Does Easy Product Importer for WooCommerce – One Click Product Import have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Easy Product Importer for WooCommerce – One Click Product Import compatible with WordPress 6.7.5?

According to WordPress.org data, Easy Product Importer for WooCommerce – One Click Product Import 0.0.5 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Easy Product Importer for WooCommerce – One Click Product Import Security & Risk Analysis

wordpress.org/plugins/easy-product-importer-for-woocommerce

Easy Product Importer for WooCommerce import and sync products between WooCommerce store easily with one click.

0 active installs v0.0.5 PHP 7.0+ WP 6.0+ Updated Nov 5, 2024

once-click-product-migrationone-click-product-importwoocommerce-product-importerwoocommerce-product-migrationwoocommerce-product-sync

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Easy Product Importer for WooCommerce – One Click Product Import Safe to Use in 2026?

Generally Safe

Score 92/100

Easy Product Importer for WooCommerce – One Click Product Import has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The "easy-product-importer-for-woocommerce" plugin v0.0.5 exhibits a mixed security posture. On the positive side, it demonstrates strong practices regarding SQL queries, exclusively using prepared statements, and has a generally good rate of output escaping. The absence of known vulnerabilities and no recorded past CVEs is also a significant strength, suggesting a history of diligent security maintenance or a lack of prior significant exploits.

However, there are notable areas of concern. The presence of one unprotected AJAX handler represents a significant risk, as it can be accessed by any user, potentially leading to unauthorized actions if vulnerable to further exploitation. The taint analysis revealing two flows with unsanitized paths, while not classified as critical or high severity, still indicates a potential for issues where user input might not be handled with sufficient sanitization. The limited number of capability checks also raises a flag, as it means that access to certain functionalities might not be properly restricted based on user roles.

Overall, the plugin benefits from good SQL practices and a clean vulnerability history. Nevertheless, the unprotected AJAX endpoint and potential for unsanitized paths present immediate risks that should be addressed. The limited use of capability checks warrants further investigation to ensure proper access control is in place.

Key Concerns

AJAX handler without authentication
Taint flows with unsanitized paths
Zero capability checks

Vulnerabilities

None known

Easy Product Importer for WooCommerce – One Click Product Import Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Easy Product Importer for WooCommerce – One Click Product Import Release Timeline

v0.0.5Current

v0.0.4

Code Analysis

Analyzed Apr 16, 2026

Easy Product Importer for WooCommerce – One Click Product Import Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

160 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Freemius1.0

Output Escaping

82% escaped194 total outputs

Data Flows · Security

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

set_imported_store_url (inc/class-wcpi-ajax.php:137)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

Easy Product Importer for WooCommerce – One Click Product Import Attack Surface

Entry Points4

Unprotected1

AJAX Handlers 4

authwp_ajax_wcpi_import_productinc/class-wcpi-ajax.php:20

authwp_ajax_wcpi_get_import_statusinc/class-wcpi-ajax.php:21

authwp_ajax_wcpi_reset_import_statusinc/class-wcpi-ajax.php:22

authwp_ajax_wcpi_set_imported_store_urlinc/class-wcpi-ajax.php:23

WordPress Hooks 13

actionplugins_loadedeasy-product-importer-for-woocommerce.php:230

actionadmin_initeasy-product-importer-for-woocommerce.php:231

actionadmin_menuinc/admin/class-wcpi-admin-menu-page.php:21

actionwoocommerce_api_wcpi_auth_return_urlinc/class-wcpi-auth.php:44

actionwoocommerce_api_wcpi_auth_callback_urlinc/class-wcpi-auth.php:45

actionadmin_noticesinc/class-wcpi-check-compat.php:28

actionadmin_noticesinc/class-wcpi-check-compat.php:34

actionplugins_loadedinc/class-wcpi-image-import.php:53

actionadmin_initinc/class-wcpi-import-history.php:47

actionplugins_loadedinc/class-wcpi-product-import.php:59

actionadmin_initinc/class-wcpi-product-import.php:60

filterwc_product_has_unique_skuinc/functions-products.php:171

filterwoocommerce_rest_api_get_rest_namespacesinc/rest-api/class-wcpi-rest-api.php:52

Maintenance & Trust

Easy Product Importer for WooCommerce – One Click Product Import Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedNov 5, 2024

PHP min version7.0

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Easy Product Importer for WooCommerce – One Click Product Import Alternatives

Product Sync for WooCommerce

products-sync-for-woocommerce

100

Import products to WooCommerce from external suppliers, dropshipping APIs. Automatically sync products and inventory details into your WooCommerce to …

300 No CVEs

Developer Profile

Easy Product Importer for WooCommerce – One Click Product Import Developer Profile

Plugin Devs

16 plugins · 18K total installs

trust score

Avg Security Score

83/100

Avg Patch Time

60 days

View full developer profile

Detection Fingerprints

How We Detect Easy Product Importer for WooCommerce – One Click Product Import

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/easy-product-importer-for-woocommerce/assets/vendors/semantic/semantic.min.css/wp-content/plugins/easy-product-importer-for-woocommerce/assets/css/style.css/wp-content/plugins/easy-product-importer-for-woocommerce/assets/vendors/semantic/semantic.min.js/wp-content/plugins/easy-product-importer-for-woocommerce/assets/js/scripts.js

Script Paths

/wp-content/plugins/easy-product-importer-for-woocommerce/assets/vendors/semantic/semantic.min.js/wp-content/plugins/easy-product-importer-for-woocommerce/assets/js/scripts.js

Version Parameters

easy-product-importer-for-woocommerce/assets/vendors/semantic/semantic.min.css?ver=easy-product-importer-for-woocommerce/assets/css/style.css?ver=easy-product-importer-for-woocommerce/assets/vendors/semantic/semantic.min.js?ver=easy-product-importer-for-woocommerce/assets/js/scripts.js?ver=

HTML / DOM Fingerprints

CSS Classes

wcpi-product-import

Data Attributes

data-noncedata-ajax-url

JS Globals

swm_localized

FAQ