WP-Safety

GetPaid > Item Inventory Security & Risk Analysis

wordpress.org/plugins/getpaid-item-inventory

Set the inventory amount and never sell anything you don't have in stock.

500 active installs v2.0.2 PHP 5.6+ WP 5.0+ Updated Dec 4, 2025
checkoutgetpaidinventorysellingstock
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is GetPaid > Item Inventory Safe to Use in 2026?

Generally Safe

Score 100/100

GetPaid > Item Inventory has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago
Risk Assessment

The static analysis of the "getpaid-item-inventory" v2.0.2 plugin reveals a generally strong security posture. The absence of known CVEs, critical taint flows, and dangerous functions is highly positive. The code demonstrates good practices by utilizing prepared statements for all SQL queries and implementing nonce and capability checks for its functionalities. Furthermore, the plugin exhibits a well-managed attack surface with no exposed AJAX handlers, REST API routes, or shortcodes that lack authentication or permission checks. The high percentage of properly escaped output also contributes to mitigating cross-site scripting (XSS) risks.

Despite these strengths, there is a minor concern regarding the output escaping, where 8% of outputs are not properly escaped. While the total number of unescaped outputs is not explicitly provided, this could represent a potential vector for XSS vulnerabilities if the unescaped data is user-controllable and rendered directly in the browser. The presence of a cron event also warrants attention to ensure it does not introduce vulnerabilities if its associated code is not robustly secured. Overall, the plugin is well-developed from a security perspective, with minimal areas for concern that would significantly impact its risk profile.

Key Concerns

  • Unescaped output present
Vulnerabilities
None known

GetPaid > Item Inventory Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

GetPaid > Item Inventory Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
5 prepared
Unescaped Output
9
103 escaped
Nonce Checks
5
Capability Checks
14
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared5 total queries

Output Escaping

92% escaped112 total outputs
Attack Surface

GetPaid > Item Inventory Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 67
actionadmin_initincludes\class-getpaid-item-inventory-admin.php:28
filterwpinv_settings_tabsincludes\class-getpaid-item-inventory-admin.php:29
filterwpinv_settings_sectionsincludes\class-getpaid-item-inventory-admin.php:30
filterwpinv_registered_settingsincludes\class-getpaid-item-inventory-admin.php:31
actionwpinv_item_details_metabox_item_detailsincludes\class-getpaid-item-inventory-admin.php:32
actiongetpaid_item_metabox_saveincludes\class-getpaid-item-inventory-admin.php:33
filterwpi_item_table_columnsincludes\class-getpaid-item-inventory-admin.php:34
filtermanage_edit-wpi_item_sortable_columnsincludes\class-getpaid-item-inventory-admin.php:35
actionmanage_wpi_item_posts_custom_columnincludes\class-getpaid-item-inventory-admin.php:36
actionrequestincludes\class-getpaid-item-inventory-admin.php:37
actiongetpaid_initincludes\class-getpaid-item-inventory-cron.php:30
filterwpinv_settings_sanitize_hold_stock_minutesincludes\class-getpaid-item-inventory-cron.php:33
actiongetpaid_item_inventory_cancel_invoices_cronincludes\class-getpaid-item-inventory-cron.php:36
actiongetpaid_low_stockincludes\class-getpaid-item-inventory-emails.php:29
actiongetpaid_no_stockincludes\class-getpaid-item-inventory-emails.php:30
actiongetpaid_item_on_backorderincludes\class-getpaid-item-inventory-emails.php:31
actiongetpaid_initincludes\class-getpaid-item-inventory.php:64
actiongetpaid_order_bumps_after_item_nameincludes\class-getpaid-item-inventory.php:67
filtergetpaid_disable_order_bumpincludes\class-getpaid-item-inventory.php:68
filtergetpaid_buy_item_button_widgetincludes\class-getpaid-item-inventory.php:71
actiongetpaid_submissions_process_itemsincludes\class-getpaid-item-inventory.php:74
actiongetpaid_payment_form_cart_item_descriptionincludes\class-getpaid-item-inventory.php:75
actiongetpaid_payment_form_cart_item_nameincludes\class-getpaid-item-inventory.php:76
actiongetpaid_checkout_before_gatewayincludes\class-getpaid-item-inventory.php:79
actiongetpaid_checkout_invoice_exceptionincludes\class-getpaid-item-inventory.php:82
actiongetpaid_invoice_status_wpi-cancelledincludes\class-getpaid-item-inventory.php:83
actiongetpaid_invoice_status_publishincludes\class-getpaid-item-inventory.php:84
actiongetpaid_invoice_status_wpi-processingincludes\class-getpaid-item-inventory.php:85
actiongetpaid_invoice_status_wpi-renewalincludes\class-getpaid-item-inventory.php:86
actiongetpaid_invoice_status_wpi-onholdincludes\class-getpaid-item-inventory.php:87
actiongetpaid_invoice_status_wpi-failedincludes\class-getpaid-item-inventory.php:88
actiongetpaid_invoice_status_wpi-cancelledincludes\class-getpaid-item-inventory.php:91
actiongetpaid_invoice_status_wpi-failedincludes\class-getpaid-item-inventory.php:92
actiongetpaid_invoice_status_wpi-pendingincludes\class-getpaid-item-inventory.php:93
actiongetpaid_invoice_status_wpi-refundedincludes\class-getpaid-item-inventory.php:94
actiongetpaid_invoice_status_publishincludes\class-getpaid-item-inventory.php:97
actiongetpaid_invoice_status_wpi-renewalincludes\class-getpaid-item-inventory.php:98
actiongetpaid_invoice_status_wpi-processingincludes\class-getpaid-item-inventory.php:99
actiongetpaid_invoice_status_wpi-onholdincludes\class-getpaid-item-inventory.php:100
actioninitincludes\class-tgm-plugin-activation.php:268
filterload_textdomain_mofileincludes\class-tgm-plugin-activation.php:269
actioninitincludes\class-tgm-plugin-activation.php:272
actionadmin_menuincludes\class-tgm-plugin-activation.php:421
actionadmin_headincludes\class-tgm-plugin-activation.php:422
filterinstall_plugin_complete_actionsincludes\class-tgm-plugin-activation.php:425
filterupdate_plugin_complete_actionsincludes\class-tgm-plugin-activation.php:426
actionadmin_noticesincludes\class-tgm-plugin-activation.php:429
actionadmin_initincludes\class-tgm-plugin-activation.php:430
actionadmin_enqueue_scriptsincludes\class-tgm-plugin-activation.php:431
actionload-plugins.phpincludes\class-tgm-plugin-activation.php:436
actionswitch_themeincludes\class-tgm-plugin-activation.php:439
actionswitch_themeincludes\class-tgm-plugin-activation.php:442
actionadmin_initincludes\class-tgm-plugin-activation.php:447
actionswitch_themeincludes\class-tgm-plugin-activation.php:452
actionload_textdomain_mofileincludes\class-tgm-plugin-activation.php:475
filterupgrader_source_selectionincludes\class-tgm-plugin-activation.php:889
actionplugins_loadedincludes\class-tgm-plugin-activation.php:2112
filtertgmpa_table_data_itemsincludes\class-tgm-plugin-activation.php:2236
filterupgrader_source_selectionincludes\class-tgm-plugin-activation.php:2977
actionadmin_initincludes\class-tgm-plugin-activation.php:3147
actionupgrader_process_completeincludes\class-tgm-plugin-activation.php:3242
filterupgrader_post_installincludes\class-tgm-plugin-activation.php:3301
filterupgrader_post_installincludes\class-tgm-plugin-activation.php:3446
actiontgmpa_registerplugin.php:72
filtergetpaid_autoload_locationsplugin.php:83
actiongetpaid_actionsplugin.php:93
actioninitplugin.php:109

Scheduled Events 1

getpaid_item_inventory_cancel_invoices_cron
Maintenance & Trust

GetPaid > Item Inventory Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedDec 4, 2025
PHP min version5.6
Downloads9K

Community Trust

Rating0/100
Number of ratings0
Active installs500
Alternatives

GetPaid > Item Inventory Alternatives

Stock Manager for WooCommerce

Stock Manager for WooCommerce

woocommerce-stock-manager

A
92

WooCommerce stock management plugin to manage and edit product stock and their variables from a single dashboard. Stock log, import/export, filters!

20K 4 CVEs
ATUM WooCommerce Inventory Management and Stock Tracking

ATUM WooCommerce Inventory Management and Stock Tracking

atum-stock-manager-for-woocommerce

A
100

WooCommerce Full Inventory Management, Purchase Orders, Suppliers, Inbound Stock, Inventory Logs, WooCommerce Sales Statistics, and More.

10K No CVEs
Notifima – WooCommerce Stock Manager, Inventory Management, Waitlist

Notifima – WooCommerce Stock Manager, Inventory Management, Waitlist

woocommerce-product-stock-alert

A
99

WooCommerce back in stock notifier and stock manager plugin. Manage inventory, enable waitlists, and send stock notifications automatically.

3K 2 CVEs
FlexStock – Stock Sync with Google Sheets for WooCommerce

FlexStock – Stock Sync with Google Sheets for WooCommerce

stock-sync-with-google-sheet-for-woocommerce

A
99

WooCommerce inventory and stock management plugin with real-time Google Sheets sync. Track, manage, and bulk edit products instantly.

800 1 CVE
Veeqo for WooCommerce

Veeqo for WooCommerce

veeqo-for-woocommerce

A
85

Veeqo integrates with your WooCommerce stock with other online marketplaces and allows you to print shipping labels in one click.

700 No CVEs
Developer Profile

GetPaid > Item Inventory Developer Profile

Stiofan

12 plugins · 90K total installs

78
trust score
Avg Security Score
99/100
Avg Patch Time
191 days
View full developer profile
Detection Fingerprints

How We Detect GetPaid > Item Inventory

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/getpaid-item-inventory/assets/css/getpaid-item-inventory.css/wp-content/plugins/getpaid-item-inventory/assets/js/getpaid-item-inventory.js
Script Paths
/wp-content/plugins/getpaid-item-inventory/assets/js/getpaid-item-inventory.js
Version Parameters
getpaid-item-inventory/assets/css/getpaid-item-inventory.css?ver=getpaid-item-inventory/assets/js/getpaid-item-inventory.js?ver=

HTML / DOM Fingerprints

FAQ

Frequently Asked Questions about GetPaid > Item Inventory