WP-Safety

Happy WooCommerce FAQs – Ultimate Product FAQ Plugin Security & Risk Analysis

wordpress.org/plugins/faq-for-woocommerce

WooCommerce Product FAQ Plugin and accordion plugin create FAQs with Google FAQ schema, AI Generator, Comment and customization support.

1K active installs v1.8.17 PHP 7.4+ WP 4.4+ Updated Apr 7, 2026
faqfaqsproduct-faqquestion-and-answerwoocommerce-faqs
98
A · Safe
CVEs total3
Unpatched0
Last CVEJul 8, 2024
Plugin page Download
Safety Verdict

Is Happy WooCommerce FAQs – Ultimate Product FAQ Plugin Safe to Use in 2026?

Generally Safe

Score 98/100

Happy WooCommerce FAQs – Ultimate Product FAQ Plugin has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

3 known CVEsLast CVE: Jul 8, 2024Updated 1mo ago
Risk Assessment

The 'faq-for-woocommerce' plugin v1.8.16 demonstrates a generally good security posture with several positive indicators. The absence of critical or high-severity taint flows, the exclusive use of prepared statements for SQL queries, and a high percentage of properly escaped output are commendable. Furthermore, the plugin implements nonce checks on all identified entry points, including its 11 AJAX handlers. The complete lack of critical and high severity vulnerabilities in its history and the fact that all past CVEs are currently patched are strong points.

However, there are areas for improvement. The historical vulnerability data reveals a pattern of medium-severity issues, specifically missing authorization and Cross-Site Scripting (XSS), which is a concern despite current patches. The presence of 3 medium CVEs in its history, even if unpatched, suggests a recurring susceptibility to certain types of vulnerabilities. Additionally, while all identified entry points have nonce checks, the absence of capability checks on AJAX handlers is a potential weakness, as these handlers might be accessible to users who shouldn't be able to trigger certain actions. The bundled Select2 library, while not inherently a risk, is worth noting as bundled third-party code can sometimes introduce vulnerabilities if not kept up-to-date. The plugin's overall security is decent, but the historical pattern of medium vulnerabilities and the lack of capability checks on AJAX handlers warrant attention.

Key Concerns

  • 3 medium CVEs in history
  • Bundled library (Select2)
  • No capability checks on AJAX
Vulnerabilities
3 published

Happy WooCommerce FAQs – Ultimate Product FAQ Plugin Security Vulnerabilities

CVEs by Year

3 CVEs in 2024
2024
Patched Has unpatched

Severity Breakdown

Medium
3

3 total CVEs

CVE-2024-5669medium · 6.4Missing Authorization

XPlainer – WooCommerce Product FAQ [WooCommerce Accordion FAQ Plugin] <= 1.7.0 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting

Jul 8, 2024 Patched in 1.7.1 (24d)
CVE-2024-5704medium · 4.3Missing Authorization

XPlainer – WooCommerce Product FAQ [WooCommerce Accordion FAQ Plugin] <= 1.7.0 - Missing Authorization to Authenticated (Subscriber+) Settings Update

Jul 8, 2024 Patched in 1.7.1 (25d)
CVE-2024-37515medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

XPlainer - WooCommerce Product FAQ <= 1.6.3 - Reflected Cross-Site Scripting

Jul 5, 2024 Patched in 1.6.4 (6d)
Version History

Happy WooCommerce FAQs – Ultimate Product FAQ Plugin Release Timeline

v1.8.17Current
v1.8.16
v1.8.15
v1.8.14
v1.8.13
v1.8.12
v1.8.11
v1.8.10
v1.8.9
v1.8.8
v1.8.7
v1.8.6
v1.8.5
v1.8.4
v1.8.3
v1.8.2
v1.8.1
v1.8.0
v1.7.8
v1.7.7
Code Analysis
Analyzed Mar 16, 2026

Happy WooCommerce FAQs – Ultimate Product FAQ Plugin Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
130
722 escaped
Nonce Checks
12
Capability Checks
0
File Operations
0
External Requests
1
Bundled Libraries
1

Bundled Libraries

Select2

Output Escaping

85% escaped852 total outputs
Data Flows · Security
All sanitized

Data Flow Analysis

4 flows
ffw_save_review_notice (includes\admin\class-faq-woocommerce-admin-notices.php:179)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Happy WooCommerce FAQs – Ultimate Product FAQ Plugin Attack Surface

Entry Points12
Unprotected0

AJAX Handlers 11

authwp_ajax_ffw_save_review_noticeincludes\admin\class-faq-woocommerce-admin-notices.php:31
authwp_ajax_ffw_hide_coupon_noticeincludes\admin\class-faq-woocommerce-admin-notices.php:32
authwp_ajax_ffw_generate_ai_faqsincludes\admin\class-faq-woocommerce-ai-faqs.php:106
authwp_ajax_ffw_insert_ai_faqsincludes\admin\class-faq-woocommerce-ai-faqs.php:107
authwp_ajax_ffw_insert_new_faqincludes\admin\faq-woocommerce-admin-functions.php:103
authwp_ajax_ffw_hide_discount_noticeincludes\admin\faq-woocommerce-admin-functions.php:199
authwp_ajax_ffw_delete_all_faqsincludes\admin\faq-woocommerce-admin-functions.php:241
authwp_ajax_ffw_delete_single_faqincludes\admin\faq-woocommerce-admin-functions.php:305
authwp_ajax_ffw_sort_faq_dataincludes\admin\faq-woocommerce-admin-functions.php:373
authwp_ajax_ffw_insert_data_from_searchincludes\admin\faq-woocommerce-admin-functions.php:443
authwp_ajax_ffw_activate_templateincludes\admin\faq-woocommerce-admin-functions.php:533

Shortcodes 1

[ffw_template] includes\ffw-helper.php:289
WordPress Hooks 60
actioninitfaq-for-woocommerce.php:134
actionplugins_loadedfaq-for-woocommerce.php:162
actioninitfaq-for-woocommerce.php:172
actionbefore_woocommerce_initfaq-for-woocommerce.php:186
actionadmin_enqueue_scriptsincludes\admin\class-faq-woocommerce-admin-assets.php:23
actionadmin_enqueue_scriptsincludes\admin\class-faq-woocommerce-admin-assets.php:24
actionadmin_menuincludes\admin\class-faq-woocommerce-admin-menus.php:45
actionadmin_noticesincludes\admin\class-faq-woocommerce-admin-notices.php:28
actionadmin_print_footer_scriptsincludes\admin\class-faq-woocommerce-admin-notices.php:34
actionadmin_print_footer_scriptsincludes\admin\class-faq-woocommerce-admin-notices.php:146
actioninitincludes\admin\class-faq-woocommerce-admin.php:23
actioninitincludes\admin\class-faq-woocommerce-admin.php:24
filteradmin_footerincludes\admin\class-faq-woocommerce-admin.php:27
actionadmin_menuincludes\admin\class-faq-woocommerce-dashboard.php:16
actionadmin_initincludes\admin\class-faq-woocommerce-settings.php:51
actionadd_meta_boxesincludes\admin\class-ffw-metaboxes.php:25
actionsave_postincludes\admin\class-ffw-metaboxes.php:26
actionffw_metabox_content_itemincludes\admin\class-ffw-metaboxes.php:27
actionffw_metabox_content_itemincludes\admin\class-ffw-metaboxes.php:28
actionffw_metabox_content_itemincludes\admin\class-ffw-metaboxes.php:29
filterinstall_plugins_table_api_args_featuredincludes\admin\class-ffw-suggest-plugins.php:69
filterplugins_api_resultincludes\admin\class-ffw-suggest-plugins.php:73
filterwoocommerce_product_data_tabsincludes\admin\faq-woocommerce-admin-functions.php:18
actionwoocommerce_product_data_panelsincludes\admin\faq-woocommerce-admin-functions.php:33
actionadmin_noticesincludes\admin\faq-woocommerce-admin-functions.php:651
filterffw_filter_template_namesincludes\admin\faq-woocommerce-admin-functions.php:654
actionadmin_footerincludes\admin\faq-woocommerce-admin-functions.php:727
filtercomment_post_redirectincludes\class-faq-comments.php:42
actionwp_enqueue_scriptsincludes\class-faq-woocommerce-public.php:52
actionwp_enqueue_scriptsincludes\class-faq-woocommerce-public.php:53
actioninitincludes\class-faq-woocommerce-public.php:54
actioninitincludes\class-faq-woocommerce.php:79
actionadmin_noticesincludes\class-faq-woocommerce.php:161
actionwp_footerincludes\faq-woocommerce-public.php:2
filterwoocommerce_product_tabsincludes\faq-woocommerce-public.php:137
actionffw_before_faq_startincludes\faq-woocommerce-public.php:304
actionffw_expand_collapse_allincludes\faq-woocommerce-public.php:314
actionffw_after_faq_endincludes\faq-woocommerce-public.php:330
actionffw_faq_headerincludes\ffw-helper.php:549
actioninitincludes\ffw-helper.php:600
filtermanage_product_posts_columnsincludes\ffw-helper.php:704
actionmanage_product_posts_custom_columnincludes\ffw-helper.php:718
actioninitincludes\ffw-helper.php:869
actioninitincludes\ffw-helper.php:912
filtermanage_edit-ffw_customer_qna_columnsincludes\ffw-helper.php:919
filtermanage_ffw_customer_qna_posts_columnsincludes\ffw-helper.php:945
actionmanage_ffw_customer_qna_posts_custom_columnincludes\ffw-helper.php:973
filtermanage_ffw_customer_qna_posts_columnsincludes\ffw-helper.php:995
actionadmin_enqueue_scriptsincludes\ffw-helper.php:1013
filterpost_row_actionsincludes\ffw-helper.php:1030
actionadmin_menuincludes\ffw-helper.php:1053
filterenter_title_hereincludes\ffw-helper.php:1061
actionffw_comments_templateincludes\ffw-helper.php:1119
actionffw_comments_formincludes\ffw-helper.php:1125
filtercomment_post_redirectincludes\ffw-helper.php:1182
filterwp_robotsincludes\ffw-helper.php:1253
actionadmin_headincludes\ffw-helper.php:1278
filtermanage_ffw_posts_columnsincludes\ffw-helper.php:1418
actionmanage_ffw_posts_custom_columnincludes\ffw-helper.php:1435
filterpll_get_post_typesincludes\ffw-helper.php:1550
Maintenance & Trust

Happy WooCommerce FAQs – Ultimate Product FAQ Plugin Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedApr 7, 2026
PHP min version7.4
Downloads57K

Community Trust

Rating96/100
Number of ratings22
Active installs1K
Alternatives

Happy WooCommerce FAQs – Ultimate Product FAQ Plugin Alternatives

FaqsBuddy – Product FAQ / Accordion / Docs For WooCommerce

FaqsBuddy – Product FAQ / Accordion / Docs For WooCommerce

faqs-buddy-product-faq

A
92

Best product FAQ to boost your SEO with google FAQ schema support, fully responsive with customization and shortcodes the WooCommerce FAQ plugin can b &hellip;

0 No CVEs
Product FAQs For WooCommerce

Product FAQs For WooCommerce

product-faqs-for-woocommerce

A
100

Product FAQs For WooCommerce is a streamlined and user-friendly plugin designed to seamlessly integrate Frequently Asked Questions (FAQs) into your Wo &hellip;

10 No CVEs
Display FAQ – Responsive Accordion and Product FAQ For WooCommerce

Display FAQ – Responsive Accordion and Product FAQ For WooCommerce

wp-display-faq

A
100

Create and display responsive Accordions, FAQs in a webpage. Also create Product FAQ for WooCommerce and display them in a single product page.

20 No CVEs
Product FAQs Manager

Product FAQs Manager

product-faq-manager

A
92

Product FAQs Manager helps store owners manage FAQs on product pages to improve user experience and increase conversions.

0 No CVEs
Easy Accordion – Responsive Accordion FAQ Builder and Product FAQ

Easy Accordion – Responsive Accordion FAQ Builder and Product FAQ

easy-accordion-free

A
99

Easily create Accordions, FAQs, and Product FAQ for WooCommerce. Customizable drag & drop WordPress FAQ builder plugin.

80K 3 CVEs
Developer Profile

Happy WooCommerce FAQs – Ultimate Product FAQ Plugin Developer Profile

HappyDevs

4 plugins · 1K total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
18 days
View full developer profile
Detection Fingerprints

How We Detect Happy WooCommerce FAQs – Ultimate Product FAQ Plugin

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/faq-for-woocommerce/assets/admin/css/bootstrap.min.css/wp-content/plugins/faq-for-woocommerce/assets/admin/css/faq-woocommerce-admin.min.css/wp-content/plugins/faq-for-woocommerce/assets/admin/css/faq-woocommerce-popup.min.css
Script Paths
/wp-content/plugins/faq-for-woocommerce/assets/admin/js/faq-woocommerce-admin.min.js
Version Parameters
faq-for-woocommerce/assets/admin/css/bootstrap.min.css?ver=faq-for-woocommerce/assets/admin/css/faq-woocommerce-admin.min.css?ver=faq-for-woocommerce/assets/admin/css/faq-woocommerce-popup.min.css?ver=faq-for-woocommerce/assets/admin/js/faq-woocommerce-admin.min.js?ver=

HTML / DOM Fingerprints

CSS Classes
ffw_page_woocommerce-faqffw-dashboardffw-page-settings
Data Attributes
data-ffw-iddata-ffw-toggledata-ffw-parent
JS Globals
ffw_localize_data
Shortcode Output
[faq_products][faq_categories][faq_all]
FAQ

Frequently Asked Questions about Happy WooCommerce FAQs – Ultimate Product FAQ Plugin