WP-Safety

Productive Commerce – Wishlist, Compare, Quick View, & MiniCart Security & Risk Analysis

wordpress.org/plugins/productive-commerce

Integrate Wishlists, Product Comparison, Quick View, and Mini-Cart on your WooCommerce sites.

40 active installs v1.1.39 PHP 7.0+ WP 5.4+ Updated Mar 2, 2026
e-commerce-wishlistwishlist-for-woocommercewoocommerce-comparewoocommerce-quick-viewwoocommerce-wishlist
76
B · Generally Safe
CVEs total1
Unpatched1
Last CVEMay 7, 2025
Plugin page Download
Safety Verdict

Is Productive Commerce – Wishlist, Compare, Quick View, & MiniCart Safe to Use in 2026?

Mostly Safe

Score 76/100

Productive Commerce – Wishlist, Compare, Quick View, & MiniCart is generally safe to use. 1 past CVE were resolved. Keep it updated.

1 known CVE 1 unpatched Last CVE: May 7, 2025Updated 1mo ago
Risk Assessment

The "productive-commerce" plugin v1.1.39 exhibits a mixed security posture. While it demonstrates good practices in SQL query handling with 100% prepared statements and a significant portion of output escaping, several concerning areas are present. The static analysis highlights a substantial attack surface with 54 entry points, notably including 2 AJAX handlers that lack authentication checks. This presents a direct vulnerability for unauthorized execution of plugin functions.

Taint analysis further exacerbates these concerns, revealing 6 flows with unsanitized paths, all categorized as high severity. This indicates that untrusted input can be used to influence critical operations within the plugin, potentially leading to various forms of code execution or data manipulation if not properly handled downstream. The plugin's vulnerability history is also a significant red flag, with one high-severity unpatched CVE related to SQL injection. This suggests a recurring issue with input sanitization, and the fact that it remains unpatched is a critical indicator of an ongoing risk.

In conclusion, while the plugin has strengths in its database interaction security, the combination of unprotected entry points, high-severity unsanitized taint flows, and an unpatched historical vulnerability creates a considerable security risk. The unpatched CVE and the identified taint flows are particularly alarming and require immediate attention. The lack of authentication on AJAX handlers also broadens the potential attack vectors.

Key Concerns

  • Unpatched High Severity CVE
  • High Severity Taint Flows
  • AJAX Handlers Without Auth Checks
  • Unsanitized Paths in Taint Analysis
  • Output Escaping Below 100%
Vulnerabilities
1

Productive Commerce – Wishlist, Compare, Quick View, & MiniCart Security Vulnerabilities

CVEs by Year

1 CVE in 2025 · unpatched
2025
Patched Has unpatched

Severity Breakdown

High
1

1 total CVE

CVE-2025-47657high · 7.5Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Productive Commerce <= 1.1.22 - Unauthenticated SQL Injection

May 7, 2025Unpatched
Code Analysis
Analyzed Mar 16, 2026

Productive Commerce – Wishlist, Compare, Quick View, & MiniCart Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
31 prepared
Unescaped Output
689
3065 escaped
Nonce Checks
20
Capability Checks
6
File Operations
1
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared31 total queries

Output Escaping

82% escaped3754 total outputs
Data Flows
6 unsanitized

Data Flow Analysis

10 flows6 with unsanitized paths
productive_global_do_notice_dismissal_ajax (admin\common\options\global\db-admin\global-transactions.php:92)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

Productive Commerce – Wishlist, Compare, Quick View, & MiniCart Attack Surface

Entry Points54
Unprotected2

AJAX Handlers 42

authwp_ajax_productiveminds_wp_ajax_install_pluginadmin\common\options\global\db-admin\global-transactions.php:16
noprivwp_ajax_productiveminds_wp_ajax_install_pluginadmin\common\options\global\db-admin\global-transactions.php:17
authwp_ajax_productive_global_do_activate_plugin_ajaxadmin\common\options\global\db-admin\global-transactions.php:86
noprivwp_ajax_productive_global_do_activate_plugin_ajaxadmin\common\options\global\db-admin\global-transactions.php:87
authwp_ajax_productive_global_do_notice_dismissal_ajaxadmin\common\options\global\db-admin\global-transactions.php:147
noprivwp_ajax_productive_global_do_notice_dismissal_ajaxadmin\common\options\global\db-admin\global-transactions.php:148
authwp_ajax_productive_commerce_process_wishlist_deleteincludes\common\db\db_transactions_admin.php:59
noprivwp_ajax_productive_commerce_process_wishlist_deleteincludes\common\db\db_transactions_admin.php:60
authwp_ajax_productive_commerce_init_compareincludes\common\db\db_transactions_compare.php:88
noprivwp_ajax_productive_commerce_init_compareincludes\common\db\db_transactions_compare.php:89
authwp_ajax_productive_commerce_refresh_compare_cookieincludes\common\db\db_transactions_compare.php:102
noprivwp_ajax_productive_commerce_refresh_compare_cookieincludes\common\db\db_transactions_compare.php:103
authwp_ajax_productive_commerce_compare_product_addincludes\common\db\db_transactions_compare.php:210
noprivwp_ajax_productive_commerce_compare_product_addincludes\common\db\db_transactions_compare.php:211
authwp_ajax_productive_commerce_compare_product_removeincludes\common\db\db_transactions_compare.php:259
noprivwp_ajax_productive_commerce_compare_product_removeincludes\common\db\db_transactions_compare.php:260
authwp_ajax_productive_commerce_compare_product_add_to_cartincludes\common\db\db_transactions_compare.php:333
noprivwp_ajax_productive_commerce_compare_product_add_to_cartincludes\common\db\db_transactions_compare.php:334
authwp_ajax_productive_commerce_process_aggregate_user_compareincludes\common\db\db_transactions_compare.php:447
noprivwp_ajax_productive_commerce_process_aggregate_user_compareincludes\common\db\db_transactions_compare.php:448
authwp_ajax_productive_commerce_edit_user_compare_titleincludes\common\db\db_transactions_compare.php:704
noprivwp_ajax_productive_commerce_edit_user_compare_titleincludes\common\db\db_transactions_compare.php:705
authwp_ajax_productive_commerce_minicart_product_refreshincludes\common\db\db_transactions_minicart.php:26
noprivwp_ajax_productive_commerce_minicart_product_refreshincludes\common\db\db_transactions_minicart.php:27
authwp_ajax_productive_commerce_minicart_product_removeincludes\common\db\db_transactions_minicart.php:52
noprivwp_ajax_productive_commerce_minicart_product_removeincludes\common\db\db_transactions_minicart.php:53
authwp_ajax_productive_commerce_minicart_product_addedincludes\common\db\db_transactions_minicart.php:77
noprivwp_ajax_productive_commerce_minicart_product_addedincludes\common\db\db_transactions_minicart.php:78
authwp_ajax_productive_commerce_init_wishlistincludes\common\db\db_transactions_wishlist.php:87
noprivwp_ajax_productive_commerce_init_wishlistincludes\common\db\db_transactions_wishlist.php:88
authwp_ajax_productive_commerce_refresh_wishlist_cookieincludes\common\db\db_transactions_wishlist.php:101
noprivwp_ajax_productive_commerce_refresh_wishlist_cookieincludes\common\db\db_transactions_wishlist.php:102
authwp_ajax_productive_commerce_wishlist_product_addincludes\common\db\db_transactions_wishlist.php:209
noprivwp_ajax_productive_commerce_wishlist_product_addincludes\common\db\db_transactions_wishlist.php:210
authwp_ajax_productive_commerce_wishlist_product_removeincludes\common\db\db_transactions_wishlist.php:258
noprivwp_ajax_productive_commerce_wishlist_product_removeincludes\common\db\db_transactions_wishlist.php:259
authwp_ajax_productive_commerce_wishlist_product_add_to_cartincludes\common\db\db_transactions_wishlist.php:332
noprivwp_ajax_productive_commerce_wishlist_product_add_to_cartincludes\common\db\db_transactions_wishlist.php:333
authwp_ajax_productive_commerce_process_aggregate_user_wishlistincludes\common\db\db_transactions_wishlist.php:450
noprivwp_ajax_productive_commerce_process_aggregate_user_wishlistincludes\common\db\db_transactions_wishlist.php:451
authwp_ajax_productive_commerce_edit_user_wishlist_titleincludes\common\db\db_transactions_wishlist.php:754
noprivwp_ajax_productive_commerce_edit_user_wishlist_titleincludes\common\db\db_transactions_wishlist.php:755

Shortcodes 12

[productive_compare] includes\common\module\page-compare.php:132
[productive_comparison] includes\common\module\page-compare.php:133
[productive_wishlist] includes\common\module\page-wishlist.php:146
[productive_wishlist] includes\common\module\page-wishlist.php:149
[productive_wishlist_button] includes\common\productiveminds-commerce-options.php:1079
[productive_compare_button] includes\common\productiveminds-commerce-options.php:1184
[productive_minicart_button] includes\common\productiveminds-commerce-options.php:1292
[productive_woo_my_account_button] includes\common\productiveminds-commerce-options.php:1371
[productive_search_button] includes\common\productiveminds-commerce-options.php:1433
[productive_compare] includes\common\render\productive-render-compare-list.php:423
[productive_comparison] includes\common\render\productive-render-compare-list.php:424
[productive_wishlist] includes\common\render\productive-render-wishlist-list.php:472
WordPress Hooks 99
actioncustomize_registeradmin\common\options\global\customiser\productive-global-customiser-cc-palette-overrides.php:185
actioncustomize_registeradmin\common\options\global\customiser\productive-global-customiser-common.php:189
actioncustomize_registeradmin\common\options\global\customiser\productive-global-customiser-custom-color-palette.php:363
actioninitadmin\common\options\global\global-settings-admin.php:172
actionadmin_enqueue_scriptsadmin\common\options\global\global-settings-admin.php:729
actionproductive_global_render_content_wrapper_full_full_topadmin\common\options\global\global-settings-admin.php:2941
actionproductive_global_render_content_wrapper_full_full_bottomadmin\common\options\global\global-settings-admin.php:2952
actionproductive_global_render_content_wrapper_full_topadmin\common\options\global\global-settings-admin.php:2966
actionproductive_global_render_content_wrapper_full_bottomadmin\common\options\global\global-settings-admin.php:2979
actionproductive_global_render_content_wrapper_full_without_uno_topadmin\common\options\global\global-settings-admin.php:2992
actionproductive_global_render_content_wrapper_full_without_uno_bottomadmin\common\options\global\global-settings-admin.php:3004
actionproductive_global_render_content_wrapper_standard_topadmin\common\options\global\global-settings-admin.php:3017
actionproductive_global_render_content_wrapper_standard_bottomadmin\common\options\global\global-settings-admin.php:3029
actionproductive_global_render_hero_content_titleadmin\common\options\global\global-settings-admin.php:3127
actionproductive_global_render_hero_content_mainadmin\common\options\global\global-settings-admin.php:3137
actionproductive_global_render_hero_content_auxiliaryadmin\common\options\global\global-settings-admin.php:3156
actionproductive_global_render_post_thumbnailadmin\common\options\global\global-settings-admin.php:3308
actionwp_footeradmin\common\options\global\global-settings-admin.php:3611
actionwp_footeradmin\common\options\global\global-settings-admin.php:4280
filterwp_kses_allowed_htmladmin\common\options\global\productiveminds-icons.php:364
actionproductive_global_render_social_sharesadmin\common\options\global\productiveminds-social-share.php:17
actionproductive_global_do_render_the_social_sharesadmin\common\options\global\productiveminds-social-share.php:558
actionadmin_noticesadmin\common\options\partials\section-compare.php:31
actionadmin_noticesadmin\common\options\partials\section-compare.php:36
actionadmin_noticesadmin\common\options\partials\section-compare.php:39
actiondisplay_productive_commerce_compare_product_page_add_textadmin\common\options\partials\section-compare.php:1837
actionadmin_noticesadmin\common\options\partials\section-wishlist.php:31
actionadmin_noticesadmin\common\options\partials\section-wishlist.php:36
actionadmin_noticesadmin\common\options\partials\section-wishlist.php:39
actiondisplay_productive_commerce_wishlist_product_page_add_textadmin\common\options\partials\section-wishlist.php:2121
actionwp_loadedadmin\standard\options\settings.php:23
actionadmin_menuadmin\standard\options\settings.php:70
actionadmin_initadmin\standard\options\settings.php:86
filterwoocommerce_account_menu_itemsincludes\common\accounts-and-feature-access-options.php:29
actioninitincludes\common\accounts-and-feature-access-options.php:36
actionwoocommerce_account_user-wishlist_endpointincludes\common\accounts-and-feature-access-options.php:44
actiondisplay_popup_wishlist_allow_guests_with_warning_infoincludes\common\accounts-and-feature-access-options.php:77
actiondisplay_page_wishlist_allow_guests_with_warning_infoincludes\common\accounts-and-feature-access-options.php:109
actioninitincludes\common\accounts-and-feature-access-options.php:120
actionwoocommerce_account_user-comparison_endpointincludes\common\accounts-and-feature-access-options.php:128
actiondisplay_popup_compare_allow_guests_with_warning_infoincludes\common\accounts-and-feature-access-options.php:160
actiondisplay_page_compare_allow_guests_with_warning_infoincludes\common\accounts-and-feature-access-options.php:190
actionwp_footerincludes\common\accounts-and-feature-access-options.php:217
actionplugins_loadedincludes\common\db\db_upgrade.php:31
actionwp_footerincludes\common\module\minicart.php:112
actionproductive_comparisonincludes\common\module\page-compare.php:134
actionproductive_wishlistincludes\common\module\page-wishlist.php:145
actionproductive_wishlistincludes\common\module\page-wishlist.php:148
actionwp_footerincludes\common\my-account\my-account-user-compare.php:72
actionwp_footerincludes\common\my-account\my-account-user-wishlist.php:72
filterwoocommerce_account_menu_itemsincludes\common\my-account-menu-items.php:28
actioninitincludes\common\my-account-menu-items.php:34
actionwoocommerce_account_user-wishlist_endpointincludes\common\my-account-menu-items.php:42
actioninitincludes\common\my-account-menu-items.php:50
actionwoocommerce_account_user-comparison_endpointincludes\common\my-account-menu-items.php:58
actioninitincludes\common\productiveminds-commerce-options.php:546
actioninitincludes\common\productiveminds-commerce-options.php:763
actionproductive_wishlist_buttonincludes\common\productiveminds-commerce-options.php:1080
actionproductive_compare_buttonincludes\common\productiveminds-commerce-options.php:1185
actionproductive_minicart_buttonincludes\common\productiveminds-commerce-options.php:1293
actionproductive_woo_my_account_buttonincludes\common\productiveminds-commerce-options.php:1372
actionproductive_search_buttonincludes\common\productiveminds-commerce-options.php:1434
filtercomments_templateincludes\common\render\productive-render-compare-list.php:413
actionproductive_compareincludes\common\render\productive-render-compare-list.php:425
actionproductive_comparisonincludes\common\render\productive-render-compare-list.php:426
actionwp_footerincludes\common\render\productive-render-compare-list.php:483
filtercomments_templateincludes\common\render\productive-render-wishlist-list.php:461
actionproductive_wishlistincludes\common\render\productive-render-wishlist-list.php:471
actionwp_footerincludes\common\render\productive-render-wishlist-list.php:527
actionwoocommerce_before_add_to_cart_buttonincludes\common\user-engagements.php:90
actionwoocommerce_after_add_to_cart_buttonincludes\common\user-engagements.php:92
actionwp_footerincludes\common\user-engagements.php:203
actionwp_footerincludes\common\user-engagements.php:248
actionwp_enqueue_scriptsincludes\standard\functions.php:160
actionenqueue_block_assetsincludes\standard\functions.php:165
actioninitincludes\standard\gutenberg\blocks\compare-page\render.php:15
actioninitincludes\standard\gutenberg\blocks\wishlist-page\render.php:15
filterblock_categories_allincludes\standard\gutenberg\productive-gutenberg.php:32
filterblock_categoriesincludes\standard\gutenberg\productive-gutenberg.php:34
actionwoocommerce_after_shop_loop_itemincludes\standard\user-engagements-loop.php:110
filterwoocommerce_blocks_product_grid_item_htmlincludes\standard\user-engagements-loop.php:125
actionadmin_enqueue_scriptsincludes\start.php:210
actioninitincludes\start.php:222
actiondisplay_plugin_placeholder_imageincludes\start.php:494
actionadmin_noticesincludes\start.php:510
actionwp_loginincludes\start.php:526
actionwp_logoutincludes\start.php:533
actionelementor/elements/categories_registeredstandard\elementor\productive-elementor.php:27
actionelementor/dynamic_tags/registerstandard\elementor\productive-elementor.php:44
actionelementor/widgets/registerstandard\elementor\productive-elementor.php:75
actionwp_enqueue_scriptsstandard\elementor\productive-elementor.php:94
actioninitstandard\gutenberg\blocks\compare-page\render.php:15
actioninitstandard\gutenberg\blocks\wishlist-page\render.php:15
filterblock_categories_allstandard\gutenberg\productive-gutenberg.php:32
filterblock_categoriesstandard\gutenberg\productive-gutenberg.php:34
actionwp_enqueue_scriptsstandard\includes\functions.php:183
actionenqueue_block_assetsstandard\includes\functions.php:188
actionwoocommerce_after_shop_loop_itemstandard\user-engagements-loop.php:110
filterwoocommerce_blocks_product_grid_item_htmlstandard\user-engagements-loop.php:125
Maintenance & Trust

Productive Commerce – Wishlist, Compare, Quick View, & MiniCart Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 2, 2026
PHP min version7.0
Downloads8K

Community Trust

Rating0/100
Number of ratings0
Active installs40
Alternatives

Productive Commerce – Wishlist, Compare, Quick View, & MiniCart Alternatives

YITH WooCommerce Wishlist

YITH WooCommerce Wishlist

yith-woocommerce-wishlist

A
92

YITH WooCommerce Wishlist add all Wishlist features to your website. Needs WooCommerce to work. WooCommerce 10.6.x compatible.

500K 6 CVEs
Flexible Wishlist for WooCommerce – Ecommerce Wishlist & Save for later

Flexible Wishlist for WooCommerce – Ecommerce Wishlist & Save for later

flexible-wishlist

A
98

Lightweight and simple WooCommerce wishlist. Increases sales. Fits any theme. Customizes texts and icons. Add to ecommerce wishlist with just 1 click.

900 2 CVEs
Wishlist for WooCommerce

Wishlist for WooCommerce

wt-woocommerce-wishlist

A
99

This WooCommerce wishlist plugin adds a wishlist feature to your WooCommerce store. Let the users easily add and manage products from their wishlist p &hellip;

800 1 CVE
Wishlist for WooCommerce

Wishlist for WooCommerce

jvm-woocommerce-wishlist

A
100

Supercharge your sales with WooCommerce Wishlist - a powerful tool that empowers customers to create wishlists and enhances their shopping experience.

700 1 CVE
Wishlist and Save for later for Woocommerce

Wishlist and Save for later for Woocommerce

aco-wishlist-for-woocommerce

A
99

Wishlist for WooCommerce helps to manage Wishlist and save for later feature in a WooCommerce store

80 1 CVE
Developer Profile

Productive Commerce – Wishlist, Compare, Quick View, & MiniCart Developer Profile

Productive Minds

9 plugins · 200 total installs

92
trust score
Avg Security Score
97/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Productive Commerce – Wishlist, Compare, Quick View, & MiniCart

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/productive-commerce/assets/css/style.css/wp-content/plugins/productive-commerce/assets/js/main.js
Script Paths
/wp-content/plugins/productive-commerce/assets/js/main.js
Version Parameters
productive-commerce/assets/css/style.css?ver=productive-commerce/assets/js/main.js?ver=

HTML / DOM Fingerprints

CSS Classes
productive-commerce-wrap
Data Attributes
data-pc-product-id
JS Globals
productive_commerce_paramsPRODUCTIVE_GLOBAL_PRODUCTIVE_PLUGIN_COMMERCE_TEXT_DOMAINPRODUCTIVE_GLOBAL_PRODUCTIVE_PLUGIN_COMMERCE_TITLEPRODUCTIVE_GLOBAL_PRODUCTIVE_PLUGIN_COMMERCE_REPO_URLPRODUCTIVE_GLOBAL_PRODUCTIVE_PLUGIN_COMMERCE_OUR_URLPRODUCTIVE_GLOBAL_PRODUCTIVE_PLUGIN_COMMERCE_ADMIN_OPTIONS_LINK
REST Endpoints
/wp-json/productive_commerce/v1/add_to_cart/wp-json/productive_commerce/v1/update_cart
Shortcode Output
[productive_commerce_wishlist][productive_commerce_compare][productive_commerce_quickview]
FAQ

Frequently Asked Questions about Productive Commerce – Wishlist, Compare, Quick View, & MiniCart