WP-Safety

Naibabiji B2B Product Showcase Security & Risk Analysis

wordpress.org/plugins/naibabiji-b2b-product-showcase

Lightweight product showcase plugin designed for B2B corporate websites, without shopping cart functionality, focusing on product display and inquiry.

40 active installs v2.0.2 PHP 7.4+ WP 5.0+ Updated Mar 10, 2026
b2bbusinesscatalogproductsshowcase
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Naibabiji B2B Product Showcase Safe to Use in 2026?

Generally Safe

Score 100/100

Naibabiji B2B Product Showcase has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 24d ago
Risk Assessment

The "naibabiji-b2b-product-showcase" plugin v2.0.2 exhibits a mixed security posture. On the positive side, it demonstrates good practices by exclusively using prepared statements for SQL queries and having no known critical or high-severity vulnerabilities in its history. The absence of taint analysis findings and external HTTP requests is also reassuring.

However, a significant concern arises from the substantial attack surface, with 8 out of 10 entry points lacking authentication checks. This includes a considerable number of AJAX handlers that are directly exposed. While the plugin has some nonce and capability checks in place, their limited number (5 and 4 respectively) against the total entry points suggests an incomplete implementation of security controls. Furthermore, the output escaping rate of 70% indicates that a portion of the output might be susceptible to cross-site scripting (XSS) vulnerabilities, especially given the presence of file operations which could interact with user-supplied data.

Overall, the plugin's lack of historical vulnerabilities might suggest a careful development process or a relatively low profile. However, the identified weaknesses, particularly the unauthenticated AJAX handlers and less-than-perfect output escaping, present exploitable avenues for attackers. A proactive approach to implementing robust authentication and authorization for all entry points, along with a comprehensive review of output escaping, is strongly recommended to mitigate potential risks.

Key Concerns

  • 8 AJAX handlers without auth checks
  • 70% properly escaped outputs
  • Limited nonce checks against entry points
  • Limited capability checks against entry points
  • Presence of file operations
Vulnerabilities
None known

Naibabiji B2B Product Showcase Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Naibabiji B2B Product Showcase Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
72
170 escaped
Nonce Checks
5
Capability Checks
4
File Operations
1
External Requests
0
Bundled Libraries
0

Output Escaping

70% escaped242 total outputs
Data Flows
All sanitized

Data Flow Analysis

3 flows
get_post_data (includes\class-security.php:27)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
8 unprotected

Naibabiji B2B Product Showcase Attack Surface

Entry Points10
Unprotected8

AJAX Handlers 8

authwp_ajax_naibabiji_b2b_get_gallery_imagesincludes\class-ajax-handlers.php:44
authwp_ajax_naibabiji_b2b_save_gallery_orderincludes\class-ajax-handlers.php:45
authwp_ajax_naibabiji_b2b_reset_settingsincludes\class-ajax-handlers.php:46
authwp_ajax_naibabiji_b2b_save_settingsincludes\class-ajax-handlers.php:47
authwp_ajax_naibabiji_b2b_load_more_productsincludes\class-ajax-handlers.php:50
authwp_ajax_naibabiji_b2b_filter_productsincludes\class-ajax-handlers.php:51
noprivwp_ajax_naibabiji_b2b_load_more_productsincludes\class-ajax-handlers.php:54
noprivwp_ajax_naibabiji_b2b_filter_productsincludes\class-ajax-handlers.php:55

Shortcodes 2

[naibabiji_b2b_products] includes\class-shortcodes.php:35
[naibabiji_b2b_product_categories] includes\class-shortcodes.php:36
WordPress Hooks 45
actionadmin_menuincludes\class-admin-settings.php:25
actionadmin_initincludes\class-admin-settings.php:26
filterthe_contentincludes\class-frontend-display.php:49
actionwp_headincludes\class-frontend-display.php:50
actionnaibabiji_b2b_product_before_contentincludes\class-frontend-display.php:51
actionnaibabiji_b2b_before_product_contentincludes\class-hooks.php:44
actionnaibabiji_b2b_after_product_contentincludes\class-hooks.php:45
actionnaibabiji_b2b_product_meta_savedincludes\class-hooks.php:46
filternaibabiji_b2b_product_query_argsincludes\class-hooks.php:49
filternaibabiji_b2b_product_card_htmlincludes\class-hooks.php:50
filternaibabiji_b2b_default_settingsincludes\class-hooks.php:53
actionnaibabiji_b2b_settings_savedincludes\class-hooks.php:54
filternaibabiji_b2b_template_pathincludes\class-hooks.php:57
actionnaibabiji_b2b_before_template_loadincludes\class-hooks.php:58
actionnaibabiji_b2b_after_template_loadincludes\class-hooks.php:59
actionpre_get_postsincludes\class-hooks.php:62
filterexcerpt_lengthincludes\class-hooks.php:65
filterexcerpt_lengthincludes\class-hooks.php:386
filterblocksy:excerpt:lengthincludes\class-hooks.php:389
filterblocksy:excerpt:outputincludes\class-hooks.php:394
actionadd_meta_boxesincludes\class-meta-fields.php:50
actionsave_postincludes\class-meta-fields.php:51
actionadmin_enqueue_scriptsincludes\class-meta-fields.php:52
actionadmin_headincludes\class-meta-fields.php:53
filterdefault_hidden_meta_boxesincludes\class-meta-fields.php:54
actionsave_postincludes\class-meta-fields.php:342
actionnaibb2pr_product_category_edit_form_fieldsincludes\class-taxonomy-fields.php:31
actionedited_naibb2pr_product_categoryincludes\class-taxonomy-fields.php:32
actioncreate_naibb2pr_product_categoryincludes\class-taxonomy-fields.php:33
actionnaibb2pr_product_tag_edit_form_fieldsincludes\class-taxonomy-fields.php:38
actionedited_naibb2pr_product_tagincludes\class-taxonomy-fields.php:39
actioncreate_naibb2pr_product_tagincludes\class-taxonomy-fields.php:40
actionadmin_enqueue_scriptsincludes\class-taxonomy-fields.php:42
actionadmin_initincludes\class-taxonomy-fields.php:45
filtertemplate_includeincludes\class-template-loader.php:28
filterarchive_template_hierarchyincludes\class-template-loader.php:29
filtersingle_template_hierarchyincludes\class-template-loader.php:30
actionadmin_initincludes\class-upgrader.php:27
actioninitnaibabiji-b2b-product-showcase.php:83
actionadmin_initnaibabiji-b2b-product-showcase.php:84
actionwp_enqueue_scriptsnaibabiji-b2b-product-showcase.php:85
actionadmin_enqueue_scriptsnaibabiji-b2b-product-showcase.php:86
actioninitnaibabiji-b2b-product-showcase.php:485
actioninitnaibabiji-b2b-product-showcase.php:486
filterplugin_row_metanaibabiji-b2b-product-showcase.php:508
Maintenance & Trust

Naibabiji B2B Product Showcase Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 10, 2026
PHP min version7.4
Downloads963

Community Trust

Rating100/100
Number of ratings2
Active installs40
Alternatives

Naibabiji B2B Product Showcase Alternatives

GBS Product Catalog

GBS Product Catalog

gbs-product-catalog

A
92

GBS Product Catalog plugin allows you to display products catalog.

0 No CVEs
EasyLaunchProducts

EasyLaunchProducts

easylaunchproducts

A
100

A lightweight and powerful WordPress plugin to create a professional product catalogue with a filtering system and lead generation forms.

0 No CVEs
YITH WooCommerce Catalog Mode

YITH WooCommerce Catalog Mode

yith-woocommerce-catalog-mode

A
99

YITH WooCommerce Catalog Mode, a plugin for disabling sales in your e-commerce and turn it into an e-commerce into an online catalogue.

60K 1 CVE
Wholesale Suite – B2B, Dynamic Pricing & WooCommerce Wholesale Prices

Wholesale Suite – B2B, Dynamic Pricing & WooCommerce Wholesale Prices

woocommerce-wholesale-prices

A
89

WooCommerce wholesale plugin for serving wholesale & B2B customers. Adds wholesale pricing, user roles, dynamic pricing & more.

20K 6 CVEs
CatalogX – Catalog Mode, Enquiry & Quotes for WooCommerce

CatalogX – Catalog Mode, Enquiry & Quotes for WooCommerce

woocommerce-catalog-enquiry

A
96

WooCommerce Catalog Mode, product enquiry, and request a quote plugin. Hide prices, disable cart, and collect enquiries easily.

6K 5 CVEs
Developer Profile

Naibabiji B2B Product Showcase Developer Profile

奶爸建站笔记

3 plugins · 80 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Naibabiji B2B Product Showcase

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/naibabiji-b2b-product-showcase/assets/css/frontend.css/wp-content/plugins/naibabiji-b2b-product-showcase/assets/js/frontend.js
Script Paths
/wp-content/plugins/naibabiji-b2b-product-showcase/assets/js/frontend.js
Version Parameters
naibabiji-b2b-product-showcase/assets/css/frontend.css?ver=naibabiji-b2b-product-showcase/assets/js/frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
naibabiji-b2b-view-details-buttonnaibabiji-b2b-inquiry-buttonnaibabiji-b2b-category-buttonnaibabiji-b2b-product-card
Data Attributes
data-ajax-urldata-nonce
JS Globals
naibabiji_b2b_product_showcase
FAQ

Frequently Asked Questions about Naibabiji B2B Product Showcase