Does Products Showcase – Shopify Integration have any unpatched vulnerabilities?

No. All known vulnerabilities in Products Showcase – Shopify Integration have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Products Showcase – Shopify Integration compatible with WordPress 6.9.4?

According to WordPress.org data, Products Showcase – Shopify Integration 1.1.2 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Products Showcase – Shopify Integration compatible with PHP 8.1+?

Products Showcase – Shopify Integration requires PHP 8.1 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Products Showcase – Shopify Integration updated?

Products Showcase – Shopify Integration was last updated on Unknown. Frequent updates are generally a positive security signal.

What is Products Showcase – Shopify Integration's security score?

Products Showcase – Shopify Integration has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Products Showcase – Shopify Integration Security & Risk Analysis

wordpress.org/plugins/products-showcase

Display Shopify products and collections in beautiful carousels using native Gutenberg blocks.

20 active installs v1.1.2 PHP 8.1+ WP 6.0+ Updated Unknown

blocksecommercegutenbergproductsshopify

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Products Showcase – Shopify Integration Safe to Use in 2026?

Generally Safe

Score 100/100

Products Showcase – Shopify Integration has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The "products-showcase" v1.1.2 plugin demonstrates several positive security practices, including a strong emphasis on capability checks and proper output escaping. The extensive use of nonce checks and capability checks for its AJAX handlers indicates a deliberate effort to secure these entry points. The absence of known CVEs and a clean vulnerability history further contributes to a generally favorable security posture.

However, a significant concern arises from the static analysis of its SQL queries. With 10 total SQL queries and 0% utilizing prepared statements, there is a high risk of SQL injection vulnerabilities. This lack of prepared statements for all database interactions represents a critical weakness. Additionally, while taint analysis showed no critical or high-severity issues, the presence of two flows with unsanitized paths warrants attention, as these could potentially lead to vulnerabilities if exploited in conjunction with other weaknesses.

In conclusion, the plugin has good foundational security for its entry points and output handling. The absence of historical vulnerabilities is a positive sign. However, the almost complete reliance on raw SQL queries without prepared statements is a severe and actionable risk that significantly lowers its overall security score. Addressing this would drastically improve the plugin's security.

Key Concerns

Raw SQL queries without prepared statements
Flows with unsanitized paths

Vulnerabilities

None known

Products Showcase – Shopify Integration Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Products Showcase – Shopify Integration Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

145 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared10 total queries

Output Escaping

95% escaped152 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

3 flows2 with unsanitized paths

ajax_initiate_oauth (includes\class-shopify-oauth.php:57)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Products Showcase – Shopify Integration Attack Surface

Entry Points7

Unprotected0

AJAX Handlers 7

authwp_ajax_prodshow_search_shopify_productsincludes\class-shopify-api.php:36

authwp_ajax_prodshow_search_shopify_collectionsincludes\class-shopify-api.php:37

authwp_ajax_prodshow_get_shopify_productincludes\class-shopify-api.php:38

authwp_ajax_prodshow_get_shopify_collectionincludes\class-shopify-api.php:39

authwp_ajax_prodshow_initiate_oauthincludes\class-shopify-oauth.php:39

authwp_ajax_prodshow_disconnect_shopifyincludes\class-shopify-oauth.php:40

authwp_ajax_prodshow_refresh_api_versionincludes\class-shopify-oauth.php:41

WordPress Hooks 13

actionadmin_menuincludes\class-admin-settings.php:25

actionadmin_initincludes\class-admin-settings.php:26

actionadmin_enqueue_scriptsincludes\class-admin-settings.php:27

filteradmin_footer_textincludes\class-admin-settings.php:28

actionwp_enqueue_scriptsincludes\class-enqueue-assets.php:23

actionenqueue_block_assetsincludes\class-enqueue-assets.php:24

actionrest_api_initincludes\class-rest-api.php:32

actionadmin_enqueue_scriptsincludes\class-shopify-api.php:40

actioninitincludes\class-shopify-block.php:23

actiongraphql_register_typesincludes\class-shopify-graphql-types.php:29

actionadmin_initincludes\class-shopify-oauth.php:36

actionadmin_initproducts-showcase.php:84

actionplugins_loadedproducts-showcase.php:86

Maintenance & Trust

Products Showcase – Shopify Integration Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedUnknown

PHP min version8.1

Downloads325

Community Trust

Rating100/100

Number of ratings3

Active installs20

Alternatives

Products Showcase – Shopify Integration Alternatives

External Store for Shopify

wp-shopify

Display products from your Shopify store on your WordPress blog using shortcodes.

3K 2 CVEs

ShopWP

wpshopify

Sell Shopify Products on WordPress. Display a simple buy button—or build a complex storefront. Power your WordPress store with a world-class ecommerce …

800 1 CVE

ShopCred – WooCommerce Builder with Products Grid & Carousel Block

shopcred

ShopCred - The Best Gutenberg Blocks Collection for WooCommerce with WooCommerce Builder

50 1 unpatched

Choose Your Best Selling Products

choose-your-best-selling-products

100

A WordPress plugin to display top selling products with flexible settings for manual or automated product selection.

20 No CVEs

GTG Product Blocks

gtg-product-blocks

This GTG Product Block is one of the most powerful plugin for Gutenberg that is compatible with WooCommerce to display your products on posts and page …

10 No CVEs

Developer Profile

Products Showcase – Shopify Integration Developer Profile

Hossein Karami

1 plugin · 20 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Products Showcase – Shopify Integration

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/products-showcase/assets/css/backend.css/wp-content/plugins/products-showcase/assets/js/backend.js/wp-content/plugins/products-showcase/assets/css/frontend.css/wp-content/plugins/products-showcase/assets/js/frontend.js

Script Paths

/wp-content/plugins/products-showcase/assets/js/backend.js/wp-content/plugins/products-showcase/assets/js/frontend.js

Version Parameters

products-showcase/assets/css/backend.css?ver=products-showcase/assets/js/backend.js?ver=products-showcase/assets/css/frontend.css?ver=products-showcase/assets/js/frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes

prodshow-settings-pageshopify-products-listprodshow-shopify-icon

Data Attributes

data-shop-urldata-access-tokendata-api-version

JS Globals

PRODSHOW_Admin_SettingsPRODSHOW_Enqueue_AssetsPRODSHOW_REST_API

REST Endpoints

/wp-json/products-showcase/v1/products/wp-json/products-showcase/v1/collections

Shortcode Output

[products-showcase][shopify-products-collection]

FAQ