WP-Safety

Mighty Frequently Bought Together for WooCommerce Security & Risk Analysis

wordpress.org/plugins/mighty-frequently-bought-together

Increase your product sales by recommending them to buy together with other relevant products on your WooCommerce Store.

10 active installs v1.1.2 PHP 5.6+ WP 4.0+ Updated Unknown
bought-togetherfrequently-bought-togetherupsellswoowoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Mighty Frequently Bought Together for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Mighty Frequently Bought Together for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs
Risk Assessment

The "mighty-frequently-bought-together" plugin version 1.1.2 exhibits a generally good security posture based on the provided static analysis. The plugin demonstrates strong adherence to secure coding practices by having no identified dangerous functions, no raw SQL queries, and no file operations. Furthermore, it avoids external HTTP requests, which can sometimes be a vector for vulnerabilities. The presence of capability checks on two occasions is also a positive indicator. However, a significant concern arises from the output escaping, where a substantial percentage of outputs (64%) are not properly escaped. This could lead to Cross-Site Scripting (XSS) vulnerabilities if user-supplied data is not handled carefully before being displayed.

The taint analysis reveals two flows with unsanitized paths, although they are not categorized as critical or high severity. While this suggests a potential for vulnerabilities, the lack of specific details makes it difficult to assess their immediate impact. The plugin's vulnerability history is notably clean, with no recorded CVEs. This is a strong positive, indicating that the developers may be proactive in addressing security issues or that the plugin has not been a target for exploitation. However, it's important to remember that a clean history doesn't guarantee future security, especially when combined with the identified output escaping issues.

In conclusion, "mighty-frequently-bought-together" v1.1.2 has commendable strengths in avoiding many common vulnerability classes. The absence of known CVEs and the secure handling of SQL and file operations are significant positives. The primary weakness lies in the inadequate output escaping, which presents a tangible risk of XSS vulnerabilities. The taint analysis hints at potential, albeit unclassified, issues. Users should be aware of the output escaping concern and consider its implications, while the lack of historical vulnerabilities offers some reassurance.

Key Concerns

  • Insufficient output escaping
  • Taint flows with unsanitized paths
Vulnerabilities
None known

Mighty Frequently Bought Together for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Mighty Frequently Bought Together for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
61
35 escaped
Nonce Checks
0
Capability Checks
2
File Operations
0
External Requests
0
Bundled Libraries
1

Bundled Libraries

Select2

Output Escaping

36% escaped96 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

3 flows2 with unsanitized paths
generate_homepage (classes\mighty_fbt_panel.php:135)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Mighty Frequently Bought Together for WooCommerce Attack Surface

Entry Points1
Unprotected0

Shortcodes 1

[mighty_fbt_data] panel\template\mighty_fbt_get_data.php:14
WordPress Hooks 12
actionadmin_enqueue_scriptsclasses\mighty_fbt_panel.php:16
actionadmin_menuclasses\mighty_fbt_panel.php:19
actionwp_loadedclasses\mighty_fbt_panel.php:22
actionadmin_noticesclasses\mighty_fbt_panel.php:24
actionadmin_noticesclasses\mighty_fbt_panel.php:26
filterwoocommerce_add_to_cart_redirectclasses\mighty_fbt_panel.php:277
actionadmin_enqueue_scriptsmighty-fbt.php:39
actionplugins_loadedmighty-fbt.php:41
filterwoocommerce_product_data_tabsmighty-fbt.php:46
actionwoocommerce_product_data_panelsmighty-fbt.php:48
filterplugin_row_metamighty-fbt.php:65
actionwp_enqueue_scriptspanel\template\mighty_fbt_get_data.php:10
Maintenance & Trust

Mighty Frequently Bought Together for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.0.11
Last updatedUnknown
PHP min version5.6
Downloads2K

Community Trust

Rating100/100
Number of ratings1
Active installs10
Alternatives

Mighty Frequently Bought Together for WooCommerce Alternatives

WPC Frequently Bought Together for WooCommerce

WPC Frequently Bought Together for WooCommerce

woo-bought-together

A
99

WPC Frequently Bought Together helps you increase your sales with personalized product recommendations.

10K 2 CVEs
Upsell Funnel Builder for WooCommerce – Create Upsells, Cross-Sells, Order Bumps, Frequently Bought, and Popups.

Upsell Funnel Builder for WooCommerce – Create Upsells, Cross-Sells, Order Bumps, Frequently Bought, and Popups.

upsell-order-bump-offer-for-woocommerce

A
98

Upsell Funnel Builder lets you create WooCommerce Upsells, Order Bumps, One Click upsell, Cross-Sells, Frequently Bought, and Popups.

3K 2 CVEs
Frequently Bought Together Product For Woocommerce

Frequently Bought Together Product For Woocommerce

frequently-bought-together-product-for-woocommerce

A
100

Frequently Bought Together Product For Woocommerce using for puchase more one one product with heavy discount in woocommmerce to make ideal for boost …

50 No CVEs
DynamicBlocks – Product Recommendations & Bundles for WooCommerce

DynamicBlocks – Product Recommendations & Bundles for WooCommerce

dynamic-blocks-builder

A
100

Create product recommendations, bundles and upsell blocks for WooCommerce with flexible dynamic options and customizable display rules.

10 No CVEs
Easy Frequently Bought Together for WooCommerce

Easy Frequently Bought Together for WooCommerce

easy-frequently-bought-together-for-woocommerce

A
100

Sell more by bundling related products — Easy Frequently Bought Together for WooCommerce lets customers buy together with smart discounts.

0 No CVEs
Developer Profile

Mighty Frequently Bought Together for WooCommerce Developer Profile

MightyThemes

4 plugins · 920 total installs

89
trust score
Avg Security Score
93/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Mighty Frequently Bought Together for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/mighty-frequently-bought-together/assets/js/select2.min.js/wp-content/plugins/mighty-frequently-bought-together/assets/js/product_form.js/wp-content/plugins/mighty-frequently-bought-together/assets/css/select2.min.css
Script Paths
/wp-content/plugins/mighty-frequently-bought-together/assets/js/select2.min.js/wp-content/plugins/mighty-frequently-bought-together/assets/js/product_form.js/wp-content/plugins/mighty-frequently-bought-together/pro/assets/js/pro_product_form.js
Version Parameters
mighty-frequently-bought-together/assets/js/select2.min.js?ver=mighty-frequently-bought-together/assets/js/product_form.js?ver=mighty-frequently-bought-together/assets/css/select2.min.css?ver=mighty-frequently-bought-together/pro/assets/js/pro_product_form.js?ver=

HTML / DOM Fingerprints

CSS Classes
mighty-fbt-add-to-cartmighty-fbt-product-containermighty-fbt-product-imagemighty-fbt-product-titlemighty-fbt-product-pricemighty-fbt-add-button
Data Attributes
data-product_iddata-quantity
JS Globals
mighty_fbt_productsmighty_fbt_variation_products
FAQ

Frequently Asked Questions about Mighty Frequently Bought Together for WooCommerce