WP-Safety

Product Card Property Security & Risk Analysis

wordpress.org/plugins/product-card-property

Product properties plugin for marketing things

0 active installs v1.0.1 PHP 7.4+ WP 5.0+ Updated Jun 6, 2025
customizationinformation-elementsmarketingproduct-propertieswoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Product Card Property Safe to Use in 2026?

Generally Safe

Score 100/100

Product Card Property has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10mo ago
Risk Assessment

The product-card-property plugin version 1.0.1 exhibits a generally strong security posture based on the provided static analysis. It demonstrates excellent adherence to secure coding practices by utilizing prepared statements for all SQL queries and properly escaping all output. The absence of dangerous functions, external HTTP requests, and vulnerabilities in taint analysis further bolsters its security. The plugin also incorporates a healthy number of nonce and capability checks, indicating an awareness of common WordPress security vulnerabilities, especially concerning its 12 AJAX entry points, all of which are protected.

Despite these strengths, a few areas warrant attention. The plugin performs two file operations, and while the analysis doesn't highlight any explicit issues, file operations can sometimes introduce risks if not handled with extreme care, especially concerning path traversal or unauthorized file access. The vulnerability history being completely clear is a very positive indicator, suggesting a consistent track record of security or a lack of past scrutiny. However, a clean history doesn't guarantee future immunity, and vigilance is always recommended.

In conclusion, this plugin appears to be well-developed from a security perspective, with robust input handling and protection mechanisms for its entry points. The primary minor concern lies in the file operations, which, though not flagged as problematic, represent a potential area for deeper investigation if more detailed code review were available. The lack of any recorded vulnerabilities or critical findings in the static analysis is a significant strength.

Key Concerns

  • File operations present potential risk
Vulnerabilities
None known

Product Card Property Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Product Card Property Release Timeline

v1.0.1Current
v1.0.0
Code Analysis
Analyzed Mar 17, 2026

Product Card Property Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
4
1155 escaped
Nonce Checks
16
Capability Checks
2
File Operations
2
External Requests
0
Bundled Libraries
0

Output Escaping

100% escaped1159 total outputs
Data Flows
All sanitized

Data Flow Analysis

3 flows
search_product (Classes\BulkManager\Bulk.php:36)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Product Card Property Attack Surface

Entry Points12
Unprotected0

AJAX Handlers 12

authwp_ajax_search_productClasses\BulkManager\Bulk.php:15
authwp_ajax_save_tagsClasses\BulkManager\Bulk.php:16
authwp_ajax_save_categoriesClasses\BulkManager\Bulk.php:17
authwp_ajax_append_product_to_listClasses\BulkManager\Bulk.php:18
authwp_ajax_update_included_productsClasses\BulkManager\Bulk.php:19
authwp_ajax_create_labelClasses\Options\Ajax_Handler.php:18
authwp_ajax_delete_labelClasses\Options\Ajax_Handler.php:19
authwp_ajax_develux_custom_block_builder_formClasses\Options\Ajax_Handler.php:20
authwp_ajax_develux_single_previewerClasses\Options\Ajax_Handler.php:21
authwp_ajax_develux_search_productsClasses\Options\Ajax_Handler.php:22
authwp_ajax_develux_product_properties_deactivate_confirmClasses\Options\Ajax_Handler.php:23
authwp_ajax_develuxpp_dismiss_help_info_noticeClasses\Options\Ajax_Handler.php:24
WordPress Hooks 53
actionadmin_enqueue_scriptsClasses\Core\Admin_Notice.php:14
actionadmin_noticesClasses\Core\Admin_Notice.php:15
actionadmin_noticesClasses\Core\Admin_Notice.php:16
actionadmin_noticesClasses\Core\Admin_Notice.php:17
actionadmin_enqueue_scriptsClasses\Core\PluginCSSFiles.php:12
actionwp_enqueue_scriptsClasses\Core\PluginCSSFiles.php:13
actionadmin_enqueue_scriptsClasses\Core\PluginCSSFiles.php:14
actionadmin_enqueue_scriptsClasses\Core\PluginJSFiles.php:12
actionadmin_enqueue_scriptsClasses\Core\PluginJSFiles.php:13
actionadmin_enqueue_scriptsClasses\Core\PluginJSFiles.php:14
actionadmin_enqueue_scriptsClasses\Core\PluginJSFiles.php:15
actionwp_enqueue_scriptsClasses\Core\PluginJSFiles.php:16
actionadmin_enqueue_scriptsClasses\Core\PluginJSFiles.php:17
actionadmin_enqueue_scriptsClasses\Core\PluginJSFiles.php:18
filterplugin_row_metaClasses\Core\Plugin_Pro_Links.php:16
actionadmin_menuClasses\Core\Plugin_Pro_Links.php:17
actioninitClasses\Core\Plugin_Setup.php:12
filtersafe_style_cssClasses\Core\Plugin_Setup.php:13
actionwp_dashboard_setupClasses\DashboardWidget\DashboardWidget.php:14
actionsave_postClasses\Metaboxes\ProductData.php:16
actionwoocommerce_before_shop_loop_itemClasses\Metaboxes\ProductFE.php:20
actionwoocommerce_shop_loop_item_titleClasses\Metaboxes\ProductFE.php:21
actionwoocommerce_after_shop_loop_itemClasses\Metaboxes\ProductFE.php:22
actionwoocommerce_before_shop_loop_item_titleClasses\Metaboxes\ProductFE.php:23
actionwoocommerce_after_shop_loop_item_titleClasses\Metaboxes\ProductFE.php:24
actionwoocommerce_after_shop_loop_item_titleClasses\Metaboxes\ProductFE.php:25
actionwoocommerce_after_shop_loop_item_titleClasses\Metaboxes\ProductFE.php:50
actionwoocommerce_after_shop_loop_itemClasses\Metaboxes\ProductFE.php:52
actionwoocommerce_after_shop_loop_item_titleClasses\Metaboxes\ProductFE.php:54
actionadd_meta_boxesClasses\Metaboxes\ProductMetaBox.php:12
actioninitClasses\Metaboxes\ProductMetaBox.php:13
actionplugins_loadedClasses\Metaboxes\ProductMetaBox.php:14
actionsave_postClasses\Metaboxes\ProductRevisionData.php:16
actionwp_restore_post_revisionClasses\Metaboxes\ProductRevisionData.php:17
filter_wp_post_revision_fieldsClasses\Metaboxes\ProductRevisionData.php:18
filter_wp_post_revision_field_my_metaClasses\Metaboxes\ProductRevisionData.php:19
actioninitClasses\Options\Custom_Block_CPT.php:10
actionadmin_menuClasses\Options\Plugin_Main_Options_Page.php:19
actioninitClasses\Product_Card_Customizer_Facade.php:25
actioninitClasses\Product_Card_Customizer_Facade.php:26
actioninitClasses\Product_Card_Customizer_Facade.php:27
actioninitClasses\Product_Card_Customizer_Facade.php:28
actioninitClasses\Product_Card_Customizer_Facade.php:29
filterwoocommerce_get_settings_pagesClasses\WC_Settings\Develux_Add_Product_Properties.php:14
actionadd_meta_boxesClasses\Widgets\ProductWidget.php:11
actionsave_postClasses\Widgets\ProductWidget.php:12
actionwoocommerce_single_product_summaryClasses\Widgets\ProductWidget.php:13
actionsave_postClasses\Widgets\ProductWidget.php:16
actionwp_restore_post_revisionClasses\Widgets\ProductWidget.php:17
filter_wp_post_revision_fieldsClasses\Widgets\ProductWidget.php:18
filter_wp_post_revision_field_my_metaClasses\Widgets\ProductWidget.php:19
actionplugins_loadedproduct-card-property.php:33
actionbefore_woocommerce_initproduct-card-property.php:63
Maintenance & Trust

Product Card Property Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedJun 6, 2025
PHP min version7.4
Downloads417

Community Trust

Rating100/100
Number of ratings1
Active installs0
Alternatives

Product Card Property Alternatives

Devellux Sales Countdown Timer Builder

Devellux Sales Countdown Timer Builder

devellux-sales-countdown-timer-builder

A
100

Install the Sales Countdown Timer Builder plugin for your WooCommerce store.

0 No CVEs
MailPoet – Newsletters, Email Marketing, and Automation

MailPoet – Newsletters, Email Marketing, and Automation

mailpoet

A
98

Send beautiful newsletters from WordPress. Collect subscribers with signup forms, automate your emails for WooCommerce, blog post notifications & more

500K 3 CVEs
Pinterest for WooCommerce

Pinterest for WooCommerce

pinterest-for-woocommerce

A
100

Get your products in front of Pinterest users searching for ideas and things to buy. Connect your WooCommerce store to make your catalog browsable.

300K No CVEs
Klaviyo

Klaviyo

klaviyo

A
99

Klaviyo for WooCommerce

100K 2 CVEs
Email Marketing for WooCommerce by Omnisend

Email Marketing for WooCommerce by Omnisend

omnisend-connect

A
99

Email Marketing, Newsletter, Email Automation, Forms, Pop Up, SMS, Abandoned Cart made easy for WordPress & WooCommerce by Omnisend

50K 2 CVEs
Developer Profile

Product Card Property Developer Profile

Develux

3 plugins · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Product Card Property

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/product-card-property/assets/css/admin_notice.css/wp-content/plugins/product-card-property/assets/images/admin_help_notice_image.svg/wp-content/plugins/product-card-property/assets/js/admin_notice.js
Script Paths
/wp-content/plugins/product-card-property/assets/js/admin_notice.js
Version Parameters
product-card-property/assets/css/admin_notice.css?ver=product-card-property/assets/js/admin_notice.js?ver=

HTML / DOM Fingerprints

CSS Classes
develuxpp-notice-help-infodeveluxpp-flex-align-centerdeveluxpp-notice-contentdeveluxpp-notice-imagedeveluxpp-notice-textdeveluxpp-notice-buttons-groupdevelux-buttonstyling-button+1 more
Data Attributes
data-nonce
JS Globals
DEVELUXPP_PATHDEVELUXPP_URLDEVELUXPP_PLUGIN_BASENAMEDEVELUXPP_MIN_WP_VERSIONDEVELUXPP_MIN_WC_VERSIONDEVELUXPP_WOOCOMMERCE_MISSING+2 more
FAQ

Frequently Asked Questions about Product Card Property