Does ELEX WooCommerce Google Shopping (Google Product Feed) have any unpatched vulnerabilities?

No. All known vulnerabilities in ELEX WooCommerce Google Shopping (Google Product Feed) have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is ELEX WooCommerce Google Shopping (Google Product Feed) compatible with WordPress 6.9.4?

According to WordPress.org data, ELEX WooCommerce Google Shopping (Google Product Feed) 1.4.5 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is ELEX WooCommerce Google Shopping (Google Product Feed) compatible with PHP 5.6+?

ELEX WooCommerce Google Shopping (Google Product Feed) requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

ELEX WooCommerce Google Shopping (Google Product Feed) Security & Risk Analysis

wordpress.org/plugins/elex-woocommerce-google-product-feed-plugin-basic

The ELEX WooCommerce Google Shopping (Google Product Feed) plugin is a free WooCommerce plugin that serves in feeding your WooCommerce products to Goo …

1K active installs v1.4.5 PHP 5.6+ WP 3.0.1+ Updated Feb 2, 2026

google-merchant-centergoogle-product-feedgoogle-shoppingwoocommerce-google-product-feedwoocommerce-google-shopping

A · Safe

CVEs total2

Unpatched0

Last CVESep 5, 2025

Plugin page Download

Safety Verdict

Is ELEX WooCommerce Google Shopping (Google Product Feed) Safe to Use in 2026?

Generally Safe

Score 98/100

ELEX WooCommerce Google Shopping (Google Product Feed) has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Sep 5, 2025Updated 2mo ago

Risk Assessment

The ELEX WooCommerce Google Product Feed Plugin Basic v1.4.5 exhibits a generally good security posture, with a strong emphasis on prepared statements for SQL queries and proper output escaping. The absence of unpatched CVEs and the limited number of medium-severity past vulnerabilities suggest the developers have been responsive to security issues. The static analysis also shows all identified AJAX handlers have authentication checks, and there are no REST API routes without permission callbacks. However, the taint analysis reveals a concerning finding: three flows with unsanitized paths and two high-severity taint flows. This indicates potential for attackers to manipulate input that could lead to unexpected behavior or compromise, even if direct critical vulnerabilities are not immediately apparent in this version. The presence of unsanitized paths, despite overall good practices, warrants attention as it could be a precursor to more severe issues if not addressed.

Key Concerns

High severity taint flows found
Unsanitized paths in taint analysis

Vulnerabilities

ELEX WooCommerce Google Shopping (Google Product Feed) Security Vulnerabilities

CVEs by Year

1 CVE in 2021

2021

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Medium

2 total CVEs

CVE-2025-10046medium · 4.9Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

ELEX WooCommerce Google Shopping (Google Product Feed) <= 1.4.3 - Authenticated (Admin+) SQL Inejction

Sep 5, 2025 Patched in 1.4.4 (1d)

WF-0ef7d891-0efa-45e5-ad16-2f34fc017c8f-elex-woocommerce-google-product-feed-plugin-basicmedium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

ELEX WooCommerce Google Shopping (Google Product Feed) <= 1.2.3 - Reflected Cross-Site Scripting

Sep 6, 2021 Patched in 1.2.4 (869d)

Code Analysis

Analyzed Mar 16, 2026

ELEX WooCommerce Google Shopping (Google Product Feed) Code Analysis

Dangerous Functions

Raw SQL Queries

24 prepared

Unescaped Output

211 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

92% prepared26 total queries

Output Escaping

97% escaped217 total outputs

Data Flows

3 unsanitized

Data Flow Analysis

6 flows3 with unsanitized paths

elex_gpf_generate_feed (includes\elex-ajax-functions.php:94)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

ELEX WooCommerce Google Shopping (Google Product Feed) Attack Surface

Entry Points10

Unprotected0

AJAX Handlers 10

authwp_ajax_elex_gpf_show_mapping_fieldsincludes\elex-ajax-functions.php:10

authwp_ajax_elex_gpf_generate_feedincludes\elex-ajax-functions.php:11

authwp_ajax_elex_gpf_manage_feed_edit_fileincludes\elex-ajax-functions.php:12

authwp_ajax_elex_gpf_get_exclude_prod_optionincludes\elex-ajax-functions.php:13

authwp_ajax_elex_gpf_pause_scheduleincludes\elex-ajax-functions.php:14

authwp_ajax_check_if_the_feed_exists_gfincludes\elex-ajax-functions.php:15

authwp_ajax_elex_gpf_manage_feed_remove_fileincludes\elex-manage-feed-ajax.php:10

authwp_ajax_elex_gpf_manage_feed_refresh_fileincludes\elex-manage-feed-ajax.php:11

authwp_ajax_elex_gpf_get_reportsincludes\elex-manage-feed-ajax.php:12

authwp_ajax_elex_gpf_save_settings_tab_fieldincludes\elex-save-settings-tab-fields.php:9

WordPress Hooks 14

actionadmin_noticeselex-product-feed-basic.php:46

actionadmin_menuelex-product-feed-basic.php:59

actionadmin_menuelex-product-feed-basic.php:119

filtercron_scheduleselex-product-feed-basic.php:286

actionelex_run_every_thirty_minuteselex-product-feed-basic.php:299

actioninitelex-product-feed-basic.php:305

actionplugins_loadedelex-product-feed-basic.php:330

actionbefore_woocommerce_initelex-product-feed-basic.php:347

actionwoocommerce_product_options_general_product_dataincludes\elex-add-custom-fields.php:10

actionwoocommerce_process_product_metaincludes\elex-add-custom-fields.php:11

actionwoocommerce_product_after_variable_attributesincludes\elex-add-custom-fields.php:12

actionwoocommerce_save_product_variationincludes\elex-add-custom-fields.php:13

actionadmin_noticesreview_and_troubleshoot_notify\review-and-troubleshoot-notify-class.php:20

actionadmin_initreview_and_troubleshoot_notify\review-and-troubleshoot-notify-class.php:21

Scheduled Events 1

elex_run_every_thirty_minutes

Maintenance & Trust

ELEX WooCommerce Google Shopping (Google Product Feed) Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 2, 2026

PHP min version5.6

Downloads59K

Community Trust

Rating76/100

Number of ratings14

Active installs1K

Alternatives

ELEX WooCommerce Google Shopping (Google Product Feed) Alternatives

WPMR Google Feed Manager for WooCommerce – Sell on Google Merchant Center & Shopping

wp-product-feed-manager

Easily create high-quality product feeds for Google Shopping and Google Merchant Center in your WooCommerce store. Increase sales on Google now!

10K 3 CVEs

WebToffee WooCommerce Product Feeds – Google Shopping, Pinterest, TikTok Ads, & More

webtoffee-product-feed

Create WooCommerce product feeds containing unlimited number of products. Supports Google Product feed, Facebook catalog feed, Instagram, Bing & m …

2K 3 CVEs

TFM Google Product Feed

tfm-google-product-feed

The ThemesFor.me Google Product Feed allows to expose all your products from WooCommerce and provide them in the Google Merchants Console.

60 No CVEs

Product Feed PRO for WooCommerce by AdTribes – Product Feeds for WooCommerce

woo-product-feed-pro

Most popular WooCommerce product feed plugin supporting Google shopping feed, meta/facebook feed, bing product feed & more.

80K 6 CVEs

Product Feed Manager for WooCommerce – CTX Feed – Support 220+ Shopping & Social Channels

webappick-product-feed-for-woocommerce

Create WooCommerce product feeds for Google Shopping, Facebook, TikTok & 220+ channels. 2026 compliant. 6 formats. Trusted by 70,000+ stores.

70K 4 CVEs

Developer Profile

ELEX WooCommerce Google Shopping (Google Product Feed) Developer Profile

ELEXtensions

22 plugins · 28K total installs

trust score

Avg Security Score

98/100

Avg Patch Time

53 days

View full developer profile

Detection Fingerprints

How We Detect ELEX WooCommerce Google Shopping (Google Product Feed)

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/elex-woocommerce-google-product-feed-plugin-basic/assets/css/elex-exclude-product-page-style.css/wp-content/plugins/elex-woocommerce-google-product-feed-plugin-basic/assets/js/elex-exclude-products-script.js/wp-content/plugins/elex-woocommerce-google-product-feed-plugin-basic/resources/css/elex-market-styles.css

Script Paths

/wp-content/plugins/elex-woocommerce-google-product-feed-plugin-basic/assets/js/elex-exclude-products-script.js

Version Parameters

elex-woocommerce-google-product-feed-plugin-basic/assets/css/elex-exclude-product-page-style.css?ver=elex-woocommerce-google-product-feed-plugin-basic/assets/js/elex-exclude-products-script.js?ver=elex-woocommerce-google-product-feed-plugin-basic/resources/css/elex-market-styles.css?ver=

HTML / DOM Fingerprints

CSS Classes

elex-sub-headersub_header_bannerelex_delete_image_elementelex-exc-prod-img

FAQ