Does Product Bundles – Variation Bundles have any unpatched vulnerabilities?

No. All known vulnerabilities in Product Bundles – Variation Bundles have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Product Bundles – Variation Bundles compatible with WordPress 6.8.5?

According to WordPress.org data, Product Bundles – Variation Bundles 2.0.2 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Product Bundles – Variation Bundles compatible with PHP 7.4+?

Product Bundles – Variation Bundles requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Product Bundles – Variation Bundles updated?

Product Bundles – Variation Bundles was last updated on Apr 10, 2025. Frequent updates are generally a positive security signal.

What is Product Bundles – Variation Bundles's security score?

Product Bundles – Variation Bundles has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Product Bundles – Variation Bundles Security & Risk Analysis

wordpress.org/plugins/product-bundles-variation-bundles

Free mini-extension for WooCommerce Product Bundles that allows you to map Bundles to variations. Once a Product Bundle has been mapped to a variation …

600 active installs v2.0.2 PHP 7.4+ WP 6.2+ Updated Apr 10, 2025

bundlesmapproductvariationwoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Product Bundles – Variation Bundles Safe to Use in 2026?

Generally Safe

Score 100/100

Product Bundles – Variation Bundles has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11mo ago

Risk Assessment

The plugin "product-bundles-variation-bundles" v2.0.2 exhibits a mixed security posture. On the positive side, it demonstrates good practices by not utilizing dangerous functions, avoiding direct SQL queries in favor of prepared statements, and having no known vulnerabilities or CVEs in its history. This suggests a generally well-maintained codebase. However, a significant concern arises from its attack surface. The presence of one unprotected AJAX handler without any authentication or capability checks represents a direct entry point for potential attackers. While taint analysis and file operations show no immediate risks, the unescaped output percentage is also a weakness, potentially leading to Cross-Site Scripting (XSS) vulnerabilities if user-supplied data is not properly sanitized before being displayed. The lack of nonce checks on the AJAX handler further exacerbates this risk.

Key Concerns

Unprotected AJAX handler
Low output escaping percentage
Missing nonce check on AJAX

Vulnerabilities

None known

Product Bundles – Variation Bundles Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Product Bundles – Variation Bundles Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

6 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

46% escaped13 total outputs

Attack Surface

1 unprotected

Product Bundles – Variation Bundles Attack Surface

Entry Points1

Unprotected1

AJAX Handlers 1

authwp_ajax_woocommerce_json_search_variable_bundlesproduct-bundles-variation-bundles.php:103

WordPress Hooks 34

actionplugins_loadedproduct-bundles-variation-bundles.php:81

actionadmin_noticesproduct-bundles-variation-bundles.php:90

actionadmin_noticesproduct-bundles-variation-bundles.php:95

actionwoocommerce_product_after_variable_attributesproduct-bundles-variation-bundles.php:100

actionwoocommerce_admin_process_variation_objectproduct-bundles-variation-bundles.php:106

actionwoocommerce_before_product_object_saveproduct-bundles-variation-bundles.php:109

filterwoocommerce_product_variation_get_skuproduct-bundles-variation-bundles.php:111

filterwoocommerce_product_variation_get_manage_stockproduct-bundles-variation-bundles.php:112

filterwoocommerce_product_variation_get_virtualproduct-bundles-variation-bundles.php:113

filterwoocommerce_product_variation_get_stock_statusproduct-bundles-variation-bundles.php:114

filterwoocommerce_product_variation_get_stock_quantityproduct-bundles-variation-bundles.php:115

filterwoocommerce_product_variation_get_widthproduct-bundles-variation-bundles.php:116

filterwoocommerce_product_variation_get_lengthproduct-bundles-variation-bundles.php:117

filterwoocommerce_product_variation_get_heightproduct-bundles-variation-bundles.php:118

filterwoocommerce_product_variation_get_shipping_class_idproduct-bundles-variation-bundles.php:119

filterwoocommerce_product_variation_get_tax_classproduct-bundles-variation-bundles.php:120

filterwoocommerce_product_variation_get_priceproduct-bundles-variation-bundles.php:121

filterwoocommerce_product_variation_get_regular_priceproduct-bundles-variation-bundles.php:122

filterwoocommerce_product_variation_get_sale_priceproduct-bundles-variation-bundles.php:123

filterwoocommerce_variation_pricesproduct-bundles-variation-bundles.php:124

filterwoocommerce_add_to_cart_product_idproduct-bundles-variation-bundles.php:127

filterwoocommerce_cart_item_permalinkproduct-bundles-variation-bundles.php:130

actionwoocommerce_add_cart_item_dataproduct-bundles-variation-bundles.php:133

actionbefore_woocommerce_initproduct-bundles-variation-bundles.php:136

actioninitproduct-bundles-variation-bundles.php:139

actionadmin_enqueue_scriptsproduct-bundles-variation-bundles.php:143

actionadmin_headproduct-bundles-variation-bundles.php:144

filterwoocommerce_csv_product_import_mapping_optionsproduct-bundles-variation-bundles.php:155

filterwoocommerce_csv_product_import_mapping_default_columnsproduct-bundles-variation-bundles.php:156

filterwoocommerce_product_importer_parsed_dataproduct-bundles-variation-bundles.php:159

filterwoocommerce_product_export_column_namesproduct-bundles-variation-bundles.php:164

filterwoocommerce_product_export_product_default_columnsproduct-bundles-variation-bundles.php:165

filterwoocommerce_product_export_product_column_wc_pb_variation_bundlesproduct-bundles-variation-bundles.php:168

filterwoocommerce_json_search_found_productsproduct-bundles-variation-bundles.php:351

Maintenance & Trust

Product Bundles – Variation Bundles Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedApr 10, 2025

PHP min version7.4

Downloads13K

Community Trust

Rating60/100

Number of ratings6

Active installs600

Alternatives

Product Bundles – Variation Bundles Alternatives

Force Sells for Variations

force-sells-for-variations

Adds products to specific variations and synchronizes quantities. Removes quantity change and remove buttons for these added products.

0 No CVEs

WCBoost – Variation Swatches

wcboost-variation-swatches

100

WCBoost – Variation Swatches is the ultimate plugin to display WooCommerce product variations in style.

40K No CVEs

Product Gallery Slider, Additional Variation Images, Product Video, Product Image Zoom and Lightbox for WooCommerce – WooGallery

gallery-slider-for-woocommerce

100

🔥 All-in-One WooCommerce Product Image and Video Gallery Solution to Enhance Your Customers' Shopping Experience and Boost Sales Instantly! 🚀

20K No CVEs

Product Gallery Slider, Additional Variation Images for WooCommerce

woo-product-gallery-slider

Enhance your customers' shopping experience and boost sales instantly with this WooCommerce Product Gallery Slider! 🚀

20K 2 CVEs

Additional Variation Images Gallery for WooCommerce

woo-variation-gallery

Allows inserting multiple images per variation to let your store customers to see different sets of images when WooCommerce product variations are swi …

20K 1 CVE

Developer Profile

Product Bundles – Variation Bundles Developer Profile

WooCommerce

36 plugins · 4.7M total installs

trust score

Avg Security Score

96/100

Avg Patch Time

234 days

View full developer profile

Detection Fingerprints

How We Detect Product Bundles – Variation Bundles

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/product-bundles-variation-bundles/assets/css/admin.css/wp-content/plugins/product-bundles-variation-bundles/assets/js/admin.js/wp-content/plugins/product-bundles-variation-bundles/assets/js/admin-product-variations.js

Script Paths

/wp-content/plugins/product-bundles-variation-bundles/assets/js/admin.js/wp-content/plugins/product-bundles-variation-bundles/assets/js/admin-product-variations.js

Version Parameters

/wp-content/plugins/product-bundles-variation-bundles/assets/css/admin.css?ver=/wp-content/plugins/product-bundles-variation-bundles/assets/js/admin.js?ver=/wp-content/plugins/product-bundles-variation-bundles/assets/js/admin-product-variations.js?ver=

HTML / DOM Fingerprints

CSS Classes

variation_bundle_enabledvariation_bundles_row

Data Attributes

data-wc-pb-variation-bundle

JS Globals

woocommerce_pb_variable_bundles_params

FAQ