WP-Safety

Grid/List View for WooCommerce Security & Risk Analysis

wordpress.org/plugins/gridlist-view-for-woocommerce

Simple plugin for WooCommerce which toggle grid / list view of your products and toggle products count per page.

2K active installs v1.1.8.1 PHP 7.0+ WP 5.0+ Updated Oct 27, 2025
grid-and-listgrid-displaygrid-viewlist-displaylist-view
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Grid/List View for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Grid/List View for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5mo ago
Risk Assessment

The 'gridlist-view-for-woocommerce' plugin version 1.1.8.2 demonstrates a generally good security posture, with a robust approach to handling entry points and a clean vulnerability history. All identified entry points (AJAX handlers, REST API routes, shortcodes, and cron events) appear to be protected with authorization checks, which is a significant strength. The plugin also exclusively uses prepared statements for SQL queries, indicating a strong defense against SQL injection vulnerabilities. Furthermore, the taint analysis reveals no high-severity issues with unsanitized paths, suggesting the plugin is not exposing critical data through insecure data flows.

However, there are a couple of areas that warrant attention. The presence of the `unserialize` function, even if not immediately exploitable in this analysis, is a known risk as it can lead to Remote Code Execution if an attacker can control the serialized data. Additionally, only 25% of the plugin's outputs are properly escaped. This could leave the plugin vulnerable to Cross-Site Scripting (XSS) attacks if user-supplied data is not consistently sanitized before being displayed to users. While the vulnerability history is clean, the potential for XSS due to insufficient output escaping is a notable weakness that could be exploited.

In conclusion, 'gridlist-view-for-woocommerce' v1.1.8.2 is built on a solid foundation with good practices for input validation and authorization. The absence of known CVEs and critical taint flows is reassuring. Nevertheless, the use of `unserialize` and the limited output escaping represent potential attack vectors that should be addressed to further harden the plugin's security.

Key Concerns

  • Use of unserialize function
  • Low percentage of properly escaped output
Vulnerabilities
None known

Grid/List View for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Grid/List View for WooCommerce Code Analysis

Dangerous Functions
1
Raw SQL Queries
0
0 prepared
Unescaped Output
306
104 escaped
Nonce Checks
14
Capability Checks
24
File Operations
4
External Requests
5
Bundled Libraries
0

Dangerous Functions Found

unserialize$error_log = unserialize(preg_replace('/R:\d+/', 's:18:"RECURSION DETECTED"', serialize(self::$errorberocket\includes\updater.php:128

Output Escaping

25% escaped410 total outputs
Data Flows
All sanitized

Data Flow Analysis

8 flows
<framework> (berocket\framework.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Grid/List View for WooCommerce Attack Surface

Entry Points14
Unprotected0

AJAX Handlers 13

authwp_ajax_brfr_get_export_settingsberocket\includes\admin\import_export.php:5
authwp_ajax_brfr_set_import_settingsberocket\includes\admin\import_export.php:6
authwp_ajax_brfr_get_import_backupsberocket\includes\admin\import_export.php:7
authwp_ajax_brfr_restore_import_backupsberocket\includes\admin\import_export.php:8
authwp_ajax_berocket_admin_close_noticeberocket\includes\admin_notices.php:1199
authwp_ajax_berocket_subscribe_emailberocket\includes\admin_notices.php:1200
authwp_ajax_berocket_rate_stars_closeberocket\includes\admin_notices.php:1208
authwp_ajax_berocket_feature_request_sendberocket\includes\admin_notices.php:1209
authwp_ajax_berocket_error_notices_getberocket\includes\error_notices.php:5
authwp_ajax_berocket_information_close_noticeberocket\includes\information_notices.php:198
authwp_ajax_br_test_keyberocket\includes\updater.php:46
authwp_ajax_br_test_keysberocket\includes\updater.php:47
authwp_ajax_brgridlist_divi_moduledivi\includes\GridListExtension.php:12

Shortcodes 1

[br_grid_list] main.php:142
WordPress Hooks 107
filterplugins_listberocket\framework.php:84
filterBeRocket_updater_add_pluginberocket\framework.php:105
filterberocket_admin_notices_rate_stars_pluginsberocket\framework.php:106
actioninitberocket\framework.php:107
actioninitberocket\framework.php:110
actionwp_headberocket\framework.php:111
actionwp_footerberocket\framework.php:112
actionadmin_initberocket\framework.php:113
actionadmin_menuberocket\framework.php:114
actionadmin_enqueue_scriptsberocket\framework.php:115
actionberocket_enqueue_mediaberocket\framework.php:116
filterplugin_row_metaberocket\framework.php:122
filteris_berocket_settings_pageberocket\framework.php:123
actionplugins_loadedberocket\framework.php:128
actionsanitize_comment_cookiesberocket\framework.php:129
actioninstall_plugins_pre_plugin-informationberocket\framework.php:130
filterberocket_admin_notices_subscribe_pluginsberocket\framework.php:132
filterBeRocket_admin_init_user_capabilitiesberocket\framework.php:135
filterberocket_sanitize_array_predefineberocket\framework.php:136
filterberocket_sanitize_array_ksesberocket\framework.php:137
filterberocket_sanitize_array_ksesberocket\framework.php:140
actionbefore_woocommerce_initberocket\framework.php:150
filterloop_shop_per_pageberocket\framework.php:391
actionupgrader_process_completeberocket\framework.php:499
actionadmin_footerberocket\framework.php:1158
actionwp_footerberocket\framework.php:1159
actionadmin_initberocket\framework.php:1273
actionadmin_bar_menuberocket\includes\admin\admin_bar.php:8
actionwp_footerberocket\includes\admin\admin_bar.php:9
filterberocket_admin_bar_plugins_databerocket\includes\admin\admin_bar.php:149
actionBeRocket_framework_updater_account_form_afterberocket\includes\admin\import_export.php:4
filterberocket_admin_notice_is_display_noticeberocket\includes\admin_notices.php:75
filterberocket_admin_notice_is_display_notice_priorityberocket\includes\admin_notices.php:76
actionadmin_noticesberocket\includes\admin_notices.php:1198
actionadmin_noticesberocket\includes\admin_notices.php:1207
actionberocket_rate_plugin_windowberocket\includes\admin_notices.php:1210
actionberocket_related_plugins_windowberocket\includes\admin_notices.php:1211
actionberocket_above_admin_settingsberocket\includes\admin_notices.php:1212
actionberocket_feature_request_windowberocket\includes\admin_notices.php:1213
actionadmin_footerberocket\includes\admin_notices.php:1285
actionadmin_footerberocket\includes\admin_notices.php:1493
actionadmin_footerberocket\includes\admin_notices.php:1922
actionadmin_footerberocket\includes\admin_notices.php:2079
actioninitberocket\includes\custom_post\enable_disable.php:9
actionadmin_initberocket\includes\custom_post\enable_disable.php:10
actionpost_action_enableberocket\includes\custom_post\enable_disable.php:13
actionpost_action_disableberocket\includes\custom_post\enable_disable.php:14
filterpost_classberocket\includes\custom_post\enable_disable.php:16
filterpre_get_postsberocket\includes\custom_post\enable_disable.php:18
actionpre_get_postsberocket\includes\custom_post\sortable.php:22
actionin_admin_footerberocket\includes\custom_post\sortable.php:117
actioninitberocket\includes\custom_post.php:58
filterinitberocket\includes\custom_post.php:59
filteradmin_initberocket\includes\custom_post.php:60
filterwp_insert_post_databerocket\includes\custom_post.php:61
filterBeRocket_admin_init_user_capabilitiesberocket\includes\custom_post.php:71
actionadd_meta_boxesberocket\includes\custom_post.php:128
actionsave_postberocket\includes\custom_post.php:129
filterpost_row_actionsberocket\includes\custom_post.php:130
filterlist_table_primary_columnberocket\includes\custom_post.php:131
actionadmin_enqueue_scriptsberocket\includes\custom_post.php:133
filteris_berocket_settings_pageberocket\includes\custom_post.php:135
actionadmin_footerberocket\includes\custom_post.php:162
actionadmin_noticesberocket\includes\information_notices.php:197
actionadmin_initberocket\includes\updater.php:18
filterwoocommerce_addons_sectionsberocket\includes\updater.php:27
filteris_berocket_settings_pageberocket\includes\updater.php:28
actionadmin_footerberocket\includes\updater.php:30
actionadmin_headberocket\includes\updater.php:39
actionadmin_menuberocket\includes\updater.php:40
actionadmin_menuberocket\includes\updater.php:41
actionnetwork_admin_menuberocket\includes\updater.php:42
actionadmin_initberocket\includes\updater.php:43
filterpre_set_site_transient_update_pluginsberocket\includes\updater.php:44
filterplugins_api_resultberocket\includes\updater.php:45
filterhttp_request_host_is_externalberocket\includes\updater.php:48
actionadmin_footerberocket\includes\updater.php:51
actionwp_footerberocket\includes\updater.php:52
filterberocket_display_additional_noticesberocket\includes\updater.php:92
filtercustom_menu_orderberocket\includes\updater.php:98
filterberocket_admin_notice_is_display_noticeberocket\includes\updater.php:102
filterberocket_admin_notice_is_display_notice_priorityberocket\includes\updater.php:103
filterplugins_api_resultberocket\includes\updater.php:109
actioninitberocket\includes\updater.php:1413
actionadmin_enqueue_scriptsberocket\sale\sale.php:4
actionwidgets_initmain.php:137
actionwoocommerce_after_shop_loop_itemmain.php:138
actionbr_before_preview_boxmain.php:139
actionbr_after_preview_boxmain.php:140
filterpost_classmain.php:141
actionwpmain.php:143
actionadmin_initmain.php:144
actiondivi_extensions_initmain.php:145
filterberocket_display_additional_noticesmain.php:153
actionwoocommerce_before_shop_loopmain.php:261
actionwoocommerce_before_shop_loopmain.php:264
actionwoocommerce_after_shop_loopmain.php:267
actionwoocommerce_before_shop_loopmain.php:270
actionwoocommerce_before_shop_loopmain.php:273
actionwoocommerce_after_shop_loopmain.php:276
actionbr_lgv_before_list_grid_buttonsmain.php:279
actionbr_lgv_after_list_grid_buttonsmain.php:282
filterloop_shop_per_pagemain.php:285
actionpre_get_postsmain.php:286
actionwoocommerce_shortcode_products_querymain.php:287
actionbr_after_preview_boxmain.php:438
actionwoocommerce_after_shop_loop_itemmain.php:447
Maintenance & Trust

Grid/List View for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedOct 27, 2025
PHP min version7.0
Downloads180K

Community Trust

Rating88/100
Number of ratings50
Active installs2K
Alternatives

Grid/List View for WooCommerce Alternatives

NC Grid List View for woocommerce

NC Grid List View for woocommerce

nc-grid-list-view-for-woocommerce

A
85

This plugin allows you to add list and grid view toggle option to your WooCommerce store.

50 No CVEs
Category Posts Filter

Category Posts Filter

category-posts-filter

A
92

A powerful WordPress plugin to filter and display posts with category and sorting options, supporting list and grid views.

10 No CVEs
Post Sliders & Post Grids

Post Sliders & Post Grids

post-slider-carousel

A
100

Post Slider & Grid is beautiful responsive post thumbnail image slider and also support post grid display.It support post exclusion/inclusion, Cat &hellip;

1K 1 CVE
Crisp Grid

Crisp Grid

crisp-grid

A
100

Free WordPress post grid plugin where you can display the latest posts in your website using a shortcode with custom options and also responsive on al &hellip;

10 No CVEs
Smart Grid

Smart Grid

smart-grid

A
85

Smart Grid is a super responsive and very advance wordpress Plugin. You can Display Post, WooCommerce Produce and Portfolio as Grid View with this PL &hellip;

10 No CVEs
Developer Profile

Grid/List View for WooCommerce Developer Profile

BeRocket

22 plugins · 139K total installs

78
trust score
Avg Security Score
99/100
Avg Patch Time
381 days
View full developer profile
Detection Fingerprints

How We Detect Grid/List View for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/gridlist-view-for-woocommerce/css/style.css/wp-content/plugins/gridlist-view-for-woocommerce/js/script.js
Script Paths
/wp-content/plugins/gridlist-view-for-woocommerce/js/script.js
Version Parameters
gridlist-view-for-woocommerce/css/style.css?ver=gridlist-view-for-woocommerce/js/script.js?ver=

HTML / DOM Fingerprints

CSS Classes
berocket_lgv_wrapberocket_lgv_product_countberocket_lgv_gridberocket_lgv_listberocket_lgv_grid_itemberocket_lgv_list_itemberocket_lgv_selectberocket_lgv_select_container
HTML Comments
<!-- BeRocket List Grid View Plugin -->
Data Attributes
data-berocket-lgv-iddata-berocket-lgv-type
JS Globals
BeRocket_LGV_options
FAQ

Frequently Asked Questions about Grid/List View for WooCommerce