Does GoWishCart – Wishlist for FluentCart have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is GoWishCart – Wishlist for FluentCart compatible with WordPress 6.9.4?

According to WordPress.org data, GoWishCart – Wishlist for FluentCart 1.2.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is GoWishCart – Wishlist for FluentCart compatible with PHP 7.4+?

GoWishCart – Wishlist for FluentCart requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is GoWishCart – Wishlist for FluentCart updated?

GoWishCart – Wishlist for FluentCart was last updated on Apr 9, 2026. Frequent updates are generally a positive security signal.

What is GoWishCart – Wishlist for FluentCart's security score?

GoWishCart – Wishlist for FluentCart has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

GoWishCart – Wishlist for FluentCart Security & Risk Analysis

wordpress.org/plugins/gowishcart-wishlist-for-fluentcart

Wishlist management for FluentCart stores with guest wishlists, variation support, and optional notification and FluentCRM integration.

0 active installs v1.2.0 PHP 7.4+ WP 5.0+ Updated Apr 9, 2026

ecommercefavoritesfluentcartshoppingwishlist

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is GoWishCart – Wishlist for FluentCart Safe to Use in 2026?

Generally Safe

Score 100/100

GoWishCart – Wishlist for FluentCart has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The 'gowishcart-wishlist-for-fluentcart' plugin v1.2.0 exhibits a generally good security posture, with several positive indicators such as 100% proper output escaping, 100% prepared statement usage for SQL queries, and a complete absence of known CVEs. The plugin also demonstrates a commitment to security with a significant number of capability checks (28) and the presence of nonce checks (5), which are crucial for preventing common web vulnerabilities. However, the static analysis does reveal some areas of concern that warrant attention.

The most significant findings are within the taint analysis, which identified 4 flows with unsanitized paths, all classified as high severity. This indicates potential vulnerabilities where user-supplied data might not be adequately validated or sanitized before being used in sensitive operations, leading to potential security risks. Furthermore, the plugin exposes 3 REST API routes without permission callbacks, creating an unprotected attack surface that could be exploited if not properly secured by the site owner. While the number of unprotected entry points is relatively small, these exposed routes represent a direct avenue for potential malicious activity.

Overall, the plugin's strong adherence to secure coding practices like proper escaping and prepared statements, combined with its clean vulnerability history, suggests a solid foundation. However, the identified high-severity taint flows and unprotected REST API routes represent critical areas that need immediate investigation and remediation. Addressing these specific issues will significantly strengthen the plugin's security and mitigate potential risks to users.

Key Concerns

High severity taint flows
Unprotected REST API routes

Vulnerabilities

None known

GoWishCart – Wishlist for FluentCart Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

GoWishCart – Wishlist for FluentCart Release Timeline

v1.2.0Current

v1.1.5

v1.1.4

v1.1.3

v1.0.0

Code Analysis

Analyzed Apr 16, 2026

GoWishCart – Wishlist for FluentCart Code Analysis

Dangerous Functions

Raw SQL Queries

120 prepared

Unescaped Output

345 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared120 total queries

Output Escaping

100% escaped345 total outputs

Data Flows · Security

4 unsanitized

Data Flow Analysis

4 flows4 with unsanitized paths

wishlist_get (includes/class-gowishcart-admin.php:1407)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

3 unprotected

GoWishCart – Wishlist for FluentCart Attack Surface

Entry Points33

Unprotected3

REST API Routes 31

GET/wp-json/gowishcart/v1/settingsincludes/class-gowishcart-admin.php:286

GET/wp-json/gowishcart/v1/pagesincludes/class-gowishcart-admin.php:306

POST/wp-json/gowishcart/v1/pages/create-wishlistincludes/class-gowishcart-admin.php:325

POST/wp-json/gowishcart/v1/install-fluentcartincludes/class-gowishcart-admin.php:336

GET/wp-json/gowishcart/v1/check-fluentcartincludes/class-gowishcart-admin.php:344

GET/wp-json/gowishcart/v1/productsincludes/class-gowishcart-admin.php:352

POST/wp-json/gowishcart/v1/wishlist/addincludes/class-gowishcart-admin.php:361

POST/wp-json/gowishcart/v1/wishlist/removeincludes/class-gowishcart-admin.php:369

POST/wp-json/gowishcart/v1/wishlist/track-cartincludes/class-gowishcart-admin.php:377

GET/wp-json/gowishcart/v1/wishlistincludes/class-gowishcart-admin.php:385

GET/wp-json/gowishcart/v1/wishlist/check/(?P<product_id>\d+)includes/class-gowishcart-admin.php:393

GET/wp-json/gowishcart/v1/product/(?P<product_id>\d+)/variantsincludes/class-gowishcart-admin.php:405

POST/wp-json/gowishcart/v1/wishlist/syncincludes/class-gowishcart-admin.php:417

GET/wp-json/gowishcart/v1/wishlist/usersincludes/class-gowishcart-admin.php:425

GET/wp-json/gowishcart/v1/guest/check-emailincludes/class-gowishcart-admin.php:434

POST/wp-json/gowishcart/v1/guest/update-emailincludes/class-gowishcart-admin.php:442

GET/wp-json/gowishcart/v1/fluentcrm/settingsincludes/class-gowishcart-admin.php:451

POST/wp-json/gowishcart/v1/fluentcrm/settingsincludes/class-gowishcart-admin.php:459

GET/wp-json/gowishcart/v1/fluentcrm/tagsincludes/class-gowishcart-admin.php:467

GET/wp-json/gowishcart/v1/fluentcrm/listsincludes/class-gowishcart-admin.php:475

GET/wp-json/gowishcart/v1/campaignsincludes/class-gowishcart-admin.php:484

POST/wp-json/gowishcart/v1/campaignsincludes/class-gowishcart-admin.php:520

GET/wp-json/gowishcart/v1/campaigns/(?P<id>\d+)includes/class-gowishcart-admin.php:528

PUT/wp-json/gowishcart/v1/campaigns/(?P<id>\d+)includes/class-gowishcart-admin.php:542

DELETE/wp-json/gowishcart/v1/campaigns/(?P<id>\d+)includes/class-gowishcart-admin.php:556

GET/wp-json/gowishcart/v1/campaigns/(?P<id>\d+)/analyticsincludes/class-gowishcart-admin.php:570

POST/wp-json/gowishcart/v1/notifications/subscribeincludes/class-gowishcart-admin.php:585

GET/wp-json/gowishcart/v1/notificationsincludes/class-gowishcart-admin.php:593

GET/wp-json/gowishcart/v1/notifications/statsincludes/class-gowishcart-admin.php:616

GET/wp-json/gowishcart/v1/activity/wishlist/(?P<wishlist_id>\d+)includes/class-gowishcart-admin.php:625

GET/wp-json/gowishcart/v1/activity/recentincludes/class-gowishcart-admin.php:661

Shortcodes 2

[gowishcart_sc] includes/shortcodes/class-wishlist-button-shortcode.php:21

[gowishcart_wishlist] includes/shortcodes/class-wishlist-shortcode.php:19

WordPress Hooks 49

actionswitch_themeappsero/client/src/Insights.php:135

actionswitch_themeappsero/client/src/Insights.php:136

actionadmin_footerappsero/client/src/Insights.php:147

actionadmin_noticesappsero/client/src/Insights.php:163

actionadmin_initappsero/client/src/Insights.php:166

filtercron_schedulesappsero/client/src/Insights.php:172

actionadmin_menuappsero/client/src/License.php:219

actionafter_switch_themeappsero/client/src/License.php:781

actionswitch_themeappsero/client/src/License.php:782

actionadmin_noticesgowishcart-wishlist-for-fluentcart.php:80

actioninitgowishcart-wishlist-for-fluentcart.php:85

actionactivated_plugingowishcart-wishlist-for-fluentcart.php:104

actiondeactivated_plugingowishcart-wishlist-for-fluentcart.php:105

filtercron_schedulesgowishcart-wishlist-for-fluentcart.php:108

actiongowishcart_item_addedincludes/class-crm-campaign-handler.php:35

actiongowishcart_item_removedincludes/class-crm-campaign-handler.php:36

actiongowishcart_price_drop_detectedincludes/class-crm-campaign-handler.php:37

actiongowishcart_back_in_stockincludes/class-crm-campaign-handler.php:38

actiongowishcart_process_notificationsincludes/class-cron-handler.php:22

actiongowishcart_check_price_dropsincludes/class-cron-handler.php:23

actiongowishcart_check_back_in_stockincludes/class-cron-handler.php:24

actiongowishcart_cleanup_expired_guestsincludes/class-cron-handler.php:25

actiongowishcart_cleanup_expired_sharesincludes/class-cron-handler.php:26

actiongowishcart_recalculate_analyticsincludes/class-cron-handler.php:27

actiongowishcart_cleanup_old_dataincludes/class-cron-handler.php:28

actiongowishcart_process_time_based_campaignsincludes/class-cron-handler.php:29

actiongowishcart_send_scheduled_emailincludes/class-cron-handler.php:30

actionfluentcrm_contact_createdincludes/class-fluentcrm-integration.php:29

actionfluentcrm_contact_updatedincludes/class-fluentcrm-integration.php:30

actionfluentcrm_subscriber_status_changedincludes/class-fluentcrm-integration.php:31

filterfluent_crm_funnel_context_smart_codesincludes/class-fluentcrm-smartcode.php:32

filterfluent_crm/smartcode_group_callback_gowishcartincludes/class-fluentcrm-smartcode.php:35

filterfluentcrm/available_triggersincludes/class-fluentcrm-triggers.php:36

actionfluent_crm/after_initincludes/class-fluentcrm-triggers.php:39

actioninitincludes/class-fluentcrm-triggers.php:42

actionadmin_enqueue_scriptsincludes/class-fluentcrm-triggers.php:45

actionadmin_menuincludes/class-gowishcart-admin.php:50

actionadmin_enqueue_scriptsincludes/class-gowishcart-admin.php:51

actionadmin_enqueue_scriptsincludes/class-gowishcart-admin.php:52

actionrest_api_initincludes/class-gowishcart-admin.php:55

actionwp_enqueue_scriptsincludes/class-wishlist-frontend.php:26

actionwp_enqueue_scriptsincludes/class-wishlist-frontend.php:29

actionwp_loginincludes/class-wishlist-frontend.php:35

actionfluentcart_after_product_loop_itemincludes/class-wishlist-frontend.php:148

actionwoocommerce_after_shop_loop_itemincludes/class-wishlist-frontend.php:149

actionfc_product_loop_item_endincludes/class-wishlist-frontend.php:150

actioninitincludes/class-wishlist-page.php:21

filterquery_varsincludes/class-wishlist-page.php:22

actiontemplate_redirectincludes/class-wishlist-page.php:23

Scheduled Events 9

gowishcart_send_scheduled_email

gowishcart_process_notifications

gowishcart_check_price_drops

gowishcart_check_back_in_stock

gowishcart_cleanup_expired_guests

gowishcart_cleanup_expired_shares

gowishcart_recalculate_analytics

gowishcart_cleanup_old_data

gowishcart_process_time_based_campaigns

Maintenance & Trust

GoWishCart – Wishlist for FluentCart Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedApr 9, 2026

PHP min version7.4

Downloads220

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

GoWishCart – Wishlist for FluentCart Alternatives

ReaganM Customer Wishlist for WooCommerce

rgnmhn-customer-wishlist

100

Create a fast, translation-ready WooCommerce wishlist. Support for variable products, guest users, and fully customizable styles.

0 No CVEs

Zypento Wishlist for WooCommerce

zypento-wishlist-for-woocommerce

100

Add a heart button so customers can save products to a wishlist and manage it anytime from their My Account page.

0 No CVEs

WooCommerce

woocommerce

Everything you need to launch an online store in days and keep it growing for years. From your first sale to millions in revenue, Woo is with you.

7.0M 43 CVEs

TI WooCommerce Wishlist

ti-woocommerce-wishlist

Boost your sales with a free WooCommerce Wishlist feature. Let your customers save and share their favorite products!

100K 9 CVEs

Ecwid by Lightspeed Ecommerce Shopping Cart

ecwid-shopping-cart

Powerful, easy to use ecommerce shopping cart for WordPress. Sell on Facebook and Instagram. iPhone & Android apps. Superb support.

20K 13 CVEs

Developer Profile

GoWishCart – Wishlist for FluentCart Developer Profile

azizultex

3 plugins · 1K total installs

trust score

Avg Security Score

95/100

Avg Patch Time

1701 days

View full developer profile

Detection Fingerprints

How We Detect GoWishCart – Wishlist for FluentCart

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/gowishcart-wishlist-for-fluentcart/assets/css/frontend.css/wp-content/plugins/gowishcart-wishlist-for-fluentcart/assets/css/backend.css/wp-content/plugins/gowishcart-wishlist-for-fluentcart/assets/js/frontend.js/wp-content/plugins/gowishcart-wishlist-for-fluentcart/assets/js/backend.js

Script Paths

/wp-content/plugins/gowishcart-wishlist-for-fluentcart/appsero/client/src/Client.php

Version Parameters

gowishcart-wishlist-for-fluentcart/assets/css/frontend.css?ver=gowishcart-wishlist-for-fluentcart/assets/css/backend.css?ver=gowishcart-wishlist-for-fluentcart/assets/js/frontend.js?ver=gowishcart-wishlist-for-fluentcart/assets/js/backend.js?ver=

HTML / DOM Fingerprints

CSS Classes

gowishcart-wishlist-btngowishcart-wishlist-icongowishcart-wishlist-addedgowishcart-wishlist-already-addedgowishcart-wishlist-remove-btngowishcart-wishlist-count

HTML Comments

Data Attributes

data-wishlist-product-iddata-wishlist-variation-id

JS Globals

GoWishCart

Shortcode Output

[gowishcart_wishlist_button][gowishcart_wishlist_count]

FAQ