WP-Safety

Grid/List View for WooCommerce Security & Risk Analysis

wordpress.org/plugins/gridlist-view-for-woocommerce

Simple plugin for WooCommerce which toggle grid / list view of your products and toggle products count per page.

2K active installs v1.1.8.4 PHP 7.0+ WP 5.0+ Updated Apr 15, 2026
grid-viewlayoutlist-viewtogglewoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Grid/List View for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Grid/List View for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The 'gridlist-view-for-woocommerce' plugin version 1.1.8.2 demonstrates a generally good security posture, with a robust approach to handling entry points and a clean vulnerability history. All identified entry points (AJAX handlers, REST API routes, shortcodes, and cron events) appear to be protected with authorization checks, which is a significant strength. The plugin also exclusively uses prepared statements for SQL queries, indicating a strong defense against SQL injection vulnerabilities. Furthermore, the taint analysis reveals no high-severity issues with unsanitized paths, suggesting the plugin is not exposing critical data through insecure data flows.

However, there are a couple of areas that warrant attention. The presence of the `unserialize` function, even if not immediately exploitable in this analysis, is a known risk as it can lead to Remote Code Execution if an attacker can control the serialized data. Additionally, only 25% of the plugin's outputs are properly escaped. This could leave the plugin vulnerable to Cross-Site Scripting (XSS) attacks if user-supplied data is not consistently sanitized before being displayed to users. While the vulnerability history is clean, the potential for XSS due to insufficient output escaping is a notable weakness that could be exploited.

In conclusion, 'gridlist-view-for-woocommerce' v1.1.8.2 is built on a solid foundation with good practices for input validation and authorization. The absence of known CVEs and critical taint flows is reassuring. Nevertheless, the use of `unserialize` and the limited output escaping represent potential attack vectors that should be addressed to further harden the plugin's security.

Key Concerns

  • Use of unserialize function
  • Low percentage of properly escaped output
Vulnerabilities
None known

Grid/List View for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Grid/List View for WooCommerce Release Timeline

v1.1.8.4Current
v1.1.8.3
v1.1.8.2
v1.1.8.1
v1.1.8
v1.1.7
v1.1.6
v1.1.5
v1.1.4
v1.1.3.9
v1.1.3.8
v1.1.3.7
v1.1.3.6
v1.1.3.5
v1.1.3.4
v1.1.3.3
v1.1.3.2
v1.1.3.1
v1.1.3
v1.1.2.3
Code Analysis
Analyzed Mar 16, 2026

Grid/List View for WooCommerce Code Analysis

Dangerous Functions
1
Raw SQL Queries
0
0 prepared
Unescaped Output
306
104 escaped
Nonce Checks
14
Capability Checks
24
File Operations
4
External Requests
5
Bundled Libraries
0

Dangerous Functions Found

unserialize$error_log = unserialize(preg_replace('/R:\d+/', 's:18:"RECURSION DETECTED"', serialize(self::$errorberocket\includes\updater.php:128

Output Escaping

25% escaped410 total outputs
Data Flows · Security
All sanitized

Data Flow Analysis

8 flows
<framework> (berocket\framework.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Grid/List View for WooCommerce Attack Surface

Entry Points14
Unprotected0

AJAX Handlers 13

authwp_ajax_brfr_get_export_settingsberocket\includes\admin\import_export.php:5
authwp_ajax_brfr_set_import_settingsberocket\includes\admin\import_export.php:6
authwp_ajax_brfr_get_import_backupsberocket\includes\admin\import_export.php:7
authwp_ajax_brfr_restore_import_backupsberocket\includes\admin\import_export.php:8
authwp_ajax_berocket_admin_close_noticeberocket\includes\admin_notices.php:1199
authwp_ajax_berocket_subscribe_emailberocket\includes\admin_notices.php:1200
authwp_ajax_berocket_rate_stars_closeberocket\includes\admin_notices.php:1208
authwp_ajax_berocket_feature_request_sendberocket\includes\admin_notices.php:1209
authwp_ajax_berocket_error_notices_getberocket\includes\error_notices.php:5
authwp_ajax_berocket_information_close_noticeberocket\includes\information_notices.php:198
authwp_ajax_br_test_keyberocket\includes\updater.php:46
authwp_ajax_br_test_keysberocket\includes\updater.php:47
authwp_ajax_brgridlist_divi_moduledivi\includes\GridListExtension.php:12

Shortcodes 1

[br_grid_list] main.php:142
WordPress Hooks 107
filterplugins_listberocket\framework.php:84
filterBeRocket_updater_add_pluginberocket\framework.php:105
filterberocket_admin_notices_rate_stars_pluginsberocket\framework.php:106
actioninitberocket\framework.php:107
actioninitberocket\framework.php:110
actionwp_headberocket\framework.php:111
actionwp_footerberocket\framework.php:112
actionadmin_initberocket\framework.php:113
actionadmin_menuberocket\framework.php:114
actionadmin_enqueue_scriptsberocket\framework.php:115
actionberocket_enqueue_mediaberocket\framework.php:116
filterplugin_row_metaberocket\framework.php:122
filteris_berocket_settings_pageberocket\framework.php:123
actionplugins_loadedberocket\framework.php:128
actionsanitize_comment_cookiesberocket\framework.php:129
actioninstall_plugins_pre_plugin-informationberocket\framework.php:130
filterberocket_admin_notices_subscribe_pluginsberocket\framework.php:132
filterBeRocket_admin_init_user_capabilitiesberocket\framework.php:135
filterberocket_sanitize_array_predefineberocket\framework.php:136
filterberocket_sanitize_array_ksesberocket\framework.php:137
filterberocket_sanitize_array_ksesberocket\framework.php:140
actionbefore_woocommerce_initberocket\framework.php:150
filterloop_shop_per_pageberocket\framework.php:391
actionupgrader_process_completeberocket\framework.php:499
actionadmin_footerberocket\framework.php:1158
actionwp_footerberocket\framework.php:1159
actionadmin_initberocket\framework.php:1273
actionadmin_bar_menuberocket\includes\admin\admin_bar.php:8
actionwp_footerberocket\includes\admin\admin_bar.php:9
filterberocket_admin_bar_plugins_databerocket\includes\admin\admin_bar.php:149
actionBeRocket_framework_updater_account_form_afterberocket\includes\admin\import_export.php:4
filterberocket_admin_notice_is_display_noticeberocket\includes\admin_notices.php:75
filterberocket_admin_notice_is_display_notice_priorityberocket\includes\admin_notices.php:76
actionadmin_noticesberocket\includes\admin_notices.php:1198
actionadmin_noticesberocket\includes\admin_notices.php:1207
actionberocket_rate_plugin_windowberocket\includes\admin_notices.php:1210
actionberocket_related_plugins_windowberocket\includes\admin_notices.php:1211
actionberocket_above_admin_settingsberocket\includes\admin_notices.php:1212
actionberocket_feature_request_windowberocket\includes\admin_notices.php:1213
actionadmin_footerberocket\includes\admin_notices.php:1285
actionadmin_footerberocket\includes\admin_notices.php:1493
actionadmin_footerberocket\includes\admin_notices.php:1922
actionadmin_footerberocket\includes\admin_notices.php:2079
actioninitberocket\includes\custom_post\enable_disable.php:9
actionadmin_initberocket\includes\custom_post\enable_disable.php:10
actionpost_action_enableberocket\includes\custom_post\enable_disable.php:13
actionpost_action_disableberocket\includes\custom_post\enable_disable.php:14
filterpost_classberocket\includes\custom_post\enable_disable.php:16
filterpre_get_postsberocket\includes\custom_post\enable_disable.php:18
actionpre_get_postsberocket\includes\custom_post\sortable.php:22
actionin_admin_footerberocket\includes\custom_post\sortable.php:117
actioninitberocket\includes\custom_post.php:58
filterinitberocket\includes\custom_post.php:59
filteradmin_initberocket\includes\custom_post.php:60
filterwp_insert_post_databerocket\includes\custom_post.php:61
filterBeRocket_admin_init_user_capabilitiesberocket\includes\custom_post.php:71
actionadd_meta_boxesberocket\includes\custom_post.php:128
actionsave_postberocket\includes\custom_post.php:129
filterpost_row_actionsberocket\includes\custom_post.php:130
filterlist_table_primary_columnberocket\includes\custom_post.php:131
actionadmin_enqueue_scriptsberocket\includes\custom_post.php:133
filteris_berocket_settings_pageberocket\includes\custom_post.php:135
actionadmin_footerberocket\includes\custom_post.php:162
actionadmin_noticesberocket\includes\information_notices.php:197
actionadmin_initberocket\includes\updater.php:18
filterwoocommerce_addons_sectionsberocket\includes\updater.php:27
filteris_berocket_settings_pageberocket\includes\updater.php:28
actionadmin_footerberocket\includes\updater.php:30
actionadmin_headberocket\includes\updater.php:39
actionadmin_menuberocket\includes\updater.php:40
actionadmin_menuberocket\includes\updater.php:41
actionnetwork_admin_menuberocket\includes\updater.php:42
actionadmin_initberocket\includes\updater.php:43
filterpre_set_site_transient_update_pluginsberocket\includes\updater.php:44
filterplugins_api_resultberocket\includes\updater.php:45
filterhttp_request_host_is_externalberocket\includes\updater.php:48
actionadmin_footerberocket\includes\updater.php:51
actionwp_footerberocket\includes\updater.php:52
filterberocket_display_additional_noticesberocket\includes\updater.php:92
filtercustom_menu_orderberocket\includes\updater.php:98
filterberocket_admin_notice_is_display_noticeberocket\includes\updater.php:102
filterberocket_admin_notice_is_display_notice_priorityberocket\includes\updater.php:103
filterplugins_api_resultberocket\includes\updater.php:109
actioninitberocket\includes\updater.php:1413
actionadmin_enqueue_scriptsberocket\sale\sale.php:4
actionwidgets_initmain.php:137
actionwoocommerce_after_shop_loop_itemmain.php:138
actionbr_before_preview_boxmain.php:139
actionbr_after_preview_boxmain.php:140
filterpost_classmain.php:141
actionwpmain.php:143
actionadmin_initmain.php:144
actiondivi_extensions_initmain.php:145
filterberocket_display_additional_noticesmain.php:153
actionwoocommerce_before_shop_loopmain.php:261
actionwoocommerce_before_shop_loopmain.php:264
actionwoocommerce_after_shop_loopmain.php:267
actionwoocommerce_before_shop_loopmain.php:270
actionwoocommerce_before_shop_loopmain.php:273
actionwoocommerce_after_shop_loopmain.php:276
actionbr_lgv_before_list_grid_buttonsmain.php:279
actionbr_lgv_after_list_grid_buttonsmain.php:282
filterloop_shop_per_pagemain.php:285
actionpre_get_postsmain.php:286
actionwoocommerce_shortcode_products_querymain.php:287
actionbr_after_preview_boxmain.php:438
actionwoocommerce_after_shop_loop_itemmain.php:447
Maintenance & Trust

Grid/List View for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedApr 15, 2026
PHP min version7.0
Downloads183K

Community Trust

Rating88/100
Number of ratings50
Active installs2K
Alternatives

Grid/List View for WooCommerce Alternatives

NC Grid List View for woocommerce

NC Grid List View for woocommerce

nc-grid-list-view-for-woocommerce

A
85

This plugin allows you to add list and grid view toggle option to your WooCommerce store.

50 No CVEs
Toggle Tax For Woocommerce

Toggle Tax For Woocommerce

toggle-tax-for-woocommerce

A
100

Toggle Tax For Woocommerce allows store owners to easily toggle tax display for their products in WooCommerce. This plugin allows customers to toggle &hellip;

100 No CVEs
LSX Customizer

LSX Customizer

lsx-customizer

A
85

The LSX Customizer extension increases your control over how the LSX theme will display on your website.

90 No CVEs
Post and Product Grid for Elementor – Blog & WooCommerce Layout Addon

Post and Product Grid for Elementor – Blog & WooCommerce Layout Addon

dynamic-post-grid-elementor-addon

A
99

Build advanced post and product layouts for Elementor with dynamic grids, lists, and sliders. Perfect for blogs, news sites, magazines, portfolios, an &hellip;

30 1 CVE
Product Layouts Elementor Addon

Product Layouts Elementor Addon

product-layouts-elementor-addon

A
100

Product Layouts Elementor Addon is a custom Elementor widget that allows you to display WooCommerce products in multiple layouts.

20 No CVEs
Developer Profile

Grid/List View for WooCommerce Developer Profile

BeRocket

23 plugins · 139K total installs

78
trust score
Avg Security Score
99/100
Avg Patch Time
384 days
View full developer profile
Detection Fingerprints

How We Detect Grid/List View for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/gridlist-view-for-woocommerce/css/style.css/wp-content/plugins/gridlist-view-for-woocommerce/js/script.js
Script Paths
/wp-content/plugins/gridlist-view-for-woocommerce/js/script.js
Version Parameters
gridlist-view-for-woocommerce/css/style.css?ver=gridlist-view-for-woocommerce/js/script.js?ver=

HTML / DOM Fingerprints

CSS Classes
berocket_lgv_wrapberocket_lgv_product_countberocket_lgv_gridberocket_lgv_listberocket_lgv_grid_itemberocket_lgv_list_itemberocket_lgv_selectberocket_lgv_select_container
HTML Comments
<!-- BeRocket List Grid View Plugin -->
Data Attributes
data-berocket-lgv-iddata-berocket-lgv-type
JS Globals
BeRocket_LGV_options
FAQ

Frequently Asked Questions about Grid/List View for WooCommerce