WP-Safety

Notification WooCommerce Security & Risk Analysis

wordpress.org/plugins/notification-woocommerce

The easy and ultimate solution for notifiaction that lets your customer set notification for product availablity and/or discount.

10 active installs v0.4 PHP + WP 3.3+ Updated Aug 12, 2016
commercediscountdiscount-notificationecommerceemailemail-notification
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Notification WooCommerce Safe to Use in 2026?

Generally Safe

Score 85/100

Notification WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9yr ago
Risk Assessment

The "notification-woocommerce" plugin v0.4 exhibits significant security concerns due to its attack surface. All three identified AJAX handlers lack authentication checks, presenting a substantial risk of unauthorized access and malicious actions. Furthermore, the complete absence of output escaping for all identified outputs is a critical flaw, making the plugin highly susceptible to cross-site scripting (XSS) vulnerabilities. While the plugin has no recorded vulnerability history and shows some good practices like using prepared statements for a majority of its SQL queries, these strengths are heavily outweighed by the immediate and severe risks posed by the unprotected AJAX endpoints and unescaped output. The lack of taint analysis data could be a positive indicator, but the evident weaknesses in authentication and output sanitization create a high-risk profile.

Key Concerns

  • AJAX handlers without authentication
  • Output escaping is not properly implemented
  • No nonce checks on AJAX handlers
  • Only one capability check for 3 entry points
Vulnerabilities
None known

Notification WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Notification WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
4
6 prepared
Unescaped Output
11
0 escaped
Nonce Checks
0
Capability Checks
1
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

60% prepared10 total queries

Output Escaping

0% escaped11 total outputs
Attack Surface
3 unprotected

Notification WooCommerce Attack Surface

Entry Points3
Unprotected3

AJAX Handlers 3

authwp_ajax_wcn_remove_admin_notificationinc\basic\admin\seller-admin-dashboard.php:7
authwp_ajax_wcn_set_notificationuser-public.php:12
noprivwp_ajax_wcn_set_notificationuser-public.php:13
WordPress Hooks 14
actionsave_postadmin\admin-product.php:12
actionadmin_noticesadmin\admin-product.php:13
actionadmin_menuadmin\admin-wcn-settings.php:2
actionadmin_initadmin\admin-wcn-settings.php:3
actionadmin_menucc-products-page.php:8
actionadmin_print_scriptscc-products-page.php:9
actionadmin_noticesinc\basic\admin\seller-admin-dashboard.php:6
filterwcn_save_product_topinc\basic\loader.php:9
actionwcn_set_admin_notificationinc\basic\loader.php:13
actionadmin_headinc\basic\loader.php:15
actionwcn_initial_setupinc\basic\loader.php:22
actionwoocommerce_single_product_summaryuser-public.php:6
actionwp_enqueue_scriptsuser-public.php:9
actionadmin_enqueue_scriptswoocommerce-notification.php:46
Maintenance & Trust

Notification WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested4.5.33
Last updatedAug 12, 2016
PHP min version
Downloads1K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

Notification WooCommerce Alternatives

Mailchimp for WooCommerce

Mailchimp for WooCommerce

mailchimp-for-woocommerce

A
99

Connect your store to your Mailchimp audience to track sales, create targeted emails, send abandoned cart emails, and more.

300K 2 CVEs
MailerLite – WooCommerce integration

MailerLite – WooCommerce integration

woo-mailerlite

A
93

Powerful e-commerce email marketing tools that are easy to use. Grow your store with automated emails, pop-ups, product blocks, sales tracking + more.

30K 4 CVEs
Website Pop-up Builder by BDOW! (formerly Sumo): Pop-ups + forms for email opt-ins and lead generation

Website Pop-up Builder by BDOW! (formerly Sumo): Pop-ups + forms for email opt-ins and lead generation

sumome

A
99

Sumo is trusted by over 600,000 businesses — small and large — in growing their email lists, customer base, and revenue online.

20K 1 CVE
ActiveCampaign for WooCommerce

ActiveCampaign for WooCommerce

activecampaign-for-woocommerce

A
100

https://youtu.be/wHPrLFXQTgQ

6K 1 CVE
WP WooCommerce Mailchimp

WP WooCommerce Mailchimp

woocommerce-mailchimp

A
100

Simple and flexible Mailchimp integration for WooCommerce.

6K No CVEs
Developer Profile

Notification WooCommerce Developer Profile

Mithu A Quayium

16 plugins · 500 total installs

84
trust score
Avg Security Score
86/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Notification WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/notification-woocommerce/assets/css/admin.css/wp-content/plugins/notification-woocommerce/assets/js/seller-admin-dashboard.js/wp-content/plugins/notification-woocommerce/assets/js/vue.js
Script Paths
/wp-content/plugins/notification-woocommerce/assets/js/vue.js/wp-content/plugins/notification-woocommerce/assets/js/seller-admin-dashboard.js

HTML / DOM Fingerprints

CSS Classes
wn-notification-btn
Data Attributes
v-if@click
JS Globals
is_availableis_discountwn-product-notification-app
FAQ

Frequently Asked Questions about Notification WooCommerce