WP-Safety

Custom Builder for Elementor and WooCommerce Security & Risk Analysis

wordpress.org/plugins/custom-woo-builder-for-elementor

Custom Woo Builder is a plugin that allows creating WooCommerce Single Product page templates and WooCommerce Product Archive templates with Elementor …

10 active installs v1.0.0 PHP 7.0+ WP 4.9.8+ Updated Dec 3, 2019
custom-woo-builderelementorelementor-addonsshopsingle-page
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Custom Builder for Elementor and WooCommerce Safe to Use in 2026?

Generally Safe

Score 85/100

Custom Builder for Elementor and WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago
Risk Assessment

The "custom-woo-builder-for-elementor" plugin v1.0.0 exhibits a mixed security posture. On the positive side, it demonstrates good practices with 100% of SQL queries using prepared statements, a healthy number of capability checks, and no recorded historical vulnerabilities. This suggests a generally conscientious development approach.

However, significant concerns arise from the static analysis. The plugin exposes one AJAX handler without any authentication checks, creating a critical entry point for potential attacks. Furthermore, the taint analysis reveals two high-severity flows with unsanitized paths, indicating potential for privilege escalation or data leakage if these flows are triggered by malicious input. The fact that 37% of output is not properly escaped also poses a risk of cross-site scripting (XSS) vulnerabilities.

While the absence of known CVEs is reassuring, the presence of critical vulnerabilities identified during static and taint analysis overshadows this. The plugin has a limited attack surface, but the unprotected AJAX handler is a glaring weakness. The development team should prioritize addressing the identified taint flows and improving output sanitization to mitigate these risks.

Key Concerns

  • AJAX handler without authentication check
  • High severity unsanitized taint flow (2 detected)
  • Significant portion of output not properly escaped
Vulnerabilities
None known

Custom Builder for Elementor and WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Custom Builder for Elementor and WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
3 prepared
Unescaped Output
156
264 escaped
Nonce Checks
2
Capability Checks
5
File Operations
1
External Requests
0
Bundled Libraries
1

Bundled Libraries

Select2

SQL Query Safety

100% prepared3 total queries

Output Escaping

63% escaped420 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths
save_meta_option (framework\post-meta\cherry-x-post-meta.php:471)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

Custom Builder for Elementor and WooCommerce Attack Surface

Entry Points1
Unprotected1

AJAX Handlers 1

authwp_ajax_elementor_render_widgetincludes\integrations\base\class-custom-woo-builder-integration.php:24
WordPress Hooks 80
actionafter_setup_themecustom-woo-builder.php:28
actioninitcustom-woo-builder.php:29
actionadmin_noticescustom-woo-builder.php:51
actionplugins_loadedcustom-woo-builder.php:54
actionadmin_noticescustom-woo-builder.php:83
actionadmin_noticesframework\db-updater\cherry-x-db-updater.php:79
actionadmin_initframework\db-updater\cherry-x-db-updater.php:80
actionadmin_enqueue_scriptsframework\interface-builder\cherry-x-interface-builder.php:151
actionwp_enqueue_scriptsframework\interface-builder\inc\class-cx-controls-base.php:52
actionadmin_enqueue_scriptsframework\interface-builder\inc\class-cx-controls-base.php:53
actionadmin_footerframework\interface-builder\inc\controls\iconpicker.php:85
actioncustomize_controls_print_footer_scriptsframework\interface-builder\inc\controls\iconpicker.php:86
filtercx_handler_response_dataframework\interface-builder\inc\controls\iconpicker.php:87
filtercx_control/add_repeater_dataframework\interface-builder\inc\controls\iconpicker.php:179
actionadmin_footerframework\interface-builder\inc\controls\repeater.php:94
actioncustomize_controls_print_footer_scriptsframework\interface-builder\inc\controls\repeater.php:95
filtercx_control/is_repeaterframework\interface-builder\inc\controls\repeater.php:133
actionafter_setup_themeframework\loader.php:83
actionafter_setup_themeframework\loader.php:84
actionadmin_enqueue_scriptsframework\post-meta\cherry-x-post-meta.php:81
actionadd_meta_boxesframework\post-meta\cherry-x-post-meta.php:82
actionsave_postframework\post-meta\cherry-x-post-meta.php:83
actionwp_enqueue_scriptsincludes\class-custom-woo-builder-assets.php:13
actionelementor/frontend/before_enqueue_scriptsincludes\class-custom-woo-builder-assets.php:15
actionelementor/frontend/after_enqueue_scriptsincludes\class-custom-woo-builder-assets.php:16
actionadmin_enqueue_scriptsincludes\class-custom-woo-builder-assets.php:21
actionelementor/documents/registerincludes\class-custom-woo-builder-documents.php:12
actionelementor/dynamic_tags/before_renderincludes\class-custom-woo-builder-documents.php:15
actionelementor/dynamic_tags/after_renderincludes\class-custom-woo-builder-documents.php:16
filteradmin_body_classincludes\class-custom-woo-builder-documents.php:19
actionadmin_menuincludes\class-custom-woo-builder-post-type.php:19
filteroption_elementor_cpt_supportincludes\class-custom-woo-builder-post-type.php:22
filterdefault_option_elementor_cpt_supportincludes\class-custom-woo-builder-post-type.php:23
filterbody_classincludes\class-custom-woo-builder-post-type.php:25
filterpost_classincludes\class-custom-woo-builder-post-type.php:26
filterthe_contentincludes\class-custom-woo-builder-post-type.php:28
actioninitincludes\class-custom-woo-builder-post-type.php:30
actionadmin_enqueue_scriptsincludes\class-custom-woo-builder-post-type.php:32
actionadmin_action_custom_woo_new_templateincludes\class-custom-woo-builder-post-type.php:33
filterpost_row_actionsincludes\class-custom-woo-builder-post-type.php:35
filterget_sample_permalink_htmlincludes\class-custom-woo-builder-post-type.php:37
actionadmin_footerincludes\class-custom-woo-builder-post-type.php:175
actioninitincludes\class-custom-woo-builder-shortcodes.php:13
filterwc_get_template_partincludes\integrations\base\class-custom-woo-builder-integration-woocommerce.php:21
filterwc_get_templateincludes\integrations\base\class-custom-woo-builder-integration-woocommerce.php:23
filterwc_get_templateincludes\integrations\base\class-custom-woo-builder-integration-woocommerce.php:26
filtertemplate_includeincludes\integrations\base\class-custom-woo-builder-integration-woocommerce.php:30
actiontemplate_includeincludes\integrations\base\class-custom-woo-builder-integration-woocommerce.php:36
actioninitincludes\integrations\base\class-custom-woo-builder-integration-woocommerce.php:38
filtercustom-woo-builder/custom-single-templateincludes\integrations\base\class-custom-woo-builder-integration-woocommerce.php:40
filtercustom-woo-builder/integration/doc-typeincludes\integrations\base\class-custom-woo-builder-integration-woocommerce.php:41
filtercustom-woo-builder/integration/doc-typeincludes\integrations\base\class-custom-woo-builder-integration-woocommerce.php:42
filterwoocommerce_output_related_products_argsincludes\integrations\base\class-custom-woo-builder-integration-woocommerce.php:44
filterwoocommerce_upsell_display_argsincludes\integrations\base\class-custom-woo-builder-integration-woocommerce.php:48
filterwoocommerce_cross_sells_totalincludes\integrations\base\class-custom-woo-builder-integration-woocommerce.php:49
filterwoocommerce_product_loop_startincludes\integrations\base\class-custom-woo-builder-integration-woocommerce.php:50
actioncustom-woo-builder/woocommerce/before-main-contentincludes\integrations\base\class-custom-woo-builder-integration-woocommerce.php:52
actioncustom-woo-builder/woocommerce/after-main-contentincludes\integrations\base\class-custom-woo-builder-integration-woocommerce.php:53
filtercustom-woo-builder/render-callback/custom-argsincludes\integrations\base\class-custom-woo-builder-integration-woocommerce.php:54
filterprevious_posts_link_attributesincludes\integrations\base\class-custom-woo-builder-integration-woocommerce.php:56
filternext_posts_link_attributesincludes\integrations\base\class-custom-woo-builder-integration-woocommerce.php:57
filtercustom-woo-builder/get-template-content/render-methodincludes\integrations\base\class-custom-woo-builder-integration-woocommerce.php:439
actionelementor/initincludes\integrations\base\class-custom-woo-builder-integration.php:19
actionelementor/widgets/widgets_registeredincludes\integrations\base\class-custom-woo-builder-integration.php:21
actionelementor/widgets/widgets_registeredincludes\integrations\base\class-custom-woo-builder-integration.php:22
actionelementor/page_templates/canvas/before_contentincludes\integrations\base\class-custom-woo-builder-integration.php:25
actionelementor/page_templates/canvas/after_contentincludes\integrations\base\class-custom-woo-builder-integration.php:26
actionelementor/editor/after_enqueue_stylesincludes\integrations\base\class-custom-woo-builder-integration.php:28
actionelementor/controls/controls_registeredincludes\integrations\base\class-custom-woo-builder-integration.php:30
actiontemplate_redirectincludes\integrations\base\class-custom-woo-builder-integration.php:32
filterpost_classincludes\integrations\base\class-custom-woo-builder-integration.php:34
actionadmin_enqueue_scriptsincludes\settings\class-custom-woo-builder-settings.php:31
actionadmin_menuincludes\settings\class-custom-woo-builder-settings.php:32
actioninitincludes\settings\class-custom-woo-builder-settings.php:33
actionadmin_noticesincludes\settings\class-custom-woo-builder-settings.php:34
filterwoocommerce_get_settings_pagesincludes\settings\class-custom-woo-builder-shop-settings.php:16
actionwoocommerce_admin_field_custom_woo_select_templateincludes\settings\class-custom-woo-builder-shop-settings.php:17
actionwoocommerce_admin_field_custom_woo_select_render_method_fieldincludes\settings\class-custom-woo-builder-shop-settings.php:18
filtercomments_templateincludes\widgets\single-product\custom-woo-builder-single-reviews-form.php:59
filtercomments_templateincludes\widgets\single-product\custom-woo-builder-single-tabs.php:590
Maintenance & Trust

Custom Builder for Elementor and WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested5.2.24
Last updatedDec 3, 2019
PHP min version7.0
Downloads4K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

Custom Builder for Elementor and WooCommerce Alternatives

Onex Custom Woo Builder

Onex Custom Woo Builder

onex-custom-woo-builder

A
85

Custom Woo Builder is a plugin that allows creating WooCommerce Single Product page templates and WooCommerce Product Archive templates with Elementor …

10 No CVEs
ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor

ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor

elementskit-lite

A
89

Join millions who empower their websites with ElementsKit Elementor Addons. Get templates, & 100+ widgets like header-footer, mega menu, custom widget

2.0M 22 CVEs
Essential Addons for Elementor – Popular Elementor Templates & Widgets

Essential Addons for Elementor – Popular Elementor Templates & Widgets

essential-addons-for-elementor-lite

B
76

Elementor addon offering 110+ widgets and templates — Elementor Gallery, Slider, Form, Post Grid, Menu, Accordion, WooCommerce & more.

2.0M 56 CVEs
Ultimate Addons for Elementor

Ultimate Addons for Elementor

header-footer-elementor

A
96

Powerful Elementor addon with advanced Elementor widgets, templates, WooCommerce widgets & Header-Footer builder to build professional websites fa …

2.0M 12 CVEs
Premium Addons for Elementor – Powerful Elementor Templates & Widgets

Premium Addons for Elementor – Powerful Elementor Templates & Widgets

premium-addons-for-elementor

A
95

Elementor Carousel, Mega Menu, Posts List/Slider, Media Gallery, WooCommerce Widgets, Display Conditions, Premade Templates & more.

700K 35 CVEs
Developer Profile

Custom Builder for Elementor and WooCommerce Developer Profile

immonex

8 plugins · 440 total installs

92
trust score
Avg Security Score
88/100
Avg Patch Time
7 days
View full developer profile
Detection Fingerprints

How We Detect Custom Builder for Elementor and WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/custom-woo-builder-for-elementor/assets/css/custom-woo-builder.css/wp-content/plugins/custom-woo-builder-for-elementor/assets/js/custom-woo-builder.js
Script Paths
/wp-content/plugins/custom-woo-builder-for-elementor/assets/js/custom-woo-builder.js
Version Parameters
custom-woo-builder/assets/css/custom-woo-builder.css?ver=custom-woo-builder/assets/js/custom-woo-builder.js?ver=

HTML / DOM Fingerprints

CSS Classes
custom-woo-builder-page
HTML Comments
<!-- Start: Custom Woo Builder --><!-- End: Custom Woo Builder --><!-- Elementor Builder --><!-- End Elementor Builder -->
Data Attributes
data-custom-woo-builder
JS Globals
custom_woo_builder_assetscustom_woo_builder_integrationcustom_woo_builder_integration_woocommercecustom_woo_builder_post_typecustom_woo_builder_settingscustom_woo_builder_shortocdes+3 more
Shortcode Output
[custom_woo_builder]
FAQ

Frequently Asked Questions about Custom Builder for Elementor and WooCommerce