Does JwelAR have any unpatched vulnerabilities?

No. All known vulnerabilities in JwelAR have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is JwelAR compatible with WordPress 6.8.5?

According to WordPress.org data, JwelAR 1.0.0 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is JwelAR compatible with PHP 7.4+?

JwelAR requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is JwelAR updated?

JwelAR was last updated on Jun 28, 2025. Frequent updates are generally a positive security signal.

What is JwelAR's security score?

JwelAR has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

JwelAR Security & Risk Analysis

wordpress.org/plugins/jwelar

Enable AR-based jewelry try-on with Tigervue. Upload 3D GLB files, integrate APIs, and manage onboarding in one place.

0 active installs v1.0.0 PHP 7.4+ WP 5.0+ Updated Jun 28, 2025

arjewelrytry-onvirtul-try-onwoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is JwelAR Safe to Use in 2026?

Generally Safe

Score 100/100

JwelAR has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9mo ago

Risk Assessment

The jwelar v1.0.0 plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices in output escaping, with all observed outputs being properly handled, and it avoids dangerous functions, file operations, and external HTTP requests. Furthermore, its vulnerability history is clean, with no recorded CVEs, suggesting a lack of previously exploited weaknesses. However, significant concerns arise from its attack surface. The presence of a REST API route without permission callbacks creates a direct, unprotected entry point, which is a critical security flaw. Additionally, the static analysis reveals raw SQL queries are being used without prepared statements, indicating a potential for SQL injection vulnerabilities. The absence of nonce checks on AJAX handlers further compounds the risk of CSRF attacks. The bundled Freemius library, while common, could be a point of concern if it's an outdated version and has known vulnerabilities, although this is not explicitly stated in the provided data. Overall, the plugin has strengths in output handling and a clean history but is weakened by unprotected entry points and raw SQL usage.

Key Concerns

REST API route without permission callbacks
Raw SQL queries without prepared statements
No nonce checks on AJAX handlers
Bundled Freemius v1.0 library

Vulnerabilities

None known

JwelAR Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

JwelAR Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

15 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Freemius1.0

SQL Query Safety

0% prepared1 total queries

Output Escaping

100% escaped15 total outputs

Attack Surface

1 unprotected

JwelAR Attack Surface

Entry Points2

Unprotected1

REST API Routes 2

GET/wp-json/jwelar/v1/productsapi.php:5

POST/wp-json/jwelar/v1/addapi.php:11

WordPress Hooks 6

actionrest_api_initapi.php:4

actionadmin_menujwelar.php:50

actionadmin_enqueue_scriptsjwelar.php:55

actionwoocommerce_product_options_general_product_datajwelar.php:176

actionwoocommerce_admin_process_product_objectjwelar.php:187

actionwoocommerce_single_product_summaryjwelar.php:194

Maintenance & Trust

JwelAR Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedJun 28, 2025

PHP min version7.4

Downloads366

Community Trust

Rating100/100

Number of ratings1

Active installs0

Alternatives

JwelAR Alternatives

Tryly.ai Virtual Try-On for WooCommerce

tryly-ai-virtual-try-on-for-woocommerce

100

Transform your fashion store with virtual try-on technology. Let customers see how clothes look on them before buying - boost sales, reduce returns!

50 No CVEs

TouchTry Eye Fit

touchtry-eye-fit

100

Bring immersive Augmented Reality (AR) try-on experiences for eyewear products directly to your WooCommerce store.

10 No CVEs

Touchtry JwelAR

touchtry-jwelar

100

Augmented Reality (AR) Try-On Plugin for WooCommerce by Touchtry. Empower your customers to virtually try on jewelry before they buy.

0 No CVEs

Touchtry RoomFit

touchtry-roomfit

100

Touchtry RoomFit AR allows your customers to virtually place and try furniture in their room using Augmented Reality. Seamless integration with WooCom …

0 No CVEs

TouchTry Watch Try-On

touchtry-watch-try-on

100

Offer a stunning Watch AR Try-On experience directly on your WooCommerce store. Display virtual try-on button, pricing plans, and more.

0 No CVEs

Developer Profile

JwelAR Developer Profile

TigerVue

1 plugin · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect JwelAR

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/jwelar/style/style.css

HTML / DOM Fingerprints

CSS Classes

nav-tabsactivetab-contentcardscardbtn

Data Attributes

data-freemius-id="19601"

FAQ

JwelAR Security & Risk Analysis

Is JwelAR Safe to Use in 2026?

Generally Safe

Key Concerns

JwelAR Security Vulnerabilities

JwelAR Code Analysis

Bundled Libraries

SQL Query Safety

Output Escaping

JwelAR Attack Surface

REST API Routes 2

JwelAR Maintenance & Trust

Maintenance Signals

Community Trust

JwelAR Alternatives

Tryly.ai Virtual Try-On for WooCommerce

TouchTry Eye Fit

Touchtry JwelAR

Touchtry RoomFit

TouchTry Watch Try-On

JwelAR Developer Profile

How We Detect JwelAR

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about JwelAR