Does Custom Fields Account Registration For Woocommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in Custom Fields Account Registration For Woocommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Custom Fields Account Registration For Woocommerce compatible with WordPress 6.9.4?

According to WordPress.org data, Custom Fields Account Registration For Woocommerce 1.3 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Custom Fields Account Registration For Woocommerce Security & Risk Analysis

wordpress.org/plugins/custom-fields-account-registration-for-woocommerce

Custom Fields Account Registration For Woocommerce allow to build add fields in account pages.

800 active installs v1.3 PHP + WP + Updated Jan 31, 2026

custom-field-registration-woocommercewoocommerce

A · Safe

CVEs total2

Unpatched0

Last CVENov 10, 2025

Download

Safety Verdict

Is Custom Fields Account Registration For Woocommerce Safe to Use in 2026?

Generally Safe

Score 96/100

Custom Fields Account Registration For Woocommerce has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Nov 10, 2025Updated 2mo ago

Risk Assessment

The plugin 'custom-fields-account-registration-for-woocommerce' v1.3 exhibits a generally strong security posture based on the provided static analysis. The plugin demonstrates good practices by implementing proper nonce and capability checks for all identified AJAX entry points, indicating an effort to prevent unauthorized actions. Furthermore, all SQL queries utilize prepared statements, and the vast majority of output is properly escaped, significantly mitigating risks related to SQL injection and cross-site scripting. The absence of dangerous functions, file operations, and external HTTP requests further strengthens its defensive capabilities.

However, the vulnerability history presents a significant concern. The plugin has a record of two known CVEs, including a high-severity vulnerability (likely Improper Privilege Management or CSRF, given the historical types). While these appear to be patched, the existence of past vulnerabilities, especially those of higher severity, suggests potential recurring weaknesses in secure coding practices or a history of oversight. The fact that the last vulnerability was in 2025 and is listed as 'currently unpatched' in the provided data is also a serious red flag, implying a potential for undiscovered or recently introduced vulnerabilities.

In conclusion, while the current code analysis suggests a well-hardened plugin with robust entry point protection and data handling, the historical vulnerability data cannot be ignored. The past high-severity issues and the reported unpatched vulnerability indicate a need for continued vigilance and potentially a deeper review of its historical remediation efforts and ongoing maintenance.

Key Concerns

Past high-severity vulnerabilities
Currently unpatched vulnerability (historical data)
Bundled outdated library (Select2)

Vulnerabilities

Custom Fields Account Registration For Woocommerce Security Vulnerabilities

CVEs by Year

2 CVEs in 2025

2025

Patched Has unpatched

Severity Breakdown

High

Medium

2 total CVEs

CVE-2025-49379high · 8.8Improper Privilege Management

Custom Fields Account Registration For Woocommerce <= 1.2 - Authenticated (Author+) Privilege Escalation

Nov 10, 2025 Patched in 1.3 (40d)

CVE-2025-30888medium · 4.3Cross-Site Request Forgery (CSRF)

Custom Fields Account Registration For Woocommerce <= 1.1 - Cross-Site Request Forgery

Mar 27, 2025 Patched in 1.2 (7d)

Code Analysis

Analyzed Mar 16, 2026

Custom Fields Account Registration For Woocommerce Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

588 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Select2

Output Escaping

98% escaped597 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

CFAFWR_registration_form_field (main\frontend\cfafwr_registration_form_field.php:2)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Custom Fields Account Registration For Woocommerce Attack Surface

Entry Points4

Unprotected0

AJAX Handlers 4

authwp_ajax_cfafwr_filed_sortablemain\backend\cfafwr_backend.php:195

noprivwp_ajax_cfafwr_filed_sortablemain\backend\cfafwr_backend.php:196

noprivwp_ajax_cfafwr_multiselect_ajaxmain\frontend\cfafwr_frontend.php:730

authwp_ajax_cfafwr_multiselect_ajaxmain\frontend\cfafwr_frontend.php:731

WordPress Hooks 36

filterplugin_row_metacustom_fields_registration_main.php:47

actionafter_switch_themecustom_fields_registration_main.php:58

actionadd_meta_boxesmain\backend\cfafwr_admin_metabox.php:391

actionsave_postmain\backend\cfafwr_admin_metabox.php:392

actionadd_meta_boxesmain\backend\cfafwr_backend.php:27

actionsave_postmain\backend\cfafwr_backend.php:58

actionadmin_noticesmain\backend\cfafwr_backend.php:71

actioninitmain\backend\cfafwr_backend.php:194

filterpost_updated_messagesmain\backend\cfafwr_backend.php:197

actionuser_edit_form_tagmain\backend\cfafwr_backend.php:198

filtermanage_wporg_custom_field_posts_columnsmain\backend\cfafwr_backend.php:199

actionmanage_wporg_custom_field_posts_custom_columnmain\backend\cfafwr_backend.php:200

actioninitmain\backend\cfafwr_comman.php:2

actionadmin_menumain\backend\cfafwr_settings.php:225

actionedit_user_profilemain\backend\cfafwr_user_profile_fields.php:352

actionshow_user_profilemain\backend\cfafwr_user_profile_fields.php:353

actionpersonal_options_updatemain\backend\cfafwr_user_profile_fields.php:354

actionedit_user_profile_updatemain\backend\cfafwr_user_profile_fields.php:355

actioninitmain\frontend\cfafwr_frontend.php:711

actioninitmain\frontend\cfafwr_frontend.php:712

actionwoocommerce_register_form_startmain\frontend\cfafwr_frontend.php:717

actionwoocommerce_register_formmain\frontend\cfafwr_frontend.php:719

actionwoocommerce_register_postmain\frontend\cfafwr_frontend.php:721

actionwoocommerce_created_customermain\frontend\cfafwr_frontend.php:722

actionuser_registermain\frontend\cfafwr_frontend.php:723

actionwoocommerce_register_form_tagmain\frontend\cfafwr_frontend.php:724

filtergettextmain\frontend\cfafwr_frontend.php:725

filterquery_varsmain\frontend\cfafwr_frontend.php:726

filterwoocommerce_account_menu_itemsmain\frontend\cfafwr_frontend.php:727

actionwoocommerce_account_oc-custom-fields_endpointmain\frontend\cfafwr_frontend.php:728

filterwoocommerce_billing_fieldsmain\frontend\cfafwr_registration_form_field.php:307

filterwoocommerce_shipping_fieldsmain\frontend\cfafwr_registration_form_field.php:308

actionplugins_loadedmain\resource\cfafwr-language.php:2

filterload_textdomain_mofilemain\resource\cfafwr-language.php:8

actionadmin_enqueue_scriptsmain\resource\cfafwr-load-js-css.php:2

actionwp_enqueue_scriptsmain\resource\cfafwr-load-js-css.php:31

Maintenance & Trust

Custom Fields Account Registration For Woocommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 31, 2026

PHP min version

Downloads10K

Community Trust

Rating84/100

Number of ratings5

Active installs800

Alternatives

Custom Fields Account Registration For Woocommerce Alternatives

Essential Addons for Elementor – Popular Elementor Templates & Widgets

essential-addons-for-elementor-lite

Elementor addon offering 110+ widgets and templates — Elementor Gallery, Slider, Form, Post Grid, Menu, Accordion, WooCommerce & more.

2.0M 56 CVEs

Google for WooCommerce

google-listings-and-ads

Native integration with Google that allows merchants to easily display their products across Google’s network.

900K 1 CVE

WooPayments: Integrated WooCommerce Payments

woocommerce-payments

Securely accept credit and debit cards on your WooCommerce store. Manage payments without leaving your WordPress dashboard. Only with WooPayments.

900K 7 CVEs

WooCommerce PayPal Payments

woocommerce-paypal-payments

100

PayPal's latest payment processing solution. Accept PayPal, Pay Later, credit/debit cards, alternative digital wallets and bank accounts.

800K 1 CVE

Click to Chat – HoliThemes

click-to-chat-for-whatsapp

WhatsApp Chat🔥. Let's make your Web page visitors contact you through 'WhatsApp', 'WhatsApp Business'. Add matching Widget✅

700K 3 CVEs

Developer Profile

Custom Fields Account Registration For Woocommerce Developer Profile

silverplugins217

21 plugins · 12K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

10 days

View full developer profile

Detection Fingerprints

How We Detect Custom Fields Account Registration For Woocommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/custom-fields-account-registration-for-woocommerce/assets/css/cfafwr_backend_css.css/wp-content/plugins/custom-fields-account-registration-for-woocommerce/assets/js/cfafwr_backend_js.js/wp-content/plugins/custom-fields-account-registration-for-woocommerce/assets/images/remove_icon.png/wp-content/plugins/custom-fields-account-registration-for-woocommerce/assets/css/cfafwr_frontend_css.css/wp-content/plugins/custom-fields-account-registration-for-woocommerce/assets/js/cfafwr_front_js.js/wp-content/plugins/custom-fields-account-registration-for-woocommerce/assets/css/cfafwr_color_spectrum.css/wp-content/plugins/custom-fields-account-registration-for-woocommerce/assets/js/cfafwr_color_spectrum.js/wp-content/plugins/custom-fields-account-registration-for-woocommerce/assets/css/select2.css

Version Parameters

cfafwr-backend-css?ver=1.1cfafwr-backend-js?ver=1.0cfafwr-frontend-css?ver=1.0cfafwr-frontend-js?ver=1.0cfafwr_color_spectrum.css?ver=1.0cfafwr_color_spectrum.js?ver=1.0select2.css?ver=1.0.0

HTML / DOM Fingerprints

CSS Classes

cfafwr_description

Data Attributes

custom_field_checkboxcustom_register_field_type

JS Globals

ajax_postajaxremove_icon

FAQ