Conditional WooCommerce Checkout Field Security & Risk Analysis
wordpress.org/plugins/conditional-woo-checkout-fieldDisplay a custom field at checkout in your WooCommerce store if a certain product is in the customer's cart.
Is Conditional WooCommerce Checkout Field Safe to Use in 2026?
Generally Safe
Score 92/100Conditional WooCommerce Checkout Field has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The plugin "conditional-woo-checkout-field" v1.2.4 exhibits a mixed security posture. On the positive side, it demonstrates strong practices regarding SQL queries, utilizing prepared statements exclusively, and has no recorded vulnerabilities or history of CVEs. It also avoids file operations and external HTTP requests, which are common vectors for compromise. However, significant concerns arise from its attack surface. The plugin exposes two AJAX handlers, both of which lack authentication checks. This is a critical oversight as it allows any user, including unauthenticated ones, to trigger these functions, potentially leading to unintended actions or information disclosure. Furthermore, the code analysis reveals a substantial percentage of output that is not properly escaped (35%), which could open the door to cross-site scripting (XSS) vulnerabilities if user-supplied data is reflected directly into the output.
Key Concerns
- AJAX handlers without authentication checks
- Low percentage of properly escaped output
Conditional WooCommerce Checkout Field Security Vulnerabilities
Conditional WooCommerce Checkout Field Code Analysis
Output Escaping
Conditional WooCommerce Checkout Field Attack Surface
AJAX Handlers 2
WordPress Hooks 15
Maintenance & Trust
Conditional WooCommerce Checkout Field Maintenance & Trust
Maintenance Signals
Community Trust
Conditional WooCommerce Checkout Field Alternatives
SilkyPress Input Field Block
silkypress-input-field-block
A plugin for adding input fields to the WooCommerce Checkout Block.
Product Input Fields for WooCommerce
product-input-fields-for-woocommerce
Add product addons (fields) to WooCommerce products. Personalise with various product options for WooCommerce. Create product forms for WooCommerce.
Checkout Field Editor (Checkout Manager) for WooCommerce
woo-checkout-field-editor-pro
Checkout Field Editor (Checkout Manager) for WooCommerce – The best WooCommerce checkout manager plugin to manage WooCommerce checkout fields.
Checkout Field Manager (Checkout Manager) for WooCommerce
woocommerce-checkout-manager
Checkout Field Manager (Checkout Manager) for WooCommerce is the most advanced plugin to customize checkout fields on your WooCommerce checkout page.
Flexible Checkout Fields for WooCommerce – WooCommerce Checkout Manager
flexible-checkout-fields
The best WooCommerce checkout manager. Edit, remove or add checkout fields. Customize WooCommerce checkout with this checkout field customizer.
Conditional WooCommerce Checkout Field Developer Profile
15 plugins · 13K total installs
How We Detect Conditional WooCommerce Checkout Field
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/conditional-woo-checkout-field/includes/css/cwcf-style.css/wp-content/plugins/conditional-woo-checkout-field/includes/js/help-toggle.js/wp-content/plugins/conditional-woo-checkout-field/includes/js/notice-update.js/wp-content/plugins/conditional-woo-checkout-field/includes/js/notice-review.js/wp-content/plugins/conditional-woo-checkout-field/includes/js/help-toggle.js/wp-content/plugins/conditional-woo-checkout-field/includes/js/notice-update.js/wp-content/plugins/conditional-woo-checkout-field/includes/js/notice-review.jsHTML / DOM Fingerprints
cwcfp-update-noticecwcf-review-noticecwcf_get_product_idconditional_product_in_cartcwcf_required_fieldcwcf_required_error_textcwcf_conditional_field_titlecwcf_add_email+1 more