WP-Safety

Forge12 Accessories for WooCommerce Security & Risk Analysis

wordpress.org/plugins/f12-wc-accessories

Add optional accessories to WooCommerce products and categories. Increase your average order value with product accessories, cart crossselling and cat …

80 active installs v2.3.6 PHP 7.4+ WP 5.8+ Updated Mar 10, 2026
accessoriescross-selllinked-productsproduct-bundleswoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Forge12 Accessories for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Forge12 Accessories for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 25d ago
Risk Assessment

The "f12-wc-accessories" plugin v2.3.6 exhibits a generally strong security posture, with a notable absence of known vulnerabilities and critical findings in static analysis. The presence of numerous nonce and capability checks, coupled with a high percentage of properly escaped output and the use of prepared statements for SQL queries, indicates good development practices. The lack of external HTTP requests and unsanitized paths in taint analysis further bolster its security. The plugin also boasts a relatively small attack surface with all identified entry points seemingly protected by authentication or capability checks.

However, a single instance of the `unserialize` function being used is a potential area of concern. While the static analysis did not uncover any immediate exploitable flaws related to it, `unserialize` is inherently risky if used with untrusted input, as it can lead to remote code execution vulnerabilities. The limited scope of the taint analysis (5 flows analyzed) means that other potentially unsanitized paths might exist that were not detected. Overall, the plugin appears to be developed with security in mind, but the use of `unserialize` warrants careful consideration and potentially further investigation into how and with what data it is being used.

Key Concerns

  • Use of unserialize function
Vulnerabilities
None known

Forge12 Accessories for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Forge12 Accessories for WooCommerce Code Analysis

Dangerous Functions
1
Raw SQL Queries
4
2 prepared
Unescaped Output
49
616 escaped
Nonce Checks
21
Capability Checks
12
File Operations
1
External Requests
0
Bundled Libraries
0

Dangerous Functions Found

unserialize$data = @unserialize($col->meta_value, array('allowed_classes' => false));Accessories.class.php:433

SQL Query Safety

33% prepared6 total queries

Output Escaping

93% escaped665 total outputs
Data Flows
All sanitized

Data Flow Analysis

5 flows
<OptionalAccessoriesToWooCommerce.class> (includes\Admin\OptionalAccessoriesToWooCommerce.class.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Forge12 Accessories for WooCommerce Attack Surface

Entry Points14
Unprotected0

AJAX Handlers 13

authwp_ajax_f12_bulk_assign_accessoriesincludes\Admin\BulkAssignment.class.php:40
authwp_ajax_f12_bulk_preview_countincludes\Admin\BulkAssignment.class.php:41
authwp_ajax_f12_bulk_undoincludes\Admin\BulkAssignment.class.php:42
authwp_ajax_f12_export_accessoriesincludes\Admin\ImportExport.class.php:40
authwp_ajax_f12_import_accessoriesincludes\Admin\ImportExport.class.php:41
authwp_ajax_f12_inventory_checkincludes\Admin\InventoryCheck.class.php:40
authwp_ajax_f12_fix_orphaned_accessoriesincludes\Admin\InventoryCheck.class.php:41
authwp_ajax_f12_save_accessory_orderincludes\Admin\OptionalAccessoriesToWooCommerce.class.php:39
authwp_ajax_f12_get_accessory_item_htmlincludes\Admin\OptionalAccessoriesToWooCommerce.class.php:40
authwp_ajax_f12_bulk_add_to_cartincludes\Frontend\OptionalAccessories.class.php:42
noprivwp_ajax_f12_bulk_add_to_cartincludes\Frontend\OptionalAccessories.class.php:43
authwp_ajax_f12_get_product_previewincludes\Frontend\ProductPreview.class.php:30
noprivwp_ajax_f12_get_product_previewincludes\Frontend\ProductPreview.class.php:31

Shortcodes 1

[f12-woo-accessories] includes\Core\Shortcode.class.php:20
WordPress Hooks 40
actionbefore_woocommerce_initAccessories.class.php:133
actioninitAccessories.class.php:137
actionadmin_noticesAccessories.class.php:174
actionproduct_cat_add_form_fieldsincludes\Admin\OptionalAccessoriesToCategory.class.php:39
actioncreate_product_catincludes\Admin\OptionalAccessoriesToCategory.class.php:40
actionproduct_cat_edit_formincludes\Admin\OptionalAccessoriesToCategory.class.php:42
actionedited_product_catincludes\Admin\OptionalAccessoriesToCategory.class.php:43
actionadmin_initincludes\Admin\OptionalAccessoriesToWooCommerce.class.php:37
actionadmin_enqueue_scriptsincludes\Admin\OptionalAccessoriesToWooCommerce.class.php:38
filterwoocommerce_json_search_found_productsincludes\Admin\OptionalAccessoriesToWooCommerce.class.php:41
filterwoocommerce_product_data_tabsincludes\Admin\OptionalAccessoriesToWooCommerce.class.php:156
actionwoocommerce_product_data_panelsincludes\Admin\OptionalAccessoriesToWooCommerce.class.php:157
actionwoocommerce_process_product_metaincludes\Admin\OptionalAccessoriesToWooCommerce.class.php:158
actioninitincludes\Core\GutenbergBlock.class.php:28
actionrest_api_initincludes\Core\RestAPI.class.php:28
actionwp_footerincludes\Core\SchemaMarkup.class.php:28
actionwoocommerce_after_cartincludes\Frontend\AccessoriesCart.class.php:36
filterf12_woo_accessories_cart_headingincludes\Frontend\AccessoriesCart.class.php:38
filterf12_woo_accessories_cart_descriptionincludes\Frontend\AccessoriesCart.class.php:39
actionf12_woo_accessories_beforeincludes\Frontend\AccessoryGrouping.class.php:28
filterf12_woo_accessories_item_attrsincludes\Frontend\AccessoryGrouping.class.php:29
actionwp_enqueue_scriptsincludes\Frontend\AccessoryGrouping.class.php:30
actionwp_enqueue_scriptsincludes\Frontend\OptionalAccessories.class.php:39
actioninitincludes\Frontend\OptionalAccessories.class.php:47
actionwoocommerce_before_add_to_cart_buttonincludes\Frontend\OptionalAccessories.class.php:51
actionwoocommerce_add_to_cartincludes\Frontend\OptionalAccessories.class.php:53
actionwoocommerce_after_single_product_summaryincludes\Frontend\OptionalAccessories.class.php:55
filterf12_woo_accessories_products_headingincludes\Frontend\OptionalAccessories.class.php:58
filterf12_woo_accessories_products_descriptionincludes\Frontend\OptionalAccessories.class.php:59
filterf12_woo_accessories_cartincludes\Frontend\OptionalAccessories.class.php:62
actionwp_enqueue_scriptsincludes\Frontend\ProductPreview.class.php:28
actionwp_footerincludes\Frontend\ProductPreview.class.php:29
filterf12_woo_accessories_container_attrsincludes\Frontend\ProductPreview.class.php:32
filterf12_woo_accessories_item_classincludes\Frontend\RecommendedBadge.class.php:28
actionf12_woo_accessories_item_badgeincludes\Frontend\RecommendedBadge.class.php:29
actionwoocommerce_process_product_metaincludes\Frontend\RecommendedBadge.class.php:30
actionf12_woo_accessories_admin_sortable_itemincludes\Frontend\RecommendedBadge.class.php:31
actionwoocommerce_after_shop_loop_item_titleincludes\Frontend\StockAlerts.class.php:28
actionadmin_menuincludes\UI\UI.class.php:65
actionadmin_enqueue_scriptsincludes\UI\UIDesign.class.php:101
Maintenance & Trust

Forge12 Accessories for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedMar 10, 2026
PHP min version7.4
Downloads3K

Community Trust

Rating0/100
Number of ratings0
Active installs80
Alternatives

Forge12 Accessories for WooCommerce Alternatives

ShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce Solution

ShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce Solution

shopengine

A
96

WooCommerce builder for Elementor and Gutenberg. It offers product templates, product sliders, shopping cart, quick view, Woo wishlist, product filter &hellip;

90K 4 CVEs
Product Bundle Builder for WooCommerce

Product Bundle Builder for WooCommerce

easy-product-bundles-for-woocommerce

A
100

WooCommerce Product Bundle help to creates Product Bundles, Composite Products, Mix and Match, BOGO deals, Offer gift products, and Assembled Products &hellip;

7K No CVEs
One Click Upsell Funnel for WooCommerce

One Click Upsell Funnel for WooCommerce

woo-one-click-upsell-funnel

A
99

Create WooCommerce Upsells in One Click, Increase Sales with Related Products, Post Purchase Upsell, Cross Sell, Order Bump and Frequently Bought.

1K 1 CVE
Beeketing for WooCommerce – Marketing Automation to Boost Sales

Beeketing for WooCommerce – Marketing Automation to Boost Sales

beeketing-for-woocommerce

A
85

Help WooCommerce stores convert traffic into sales, upsell & cross-sell, recover abandoned carts with 10+ powerful marketing & sales features.

700 No CVEs
WPC Smart Linked Products – Upsells & Cross-sells for WooCommerce

WPC Smart Linked Products – Upsells & Cross-sells for WooCommerce

wpc-smart-linked-products

A
98

WPC Smart Linked Products plugin simplifies managing related, upsells, and cross-sells products in bulk with custom rules and mixed combinations.

700 1 CVE
Developer Profile

Forge12 Accessories for WooCommerce Developer Profile

Forge12 Interactive GmbH

6 plugins · 12K total installs

87
trust score
Avg Security Score
99/100
Avg Patch Time
76 days
View full developer profile
Detection Fingerprints

How We Detect Forge12 Accessories for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/f12-wc-accessories/assets/css/f12-wc-accessories-frontend.css/wp-content/plugins/f12-wc-accessories/assets/js/f12-wc-accessories-frontend.js/wp-content/plugins/f12-wc-accessories/assets/js/f12-wc-accessories-common.js/wp-content/plugins/f12-wc-accessories/assets/css/f12-woo-accessories-admin.css/wp-content/plugins/f12-wc-accessories/assets/js/f12-woo-accessories-admin.js/wp-content/plugins/f12-wc-accessories/assets/js/f12-woo-accessories-frontend-helper.js/wp-content/plugins/f12-wc-accessories/assets/js/f12-woo-accessories-cart-helper.js/wp-content/plugins/f12-wc-accessories/assets/js/f12-wc-accessories-product-preview.js+2 more
Version Parameters
f12-wc-accessories/assets/css/f12-wc-accessories-frontend.css?ver=f12-wc-accessories/assets/js/f12-wc-accessories-frontend.js?ver=f12-wc-accessories/assets/js/f12-wc-accessories-common.js?ver=f12-wc-accessories/assets/css/f12-woo-accessories-admin.css?ver=f12-wc-accessories/assets/js/f12-woo-accessories-admin.js?ver=f12-wc-accessories/assets/js/f12-woo-accessories-frontend-helper.js?ver=f12-wc-accessories/assets/js/f12-woo-accessories-cart-helper.js?ver=f12-wc-accessories/assets/js/f12-wc-accessories-product-preview.js?ver=f12-wc-accessories/assets/js/f12-wc-accessories-stock-alerts.js?ver=f12-wc-accessories/assets/js/f12-wc-accessories-gutenberg-block.js?ver=

HTML / DOM Fingerprints

CSS Classes
f12-wc-accessoriesf12-accessories-wrapf12-accessories-add-to-cart-wrapf12-accessories-add-to-cart-buttonf12-accessories-product-titlef12-accessories-product-pricef12-accessories-product-description
HTML Comments
<!-- Start: Forge12 Accessories --><!-- End: Forge12 Accessories --><!-- Forge12 WooCommerce Accessories Pro Placeholder -->
Data Attributes
data-f12-accessory-product-iddata-f12-accessory-cart-item-key
JS Globals
f12_wc_accessories_frontend_paramsf12_wc_accessories_common_paramsf12_wc_accessories_cart_paramsf12_wc_accessories_stock_alerts_params
REST Endpoints
/wp-json/forge12/v1/accessories/add-accessory
FAQ

Frequently Asked Questions about Forge12 Accessories for WooCommerce