WP-Safety

Houzez WooCommerce Addon Security & Risk Analysis

wordpress.org/plugins/houzez-woo-addon

Houzez WooCommerce addon for Houzez theme only.

3K active installs v1.1.2 PHP + WP 6.0+ Updated Dec 31, 2025
real-estaterealtorresponsivewidgetwoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Houzez WooCommerce Addon Safe to Use in 2026?

Generally Safe

Score 100/100

Houzez WooCommerce Addon has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago
Risk Assessment

The Houzez-Woo-Addon v1.1.2 presents a mixed security posture. On the positive side, the plugin demonstrates excellent practices regarding SQL queries, all of which use prepared statements, and output escaping, with all outputs being properly escaped. There are no recorded vulnerabilities or CVEs, suggesting a generally stable and secure development history. However, a significant concern arises from its attack surface. With four AJAX handlers and none of them implementing authentication checks, there is a substantial risk of unauthorized actions being performed if these endpoints can be triggered by unauthenticated users. The lack of nonce checks further exacerbates this, as it provides no protection against Cross-Site Request Forgery (CSRF) attacks on these critical entry points. The absence of any taint analysis flows is noted but doesn't directly indicate a weakness, rather it implies no such sensitive flows were detected or analyzed by the tool in this version. Overall, while the plugin shines in its handling of data manipulation and output, the unprotected AJAX endpoints represent a critical area of vulnerability that needs immediate attention.

Key Concerns

  • Unprotected AJAX handlers
  • Missing nonce checks on AJAX handlers
Vulnerabilities
None known

Houzez WooCommerce Addon Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Houzez WooCommerce Addon Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
25 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

100% escaped25 total outputs
Attack Surface
4 unprotected

Houzez WooCommerce Addon Attack Surface

Entry Points4
Unprotected4

AJAX Handlers 4

authwp_ajax_houzez_perlist_woo_payincludes\payment.php:9
authwp_ajax_mopriv_houzez_perlist_woo_payincludes\payment.php:10
authwp_ajax_houzez_woo_pay_packageincludes\payment.php:11
authwp_ajax_mopriv_houzez_woo_pay_packageincludes\payment.php:12
WordPress Hooks 15
actionadmin_noticeshouzez-woo-addon.php:64
actionadmin_noticeshouzez-woo-addon.php:76
actionplugins_loadedhouzez-woo-addon.php:103
actionwoocommerce_remove_cart_itemincludes\payment.php:8
actionhouzez_per_listing_woo_paymentincludes\payment.php:13
actionwoocommerce_order_status_completedincludes\payment.php:14
actionwoocommerce_order_status_processingincludes\payment.php:15
actionwoocommerce_order_status_refundedincludes\payment.php:16
actionwoocommerce_order_status_cancelledincludes\payment.php:17
actionwoocommerce_order_status_failedincludes\payment.php:18
actionwoocommerce_order_fully_refundedincludes\payment.php:19
actionwoocommerce_order_partially_refundedincludes\payment.php:20
filterwoocommerce_cart_item_permalinkincludes\payment.php:21
actionwoocommerce_before_single_productincludes\payment.php:22
actionwoocommerce_product_queryincludes\payment.php:23
Maintenance & Trust

Houzez WooCommerce Addon Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedDec 31, 2025
PHP min version
Downloads18K

Community Trust

Rating74/100
Number of ratings3
Active installs3K
Alternatives

Houzez WooCommerce Addon Alternatives

ShopCode Owl Carousel WooCommerce Widget

ShopCode Owl Carousel WooCommerce Widget

shopcode-owl-carousel-woocommerce-widget

A
85

Show product WooCommerce categories on homepage owl carousel width reponsive - ShopCode Owl Carousel WooCommerce Widget

0 No CVEs
Essential Addons for Elementor – Popular Elementor Templates & Widgets

Essential Addons for Elementor – Popular Elementor Templates & Widgets

essential-addons-for-elementor-lite

B
76

Elementor addon offering 110+ widgets and templates — Elementor Gallery, Slider, Form, Post Grid, Menu, Accordion, WooCommerce & more.

2.0M 56 CVEs
Exclusive Addons for Elementor

Exclusive Addons for Elementor

exclusive-addons-for-elementor

A
96

Exclusive Addons is one of the Best Elementor Addons With 90+ Elementor Free & Pro Widgets with all the customizations options you ever imagined.

60K 24 CVEs
RTMKit

RTMKit

rometheme-for-elementor

A
89

All-in-one toolkit for Elementor: advanced addons, theme builder, forms, icons & templates to build stunning sites fast and easy.

50K 12 CVEs
Bosa Elementor Addons and Templates for WooCommerce

Bosa Elementor Addons and Templates for WooCommerce

bosa-elementor-for-woocommerce

A
99

Elementor Addon with widgets and templates for WooCommerce.

30K 1 CVE
Developer Profile

Houzez WooCommerce Addon Developer Profile

favethemes

1 plugin · 3K total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Houzez WooCommerce Addon

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/houzez-woo-addon/assets/css/houzez-woo.css/wp-content/plugins/houzez-woo-addon/assets/js/houzez-woo.js
Script Paths
/wp-content/plugins/houzez-woo-addon/assets/js/houzez-woo.js
Version Parameters
houzez-woo-addon/assets/css/houzez-woo.css?ver=houzez-woo-addon/assets/js/houzez-woo.js?ver=

HTML / DOM Fingerprints

CSS Classes
houzez-woo-addon-notice
FAQ

Frequently Asked Questions about Houzez WooCommerce Addon