Does Product Rearrange for WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in Product Rearrange for WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Product Rearrange for WooCommerce compatible with WordPress 6.5.8?

According to WordPress.org data, Product Rearrange for WooCommerce 1.2.2 has been tested up to WordPress 6.5.8. Check the plugin's changelog for the latest compatibility information.

Is Product Rearrange for WooCommerce compatible with PHP 7.2+?

Product Rearrange for WooCommerce requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Product Rearrange for WooCommerce updated?

Product Rearrange for WooCommerce was last updated on May 25, 2024. Frequent updates are generally a positive security signal.

What is Product Rearrange for WooCommerce's security score?

Product Rearrange for WooCommerce has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Product Rearrange for WooCommerce Security & Risk Analysis

wordpress.org/plugins/products-rearrange-woocommerce

Product Rearrange for WooCommerce allows to rearrange or reorder Woocommerce products using the drag & drop & its order will be saved in few seconds.

400 active installs v1.2.2 PHP 7.2+ WP 6.0+ Updated May 25, 2024

productrearrangereordersortwoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Product Rearrange for WooCommerce Safe to Use in 2026?

Generally Safe

Score 92/100

Product Rearrange for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The "products-rearrange-woocommerce" plugin version 1.2.2 exhibits a concerning security posture despite a clean vulnerability history. While the plugin correctly utilizes prepared statements for SQL queries and properly escapes all output, indicating good practices in these areas, it suffers from a significant lack of authorization checks on its entry points. All three identified REST API routes are exposed without any permission callbacks, meaning any authenticated user, regardless of their role or privileges, could potentially interact with these endpoints. This creates a substantial attack surface that is entirely unprotected, presenting a high risk of unauthorized actions or information disclosure.

The absence of nonce checks and capability checks across all entry points, coupled with zero AJAX handlers and cron events, further emphasizes the reliance on the underlying WordPress authentication system, which is insufficient for these exposed REST API routes. The lack of any identified dangerous functions, file operations, or external HTTP requests is a positive sign, as is the absence of taint analysis findings and a clean vulnerability history. However, these strengths are heavily overshadowed by the critical flaw of unprotected REST API endpoints, which significantly elevates the overall risk profile.

Key Concerns

REST API routes without permission callbacks
No nonce checks on any entry points
No capability checks on any entry points

Vulnerabilities

None known

Product Rearrange for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Product Rearrange for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

18 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared2 total queries

Output Escaping

100% escaped18 total outputs

Attack Surface

3 unprotected

Product Rearrange for WooCommerce Attack Surface

Entry Points3

Unprotected3

REST API Routes 3

GET/wp-json/wcpr/apiwcprupdateadmin\class-wcpr-admin.php:170

POST/wp-json/wcpr/api/wcprsettings_update/admin\class-wcpr-admin.php:180

POST/wp-json/wcpr/api/wcprsettings_fetch/admin\class-wcpr-admin.php:190

WordPress Hooks 9

actionplugins_loadedincludes\class-wcpr.php:133

actionadmin_enqueue_scriptsincludes\class-wcpr.php:146

actionadmin_enqueue_scriptsincludes\class-wcpr.php:147

actionadmin_menuincludes\class-wcpr.php:161

filterrest_product_collection_paramsincludes\class-wcpr.php:162

actionrest_api_initincludes\class-wcpr.php:163

filterwoocommerce_catalog_orderbyincludes\class-wcpr.php:164

filterwoocommerce_default_catalog_orderby_optionsincludes\class-wcpr.php:165

actionadmin_noticeswcpr.php:30

Maintenance & Trust

Product Rearrange for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.5.8

Last updatedMay 25, 2024

PHP min version7.2

Downloads6K

Community Trust

Rating100/100

Number of ratings6

Active installs400

Alternatives

Product Rearrange for WooCommerce Alternatives

Rearrange Products for WooCommerce

rearrange-woocommerce-products

100

Boost WooCommerce sales with the Rearrange Products for WooCommerce plugin. Easily reorder products with a simple drag-and-drop tool!

20K 1 CVE

Themify – WooCommerce Product Filter

themify-wc-product-filter

This plugin helps shoppers quickly find products in your WooCommerce shop by filtering through price, categories, attributes, tags, and more.

20K 6 CVEs

Extra Product Sorting Options for WooCommerce

woocommerce-extra-product-sorting-options

100

Rename the default product sorting option, add up to 5 new sorting options including alphabetical and on-sale sorting, or remove core sorting options.

10K No CVEs

WCAPF – WooCommerce Ajax Product Filter

wc-ajax-product-filter

100

WCAPF - WooCommerce Ajax Product Filter is a powerful plugin that enhances the filtering functionality of your WooCommerce store.

9K No CVEs

Product Sort and Display for WooCommerce

woocommerce-product-sort-and-display

Create a true Supermarket shopping experience. Sort and show products on Shop page by category - auto show On Sale or Featured first, Endless Scroll.

2K 2 CVEs

Developer Profile

Product Rearrange for WooCommerce Developer Profile

Devteam HaywoodTech

2 plugins · 460 total installs

trust score

Avg Security Score

96/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Product Rearrange for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/products-rearrange-woocommerce/admin/css/wcpr-admin.css/wp-content/plugins/products-rearrange-woocommerce/admin/js/wcpr-admin.js/wp-content/plugins/products-rearrange-woocommerce/admin/react/src/build/runtime~front.js/wp-content/plugins/products-rearrange-woocommerce/admin/react/src/build/front.js

Script Paths

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;600;900&display=swap

Version Parameters

products-rearrange-woocommerce/admin/css/wcpr-admin.css?ver=products-rearrange-woocommerce/admin/js/wcpr-admin.js?ver=products-rearrange-woocommerce/admin/react/src/build/runtime~front.js?ver=products-rearrange-woocommerce/admin/react/src/build/front.js?ver=

HTML / DOM Fingerprints

JS Globals

wcprversionwcprdeactivationwcprsettings

REST Endpoints

wcpr/api/wcprupdatewcpr/api/wcprsettings_update

FAQ