WP-Safety

ELEX WooCommerce Name Your Price Security & Risk Analysis

wordpress.org/plugins/elex-woo-flexible-pricing

The plugin lets you set the minimum price for your WooCommerce products globally and individually.

600 active installs v3.0.8 PHP 5.6+ WP 3.0.1+ Updated Feb 9, 2026
flexible-pricingminimum-purchasename-your-pricewoocommerce-dynamic-pricing
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is ELEX WooCommerce Name Your Price Safe to Use in 2026?

Generally Safe

Score 100/100

ELEX WooCommerce Name Your Price has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The elex-woo-flexible-pricing plugin version 3.0.8 exhibits a generally good security posture with several strong practices in place. The absence of known CVEs and the complete reliance on prepared statements for SQL queries are significant strengths. Furthermore, the plugin utilizes a substantial number of nonce checks, indicating an awareness of common WordPress attack vectors. The taint analysis revealing no critical or high severity unsanitized paths is also reassuring.

However, there are notable areas for concern. The presence of 8 AJAX handlers, with 2 lacking any authentication checks, creates a direct attack surface that could be exploited by unauthenticated users. While the output escaping is at 74%, which is acceptable, there's still room for improvement to prevent potential cross-site scripting vulnerabilities. The plugin also makes one external HTTP request, which, while not inherently a vulnerability, requires careful scrutiny for potential risks if the external endpoint is compromised or malicious.

Overall, the plugin is built on a foundation of good security practices, particularly regarding database interactions and input validation for many entry points. The lack of historical vulnerabilities further strengthens this perception. Nevertheless, the two unprotected AJAX endpoints represent a clear and present risk that needs immediate attention. Addressing these specific concerns will significantly bolster the plugin's security.

Key Concerns

  • Unprotected AJAX handlers
  • Output escaping at 74%
  • External HTTP request
Vulnerabilities
None known

ELEX WooCommerce Name Your Price Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

ELEX WooCommerce Name Your Price Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
53
151 escaped
Nonce Checks
19
Capability Checks
0
File Operations
0
External Requests
1
Bundled Libraries
1

Bundled Libraries

Select2

Output Escaping

74% escaped204 total outputs
Data Flows
All sanitized

Data Flow Analysis

2 flows
download_info (includes\HelpAndSupport\HelpAndSupportController.php:164)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

ELEX WooCommerce Name Your Price Attack Surface

Entry Points8
Unprotected2

AJAX Handlers 8

authwp_ajax_test_responseincludes\elex-wfp-product-flexible-price.php:908
noprivwp_ajax_test_responseincludes\elex-wfp-product-flexible-price.php:909
authwp_ajax_elex_nyp_fetch_min_priceincludes\SettingsController.php:17
authwp_ajax_elex_nyp_fetch_max_priceincludes\SettingsController.php:18
authwp_ajax_search_products_by_nameincludes\SettingsController.php:19
authwp_ajax_search_products_by_categoryincludes\SettingsController.php:20
authwp_ajax_search_products_by_tagincludes\SettingsController.php:21
authwp_ajax_search_user_roleincludes\SettingsController.php:22
WordPress Hooks 33
actionplugins_loadedelex-woo-flexible-pricing.php:51
actionbefore_woocommerce_initelex-woo-flexible-pricing.php:102
actionadmin_menuincludes\class-nyp-init-handler.php:28
actioninitincludes\class-nyp-init-handler.php:29
actionproduct_cat_edit_form_fieldsincludes\elex-wfp-product-flexible-price.php:302
actionedited_product_catincludes\elex-wfp-product-flexible-price.php:303
actiondeactivate_pluginincludes\elex-wfp-product-flexible-price.php:307
actionwoocommerce_product_options_general_product_dataincludes\elex-wfp-product-flexible-price.php:534
actionwoocommerce_process_product_metaincludes\elex-wfp-product-flexible-price.php:574
actionwoocommerce_before_add_to_cart_buttonincludes\elex-wfp-product-flexible-price.php:663
actionwoocommerce_after_shop_loop_itemincludes\elex-wfp-product-flexible-price.php:664
filterwoocommerce_variable_price_htmlincludes\elex-wfp-product-flexible-price.php:665
filterwoocommerce_get_price_htmlincludes\elex-wfp-product-flexible-price.php:666
filterwoocommerce_product_add_to_cart_textincludes\elex-wfp-product-flexible-price.php:667
filterwoocommerce_product_single_add_to_cart_textincludes\elex-wfp-product-flexible-price.php:668
actionwp_print_scriptsincludes\elex-wfp-product-flexible-price.php:828
filterwoocommerce_add_to_cart_validationincludes\elex-wfp-product-flexible-price.php:1111
filterwoocommerce_add_cart_item_dataincludes\elex-wfp-product-flexible-price.php:1150
actionwoocommerce_before_calculate_totalsincludes\elex-wfp-product-flexible-price.php:1161
actionwoocommerce_product_after_variable_attributesincludes\elex-wfp-variable-product-flexible-pricing.php:3
actionwoocommerce_save_product_variationincludes\elex-wfp-variable-product-flexible-pricing.php:250
filterwoocommerce_available_variationincludes\elex-wfp-variable-product-flexible-pricing.php:290
actionnyp_settings_tab_faqsincludes\HelpAndSupport\HelpAndSupportController.php:13
actionnyp_settings_tab_ticketincludes\HelpAndSupport\HelpAndSupportController.php:14
actionadmin_initincludes\HelpAndSupport\HelpAndSupportController.php:15
actionwp_enqueue_scriptsincludes\scripts.php:8
actionadmin_enqueue_scriptsincludes\scripts.php:9
actionnyp_settings_tab_generalincludes\SettingsController.php:11
actionnyp_settings_tab_customizationincludes\SettingsController.php:12
filternyp_settings_saving_generalincludes\SettingsController.php:13
filternyp_settings_saving_customizationincludes\SettingsController.php:14
actionadmin_noticesreview_and_troubleshoot_notify\review-and-troubleshoot-notify-class.php:20
actionadmin_initreview_and_troubleshoot_notify\review-and-troubleshoot-notify-class.php:21
Maintenance & Trust

ELEX WooCommerce Name Your Price Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 9, 2026
PHP min version5.6
Downloads26K

Community Trust

Rating86/100
Number of ratings8
Active installs600
Alternatives

ELEX WooCommerce Name Your Price Alternatives

Bargain Bot for WooCommerce – Dynamic Pricing, Make your Offer

Bargain Bot for WooCommerce – Dynamic Pricing, Make your Offer

bargain

A
100

Shoppers Make Offer Now with a Bargaining bot for WooCommerce for Dynamic pricing. Increase Sales with woocommerce dynamic pricing

50 No CVEs
Conditional Discounts for WooCommerce – A simple yet complete woocommerce dynamic pricing plugin

Conditional Discounts for WooCommerce – A simple yet complete woocommerce dynamic pricing plugin

woo-advanced-discounts

A
92

A powerful WooCommerce dynamic pricing plugin for bulk discounts, free gifts, BOGOs, customer role or groups based deals and much more.

10K No CVEs
Dynamic Pricing With Discount Rules for WooCommerce

Dynamic Pricing With Discount Rules for WooCommerce

aco-woo-dynamic-pricing

A
97

The Dynamic Pricing With Discount Rules plugin enables bulk discounts for WooCommerce products. Its simple design allows easy setup in minutes.

6K 2 CVEs
Product Open Pricing (Name Your Price) for WooCommerce

Product Open Pricing (Name Your Price) for WooCommerce

product-open-pricing-name-your-price-for-woocommerce

A
100

Open price (i.e. Name your price) products for WooCommerce.

6K No CVEs
Minimum Purchase Amount For Woo Cart – For WooCommerce

Minimum Purchase Amount For Woo Cart – For WooCommerce

minimum-purchase-amount-for-woo-cart

A
100

Want to increase your WooCommerce average order value? This plugin allows you to set minimum order value for your entire store, specific user roles, and for the free shipping. Start optimizing your sales today!

4K No CVEs
Developer Profile

ELEX WooCommerce Name Your Price Developer Profile

ELEXtensions

22 plugins · 28K total installs

87
trust score
Avg Security Score
98/100
Avg Patch Time
53 days
View full developer profile
Detection Fingerprints

How We Detect ELEX WooCommerce Name Your Price

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/elex-woo-flexible-pricing/assets/css/app.css/wp-content/plugins/elex-woo-flexible-pricing/assets/js/bootstrap.js/wp-content/plugins/elex-woo-flexible-pricing/assets/js/fontawesome.js/wp-content/plugins/elex-woo-flexible-pricing/assets/js/popper.js/wp-content/plugins/elex-woo-flexible-pricing/assets/js/req_script.js/wp-content/plugins/elex-woo-flexible-pricing/assets/js/select2-min.js/wp-content/plugins/elex-woo-flexible-pricing/assets/css/select-2-min.css/wp-content/plugins/elex-woo-flexible-pricing/assets/js/settings.js
Script Paths
elex_nyp_select_2_jselex_nyp_select_2_csselex_nyp_scriptelex_nyp_popper_scriptelex_nyp_bootstrap_scriptelex_nyp_fontawesome+2 more
Version Parameters
elex-woo-flexible-pricing/assets/css/app.css?ver=elex-woo-flexible-pricing/assets/js/bootstrap.js?ver=elex-woo-flexible-pricing/assets/js/fontawesome.js?ver=elex-woo-flexible-pricing/assets/js/popper.js?ver=elex-woo-flexible-pricing/assets/js/req_script.js?ver=elex-woo-flexible-pricing/assets/js/select2-min.js?ver=elex-woo-flexible-pricing/assets/css/select-2-min.css?ver=elex-woo-flexible-pricing/assets/js/settings.js?ver=

HTML / DOM Fingerprints

JS Globals
elex_nyp_ajax_objraq_formsetting_ajax_object
FAQ

Frequently Asked Questions about ELEX WooCommerce Name Your Price