WP-Safety

Custom Thank You Page for WooCommerce Security & Risk Analysis

wordpress.org/plugins/custom-thank-you-page

Custom Thank You Page for WooCommerce plugin allows you to customize the final thank you page of a WooCommerce order.

50 active installs v1.1.3 PHP 5.6+ WP 3.5.0+ Updated Apr 15, 2026
custom-thank-you-pagethank-you-pagewc-checkoutwc-orderwoocommerce-checkout
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Custom Thank You Page for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Custom Thank You Page for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The "custom-thank-you-page" plugin v1.1.2 exhibits significant security concerns due to a high proportion of unprotected entry points. With 2 AJAX handlers, both lacking authentication checks, an attacker could potentially interact with sensitive plugin functionality without authorization. The presence of the `unserialize` function is a critical warning sign, as it can lead to remote code execution vulnerabilities if not handled with extreme care and proper sanitization of the input data. While the plugin has no recorded vulnerability history, this does not imply inherent security, especially given the identified code signals. The low percentage of properly escaped output (10%) also raises concerns about potential cross-site scripting (XSS) vulnerabilities, allowing attackers to inject malicious scripts into the application.

Key Concerns

  • Unprotected AJAX handlers
  • Dangerous function: unserialize
  • Raw SQL queries without prepared statements
  • Low percentage of properly escaped output
  • Missing capability checks
  • Flow with unsanitized paths
Vulnerabilities
None known

Custom Thank You Page for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Custom Thank You Page for WooCommerce Release Timeline

v1.1.3Current
v1.1.2
v1.1.1
v1.1.0
v1.0.9
v1.0.8
v1.0.7
v1.0.6
v1.0.5
v1.0.4
v1.0.3
v1.0.2
v1.0.1
v1.0.0
Code Analysis
Analyzed Mar 16, 2026

Custom Thank You Page for WooCommerce Code Analysis

Dangerous Functions
2
Raw SQL Queries
1
0 prepared
Unescaped Output
447
47 escaped
Nonce Checks
1
Capability Checks
0
File Operations
1
External Requests
0
Bundled Libraries
1

Dangerous Functions Found

unserialize$options = unserialize(file_get_contents($_FILES["ctyp_upload_file"]["tmp_name"]));core\includes\class-panel.php:258
unserializeupdate_option( $this->plugin_optionname, unserialize($option->option_value));core\includes\class-panel.php:263

Bundled Libraries

Select2

SQL Query Safety

0% prepared1 total queries

Output Escaping

10% escaped494 total outputs
Data Flows · Security
1 unsanitized

Data Flow Analysis

2 flows1 with unsanitized paths
ctyp_panel (core\includes\class-panel.php:363)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

Custom Thank You Page for WooCommerce Attack Surface

Entry Points2
Unprotected2

AJAX Handlers 2

authwp_ajax_ctyp_list_postscore\functions\functions.php:204
authwp_ajax_ctyp_list_taxonomycore\functions\functions.php:251
WordPress Hooks 14
filterposts_wherecore\functions\functions.php:168
actionwoocommerce_before_thankyoucore\includes\class-ecommerce.php:16
actionwoocommerce_thankyoucore\includes\class-ecommerce.php:17
filterrender_blockcore\includes\class-ecommerce.php:18
filterwc_get_templatecore\includes\class-ecommerce.php:19
actionadmin_noticescore\includes\class-notice.php:19
actionadmin_headcore\includes\class-notice.php:20
actionadmin_menucore\includes\class-panel.php:21
actionadmin_initcore\includes\class-panel.php:22
actionadmin_initcore\includes\class-panel.php:23
actionbefore_woocommerce_initinit.php:51
actionadmin_initinit.php:52
actionplugins_loadedinit.php:53
actionadmin_noticesinit.php:100
Maintenance & Trust

Custom Thank You Page for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedApr 15, 2026
PHP min version5.6
Downloads10K

Community Trust

Rating0/100
Number of ratings0
Active installs50
Alternatives

Custom Thank You Page for WooCommerce Alternatives

Thank You Page for WooCommerce

Thank You Page for WooCommerce

wc-thanks-redirect

A
100

Thank You Page for WooCommerce allows adding Thank You Page or Thank You URL for WooCommerce Products for your Customers.

10K No CVEs
NextMove Lite – Thank You Page for WooCommerce

NextMove Lite – Thank You Page for WooCommerce

woo-thank-you-page-nextmove-lite

B
72

The only plugin in WooCommerce that empowers you to build profit-pulling Thank You Pages with plug & play components.

10K 1 unpatched
Thank You Page Customizer for WooCommerce – Increase Your Sales

Thank You Page Customizer for WooCommerce – Increase Your Sales

woo-thank-you-page-customizer

A
95

Craft a stunning thank you page effortlessly with our user-friendly customization tools, offer coupons to customers after purchase.

4K 5 CVEs
Custom Thank You Page Customize For WooCommerce by Binary Carpenter

Custom Thank You Page Customize For WooCommerce by Binary Carpenter

bc-woo-custom-thank-you-pages

A
92

Create thank you pages for all products, per products or per category

2K 1 CVE
Custom Thank You Page for WooCommerce

Custom Thank You Page for WooCommerce

wc-custom-thank-you

A
100

Replace the default WooCommerce Thank You page (order received page) with a custom Thank You page.

2K No CVEs
Developer Profile

Custom Thank You Page for WooCommerce Developer Profile

alexvtn

76 plugins · 10K total installs

76
trust score
Avg Security Score
96/100
Avg Patch Time
168 days
View full developer profile
Detection Fingerprints

How We Detect Custom Thank You Page for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/custom-thank-you-page/assets/css/notice.css/wp-content/plugins/custom-thank-you-page/assets/css/panel.css/wp-content/plugins/custom-thank-you-page/assets/css/freepro.css/wp-content/plugins/custom-thank-you-page/assets/css/on_off.css/wp-content/plugins/custom-thank-you-page/assets/css/select2.min.css/wp-content/plugins/custom-thank-you-page/assets/js/on_off.js/wp-content/plugins/custom-thank-you-page/assets/js/select2.min.js/wp-content/plugins/custom-thank-you-page/assets/js/panel.js
Script Paths
//fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i
Version Parameters
custom-thank-you-page/assets/js/on_off.js?ver=3.5custom-thank-you-page/assets/js/select2.min.js?ver=3.5custom-thank-you-page/assets/js/panel.js?ver=1.0

HTML / DOM Fingerprints

CSS Classes
message_savectyp_panel_message
Data Attributes
data-ctyp-namedata-ctyp-value
JS Globals
ctyp_ajax_obj
FAQ

Frequently Asked Questions about Custom Thank You Page for WooCommerce