WP-Safety

Barcode Generator for WooCommerce – Show barcodes on products, orders, invoices and other pages Security & Risk Analysis

wordpress.org/plugins/embedding-barcodes-into-product-pages-and-orders

Embed product and order barcodes into web-pages, emails, invoices or any other places on your website.

300 active installs v2.0.5 PHP 5.6+ WP 4.0.1+ Updated Jul 28, 2025
barcodecode128eanqrcodeupc
97
A · Safe
CVEs total3
Unpatched0
Last CVEApr 15, 2025
Plugin page Download
Safety Verdict

Is Barcode Generator for WooCommerce – Show barcodes on products, orders, invoices and other pages Safe to Use in 2026?

Generally Safe

Score 97/100

Barcode Generator for WooCommerce – Show barcodes on products, orders, invoices and other pages has a strong security track record. Known vulnerabilities have been patched promptly.

3 known CVEsLast CVE: Apr 15, 2025Updated 8mo ago
Risk Assessment

The 'embedding-barcodes-into-product-pages-and-orders' plugin, version 2.0.5, presents a mixed security profile. On the positive side, the static analysis reveals a small attack surface with only one shortcode entry point, and importantly, no unprotected AJAX handlers or REST API routes. The code also demonstrates good practices in SQL query handling, with a high percentage using prepared statements, and a decent number of capability checks and nonce checks, suggesting an awareness of security fundamentals. However, the presence of the `unserialize` function is a significant concern, as it can lead to remote code execution if not handled with extreme care and input validation. The taint analysis, while limited in scope, did identify a flow with an unsanitized path, which warrants further investigation. The plugin's vulnerability history is a notable weakness, with three past medium-severity CVEs, specifically related to Missing Authorization and Exposure of Sensitive Information. While none are currently unpatched, this pattern suggests recurring security issues in authorization and data exposure, indicating potential design flaws or oversight in how user permissions and sensitive data are handled. The plugin's strengths lie in its limited attack surface and good SQL practices, but these are counterbalanced by the critical risk posed by `unserialize`, the identified unsanitized path, and the history of authorization and information exposure vulnerabilities.

Key Concerns

  • Dangerous function used (unserialize)
  • Flow with unsanitized path found
  • History of medium severity CVEs
  • Vulnerability types: Missing Authorization
  • Vulnerability types: Exposure of Sensitive Information
  • Bundled outdated library (TCPDF v1.0)
  • Moderate output escaping rate
Vulnerabilities
3

Barcode Generator for WooCommerce – Show barcodes on products, orders, invoices and other pages Security Vulnerabilities

CVEs by Year

1 CVE in 2024
2024
2 CVEs in 2025
2025
Patched Has unpatched

Severity Breakdown

Medium
3

3 total CVEs

CVE-2025-32929medium · 4.3Missing Authorization

Barcode Generator for WooCommerce <= 2.0.4 - Authenticated (Subscriber+) Arbitrary Content Deletion

Apr 15, 2025 Patched in 2.0.5 (7d)
CVE-2025-31879medium · 4.3Missing Authorization

Barcode Generator for WooCommerce <= 2.0.4 - Missing Authorization to Authenticated (Subscriber+) Settings Update

Apr 1, 2025 Patched in 2.0.5 (11d)
CVE-2025-24597medium · 6.5Exposure of Sensitive Information to an Unauthorized Actor

Barcode Generator for WooCommerce – Show barcodes on products, orders, invoices and other pages <= 2.0.2 - Authenticated (Subscriber+) Sensitive Information Disclosure

Dec 26, 2024 Patched in 2.0.3 (61d)
Code Analysis
Analyzed Mar 16, 2026

Barcode Generator for WooCommerce – Show barcodes on products, orders, invoices and other pages Code Analysis

Dangerous Functions
1
Raw SQL Queries
21
142 prepared
Unescaped Output
39
80 escaped
Nonce Checks
1
Capability Checks
45
File Operations
3
External Requests
2
Bundled Libraries
2

Dangerous Functions Found

unserialize$serverData = @unserialize($request['body']);class\Updater\WpAutoUpdate.php:148

Bundled Libraries

jQueryTCPDF1.0

SQL Query Safety

87% prepared163 total queries

Output Escaping

67% escaped119 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

4 flows1 with unsanitized paths
uploadCscFile (class\Products.php:354)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Barcode Generator for WooCommerce – Show barcodes on products, orders, invoices and other pages Attack Surface

Entry Points1
Unprotected0

Shortcodes 1

[barcode] class\Core.php:87
WordPress Hooks 39
actionwpmu_new_blogbarcode_generator.php:82
actionplugins_loadedbarcode_generator.php:91
actionadmin_noticesbarcode_generator.php:103
actionadmin_initbarcode_generator.php:116
actionadmin_initbarcode_generator.php:125
actionadmin_menuclass\Core.php:31
actionadmin_menuclass\Core.php:32
actionadmin_enqueue_scriptsclass\Core.php:33
filterplugin_row_metaclass\Core.php:34
actionwoocommerce_settings_save_generalclass\Core.php:103
actionadmin_headclass\Core.php:104
actionmanage_product_posts_custom_columnclass\Core.php:105
actionwoocommerce_product_options_skuclass\Core.php:111
actionwoocommerce_process_product_metaclass\Core.php:112
actionwoocommerce_variation_optionsclass\Core.php:114
actionwoocommerce_save_product_variationclass\Core.php:115
filterwoocommerce_available_variationclass\Core.php:116
actionadd_meta_boxesclass\Core.php:127
actionsave_post_productclass\Core.php:128
actionwoocommerce_variation_headerclass\Core.php:129
actionwoocommerce_product_after_variable_attributesclass\Core.php:130
actionadd_meta_boxesclass\Core.php:134
actionwoocommerce_admin_order_preview_get_order_detailsclass\Core.php:139
actionwoocommerce_after_order_itemmetaclass\Core.php:144
filterwoocommerce_payment_completeclass\Core.php:151
actioninitclass\Core.php:153
actioninitclass\Core.php:154
filterwoocommerce_email_customer_detailsclass\Core.php:165
filterwoocommerce_order_item_meta_endclass\Core.php:169
actiontransition_post_statusclass\Core.php:180
actioninitclass\Frontend.php:15
filterbarcode_generator_register_shortcodes_hookclass\functions.php:173
filterbarcode_generator_get_shortcode_value_hookclass\functions.php:178
actionwpo_wcpdf_after_item_metaclass\Integration.php:53
actioninitclass\Updater\Updater.php:17
filtersite_transient_update_pluginsclass\Updater\WpAutoUpdate.php:35
filterplugins_apiclass\Updater\WpAutoUpdate.php:38
actionadmin_noticesclass\Updater\WpAutoUpdate.php:85
actionadmin_initclass\Updater\WpAutoUpdate.php:99
Maintenance & Trust

Barcode Generator for WooCommerce – Show barcodes on products, orders, invoices and other pages Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedJul 28, 2025
PHP min version5.6
Downloads11K

Community Trust

Rating84/100
Number of ratings21
Active installs300
Alternatives

Barcode Generator for WooCommerce – Show barcodes on products, orders, invoices and other pages Alternatives

EAN Barcode Generator for WooCommerce: UPC, ISBN & GTIN Inventory

EAN Barcode Generator for WooCommerce: UPC, ISBN & GTIN Inventory

ean-for-woocommerce

A
96

Manage GTINs (EAN, UPC, ISBN, etc.) effortlessly in WooCommerce! Create, save, search, and display EANs easily, with tools for bulk actions, etc.

10K 6 CVEs
Print Labels with Barcodes. Create price tags, product labels, order labels for WooCommerce

Print Labels with Barcodes. Create price tags, product labels, order labels for WooCommerce

a4-barcode-generator

A
97

Generate & print barcode labels for WooCommerce products and orders. Put various data on labels like price, SKU, name, attributes, customer data, etc

1K 4 CVEs
UPC/EAN/GTIN Barcode Generator/Importer

UPC/EAN/GTIN Barcode Generator/Importer

upc-ean-barcode-generator

A
95

Generate UPC/EAN/GTIN codes or import them from CSV/Spreadsheet file into WooCommerce products

500 3 CVEs
WPSSO Schema Product Metadata for WooCommerce

WPSSO Schema Product Metadata for WooCommerce

wpsso-wc-metadata

A
100

MPN, ISBN, GTIN-8, UPC, EAN, GTIN-14, net dimensions, and fluid volume for better WooCommerce Schema markup.

600 No CVEs
QRCode

QRCode

doqrcode

A
100

A simple plugin to generate QR Code by shortcode for WordPress

400 No CVEs
Developer Profile

Barcode Generator for WooCommerce – Show barcodes on products, orders, invoices and other pages Developer Profile

Dmitry V. (CEO of "UKR Solution")

5 plugins · 3K total installs

89
trust score
Avg Security Score
93/100
Avg Patch Time
18 days
View full developer profile
Detection Fingerprints

How We Detect Barcode Generator for WooCommerce – Show barcodes on products, orders, invoices and other pages

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/embedding-barcodes-into-product-pages-and-orders/assets/css/admin.css/wp-content/plugins/embedding-barcodes-into-product-pages-and-orders/assets/css/frontend.css/wp-content/plugins/embedding-barcodes-into-product-pages-and-orders/assets/css/settings.css/wp-content/plugins/embedding-barcodes-into-product-pages-and-orders/assets/js/admin.js/wp-content/plugins/embedding-barcodes-into-product-pages-and-orders/assets/js/frontend.js/wp-content/plugins/embedding-barcodes-into-product-pages-and-orders/assets/js/settings.js
Script Paths
/wp-content/plugins/embedding-barcodes-into-product-pages-and-orders/assets/js/admin.js/wp-content/plugins/embedding-barcodes-into-product-pages-and-orders/assets/js/frontend.js/wp-content/plugins/embedding-barcodes-into-product-pages-and-orders/assets/js/settings.js
Version Parameters
embedding-barcodes-into-product-pages-and-orders/assets/css/admin.css?ver=embedding-barcodes-into-product-pages-and-orders/assets/css/frontend.css?ver=embedding-barcodes-into-product-pages-and-orders/assets/css/settings.css?ver=embedding-barcodes-into-product-pages-and-orders/assets/js/admin.js?ver=embedding-barcodes-into-product-pages-and-orders/assets/js/frontend.js?ver=embedding-barcodes-into-product-pages-and-orders/assets/js/settings.js?ver=

HTML / DOM Fingerprints

CSS Classes
wpbcu-barcode-generatora4b-barcode-generatora4b-settings-page
HTML Comments
<!-- Settings Page --><!-- Barcode Printing Settings --><!-- Barcode Generator - create barcodes for products, orders, emails - (demo) --><!-- UkrSolution Barcode Generator -->
Data Attributes
data-plugin-pathdata-plugin-urldata-barcode-print-url
JS Globals
a4b_obja4b_paramsa4barcode_data
REST Endpoints
/wp-json/a4barcode_d/get_barcodes_by_values/wp-json/a4barcode_d/get_barcodes_test/wp-json/a4barcode_d/get_latest_version/wp-json/a4barcode_d/get_all_algorithms/wp-json/a4barcode_d/get_active_template/wp-json/a4barcode_d/get_all_templates/wp-json/a4barcode_d/get_barcodes/wp-json/a4barcode_d/get_categories/wp-json/a4barcode_d/get_attributes/wp-json/a4barcode_d/get_local_attributes/wp-json/a4barcode_d/check_custom_field/wp-json/a4barcode_d/get_barcodes_by_orders/wp-json/a4barcode_d/get_barcodes_by_order_products/wp-json/a4barcode_d/get_preview_barcode/wp-json/a4barcode_d/delete_format/wp-json/a4barcode_d/save_format
FAQ

Frequently Asked Questions about Barcode Generator for WooCommerce – Show barcodes on products, orders, invoices and other pages