Does Variation Swatches for WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in Variation Swatches for WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Variation Swatches for WooCommerce compatible with WordPress 6.8.5?

According to WordPress.org data, Variation Swatches for WooCommerce 2.4.2 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Variation Swatches for WooCommerce compatible with PHP 7.4+?

Variation Swatches for WooCommerce requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Variation Swatches for WooCommerce updated?

Variation Swatches for WooCommerce was last updated on Oct 15, 2025. Frequent updates are generally a positive security signal.

What is Variation Swatches for WooCommerce's security score?

Variation Swatches for WooCommerce has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Variation Swatches for WooCommerce Security & Risk Analysis

wordpress.org/plugins/product-variation-swatches-for-woocommerce

Variation Swatches for WooCommerce plugin adds button, Image, radio, and color swatches to your product attribute & enhance the product selection.

10K active installs v2.4.2 PHP 7.4+ WP 5.3+ Updated Oct 15, 2025

variation-swatchesvariation-swatches-for-woocommercewoocommerce-attributeswoocommerce-variationwoocommerce-variation-swatches

A · Safe

CVEs total1

Unpatched0

Last CVEDec 1, 2021

Plugin page Download

Safety Verdict

Is Variation Swatches for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Variation Swatches for WooCommerce has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Dec 1, 2021Updated 5mo ago

Risk Assessment

The 'product-variation-swatches-for-woocommerce' plugin v2.4.2 exhibits a generally good security posture with several positive indicators. The absence of unprotected AJAX endpoints, REST API routes, shortcodes, and cron events significantly limits the potential attack surface. The plugin also demonstrates strong adherence to secure coding practices with a high percentage of properly escaped output and a good number of nonce and capability checks. The presence of external HTTP requests and a single SQL query that is not prepared are minor points of concern, but the taint analysis did not reveal any critical or high-severity vulnerabilities.

Key Concerns

SQL query not using prepared statements
External HTTP requests present

Vulnerabilities

Variation Swatches for WooCommerce Security Vulnerabilities

CVEs by Year

1 CVE in 2021

2021

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2021-42367medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Variation Swatches for WooCommerce <= 2.1.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting

Dec 1, 2021 Patched in 2.1.2 (783d)

Code Analysis

Analyzed Mar 16, 2026

Variation Swatches for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

389 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared1 total queries

Output Escaping

83% escaped469 total outputs

Data Flows

3 unsanitized

Data Flow Analysis

5 flows3 with unsanitized paths

<class-thwvsf-admin-settings-design> (admin\class-thwvsf-admin-settings-design.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Variation Swatches for WooCommerce Attack Surface

Entry Points2

Unprotected0

AJAX Handlers 2

authwp_ajax_dismiss_thwvsf_review_request_noticeadmin\class-thwvsf-admin.php:178

authwp_ajax_thwvs_deactivation_reasonadmin\class-thwvsf-admin.php:212

WordPress Hooks 43

filterwoocommerce_product_export_column_namesadmin\class-thwvsf-admin-swatch-import-export.php:20

filterwoocommerce_product_export_row_dataadmin\class-thwvsf-admin-swatch-import-export.php:21

filterwoocommerce_csv_product_import_mapping_optionsadmin\class-thwvsf-admin-swatch-import-export.php:24

filterwoocommerce_csv_product_import_mapping_special_columnsadmin\class-thwvsf-admin-swatch-import-export.php:25

filterwoocommerce_product_importer_parsed_dataadmin\class-thwvsf-admin-swatch-import-export.php:26

actionwoocommerce_product_import_inserted_product_objectadmin\class-thwvsf-admin-swatch-import-export.php:27

actionadmin_initadmin\class-thwvsf-admin.php:33

actionadmin_headadmin\class-thwvsf-admin.php:167

actionadmin_initadmin\class-thwvsf-admin.php:168

actionadmin_noticesadmin\class-thwvsf-admin.php:169

actionadmin_footeradmin\class-thwvsf-admin.php:170

actionadmin_footeradmin\class-thwvsf-admin.php:175

actionadmin_footeradmin\class-thwvsf-admin.php:176

filterproduct_attributes_type_selectoradmin\class-thwvsf-admin.php:182

actionwoocommerce_after_edit_attribute_fieldsadmin\class-thwvsf-admin.php:184

actionwoocommerce_after_add_attribute_fieldsadmin\class-thwvsf-admin.php:185

actionwoocommerce_attribute_addedadmin\class-thwvsf-admin.php:187

actionwoocommerce_attribute_updatedadmin\class-thwvsf-admin.php:188

actioncreated_termadmin\class-thwvsf-admin.php:201

actionedit_termadmin\class-thwvsf-admin.php:202

actionwoocommerce_product_options_attributesadmin\class-thwvsf-admin.php:204

actionwoocommerce_product_option_termsadmin\class-thwvsf-admin.php:205

filterwoocommerce_product_data_tabsadmin\class-thwvsf-admin.php:207

actionwoocommerce_product_data_panelsadmin\class-thwvsf-admin.php:208

actionwoocommerce_process_product_metaadmin\class-thwvsf-admin.php:209

actionadmin_footer-plugins.phpadmin\class-thwvsf-admin.php:211

actionwoocommerce_before_add_attribute_fieldsadmin\class-thwvsf-admin.php:215

actionwoocommerce_before_edit_attribute_fieldsadmin\class-thwvsf-admin.php:216

filterwoocommerce_rest_prepare_product_objectincludes\class-thwvsf-wc-api-handler.php:19

actionplugins_loadedincludes\class-thwvsf.php:57

actioninitincludes\class-thwvsf.php:58

actionadmin_enqueue_scriptsincludes\class-thwvsf.php:139

actionadmin_menuincludes\class-thwvsf.php:140

filterwoocommerce_screen_idsincludes\class-thwvsf.php:141

filterplugin_row_metaincludes\class-thwvsf.php:143

actionwp_enqueue_scriptsincludes\class-thwvsf.php:157

actionbefore_woocommerce_initproduct-variation-swatches-for-woocommerce.php:43

actionafter_setup_themepublic\class-thwvsf-public.php:23

filterwoocommerce_dropdown_variation_attribute_options_htmlpublic\class-thwvsf-public.php:321

filterwoocommerce_dropdown_variation_attribute_options_argspublic\class-thwvsf-public.php:322

filterwoocommerce_reset_variations_linkpublic\class-thwvsf-public.php:323

filterwoocommerce_ajax_variation_thresholdpublic\class-thwvsf-public.php:324

filterwoocommerce_attributepublic\class-thwvsf-public.php:325

Maintenance & Trust

Variation Swatches for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedOct 15, 2025

PHP min version7.4

Downloads234K

Community Trust

Rating98/100

Number of ratings85

Active installs10K

Alternatives

Variation Swatches for WooCommerce Alternatives

Product Variation Swatches for WooCommerce – Enhance Your Product Attributes with Elegant Color, Image, and Label Swatches

wc-variation-swatches

100

Replace dropdowns with color, image, and label swatches for WooCommerce variations. Improve user experience and drive more conversions.

100 No CVEs

Variation Swatches for WooCommerce

woo-variation-swatches

100

Beautiful Color, Image and Buttons Variation Swatches For WooCommerce Product Attributes

300K 1 CVE

Variation Swatches for WooCommerce – Color, Image & Size Swatches

variation-swatches-woo

100

Variation Swatches for WooCommerce replaces dropdowns with color, image & size swatches, helping shoppers decide faster and buy with confidence.

200K No CVEs

Product Variations Swatches for WooCommerce

product-variations-swatches-for-woocommerce

100

Showcase variations and impress your customers with beautiful swatches such as color, button, image, and more.

10K No CVEs

Variation Swatches for WooCommerce

woo-product-variation-swatches

100

Variation Swatches for WooCommerce change beautiful colors, images and buttons variation swatches for WooCommerce product attributes.

10K 1 CVE

Developer Profile

Variation Swatches for WooCommerce Developer Profile

ThemeHigh

16 plugins · 579K total installs

trust score

Avg Security Score

97/100

Avg Patch Time

245 days

View full developer profile

Detection Fingerprints

How We Detect Variation Swatches for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/product-variation-swatches-for-woocommerce/assets/admin/css/thwvsf-admin.css/wp-content/plugins/product-variation-swatches-for-woocommerce/assets/admin/css/thwvsf-admin.min.css/wp-content/plugins/product-variation-swatches-for-woocommerce/assets/admin/js/thwvsf-admin.js/wp-content/plugins/product-variation-swatches-for-woocommerce/assets/admin/js/thwvsf-admin.min.js

Script Paths

/wp-content/plugins/product-variation-swatches-for-woocommerce/assets/admin/js/thwvsf-admin.js/wp-content/plugins/product-variation-swatches-for-woocommerce/assets/admin/js/thwvsf-admin.min.js

Version Parameters

product-variation-swatches-for-woocommerce/assets/admin/css/thwvsf-admin.css?ver=product-variation-swatches-for-woocommerce/assets/admin/js/thwvsf-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

thwvsf-deactivate-link

Data Attributes

data-thwvsf-control-wrapper

JS Globals

thwvsf_var

FAQ

Variation Swatches for WooCommerce Security & Risk Analysis

Is Variation Swatches for WooCommerce Safe to Use in 2026?

Generally Safe

Key Concerns

Variation Swatches for WooCommerce Security Vulnerabilities

CVEs by Year

Severity Breakdown

Variation Swatches for WooCommerce Code Analysis

SQL Query Safety

Output Escaping

Data Flow Analysis

Variation Swatches for WooCommerce Attack Surface

AJAX Handlers 2

Variation Swatches for WooCommerce Maintenance & Trust

Maintenance Signals

Community Trust

Variation Swatches for WooCommerce Alternatives

Product Variation Swatches for WooCommerce – Enhance Your Product Attributes with Elegant Color, Image, and Label Swatches

Variation Swatches for WooCommerce

Variation Swatches for WooCommerce – Color, Image & Size Swatches

Product Variations Swatches for WooCommerce

Variation Swatches for WooCommerce

Variation Swatches for WooCommerce Developer Profile

How We Detect Variation Swatches for WooCommerce

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Variation Swatches for WooCommerce