WP-Safety

Product Layouts Elementor Addon Security & Risk Analysis

wordpress.org/plugins/product-layouts-elementor-addon

Product Layouts Elementor Addon is a custom Elementor widget that allows you to display WooCommerce products in multiple layouts.

20 active installs v1.0.0 PHP 7.4+ WP 5.8+ Updated Jun 12, 2025
carouselelementorgrid-listproduct-layoutswoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Product Layouts Elementor Addon Safe to Use in 2026?

Generally Safe

Score 100/100

Product Layouts Elementor Addon has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9mo ago
Risk Assessment

The "product-layouts-elementor-addon" v1.0.0 plugin exhibits a mixed security posture. While it demonstrates good practices in areas like output escaping and SQL query preparation, significant concerns arise from its attack surface. A notable 16 out of 20 entry points, primarily AJAX handlers, lack authentication checks, creating a substantial risk of unauthorized access and function execution. Furthermore, the taint analysis reveals 5 flows with unsanitized paths, two of which are classified as high severity, indicating potential for command injection or data leakage if these flows are triggered by user-supplied input.

The plugin's vulnerability history is clean, with no recorded CVEs. This, combined with the lack of explicit capability checks in the code analysis, might suggest a perceived low-risk profile by the developer, but it does not negate the risks identified in the static and taint analysis. The presence of a bundled library, DataTables, also warrants attention, although no specific version information or known vulnerabilities for this component were provided.

In conclusion, while the absence of historical vulnerabilities and strong output escaping are positive, the critical lack of authentication on a majority of its entry points and the high-severity unsanitized taint flows represent significant security weaknesses. These factors elevate the risk associated with this plugin and require immediate attention to mitigate potential exploitation.

Key Concerns

  • AJAX handlers without authentication checks
  • High severity taint flows with unsanitized paths
  • Taint flows with unsanitized paths
  • No capability checks on entry points
  • Bundled library (DataTables)
Vulnerabilities
None known

Product Layouts Elementor Addon Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Product Layouts Elementor Addon Code Analysis

Dangerous Functions
0
Raw SQL Queries
2
6 prepared
Unescaped Output
41
810 escaped
Nonce Checks
1
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
1

Bundled Libraries

DataTables

SQL Query Safety

75% prepared8 total queries

Output Escaping

95% escaped851 total outputs
Data Flows
5 unsanitized

Data Flow Analysis

7 flows5 with unsanitized paths
load_product_tab_content (includes\Widget\class-ajax-functions.php:300)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
16 unprotected

Product Layouts Elementor Addon Attack Surface

Entry Points20
Unprotected16

AJAX Handlers 18

authwp_ajax_remove_from_wishlistincludes\Database\class-remove-from-wishlist-handler.php:13
noprivwp_ajax_remove_from_wishlistincludes\Database\class-remove-from-wishlist-handler.php:14
authwp_ajax_wpc_get_cart_contentsincludes\templates\cart\class-cart-sidebar-content.php:12
noprivwp_ajax_wpc_get_cart_contentsincludes\templates\cart\class-cart-sidebar-content.php:13
authwp_ajax_ntpla_load_more_productsincludes\Widget\class-ajax-functions.php:9
noprivwp_ajax_ntpla_load_more_productsincludes\Widget\class-ajax-functions.php:10
authwp_ajax_ntpla_load_product_tab_contentincludes\Widget\class-ajax-functions.php:12
noprivwp_ajax_ntpla_load_product_tab_contentincludes\Widget\class-ajax-functions.php:13
authwp_ajax_npla_compare_productincludes\Widget\helpers\compare\class-add-to-compare.php:14
noprivwp_ajax_npla_compare_productincludes\Widget\helpers\compare\class-add-to-compare.php:15
authwp_ajax_get_compare_sidebarincludes\Widget\helpers\compare\class-compare-sidebar-content.php:13
noprivwp_ajax_get_compare_sidebarincludes\Widget\helpers\compare\class-compare-sidebar-content.php:14
noprivwp_ajax_quick_viewincludes\Widget\helpers\quick-view\class-quick-view-ajax-action.php:12
authwp_ajax_quick_viewincludes\Widget\helpers\quick-view\class-quick-view-ajax-action.php:13
authwp_ajax_add_to_wishlistincludes\Widget\helpers\wishlist\class-add-to-wishlist.php:17
noprivwp_ajax_add_to_wishlistincludes\Widget\helpers\wishlist\class-add-to-wishlist.php:18
authwp_ajax_get_wishlist_sidebarincludes\Widget\helpers\wishlist\class-wishlist-sidebar-content.php:14
noprivwp_ajax_get_wishlist_sidebarincludes\Widget\helpers\wishlist\class-wishlist-sidebar-content.php:15

Shortcodes 2

[npla_addon_products_compare] includes\Widget\helpers\compare\class-compare-page-content.php:14
[npla_addon_wishlist] includes\Widget\helpers\wishlist\class-wishlist-page-content.php:9
WordPress Hooks 11
actionwp_enqueue_scriptsincludes\Assets\class-assets.php:6
actionplugins_loadedincludes\class-loader.php:70
actionadmin_noticesincludes\class-loader.php:75
actionelementor/widgets/registerincludes\class-loader.php:81
actionelementor/widgets/registerincludes\Elementor\class-product-layout-widget.php:412
actionwp_footerincludes\templates\class-sidebar-display.php:12
actionelementor/widgets/registerincludes\Widget\class-product-layout-widget.php:3610
actionnpla_compare_buttonincludes\Widget\helpers\compare\class-compare-button.php:15
actionnpla_quick_view_buttonincludes\Widget\helpers\quick-view\class-quick-view-button.php:14
actionwp_footerincludes\Widget\helpers\quick-view\class-quick-view-modal.php:13
actionnpla_wishlist_buttonincludes\Widget\helpers\wishlist\class-wishlist-button.php:15
Maintenance & Trust

Product Layouts Elementor Addon Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedJun 12, 2025
PHP min version7.4
Downloads446

Community Trust

Rating100/100
Number of ratings1
Active installs20
Alternatives

Product Layouts Elementor Addon Alternatives

Widgets for WooCommerce Products on Elementor

Widgets for WooCommerce Products on Elementor

woo-products-widgets-for-elementor

C
68

Woo Products widget is a plugin that allows adding WooCommerce Products and Categories into stylish grid and listing layouts to the pages built with E …

3K 1 unpatched
Product Carousel Slider for Elementor

Product Carousel Slider for Elementor

ecommerce-product-carousel-slider-for-elementor

B
70

Product Carousel Slider for Elementor Lets you display your WooCommerce Products as Carousel Slider. You can now display your WooCommerce Products usi …

1K 1 unpatched
Atomic Slider Addons for Elementor

Atomic Slider Addons for Elementor

atomic-slider

A
100

Where slides come alive: elementor addons - drag and drop, modern design, mobile responsive editing, and more. Get started now!

0 No CVEs
Essential Addons for Elementor – Popular Elementor Templates & Widgets

Essential Addons for Elementor – Popular Elementor Templates & Widgets

essential-addons-for-elementor-lite

B
76

Elementor addon offering 110+ widgets and templates — Elementor Gallery, Slider, Form, Post Grid, Menu, Accordion, WooCommerce & more.

2.0M 56 CVEs
ShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce Solution

ShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce Solution

shopengine

A
96

WooCommerce builder for Elementor and Gutenberg. It offers product templates, product sliders, shopping cart, quick view, Woo wishlist, product filter …

90K 4 CVEs
Developer Profile

Product Layouts Elementor Addon Developer Profile

Nobo Plugins

2 plugins · 20 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Product Layouts Elementor Addon

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/product-layouts-elementor-addon/assets/css/all.min.css/wp-content/plugins/product-layouts-elementor-addon/assets/css/bootstrap.min.css/wp-content/plugins/product-layouts-elementor-addon/assets/css/datatables.min.css/wp-content/plugins/product-layouts-elementor-addon/assets/css/swiper-bundle.min.css/wp-content/plugins/product-layouts-elementor-addon/assets/css/style.css/wp-content/plugins/product-layouts-elementor-addon/assets/js/all.min.js/wp-content/plugins/product-layouts-elementor-addon/assets/js/bootstrap.min.js/wp-content/plugins/product-layouts-elementor-addon/assets/js/datatables.min.js+5 more
Script Paths
/wp-content/plugins/product-layouts-elementor-addon/assets/js/addon-main.js/wp-content/plugins/product-layouts-elementor-addon/assets/js/wishlist-ajax.js/wp-content/plugins/product-layouts-elementor-addon/assets/js/compare-ajax.js/wp-content/plugins/product-layouts-elementor-addon/assets/js/quick-view-ajax.js
Version Parameters
product-layout-addonntpla-main-scriptntpla-wishlist-ajax-scriptntpla-compare-ajax-scriptntpla-quick-view-ajax-script

HTML / DOM Fingerprints

CSS Classes
npla-sidebar-wrappernpla-sidebar-contentnpla-close-sidebarsz-product-modalproduct__details-sliderbenariz__popup-contentcompare__tablecompare__table-wrapper
Data Attributes
id="npla-sidebar-wrapper"id="npla-close-sidebar"id="npla-sidebar-items"id="sz-product-modal"id="npla_addon_products_compare"
JS Globals
load_more_paramswishlist_ajax_paramscompare_ajax_paramsquick_view_ajax_params
Shortcode Output
[npla_addon_products_compare]
FAQ

Frequently Asked Questions about Product Layouts Elementor Addon