Does Custom Price for WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in Custom Price for WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Custom Price for WooCommerce compatible with WordPress 6.9.4?

According to WordPress.org data, Custom Price for WooCommerce 1.1.23 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Custom Price for WooCommerce compatible with PHP 7.4+?

Custom Price for WooCommerce requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Custom Price for WooCommerce updated?

Custom Price for WooCommerce was last updated on Mar 7, 2026. Frequent updates are generally a positive security signal.

What is Custom Price for WooCommerce's security score?

Custom Price for WooCommerce has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Custom Price for WooCommerce Security & Risk Analysis

wordpress.org/plugins/custom-price-for-woocommerce

Name your price WooCommerce plugin. Add the custom price field for products. Let your customers decide how much they want to pay for products.

3K active installs v1.1.23 PHP 7.4+ WP 6.4+ Updated Mar 7, 2026

call-for-pricecustom-pricename-your-pricename-your-price-woocommerceprice-on-request

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Custom Price for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Custom Price for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 27d ago

Risk Assessment

The plugin "custom-price-for-woocommerce" v1.1.23 demonstrates a generally good security posture due to the absence of any known vulnerabilities and a well-managed attack surface. The static analysis indicates that all identified entry points, including the single AJAX handler, are protected with authentication checks. This is a strong indicator of responsible development practices. The plugin also performs a decent number of capability checks and nonce checks, further reinforcing its security.

However, there are several areas of concern that warrant attention. The presence of dangerous functions like `proc_open` and `shell_exec`, even if not directly exploitable in this version based on taint analysis, is a significant red flag and can introduce risks if not meticulously handled. Furthermore, only 50% of SQL queries are using prepared statements, leaving the other half susceptible to SQL injection if user input is not rigorously sanitized before being incorporated into these queries. The output escaping also falls short, with 43% of outputs not properly escaped, potentially opening the door for Cross-Site Scripting (XSS) vulnerabilities.

Given the clean vulnerability history, it suggests the developers have been proactive or fortunate. However, the code signals, particularly concerning dangerous functions and incomplete SQL preparation and output escaping, indicate potential weaknesses that could be exploited in future scenarios or in conjunction with other factors. The plugin's strengths lie in its protected entry points and nonce/capability checks, but its weaknesses in handling sensitive functions and data sanitization/escaping require careful consideration for a comprehensive security assessment.

Key Concerns

Dangerous functions detected (proc_open, shell_exec)
SQL queries not using prepared statements (50%)
Output escaping not properly handled (43%)

Vulnerabilities

None known

Custom Price for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Custom Price for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

93 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

proc_open$this->process = proc_open($this->command, static::DESCRIPTOR_SPEC, $this->pipes, $this->cwd);vendor_prefixed\monolog\monolog\src\Monolog\Handler\ProcessHandler.php:104

shell_exec$branches = shell_exec('git branch -v --no-abbrev');vendor_prefixed\monolog\monolog\src\Monolog\Processor\GitProcessor.php:60

shell_exec$result = explode(' ', trim((string) shell_exec('hg id -nb')));vendor_prefixed\monolog\monolog\src\Monolog\Processor\MercurialProcessor.php:59

SQL Query Safety

50% prepared4 total queries

Output Escaping

57% escaped163 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

processAjaxNoticeDismiss (vendor_prefixed\wpdesk\wp-notice\src\WPDesk\Notice\AjaxHandler.php:72)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Custom Price for WooCommerce Attack Surface

Entry Points1

Unprotected0

AJAX Handlers 1

authwp_ajax_wpdesk_notice_dismissvendor_prefixed\wpdesk\wp-notice\src\WPDesk\Notice\AjaxHandler.php:42

WordPress Hooks 91

actionadmin_enqueue_scriptsvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Admin\Admin.php:41

filterwoocommerce_get_price_htmlvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Admin\Admin.php:43

filterwoocommerce_product_filtersvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Admin\Admin.php:45

filterparse_queryvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Admin\Admin.php:46

actionmanage_product_posts_custom_columnvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Admin\Admin.php:48

actionwoocommerce_product_after_variable_attributesvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Admin\Product\ProductFields.php:13

actionwoocommerce_product_options_pricingvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Admin\Product\ProductFields.php:14

actionwoocommerce_variation_optionsvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Admin\Product\ProductFields.php:15

actionwoocommerce_admin_process_product_objectvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Admin\Product\SaveProductMeta.php:18

actionwoocommerce_save_product_variationvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Admin\Product\SaveProductMeta.php:19

filterwoocommerce_is_purchasablevendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Cart.php:21

filterwoocommerce_add_cart_item_datavendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Cart.php:22

filterwoocommerce_get_cart_item_from_sessionvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Cart.php:23

filterwoocommerce_cart_loaded_from_sessionvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Cart.php:24

filterwoocommerce_add_to_cart_validationvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Cart.php:25

actionwoocommerce_check_cart_itemsvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Cart.php:27

actionwoocommerce_before_calculate_totalsvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Cart.php:29

actionwoocommerce_calculate_totalsvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Cart.php:30

actionwoocommerce_after_calculate_totalsvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Cart.php:31

filterwoocommerce_add_to_cart_redirectvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Cart.php:128

filterwc_add_to_cart_message_htmlvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Cart.php:129

filtercocart_add_to_cart_validationvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Compatibility\Extensions\CoCart.php:36

filterwoocommerce_grouped_product_list_column_pricevendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Compatibility\Extensions\GroupedProducts.php:36

actionwoocommerce_grouped_add_to_cartvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Compatibility\Extensions\GroupedProducts.php:37

actionwoocommerce_grouped_add_to_cartvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Compatibility\Extensions\GroupedProducts.php:38

filterwc_cpw_field_suffixvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Compatibility\Extensions\GroupedProducts.php:39

filterwc_cpw_data_attributesvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Compatibility\Extensions\GroupedProducts.php:84

actionwc_quick_view_enqueue_scriptsvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Compatibility\Extensions\QV.php:29

filterwc_stripe_hide_payment_request_on_product_pagevendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Compatibility\Extensions\Stripe.php:22

actionwoocommerce_variable_product_sync_datavendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Compatibility\Extensions\VariableProducts.php:27

filterwcpay_payment_request_is_product_supportedvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Compatibility\Extensions\WCPay.php:25

filterwoocommerce_subscriptions_allow_switching_optionsvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Compatibility\Extensions\WCSubscriptions.php:31

filterwcs_is_product_switchablevendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Compatibility\Extensions\WCSubscriptions.php:33

filterwoocommerce_subscriptions_add_switch_query_argsvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Compatibility\Extensions\WCSubscriptions.php:34

actionwoocommerce_variable-subscription_add_to_cartvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Compatibility\Extensions\WCSubscriptions.php:35

filterwoocommerce_subscriptions_switch_is_identical_productvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Compatibility\Extensions\WCSubscriptions.php:36

filterwoocommerce_subscriptions_switch_error_messagevendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Compatibility\Extensions\WCSubscriptions.php:37

filterwc_cpw_show_edit_link_in_cartvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Compatibility\Extensions\WCSubscriptions.php:39

filterwoocommerce_dropdown_variation_attribute_options_htmlvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Compatibility\Extensions\WCSubscriptions.php:105

filterwoocommerce_reset_variations_linkvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Compatibility\Extensions\WCSubscriptions.php:106

filterwc_cpw_price_input_attributesvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Compatibility\Extensions\WCSubscriptions.php:109

actionplugins_loadedvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Compatibility\ExtensionSupport.php:49

actionwp_enqueue_scriptsvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Display.php:37

actionwoocommerce_before_single_productvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Display.php:38

actionwoocommerce_before_add_to_cart_buttonvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Display.php:39

actionwc_cpw_after_price_inputvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Display.php:40

actionwc_cpw_after_price_inputvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Display.php:41

actionwc_cpw_after_price_inputvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Display.php:42

filterwoocommerce_product_has_optionsvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Display.php:44

filterwoocommerce_quantity_input_argsvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Display.php:46

filterwoocommerce_product_single_add_to_cart_textvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Display.php:47

filterwc_cpw_minimum_price_htmlvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Display.php:48

filterwoocommerce_get_price_htmlvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Display.php:50

filterwoocommerce_variable_subscription_price_htmlvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Display.php:51

filterwoocommerce_product_add_to_cart_textvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Display.php:53

filterwoocommerce_product_add_to_cart_urlvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Display.php:54

filterwoocommerce_product_supportsvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Display.php:56

filterpost_classvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Display.php:58

actionwoocommerce_single_variationvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Display.php:60

filterwoocommerce_variation_is_visiblevendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Display.php:61

filterwoocommerce_available_variationvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Display.php:62

filterwoocommerce_get_variation_pricevendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Display.php:63

filterwoocommerce_get_variation_regular_pricevendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Display.php:64

filterwoocommerce_cart_item_pricevendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Display.php:66

actionwoocommerce_before_add_to_cart_formvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Display.php:135

actionwoocommerce_after_single_productvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Display.php:137

actionwoocommerce_single_product_summaryvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Display.php:147

filterwoocommerce_order_again_cart_item_datavendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Order.php:22

filterwoocommerce_get_settings_pagesvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Settings\SettingsIntegration.php:11

filterwoocommerce_get_sections_custom_pricevendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Settings\Tabs\BaseTab.php:14

filtercustom_price/settings/defaultvendor_prefixed\wpdesk\custom-price-for-woocommerce-core\src\Settings\Tabs\GeneralTab.php:20

actionwp_dashboard_setupvendor_prefixed\wpdesk\ltv-dashboard-widget\src\DashboardWidget.php:102

actionadmin_enqueue_scriptsvendor_prefixed\wpdesk\wp-builder\src\Plugin\AbstractPlugin.php:148

actionwp_enqueue_scriptsvendor_prefixed\wpdesk\wp-builder\src\Plugin\AbstractPlugin.php:149

actionadmin_enqueue_scriptsvendor_prefixed\wpdesk\wp-notice\src\WPDesk\Notice\AjaxHandler.php:41

actionadmin_noticesvendor_prefixed\wpdesk\wp-notice\src\WPDesk\Notice\Notice.php:144

actionadmin_footervendor_prefixed\wpdesk\wp-notice\src\WPDesk\Notice\Notice.php:145

filterwp_autoloader_loader_loaders_to_loadvendor_prefixed\wpdesk\wp-plugin-flow-common\src\Initialization\PluginDisablerByFileTrait.php:45

filterwp_autoloader_loader_loaders_to_createvendor_prefixed\wpdesk\wp-plugin-flow-common\src\Initialization\PluginDisablerByFileTrait.php:46

actionplugins_loadedvendor_prefixed\wpdesk\wp-plugin-flow-common\src\Initialization\Simple\SimplePaidStrategy.php:58

actionplugins_loadedvendor_prefixed\wpdesk\wp-plugin-flow-common\src\PluginBootstrap.php:81

actionbefore_woocommerce_initvendor_prefixed\wpdesk\wp-plugin-flow-common\src\PluginBootstrap.php:88

actionactivated_pluginvendor_prefixed\wpdesk\wp-plugin-flow-common\src\PluginBootstrap.php:102

filterdoing_it_wrong_trigger_errorvendor_prefixed\wpdesk\wp-plugin-flow-common\src\PluginBootstrap.php:123

actionadmin_enqueue_scriptsvendor_prefixed\wpdesk\wp-wpdesk-marketing\src\Boxes\Assets.php:16

actionadmin_enqueue_scriptsvendor_prefixed\wpdesk\wp-wpdesk-marketing\src\Boxes\Assets.php:30

actionadmin_enqueue_scriptsvendor_prefixed\wpdesk\wp-wpdesk-tracker\src\PSR\WPDesk\Tracker\Assets.php:28

actionadmin_menuvendor_prefixed\wpdesk\wp-wpdesk-tracker\src\PSR\WPDesk\Tracker\OptInPage.php:35

actionadmin_initvendor_prefixed\wpdesk\wp-wpdesk-tracker\src\PSR\WPDesk\Tracker\OptInPage.php:36

actionadmin_noticesvendor_prefixed\wpdesk\wp-wpdesk-tracker\src\PSR\WPDesk\Tracker\OptOut.php:28

filterplugin_row_metavendor_prefixed\wpdesk\wp-wpdesk-tracker\src\PSR\WPDesk\Tracker\PluginActionLinks.php:36

Maintenance & Trust

Custom Price for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 7, 2026

PHP min version7.4

Downloads66K

Community Trust

Rating84/100

Number of ratings5

Active installs3K

Alternatives

Custom Price for WooCommerce Alternatives

Product Addons for Woocommerce – Product Options with Custom Fields

woo-custom-product-addons

WooCommerce Product Addons Add custom fields to your WooCommerce product page. With an easy-to-use Custom Form Builder.

30K 1 CVE

Call for Price for WooCommerce

woocommerce-call-for-price

100

Allow customers to "Request a quote" or "Call for price" for WooCommerce products. You can show or hide the product price globally or per product.

8K No CVEs

Product Open Pricing (Name Your Price) for WooCommerce

product-open-pricing-name-your-price-for-woocommerce

100

Open price (i.e. Name your price) products for WooCommerce.

6K No CVEs

WPC Name Your Price for WooCommerce

wpc-name-your-price

A simple plugin for enabling open pricing and letting your customers request a preferred price to pay or make a donation of their choice.

5K 1 CVE

پلاگین پرداخت دلخواه

pardakht-delkhah

افزونه پرداخت دلخواه وردپرس

1K 1 unpatched

Developer Profile

Custom Price for WooCommerce Developer Profile

wpdesk

23 plugins · 127K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

135 days

View full developer profile

Detection Fingerprints

How We Detect Custom Price for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/custom-price-for-woocommerce/assets/js/admin/metabox.js

Version Parameters

custom-price-for-woocommerce/assets/js/admin/metabox.js?ver=

HTML / DOM Fingerprints

CSS Classes

woocommerce_cpw_metabox

Data Attributes

data-cpw-price-typedata-cpw-enable-pricedata-cpw-minimum-pricedata-cpw-maximum-pricedata-cpw-price-titledata-cpw-price-placeholder+2 more

JS Globals