Does PWF – Products Filter for WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in PWF – Products Filter for WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is PWF – Products Filter for WooCommerce compatible with WordPress 6.1.10?

According to WordPress.org data, PWF – Products Filter for WooCommerce 1.1.5 has been tested up to WordPress 6.1.10. Check the plugin's changelog for the latest compatibility information.

Is PWF – Products Filter for WooCommerce compatible with PHP 7.4+?

PWF – Products Filter for WooCommerce requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is PWF – Products Filter for WooCommerce updated?

PWF – Products Filter for WooCommerce was last updated on Apr 1, 2023. Frequent updates are generally a positive security signal.

What is PWF – Products Filter for WooCommerce's security score?

PWF – Products Filter for WooCommerce has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

PWF – Products Filter for WooCommerce Security & Risk Analysis

wordpress.org/plugins/pwf-wc-product-filters

Filter WooCommerce products and WordPress post types. Filter by any criteria including categories, tags, taxonomies, price, and custom fields.

90 active installs v1.1.5 PHP 7.4+ WP 5.6.0+ Updated Apr 1, 2023

ajax-filterfilterproduct-filterwoocommerce-filterwoocommerce-product-filter

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is PWF – Products Filter for WooCommerce Safe to Use in 2026?

Generally Safe

Score 85/100

PWF – Products Filter for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago

Risk Assessment

The "pwf-wc-product-filters" v1.1.5 plugin exhibits a generally good security posture, with a high percentage of SQL queries using prepared statements and output properly escaped. The absence of dangerous functions, file operations, and external HTTP requests is also a positive sign. The vulnerability history being clear of any known CVEs further strengthens this impression, suggesting a plugin that has historically been maintained with security in mind.

However, there are notable areas of concern. The attack surface is significant, with a total of 7 entry points, and crucially, 4 of these lack authentication checks. Specifically, the 6 AJAX handlers are a primary concern, with 4 of them not implementing any form of authorization. This could allow unauthenticated users to trigger potentially sensitive actions within the plugin. While taint analysis found no issues, the presence of unprotected AJAX handlers creates a significant risk of localized vulnerabilities that might not be detectable through static taint analysis alone.

In conclusion, while the plugin demonstrates strong adherence to secure coding practices in many areas and has a clean vulnerability history, the unprotected AJAX handlers represent a critical weakness. Addressing these unauthenticated entry points should be the immediate priority to mitigate potential security risks.

Key Concerns

Unprotected AJAX handlers
Attack surface without auth checks

Vulnerabilities

None known

PWF – Products Filter for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

PWF – Products Filter for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

23 prepared

Unescaped Output

252 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Select2

SQL Query Safety

96% prepared24 total queries

Output Escaping

97% escaped261 total outputs

Attack Surface

4 unprotected

PWF – Products Filter for WooCommerce Attack Surface

Entry Points7

Unprotected4

AJAX Handlers 6

authwp_ajax_get_filter_resultincludes\class-pwf-front-end-ajax.php:16

noprivwp_ajax_get_filter_resultincludes\class-pwf-front-end-ajax.php:17

authwp_ajax_get_hierarchy_taxonomies_using_ajaxincludes\classes\admin\class-pwf-admin-main.php:24

authwp_ajax_get_group_taxonomies_using_ajaxincludes\classes\admin\class-pwf-admin-main.php:25

authwp_ajax_get_taxonomies_using_ajaxincludes\classes\admin\class-pwf-admin-main.php:26

authwp_ajax_save_filter_postincludes\classes\admin\class-pwf-admin-main.php:27

Shortcodes 1

[pwf_filter] includes\class-pwf-main.php:47

WordPress Hooks 34

actioninitincludes\class-pwf-front-end-ajax.php:11

actionwp_enqueue_scriptsincludes\class-pwf-front-end-ajax.php:15

actioninitincludes\class-pwf-main.php:35

actioninitincludes\class-pwf-main.php:36

filterwp_kses_allowed_htmlincludes\class-pwf-main.php:38

actionwp_trash_postincludes\class-pwf-main.php:40

actiondelete_termincludes\class-pwf-main.php:41

actionwp_headincludes\class-pwf-main.php:42

actionadmin_initincludes\classes\admin\class-pwf-admin-main.php:17

actionadmin_enqueue_scriptsincludes\classes\admin\class-pwf-admin-main.php:18

actionmanage_pwf_woofilter_posts_custom_columnincludes\classes\admin\class-pwf-admin-main.php:19

filtermanage_pwf_woofilter_posts_columnsincludes\classes\admin\class-pwf-admin-main.php:20

actionadmin_enqueue_scriptsincludes\classes\admin\class-pwf-admin-main.php:23

actionadmin_menuincludes\classes\admin\class-pwf-admin-main.php:30

actionadmin_noticesincludes\classes\admin\class-pwf-admin-main.php:34

actionadmin_initincludes\classes\admin\class-pwf-admin-main.php:35

actioninitincludes\classes\admin\class-pwf-admin-settings-page.php:11

actionadmin_menuincludes\classes\admin\class-pwf-admin-settings-page.php:15

actionadmin_initincludes\classes\admin\class-pwf-admin-settings-page.php:16

actionadmin_initincludes\classes\admin\class-pwf-admin-settings-page.php:17

filteradd_meta_boxesincludes\classes\admin\meta\class-pwf-meta.php:17

filterscreen_options_show_screenincludes\classes\admin\meta\class-pwf-meta.php:18

filterget_user_option_screen_layout_pwf_woofilterincludes\classes\admin\meta\class-pwf-meta.php:19

filterpost_row_actionsincludes\classes\admin\meta\class-pwf-meta.php:20

actionedit_form_after_titleincludes\classes\admin\meta\class-pwf-meta.php:21

actionshutdownincludes\classes\class-pwf-analytic-query.php:20

actioninitincludes\classes\class-pwf-autoloader.php:21

actionpre_get_postsincludes\classes\class-pwf-hook-wp-query.php:43

filterthe_postsincludes\classes\class-pwf-hook-wp-query.php:427

filterposts_clausesincludes\classes\woocommerce\class-pwf-filter-products.php:354

filterposts_clausesincludes\classes\woocommerce\class-pwf-hook-woocommerce-query.php:31

filterthe_postsincludes\classes\woocommerce\class-pwf-hook-woocommerce-query.php:50

actionwp_footerincludes\render\class-pwf-render-filter.php:117

actionwidgets_initincludes\widgets\class-pwf-filter-widget.php:11

Maintenance & Trust

PWF – Products Filter for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.1.10

Last updatedApr 1, 2023

PHP min version7.4

Downloads5K

Community Trust

Rating100/100

Number of ratings4

Active installs90

Alternatives

PWF – Products Filter for WooCommerce Alternatives

Filter Everything — Product Filter & WordPress Filter

filter-everything

100

The most universal filters plugin for WordPress and WooCommerce products.

50K No CVEs

annasta Filters for WooCommerce

annasta-woocommerce-product-filters

100

All-in-one products search and filtering solution for your WooCommerce shop with rich features and customization options.

2K No CVEs

Filter Everything Extra

filter-everything-extra

Additional functionality for the Filter Everything plugin.

0 No CVEs

YITH WooCommerce Ajax Product Filter

yith-woocommerce-ajax-navigation

YITH WooCommerce Ajax Product Filter offers you the perfect way to filter all products of your WooCommerce shop.

80K 3 CVEs

Product Filter for WooCommerce by WBW

woo-product-filter

Filter products by categories, attributes, prices, and more. Elementor Compatibility. Shoppers easily find products with WooCommerce Product Filter

60K 6 CVEs

Developer Profile

PWF – Products Filter for WooCommerce Developer Profile

Mostafa

2 plugins · 90 total installs

trust score

Avg Security Score

93/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect PWF – Products Filter for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/pwf-wc-product-filters/assets/select2/css/select2.min.css/wp-content/plugins/pwf-wc-product-filters/assets/css/frontend/jquery-ui/jquery-ui.min.css/wp-content/plugins/pwf-wc-product-filters/assets/css/frontend/style.css/wp-content/plugins/pwf-wc-product-filters/assets/select2/js/select2.full.min.js/wp-content/plugins/pwf-wc-product-filters/assets/js/frontend/nouislider.min.js/wp-content/plugins/pwf-wc-product-filters/assets/js/frontend/script.js

Version Parameters

/wp-content/plugins/pwf-wc-product-filters/assets/css/frontend/style.css?ver=/wp-content/plugins/pwf-wc-product-filters/assets/js/frontend/script.js?ver=

HTML / DOM Fingerprints

CSS Classes

pwf-filter-wrapperpwf-filter-titlepwf-filter-itempwf-filter-searchpwf-filter-rangepwf-filter-attributepwf-filter-colorpwf-filter-label

HTML Comments

Data Attributes

data-filter-iddata-filter-typedata-filter-slugdata-filter-selecteddata-filter-attribute

JS Globals

pwf_woo_filter_dataPwf_Woo_Filter_Frontend

REST Endpoints

/wp-json/pwf/v1/get_filter_result

FAQ