Does CommerceBird – WooCommerce Store Management and AI Platform have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is CommerceBird – WooCommerce Store Management and AI Platform compatible with WordPress 6.9.4?

According to WordPress.org data, CommerceBird – WooCommerce Store Management and AI Platform 2.8.2 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is CommerceBird – WooCommerce Store Management and AI Platform compatible with PHP 8.2+?

CommerceBird – WooCommerce Store Management and AI Platform requires PHP 8.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

CommerceBird – WooCommerce Store Management and AI Platform Security & Risk Analysis

wordpress.org/plugins/commercebird

WooCommerce Store Management, Purchase Orders, Vendors, Quotes, Certified Zoho & Exact Online Integrations and more.

100 active installs v2.8.2 PHP 8.2+ WP 6.5+ Updated Apr 14, 2026

aiexactintegrationwoocommercezoho

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is CommerceBird – WooCommerce Store Management and AI Platform Safe to Use in 2026?

Generally Safe

Score 100/100

CommerceBird – WooCommerce Store Management and AI Platform has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

Commercebird v2.7.8 exhibits a generally strong security posture with excellent practices in output escaping and prepared statement usage for SQL queries. The vast majority of code outputs are properly escaped, and a high percentage of SQL queries utilize prepared statements, significantly reducing the risk of common injection vulnerabilities. The plugin's vulnerability history is clean, with no recorded CVEs, which suggests a proactive approach to security from the developers or a lack of past significant findings.

However, there are notable areas of concern stemming from the static analysis. The plugin exposes a total of 12 entry points, with 3 of these (AJAX handlers) lacking authentication checks. This is a critical finding as it allows unauthenticated users to potentially interact with sensitive plugin functionalities. Furthermore, the taint analysis revealed 4 flows with unsanitized paths and 2 critical severity flows. While the specific nature of these critical flows is not detailed, unsanitized paths coupled with critical taint issues are strong indicators of potential vulnerabilities, likely exploitable through the identified unprotected entry points.

In conclusion, while Commercebird v2.7.8 has implemented many good security practices, the presence of unprotected AJAX handlers and critical taint analysis findings represent significant risks. The lack of historical vulnerabilities is a positive sign, but it does not negate the current code-level risks identified. Addressing the unprotected AJAX endpoints and investigating the critical taint flows should be the immediate priority to improve the plugin's security.

Key Concerns

Unprotected AJAX handlers
Critical severity taint flows
Flows with unsanitized paths

Vulnerabilities

None known

CommerceBird – WooCommerce Store Management and AI Platform Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

CommerceBird – WooCommerce Store Management and AI Platform Release Timeline

v2.8.2Current

v2.8.1

v2.8.0

v2.7.93

v2.7.92

v2.7.91

v2.7.9

v2.7.8

v2.7.7

v2.7.6

v2.7.5

v2.7.4

v2.7.3

v2.7.2

v2.7.1

v2.7.0

v2.6.5

v2.6.4

v2.6.3

v2.6.2

Code Analysis

Analyzed Mar 16, 2026

CommerceBird – WooCommerce Store Management and AI Platform Code Analysis

Dangerous Functions

Raw SQL Queries

82 prepared

Unescaped Output

161 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

82% prepared100 total queries

Output Escaping

99% escaped163 total outputs

Data Flows · Security

4 unsanitized

Data Flow Analysis

5 flows4 with unsanitized paths

cmbird_zi_sync_column_filterable (includes\woo-functions.php:682)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

3 unprotected

CommerceBird – WooCommerce Store Management and AI Platform Attack Surface

Entry Points12

Unprotected3

AJAX Handlers 12

authwp_ajax_zoho_admin_order_syncincludes\classes\class-common.php:20

authwp_ajax_zoho_ajax_call_parent_categoriesincludes\classes\zoho-inventory\class-cmbird-categories-zi.php:34

authwp_ajax_zoho_ajax_call_subcategoriesincludes\classes\zoho-inventory\class-cmbird-categories-zi.php:35

authwp_ajax_zoho_ajax_call_remove_duplicatesincludes\classes\zoho-inventory\class-cmbird-categories-zi.php:36

authwp_ajax_zoho_ajax_call_subcategories_startincludes\classes\zoho-inventory\class-cmbird-categories-zi.php:39

authwp_ajax_zoho_ajax_call_subcategories_batchincludes\classes\zoho-inventory\class-cmbird-categories-zi.php:40

authwp_ajax_zoho_ajax_call_subcategories_statusincludes\classes\zoho-inventory\class-cmbird-categories-zi.php:41

authwp_ajax_zoho_ajax_call_duplicate_removal_batchincludes\classes\zoho-inventory\class-cmbird-categories-zi.php:42

authwp_ajax_zoho_ajax_call_duplicate_removal_statusincludes\classes\zoho-inventory\class-cmbird-categories-zi.php:43

authwp_ajax_zoho_admin_product_syncincludes\woo-functions.php:99

authwp_ajax_zi_product_unmap_hookincludes\woo-functions.php:291

authwp_ajax_zi_customer_unmap_hookincludes\woo-functions.php:342

WordPress Hooks 94

actioncmbird_exact_online_sync_ordersadmin\includes\Actions\Ajax\ExactOnlineAjax.php:118

filterwoocommerce_rest_check_permissionsadmin\includes\Actions\Sync\ExactOnlineSync.php:249

filterwoocommerce_rest_check_permissionsadmin\includes\Actions\Sync\ExactOnlineSync.php:436

filterwoocommerce_rest_check_permissionsadmin\includes\Actions\Sync\ZohoInventorySync.php:81

filterwc_product_has_unique_skuadmin\includes\Actions\Sync\ZohoInventorySync.php:82

actionrest_api_initadmin\includes\Cmbird_Acf.php:20

filteracf/load_field/name=costunitadmin\includes\Cmbird_Acf.php:21

filteracf/load_field/name=costcenteradmin\includes\Cmbird_Acf.php:22

filteracf/load_field/name=glaccountadmin\includes\Cmbird_Acf.php:23

actionadmin_menuadmin\includes\Template.php:20

actionadmin_enqueue_scriptsadmin\includes\Template.php:21

actionadmin_noticesadmin\includes\Template.php:22

actionadmin_headadmin\includes\Template.php:23

filterscript_loader_tagadmin\includes\Template.php:45

actionwoocommerce_initcommercebird.php:88

actioninitcommercebird.php:89

actionbefore_woocommerce_initcommercebird.php:101

actionplugins_loadedcommercebird.php:116

actionimport_group_items_croncommercebird.php:147

actionimport_simple_items_croncommercebird.php:148

actionimport_variable_product_croncommercebird.php:149

actionsync_zi_product_croncommercebird.php:150

actionsync_zi_pricelistcommercebird.php:151

actionsync_zi_ordercommercebird.php:152

actionsync_zi_import_contactscommercebird.php:153

actioncmbird_commoncommercebird.php:155

actionsync_zcrm_ordercommercebird.php:157

actionsync_zcrm_contactcommercebird.php:158

actioncmbird_sync_eocommercebird.php:160

actioncmbird_exact_online_sync_orderscommercebird.php:161

actioncmbird_payment_statuscommercebird.php:162

actioncmbird_eo_get_payment_statusescommercebird.php:163

actioncmbird_process_product_chunkcommercebird.php:165

actioncmbird_process_customer_chunkcommercebird.php:184

actioninitcommercebird.php:204

actionzi_execute_import_synccommercebird.php:206

actionrest_api_initcommercebird.php:209

actionsave_postcommercebird.php:223

actionupgrader_process_completecommercebird.php:241

actioncmbird_process_webhook_queueincludes\classes\apis\class-api-for-product-webhook.php:60

actionwp_scheduled_deleteincludes\classes\apis\class-api-for-product-webhook.php:63

filterupload_dirincludes\classes\apis\class-commercebird-media-api-controller.php:144

actionwoocommerce_thankyouincludes\classes\class-common.php:17

actionwoocommerce_rest_insert_shop_order_objectincludes\classes\class-common.php:18

filterwcs_renewal_order_createdincludes\classes\class-common.php:19

actionadmin_initincludes\classes\class-plugin.php:39

actionrest_api_initincludes\classes\class-wc-api.php:21

actionadmin_menuincludes\classes\purchase-orders\class-cmbird-purchase-admin.php:27

actioncmbird_purchase_order_autoincludes\classes\purchase-orders\class-cmbird-purchase-automation.php:15

actioncmbird_trigger_purchase_order_emailincludes\classes\purchase-orders\class-cmbird-purchase-order-email.php:26

actioninitincludes\classes\purchase-orders\class-cmbird-purchase-order.php:140

filterwoocommerce_order_classincludes\classes\purchase-orders\class-cmbird-purchase-order.php:169

filterwc_order_statusesincludes\classes\purchase-orders\class-cmbird-purchase-order.php:218

filterwoocommerce_register_shop_order_post_statusesincludes\classes\purchase-orders\class-cmbird-purchase-order.php:227

filterbulk_actions-edit-shop_purchaseincludes\classes\purchase-orders\class-cmbird-purchase-order.php:242

filterbulk_actions-woocommerce_page_wc-orders--shop_purchaseincludes\classes\purchase-orders\class-cmbird-purchase-order.php:244

actionwoocommerce_order_status_changedincludes\classes\purchase-orders\class-cmbird-purchase-order.php:299

actionsave_post_shop_purchaseincludes\classes\purchase-orders\class-cmbird-purchase-order.php:359

filterwoocommerce_general_settingsincludes\classes\purchase-orders\class-cmbird-purchase-order.php:362

actionwoocommerce_rest_insert_customerincludes\classes\purchase-orders\class-cmbird-purchase-order.php:439

actionwoocommerce_email_classesincludes\classes\purchase-orders\class-cmbird-purchase-order.php:451

filterwoocommerce_order_numberincludes\classes\purchase-orders\class-cmbird-purchase-order.php:459

filterwoocommerce_email_recipient_new_orderincludes\classes\purchase-orders\class-cmbird-purchase-order.php:476

filterwoocommerce_email_subject_new_orderincludes\classes\purchase-orders\class-cmbird-purchase-order.php:489

filterwoocommerce_email_heading_new_orderincludes\classes\purchase-orders\class-cmbird-purchase-order.php:497

filterwoocommerce_get_order_item_totalsincludes\classes\purchase-orders\class-cmbird-purchase-order.php:510

actionwoocommerce_update_orderincludes\classes\zoho-inventory\class-order-sync.php:95

actionadmin_enqueue_scriptsincludes\sync\order-backend.php:33

actionadd_meta_boxesincludes\sync\order-backend.php:54

filterbulk_actions-woocommerce_page_wc-ordersincludes\sync\order-backend.php:94

filterhandle_bulk_actions-woocommerce_page_wc-ordersincludes\sync\order-backend.php:100

actionadmin_noticesincludes\sync\order-backend.php:127

filterwoocommerce_webhook_payloadincludes\sync\order-backend.php:149

filterwoocommerce_rest_check_permissionsincludes\sync\order-backend.php:151

filterwoocommerce_webhook_should_deliverincludes\sync\order-backend.php:252

actionwoocommerce_update_orderincludes\sync\order-backend.php:321

actionwoocommerce_rest_insert_product_objectincludes\woo-functions.php:54

actionprofile_updateincludes\woo-functions.php:97

filterbulk_actions-edit-productincludes\woo-functions.php:223

filterhandle_bulk_actions-edit-productincludes\woo-functions.php:225

actionadmin_noticesincludes\woo-functions.php:269

actionadd_meta_boxesincludes\woo-functions.php:520

actionwoocommerce_product_options_pricingincludes\woo-functions.php:528

actionwoocommerce_variation_options_pricingincludes\woo-functions.php:529

filtermanage_woocommerce_page_wc-orders_columnsincludes\woo-functions.php:596

actionmanage_woocommerce_page_wc-orders_custom_columnincludes\woo-functions.php:630

actionmanage_product_posts_custom_columnincludes\woo-functions.php:651

filtermanage_edit-product_columnsincludes\woo-functions.php:677

actionrestrict_manage_postsincludes\woo-functions.php:736

actionpre_get_postsincludes\woo-functions.php:776

filteraction_scheduler_retention_periodincludes\woo-functions.php:786

filteraction_scheduler_default_cleaner_statusesincludes\woo-functions.php:788

actioninitincludes\woo-functions.php:827

filterwc_order_statusesincludes\woo-functions.php:839

Scheduled Events 10

cmbird_exact_online_sync_orders

cmbird_eo_get_payment_statuses

zcrm_refresh_token

zoho_contact_sync

cmbird_purchase_order_auto

cmbird_process_webhook_queue

zi_execute_import_sync

cmbird_common

Maintenance & Trust

CommerceBird – WooCommerce Store Management and AI Platform Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedApr 14, 2026

PHP min version8.2

Downloads5K

Community Trust

Rating100/100

Number of ratings2

Active installs100

Alternatives

CommerceBird – WooCommerce Store Management and AI Platform Alternatives

Royal MCP

royal-mcp

The security-first MCP server for WordPress. Connect Claude, ChatGPT, and Gemini with API key auth, rate limiting, and activity logging.

500 1 CVE

AcyMailing integration for WooCommerce

acymailing-integration-for-woocommerce

100

Add products from WooCommerce to your emails. Execute action when a user buys a product. Track your incomes from a campaign.

400 No CVEs

Integration for WooCommerce and MailChimp

woo-mailchimp-crm-perks

100

WooCommerce MailChimp Plugin allows you to quickly integrate WooCommerce with MailChimp lists and eCommerce features.

200 No CVEs

Zoho ZeptoMail for WooCommerce

zeptomail-woocommerce

100

ZeptoMail Plugin lets you configure your ZeptoMail account on your wordpress site enabling you to send transactional emails of your site via ZeptoMail …

200 No CVEs

EO4WP: EmailOctopus for WordPress

fw-integration-for-emailoctopus

Increase the subscribers for your website by using EmailOctopus and this professional integration plugin for WordPress, Elementor and WooCommerce.

100 2 CVEs

Developer Profile

CommerceBird – WooCommerce Store Management and AI Platform Developer Profile

CommerceBird

1 plugin · 100 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect CommerceBird – WooCommerce Store Management and AI Platform

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/commercebird/assets/js/commercebird.js/wp-content/plugins/commercebird/assets/css/commercebird.css

Script Paths

/wp-content/plugins/commercebird/assets/js/commercebird.js

Version Parameters

commercebird/assets/js/commercebird.js?ver=commercebird/assets/css/commercebird.css?ver=

HTML / DOM Fingerprints

CSS Classes

commercebird-dashboardcb-dashboard-wrapper

HTML Comments

Data Attributes

data-commercebird-actiondata-commercebird-id

JS Globals

commercebird_ajax_object

REST Endpoints

/wp-json/commercebird/v1/webhooks/product/wp-json/commercebird/v1/webhooks/shipping/wp-json/commercebird/v1/webhooks/order/wp-json/commercebird/v1/zoho/wp-json/commercebird/v1/exact/wp-json/commercebird/v1/purchase_order

FAQ