Does Express Shop for WooCommerce Product Table have any unpatched vulnerabilities?

No. All known vulnerabilities in Express Shop for WooCommerce Product Table have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Express Shop for WooCommerce Product Table compatible with WordPress 6.7.5?

According to WordPress.org data, Express Shop for WooCommerce Product Table 4.2.2 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

How often is Express Shop for WooCommerce Product Table updated?

Express Shop for WooCommerce Product Table was last updated on Unknown. Frequent updates are generally a positive security signal.

What is Express Shop for WooCommerce Product Table's security score?

Express Shop for WooCommerce Product Table has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Express Shop for WooCommerce Product Table Security & Risk Analysis

wordpress.org/plugins/express-shop

This one page shop for WooCommerce will display woocommerce product table for easy bulk order. Suitable for restaurant online ordering, food menu, wh …

20 active installs v4.2.2 PHP + WP 4.6+ Updated Unknown

food-menuproduct-tablewoocommercewoocommerce-category-listwoocommerce-product-table

A · Safe

CVEs total1

Unpatched0

Last CVEJun 30, 2021

Plugin page Download

Safety Verdict

Is Express Shop for WooCommerce Product Table Safe to Use in 2026?

Generally Safe

Score 99/100

Express Shop for WooCommerce Product Table has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Jun 30, 2021

Risk Assessment

The express-shop plugin v4.2.2 demonstrates a generally good security posture with several positive indicators. Notably, all identified entry points (AJAX handlers, REST API routes, and shortcodes) appear to have authorization checks in place, which is a strong defense against unauthorized access. The plugin also implements nonce checks for all AJAX handlers and a significant majority of SQL queries utilize prepared statements, mitigating common attack vectors. Furthermore, the code shows a good level of output escaping, reducing the risk of cross-site scripting (XSS) vulnerabilities.

However, there are a few areas that warrant attention. The presence of one unsanitized path flow in the taint analysis, even without critical or high severity, suggests a potential for path traversal or file inclusion vulnerabilities if not handled carefully. The plugin also performs file operations and makes external HTTP requests, which are always potential points of concern if not implemented with robust validation and sanitization. The vulnerability history, while showing no currently unpatched CVEs, does reveal a past high-severity vulnerability (CSRF), indicating that the plugin has had significant security flaws in the past and requires diligent ongoing security maintenance.

In conclusion, express-shop v4.2.2 has adopted many good security practices, particularly in handling its attack surface and SQL queries. The risk is moderate. The primary concerns stem from the single unsanitized path flow and the historical presence of a high-severity vulnerability, which highlight the need for continued vigilance and thorough code reviews for any future updates or modifications. The bundling of jQuery, while common, could be a minor concern if not kept up-to-date.

Key Concerns

Taint flow with unsanitized path
Past high severity vulnerability (CSRF)
Bundled library (jQuery) potentially outdated

Vulnerabilities

Express Shop for WooCommerce Product Table Security Vulnerabilities

CVEs by Year

1 CVE in 2021

2021

Patched Has unpatched

Severity Breakdown

High

1 total CVE

WF-12849d7e-1685-4e03-be0c-0672545fcd2b-express-shophigh · 8.8Cross-Site Request Forgery (CSRF)

Express Shop <= 4.0.2 - Cross-Site Request Forgery

Jun 30, 2021 Patched in 4.0.3 (937d)

Code Analysis

Analyzed Mar 16, 2026

Express Shop for WooCommerce Product Table Code Analysis

Dangerous Functions

Raw SQL Queries

11 prepared

Unescaped Output

444

1055 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

jQuery

SQL Query Safety

73% prepared15 total queries

Output Escaping

70% escaped1499 total outputs

Data Flows

1 unsanitized

Data Flow Analysis

16 flows1 with unsanitized paths

display_page (inc\option-tree\includes\class-ot-settings.php:227)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Express Shop for WooCommerce Product Table Attack Surface

Entry Points34

Unprotected0

AJAX Handlers 33

authwp_ajax_goodbye_formclass-plugin-deactivate-feedback.php:62

authwp_ajax_add_sectioninc\option-tree\ot-loader.php:394

authwp_ajax_add_settinginc\option-tree\ot-loader.php:397

authwp_ajax_add_the_contextual_helpinc\option-tree\ot-loader.php:400

authwp_ajax_add_choiceinc\option-tree\ot-loader.php:403

authwp_ajax_add_list_item_settinginc\option-tree\ot-loader.php:406

authwp_ajax_add_layoutinc\option-tree\ot-loader.php:409

authwp_ajax_add_list_iteminc\option-tree\ot-loader.php:412

authwp_ajax_add_social_linksinc\option-tree\ot-loader.php:415

authwp_ajax_ot_google_fontinc\option-tree\ot-loader.php:418

authwp_ajax_gallery_updateinc\option-tree\ot-loader.php:424

authwp_ajax_qcld_express_process_qc_promo_formqc-support-promo-page\class-qc-support-promo-page.php:116

authwp_ajax_qcld_recommend_support_function_ajaxqc-support-promo-page\qc-clr-recommendbot-support-plugin.php:8

authwp_ajax_get_vp_attributesqcld-express-ajax.php:8

noprivwp_ajax_get_vp_attributesqcld-express-ajax.php:9

authwp_ajax_sp_add_to_cartqcld-express-ajax.php:71

noprivwp_ajax_sp_add_to_cartqcld-express-ajax.php:72

authwp_ajax_vp_add_to_cartqcld-express-ajax.php:95

noprivwp_ajax_vp_add_to_cartqcld-express-ajax.php:96

authwp_ajax_show_cartqcld-express-ajax.php:150

noprivwp_ajax_show_cartqcld-express-ajax.php:151

authwp_ajax_load_moreqcld-express-ajax.php:224

noprivwp_ajax_load_moreqcld-express-ajax.php:225

authwp_ajax_product_search_by_catqcld-express-ajax.php:612

noprivwp_ajax_product_search_by_catqcld-express-ajax.php:613

authwp_ajax_qcld_express_shop_ajax_searchqcld-express-ajax.php:1124

noprivwp_ajax_qcld_express_shop_ajax_searchqcld-express-ajax.php:1125

authwp_ajax_qcld_express_search_product_single_viewqcld-express-ajax.php:1216

noprivwp_ajax_qcld_express_search_product_single_viewqcld-express-ajax.php:1217

authwp_ajax_qcld_express_single_ajax_add_to_cartqcld-express-cart-function.php:92

noprivwp_ajax_qcld_express_single_ajax_add_to_cartqcld-express-cart-function.php:93

authwp_ajax_qcld_express_car_count_updateqcld-express-cart-function.php:127

noprivwp_ajax_qcld_express_car_count_updateqcld-express-cart-function.php:128

Shortcodes 1

[qcld_express_shop] qcld-express-shortcode.php:7

WordPress Hooks 84

actionadmin_footer-plugins.phpclass-plugin-deactivate-feedback.php:61

filterwp_mail_content_typeclass-plugin-deactivate-feedback.php:97

actionadmin_headclass-qcld-free-plugin-upgrade-notice.php:34

actionplugin_row_metaclass-qcld-free-plugin-upgrade-notice.php:129

actionadmin_menuclass-qcld-free-plugin-upgrade-notice.php:169

actionadmin_headinc\option-tree\includes\class-ot-cleanup.php:37

actionadmin_menuinc\option-tree\includes\class-ot-cleanup.php:40

actionot_pre_consolidate_postsinc\option-tree\includes\class-ot-cleanup.php:43

actionadd_meta_boxesinc\option-tree\includes\class-ot-meta-box.php:55

actionsave_postinc\option-tree\includes\class-ot-meta-box.php:57

actionadmin_initinc\option-tree\includes\class-ot-post-formats.php:43

filterpre_pinginc\option-tree\includes\class-ot-post-formats.php:46

actionadmin_menuinc\option-tree\includes\class-ot-settings.php:74

actionadmin_initinc\option-tree\includes\class-ot-settings.php:77

actionadmin_initinc\option-tree\includes\class-ot-settings.php:80

actionadmin_initinc\option-tree\includes\class-ot-settings.php:83

actionadmin_initinc\option-tree\includes\class-ot-settings.php:86

actionadmin_noticesinc\option-tree\includes\ot-functions-admin.php:107

filtersafe_style_cssinc\option-tree\includes\ot-functions-admin.php:599

filterwp_kses_allowed_htmlinc\option-tree\includes\ot-functions-admin.php:600

filterot_recognized_font_familiesinc\option-tree\includes\ot-functions-admin.php:2415

actionot_after_theme_options_saveinc\option-tree\includes\ot-functions-admin.php:5170

actionsplit_shared_terminc\option-tree\includes\ot-functions-admin.php:6087

actionadmin_initinc\option-tree\includes\ot-functions-compat.php:13

filterot_option_types_arrayinc\option-tree\includes\ot-functions-compat.php:14

filterot_recognized_font_stylesinc\option-tree\includes\ot-functions-compat.php:15

filterot_recognized_font_weightsinc\option-tree\includes\ot-functions-compat.php:16

filterot_recognized_font_variantsinc\option-tree\includes\ot-functions-compat.php:17

filterot_recognized_font_familiesinc\option-tree\includes\ot-functions-compat.php:18

filterot_recognized_background_repeatinc\option-tree\includes\ot-functions-compat.php:19

filterot_recognized_background_positioninc\option-tree\includes\ot-functions-compat.php:20

filterot_measurement_unit_typesinc\option-tree\includes\ot-functions-compat.php:21

filterot_theme_modeinc\option-tree\ot-loader.php:5

actionadmin_noticesinc\option-tree\ot-loader.php:14

actionafter_setup_themeinc\option-tree\ot-loader.php:35

actioninitinc\option-tree\ot-loader.php:291

actioninitinc\option-tree\ot-loader.php:295

actionadmin_headinc\option-tree\ot-loader.php:298

actioninitinc\option-tree\ot-loader.php:334

actioninitinc\option-tree\ot-loader.php:339

actioninitinc\option-tree\ot-loader.php:344

actionadmin_print_scripts-post-new.phpinc\option-tree\ot-loader.php:351

actionadmin_print_scripts-post.phpinc\option-tree\ot-loader.php:352

actionadmin_print_styles-post-new.phpinc\option-tree\ot-loader.php:355

actionadmin_print_styles-post.phpinc\option-tree\ot-loader.php:356

actionadmin_bar_menuinc\option-tree\ot-loader.php:361

actionadmin_initinc\option-tree\ot-loader.php:364

actionadmin_initinc\option-tree\ot-loader.php:367

actionadmin_initinc\option-tree\ot-loader.php:370

actionadmin_initinc\option-tree\ot-loader.php:373

actionadmin_initinc\option-tree\ot-loader.php:376

actionadmin_initinc\option-tree\ot-loader.php:379

actionadmin_initinc\option-tree\ot-loader.php:382

actionwp_enqueue_scriptsinc\option-tree\ot-loader.php:385

actionwp_enqueue_scriptsinc\option-tree\ot-loader.php:388

actionot_after_theme_options_saveinc\option-tree\ot-loader.php:391

filtermedia_view_settingsinc\option-tree\ot-loader.php:421

filtergettextinc\option-tree\ot-loader.php:427

actionadmin_menuqc-support-promo-page\class-qc-support-promo-page.php:32

actionadmin_enqueue_scriptsqc-support-promo-page\class-qc-support-promo-page.php:62

actionqcld_express_product_variationqcld-express-ajax.php:5

actionqcld_express_product_variationqcld-express-ajax.php:6

actionwp_enqueue_scriptsqcld-express-assets.php:22

actionthe_postsqcld-express-assets.php:28

actionadmin_enqueue_scriptsqcld-express-assets.php:90

filterwoocommerce_add_to_cart_fragmentsqcld-express-cart-function.php:19

filterbody_classqcld-express-cart-function.php:80

actionwoocommerce_checkout_update_order_reviewqcld-express-cart-function.php:88

filterot_show_pagesqcld-express-framework.php:6

filterot_show_new_layoutqcld-express-framework.php:7

actionadmin_initqcld-express-framework.php:12

filterot_header_version_textqcld-express-framework.php:14

actioninitqcld-express-framework.php:25

actioninitqcld-express-main.php:42

actionadmin_noticesqcld-express-main.php:78

actionplugins_loadedqcld-express-main.php:145

filtercustom_menu_orderqcld-express-main.php:178

actionadmin_menuqcld-express-main.php:213

actionwp_footerqcld-express-main.php:263

actionadmin_initqcld-express-main.php:322

filterwp_enqueue_scriptsqcld-express-main.php:421

actionwp_enqueue_scriptsqcld-express-main.php:436

actiondokan_store_profile_frame_afterqcld-express-main.php:438

actionwp_footerqcld-express-main.php:445

Maintenance & Trust

Express Shop for WooCommerce Product Table Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedUnknown

PHP min version

Downloads10K

Community Trust

Rating92/100

Number of ratings5

Active installs20

Alternatives

Express Shop for WooCommerce Product Table Alternatives

Tabbed Category Product Listing for Woocommerce

woo-tabbed-category-product-listing

100

Display Category based Product Listing for WooCommerce in tab format on any page. Woocommerce category list and woocommerce product table.

1K No CVEs

Product Table and List Builder for WooCommerce Lite

wc-product-table-lite

Show your WooCommerce products in beautiful table and list layout with ease. Improves shopping experience for your customers and increases sales.

10K 9 CVEs

Product Table for WooCommerce

woo-product-table

Helps you to display your products in a searchable table layout with filters.

6K 4 CVEs

Product Table for WooCommerce by WBW

woo-product-tables

Show your products in the searchable and sortable product table. WooCommerce product listings and flexible order forms with WBW Product Table

2K 4 CVEs

Active Products Tables for WooCommerce. Use constructor to create tables

profit-products-tables-for-woocommerce

WooCommerce Active Products Tables - is the WooCommerce Products Table plugin displaying shop products in table format

1K 12 CVEs

Developer Profile

Express Shop for WooCommerce Product Table Developer Profile

QuantumCloud

29 plugins · 26K total installs

trust score

Avg Security Score

96/100

Avg Patch Time

255 days

View full developer profile

Detection Fingerprints

How We Detect Express Shop for WooCommerce Product Table

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/express-shop/assets/css/express-shop.css/wp-content/plugins/express-shop/assets/css/owl.carousel.min.css/wp-content/plugins/express-shop/assets/css/owl.theme.default.min.css/wp-content/plugins/express-shop/assets/css/product-view.css/wp-content/plugins/express-shop/assets/js/express-shop.js/wp-content/plugins/express-shop/assets/js/owl.carousel.min.js/wp-content/plugins/express-shop/assets/js/product-view.js/wp-content/plugins/express-shop/assets/js/jquery.zoom.min.js+5 more

Script Paths

/wp-content/plugins/express-shop/assets/js/express-shop.js/wp-content/plugins/express-shop/assets/js/owl.carousel.min.js/wp-content/plugins/express-shop/assets/js/product-view.js/wp-content/plugins/express-shop/assets/js/jquery.zoom.min.js/wp-content/plugins/express-shop/assets/js/jquery.nice-select.min.js/wp-content/plugins/express-shop/assets/js/jquery.countdown.min.js+2 more

Version Parameters

express-shop/assets/css/express-shop.css?ver=express-shop/assets/css/owl.carousel.min.css?ver=express-shop/assets/css/owl.theme.default.min.css?ver=express-shop/assets/css/product-view.css?ver=express-shop/assets/js/express-shop.js?ver=express-shop/assets/js/owl.carousel.min.js?ver=express-shop/assets/js/product-view.js?ver=express-shop/assets/js/jquery.zoom.min.js?ver=express-shop/assets/js/jquery.nice-select.min.js?ver=express-shop/assets/js/jquery.countdown.min.js?ver=express-shop/assets/js/main.js?ver=express-shop/qc-support-promo-page/assets/css/qc-support-promo-page.css?ver=express-shop/qc-support-promo-page/assets/js/qc-support-promo-page.js?ver=

HTML / DOM Fingerprints

CSS Classes

qcld_express_shop_wholessale_woo_wrapqcld_express_shop_wholessale_woo

JS Globals

QCLD_EXPRESS_PLUGIN_DIR_URLQCLD_EXPRESS_ASSETS_URLQCLD_EXPRESS_IMG_URLQCLD_EXPRESS_REQUIRED_WOOCOMMERCE_VERSIONQCLD_EXPRESS_FILE_DIR

FAQ