WP-Safety

Additional Custom Product Tabs for WooCommerce Security & Risk Analysis

wordpress.org/plugins/product-tabs-for-woocommerce

Manage product tabs in WooCommerce. Beautifully.

500 active installs v1.7.4 PHP + WP 4.4+ Updated Sep 5, 2025
productproduct-tabstabtabswoocommerce
98
A · Safe
CVEs total2
Unpatched0
Last CVESep 9, 2025
Plugin page Download
Safety Verdict

Is Additional Custom Product Tabs for WooCommerce Safe to Use in 2026?

Generally Safe

Score 98/100

Additional Custom Product Tabs for WooCommerce has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Sep 9, 2025Updated 7mo ago
Risk Assessment

The 'product-tabs-for-woocommerce' plugin version 1.7.4 exhibits a mixed security posture. On the positive side, the static analysis reveals no immediate critical threats such as dangerous functions, raw SQL queries, or file operations. The use of prepared statements for SQL is a strong indicator of good practice. However, a significant concern arises from the taint analysis, which identified one flow with unsanitized paths, even though it's not classified as critical or high severity. This suggests a potential for input sanitization issues that could be exploited. Furthermore, the output escaping is not fully robust, with 31% of outputs not properly escaped, increasing the risk of Cross-Site Scripting (XSS) vulnerabilities.

The plugin's vulnerability history, with two known medium severity CVEs, both related to Cross-Site Scripting, reinforces the concerns about input sanitization and output escaping. The fact that the last vulnerability was relatively recent and is now marked as patched is positive, but the pattern of XSS issues is a recurring theme. While the attack surface is limited and appears to have no direct unprotected entry points, the identified taint flow and incomplete output escaping, coupled with past XSS vulnerabilities, indicate areas that require attention to strengthen the plugin's overall security.

Key Concerns

  • Unsanitized path in taint flow
  • Incomplete output escaping
  • Two medium severity CVEs historically
Vulnerabilities
2

Additional Custom Product Tabs for WooCommerce Security Vulnerabilities

CVEs by Year

2 CVEs in 2025
2025
Patched Has unpatched

Severity Breakdown

Medium
2

2 total CVEs

CVE-2025-58985medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Additional Custom Product Tabs for WooCommerce <= 1.7.3 - Authenticated (Contributor+) Stored Cross-Site Scripting

Sep 9, 2025 Patched in 1.7.4 (7d)
CVE-2025-26749medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Additional Custom Product Tabs for WooCommerce <= 1.7.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

Apr 11, 2025 Patched in 1.7.1 (6d)
Code Analysis
Analyzed Mar 16, 2026

Additional Custom Product Tabs for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
5
11 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

69% escaped16 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

1 flows1 with unsanitized paths
<class-alg-wc-product-tabs-settings-per-product> (includes\settings\class-alg-wc-product-tabs-settings-per-product.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Additional Custom Product Tabs for WooCommerce Attack Surface

Entry Points4
Unprotected0

Shortcodes 4

[alg_wc_pt_product_function] includes\class-alg-wc-product-tabs-shortcodes.php:35
[alg_wc_pt_product_meta] includes\class-alg-wc-product-tabs-shortcodes.php:36
[alg_wc_pt_translate] includes\class-alg-wc-product-tabs-shortcodes.php:37
[alg_wc_cpt_translate] includes\class-alg-wc-product-tabs-shortcodes.php:38
WordPress Hooks 13
filterwoocommerce_product_tabsincludes\class-alg-wc-product-tabs-core.php:54
actionwp_enqueue_scriptsincludes\class-alg-wc-product-tabs-core.php:55
actioninitincludes\class-alg-wc-product-tabs.php:74
actionbefore_woocommerce_initincludes\class-alg-wc-product-tabs.php:77
actioninitincludes\class-alg-wc-product-tabs.php:157
actioninitincludes\class-alg-wc-product-tabs.php:160
filterwoocommerce_get_settings_pagesincludes\class-alg-wc-product-tabs.php:163
actionadmin_initincludes\class-alg-wc-product-tabs.php:167
actionadd_meta_boxesincludes\settings\class-alg-wc-product-tabs-settings-per-product.php:27
actionsave_post_productincludes\settings\class-alg-wc-product-tabs-settings-per-product.php:28
filterwoocommerce_get_sections_alg_product_tabsincludes\settings\class-alg-wc-product-tabs-settings-section.php:40
actionadmin_noticesincludes\settings\class-alg-wc-settings-product-tabs.php:85
actionplugins_loadedproduct-tabs-for-woocommerce.php:65
Maintenance & Trust

Additional Custom Product Tabs for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedSep 5, 2025
PHP min version
Downloads15K

Community Trust

Rating100/100
Number of ratings5
Active installs500
Alternatives

Additional Custom Product Tabs for WooCommerce Alternatives

Custom Product Tabs for WooCommerce

Custom Product Tabs for WooCommerce

yikes-inc-easy-custom-woocommerce-product-tabs

A
97

Add custom tabs with content to products in WooCommerce.

90K 3 CVEs
Custom Product tabs for WooCommerce

Custom Product tabs for WooCommerce

wb-custom-product-tabs-for-woocommerce

A
98

Create unlimited WooCommerce tabs and assign them in bulk by category, tag, brand, or product. Also disable WooCommerce’s default product tabs.

10K 1 CVE
Product Tabs for WooCommerce

Product Tabs for WooCommerce

woocommerce-product-tabs

A
100

Discover the easy way to add extra tabs to your WooCommerce product pages.

10K No CVEs
Custom Product Tabs for WooCommerce & WordPress Tabs Builder – Smart Tabs

Custom Product Tabs for WooCommerce & WordPress Tabs Builder – Smart Tabs

wp-expand-tabs-free

A
94

A customizable plugin to create and manage WooCommerce product tabs and WordPress tabs to organize content.

10K 5 CVEs
Custom Product Tabs Lite for WooCommerce

Custom Product Tabs Lite for WooCommerce

woocommerce-custom-product-tabs-lite

A
98

This plugin extends WooCommerce by allowing a custom product tab to be created with any content.

4K 2 CVEs
Developer Profile

Additional Custom Product Tabs for WooCommerce Developer Profile

WPFactory

63 plugins · 136K total installs

77
trust score
Avg Security Score
97/100
Avg Patch Time
98 days
View full developer profile
Detection Fingerprints

How We Detect Additional Custom Product Tabs for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/product-tabs-for-woocommerce/includes/css/class-alg-wc-product-tabs.css/wp-content/plugins/product-tabs-for-woocommerce/includes/js/class-alg-wc-product-tabs.js
Script Paths
/wp-content/plugins/product-tabs-for-woocommerce/includes/js/class-alg-wc-product-tabs.js/wp-content/plugins/product-tabs-for-woocommerce/includes/js/class-alg-wc-product-tabs.min.js
Version Parameters
product-tabs-for-woocommerce/includes/css/class-alg-wc-product-tabs.css?ver=product-tabs-for-woocommerce/includes/js/class-alg-wc-product-tabs.js?ver=product-tabs-for-woocommerce/includes/js/class-alg-wc-product-tabs.min.js?ver=

HTML / DOM Fingerprints

CSS Classes
alg-wc-product-tabs
Data Attributes
data-alg-wc-product-tabs-id
JS Globals
alg_wc_custom_tabs
FAQ

Frequently Asked Questions about Additional Custom Product Tabs for WooCommerce