Does Currency Switcher for WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in Currency Switcher for WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Currency Switcher for WooCommerce compatible with WordPress 6.7.5?

According to WordPress.org data, Currency Switcher for WooCommerce 0.0.8 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is Currency Switcher for WooCommerce compatible with PHP 7.0+?

Currency Switcher for WooCommerce requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Currency Switcher for WooCommerce updated?

Currency Switcher for WooCommerce was last updated on Mar 12, 2025. Frequent updates are generally a positive security signal.

What is Currency Switcher for WooCommerce's security score?

Currency Switcher for WooCommerce has a WP-Safety security score of 91/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Currency Switcher for WooCommerce Security & Risk Analysis

wordpress.org/plugins/currency-switcher-for-woocommerce

Currency Switcher for WooCommerce is a WordPress plugin that allows to switch product prices and get their rates converted in the real time!

900 active installs v0.0.8 PHP 7.0+ WP 5.1+ Updated Mar 12, 2025

convertercurrencycurrency-convertercurrency-switcherswitcher

A · Safe

CVEs total1

Unpatched0

Last CVEMar 27, 2025

Plugin page Download

Safety Verdict

Is Currency Switcher for WooCommerce Safe to Use in 2026?

Generally Safe

Score 91/100

Currency Switcher for WooCommerce has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Mar 27, 2025Updated 1yr ago

Risk Assessment

The "currency-switcher-for-woocommerce" plugin v0.0.8 exhibits a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all SQL queries and has a high percentage of properly escaped output. The absence of dangerous functions, file operations, and critical/high severity taint flows are also reassuring signs. However, significant concerns arise from the plugin's attack surface, particularly the high number of unprotected AJAX handlers. This presents a substantial risk as these entry points could potentially be exploited by unauthenticated users.

The vulnerability history shows one known medium severity CVE, which, while currently patched, indicates a past susceptibility. The common vulnerability type being Cross-Site Request Forgery (CSRF) further highlights potential weaknesses in how user actions are validated. While no current unpatched vulnerabilities exist, the past incident combined with the numerous unprotected AJAX handlers warrants careful attention. The plugin has strengths in its data handling but weaknesses in its access control mechanisms, leading to an overall moderate risk profile that leans towards caution due to the numerous unprotected entry points.

Key Concerns

High number of unprotected AJAX handlers
Medium severity CVE history
One known CVE
High number of unprotected entry points
Unsanitized paths in taint analysis

Vulnerabilities

Currency Switcher for WooCommerce Security Vulnerabilities

CVEs by Year

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-30857medium · 4.3Cross-Site Request Forgery (CSRF)

Currency Switcher for WooCommerce <= 0.0.7 - Cross-Site Request Forgery

Mar 27, 2025 Patched in 0.0.8 (7d)

Code Analysis

Analyzed Mar 16, 2026

Currency Switcher for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

1 prepared

Unescaped Output

154 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared1 total queries

Output Escaping

85% escaped182 total outputs

Data Flows

6 unsanitized

Data Flow Analysis

7 flows6 with unsanitized paths

setup_admin_order_switcher (includes\class-pmcs-ajax.php:28)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

7 unprotected

Currency Switcher for WooCommerce Attack Surface

Entry Points9

Unprotected7

AJAX Handlers 8

authwp_ajax_woocommerce_remove_order_couponincludes\class-pmcs-ajax.php:5

authwp_ajax_woocommerce_add_coupon_discountincludes\class-pmcs-ajax.php:6

authwp_ajax_woocommerce_add_order_itemincludes\class-pmcs-ajax.php:8

authwp_ajax_woocommerce_remove_order_itemincludes\class-pmcs-ajax.php:9

authwp_ajax_woocommerce_save_order_itemsincludes\class-pmcs-ajax.php:10

noprivwp_ajax_woocommerce_apply_couponincludes\class-pmcs-ajax.php:12

authwp_ajax_woocommerce_apply_couponincludes\class-pmcs-ajax.php:13

authwp_ajax_load_exchange_ratesincludes\class-pmcs-exchange-rates.php:23

Shortcodes 1

[pmcs] includes\class-pmcs-shortcode.php:5

WordPress Hooks 86

actionadmin_menuincludes\admin\class-admin.php:21

filterwoocommerce_screen_idsincludes\admin\class-admin.php:23

actionadmin_enqueue_scriptsincludes\admin\class-admin.php:24

filterwoocommerce_general_settingsincludes\admin\class-admin.php:25

actionwoocommerce_admin_field_currency_listincludes\admin\fields\currency-list.php:10

actionadmin_footerincludes\admin\fields\currency-list.php:11

actionwoocommerce_admin_settings_sanitize_optionincludes\admin\fields\currency-list.php:12

actionwoocommerce_admin_field_pmcs_custom_selectincludes\admin\fields\custom-select.php:4

actionwoocommerce_admin_field_geoip_rulersincludes\admin\fields\geoip-rulers.php:6

actionwoocommerce_admin_settings_sanitize_optionincludes\admin\fields\geoip-rulers.php:7

actionwoocommerce_admin_field_pmcs_custom_htmlincludes\admin\fields\html.php:4

filterwoocommerce_order_get_currencyincludes\class-pmcs-ajax.php:44

filterwoocommerce_coupon_get_amountincludes\class-pmcs-ajax.php:85

filterwoocommerce_coupon_get_amountincludes\class-pmcs-ajax.php:100

actioninitincludes\class-pmcs-crons.php:21

actionadmin_initincludes\class-pmcs-crons.php:22

filtercron_schedulesincludes\class-pmcs-crons.php:23

actionpmcs_cron_updateincludes\class-pmcs-crons.php:61

actioninitincludes\class-pmcs-plugin.php:130

actionwidgets_initincludes\class-pmcs-plugin.php:158

actionwp_enqueue_scriptsincludes\class-pmcs-plugin.php:160

filterwoocommerce_reports_get_order_report_data_argsincludes\class-pmcs-report.php:33

filterwoocommerce_reports_get_order_report_queryincludes\class-pmcs-report.php:34

actionwc_reports_tabsincludes\class-pmcs-report.php:35

filterwc_price_argsincludes\class-pmcs-report.php:37

actionwoocommerce_after_dashboard_status_widgetincludes\class-pmcs-report.php:38

filterwc_price_argsincludes\class-pmcs-report.php:66

actionload-index.phpincludes\class-pmcs-report.php:139

actionload-woocommerce_page_wc-reportsincludes\class-pmcs-report.php:140

actionwpincludes\class-pmcs-switcher.php:126

actionwp_footerincludes\class-pmcs-switcher.php:128

filterwp_nav_menu_itemsincludes\class-pmcs-switcher.php:204

filterwoocommerce_cart_fragment_nameincludes\class-pmcs-switcher.php:207

filterwoocommerce_ajax_get_endpointincludes\class-pmcs-switcher.php:208

actionwoocommerce_before_checkout_processincludes\class-pmcs-switcher.php:213

actionwoocommerce_checkout_order_processedincludes\class-pmcs-switcher.php:218

actionwoocommerce_before_pay_actionincludes\class-pmcs-switcher.php:223

filterwoocommerce_order_item_get_subtotalincludes\class-pmcs-switcher.php:520

filterwoocommerce_order_item_get_subtotal_taxincludes\class-pmcs-switcher.php:521

filterwoocommerce_order_item_get_totalincludes\class-pmcs-switcher.php:522

filterwoocommerce_order_item_get_total_taxincludes\class-pmcs-switcher.php:523

filterwoocommerce_product_get_priceincludes\class-pmcs-switcher.php:546

filterwoocommerce_product_get_sale_priceincludes\class-pmcs-switcher.php:547

filterwoocommerce_product_get_regular_priceincludes\class-pmcs-switcher.php:548

filterwoocommerce_product_variation_get_priceincludes\class-pmcs-switcher.php:551

filterwoocommerce_product_variation_get_sale_priceincludes\class-pmcs-switcher.php:552

filterwoocommerce_product_variation_get_regular_priceincludes\class-pmcs-switcher.php:553

filterwoocommerce_variation_prices_priceincludes\class-pmcs-switcher.php:555

filterwoocommerce_variation_prices_regular_priceincludes\class-pmcs-switcher.php:556

filterwoocommerce_variation_prices_sale_priceincludes\class-pmcs-switcher.php:557

filterwoocommerce_get_variation_prices_hashincludes\class-pmcs-switcher.php:559

filterwoocommerce_shipping_rate_costincludes\class-pmcs-switcher.php:562

filterwoocommerce_shipping_rate_costincludes\class-pmcs-switcher.php:563

filterwoocommerce_order_get_cart_taxincludes\class-pmcs-switcher.php:569

filterwoocommerce_order_get_shipping_totalincludes\class-pmcs-switcher.php:570

filterwoocommerce_order_get_shipping_taxincludes\class-pmcs-switcher.php:571

filterwoocommerce_order_get_totalincludes\class-pmcs-switcher.php:572

filterwoocommerce_order_get_total_taxincludes\class-pmcs-switcher.php:573

filterwoocommerce_order_get_total_discountincludes\class-pmcs-switcher.php:574

filterwoocommerce_order_get_subtotalincludes\class-pmcs-switcher.php:575

filterwoocommerce_order_get_tax_totalsincludes\class-pmcs-switcher.php:576

filterwoocommerce_order_get_discountincludes\class-pmcs-switcher.php:577

filterwoocommerce_order_get_discountincludes\class-pmcs-switcher.php:578

filterwoocommerce_order_get_discount_taxincludes\class-pmcs-switcher.php:579

filterwoocommerce_coupon_get_amountincludes\class-pmcs-switcher.php:582

filterwoocommerce_fee_get_amountincludes\class-pmcs-switcher.php:585

filterwoocommerce_fee_get_totalincludes\class-pmcs-switcher.php:586

filterwoocommerce_fee_get_total_taxincludes\class-pmcs-switcher.php:587

filterwoocommerce_currencyincludes\class-pmcs-switcher.php:590

filterwc_price_argsincludes\class-pmcs-switcher.php:593

actionwoocommerce_coupon_optionsincludes\metabox\coupon-meta.php:3

actionwoocommerce_process_shop_coupon_metaincludes\metabox\coupon-meta.php:28

filterwoocommerce_order_item_display_meta_keyincludes\metabox\order-item-meta.php:14

filterwoocommerce_order_item_display_meta_valueincludes\metabox\order-item-meta.php:15

actionwoocommerce_admin_order_totals_after_discountincludes\metabox\order-item-meta.php:18

actionwoocommerce_admin_order_totals_after_shippingincludes\metabox\order-item-meta.php:19

actionload-post.phpincludes\metabox\order-metabox.php:11

actionload-post-new.phpincludes\metabox\order-metabox.php:12

actionadd_meta_boxesincludes\metabox\order-metabox.php:26

actionsave_postincludes\metabox\order-metabox.php:27

actionwoocommerce_product_options_pricingincludes\metabox\product-pricing-meta.php:3

actionwoocommerce_process_product_metaincludes\metabox\product-pricing-meta.php:44

actionwoocommerce_variation_options_pricingincludes\metabox\product-pricing-meta.php:60

actionwoocommerce_save_product_variationincludes\metabox\product-pricing-meta.php:94

actionwoocommerce_loadedpmcs.php:72

actionactivated_pluginpmcs.php:84

Maintenance & Trust

Currency Switcher for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedMar 12, 2025

PHP min version7.0

Downloads10K

Community Trust

Rating0/100

Number of ratings0

Active installs900

Alternatives

Currency Switcher for WooCommerce Alternatives

YayCurrency – WooCommerce Multi-Currency Switcher

yaycurrency

WooCommerce Multi-Currency made easy, powerful, and flexible.

8K 2 CVEs

Currency Switcher for WooCommerce by WBW

woo-currency

100

WBW Currency Switcher for WooCommerce allows customers to switch products prices to any currencies. Get rates converted in the real-time with dynamic …

4K 1 CVE