WP-Safety

ووکامرس فارسی Security & Risk Analysis

wordpress.org/plugins/persian-woocommerce

بسته ووکامرس فارسی به راحتی سیستم فروشگاه ساز ووکامرس را فارسی می کند و امکانات جدید متناسب با ایران را به ووکامرس اضافه میکند.

100K active installs v10.0.2 PHP 7.4+ WP 6.0.0+ Updated Feb 18, 2026
persian-woocommerceshamsi%d9%88%d9%88%da%a9%d8%a7%d9%85%d8%b1%d8%b3%d9%88%d9%88%da%a9%d8%a7%d9%85%d8%b1%d8%b3-%d9%81%d8%a7%d8%b1%d8%b3%db%8cwoocommerce
99
A · Safe
CVEs total2
Unpatched0
Last CVEAug 9, 2024
Plugin page Download
Safety Verdict

Is ووکامرس فارسی Safe to Use in 2026?

Generally Safe

Score 99/100

ووکامرس فارسی has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

2 known CVEsLast CVE: Aug 9, 2024Updated 2mo ago
Risk Assessment

The 'persian-woocommerce' v10.0.2 plugin exhibits a generally good security posture, with a strong emphasis on secure coding practices. The static analysis reveals a low attack surface with no identified unprotected entry points. The code demonstrates excellent adherence to security best practices, with a very high percentage of SQL queries using prepared statements and output being properly escaped. Nonce and capability checks are present on a reasonable number of functions, and there are no obvious signs of dangerous functions being used. The absence of bundled libraries is also a positive indicator, reducing the risk of inheriting vulnerabilities from outdated third-party code.

Despite the strong static analysis results, the vulnerability history presents a notable concern. The plugin has two known medium-severity vulnerabilities, with the last one being very recent (August 2024). The common types of vulnerabilities found (Missing Authorization and Cross-site Scripting) suggest potential issues with input validation and access control in past versions. While currently no CVEs are unpatched, this history indicates a pattern of past security weaknesses that, if not thoroughly addressed and tested, could resurface or lead to new vulnerabilities. The taint analysis shows a concerning number of flows with unsanitized paths, even though they are not currently categorized as critical or high severity. This could indicate potential for subtle vulnerabilities that might be exploited in specific scenarios.

In conclusion, 'persian-woocommerce' v10.0.2 has made significant strides in security, particularly in its core coding practices. However, the recent history of medium-severity vulnerabilities and the presence of unsanitized taint flows warrant careful consideration. Users should remain vigilant, ensure the plugin is kept updated, and consider the past vulnerability patterns as a reminder of potential risks that might not be fully mitigated by current static analysis.

Key Concerns

  • Recent medium severity vulnerabilities
  • Flows with unsanitized paths
Vulnerabilities
2 published

ووکامرس فارسی Security Vulnerabilities

CVEs by Year

1 CVE in 2022
2022
1 CVE in 2024
2024
Patched Has unpatched

Severity Breakdown

Medium
2

2 total CVEs

CVE-2024-43219medium · 5.3Missing Authorization

Persian WooCommerce <= 7.1.6 - Missing Authorization

Aug 9, 2024 Patched in 9.0.0 (6d)
CVE-2021-24940medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Persian WooCommerce <= 5.8.0 - Reflected Cross-Site Scripting

Feb 15, 2022 Patched in 5.9.8 (707d)
Version History

ووکامرس فارسی Release Timeline

v10.0.2Current95 files changed
v10.0.1884 files changed
v9.3.5
v9.2.023 files changed
v9.1.0
v9.0.16 files changed
v9.0.0304 files changed
v7.1.61 CVE53 files changed
CVE-2024-43219
v7.1.51 CVE139 files changed
CVE-2024-43219
v7.1.31 CVE3 files changed
CVE-2024-43219
v7.1.21 CVE4 files changed
CVE-2024-43219
v7.1.11 CVE86 files changed
CVE-2024-43219
v7.0.21 CVE
CVE-2024-43219
Code Analysis
Analyzed Mar 16, 2026

ووکامرس فارسی Code Analysis

Dangerous Functions
0
Raw SQL Queries
4
44 prepared
Unescaped Output
11
364 escaped
Nonce Checks
5
Capability Checks
3
File Operations
6
External Requests
4
Bundled Libraries
0

SQL Query Safety

92% prepared48 total queries

Output Escaping

97% escaped375 total outputs
Data Flows · Security
8 unsanitized

Data Flow Analysis

11 flows8 with unsanitized paths
process_payment_verify (include\class-gateways.php:193)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

ووکامرس فارسی Attack Surface

Entry Points14
Unprotected0

AJAX Handlers 3

authwp_ajax_pw_dismiss_noticeinclude\class-notice.php:9
authwp_ajax_pw_update_noticeinclude\class-notice.php:10
authwp_ajax_pw_save_translatesinclude\class-translate.php:24

REST API Routes 11

GET/wp-json/persian-woocommerce/reportsrevenue/debugsrc\API\ReportAPI.php:23
GET/wp-json/persian-woocommerce/reportsrevenue/summarysrc\API\ReportAPI.php:30
GET/wp-json/persian-woocommerce/reportsrevenue/orderssrc\API\ReportAPI.php:37
GET/wp-json/persian-woocommerce/reportsrevenue/chartsrc\API\ReportAPI.php:44
GET/wp-json/persian-woocommerce/reportsrevenue/top-sellerssrc\API\ReportAPI.php:51
GET/wp-json/persian-woocommerce/reportscustomer/summarysrc\API\ReportAPI.php:61
GET/wp-json/persian-woocommerce/reportscustomer/chartsrc\API\ReportAPI.php:68
GET/wp-json/persian-woocommerce/reportscustomer/userssrc\API\ReportAPI.php:75
GET/wp-json/persian-woocommerce/reportsstock/summarysrc\API\ReportAPI.php:85
GET/wp-json/persian-woocommerce/reportsstock/productssrc\API\ReportAPI.php:92
GET/wp-json/persian-woocommerce/reportsstock/exportsrc\API\ReportAPI.php:99
WordPress Hooks 95
filterwoocommerce_get_country_localeinclude\class-address.php:59
filterwoocommerce_localisation_address_formatsinclude\class-address.php:60
filterwoocommerce_statesinclude\class-address.php:61
filterwoocommerce_checkout_fieldsinclude\class-address.php:70
filterwoocommerce_billing_fieldsinclude\class-address.php:71
filterwoocommerce_shipping_fieldsinclude\class-address.php:72
filterwoocommerce_form_field_billing_iran_citiesinclude\class-address.php:74
filterwoocommerce_form_field_shipping_iran_citiesinclude\class-address.php:75
actionwp_enqueue_scriptsinclude\class-address.php:77
actionwp_footerinclude\class-address.php:78
actionwp_footerinclude\class-address.php:79
actionwp_footerinclude\class-address.php:276
actionadmin_menuinclude\class-changelog.php:18
actionadmin_menuinclude\class-core.php:38
actionadmin_headinclude\class-core.php:39
actionadmin_enqueue_scriptsinclude\class-core.php:40
actionplugins_loadedinclude\class-core.php:41
filterwoocommerce_screen_idsinclude\class-core.php:42
filterplugin_action_links_persian-woocommerce/woocommerce-persian.phpinclude\class-core.php:44
actionwoocommerce_blocks_payment_method_type_registrationinclude\class-core.php:55
filterwoocommerce_currenciesinclude\class-currencies.php:21
filterwoocommerce_currency_symbolinclude\class-currencies.php:22
filterwoocommerce_structured_data_product_offerinclude\class-currencies.php:23
filterrank_math/snippet/rich_snippet_product_entityinclude\class-currencies.php:25
filterrank_math/opengraph/facebook/product_price_amountinclude\class-currencies.php:26
filterrank_math/opengraph/facebook/product_price_currencyinclude\class-currencies.php:27
filterwpseo_schema_offerinclude\class-currencies.php:29
filterwoocommerce_payment_gatewaysinclude\class-gateways.php:28
actionactivated_plugininclude\class-install.php:12
actionadmin_noticesinclude\class-notice.php:8
actionadmin_initinclude\class-tools.php:28
actionwoocommerce_admin_field_fileinclude\class-tools.php:29
actionwoocommerce_admin_field_select_imageinclude\class-tools.php:30
filterwoocommerce_admin_field_multi_select_statesinclude\class-tools.php:32
filteroverride_unload_textdomaininclude\class-translate.php:18
filterload_textdomain_mofileinclude\class-translate.php:19
actionadd_meta_boxesinclude\class-translate.php:21
actionadmin_initinclude\class-translate.php:22
filtergettext_with_contextinclude\class-translate.php:56
filterngettext_with_contextinclude\class-translate.php:57
filtergettextinclude\class-translate.php:58
filterngettextinclude\class-translate.php:59
actionwp_dashboard_setupinclude\class-widget.php:13
filterwoocommerce_payment_gatewaysinclude\gateways\class-zibal.php:5
actionafter_plugin_row_zibal-payment-gateway-for-woocommerce/index.phpinclude\gateways\class-zibal.php:12
filterwoocommerce_checkout_fieldsinclude\tools\class-checkout.php:12
filterwoocommerce_enable_order_notes_fieldinclude\tools\class-checkout.php:31
filterwoocommerce_mail_callback_paramsinclude\tools\class-date.php:27
actionwoocommerce_process_shop_order_metainclude\tools\class-date.php:29
actionwoocommerce_process_product_metainclude\tools\class-date.php:30
actionwoocommerce_ajax_save_product_variationsinclude\tools\class-date.php:31
actionwoocommerce_process_shop_coupon_metainclude\tools\class-date.php:32
filterpre_get_postsinclude\tools\class-date.php:34
actionrestrict_manage_postsinclude\tools\class-date.php:35
filterwoocommerce_order_query_argsinclude\tools\class-date.php:37
actionwoocommerce_order_list_table_restrict_manage_ordersinclude\tools\class-date.php:38
filterwp_dateinclude\tools\class-date.php:40
actionadmin_enqueue_scriptsinclude\tools\class-datepicker.php:21
actionadmin_print_footer_scriptsinclude\tools\class-datepicker.php:22
actionlogin_enqueue_scriptsinclude\tools\class-design.php:81
actionlogin_enqueue_scriptsinclude\tools\class-design.php:97
actionadmin_enqueue_scriptsinclude\tools\class-design.php:141
actionlogin_enqueue_scriptsinclude\tools\class-design.php:143
actionforminator_loadedinclude\tools\class-forminator.php:30
actionforminator_form_after_handle_submitinclude\tools\class-forminator.php:31
actionforminator_form_after_save_entryinclude\tools\class-forminator.php:32
filterpre_get_postsinclude\tools\class-general.php:8
filterwoocommerce_checkout_processinclude\tools\class-general.php:11
filterwoocommerce_validate_postcodeinclude\tools\class-general.php:15
filterwoocommerce_checkout_processinclude\tools\class-general.php:19
actionwoocommerce_after_checkout_validationinclude\tools\class-general.php:43
filterwoocommerce_empty_price_htmlinclude\tools\class-price.php:12
filterwoocommerce_sale_flashinclude\tools\class-price.php:13
filterwc_priceinclude\tools\class-price.php:17
filterwoocommerce_get_price_htmlinclude\tools\class-price.php:18
filterwoocommerce_cart_item_priceinclude\tools\class-price.php:20
filterwoocommerce_cart_item_subtotalinclude\tools\class-price.php:21
filterwoocommerce_cart_subtotalinclude\tools\class-price.php:22
filterwoocommerce_cart_shipping_method_full_labelinclude\tools\class-price.php:23
filterwoocommerce_cart_totalinclude\tools\class-price.php:24
actionwoocommerce_checkout_processinclude\tools\class-price.php:28
actionwoocommerce_before_cartinclude\tools\class-price.php:29
actionwoocommerce_variable_price_htmlinclude\tools\class-price.php:33
actionwoocommerce_dropdown_variation_attribute_options_argsinclude\tools\class-price.php:34
filterrank_math/replacementsinclude\tools\class-rank-math.php:8
filterPW_Tools_tabsinclude\tools\class-super-admin.php:18
filterPW_Tools_settingsinclude\tools\class-super-admin.php:19
filterwoocommerce_allow_marketplace_suggestionsinclude\tools\class-super-admin.php:26
actionadmin_menuinclude\tools\class-super-admin.php:31
filterpre_http_requestinclude\tools\class-super-admin.php:62
actionadmin_menusrc\Admin\Menu.php:10
actionrest_api_initsrc\API\RestAPI.php:10
actionadmin_enqueue_scriptssrc\PersianWooCommerce.php:14
actionwoocommerce_loadedwoocommerce-persian.php:40
actionbefore_woocommerce_initwoocommerce-persian.php:61
Maintenance & Trust

ووکامرس فارسی Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 18, 2026
PHP min version7.4
Downloads2.2M

Community Trust

Rating86/100
Number of ratings71
Active installs100K
Alternatives

ووکامرس فارسی Alternatives

افزونه پیامک ووکامرس Persian WooCommerce SMS

افزونه پیامک ووکامرس Persian WooCommerce SMS

persian-woocommerce-sms

B
72

افزونه کامل و حرفه ای برای اطلاع رسانی پیامکی سفارشات و رویداد های محصولات ووکامرس

40K 1 unpatched
پارسی دیت – Parsi Date

پارسی دیت – Parsi Date

wp-parsidate

A
99

Persian date support for WordPress

100K 2 CVEs
Zify Gateway

Zify Gateway

zify-gateway

A
92

افزونه درگاه پرداخت زیفای برای ووکامرس

0 No CVEs
Zarinpal Gateway

Zarinpal Gateway

zarinpal-woocommerce-payment-gateway

A
97

پرداخت اینترنتی وجه به وسیله درگاه پرداخت واسطه زرین پال

60K 1 CVE
افزونه حمل و نقل ووکامرس | پست پیشتاز، تیپاکس و پیک موتوری

افزونه حمل و نقل ووکامرس | پست پیشتاز، تیپاکس و پیک موتوری

persian-woocommerce-shipping

A
99

ارسال مرسوله های ووکامرس از طریق پست پیشتاز، تسپاکس و پیک موتوری با محاسبه خودکار تعرفه

20K 1 CVE
Developer Profile

ووکامرس فارسی Developer Profile

PersianScript

3 plugins · 143K total installs

69
trust score
Avg Security Score
85/100
Avg Patch Time
528 days
View full developer profile
Detection Fingerprints

How We Detect ووکامرس فارسی

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/persian-woocommerce/assets/css/custom.css/wp-content/plugins/persian-woocommerce/assets/js/admin.js/wp-content/plugins/persian-woocommerce/assets/js/main.js
Script Paths
/wp-content/plugins/persian-woocommerce/assets/js/custom.js
Version Parameters
persian-woocommerce/assets/css/custom.css?ver=persian-woocommerce/assets/js/admin.js?ver=persian-woocommerce/assets/js/main.js?ver=persian-woocommerce/assets/js/custom.js?ver=

HTML / DOM Fingerprints

CSS Classes
form-row-stateform-row-city
Data Attributes
data-cities-url
JS Globals
pw_select_cities
FAQ

Frequently Asked Questions about ووکامرس فارسی