WP-Safety

JewelFit-Virtual Jewellery Try On Woocommerce Security & Risk Analysis

wordpress.org/plugins/jewelfit-virtual-jewellery-try-on

Vitual Jewellery Try-On jewelFit allows customers to virtually try jewellery products on them before buying it.

10 active installs v2.0.7 PHP + WP 3.3+ Updated Aug 12, 2022
jewellerytry-onvirtual-jewelleryvirtual-mirror
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is JewelFit-Virtual Jewellery Try On Woocommerce Safe to Use in 2026?

Generally Safe

Score 85/100

JewelFit-Virtual Jewellery Try On Woocommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago
Risk Assessment

The "jewelfit-virtual-jewellery-try-on" plugin v2.0.7 exhibits a generally positive security posture based on the static analysis. The complete absence of AJAX handlers, REST API routes, shortcodes, and cron events with unprotected entry points suggests a well-controlled attack surface. Furthermore, the fact that all SQL queries utilize prepared statements and there are no file operations or external HTTP requests are strong indicators of secure coding practices. The presence of nonce checks is also a positive sign.

However, a significant concern arises from the low percentage of properly escaped output. With only 9% of 11 total outputs being properly escaped, there is a high potential for cross-site scripting (XSS) vulnerabilities. This is a common and impactful vulnerability type that can lead to session hijacking, credential theft, and defacement. The lack of recorded vulnerabilities in its history might be misleading if the output escaping issues have not been widely discovered or exploited yet.

In conclusion, while the plugin demonstrates strengths in controlling its attack surface and handling database interactions securely, the severe deficiency in output escaping presents a notable risk. Addressing the output escaping issues should be a priority to improve the overall security of the plugin.

Key Concerns

  • Low output escaping rate
Vulnerabilities
None known

JewelFit-Virtual Jewellery Try On Woocommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

JewelFit-Virtual Jewellery Try On Woocommerce Release Timeline

v2.0.7Current
v2.0.6
v2.0.5
v2.0.4
v2.0.3
v2.0.2
v2.0.1
v2.0.0
v1.0.4
v1.0.3
v1.0.2
v1.0.1
v1.0.0
Code Analysis
Analyzed Apr 16, 2026

JewelFit-Virtual Jewellery Try On Woocommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
10
1 escaped
Nonce Checks
1
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

9% escaped11 total outputs
Data Flows · Security
All sanitized

Data Flow Analysis

1 flows
<class-virtual-jewellery-try-on-admin> (admin/class-virtual-jewellery-try-on-admin.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

JewelFit-Virtual Jewellery Try On Woocommerce Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 10
actionadd_meta_boxesadmin/class-virtual-jewellery-try-on-admin.php:106
actionsave_postadmin/class-virtual-jewellery-try-on-admin.php:108
actionplugins_loadedincludes/class-virtual-jewellery-try-on.php:142
actionadmin_enqueue_scriptsincludes/class-virtual-jewellery-try-on.php:158
actionadmin_enqueue_scriptsincludes/class-virtual-jewellery-try-on.php:159
actionadmin_menuincludes/class-virtual-jewellery-try-on.php:160
actionwp_enqueue_scriptsincludes/class-virtual-jewellery-try-on.php:175
actionwp_enqueue_scriptsincludes/class-virtual-jewellery-try-on.php:176
actioninitincludes/class-virtual-jewellery-try-on.php:177
actionwoocommerce_after_add_to_cart_buttonpublic/class-virtual-jewellery-try-on-public.php:57
Maintenance & Trust

JewelFit-Virtual Jewellery Try On Woocommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.0.11
Last updatedAug 12, 2022
PHP min version
Downloads3K

Community Trust

Rating100/100
Number of ratings6
Active installs10
Alternatives

JewelFit-Virtual Jewellery Try On Woocommerce Alternatives

SpecFit-Virtual Try On Woocommerce

SpecFit-Virtual Try On Woocommerce

try-on-for-woocommerce

B
78

Vitual EyeWear Try-On SpecFit allows customers to virtually try eye wears products on their face before buying it.

60 1 unpatched
Product Virtual Try On Showroom for WooCommerce – Sunglasses, Furniture

Product Virtual Try On Showroom for WooCommerce – Sunglasses, Furniture

my-woocommerce-product-virtual-showroom

A
92

Virtual Try On Showroom WooCommerce – Boost Your Sales for Eyewear, Furniture and other type of business with this WordPress Plugin

50 No CVEs
YouCam Makeup For WooCommerce

YouCam Makeup For WooCommerce

youcam-makeup

A
85

Boost Your Sales with Virtual Makeup Try-On. Let Innovative AR Try-On Improve Buyer's Satisfaction.

20 No CVEs
TryAura

TryAura

tryaura

A
100

Upgrade your WooCommerce store with AI-powered product images and virtual try on, using your existing products.

0 No CVEs
Auglio Try-on Mirror

Auglio Try-on Mirror

auglio-try-on-mirror

A
100

The Virtual mirror allows the shoppers to experience all decorative cosmetics, sunglasses, contact lenses, jewelry, clothing and apparel using their &hellip;

50 No CVEs
Developer Profile

JewelFit-Virtual Jewellery Try On Woocommerce Developer Profile

dugudlabs

3 plugins · 90 total installs

82
trust score
Avg Security Score
83/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect JewelFit-Virtual Jewellery Try On Woocommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/jewelfit-virtual-jewellery-try-on/css/virtual-jewellery-try-on-admin.css/wp-content/plugins/jewelfit-virtual-jewellery-try-on/js/virtual-jewellery-try-on-admin.js
Version Parameters
jewelfit-virtual-jewellery-try-on/css/virtual-jewellery-try-on-admin.css?ver=jewelfit-virtual-jewellery-try-on/js/virtual-jewellery-try-on-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
wf_child_letters_neck
Data Attributes
name="try_on_option"
FAQ

Frequently Asked Questions about JewelFit-Virtual Jewellery Try On Woocommerce