WP-Safety

Discontinued Products Security & Risk Analysis

wordpress.org/plugins/discontinued-products

Enables WooCommerce Discontinued Products.

300 active installs v2.0.7 PHP 7.4+ WP 6.0+ Updated Mar 2, 2026
discontinueddiscontinued-productsecommercewoocommercewoocommerce-products
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Discontinued Products Safe to Use in 2026?

Generally Safe

Score 100/100

Discontinued Products has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The "discontinued-products" v2.0.8 plugin exhibits a generally good security posture based on the provided static analysis. The plugin has a very small attack surface, with only one shortcode, and crucially, no unprotected entry points like AJAX handlers or REST API routes. The code also shows a strong tendency towards proper output escaping, with 90% of outputs being sanitized. The presence of a nonce check, while only one, indicates some consideration for preventing CSRF attacks. The absence of file operations and external HTTP requests further reduces potential attack vectors.

However, there are areas of concern. The most significant is the use of raw SQL queries. With two SQL queries identified and 0% using prepared statements, this poses a substantial risk of SQL injection vulnerabilities. While taint analysis did not reveal any immediate unsanitized flows, the lack of prepared statements means that any user-supplied input that is incorporated into these queries without proper sanitization could be exploited. The lack of capability checks on the shortcode is also a weakness, as it implies that any authenticated user, regardless of their role, can potentially execute the shortcode's functionality.

Historically, the plugin has no recorded vulnerabilities, which is a very positive sign. This suggests either a well-written codebase or diligent maintenance. However, the lack of historical vulnerability data does not negate the risks identified in the current static analysis, particularly the raw SQL queries and the absence of capability checks.

Key Concerns

  • SQL queries without prepared statements
  • Missing capability checks on shortcode
Vulnerabilities
None known

Discontinued Products Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Discontinued Products Code Analysis

Dangerous Functions
0
Raw SQL Queries
2
0 prepared
Unescaped Output
2
19 escaped
Nonce Checks
1
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

0% prepared2 total queries

Output Escaping

90% escaped21 total outputs
Data Flows
All sanitized

Data Flow Analysis

1 flows
<html-notice-update> (views\html-notice-update.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Discontinued Products Attack Surface

Entry Points1
Unprotected0

Shortcodes 1

[discontinued_products] woocommerce-discontinued-products.php:66
WordPress Hooks 36
actionwoocommerce_initincludes\class-discontinued-products.php:33
actionplugins_loadedincludes\class-discontinued-products.php:35
actioninitincludes\class-discontinued-products.php:38
actionbefore_woocommerce_initincludes\class-discontinued-products.php:41
actionadmin_noticesincludes\class-discontinued-products.php:68
filterwoocommerce_csv_product_import_mapping_optionsincludes\class-dp-csv-import-export.php:27
filterwoocommerce_csv_product_import_mapping_default_columnsincludes\class-dp-csv-import-export.php:28
filterwoocommerce_product_import_pre_insert_product_objectincludes\class-dp-csv-import-export.php:29
filterwoocommerce_product_export_column_namesincludes\class-dp-csv-import-export.php:30
filterwoocommerce_product_export_product_default_columnsincludes\class-dp-csv-import-export.php:31
filterwoocommerce_product_export_product_column_is_discontinuedincludes\class-dp-csv-import-export.php:32
filterwoocommerce_product_export_product_column_discontinued_product_textincludes\class-dp-csv-import-export.php:33
filterwoocommerce_product_export_product_column_alt_productsincludes\class-dp-csv-import-export.php:34
filterwoocommerce_product_export_product_column_alt_product_textincludes\class-dp-csv-import-export.php:35
filterwoocommerce_product_export_product_column_hide_from_shopincludes\class-dp-csv-import-export.php:36
filterwoocommerce_product_export_product_column_hide_from_searchincludes\class-dp-csv-import-export.php:37
filterwoocommerce_product_export_skip_meta_keysincludes\class-dp-csv-import-export.php:38
actioninitincludes\class-dp-discontinued-product.php:34
actionwoocommerce_product_queryincludes\class-dp-discontinued-product.php:35
filterwoocommerce_get_shop_page_idincludes\class-dp-discontinued-product.php:36
actiontemplate_redirectincludes\class-dp-discontinued-product.php:37
actionwoocommerce_product_write_panel_tabsincludes\class-dp-discontinued-product.php:40
actionwoocommerce_product_data_panelsincludes\class-dp-discontinued-product.php:41
actionwoocommerce_process_product_metaincludes\class-dp-discontinued-product.php:42
actionadmin_enqueue_scriptsincludes\class-dp-discontinued-product.php:43
actionwoocommerce_single_product_summaryincludes\class-dp-discontinued-product.php:246
filterwoocommerce_get_sections_productsincludes\class-dp-settings.php:24
filterwoocommerce_get_settings_productsincludes\class-dp-settings.php:25
actioninitincludes\class-dp-taxonomy.php:24
actioninitincludes\class-dp-taxonomy.php:25
actioninitwoocommerce-discontinued-products.php:68
filterwoocommerce_variable_sale_price_htmlwoocommerce-template.php:107
filterwoocommerce_variable_price_htmlwoocommerce-template.php:108
filterwoocommerce_get_price_htmlwoocommerce-template.php:109
filterwoocommerce_is_purchasablewoocommerce-template.php:135
filterwoocommerce_product_price_classwoocommerce-template.php:154
Maintenance & Trust

Discontinued Products Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 2, 2026
PHP min version7.4
Downloads8K

Community Trust

Rating84/100
Number of ratings5
Active installs300
Alternatives

Discontinued Products Alternatives

Discontinued Products for WooCommerce

Discontinued Products for WooCommerce

discontinued-product-for-woocommerce

A
85

Adds the ability to flag a product as discontinued to WooCommerce

10 No CVEs
WooCommerce PayPal Payments

WooCommerce PayPal Payments

woocommerce-paypal-payments

A
100

PayPal's latest payment processing solution. Accept PayPal, Pay Later, credit/debit cards, alternative digital wallets and bank accounts.

800K 1 CVE
Mollie Payments for WooCommerce

Mollie Payments for WooCommerce

mollie-payments-for-woocommerce

A
93

Accept all major payment methods in WooCommerce today. Credit cards, iDEAL and more! Fast, safe and intuitive.

100K 4 CVEs
TI WooCommerce Wishlist

TI WooCommerce Wishlist

ti-woocommerce-wishlist

B
77

Boost your sales with a free WooCommerce Wishlist feature. Let your customers save and share their favorite products!

100K 9 CVEs
Mercado Pago payments for WooCommerce

Mercado Pago payments for WooCommerce

woocommerce-mercadopago

A
98

Offer to your clients the best experience in e-Commerce by using Mercado Pago as your payment method.

100K 3 CVEs
Developer Profile

Discontinued Products Developer Profile

twoelevenjay

3 plugins · 500 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Discontinued Products

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/discontinued-products/assets/css/discontinued_product.css
Version Parameters
discontinued_product.css?ver=2.0.8

HTML / DOM Fingerprints

CSS Classes
discontinued_product_tab
Data Attributes
data-placeholder="Search for a product…"data-action="woocommerce_json_search_products_and_variations"
Shortcode Output
[discontinued_products]
FAQ

Frequently Asked Questions about Discontinued Products