Does Neon Channel Product Customizer Free have any unpatched vulnerabilities?

No. All known vulnerabilities in Neon Channel Product Customizer Free have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Neon Channel Product Customizer Free compatible with WordPress 6.8.5?

According to WordPress.org data, Neon Channel Product Customizer Free 3.1 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Neon Channel Product Customizer Free compatible with PHP 7.0+?

Neon Channel Product Customizer Free requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Neon Channel Product Customizer Free updated?

Neon Channel Product Customizer Free was last updated on Oct 14, 2025. Frequent updates are generally a positive security signal.

What is Neon Channel Product Customizer Free's security score?

Neon Channel Product Customizer Free has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Neon Channel Product Customizer Free Security & Risk Analysis

wordpress.org/plugins/neon-channel-product-customizer-free

Neon Channel Product Customizer (NCPC) lets you create fully custom neon signs and letters directly in your WordPress/WooCommerce store, helping you s …

50 active installs v3.1 PHP 7.0+ WP 5.0+ Updated Oct 14, 2025

acrylicchannel-lettersneonproduct-customizersign

A · Safe

CVEs total1

Unpatched0

Last CVEAug 14, 2025

Plugin page Download

Safety Verdict

Is Neon Channel Product Customizer Free Safe to Use in 2026?

Generally Safe

Score 99/100

Neon Channel Product Customizer Free has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Aug 14, 2025Updated 5mo ago

Risk Assessment

The neon-channel-product-customizer-free plugin v3.1 exhibits a generally strong security posture, with no critical or high severity vulnerabilities identified in the static analysis or taint flows. The plugin demonstrates good practices by utilizing prepared statements for all SQL queries and implementing a significant number of nonce and capability checks across its entry points. The output escaping is also robust, with only a small percentage of outputs not being properly escaped.

However, there are minor concerns. The presence of two unsanitized path flows in the taint analysis, although not rated as critical or high, warrants attention as it could potentially lead to path traversal vulnerabilities under specific circumstances. Additionally, the plugin bundles the Select2 library, and the security of this bundled library would depend on its version and whether it has known vulnerabilities.

The vulnerability history shows a single past medium-severity CVE. While there are currently no unpatched vulnerabilities, this past issue, categorized as Missing Authorization, indicates a historical weakness that developers should remain vigilant about. The absence of critical or high vulnerabilities in the current analysis is positive, but the previously identified medium vulnerability and the minor taint flow concerns suggest that continued attention to security best practices is advisable.

Key Concerns

Unsanitized paths in taint analysis
Bundled library (Select2) version unknown
Past medium CVE (Missing Authorization)

Vulnerabilities

Neon Channel Product Customizer Free Security Vulnerabilities

CVEs by Year

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-54679medium · 5.3Missing Authorization

Neon Channel Product Customizer Free <= 2.0 - Missing Authorization to Unauthenticated Arbitrary Content Deletion

Aug 14, 2025 Patched in 3.0 (5d)

Code Analysis

Analyzed Mar 16, 2026

Neon Channel Product Customizer Free Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

130 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Select2

Output Escaping

88% escaped148 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

send_manufactrer_email (classes\ncpc-design.php:570)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Neon Channel Product Customizer Free Attack Surface

Entry Points11

Unprotected0

AJAX Handlers 9

authwp_ajax_ncpc_add_custom_design_to_cartincludes\functions.php:138

noprivwp_ajax_ncpc_add_custom_design_to_cartincludes\functions.php:139

authwp_ajax_ncpc_free_dismiss_reviewincludes\functions.php:194

noprivwp_ajax_ncpc_free_dismiss_reviewincludes\functions.php:195

authwp_ajax_ncpc_free_dismiss_promoincludes\functions.php:217

noprivwp_ajax_ncpc_free_dismiss_promoincludes\functions.php:218

authwp_ajax_ncpc_free_track_plugin_clickincludes\functions.php:240

noprivwp_ajax_ncpc_free_track_plugin_clickincludes\functions.php:241

authwp_ajax_ncpc_dismiss_pro_noticeincludes\functions.php:268

Shortcodes 2

[ncpc-configurator] includes\Frontend.php:14

[ncpc-proncducts] includes\Frontend.php:15

WordPress Hooks 42

actioninitclasses\ncpc-config.php:16

actioninitclasses\ncpc-config.php:17

actioninitclasses\ncpc-config.php:18

filterthe_contentclasses\ncpc-config.php:19

filterinitclasses\ncpc-config.php:20

filterquery_varsclasses\ncpc-config.php:21

actionwoocommerce_after_order_itemmetaclasses\ncpc-design.php:17

actionwoocommerce_review_order_after_cart_contentsclasses\ncpc-design.php:18

actionwoocommerce_checkout_create_order_line_itemclasses\ncpc-design.php:19

actionwoocommerce_order_item_meta_startclasses\ncpc-design.php:22

filterwoocommerce_email_attachmentsclasses\ncpc-design.php:23

actionwoocommerce_order_item_meta_endclasses\ncpc-design.php:24

actionwoocommerce_product_options_general_product_dataclasses\ncpc-product-config.php:50

actionwoocommerce_product_after_variable_attributesclasses\ncpc-product-config.php:51

actionwoocommerce_save_product_variationclasses\ncpc-product-config.php:52

actionsave_post_productclasses\ncpc-product-config.php:53

filtermanage_edit-product_columnsclasses\ncpc-product-config.php:54

filterwoocommerce_cart_item_thumbnailclasses\ncpc-product-config.php:55

actionwoocommerce_after_cart_item_nameclasses\ncpc-product-config.php:56

actionwoocommerce_before_calculate_totalsclasses\ncpc-product-config.php:57

actionmanage_product_posts_custom_columnclasses\ncpc-product-config.php:58

actionwoocommerce_after_add_to_cart_buttonclasses\ncpc-product-config.php:59

actionwoocommerce_after_add_to_cart_buttonclasses\ncpc-product-config.php:60

filterwoocommerce_loop_add_to_cart_linkclasses\ncpc-product-config.php:61

actionwoocommerce_single_product_summaryclasses\ncpc-product-config.php:62

actionwoocommerce_cart_item_removedclasses\ncpc-product-config.php:63

actionwp_footerclasses\ncpc-product-config.php:610

actionadmin_menuincludes\Admin.php:12

filterupload_mimesincludes\Admin.php:13

filterwp_check_filetype_and_extincludes\Admin.php:14

actionadmin_enqueue_scriptsincludes\Admin.php:44

actionrest_api_initincludes\Api\Api.php:40

actionadmin_enqueue_scriptsincludes\Assets.php:14

actionwp_enqueue_scriptsincludes\Assets.php:16

actionplugins_loadedneon-channel-product-customizer-free.php:88

actionadmin_noticesneon-channel-product-customizer-free.php:90

actionadmin_noticesneon-channel-product-customizer-free.php:91

actionadmin_noticesneon-channel-product-customizer-free.php:92

actionadmin_noticesneon-channel-product-customizer-free.php:93

actionadmin_noticesneon-channel-product-customizer-free.php:94

actioninitneon-channel-product-customizer-free.php:333

actioninitneon-channel-product-customizer-free.php:346

Maintenance & Trust

Neon Channel Product Customizer Free Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedOct 14, 2025

PHP min version7.0

Downloads3K

Community Trust

Rating100/100

Number of ratings1

Active installs50

Alternatives

Neon Channel Product Customizer Free Alternatives

Sign Customiser

sign-customiser

100

Transform your WooCommerce store into a powerful custom sign business with real-time pricing, instant previews, and automated manufacturing specs.

30 No CVEs

Zakeke Interactive Product Designer for WooCommerce

zakeke-interactive-product-designer

100

Let your buyers customize and view their personalized product before purchasing. Get happy customers buying from you and coming back for more.

2K No CVEs

PickPlugins Product Designer for WooCommerce

product-designer

Ready product designer plugin for WooCommerce

600 3 CVEs

Custom Product Builder for WooCommerce – Product Designer and Customizer

custom-product-builder-for-woocommerce

100

The WooCommerce product designer plugin trusted by 200+ stores. Let customers design custom t-shirts, mugs, phone cases, jewelry and more with an intu …

300 No CVEs

Visual Product Configurator for Woocommerce Lite

visual-products-configurator-for-woocommerce

100

A woocommerce product customizer for woocommerce that allows customers to build any composite product visually.

200 No CVEs

Developer Profile

Neon Channel Product Customizer Free Developer Profile

vertim

3 plugins · 100 total installs

trust score

Avg Security Score

84/100

Avg Patch Time

5 days

View full developer profile

Detection Fingerprints

How We Detect Neon Channel Product Customizer Free

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/neon-channel-product-customizer-free/assets/css/ncpc-frontend.css/wp-content/plugins/neon-channel-product-customizer-free/assets/css/ncpc-backend.css/wp-content/plugins/neon-channel-product-customizer-free/assets/js/ncpc-frontend.js/wp-content/plugins/neon-channel-product-customizer-free/assets/js/ncpc-backend.js/wp-content/plugins/neon-channel-product-customizer-free/assets/js/ncpc-frontend-script.js/wp-content/plugins/neon-channel-product-customizer-free/assets/js/ncpc-backend-script.js/wp-content/plugins/neon-channel-product-customizer-free/assets/js/ncpc-admin-notice.js

Script Paths

https://signsdesigner.us/wp-content/plugins/neon-channel-product-customizer-free/assets/js/ncpc-frontend.jshttps://signsdesigner.us/wp-content/plugins/neon-channel-product-customizer-free/assets/js/ncpc-backend.jshttps://signsdesigner.us/wp-content/plugins/neon-channel-product-customizer-free/assets/js/ncpc-frontend-script.jshttps://signsdesigner.us/wp-content/plugins/neon-channel-product-customizer-free/assets/js/ncpc-backend-script.jshttps://signsdesigner.us/wp-content/plugins/neon-channel-product-customizer-free/assets/js/ncpc-admin-notice.js

Version Parameters

neon-channel-product-customizer-free/assets/css/ncpc-frontend.css?ver=neon-channel-product-customizer-free/assets/css/ncpc-backend.css?ver=neon-channel-product-customizer-free/assets/js/ncpc-frontend.js?ver=neon-channel-product-customizer-free/assets/js/ncpc-backend.js?ver=neon-channel-product-customizer-free/assets/js/ncpc-frontend-script.js?ver=neon-channel-product-customizer-free/assets/js/ncpc-backend-script.js?ver=neon-channel-product-customizer-free/assets/js/ncpc-admin-notice.js?ver=

HTML / DOM Fingerprints

CSS Classes

ncpc-pronc-notice-widgetncpc-pronc-widget-contentncpc-pronc-sectionncpc-pronc-iconncpc-pronc-textncpc-pronc-descncpc-product-config-wrapncpc-product-config-inner+17 more

HTML Comments

Copyright (c) 2023 Vertim Coders. All rights reserved.This program is free software; you can redistribute it and/or modifyThis program is distributed in the hope that it will be useful,You should have received a copy of the GNU General Public License+1 more

Data Attributes

ncpc-data-product-idncpc-data-config-optionsncpc-data-preview-urlncpc-data-cart-url

JS Globals

NCPCFrontendNCPCBackendncpc_frontend_paramsncpc_backend_paramsNCPC_Admin_Notice

REST Endpoints

/wp-json/ncpc/v1/config/wp-json/ncpc/v1/save_config

Shortcode Output

[ncpc_product_configurator]

FAQ