WP-Safety

B2B Product Showcase – Enterprise Catalog Security & Risk Analysis

wordpress.org/plugins/naibabiji-b2b-product-showcase

Lightweight B2B product showcase plugin with enterprise-grade display and inquiry management

60 active installs v4.0.1 PHP 7.4+ WP 5.0+ Updated Mar 29, 2026
b2bbusinesscatalogproductsshowcase
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is B2B Product Showcase – Enterprise Catalog Safe to Use in 2026?

Generally Safe

Score 100/100

B2B Product Showcase – Enterprise Catalog has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The "naibabiji-b2b-product-showcase" plugin v2.0.2 exhibits a mixed security posture. On the positive side, it demonstrates good practices by exclusively using prepared statements for SQL queries and having no known critical or high-severity vulnerabilities in its history. The absence of taint analysis findings and external HTTP requests is also reassuring.

However, a significant concern arises from the substantial attack surface, with 8 out of 10 entry points lacking authentication checks. This includes a considerable number of AJAX handlers that are directly exposed. While the plugin has some nonce and capability checks in place, their limited number (5 and 4 respectively) against the total entry points suggests an incomplete implementation of security controls. Furthermore, the output escaping rate of 70% indicates that a portion of the output might be susceptible to cross-site scripting (XSS) vulnerabilities, especially given the presence of file operations which could interact with user-supplied data.

Overall, the plugin's lack of historical vulnerabilities might suggest a careful development process or a relatively low profile. However, the identified weaknesses, particularly the unauthenticated AJAX handlers and less-than-perfect output escaping, present exploitable avenues for attackers. A proactive approach to implementing robust authentication and authorization for all entry points, along with a comprehensive review of output escaping, is strongly recommended to mitigate potential risks.

Key Concerns

  • 8 AJAX handlers without auth checks
  • 70% properly escaped outputs
  • Limited nonce checks against entry points
  • Limited capability checks against entry points
  • Presence of file operations
Vulnerabilities
None known

B2B Product Showcase – Enterprise Catalog Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

B2B Product Showcase – Enterprise Catalog Release Timeline

v4.0.1Current
v4.0.0
v3.1.0
v3.0.2
v3.0.1
v3.0.0
v2.0.3
v2.0.2
v2.0.1
v2.0.0
v1.0.13
v1.0.12
v1.0.11
v1.0.10
v1.0.9
v1.0.8
v1.0.7
v1.0.6
Code Analysis
Analyzed Mar 16, 2026

B2B Product Showcase – Enterprise Catalog Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
72
170 escaped
Nonce Checks
5
Capability Checks
4
File Operations
1
External Requests
0
Bundled Libraries
0

Output Escaping

70% escaped242 total outputs
Data Flows · Security
All sanitized

Data Flow Analysis

3 flows
get_post_data (includes\class-security.php:27)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
8 unprotected

B2B Product Showcase – Enterprise Catalog Attack Surface

Entry Points10
Unprotected8

AJAX Handlers 8

authwp_ajax_naibabiji_b2b_get_gallery_imagesincludes\class-ajax-handlers.php:44
authwp_ajax_naibabiji_b2b_save_gallery_orderincludes\class-ajax-handlers.php:45
authwp_ajax_naibabiji_b2b_reset_settingsincludes\class-ajax-handlers.php:46
authwp_ajax_naibabiji_b2b_save_settingsincludes\class-ajax-handlers.php:47
authwp_ajax_naibabiji_b2b_load_more_productsincludes\class-ajax-handlers.php:50
authwp_ajax_naibabiji_b2b_filter_productsincludes\class-ajax-handlers.php:51
noprivwp_ajax_naibabiji_b2b_load_more_productsincludes\class-ajax-handlers.php:54
noprivwp_ajax_naibabiji_b2b_filter_productsincludes\class-ajax-handlers.php:55

Shortcodes 2

[naibabiji_b2b_products] includes\class-shortcodes.php:35
[naibabiji_b2b_product_categories] includes\class-shortcodes.php:36
WordPress Hooks 45
actionadmin_menuincludes\class-admin-settings.php:25
actionadmin_initincludes\class-admin-settings.php:26
filterthe_contentincludes\class-frontend-display.php:49
actionwp_headincludes\class-frontend-display.php:50
actionnaibabiji_b2b_product_before_contentincludes\class-frontend-display.php:51
actionnaibabiji_b2b_before_product_contentincludes\class-hooks.php:44
actionnaibabiji_b2b_after_product_contentincludes\class-hooks.php:45
actionnaibabiji_b2b_product_meta_savedincludes\class-hooks.php:46
filternaibabiji_b2b_product_query_argsincludes\class-hooks.php:49
filternaibabiji_b2b_product_card_htmlincludes\class-hooks.php:50
filternaibabiji_b2b_default_settingsincludes\class-hooks.php:53
actionnaibabiji_b2b_settings_savedincludes\class-hooks.php:54
filternaibabiji_b2b_template_pathincludes\class-hooks.php:57
actionnaibabiji_b2b_before_template_loadincludes\class-hooks.php:58
actionnaibabiji_b2b_after_template_loadincludes\class-hooks.php:59
actionpre_get_postsincludes\class-hooks.php:62
filterexcerpt_lengthincludes\class-hooks.php:65
filterexcerpt_lengthincludes\class-hooks.php:386
filterblocksy:excerpt:lengthincludes\class-hooks.php:389
filterblocksy:excerpt:outputincludes\class-hooks.php:394
actionadd_meta_boxesincludes\class-meta-fields.php:50
actionsave_postincludes\class-meta-fields.php:51
actionadmin_enqueue_scriptsincludes\class-meta-fields.php:52
actionadmin_headincludes\class-meta-fields.php:53
filterdefault_hidden_meta_boxesincludes\class-meta-fields.php:54
actionsave_postincludes\class-meta-fields.php:342
actionnaibb2pr_product_category_edit_form_fieldsincludes\class-taxonomy-fields.php:31
actionedited_naibb2pr_product_categoryincludes\class-taxonomy-fields.php:32
actioncreate_naibb2pr_product_categoryincludes\class-taxonomy-fields.php:33
actionnaibb2pr_product_tag_edit_form_fieldsincludes\class-taxonomy-fields.php:38
actionedited_naibb2pr_product_tagincludes\class-taxonomy-fields.php:39
actioncreate_naibb2pr_product_tagincludes\class-taxonomy-fields.php:40
actionadmin_enqueue_scriptsincludes\class-taxonomy-fields.php:42
actionadmin_initincludes\class-taxonomy-fields.php:45
filtertemplate_includeincludes\class-template-loader.php:28
filterarchive_template_hierarchyincludes\class-template-loader.php:29
filtersingle_template_hierarchyincludes\class-template-loader.php:30
actionadmin_initincludes\class-upgrader.php:27
actioninitnaibabiji-b2b-product-showcase.php:83
actionadmin_initnaibabiji-b2b-product-showcase.php:84
actionwp_enqueue_scriptsnaibabiji-b2b-product-showcase.php:85
actionadmin_enqueue_scriptsnaibabiji-b2b-product-showcase.php:86
actioninitnaibabiji-b2b-product-showcase.php:485
actioninitnaibabiji-b2b-product-showcase.php:486
filterplugin_row_metanaibabiji-b2b-product-showcase.php:508
Maintenance & Trust

B2B Product Showcase – Enterprise Catalog Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 29, 2026
PHP min version7.4
Downloads1K

Community Trust

Rating100/100
Number of ratings2
Active installs60
Alternatives

B2B Product Showcase – Enterprise Catalog Alternatives

GBS Product Catalog

GBS Product Catalog

gbs-product-catalog

A
92

GBS Product Catalog plugin allows you to display products catalog.

0 No CVEs
EasyLaunchProducts

EasyLaunchProducts

easylaunchproducts

A
100

A lightweight and powerful WordPress plugin to create a professional product catalogue with a filtering system and lead generation forms.

0 No CVEs
YITH WooCommerce Catalog Mode

YITH WooCommerce Catalog Mode

yith-woocommerce-catalog-mode

A
99

YITH WooCommerce Catalog Mode, a plugin for disabling sales in your e-commerce and turn it into an e-commerce into an online catalogue.

60K 1 CVE
Wholesale Suite – B2B, Dynamic Pricing & WooCommerce Wholesale Prices

Wholesale Suite – B2B, Dynamic Pricing & WooCommerce Wholesale Prices

woocommerce-wholesale-prices

A
89

WooCommerce wholesale plugin for serving wholesale & B2B customers. Adds wholesale pricing, user roles, dynamic pricing & more.

20K 6 CVEs
CatalogX – Catalog Mode, Enquiry & Quotes for WooCommerce

CatalogX – Catalog Mode, Enquiry & Quotes for WooCommerce

woocommerce-catalog-enquiry

A
96

WooCommerce Catalog Mode, product enquiry, and request a quote plugin. Hide prices, disable cart, and collect enquiries easily.

6K 5 CVEs
Developer Profile

B2B Product Showcase – Enterprise Catalog Developer Profile

奶爸建站笔记

4 plugins · 100 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect B2B Product Showcase – Enterprise Catalog

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/naibabiji-b2b-product-showcase/assets/css/frontend.css/wp-content/plugins/naibabiji-b2b-product-showcase/assets/js/frontend.js
Script Paths
/wp-content/plugins/naibabiji-b2b-product-showcase/assets/js/frontend.js
Version Parameters
naibabiji-b2b-product-showcase/assets/css/frontend.css?ver=naibabiji-b2b-product-showcase/assets/js/frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
naibabiji-b2b-view-details-buttonnaibabiji-b2b-inquiry-buttonnaibabiji-b2b-category-buttonnaibabiji-b2b-product-card
Data Attributes
data-ajax-urldata-nonce
JS Globals
naibabiji_b2b_product_showcase
FAQ

Frequently Asked Questions about B2B Product Showcase – Enterprise Catalog