WP-Safety

Product Filter Widget for Elementor Security & Risk Analysis

wordpress.org/plugins/product-filter-widget-for-elementor

Product Filter Widget for Elementor Lets you give functionality to filter your products.

1K active installs v1.0.6 PHP 7.4+ WP 5.0+ Updated Jan 16, 2026
elementor-filter-widgetproduct-filterproduct-filter-widgetwoocommerce-filterwoocommerce-product-filter
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Product Filter Widget for Elementor Safe to Use in 2026?

Generally Safe

Score 100/100

Product Filter Widget for Elementor has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago
Risk Assessment

The 'product-filter-widget-for-elementor' plugin version 1.0.6 presents a mixed security posture. On the positive side, the plugin demonstrates good practices by not utilizing dangerous functions, performing all SQL queries using prepared statements, and having a high rate of output escaping. It also has no recorded historical vulnerabilities, suggesting a generally stable and secure development history.

However, significant concerns arise from the attack surface. The plugin exposes four AJAX handlers, all of which lack authentication checks. This means any unauthenticated user can trigger these actions, presenting a substantial risk. While taint analysis showed no critical or high severity issues with unsanitized paths, the presence of two flows with unsanitized paths, even if not classified as critical in this analysis, warrants attention due to the lack of authentication on the related entry points.

Overall, the lack of authentication on AJAX handlers is the most pressing security weakness. The absence of known vulnerabilities is a strength, but it does not negate the inherent risks introduced by the exposed, unauthenticated entry points. Developers should prioritize implementing proper authentication and authorization for all AJAX handlers.

Key Concerns

  • Unprotected AJAX handlers
  • Unsanitized paths in taint flows
  • No nonce checks on AJAX handlers
Vulnerabilities
None known

Product Filter Widget for Elementor Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Product Filter Widget for Elementor Release Timeline

v1.0.6Current
v1.0.5
v1.0.4
v1.0.3
v1.0.2
v1.0.1
v1.0.0
Code Analysis
Analyzed Mar 16, 2026

Product Filter Widget for Elementor Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
40
244 escaped
Nonce Checks
0
Capability Checks
3
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

86% escaped284 total outputs
Data Flows · Security
2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths
eszlwcf_filter_products (inc\controller\Eszpf_Ajax_Handler.php:166)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
4 unprotected

Product Filter Widget for Elementor Attack Surface

Entry Points4
Unprotected4

AJAX Handlers 4

authwp_ajax_eszlwcf_filter_productsinc\controller\Eszpf_Ajax_Handler.php:176
noprivwp_ajax_eszlwcf_filter_productsinc\controller\Eszpf_Ajax_Handler.php:177
authwp_ajax_eszlwcf_load_more_productsinc\controller\Eszpf_Ajax_Handler.php:178
noprivwp_ajax_eszlwcf_load_more_productsinc\controller\Eszpf_Ajax_Handler.php:179
WordPress Hooks 9
actionadmin_menuinc\admin\Eszpf_Admin_Dashboard.php:6
actionadmin_noticesproduct-filter-widget-for-elementor.php:70
actionadmin_noticesproduct-filter-widget-for-elementor.php:74
actionadmin_noticesproduct-filter-widget-for-elementor.php:82
actionelementor/frontend/after_enqueue_stylesproduct-filter-widget-for-elementor.php:97
actionelementor/frontend/after_register_scriptsproduct-filter-widget-for-elementor.php:99
actionelementor/widgets/registerproduct-filter-widget-for-elementor.php:102
actionadmin_enqueue_scriptsproduct-filter-widget-for-elementor.php:104
actioninitproduct-filter-widget-for-elementor.php:245
Maintenance & Trust

Product Filter Widget for Elementor Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 16, 2026
PHP min version7.4
Downloads15K

Community Trust

Rating80/100
Number of ratings4
Active installs1K
Alternatives

Product Filter Widget for Elementor Alternatives

YITH WooCommerce Ajax Product Filter

YITH WooCommerce Ajax Product Filter

yith-woocommerce-ajax-navigation

A
97

YITH WooCommerce Ajax Product Filter offers you the perfect way to filter all products of your WooCommerce shop.

80K 3 CVEs
Product Filter for WooCommerce by WBW

Product Filter for WooCommerce by WBW

woo-product-filter

A
88

Filter products by categories, attributes, prices, and more. Elementor Compatibility. Shoppers easily find products with WooCommerce Product Filter

60K 9 CVEs
Filter Everything — WordPress & WooCommerce Filters

Filter Everything — WordPress & WooCommerce Filters

filter-everything

A
100

The most flexible filters plugin for WordPress & WooCommerce – filter anything.

50K No CVEs
WCAPF – Ajax Product Filter for WooCommerce

WCAPF – Ajax Product Filter for WooCommerce

wc-ajax-product-filter

A
97

Filter WooCommerce products by category, tag, attribute, price, rating, author, meta fields, and keyword using AJAX.

9K 1 CVE
annasta Filters for WooCommerce

annasta Filters for WooCommerce

annasta-woocommerce-product-filters

A
100

All-in-one products search and filtering solution for your WooCommerce shop with rich features and customization options.

2K No CVEs
Developer Profile

Product Filter Widget for Elementor Developer Profile

Bhavin Thummar

2 plugins · 2K total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Product Filter Widget for Elementor

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/product-filter-widget-for-elementor/assets/library/slick.css/wp-content/plugins/product-filter-widget-for-elementor/assets/css/jquery-ui.css/wp-content/plugins/product-filter-widget-for-elementor/assets/css/app.css/wp-content/plugins/product-filter-widget-for-elementor/assets/library/slick.min.js/wp-content/plugins/product-filter-widget-for-elementor/assets/js/app.js/wp-content/plugins/product-filter-widget-for-elementor/assets/admin/js/admin.js
Script Paths
/wp-content/plugins/product-filter-widget-for-elementor/assets/library/slick.min.js/wp-content/plugins/product-filter-widget-for-elementor/assets/js/app.js
Version Parameters
product-filter-widget-for-elementor/assets/library/slick.css?ver=product-filter-widget-for-elementor/assets/css/jquery-ui.css?ver=product-filter-widget-for-elementor/assets/css/app.css?ver=product-filter-widget-for-elementor/assets/library/slick.min.js?ver=product-filter-widget-for-elementor/assets/js/app.js?ver=product-filter-widget-for-elementor/assets/admin/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
eszpf-product-filtereszpf-product-filter-wrapeszpf-filter-widgeteszpf-filter-contenteszpf-widget-search-formeszpf-widget-attributeseszpf-widget-attribute-title
Data Attributes
data-eszpf-product-filter-id
JS Globals
EszLwcfAjaxData
FAQ

Frequently Asked Questions about Product Filter Widget for Elementor