WP-Safety

Conditional Add to Cart for WooCommerce Security & Risk Analysis

wordpress.org/plugins/conditional-add-to-cart

Hide, disable, or replace the WooCommerce Add to Cart button using conditional rules based on user role, cart total, country, and more.

700 active installs v1.0.0 PHP 7.2+ WP 5.0+ Updated Apr 4, 2026
add-to-cartb2bconditional-logicproduct-ruleswoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Conditional Add to Cart for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Conditional Add to Cart for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The "conditional-add-to-cart" plugin v0.2.5 exhibits a generally strong security posture based on the provided static analysis and vulnerability history. The absence of critical or high-severity vulnerabilities in its history, along with the plugin's adherence to using prepared statements for SQL queries and the presence of nonce checks on all AJAX handlers, are positive indicators. The plugin also avoids file operations and external HTTP requests, further reducing potential attack vectors.

However, a notable concern arises from the low percentage of properly escaped output (7%). This suggests that a significant portion of user-provided or dynamic data displayed by the plugin might not be sufficiently sanitized, potentially leading to Cross-Site Scripting (XSS) vulnerabilities if the inputs feeding these outputs are not strictly controlled or validated elsewhere. Additionally, while there are no recorded vulnerabilities, the lack of capability checks on AJAX handlers, combined with the presence of AJAX entry points, could present a risk if the functionality of these handlers, when combined with unsanitized output, were to be exploited.

In conclusion, the plugin has implemented several good security practices, particularly in data handling and authentication mechanisms for AJAX. The primary weakness lies in output sanitization, which requires immediate attention. The historical absence of vulnerabilities is a positive sign, but it doesn't negate the potential risks identified in the static analysis, especially concerning XSS.

Key Concerns

  • Low percentage of properly escaped output
  • No capability checks on AJAX handlers
Vulnerabilities
None known

Conditional Add to Cart for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Conditional Add to Cart for WooCommerce Release Timeline

v1.0.0Current
v0.2.5
v0.2.4
v0.2.3
v0.2.2
v0.2.1
v0.2.0
v0.1.1
v0.1.0
Code Analysis
Analyzed Mar 16, 2026

Conditional Add to Cart for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
1 prepared
Unescaped Output
41
3 escaped
Nonce Checks
4
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
1

Bundled Libraries

Select2

SQL Query Safety

100% prepared1 total queries

Output Escaping

7% escaped44 total outputs
Attack Surface

Conditional Add to Cart for WooCommerce Attack Surface

Entry Points4
Unprotected0

AJAX Handlers 4

authwp_ajax_conditions/searchOptionsincludes\Admin.php:51
authwp_ajax_conditions/addConditionincludes\Admin.php:52
authwp_ajax_conditions/changeConditionincludes\Admin.php:53
authwp_ajax_conditions/addConditionGroupincludes\Admin.php:54
WordPress Hooks 12
actionbefore_woocommerce_initconditional-add-to-cart.php:20
actionplugins_loadedconditional-add-to-cart.php:32
actionadmin_menuincludes\Admin.php:45
actionadmin_initincludes\Admin.php:46
actionadmin_enqueue_scriptsincludes\Admin.php:47
filterpre_update_option_catc_settingsincludes\Admin.php:49
actionwoocommerce_before_shop_loop_itemincludes\Front.php:84
actionwpincludes\Front.php:86
actiontemplate_redirectincludes\Front.php:87
filtercatc_bufferincludes\Front.php:88
filterwoocommerce_product_single_add_to_cart_textincludes\Front.php:251
filterwoocommerce_product_add_to_cart_textincludes\Front.php:253
Maintenance & Trust

Conditional Add to Cart for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedApr 4, 2026
PHP min version7.2
Downloads13K

Community Trust

Rating94/100
Number of ratings7
Active installs700
Alternatives

Conditional Add to Cart for WooCommerce Alternatives

Hide price and add to cart Lite

Hide price and add to cart Lite

hide-price-and-add-to-cart-for-woocommerce

A
100

Hide Price and Add to Cart Lite for WooCommerce allows you to hide product prices and the Add to Cart button using flexible rule-based control.

60 No CVEs
Hide Price for WooCommerce – CodeAtoZ

Hide Price for WooCommerce – CodeAtoZ

codeatoz-hide-price-for-stores

A
100

CodeAtoZ – Hide Price for Stores gives WooCommerce store owners complete control over product price visibility.

0 No CVEs
Wholesale Suite – B2B, Dynamic Pricing & WooCommerce Wholesale Prices

Wholesale Suite – B2B, Dynamic Pricing & WooCommerce Wholesale Prices

woocommerce-wholesale-prices

A
89

WooCommerce wholesale plugin for serving wholesale & B2B customers. Adds wholesale pricing, user roles, dynamic pricing & more.

20K 6 CVEs
Add to Cart Button Custom Text

Add to Cart Button Custom Text

add-to-cart-button-custom-text

A
100

Allows to customize the Add to cart button text in WooCommerce by product type in both archive and single product pages.

10K No CVEs
B2BKing — Ultimate WooCommerce B2B and Wholesale Plugin — Wholesale Prices, Bulk Order Form & More

B2BKing — Ultimate WooCommerce B2B and Wholesale Plugin — Wholesale Prices, Bulk Order Form & More

b2bking-wholesale-for-woocommerce

A
99

B2BKing is the complete solution for running a Wholesale, B2B or B2B + B2C hybrid store with WooCommerce.

10K 2 CVEs
Developer Profile

Conditional Add to Cart for WooCommerce Developer Profile

Nabil Lemsieh

4 plugins · 30K total installs

85
trust score
Avg Security Score
95/100
Avg Patch Time
61 days
View full developer profile
Detection Fingerprints

How We Detect Conditional Add to Cart for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/conditional-add-to-cart/assets/css/main.css/wp-content/plugins/conditional-add-to-cart/assets/css/select2.min.css/wp-content/plugins/conditional-add-to-cart/assets/js/main.js/wp-content/plugins/conditional-add-to-cart/assets/js/select2.min.js
Script Paths
/wp-content/plugins/conditional-add-to-cart/assets/js/select2.min.js/wp-content/plugins/conditional-add-to-cart/assets/js/main.js
Version Parameters
conditional-add-to-cart/assets/js/main.js?ver=conditional-add-to-cart/assets/css/main.css?ver=conditional-add-to-cart/assets/js/select2.min.js?ver=conditional-add-to-cart/assets/css/select2.min.css?ver=

HTML / DOM Fingerprints

CSS Classes
catc-enablecatcAddConditionGroupcatc-spinner
Data Attributes
name="catc_settings[enable]"name="catc_settings[conditions]"id="catc-enable"id="catc-conditions"catcAddConditionGroup
JS Globals
catc_ajax
REST Endpoints
/wp-json/conditions/searchOptions/wp-json/conditions/addCondition/wp-json/conditions/changeCondition/wp-json/conditions/addConditionGroup
FAQ

Frequently Asked Questions about Conditional Add to Cart for WooCommerce