WP-Safety

Hotel Booking for WooCommerce Security & Risk Analysis

wordpress.org/plugins/hotel-booking-for-woocommerce

Adds a reservation system for a hotel, B&B, villa, apartments, hostel, or any similar accommodation into your WooCommerce website easily!

100 active installs v1.1.17 PHP 8.0+ WP 6.0+ Updated Apr 12, 2026
accommodationbookinghotel-bookingreservationwoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Hotel Booking for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Hotel Booking for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The "hotel-booking-for-woocommerce" plugin, version 1.0.45, exhibits a generally strong security posture based on the provided static analysis. It demonstrates good practices by not utilizing dangerous functions, exclusively employing prepared statements for SQL queries, and implementing a significant number of nonce and capability checks. The absence of file operations and external HTTP requests further reduces the attack surface.

However, the taint analysis reveals some concerns. While no critical or high severity flows were found, there are three high severity flows with unsanitized paths. This suggests potential vulnerabilities where user-supplied data, if not properly handled within these specific flows, could lead to unexpected behavior or security risks. The attack surface itself is commendably low with no apparent unprotected entry points, which is a significant strength.

Adding to the positive security picture, the plugin has no recorded vulnerability history, indicating a history of stability and secure development. In conclusion, this plugin appears to be well-secured with a strong foundation of best practices. The primary area for attention is the three high severity taint flows, which warrant further investigation and remediation to ensure robust data sanitization and prevent potential exploits.

Key Concerns

  • High severity unsanitized taint flows (3)
  • Moderate severity unsanitized taint flows (4)
Vulnerabilities
None known

Hotel Booking for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Hotel Booking for WooCommerce Release Timeline

v1.1.17Current
v1.1.16
v1.1.15
v1.1.10
v1.1.0
v1.0.45
v1.0.44
v1.0.43
v1.0.42
v1.0.41
v1.0.40
v1.0.32
v1.0.31
v1.0.30
v1.0.20
v1.0.16
v1.0.15
v1.0.14
v1.0.13
v1.0.12
Code Analysis
Analyzed Mar 16, 2026

Hotel Booking for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
12 prepared
Unescaped Output
130
764 escaped
Nonce Checks
14
Capability Checks
7
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared12 total queries

Output Escaping

85% escaped894 total outputs
Data Flows · Security
4 unsanitized

Data Flow Analysis

9 flows4 with unsanitized paths
edit_amenity (includes\admin\class-admin-amenities.php:270)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Hotel Booking for WooCommerce Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 93
actionadmin_menuincludes\admin\class-admin-menus.php:25
filterpre_term_descriptionincludes\admin\class-admin-rate-plans.php:109
filterpre_link_descriptionincludes\admin\class-admin-rate-plans.php:110
filterpre_link_notesincludes\admin\class-admin-rate-plans.php:111
filterterm_descriptionincludes\admin\class-admin-rate-plans.php:112
filterpre_term_descriptionincludes\admin\class-admin-rate-plans.php:157
filterpre_link_descriptionincludes\admin\class-admin-rate-plans.php:158
filterpre_link_notesincludes\admin\class-admin-rate-plans.php:159
filterterm_descriptionincludes\admin\class-admin-rate-plans.php:160
actionsave_postincludes\admin\class-booking-addon-metabox.php:20
filtermanage_booking_addon_posts_columnsincludes\admin\class-booking-addon-metabox.php:21
actionmanage_booking_addon_posts_custom_columnincludes\admin\class-booking-addon-metabox.php:22
actioninitincludes\admin\class-hbfwc-admin.php:28
actionadmin_noticesincludes\admin\class-hbfwc-admin.php:29
filterwoocommerce_screen_idsincludes\admin\class-hbfwc-admin.php:30
filterpost_row_actionsincludes\admin\class-hbfwc-admin.php:31
actionhbfwc_bulk_global_actionincludes\admin\class-hbfwc-admin.php:32
actionhbfwc_bulk_rate_actionincludes\admin\class-hbfwc-admin.php:33
actionadmin_headincludes\admin\class-hbfwc-admin.php:34
filterwoocommerce_settings_tabs_arrayincludes\admin\class-hbfwc-wc-settings-tab.php:32
actionwoocommerce_admin_field_hbfwc_radioincludes\admin\class-hbfwc-wc-settings-tab.php:35
filterwoocommerce_product_data_tabsincludes\admin\class-product-panel.php:27
actionwoocommerce_product_data_panelsincludes\admin\class-product-panel.php:28
actionsave_postincludes\admin\class-product-panel.php:29
actionadmin_enqueue_scriptsincludes\admin\class-product-panel.php:30
actioninitincludes\class-frontend-scripts.php:47
actionwp_enqueue_scriptsincludes\class-frontend-scripts.php:48
actiontemplate_redirectincludes\class-hbfwc-ajax.php:21
filterwp_kses_allowed_htmlincludes\class-hbfwc-ajax.php:262
filterwoocommerce_integrationsincludes\class-plugin.php:139
actioninitincludes\class-plugin.php:207
actionplugins_loadedincludes\class-plugin.php:209
filterproduct_type_selectorincludes\hbfwc-functions.php:32
filterbody_classincludes\hbfwc-template-hooks.php:13
actionhbfwc_template_before_accommodation_loopincludes\hbfwc-template-hooks.php:24
actionhbfwc_template_after_accommodation_loopincludes\hbfwc-template-hooks.php:25
actionhbfwc_template_before_accommodation_loopincludes\hbfwc-template-hooks.php:32
actionwp_footerincludes\hbfwc-template-hooks.php:33
actionwp_footerincludes\hbfwc-template-hooks.php:34
actionhbfwc_template_accommodation_not_foundincludes\hbfwc-template-hooks.php:39
actionhbfwc_template_accommodation_loopincludes\hbfwc-template-hooks.php:44
actionhbfwc_template_accommodation_sidebarincludes\hbfwc-template-hooks.php:45
actionhbfwc_template_single_accommodation_content_leftincludes\hbfwc-template-hooks.php:47
actionhbfwc_template_single_accommodation_content_leftincludes\hbfwc-template-hooks.php:48
actionhbfwc_template_single_accommodation_content_leftincludes\hbfwc-template-hooks.php:49
actionhbfwc_template_single_accommodation_content_leftincludes\hbfwc-template-hooks.php:50
actionhbfwc_template_single_accommodation_content_rightincludes\hbfwc-template-hooks.php:52
actionhbfwc_template_rate_add_to_cartincludes\hbfwc-template-hooks.php:53
actionhbfwc_template_mini_cart_totalincludes\hbfwc-template-hooks.php:55
actionhbfwc_template_mini_cart_buttonsincludes\hbfwc-template-hooks.php:56
actionhbfwc_template_mini_cart_buttonsincludes\hbfwc-template-hooks.php:57
actionhbfwc_template_after_single_listingincludes\hbfwc-template-hooks.php:59
actionhbfwc_template_product_popup_mediaincludes\hbfwc-template-hooks.php:60
actionhbfwc_template_product_popup_contentincludes\hbfwc-template-hooks.php:61
actionhbfwc_template_product_popup_contentincludes\hbfwc-template-hooks.php:62
actionhbfwc_template_product_popup_contentincludes\hbfwc-template-hooks.php:63
actionhbfwc_template_product_popup_contentincludes\hbfwc-template-hooks.php:64
actioninitincludes\utils\class-custom-post-types.php:23
actioninitincludes\utils\class-custom-taxonomies.php:23
actionwp_scheduled_deleteincludes\utils\class-data-cleaner.php:26
actionwoocommerce_add_to_cart_handler_accommodationincludes\wc\class-form-handler.php:31
actionwoocommerce_before_calculate_totalsincludes\wc\class-form-handler.php:32
actionwoocommerce_checkout_create_order_line_itemincludes\wc\class-form-handler.php:33
actionwoocommerce_after_checkout_validationincludes\wc\class-form-handler.php:34
actionwoocommerce_store_api_checkout_update_order_metaincludes\wc\class-form-handler.php:35
actionwoocommerce_store_api_checkout_order_processedincludes\wc\class-form-handler.php:36
filterwoocommerce_add_cart_item_dataincludes\wc\class-form-handler.php:139
filterwoocommerce_product_classincludes\wc\class-wc-hooks.php:26
actionwoocommerce_check_cart_itemsincludes\wc\class-wc-hooks.php:27
filterwc_get_templateincludes\wc\class-wc-hooks.php:28
actionwoocommerce_accommodation_add_to_cartincludes\wc\class-wc-hooks.php:29
actionwoocommerce_after_add_to_cart_accommodation_buttonincludes\wc\class-wc-hooks.php:30
filterwoocommerce_get_price_htmlincludes\wc\class-wc-hooks.php:31
filterwoocommerce_cart_item_priceincludes\wc\class-wc-hooks.php:32
filterwoocommerce_get_item_dataincludes\wc\class-wc-hooks.php:33
filterwoocommerce_order_item_display_meta_keyincludes\wc\class-wc-hooks.php:34
filterwoocommerce_order_item_display_meta_valueincludes\wc\class-wc-hooks.php:35
actionwoocommerce_product_queryincludes\wc\class-wc-hooks.php:36
actiontemplate_redirectincludes\wc\class-wc-hooks.php:37
actionwoocommerce_cancel_unpaid_ordersincludes\wc\class-wc-hooks.php:38
actionhbfwc_template_after_accommodation_loopincludes\wc\class-wc-hooks.php:39
actionhbfwc_template_after_availability_search_formincludes\wc\class-wc-hooks.php:40
actionwoocommerce_reduce_order_stockincludes\wc\class-wc-hooks.php:42
actionwoocommerce_restore_order_stockincludes\wc\class-wc-hooks.php:43
filterwoocommerce_store_api_add_to_cart_dataincludes\wc\class-wc-hooks.php:46
filterwoocommerce_store_api_product_quantity_maximumincludes\wc\class-wc-hooks.php:47
filterwoocommerce_product_tabsincludes\wc\class-wc-hooks.php:50
filterwoocommerce_related_productsincludes\wc\class-wc-hooks.php:51
filterwp_kses_allowed_htmlincludes\wc\class-wc-hooks.php:52
actionwoocommerce_admin_process_product_objectincludes\wc\class-wc-hooks.php:58
actionwoocommerce_order_item_meta_startincludes\wc\class-wc-hooks.php:64
actionwoocommerce_order_item_meta_endincludes\wc\class-wc-hooks.php:65
filterwoocommerce_display_item_metaincludes\wc\class-wc-hooks.php:66
Maintenance & Trust

Hotel Booking for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedApr 12, 2026
PHP min version8.0
Downloads4K

Community Trust

Rating94/100
Number of ratings3
Active installs100
Alternatives

Hotel Booking for WooCommerce Alternatives

WP Hotel Booking

WP Hotel Booking

wp-hotel-booking

B
76

WordPress Hotel Booking Plugin - A complete hotel booking reservation plugin for WordPress.

8K 20 CVEs
WP Hotel Booking WooCommerce

WP Hotel Booking WooCommerce

wp-hotel-booking-woocommerce

A
100

WP Hotel Booking Woocommerce Plugin - Support paying for booking of WP Hotel Booking plugin with the payment system provided by WooCommerce.

1K No CVEs
MotoPress Hotel Booking

MotoPress Hotel Booking

motopress-hotel-booking-lite

A
86

The #1 Hotel Booking and Vacation Rental Plugin for WordPress. Online payments, seasons, rates, free or paid extras, coupons, taxes & fees.

10K 4 CVEs
MotoPress Hotel Booking for Elementor

MotoPress Hotel Booking for Elementor

mphb-elementor

A
100

Build your property rental website visually with MotoPress Hotel Booking plugin shortcodes and Elementor.

10K No CVEs
VikBooking Hotel Booking Engine & PMS

VikBooking Hotel Booking Engine & PMS

vikbooking

A
86

Famous Booking Engine, PMS and Hotel Reservations plugin for property managers. The best solution for accommodations to drive more direct bookings.

8K 17 CVEs
Developer Profile

Hotel Booking for WooCommerce Developer Profile

Uptonines

1 plugin · 100 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Hotel Booking for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/hotel-booking-for-woocommerce/assets/css/libs/font-awesome-6.min.css/wp-content/plugins/hotel-booking-for-woocommerce/assets/css/libs/font-awesome-6-brands.min.css/wp-content/plugins/hotel-booking-for-woocommerce/assets/css/libs/ionicons.min.css/wp-content/plugins/hotel-booking-for-woocommerce/assets/css/libs/themify-icons.min.css/wp-content/plugins/hotel-booking-for-woocommerce/assets/client/admin/product-panel.css/wp-content/plugins/hotel-booking-for-woocommerce/assets/client/admin/js/panel.js
Script Paths
/wp-content/plugins/hotel-booking-for-woocommerce/assets/client/admin/js/panel.js
Version Parameters
/wp-content/plugins/hotel-booking-for-woocommerce/assets/css/libs/font-awesome-6.min.css?ver=/wp-content/plugins/hotel-booking-for-woocommerce/assets/css/libs/font-awesome-6-brands.min.css?ver=/wp-content/plugins/hotel-booking-for-woocommerce/assets/css/libs/ionicons.min.css?ver=/wp-content/plugins/hotel-booking-for-woocommerce/assets/css/libs/themify-icons.min.css?ver=/wp-content/plugins/hotel-booking-for-woocommerce/assets/client/admin/product-panel.css?ver=/wp-content/plugins/hotel-booking-for-woocommerce/assets/client/admin/js/panel.js?ver=

HTML / DOM Fingerprints

CSS Classes
hide_if_accommodationshow_if_accommodationhbfwc_general_tabhbfwc_rateplans_tabhbfwc_amenities_tab
Data Attributes
data-target="hbfwc_general_product_data"data-target="hbfwc_rateplans_product_data"data-target="hbfwc_amenities_product_data"class="show_if_accommodation"
JS Globals
window.hbfwc_panel_params
FAQ

Frequently Asked Questions about Hotel Booking for WooCommerce