WP-Safety

KR Customizer Security & Risk Analysis

wordpress.org/plugins/kr-customizer

KR Customizer is a powerful and flexible WooCommerce product customization plugin offering real-time 2D and 3D customization features.

0 active installs v1.0.0 PHP 7.4+ WP 6.0+ Updated Unknown
2d-customization3d-customizationcustomizerproduct-customizationwoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is KR Customizer Safe to Use in 2026?

Generally Safe

Score 100/100

KR Customizer has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs
Risk Assessment

The "kr-customizer" v1.0.0 plugin exhibits a generally good security posture based on the provided static analysis. The absence of dangerous functions, all SQL queries using prepared statements, and a high percentage of properly escaped output are strong indicators of secure coding practices. Furthermore, the plugin's attack surface appears well-controlled, with all identified entry points (AJAX handlers, REST API routes) having appropriate authentication or permission checks. The clean vulnerability history with zero known CVEs further bolsters confidence in its current security. However, the presence of 4 external HTTP requests without explicit details on their security implications warrants a cautious approach, as these could potentially introduce vulnerabilities if not handled securely. The limited number of capability checks (2) might also suggest room for more granular access control in certain functionalities, though this is not a direct vulnerability without further context.

Key Concerns

  • External HTTP requests without further detail
Vulnerabilities
None known

KR Customizer Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

KR Customizer Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
19
108 escaped
Nonce Checks
11
Capability Checks
2
File Operations
0
External Requests
4
Bundled Libraries
0

Output Escaping

85% escaped127 total outputs
Data Flows
All sanitized

Data Flow Analysis

3 flows
krcust_render_add_products (kr-customizer.php:435)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

KR Customizer Attack Surface

Entry Points5
Unprotected0

AJAX Handlers 4

noprivwp_ajax_krcust_add_to_designkr-customizer.php:84
authwp_ajax_krcust_add_to_designkr-customizer.php:85
noprivwp_ajax_krcust_get_order_items_for_modelkr-customizer.php:86
authwp_ajax_krcust_get_order_items_for_modelkr-customizer.php:87

REST API Routes 1

GET/wp-json/krcust/v1/product-data/(?P<product_id>\d+)kr-customizer.php:953
WordPress Hooks 20
actionadmin_menukr-customizer.php:72
actionadmin_enqueue_scriptskr-customizer.php:73
actionadmin_initkr-customizer.php:74
actionwp_enqueue_scriptskr-customizer.php:77
actionwoocommerce_before_add_to_cart_buttonkr-customizer.php:78
filterwoocommerce_add_cart_item_datakr-customizer.php:79
actionwoocommerce_checkout_create_order_line_itemkr-customizer.php:80
filterwoocommerce_order_item_get_formatted_meta_datakr-customizer.php:81
actionwoocommerce_before_calculate_totalskr-customizer.php:89
actionwoocommerce_thankyou_order_received_textkr-customizer.php:92
actionadmin_footerkr-customizer.php:93
actionrest_api_initkr-customizer.php:96
actionbefore_woocommerce_initkr-customizer.php:99
actionadmin_noticeskr-customizer.php:310
actionadmin_noticeskr-customizer.php:670
actionadmin_noticeskr-customizer.php:833
actionadmin_noticeskr-customizer.php:882
actionplugins_loadedkr-customizer.php:1045
actionadmin_post_krcustomizer_save_settingskr-customizer.php:1053
actionadmin_post_krcustomizer_save_settingskr-customizer.php:1056
Maintenance & Trust

KR Customizer Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedUnknown
PHP min version7.4
Downloads110

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

KR Customizer Alternatives

Checkout Field Manager (Checkout Manager) for WooCommerce

Checkout Field Manager (Checkout Manager) for WooCommerce

woocommerce-checkout-manager

A
92

Checkout Field Manager (Checkout Manager) for WooCommerce is the most advanced plugin to customize checkout fields on your WooCommerce checkout page.

90K 5 CVEs
Flexible Checkout Fields for WooCommerce – WooCommerce Checkout Manager

Flexible Checkout Fields for WooCommerce – WooCommerce Checkout Manager

flexible-checkout-fields

A
98

The best WooCommerce checkout manager. Edit, remove or add checkout fields. Customize WooCommerce checkout with this checkout field customizer.

80K 2 CVEs
EmailKit – Email Customizer for WooCommerce & WP

EmailKit – Email Customizer for WooCommerce & WP

emailkit

A
95

EmailKit is a powerful WordPress and WooCommerce email customizer tool, free for everyone! It allows users to customize and design templates that show &hellip;

70K 4 CVEs
YayMail – WooCommerce Email Customizer

YayMail – WooCommerce Email Customizer

yaymail

A
94

Customize WooCommerce email templates with an advanced drag-and-drop email builder. Works great with 80+ WooCommerce Email Customizer Addons.

50K 4 CVEs
Checkout Field Editor for WooCommerce – Checkout Manager

Checkout Field Editor for WooCommerce – Checkout Manager

checkout-field-editor-and-manager-for-woocommerce

A
100

WooCommerce checkout field editor and manager helps to manage checkout fields in WooCommerce

20K No CVEs
Developer Profile

KR Customizer Developer Profile

krcustomizer

1 plugin · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect KR Customizer

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/kr-customizer/assets/css/admin-style.css/wp-content/plugins/kr-customizer/assets/css/frontend-style.css/wp-content/plugins/kr-customizer/assets/js/admin-script.js/wp-content/plugins/kr-customizer/assets/js/frontend-script.js/wp-content/plugins/kr-customizer/assets/js/vendor/jquery.min.js/wp-content/plugins/kr-customizer/assets/js/vendor/fabric.min.js/wp-content/plugins/kr-customizer/assets/js/vendor/three.min.js/wp-content/plugins/kr-customizer/assets/js/vendor/OrbitControls.js+2 more
Script Paths
/wp-content/plugins/kr-customizer/assets/js/admin-script.js/wp-content/plugins/kr-customizer/assets/js/frontend-script.js
Version Parameters
kr-customizer/assets/css/admin-style.css?ver=kr-customizer/assets/css/frontend-style.css?ver=kr-customizer/assets/js/admin-script.js?ver=kr-customizer/assets/js/frontend-script.js?ver=

HTML / DOM Fingerprints

CSS Classes
krcust-design-optionskrcust-admin-wrapkrcust-admin-sidebarkrcust-admin-contentkrcust-modal-overlaykrcust-modal-contentkrcust-order-modalkrcust-canvas-container+14 more
HTML Comments
<!-- KRCustomizer Admin Wrap Start --><!-- KRCustomizer Admin Wrap End --><!-- KRCustomizer Frontend Wrap Start --><!-- KRCustomizer Frontend Wrap End -->+4 more
Data Attributes
data-krcust-store-iddata-krcust-product-iddata-krcust-design-iddata-krcust-save-design-urldata-krcust-get-design-urldata-krcust-add-to-cart-url
JS Globals
KRCustomizerAdminKRCustomizerFrontendkrcust_ajax_objectkrcust_admin_paramskrcust_frontend_params
REST Endpoints
/wp-json/kr-customizer/v1/save_design/wp-json/kr-customizer/v1/get_designs/wp-json/kr-customizer/v1/delete_design/wp-json/kr-customizer/v1/get_product_designs
FAQ

Frequently Asked Questions about KR Customizer