Does Luma Product Fields have any unpatched vulnerabilities?

No. All known vulnerabilities in Luma Product Fields have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Luma Product Fields compatible with WordPress 6.9.4?

According to WordPress.org data, Luma Product Fields 1.1.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Luma Product Fields compatible with PHP 8.0+?

Luma Product Fields requires PHP 8.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Luma Product Fields updated?

Luma Product Fields was last updated on Unknown. Frequent updates are generally a positive security signal.

What is Luma Product Fields's security score?

Luma Product Fields has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Luma Product Fields Security & Risk Analysis

wordpress.org/plugins/luma-product-fields

Add WooCommerce product fields and product specifications in minutes, with inline editing, clickable values, and searchable specs.

0 active installs v1.1.0 PHP 8.0+ WP 6.0+ Updated Unknown

custom-product-fieldsproduct-fieldsproduct-specificationsproduct-specswoocommerce-product-fields

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Luma Product Fields Safe to Use in 2026?

Generally Safe

Score 100/100

Luma Product Fields has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The 'luma-product-fields' v1.1.0 plugin exhibits a generally strong security posture based on the provided static analysis. The plugin has a notable absence of recorded vulnerabilities (CVEs), which is a positive indicator. Furthermore, the code analysis shows robust implementation of security best practices, including a high percentage of properly escaped outputs, a reasonable usage of prepared statements for SQL queries, and a significant number of nonce and capability checks. The lack of file operations and external HTTP requests also reduces potential attack vectors.

However, there are a few areas that warrant attention. The presence of four "flows with unsanitized paths" in the taint analysis, even without critical or high severity, suggests potential for logic flaws or indirect vulnerability exposure if input is not handled meticulously in those specific code paths. While the attack surface of 6 AJAX handlers is protected by the indicated checks, a larger attack surface always carries an inherent, albeit small, risk. The SQL query handling, while mostly prepared, still has a percentage that is not, which could pose a risk if those specific queries handle sensitive or user-supplied data.

In conclusion, 'luma-product-fields' v1.1.0 appears to be a well-developed plugin with a focus on security, as evidenced by its clean vulnerability history and good implementation of security features. The identified taint flows and the percentage of unprepared SQL queries are minor concerns that should be monitored and ideally addressed to further harden the plugin's security. Overall, the plugin is likely secure for general use, but advanced users or those dealing with highly sensitive data might want to investigate the specific taint flow areas.

Key Concerns

Flows with unsanitized paths found
SQL queries not using prepared statements

Vulnerabilities

None known

Luma Product Fields Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Luma Product Fields Code Analysis

Dangerous Functions

Raw SQL Queries

6 prepared

Unescaped Output

242

820 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

60% prepared10 total queries

Output Escaping

77% escaped1062 total outputs

Data Flows

4 unsanitized

Data Flow Analysis

14 flows4 with unsanitized paths

load_variations (includes\Admin\Ajax.php:269)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Luma Product Fields Attack Surface

Entry Points6

Unprotected0

AJAX Handlers 6

authwp_ajax_luma_product_fields_ajaxincludes\Admin\Ajax.php:64

noprivwp_ajax_luma_product_fields_get_variation_fields_htmlincludes\Frontend\FrontendController.php:53

authwp_ajax_luma_product_fields_get_variation_fields_htmlincludes\Frontend\FrontendController.php:54

authwp_ajax_luma_product_fields_ajaxtrunk\includes\Admin\Ajax.php:64

noprivwp_ajax_luma_product_fields_get_variation_fields_htmltrunk\includes\Frontend\FrontendController.php:53

authwp_ajax_luma_product_fields_get_variation_fields_htmltrunk\includes\Frontend\FrontendController.php:54

WordPress Hooks 130

filterwoocommerce_product_data_tabsincludes\Admin\Admin.php:35

actionwoocommerce_product_data_panelsincludes\Admin\Admin.php:36

actionwoocommerce_process_product_metaincludes\Admin\Admin.php:37

actionwoocommerce_product_after_variable_attributesincludes\Admin\Admin.php:38

actionwoocommerce_save_product_variationincludes\Admin\Admin.php:39

actionadmin_noticesincludes\Admin\Admin.php:40

actionadmin_enqueue_scriptsincludes\Admin\Admin.php:41

actionadmin_menuincludes\Admin\FieldEditor.php:70

actionadmin_post_luma_product_fields_save_field_editorincludes\Admin\FieldEditor.php:71

filterparent_fileincludes\Admin\FieldEditor.php:72

filtersubmenu_fileincludes\Admin\FieldEditor.php:73

actionadmin_headincludes\Admin\FieldEditor.php:74

actionadmin_enqueue_scriptsincludes\Admin\FieldEditor.php:75

actionadmin_menuincludes\Admin\FieldOptionsOverview.php:49

actionadmin_initincludes\Admin\FieldOptionsOverview.php:50

filterwp_kses_allowed_htmlincludes\Admin\Kses.php:24

actionadmin_menuincludes\Admin\ListView.php:62

actionadmin_menuincludes\Admin\Migration\MigrationPage.php:42

actionluma_product_fields_field_manager_actionsincludes\Admin\Migration\MigrationPage.php:43

actionadmin_noticesincludes\Admin\NotificationManager.php:39

actionadmin_initincludes\Admin\Onboarding.php:29

actionadmin_noticesincludes\Admin\Onboarding.php:30

filterwoocommerce_get_sections_productsincludes\Admin\Settings.php:52

filterwoocommerce_get_settings_productsincludes\Admin\Settings.php:53

actionwoocommerce_update_options_products_luma_product_fieldsincludes\Admin\Settings.php:54

actionwoocommerce_admin_field_luma_settings_introincludes\Admin\Settings.php:55

actionwoocommerce_admin_field_luma_settings_tabsincludes\Admin\Settings.php:56

actionwoocommerce_admin_field_luma_migration_linkincludes\Admin\Settings.php:57

actionwoocommerce_admin_field_luma_units_repeaterincludes\Admin\Settings.php:58

actionwoocommerce_admin_field_luma_unit_aliases_repeaterincludes\Admin\Settings.php:59

actionadmin_enqueue_scriptsincludes\Admin\Settings.php:60

actionwoocommerce_product_additional_informationincludes\Frontend\FrontendController.php:48

filterwoocommerce_product_tabsincludes\Frontend\FrontendController.php:49

filterwoocommerce_product_additional_information_headingincludes\Frontend\FrontendController.php:50

actionplugins_loadedincludes\Frontend\FrontendController.php:51

actionwp_enqueue_scriptsincludes\Frontend\FrontendController.php:52

filterwoocommerce_page_titleincludes\Frontend\FrontendController.php:55

filterwoocommerce_should_render_product_metaincludes\Frontend\FrontendController.php:64

filterrender_blockincludes\Frontend\FrontendController.php:65

filterwp_kses_allowed_htmlincludes\Frontend\Kses.php:29

actionpre_get_postsincludes\Frontend\TaxonomyArchiveController.php:30

filtertemplate_includeincludes\Frontend\TaxonomyArchiveController.php:31

filterbody_classincludes\Frontend\TaxonomyArchiveController.php:32

actioninitincludes\Plugin.php:54

actioninitincludes\Plugin.php:61

actionsave_post_productincludes\Plugin.php:65

actionsave_post_product_variationincludes\Plugin.php:66

actionwoocommerce_update_productincludes\Plugin.php:67

actioninitincludes\Plugin.php:71

actioninitincludes\Taxonomy\ProductGroup.php:53

actioncurrent_screenincludes\Taxonomy\ProductGroup.php:54

actioncurrent_screenincludes\Taxonomy\ProductGroup.php:55

actionwoocommerce_product_bulk_edit_endincludes\Taxonomy\ProductGroup.php:56

actionwoocommerce_product_bulk_edit_saveincludes\Taxonomy\ProductGroup.php:57

actionwoocommerce_product_quick_edit_endincludes\Taxonomy\ProductGroup.php:58

actionwoocommerce_product_quick_edit_saveincludes\Taxonomy\ProductGroup.php:59

actionadmin_enqueue_scriptsincludes\Taxonomy\ProductGroup.php:60

filtermanage_edit-product_sortable_columnsincludes\Taxonomy\ProductGroup.php:112

filterposts_clausesincludes\Taxonomy\ProductGroup.php:113

actionrestrict_manage_postsincludes\Taxonomy\ProductGroup.php:114

actionpre_get_postsincludes\Taxonomy\ProductGroup.php:115

actionall_admin_noticesincludes\Taxonomy\ProductGroup.php:131

actioninitincludes\Taxonomy\TaxonomyManager.php:45

filterquick_edit_show_taxonomyincludes\Taxonomy\TaxonomyManagerInlineEdit.php:39

filterbulk_edit_show_taxonomyincludes\Taxonomy\TaxonomyManagerInlineEdit.php:40

filterwoocommerce_product_data_tabstrunk\includes\Admin\Admin.php:35

actionwoocommerce_product_data_panelstrunk\includes\Admin\Admin.php:36

actionwoocommerce_process_product_metatrunk\includes\Admin\Admin.php:37

actionwoocommerce_product_after_variable_attributestrunk\includes\Admin\Admin.php:38

actionwoocommerce_save_product_variationtrunk\includes\Admin\Admin.php:39

actionadmin_noticestrunk\includes\Admin\Admin.php:40

actionadmin_enqueue_scriptstrunk\includes\Admin\Admin.php:41

actionadmin_menutrunk\includes\Admin\FieldEditor.php:70

actionadmin_post_luma_product_fields_save_field_editortrunk\includes\Admin\FieldEditor.php:71

filterparent_filetrunk\includes\Admin\FieldEditor.php:72

filtersubmenu_filetrunk\includes\Admin\FieldEditor.php:73

actionadmin_headtrunk\includes\Admin\FieldEditor.php:74

actionadmin_enqueue_scriptstrunk\includes\Admin\FieldEditor.php:75

actionadmin_menutrunk\includes\Admin\FieldOptionsOverview.php:49

actionadmin_inittrunk\includes\Admin\FieldOptionsOverview.php:50

filterwp_kses_allowed_htmltrunk\includes\Admin\Kses.php:24

actionadmin_menutrunk\includes\Admin\ListView.php:62

actionadmin_menutrunk\includes\Admin\Migration\MigrationPage.php:42

actionluma_product_fields_field_manager_actionstrunk\includes\Admin\Migration\MigrationPage.php:43

actionadmin_noticestrunk\includes\Admin\NotificationManager.php:39

actionadmin_inittrunk\includes\Admin\Onboarding.php:29

actionadmin_noticestrunk\includes\Admin\Onboarding.php:30

filterwoocommerce_get_sections_productstrunk\includes\Admin\Settings.php:52

filterwoocommerce_get_settings_productstrunk\includes\Admin\Settings.php:53

actionwoocommerce_update_options_products_luma_product_fieldstrunk\includes\Admin\Settings.php:54

actionwoocommerce_admin_field_luma_settings_introtrunk\includes\Admin\Settings.php:55

actionwoocommerce_admin_field_luma_settings_tabstrunk\includes\Admin\Settings.php:56

actionwoocommerce_admin_field_luma_migration_linktrunk\includes\Admin\Settings.php:57

actionwoocommerce_admin_field_luma_units_repeatertrunk\includes\Admin\Settings.php:58

actionwoocommerce_admin_field_luma_unit_aliases_repeatertrunk\includes\Admin\Settings.php:59

actionadmin_enqueue_scriptstrunk\includes\Admin\Settings.php:60

actionwoocommerce_product_additional_informationtrunk\includes\Frontend\FrontendController.php:48

filterwoocommerce_product_tabstrunk\includes\Frontend\FrontendController.php:49

filterwoocommerce_product_additional_information_headingtrunk\includes\Frontend\FrontendController.php:50

actionplugins_loadedtrunk\includes\Frontend\FrontendController.php:51

actionwp_enqueue_scriptstrunk\includes\Frontend\FrontendController.php:52

filterwoocommerce_page_titletrunk\includes\Frontend\FrontendController.php:55

filterwoocommerce_should_render_product_metatrunk\includes\Frontend\FrontendController.php:64

filterrender_blocktrunk\includes\Frontend\FrontendController.php:65

filterwp_kses_allowed_htmltrunk\includes\Frontend\Kses.php:29

actionpre_get_poststrunk\includes\Frontend\TaxonomyArchiveController.php:30

filtertemplate_includetrunk\includes\Frontend\TaxonomyArchiveController.php:31

filterbody_classtrunk\includes\Frontend\TaxonomyArchiveController.php:32

actioninittrunk\includes\Plugin.php:54

actioninittrunk\includes\Plugin.php:61

actionsave_post_producttrunk\includes\Plugin.php:65

actionsave_post_product_variationtrunk\includes\Plugin.php:66

actionwoocommerce_update_producttrunk\includes\Plugin.php:67

actioninittrunk\includes\Plugin.php:71

actioninittrunk\includes\Taxonomy\ProductGroup.php:53

actioncurrent_screentrunk\includes\Taxonomy\ProductGroup.php:54

actioncurrent_screentrunk\includes\Taxonomy\ProductGroup.php:55

actionwoocommerce_product_bulk_edit_endtrunk\includes\Taxonomy\ProductGroup.php:56

actionwoocommerce_product_bulk_edit_savetrunk\includes\Taxonomy\ProductGroup.php:57

actionwoocommerce_product_quick_edit_endtrunk\includes\Taxonomy\ProductGroup.php:58

actionwoocommerce_product_quick_edit_savetrunk\includes\Taxonomy\ProductGroup.php:59

actionadmin_enqueue_scriptstrunk\includes\Taxonomy\ProductGroup.php:60

filtermanage_edit-product_sortable_columnstrunk\includes\Taxonomy\ProductGroup.php:112

filterposts_clausestrunk\includes\Taxonomy\ProductGroup.php:113

actionrestrict_manage_poststrunk\includes\Taxonomy\ProductGroup.php:114

actionpre_get_poststrunk\includes\Taxonomy\ProductGroup.php:115

actionall_admin_noticestrunk\includes\Taxonomy\ProductGroup.php:131

actioninittrunk\includes\Taxonomy\TaxonomyManager.php:45

filterquick_edit_show_taxonomytrunk\includes\Taxonomy\TaxonomyManagerInlineEdit.php:39

filterbulk_edit_show_taxonomytrunk\includes\Taxonomy\TaxonomyManagerInlineEdit.php:40

Maintenance & Trust

Luma Product Fields Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedUnknown

PHP min version8.0

Downloads171

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Luma Product Fields Alternatives

Product Addons for Woocommerce – Product Options with Custom Fields

woo-custom-product-addons

WooCommerce Product Addons Add custom fields to your WooCommerce product page. With an easy-to-use Custom Form Builder.

30K 1 CVE

Extra Product Options For WooCommerce | Custom Product Addons and Fields

woo-extra-product-options

100

WooCommerce Extra Product Options plugin lets you add product addons (custom products field) of 20 different field types to your product page.

30K No CVEs

PPOM – Product Addons & Custom Fields for WooCommerce

woocommerce-product-addon

Easily add a range of custom fields to WooCommerce products, from text boxes to date selectors, allowing customers to personalize their orders.

20K 11 CVEs

YITH WooCommerce Product Add-Ons

yith-woocommerce-product-add-ons

Increase average order value by letting your customers purchase additional options on your products.

20K 7 CVEs

WC Fields Factory

wc-fields-factory

Sell your products with personalised options. Add custom fields to your products, variations, checkout, order and your admin screens.

7K 2 CVEs

Developer Profile

Luma Product Fields Developer Profile

Luma Retail Solutions

1 plugin · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Luma Product Fields

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/luma-product-fields/js/admin/ajax-admin.js/wp-content/plugins/luma-product-fields/css/admin-style.css

Script Paths

/wp-content/plugins/luma-product-fields/js/admin/ajax-admin.js

Version Parameters

luma-product-fields/js/admin/ajax-admin.js?ver=luma-product-fields/css/admin-style.css?ver=

HTML / DOM Fingerprints

Data Attributes

data-luma-product-field-iddata-luma-product-group-iddata-luma-product-group-name

JS Globals

luma_product_fields_admin_ajaxdata

FAQ