MyWorks Sync for WooCommerce & QuickBooks Online Security & Risk Analysis
wordpress.org/plugins/myworks-woo-sync-for-quickbooks-onlineAutomatically sync your customers, orders, inventory and more in real time between your WooCommerce store and QuickBooks! Requires a MyWorks account.
Is MyWorks Sync for WooCommerce & QuickBooks Online Safe to Use in 2026?
Generally Safe
Score 99/100MyWorks Sync for WooCommerce & QuickBooks Online has a strong security track record. Known vulnerabilities have been patched promptly.
The "myworks-woo-sync-for-quickbooks-online" plugin, version 3.0.3, exhibits a mixed security posture. While it demonstrates good practices in SQL query preparation (70%) and output escaping (78%), and includes a substantial number of nonce and capability checks, significant concerns arise from its attack surface. A large number of AJAX handlers (26) lack authentication checks, presenting a broad entry point for potential abuse. The presence of 6 unsanitized paths in taint analysis, including 2 high-severity flows, is particularly worrying as it suggests potential vulnerabilities in how data is handled. The plugin's history of 1 known medium-severity CVE, though currently unpatched, indicates a past vulnerability that may require ongoing vigilance. The extensive use of the `unserialize` function without clear sanitization measures on the input is also a major red flag that could lead to Remote Code Execution if exploited. Overall, while some security fundamentals are present, the significant number of unprotected AJAX endpoints, high-severity taint flows, and the use of unserialize present a considerable risk.
Key Concerns
- 26 unprotected AJAX handlers
- 2 high severity taint flows
- 6 flows with unsanitized paths
- 26 uses of unserialize function
- 1 known medium CVE (history)
MyWorks Sync for WooCommerce & QuickBooks Online Security Vulnerabilities
CVEs by Year
Severity Breakdown
1 total CVE
MyWorks WooCommerce Sync for QuickBooks Online <= 2.9.1 - Reflected Cross-Site Scripting
MyWorks Sync for WooCommerce & QuickBooks Online Code Analysis
Dangerous Functions Found
SQL Query Safety
Output Escaping
Data Flow Analysis
MyWorks Sync for WooCommerce & QuickBooks Online Attack Surface
AJAX Handlers 26
Shortcodes 3
WordPress Hooks 74
Scheduled Events 9
Maintenance & Trust
MyWorks Sync for WooCommerce & QuickBooks Online Maintenance & Trust
Maintenance Signals
Community Trust
MyWorks Sync for WooCommerce & QuickBooks Online Alternatives
Integration for WooCommerce and QuickBooks
wp-woocommerce-quickbooks
WooCommerce QuickBooks Plugin allows you to quickly integrate WooCommerce Orders with QuickBooks Online.
Parex Bridge for Quickbooks & Xero
parex-bridge-for-quickbooks-xero
Parex Bridge for QuickBooks & Xero Plugin allows you to quickly integrate WooCommerce Order information with QuickBooks Online or Xero
Data Sync Q by Wbsync
data-sync-q-by-wbsync
Automatically sync your data, like orders and inventory, from WooCommerce to Quickbooks.
Open Payout For Xero, QuickBooks and FreshBooks
open-payout
Open Payout connects your WooCommerce store to Xero, Quickbooks or FreshBooks. https://vimeo.com/549587442 You take care of your store, we'll t …
Crishik Order Sync for QuickBooks
crishik-order-sync-for-quickbooks
Connect your WooCommerce store with QuickBooks Online to sync orders, customers, and financial data automatically.
MyWorks Sync for WooCommerce & QuickBooks Online Developer Profile
3 plugins · 6K total installs
How We Detect MyWorks Sync for WooCommerce & QuickBooks Online
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/myworks-woo-sync-for-quickbooks-online/admin/css/myworks-wc-qbo-sync-admin.css/wp-content/plugins/myworks-woo-sync-for-quickbooks-online/admin/js/myworks-wc-qbo-sync-admin.js/wp-content/plugins/myworks-woo-sync-for-quickbooks-online/includes/css/myworks-wc-qbo-sync-public.css/wp-content/plugins/myworks-woo-sync-for-quickbooks-online/includes/js/myworks-wc-qbo-sync-public.js/wp-content/plugins/myworks-woo-sync-for-quickbooks-online/includes/js/myworks-wc-qbo-sync-admin-pointers.js/wp-content/plugins/myworks-woo-sync-for-quickbooks-online/includes/js/myworks-wc-qbo-sync-admin-deactivation-popup.jsadmin/js/myworks-wc-qbo-sync-admin.jsincludes/js/myworks-wc-qbo-sync-public.jsincludes/js/myworks-wc-qbo-sync-admin-pointers.jsincludes/js/myworks-wc-qbo-sync-admin-deactivation-popup.jsmyworks-woo-sync-for-quickbooks-online/admin/css/myworks-wc-qbo-sync-admin.css?ver=myworks-woo-sync-for-quickbooks-online/admin/js/myworks-wc-qbo-sync-admin.js?ver=myworks-woo-sync-for-quickbooks-online/includes/css/myworks-wc-qbo-sync-public.css?ver=myworks-woo-sync-for-quickbooks-online/includes/js/myworks-wc-qbo-sync-public.js?ver=myworks-woo-sync-for-quickbooks-online/includes/js/myworks-wc-qbo-sync-admin-pointers.js?ver=myworks-woo-sync-for-quickbooks-online/includes/js/myworks-wc-qbo-sync-admin-deactivation-popup.js?ver=HTML / DOM Fingerprints
mw-qbo-sync-settings-sectionmw-qbo-sync-license-boxmw-qbo-sync-license-inputmw-qbo-sync-activate-licensemw-qbo-sync-connected-statusmw-qbo-sync-sync-buttonmw-qbo-sync-log-tablemw-qbo-sync-dashboard-widget+1 more<!-- MyWorks WC QuickBooks Online Sync Plugin --><!-- End MyWorks WC QuickBooks Online Sync Plugin --><!-- MyWorks WC QuickBooks Online Sync Admin Pointers --><!-- MyWorks WC QuickBooks Online Sync Admin Deactivation Popup -->data-plugin-name="MyWorks_WC_QBO_Sync"data-plugin-version="3.0.3"MW_QBO_SYNC_ADMIN_LOCALIZEMW_QBO_SYNC_PUBLIC_LOCALIZEMW_QBO_SYNC_POINTERS_LOCALIZEMW_QBO_SYNC_DEACTIVATION_LOCALIZE/wp-json/myworks-wc-qbo-sync/v1/settings/wp-json/myworks-wc-qbo-sync/v1/sync/wp-json/myworks-wc-qbo-sync/v1/logs