WP-Safety

S2W – Import Shopify to WooCommerce Security & Risk Analysis

wordpress.org/plugins/import-shopify-to-woocommerce

Easily migrate all Shopify products and their collections(categories) to WooCommerce after several clicks

3K active installs v1.3.4 PHP 7.0+ WP 5.0.0+ Updated Mar 20, 2026
importmigrationshopifywoocommerce
99
A · Safe
CVEs total1
Unpatched0
Last CVENov 10, 2022
Plugin page Download
Safety Verdict

Is S2W – Import Shopify to WooCommerce Safe to Use in 2026?

Generally Safe

Score 99/100

S2W – Import Shopify to WooCommerce has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

1 known CVELast CVE: Nov 10, 2022Updated 2mo ago
Risk Assessment

The "import-shopify-to-woocommerce" plugin version 1.3.3 exhibits a generally strong security posture, with significant adherence to secure coding practices. The static analysis reveals no dangerous functions and a commendable 100% usage of prepared statements for all SQL queries, alongside 100% proper output escaping. Furthermore, it incorporates 15 nonce checks and 11 capability checks, indicating a good effort to protect its AJAX endpoints.

However, a single unsanitized path identified in the taint analysis, while not flagged as critical or high severity, represents a potential area of concern that warrants further investigation. The plugin's vulnerability history shows one known high-severity CVE, a PHP Remote File Inclusion vulnerability, which was last identified in November 2022. While this specific vulnerability is marked as patched, its nature suggests a past weakness that attackers might still attempt to exploit if the patch is not correctly applied or if older, vulnerable versions are in use. The presence of a single unsanitized path, even if currently deemed low risk by the analysis, coupled with past RFI vulnerabilities, indicates a need for ongoing vigilance and thorough review of the plugin's file handling mechanisms.

In conclusion, the plugin has demonstrated a commitment to secure development, particularly in its handling of database queries and output. The absence of critical taint flows and unpatched vulnerabilities at present is positive. Nevertheless, the past RFI vulnerability and the identified unsanitized path suggest that the plugin's file inclusion or path manipulation logic may have been a historical target, and this aspect should remain a focus for ongoing security monitoring.

Key Concerns

  • Flows with unsanitized paths
  • Past high severity RFI vulnerability
Vulnerabilities
1 published

S2W – Import Shopify to WooCommerce Security Vulnerabilities

CVEs by Year

1 CVE in 2022
2022
Patched Has unpatched

Severity Breakdown

High
1

1 total CVE

CVE-2022-44634high · 7.2Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

S2W – Import Shopify to WooCommerce <= 1.1.12 - Authenticated (Admin+) Local File Inclusion

Nov 10, 2022 Patched in 1.1.13 (439d)
Version History

S2W – Import Shopify to WooCommerce Release Timeline

v1.2.9
v1.1.3.71 CVE
CVE-2022-44634
Code Analysis
Analyzed Mar 16, 2026

S2W – Import Shopify to WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
29 prepared
Unescaped Output
2
877 escaped
Nonce Checks
15
Capability Checks
11
File Operations
17
External Requests
8
Bundled Libraries
1

Bundled Libraries

Select2

SQL Query Safety

100% prepared29 total queries

Output Escaping

100% escaped879 total outputs
Data Flows · Security
1 unsanitized

Data Flow Analysis

7 flows1 with unsanitized paths
<import-shopify-to-woocommerce> (import-shopify-to-woocommerce.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

S2W – Import Shopify to WooCommerce Attack Surface

Entry Points7
Unprotected0

AJAX Handlers 7

authwp_ajax_s2w_download_error_product_imagesadmin\error_images.php:13
authwp_ajax_s2w_delete_error_product_imagesadmin\error_images.php:14
authwp_ajax_s2w_save_settingsimport-shopify-to-woocommerce.php:61
authwp_ajax_s2w_save_settings_product_optionsimport-shopify-to-woocommerce.php:62
authwp_ajax_s2w_import_shopify_to_woocommerceimport-shopify-to-woocommerce.php:63
authwp_ajax_s2w_search_cateimport-shopify-to-woocommerce.php:64
authwp_ajax_s2w_view_logimport-shopify-to-woocommerce.php:71
WordPress Hooks 44
actionadmin_enqueue_scriptsadmin\cron_update_orders.php:15
actionadmin_menuadmin\cron_update_orders.php:16
actionadmin_enqueue_scriptsadmin\cron_update_products.php:12
actionadmin_menuadmin\cron_update_products.php:13
actionadmin_enqueue_scriptsadmin\error_images.php:11
actionadmin_menuadmin\error_images.php:12
actionadmin_headadmin\error_images.php:15
filterset-screen-optionadmin\error_images.php:16
actionadmin_menuadmin\import_by_id.php:12
actionadmin_enqueue_scriptsadmin\import_by_id.php:13
actionadmin_menuadmin\import_csv.php:21
actionadmin_enqueue_scriptsadmin\import_csv.php:22
filtermanage_edit-product_columnsadmin\update_products.php:12
actionadmin_enqueue_scriptsadmin\update_products.php:13
actionadmin_footeradmin\update_products.php:32
actionadmin_menuadmin\webhooks.php:13
actionadmin_initadmin\webhooks.php:14
actionadmin_enqueue_scriptsadmin\webhooks.php:15
actionbefore_woocommerce_initimport-shopify-to-woocommerce.php:25
actioninitimport-shopify-to-woocommerce.php:53
actionplugins_loadedimport-shopify-to-woocommerce.php:54
actionadmin_noticesimport-shopify-to-woocommerce.php:56
actionadmin_menuimport-shopify-to-woocommerce.php:57
actionadmin_menuimport-shopify-to-woocommerce.php:58
actionadmin_enqueue_scriptsimport-shopify-to-woocommerce.php:59
actionadmin_initimport-shopify-to-woocommerce.php:60
filterplugin_action_links_import-shopify-to-woocommerce/import-shopify-to-woocommerce.phpimport-shopify-to-woocommerce.php:65
actionadmin_initimport-shopify-to-woocommerce.php:72
filterhttp_request_timeoutimport-shopify-to-woocommerce.php:553
filterhttp_request_timeoutimport-shopify-to-woocommerce.php:817
actionadmin_footerimport-shopify-to-woocommerce.php:1864
filterbig_image_size_thresholdincludes\functions.php:112
actionadmin_enqueue_scriptsincludes\support.php:32
actionadmin_noticesincludes\support.php:33
actionadmin_initincludes\support.php:34
actionadmin_menuincludes\support.php:35
filterplugin_row_metaincludes\support.php:37
actionadmin_initincludes\support.php:39
actionadmin_bar_menuincludes\support.php:41
actionadmin_noticesincludes\support.php:52
actionadmin_footerincludes\support.php:669
actionadmin_bar_menuincludes\support.php:807
actionadmin_noticesincludes\support.php:953
filtercron_schedulesincludes\wp-background-process.php:64
Maintenance & Trust

S2W – Import Shopify to WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 20, 2026
PHP min version7.0
Downloads119K

Community Trust

Rating94/100
Number of ratings42
Active installs3K
Alternatives

S2W – Import Shopify to WooCommerce Alternatives

WSW – Shopify WooCommerce / WordPress Integration and Migration

WSW – Shopify WooCommerce / WordPress Integration and Migration

wsw-import-export-ecommerce-integration

A
100

It links and imports products,categories,tags from Shopify and converts them into WooCommerce items automatically with the same metadata.

600 No CVEs
LitExtension: Store to WooCommerce Migration

LitExtension: Store to WooCommerce Migration

litextension-data-migration-to-woocommerce

A
100

Migrate products, customers, orders, blog posts, and other data from your store to WooCommerce and WordPress in a few clicks. Free Demo, 24/7 support.

1K No CVEs
W2S – Migrate WooCommerce to Shopify

W2S – Migrate WooCommerce to Shopify

w2s-migrate-woo-to-shopify

A
99

Migrate all products and categories from WooCommerce to Shopify

1K 1 CVE
Import Shopify To WP

Import Shopify To WP

import-shopify-to-wp

A
85

Easily transfer your Shopify Store to WooCommerce

700 No CVEs
FG Magento to WooCommerce

FG Magento to WooCommerce

fg-magento-to-woocommerce

A
100

A plugin to migrate your Magento e-commerce store to WooCommerce

200 No CVEs
Developer Profile

S2W – Import Shopify to WooCommerce Developer Profile

VillaTheme

59 plugins · 166K total installs

78
trust score
Avg Security Score
99/100
Avg Patch Time
205 days
View full developer profile
Detection Fingerprints

How We Detect S2W – Import Shopify to WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/import-shopify-to-woocommerce/admin/css/bootstrap.min.css/wp-content/plugins/import-shopify-to-woocommerce/admin/css/select2.min.css/wp-content/plugins/import-shopify-to-woocommerce/admin/css/style.css/wp-content/plugins/import-shopify-to-woocommerce/admin/js/bootstrap.min.js/wp-content/plugins/import-shopify-to-woocommerce/admin/js/jquery.cookie.js/wp-content/plugins/import-shopify-to-woocommerce/admin/js/select2.min.js/wp-content/plugins/import-shopify-to-woocommerce/admin/js/s2w_scripts.js
Script Paths
/wp-content/plugins/import-shopify-to-woocommerce/admin/js/s2w_scripts.js
Version Parameters
import-shopify-to-woocommerce/admin/css/style.css?ver=import-shopify-to-woocommerce/admin/js/s2w_scripts.js?ver=

HTML / DOM Fingerprints

CSS Classes
s2w-wraps2w-settingss2w-import-history
HTML Comments
<!-- By the VillaTheme --><!-- Plugin S2W --><!-- Plugin S2W -->
Data Attributes
data-plugin-name="import-shopify-to-woocommerce"data-ajax-url="admin-ajax.php"data-s2w-nonce="
JS Globals
s2w_nonceS2W
REST Endpoints
/wp-json/s2w-api/v1/sync-products
FAQ

Frequently Asked Questions about S2W – Import Shopify to WooCommerce