Does Product Filter Widget for Elementor have any unpatched vulnerabilities?

No. All known vulnerabilities in Product Filter Widget for Elementor have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Product Filter Widget for Elementor compatible with WordPress 6.9.4?

According to WordPress.org data, Product Filter Widget for Elementor 1.0.6 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Product Filter Widget for Elementor compatible with PHP 7.4+?

Product Filter Widget for Elementor requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Product Filter Widget for Elementor updated?

Product Filter Widget for Elementor was last updated on Jan 16, 2026. Frequent updates are generally a positive security signal.

What is Product Filter Widget for Elementor's security score?

Product Filter Widget for Elementor has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Product Filter Widget for Elementor Security & Risk Analysis

wordpress.org/plugins/product-filter-widget-for-elementor

Product Filter Widget for Elementor Lets you give functionality to filter your products.

1K active installs v1.0.6 PHP 7.4+ WP 5.0+ Updated Jan 16, 2026

elementor-filter-widgetproduct-filterproduct-filter-widgetwoocommerce-filterwoocommerce-product-filter

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Product Filter Widget for Elementor Safe to Use in 2026?

Generally Safe

Score 100/100

Product Filter Widget for Elementor has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago

Risk Assessment

The 'product-filter-widget-for-elementor' plugin version 1.0.6 presents a mixed security posture. On the positive side, the plugin demonstrates good practices by not utilizing dangerous functions, performing all SQL queries using prepared statements, and having a high rate of output escaping. It also has no recorded historical vulnerabilities, suggesting a generally stable and secure development history.

However, significant concerns arise from the attack surface. The plugin exposes four AJAX handlers, all of which lack authentication checks. This means any unauthenticated user can trigger these actions, presenting a substantial risk. While taint analysis showed no critical or high severity issues with unsanitized paths, the presence of two flows with unsanitized paths, even if not classified as critical in this analysis, warrants attention due to the lack of authentication on the related entry points.

Overall, the lack of authentication on AJAX handlers is the most pressing security weakness. The absence of known vulnerabilities is a strength, but it does not negate the inherent risks introduced by the exposed, unauthenticated entry points. Developers should prioritize implementing proper authentication and authorization for all AJAX handlers.

Key Concerns

Unprotected AJAX handlers
Unsanitized paths in taint flows
No nonce checks on AJAX handlers

Vulnerabilities

None known

Product Filter Widget for Elementor Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Product Filter Widget for Elementor Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

244 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

86% escaped284 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

eszlwcf_filter_products (inc\controller\Eszpf_Ajax_Handler.php:166)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

4 unprotected

Product Filter Widget for Elementor Attack Surface

Entry Points4

Unprotected4

AJAX Handlers 4

authwp_ajax_eszlwcf_filter_productsinc\controller\Eszpf_Ajax_Handler.php:176

noprivwp_ajax_eszlwcf_filter_productsinc\controller\Eszpf_Ajax_Handler.php:177

authwp_ajax_eszlwcf_load_more_productsinc\controller\Eszpf_Ajax_Handler.php:178

noprivwp_ajax_eszlwcf_load_more_productsinc\controller\Eszpf_Ajax_Handler.php:179

WordPress Hooks 9

actionadmin_menuinc\admin\Eszpf_Admin_Dashboard.php:6

actionadmin_noticesproduct-filter-widget-for-elementor.php:70

actionadmin_noticesproduct-filter-widget-for-elementor.php:74

actionadmin_noticesproduct-filter-widget-for-elementor.php:82

actionelementor/frontend/after_enqueue_stylesproduct-filter-widget-for-elementor.php:97

actionelementor/frontend/after_register_scriptsproduct-filter-widget-for-elementor.php:99

actionelementor/widgets/registerproduct-filter-widget-for-elementor.php:102

actionadmin_enqueue_scriptsproduct-filter-widget-for-elementor.php:104

actioninitproduct-filter-widget-for-elementor.php:245

Maintenance & Trust

Product Filter Widget for Elementor Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 16, 2026

PHP min version7.4

Downloads15K

Community Trust

Rating80/100

Number of ratings4

Active installs1K

Alternatives

Product Filter Widget for Elementor Alternatives

YITH WooCommerce Ajax Product Filter

yith-woocommerce-ajax-navigation

YITH WooCommerce Ajax Product Filter offers you the perfect way to filter all products of your WooCommerce shop.

80K 3 CVEs

Product Filter for WooCommerce by WBW

woo-product-filter

Filter products by categories, attributes, prices, and more. Elementor Compatibility. Shoppers easily find products with WooCommerce Product Filter

60K 6 CVEs

Filter Everything — Product Filter & WordPress Filter

filter-everything

100

The most universal filters plugin for WordPress and WooCommerce products.

50K No CVEs

annasta Filters for WooCommerce

annasta-woocommerce-product-filters

100

All-in-one products search and filtering solution for your WooCommerce shop with rich features and customization options.

2K No CVEs

Premmerce Product Filter for WooCommerce

premmerce-woocommerce-product-filter

The Premmerce Product Filter for WooCommerce plugin is a professional tool for managing filters with perfect Ajax and unique SEO features.

2K 2 CVEs

Developer Profile

Product Filter Widget for Elementor Developer Profile

Bhavin Thummar

2 plugins · 2K total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Product Filter Widget for Elementor

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/product-filter-widget-for-elementor/assets/library/slick.css/wp-content/plugins/product-filter-widget-for-elementor/assets/css/jquery-ui.css/wp-content/plugins/product-filter-widget-for-elementor/assets/css/app.css/wp-content/plugins/product-filter-widget-for-elementor/assets/library/slick.min.js/wp-content/plugins/product-filter-widget-for-elementor/assets/js/app.js/wp-content/plugins/product-filter-widget-for-elementor/assets/admin/js/admin.js

Script Paths

/wp-content/plugins/product-filter-widget-for-elementor/assets/library/slick.min.js/wp-content/plugins/product-filter-widget-for-elementor/assets/js/app.js

Version Parameters

product-filter-widget-for-elementor/assets/library/slick.css?ver=product-filter-widget-for-elementor/assets/css/jquery-ui.css?ver=product-filter-widget-for-elementor/assets/css/app.css?ver=product-filter-widget-for-elementor/assets/library/slick.min.js?ver=product-filter-widget-for-elementor/assets/js/app.js?ver=product-filter-widget-for-elementor/assets/admin/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

eszpf-product-filtereszpf-product-filter-wrapeszpf-filter-widgeteszpf-filter-contenteszpf-widget-search-formeszpf-widget-attributeseszpf-widget-attribute-title

Data Attributes

data-eszpf-product-filter-id

JS Globals

EszLwcfAjaxData

FAQ