WP-Safety

Product Expiry for WooCommerce Security & Risk Analysis

wordpress.org/plugins/product-expiry-for-woocommerce

Set expiration dates for WooCommerce products and variations. Automatically change their status or send notifications when they expire.

2K active installs v3.0 PHP + WP 3.5+ Updated Mar 13, 2026
productproduct-expirywoowoo-notificationswoocommerce
100
A · Safe
CVEs total1
Unpatched0
Last CVEJan 2, 2024
Plugin page Download
Safety Verdict

Is Product Expiry for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Product Expiry for WooCommerce has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Jan 2, 2024Updated 21d ago
Risk Assessment

The 'product-expiry-for-woocommerce' plugin v3.0 generally exhibits good security practices, particularly in its handling of SQL queries and output escaping. The static analysis reveals a limited attack surface with no readily apparent unprotected entry points. The absence of dangerous functions, file operations, and external HTTP requests is also a positive indicator. Taint analysis shows no critical or high-severity vulnerabilities related to unsanitized data flows, further contributing to a positive security posture.

However, the plugin's vulnerability history is a notable concern. While there are no currently unpatched vulnerabilities, the presence of one past medium-severity CVE, specifically related to Missing Authorization, suggests a potential for similar issues to arise. The fact that this was a relatively recent vulnerability (January 2024) indicates that the security of authorization mechanisms may require ongoing vigilance.

In conclusion, 'product-expiry-for-woocommerce' v3.0 demonstrates strengths in secure coding for database operations and output handling. The well-controlled attack surface and positive taint analysis results are commendable. Nevertheless, the historical pattern of a missing authorization vulnerability warrants careful consideration, suggesting that while the current version appears robust, a proactive approach to monitoring and auditing authorization logic in future updates would be prudent.

Key Concerns

  • Past medium-severity CVE related to Missing Authorization
Vulnerabilities
1

Product Expiry for WooCommerce Security Vulnerabilities

CVEs by Year

1 CVE in 2024
2024
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2024-0201medium · 5.4Missing Authorization

Product Expiry for WooCommerce <= 2.5 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Update

Jan 2, 2024 Patched in 2.6 (21d)
Code Analysis
Analyzed Mar 16, 2026

Product Expiry for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
8 prepared
Unescaped Output
4
51 escaped
Nonce Checks
1
Capability Checks
1
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared8 total queries

Output Escaping

93% escaped55 total outputs
Data Flows
All sanitized

Data Flow Analysis

2 flows
save_settings (includes\class-admin.php:62)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Product Expiry for WooCommerce Attack Surface

Entry Points2
Unprotected0

AJAX Handlers 1

authwp_ajax_woope_save_admin_settingsincludes\class-admin.php:17

Shortcodes 1

[expiry_date] includes\class-frontend.php:18
WordPress Hooks 25
actionadmin_menuincludes\class-admin.php:11
actionadmin_enqueue_scriptsincludes\class-admin.php:23
filterplugin_action_linksincludes\class-admin.php:29
filtermanage_product_posts_columnsincludes\class-columns.php:11
actionmanage_product_posts_custom_columnincludes\class-columns.php:17
filtermanage_edit-product_sortable_columnsincludes\class-columns.php:25
actionpre_get_postsincludes\class-columns.php:31
actionadmin_enqueue_scriptsincludes\class-columns.php:36
actionwoocommerce_product_quick_edit_startincludes\class-columns.php:41
actionwoocommerce_product_quick_edit_saveincludes\class-columns.php:46
actionrestrict_manage_postsincludes\class-filter.php:11
actionpre_get_postsincludes\class-filter.php:17
actionwpincludes\class-frontend.php:11
filterwoocommerce_available_variationincludes\class-frontend.php:13
actionwp_enqueue_scriptsincludes\class-frontend.php:23
actionwoocommerce_order_item_meta_startincludes\class-order.php:11
actionwoocommerce_checkout_create_order_line_itemincludes\class-order.php:19
filterwoocommerce_product_data_tabsincludes\class-product-meta.php:11
actionwoocommerce_product_data_panelsincludes\class-product-meta.php:14
actionwoocommerce_variation_options_pricingincludes\class-product-meta.php:17
actionwoocommerce_process_product_metaincludes\class-product-meta.php:25
actionwoocommerce_save_product_variationincludes\class-product-meta.php:31
actionwoo_expiry_schedule_actionincludes\class-scheduler.php:9
actionwoope_handle_expiry_notificationincludes\class-scheduler.php:74
actionplugins_loadedproduct-expiry-for-woocommerce.php:29

Scheduled Events 1

woo_expiry_schedule_action
Maintenance & Trust

Product Expiry for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 13, 2026
PHP min version
Downloads21K

Community Trust

Rating90/100
Number of ratings12
Active installs2K
Alternatives

Product Expiry for WooCommerce Alternatives

Variation Auto Expire For WooCommerce

Variation Auto Expire For WooCommerce

variation-auto-expire-for-woocommerce

A
100

Change variation stock status to out of stock or delete on specific date-time (variation availability till specific date-time only).

300 No CVEs
Google for WooCommerce

Google for WooCommerce

google-listings-and-ads

A
99

Native integration with Google that allows merchants to easily display their products across Google’s network.

900K 1 CVE
Pinterest for WooCommerce

Pinterest for WooCommerce

pinterest-for-woocommerce

A
100

Get your products in front of Pinterest users searching for ideas and things to buy. Connect your WooCommerce store to make your catalog browsable.

300K No CVEs
FiboSearch – Ajax Search for WooCommerce

FiboSearch – Ajax Search for WooCommerce

ajax-search-for-woocommerce

A
96

The most popular WooCommerce product search plugin. Gives your users a well-designed advanced AJAX search bar with live search suggestions.

100K 3 CVEs
Relevanssi – A Better Search

Relevanssi – A Better Search

relevanssi

B
82

Relevanssi replaces the default search with a partial-match search that sorts results by relevance. It also indexes comments and shortcode content.

100K 17 CVEs
Developer Profile

Product Expiry for WooCommerce Developer Profile

webcodingplace

4 plugins · 5K total installs

76
trust score
Avg Security Score
83/100
Avg Patch Time
49 days
View full developer profile
Detection Fingerprints

How We Detect Product Expiry for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/product-expiry-for-woocommerce/assets/js/trigger-date-picker.js/wp-content/plugins/product-expiry-for-woocommerce/assets/css/admin.css/wp-content/plugins/product-expiry-for-woocommerce/assets/js/admin.js
Script Paths
/wp-content/plugins/product-expiry-for-woocommerce/assets/js/trigger-date-picker.js/wp-content/plugins/product-expiry-for-woocommerce/assets/js/admin.js
Version Parameters
product-expiry-for-woocommerce/assets/js/trigger-date-picker.js?ver=product-expiry-for-woocommerce/assets/css/admin.css?ver=product-expiry-for-woocommerce/assets/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
woope-expiry-datewoope-expired-message
Data Attributes
data-expiry-date
JS Globals
woope_admin
Shortcode Output
[expiry_date]
FAQ

Frequently Asked Questions about Product Expiry for WooCommerce