Does eCommerce Addon have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is eCommerce Addon compatible with WordPress 6.2.9?

According to WordPress.org data, eCommerce Addon 1.4 has been tested up to WordPress 6.2.9. Check the plugin's changelog for the latest compatibility information.

Is eCommerce Addon compatible with PHP 7.0+?

eCommerce Addon requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is eCommerce Addon updated?

eCommerce Addon was last updated on Jul 6, 2023. Frequent updates are generally a positive security signal.

What is eCommerce Addon's security score?

eCommerce Addon has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

eCommerce Addon Security & Risk Analysis

wordpress.org/plugins/ecommerce-addon

eCommerce Addon is an Elementor Addon Plugin for eCommerce Websites.

20 active installs v1.4 PHP 7.0+ WP 6.0+ Updated Jul 6, 2023

addonscafeecommerceelementortable

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is eCommerce Addon Safe to Use in 2026?

Generally Safe

Score 85/100

eCommerce Addon has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2yr ago

Risk Assessment

Based on the static analysis and vulnerability history, the "ecommerce-addon" plugin v1.4 currently exhibits a strong security posture with no identified vulnerabilities or active threats. The absence of entry points like AJAX handlers, REST API routes, shortcodes, and cron events significantly limits the plugin's attack surface. Furthermore, the code demonstrates good practices by avoiding dangerous functions, performing all SQL queries using prepared statements, and not engaging in file operations or external HTTP requests. A high percentage of properly escaped output suggests an awareness of cross-site scripting (XSS) risks.

However, a notable concern is the complete absence of nonce checks and capability checks. While the current attack surface is zero, this leaves the plugin vulnerable if new entry points are introduced or if existing ones are later modified without these crucial security measures. The bundled Freemius library, v1.0, is also potentially outdated and could harbor its own unaddressed vulnerabilities if not updated. Despite the current clean record, the lack of fundamental security checks represents a latent risk that could be exploited in the future.

Key Concerns

No nonce checks implemented
No capability checks implemented
Bundled library (Freemius v1.0) potentially outdated

Vulnerabilities

None known

eCommerce Addon Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

eCommerce Addon Release Timeline

v1.4Current

v1.3

v1.2

v1.1

v1.0

Code Analysis

Analyzed Mar 16, 2026

eCommerce Addon Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

355 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Freemius1.0

Output Escaping

81% escaped438 total outputs

Attack Surface

eCommerce Addon Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 27

filterconnect_urlecommerce-addon.php:62

filterafter_skip_urlecommerce-addon.php:63

filterafter_connect_urlecommerce-addon.php:64

filterafter_pending_connect_urlecommerce-addon.php:65

actionadmin_enqueue_scriptsecommerce-addon.php:78

actionadmin_initecommerce-addon.php:86

actionadmin_initecommerce-addon.php:87

actionadmin_menuecommerce-addon.php:90

actioninitecommerce-addon.php:145

actionadmin_noticesecommerce-addon.php:155

actionplugins_loadedecommerce-addon.php:161

actionadmin_noticesecommerce-addon.php:183

actionadmin_noticesecommerce-addon.php:202

actionelementor/editor/before_enqueue_scriptsecommerce-addon.php:219

actionwp_enqueue_scriptsecommerce-addon.php:487

actionplugins_loadedelementor\em-setup.php:34

actionelementor/frontend/after_enqueue_scriptselementor\em-setup.php:36

actionadmin_noticeselementor\em-setup.php:66

actionadmin_noticeselementor\em-setup.php:73

actionelementor/elements/categories_registeredelementor\em-setup.php:80

actionelementor/elements/categories_registeredelementor\em-setup.php:81

actionelementor/widgets/widgets_registeredelementor\em-setup.php:83

actionelementor/widgets/widgets_registeredelementor\em-setup.php:84

actionafter_switch_themeelementor\em-setup.php:219

actionpt-ocdi/after_content_import_executionelementor\em-setup.php:230

filterexcerpt_lengthelementor\em-setup.php:248

filterexcerpt_moreelementor\em-setup.php:285

Maintenance & Trust

eCommerce Addon Maintenance & Trust

Maintenance Signals

WordPress version tested6.2.9

Last updatedJul 6, 2023

PHP min version7.0

Downloads3K

Community Trust

Rating0/100

Number of ratings0

Active installs20

Alternatives

eCommerce Addon Alternatives

Restaurant & Cafe Addon for Elementor

restaurant-cafe-addon-for-elementor

Restaurant & Cafe Addon for Elementor is an Elementor Addons for Restaurant Websites.

2K 9 CVEs

Tablentor – Smart Table Builder for Elementor

tablentor

100

Create beautiful, responsive tables effortlessly in Elementor with manual table building or dynamic CSV data import capabilities.

1K No CVEs

Simple Pricing Table for Elementor

simple-pricing-table-for-elementor

100

The Pricing Table for Elementor lets you create stunning, customizable pricing tables to highlight your offerings and boost conversions.

700 No CVEs

TableMaster for Elementor – Advanced Responsive Tables for Elementor

tablemaster-for-elementor

Advanced Elementor table widget to build beautiful, responsive data tables, pricing tables, comparison tables and more inside Elementor.

100 1 CVE

Modern Pricing Table for Elementor

modern-pricing-table-for-elementor

100

A simple but modern pricing tables with advanced options to boost conversions with professional designs that perfectly match your brand.

10 No CVEs

Developer Profile

eCommerce Addon Developer Profile

nicheaddons

7 plugins · 19K total installs

trust score

Avg Security Score

82/100

Avg Patch Time

71 days

View full developer profile

Detection Fingerprints

How We Detect eCommerce Addon

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/ecommerce-addon/assets/css/admin-styles.css/wp-content/plugins/ecommerce-addon/assets/css/linea.min.css/wp-content/plugins/ecommerce-addon/assets/css/themify-icons.min.css

Version Parameters

ecommerce-addon/assets/css/admin-styles.css?ver=ecommerce-addon/assets/css/linea.min.css?ver=ecommerce-addon/assets/css/themify-icons.min.css?ver=

HTML / DOM Fingerprints

CSS Classes

naeca-admin-pagenaeca_admin_pagenaeca_admin_sub_page

HTML Comments

+13 more

JS Globals

naeca_fs

FAQ