WP-Safety

Product Price by Formula for WooCommerce Security & Risk Analysis

wordpress.org/plugins/product-price-by-formula-for-woocommerce

Set formula for automatic WooCommerce product price calculation.

100 active installs v2.5.6 PHP 8.0+ WP 4.8+ Updated Dec 19, 2025
formulapriceproductwoo-commercewoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Product Price by Formula for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Product Price by Formula for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago
Risk Assessment

The plugin "product-price-by-formula-for-woocommerce" v2.5.6 demonstrates a strong security posture based on the provided static analysis. The complete absence of AJAX handlers, REST API routes, shortcodes, or cron events without authentication or permission checks significantly limits its attack surface. The code signals also indicate good practices with all SQL queries using prepared statements and the presence of nonce and capability checks for the few identified entry points. There were no identified dangerous functions, file operations, or external HTTP requests.

However, a notable concern arises from the taint analysis, which shows 3 flows with unsanitized paths. While these are not categorized as critical or high severity, any unsanitized path represents a potential vulnerability. The static analysis also indicates that only 66% of output is properly escaped, which could lead to cross-site scripting (XSS) vulnerabilities in specific scenarios. The plugin's vulnerability history is clean, with no known CVEs, suggesting a good track record for security maintenance.

In conclusion, the plugin exhibits many positive security attributes, particularly in its limited attack surface and robust data handling for database operations. The primary areas for improvement are addressing the unsanitized taint flows and increasing the percentage of properly escaped output to mitigate potential XSS risks. The lack of historical vulnerabilities is a strong positive indicator.

Key Concerns

  • Unsanitized taint flows found
  • Insufficient output escaping (66%)
Vulnerabilities
None known

Product Price by Formula for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Product Price by Formula for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
2 prepared
Unescaped Output
15
29 escaped
Nonce Checks
2
Capability Checks
2
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared2 total queries

Output Escaping

66% escaped44 total outputs
Data Flows
3 unsanitized

Data Flow Analysis

3 flows3 with unsanitized paths
evaluate_formula (includes\class-prowc-ppbf-core.php:228)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Product Price by Formula for WooCommerce Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 28
actionprowc_ppbf_after_meta_box_settingsincludes\class-prowc-ppbf-admin.php:28
actionwp_dashboard_setupincludes\class-prowc-ppbf-admin.php:31
actionadmin_initincludes\class-prowc-ppbf-admin.php:32
filtermanage_edit-product_columnsincludes\class-prowc-ppbf-admin.php:43
actionmanage_product_posts_custom_columnincludes\class-prowc-ppbf-admin.php:44
filterwoocommerce_variation_prices_priceincludes\class-prowc-ppbf-core.php:45
filterwoocommerce_variation_prices_regular_priceincludes\class-prowc-ppbf-core.php:46
filterwoocommerce_variation_prices_sale_priceincludes\class-prowc-ppbf-core.php:47
filterwoocommerce_get_variation_prices_hashincludes\class-prowc-ppbf-core.php:48
filterwoocommerce_product_variation_get_priceincludes\class-prowc-ppbf-core.php:50
filterwoocommerce_product_variation_get_regular_priceincludes\class-prowc-ppbf-core.php:51
filterwoocommerce_product_variation_get_sale_priceincludes\class-prowc-ppbf-core.php:52
actionadd_meta_boxesincludes\settings\class-prowc-ppbf-metaboxes.php:23
actionsave_post_productincludes\settings\class-prowc-ppbf-metaboxes.php:24
filterwoocommerce_get_sections_prowc_ppbfincludes\settings\class-prowc-ppbf-settings-section.php:24
filterwoocommerce_admin_settings_sanitize_optionincludes\settings\class-prowc-settings-ppbf.php:27
actionadmin_noticesincludes\settings\class-prowc-settings-ppbf.php:83
filterwoocommerce_get_settings_pagesproduct-price-by-formula-for-woocommerce.php:113
actionadmin_initproduct-price-by-formula-for-woocommerce.php:121
actionadmin_enqueue_scriptsproduct-price-by-formula-for-woocommerce.php:124
actionadmin_initproduct-price-by-formula-for-woocommerce.php:125
actionadmin_initproduct-price-by-formula-for-woocommerce.php:126
actionadmin_initproduct-price-by-formula-for-woocommerce.php:127
actionadmin_noticesproduct-price-by-formula-for-woocommerce.php:128
actionadmin_noticesproduct-price-by-formula-for-woocommerce.php:129
actionplugins_loadedproduct-price-by-formula-for-woocommerce.php:130
actionbefore_woocommerce_initproduct-price-by-formula-for-woocommerce.php:132
actionadmin_noticesproduct-price-by-formula-for-woocommerce.php:136
Maintenance & Trust

Product Price by Formula for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedDec 19, 2025
PHP min version8.0
Downloads14K

Community Trust

Rating76/100
Number of ratings15
Active installs100
Alternatives

Product Price by Formula for WooCommerce Alternatives

Product Addons for Woocommerce – Product Options with Custom Fields

Product Addons for Woocommerce – Product Options with Custom Fields

woo-custom-product-addons

A
97

WooCommerce Product Addons Add custom fields to your WooCommerce product page. With an easy-to-use Custom Form Builder.

30K 1 CVE
PW WooCommerce Bulk Edit

PW WooCommerce Bulk Edit

pw-bulk-edit

A
99

A powerful way to update your WooCommerce product catalog. Finally, no more tedious clicking through countless pages!

20K 1 CVE
WCAPF – WooCommerce Ajax Product Filter

WCAPF – WooCommerce Ajax Product Filter

wc-ajax-product-filter

A
100

WCAPF - WooCommerce Ajax Product Filter is a powerful plugin that enhances the filtering functionality of your WooCommerce store.

9K No CVEs
Product Visibility by User Role for WooCommerce

Product Visibility by User Role for WooCommerce

product-visibility-by-user-role-for-woocommerce

A
100

Display WooCommerce products by customer's user role.

7K No CVEs
Show only lowest prices in variable products for WooCommerce

Show only lowest prices in variable products for WooCommerce

show-only-lowest-prices-in-woocommerce-variable-products

A
100

Clean up your variable product prices by showing only the lowest price instead of confusing price ranges. Now with customizable settings!

7K No CVEs
Developer Profile

Product Price by Formula for WooCommerce Developer Profile

ProWCPlugins

3 plugins · 2K total installs

88
trust score
Avg Security Score
92/100
Avg Patch Time
22 days
View full developer profile
Detection Fingerprints

How We Detect Product Price by Formula for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/product-price-by-formula-for-woocommerce/includes/css/admin-style.css/wp-content/plugins/product-price-by-formula-for-woocommerce/includes/js/admin-script.js/wp-content/plugins/product-price-by-formula-for-woocommerce/includes/js/sweetalert.min.js
Version Parameters
product-price-by-formula-for-woocommerce/includes/css/admin-style.css?ver=product-price-by-formula-for-woocommerce/includes/js/admin-script.js?ver=product-price-by-formula-for-woocommerce/includes/js/sweetalert.min.js?ver=

HTML / DOM Fingerprints

CSS Classes
prowc-ppbf-notice-wrapper
HTML Comments
<!-- PROWC PPBF UPDATE NOTICE --><!-- PROWC PPBF REVIEW NOTICE -->
Data Attributes
data-ppbf-formula-iddata-ppbf-product-iddata-ppbf-rule-id
JS Globals
prowc_ppbf_data
FAQ

Frequently Asked Questions about Product Price by Formula for WooCommerce