/class-compatibility.php:23
filterrank_math/vars/register_extra_replacementsincludes/class-compatibility.php:26
filterwpseo_schema_productincludes/class-compatibility.php:29
filteraioseo_schema_outputincludes/class-compatibility.php:32
filterseopress_json_ld_productincludes/class-compatibility.php:35
filterwoocommerce_gpf_elementsincludes/class-compatibility.php:38
actioninitincludes/class-core.php:71
actionadmin_menuincludes/class-core.php:91
actionadmin_initincludes/class-core.php:92
actionadmin_enqueue_scriptsincludes/class-core.php:93
actionwp_dashboard_setupincludes/class-core.php:94
actionadmin_noticesincludes/class-core.php:95
actioncirrusly_gmc_daily_scanincludes/class-core.php:99
actionsave_post_productincludes/class-core.php:100
filterpre_option_cirrusly_enable_cost_of_goods_soldincludes/class-core.php:102
actionwoocommerce_single_product_summaryincludes/class-countdown.php:22
actionwp_enqueue_scriptsincludes/class-countdown.php:23
actionwp_enqueue_scriptsincludes/class-frontend-assets.php:14
actionwoocommerce_process_product_metaincludes/class-gmc.php:48
actionwoocommerce_product_quick_edit_saveincludes/class-gmc.php:49
actionwoocommerce_product_bulk_edit_saveincludes/class-gmc.php:50
actionadmin_post_cirrusly_mark_customincludes/class-gmc.php:53
actionadmin_enqueue_scriptsincludes/class-help.php:9
actionadmin_footerincludes/class-help.php:10
filterwoocommerce_get_price_htmlincludes/class-pricing-frontend.php:37
filterwoocommerce_get_price_htmlincludes/class-pricing-frontend.php:58
actioncirrusly_weekly_profit_reportincludes/class-reports.php:12
actionwoocommerce_thankyouincludes/class-reviews.php:6

Scheduled Events 5

cirrusly_gmc_daily_scan
cirrusly_weekly_profit_report
cirrusly_commerce_gmc_sync
cirrusly_gmc_daily_scan
cirrusly_weekly_profit_report
Maintenance & Trust

Cirrusly Commerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedDec 25, 2025
PHP min version8.1
Downloads273

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Cirrusly Commerce Alternatives

Profit Margin Calculator for WooCommerce

Profit Margin Calculator for WooCommerce

profit-margin-calculator

A
100

A lightweight, easy-to-use WooCommerce extension that calculates product profit and profit margins automatically.

10 No CVEs
Discount Rules for WooCommerce

Discount Rules for WooCommerce

woo-discount-rules

A
97

The discount plugin for WooCommerce helps you create bulk discount, quantity discount, storewide sale, dynamic pricing discount offers easily.

100K 4 CVEs
Advanced Dynamic Pricing and Discount Rules for WooCommerce

Advanced Dynamic Pricing and Discount Rules for WooCommerce

advanced-dynamic-pricing-for-woocommerce

A
93

The discount plugin for WooCommerce supports any dynamic pricing discount: bulk discount, role discount, storewide, bogo, gifts, cart discount

20K 7 CVEs
Price Based on Country for WooCommerce

Price Based on Country for WooCommerce

woocommerce-product-price-based-on-countries

A
100

Product Pricing and Currency based on Shopper's Country for WooCommerce with multi-currency support and geolocation to boost international sales.

20K No CVEs
Wholesale Suite – B2B, Dynamic Pricing & WooCommerce Wholesale Prices

Wholesale Suite – B2B, Dynamic Pricing & WooCommerce Wholesale Prices

woocommerce-wholesale-prices

A
89

WooCommerce wholesale plugin for serving wholesale & B2B customers. Adds wholesale pricing, user roles, dynamic pricing & more.

20K 6 CVEs
Developer Profile

Cirrusly Commerce Developer Profile

edoswald

1 plugin · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Cirrusly Commerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/cirrusly-commerce/assets/css/cirrusly-commerce.css/wp-content/plugins/cirrusly-commerce/assets/js/cirrusly-commerce.js/wp-content/plugins/cirrusly-commerce/assets/js/admin/dashboard.js/wp-content/plugins/cirrusly-commerce/assets/js/admin/settings.js/wp-content/plugins/cirrusly-commerce/assets/js/admin/setup.js/wp-content/plugins/cirrusly-commerce/assets/js/checkout/main.js
Version Parameters
/wp-content/plugins/cirrusly-commerce/assets/css/cirrusly-commerce.css?ver=/wp-content/plugins/cirrusly-commerce/assets/js/cirrusly-commerce.js?ver=/wp-content/plugins/cirrusly-commerce/assets/js/admin/dashboard.js?ver=/wp-content/plugins/cirrusly-commerce/assets/js/admin/settings.js?ver=/wp-content/plugins/cirrusly-commerce/assets/js/admin/setup.js?ver=/wp-content/plugins/cirrusly-commerce/assets/js/checkout/main.js?ver=

HTML / DOM Fingerprints

CSS Classes
cirrusly-commerce-dashboard-widgetcirrusly-commerce-setup-wizard
Data Attributes
data-cirrusly-commerce-dashboarddata-cirrusly-commerce-settingsdata-cirrusly-commerce-setup
JS Globals
cirrusly_commerce_data
FAQ

Frequently Asked Questions about Cirrusly Commerce