WP-Safety

COMPE – WooCommerce Compare Products Security & Risk Analysis

wordpress.org/plugins/compe-woo-compare-products

Make it easy for shoppers by letting them create versatile comparison tables, easily add products and factors in a comparison popup or dedicated page

50 active installs v1.1.5 PHP 7.0+ WP 5.0+ Updated Mar 23, 2026
ecommercewoocommercewoocommerce-comparewoocommerce-compare-productswoocommerce-compare-products-plugin
99
A · Safe
CVEs total1
Unpatched0
Last CVEMar 14, 2026
Plugin page Download
Safety Verdict

Is COMPE – WooCommerce Compare Products Safe to Use in 2026?

Generally Safe

Score 99/100

COMPE – WooCommerce Compare Products has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

1 known CVELast CVE: Mar 14, 2026Updated 1mo ago
Risk Assessment

The "compe-woo-compare-products" v1.1.5 plugin exhibits a strong security posture based on the provided static analysis. A significant strength is the complete absence of dangerous functions, unsanitized taint flows, and raw SQL queries. All SQL queries utilize prepared statements, and all identified output is properly escaped, which effectively mitigates common injection and XSS vulnerabilities. The plugin also demonstrates good security practices with robust nonce and capability checks across all its identified entry points (AJAX handlers and shortcodes), leaving no entry points unprotected. The lack of any recorded vulnerabilities in its history further reinforces this positive assessment.

While the overall security is excellent, there are minor areas that could be considered for improvement. The plugin makes two external HTTP requests, which, though not inherently insecure, introduce an external dependency that could be a vector for future issues if not carefully managed. The presence of a bundled library (Select2) is noted; while not flagged as outdated or vulnerable in this analysis, keeping bundled libraries up-to-date is a general security best practice to prevent exploitation of known vulnerabilities in those libraries.

In conclusion, "compe-woo-compare-products" v1.1.5 appears to be a very secure plugin, with its developers employing good coding practices to prevent common web vulnerabilities. The minimal points for consideration are related to external dependencies and library maintenance, rather than inherent flaws in the plugin's own code. Its clean history and strong static analysis results suggest a low risk of exploitation.

Key Concerns

  • External HTTP requests present
  • Bundled library (Select2)
Vulnerabilities
1 published

COMPE – WooCommerce Compare Products Security Vulnerabilities

CVEs by Year

1 CVE in 2026
2026
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2026-40737medium · 5.3Authorization Bypass Through User-Controlled Key

COMPE <= 1.1.4 - Unauthenticated Insecure Direct Object Reference

Mar 14, 2026 Patched in 1.1.5 (60d)
Version History

COMPE – WooCommerce Compare Products Release Timeline

No version history available.
Code Analysis
Analyzed Apr 16, 2026

COMPE – WooCommerce Compare Products Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
3 prepared
Unescaped Output
3
1076 escaped
Nonce Checks
16
Capability Checks
6
File Operations
0
External Requests
2
Bundled Libraries
1

Bundled Libraries

Select2

SQL Query Safety

100% prepared3 total queries

Output Escaping

100% escaped1079 total outputs
Data Flows · Security
All sanitized

Data Flow Analysis

4 flows
wpc_search_widget (admin/widget.php:135)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

COMPE – WooCommerce Compare Products Attack Surface

Entry Points16
Unprotected0

AJAX Handlers 13

authwp_ajax_wpc_search_pageadmin/settings.php:21
authwp_ajax_wpc_load_widgetadmin/widget.php:31
noprivwp_ajax_wpc_load_widgetadmin/widget.php:32
authwp_ajax_wpc_search_widgetadmin/widget.php:34
noprivwp_ajax_wpc_search_widgetadmin/widget.php:35
authwp_ajax_wpc_load_compare_barfrontend/frontend.php:31
noprivwp_ajax_wpc_load_compare_barfrontend/frontend.php:32
authwp_ajax_wpc_load_compare_tablefrontend/frontend.php:34
noprivwp_ajax_wpc_load_compare_tablefrontend/frontend.php:35
authwp_ajax_wpc_load_data_jsonfrontend/frontend.php:37
noprivwp_ajax_wpc_load_data_jsonfrontend/frontend.php:38
authwp_ajax_wpc_variation_cartfrontend/frontend.php:41
noprivwp_ajax_wpc_variation_cartfrontend/frontend.php:42

Shortcodes 3

[wpc_sc_archive] frontend/frontend.php:26
[wpc_sc_single] frontend/frontend.php:27
[wpc_page_compare] frontend/frontend.php:28
WordPress Hooks 47
filterplugin_action_links_compe-woo-compare-products/compe-woo-compare-products.phpadmin/admin.php:17
actioninitadmin/admin.php:24
actioncustomize_registeradmin/design.php:19
actionwp_print_stylesadmin/design.php:20
actioncustomize_preview_initadmin/design.php:21
actioncustomize_controls_print_scriptsadmin/design.php:22
actionwp_enqueue_scriptsadmin/design.php:23
actioncustomize_controls_enqueue_scriptsadmin/design.php:24
actionwoocommerce_single_product_summaryadmin/design.php:495
actionwoocommerce_single_product_summaryadmin/design.php:498
actionwoocommerce_single_product_summaryadmin/design.php:501
actionwoocommerce_single_product_summaryadmin/design.php:504
actionwoocommerce_before_shop_loop_itemadmin/design.php:510
actionwoocommerce_before_shop_loop_itemadmin/design.php:513
actionwoocommerce_shop_loop_item_titleadmin/design.php:516
actionwoocommerce_after_shop_loop_item_titleadmin/design.php:519
actionwoocommerce_after_shop_loop_item_titleadmin/design.php:522
actionwoocommerce_after_shop_loop_itemadmin/design.php:525
actionwoocommerce_after_shop_loop_itemadmin/design.php:528
actionadmin_menuadmin/settings.php:18
actionadmin_enqueue_scriptsadmin/settings.php:19
actionadmin_initadmin/settings.php:20
actionwidgets_initadmin/widget.php:17
actionplugins_loadedcompe-woo-compare-products.php:35
actionbefore_woocommerce_initcompe-woo-compare-products.php:38
actioninitfrontend/frontend.php:21
actionwp_footerfrontend/frontend.php:22
actionwp_enqueue_scriptsfrontend/frontend.php:23
actionwoocommerce_before_shop_loop_itemfrontend/frontend.php:879
actionwoocommerce_shop_loop_item_titlefrontend/frontend.php:882
actionwoocommerce_after_shop_loop_item_titlefrontend/frontend.php:885
actionwoocommerce_after_shop_loop_item_titlefrontend/frontend.php:888
actionwoocommerce_after_shop_loop_itemfrontend/frontend.php:894
actionwoocommerce_after_shop_loop_itemfrontend/frontend.php:897
actionwoocommerce_single_product_summaryfrontend/frontend.php:903
actionelementor/widgets/widgets_registeredincludes/elementor/elementor.php:10
actionadmin_enqueue_scriptsincludes/support.php:32
actionadmin_noticesincludes/support.php:33
actionadmin_initincludes/support.php:34
actionadmin_menuincludes/support.php:35
filterplugin_row_metaincludes/support.php:37
actionadmin_initincludes/support.php:39
actionadmin_bar_menuincludes/support.php:41
actionadmin_noticesincludes/support.php:55
actionadmin_footerincludes/support.php:672
actionadmin_bar_menuincludes/support.php:810
actionadmin_noticesincludes/support.php:956
Maintenance & Trust

COMPE – WooCommerce Compare Products Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 23, 2026
PHP min version7.0
Downloads4K

Community Trust

Rating100/100
Number of ratings2
Active installs50
Alternatives

COMPE – WooCommerce Compare Products Alternatives

Compare Products for WooCommerce

Compare Products for WooCommerce

woocommerce-compare-products

A
95

Add a World Class Compare Products Feature to your WooCommerce store today with the Compare Products for WooCommerce plugin.

20 4 CVEs
WooCommerce PayPal Payments

WooCommerce PayPal Payments

woocommerce-paypal-payments

A
100

PayPal's latest payment processing solution. Accept PayPal, Pay Later, credit/debit cards, alternative digital wallets and bank accounts.

800K 1 CVE
Mollie Payments for WooCommerce

Mollie Payments for WooCommerce

mollie-payments-for-woocommerce

A
93

Accept all major payment methods in WooCommerce today. Credit cards, iDEAL and more! Fast, safe and intuitive.

100K 4 CVEs
TI WooCommerce Wishlist

TI WooCommerce Wishlist

ti-woocommerce-wishlist

B
77

Boost your sales with a free WooCommerce Wishlist feature. Let your customers save and share their favorite products!

100K 9 CVEs
Mercado Pago payments for WooCommerce

Mercado Pago payments for WooCommerce

woocommerce-mercadopago

A
95

Offer to your clients the best experience in e-Commerce by using Mercado Pago as your payment method.

100K 4 CVEs
Developer Profile

COMPE – WooCommerce Compare Products Developer Profile

VillaTheme

59 plugins · 166K total installs

78
trust score
Avg Security Score
99/100
Avg Patch Time
205 days
View full developer profile
Detection Fingerprints

How We Detect COMPE – WooCommerce Compare Products

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/compe-woo-compare-products/includes/css/wpc-customizer.css/wp-content/plugins/compe-woo-compare-products/includes/css/wpc_icon_compare.css/wp-content/plugins/compe-woo-compare-products/includes/css/wpc-frontend.css
Version Parameters
compe-woo-compare-products/includes/css/wpc-customizer.css?ver=compe-woo-compare-products/includes/css/wpc_icon_compare.css?ver=compe-woo-compare-products/includes/css/wpc-frontend.css?ver=

HTML / DOM Fingerprints

CSS Classes
woo-compare-btnwoo-compare-singlewoo-compare-btn-added
Data Attributes
data-wpc-product-id
JS Globals
wpc_compare_data
Shortcode Output
[wpc_page_compare]
FAQ

Frequently Asked Questions about COMPE – WooCommerce Compare Products