Does QAlimucho for WooCommerce have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is QAlimucho for WooCommerce compatible with WordPress 6.9.4?

According to WordPress.org data, QAlimucho for WooCommerce 1.0.1 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is QAlimucho for WooCommerce compatible with PHP 7.4+?

QAlimucho for WooCommerce requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is QAlimucho for WooCommerce updated?

QAlimucho for WooCommerce was last updated on Mar 23, 2026. Frequent updates are generally a positive security signal.

What is QAlimucho for WooCommerce's security score?

QAlimucho for WooCommerce has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

QAlimucho for WooCommerce Security & Risk Analysis

wordpress.org/plugins/qalimucho-for-woocommerce

Enable automated checkout testing for WooCommerce without real payments.

0 active installs v1.0.1 PHP 7.4+ WP 5.8+ Updated Mar 23, 2026

automationcheckoutqatestingwoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is QAlimucho for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

QAlimucho for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The qalimucho-for-woocommerce plugin, version 1.0.1, exhibits a generally strong security posture based on the static analysis. The absence of dangerous functions, file operations, external HTTP requests, and the consistent use of prepared statements for SQL queries are positive indicators. Furthermore, all output is properly escaped, and there are no recorded vulnerabilities (CVEs), which suggests good development practices and thorough testing.

However, a significant concern is the presence of one unprotected REST API route. This unprotected endpoint represents a potential attack vector, as it could be accessed and manipulated by unauthenticated users, leading to unintended actions or data exposure. While other entry points like AJAX handlers and shortcodes are either absent or properly secured, this single unprotected REST API route warrants attention.

In conclusion, the plugin has several strengths, particularly in its handling of SQL, output escaping, and lack of past vulnerabilities. Nevertheless, the unprotected REST API endpoint introduces a notable risk that should be addressed to ensure the plugin's overall security.

Key Concerns

Unprotected REST API route found

Vulnerabilities

None known

QAlimucho for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

QAlimucho for WooCommerce Release Timeline

v1.0.1Current

Code Analysis

Analyzed Apr 16, 2026

QAlimucho for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

36 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped36 total outputs

Data Flows · Security

All sanitized

Data Flow Analysis

1 flows

<qalimucho-for-woocommerce> (qalimucho-for-woocommerce.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

QAlimucho for WooCommerce Attack Surface

Entry Points2

Unprotected1

REST API Routes 2

GET/wp-json/qalimucho/v1/statusincludes/class-qalimucho-rest-api.php:40

GET/wp-json/qalimucho/v1/cleanupincludes/class-qalimucho-rest-api.php:50

WordPress Hooks 15

actionqalimucho_cleanup_test_ordersincludes/class-qalimucho-cleanup.php:37

actionrest_api_initincludes/class-qalimucho-rest-api.php:33

actionwp_headqalimucho-for-woocommerce.php:36

actioninitqalimucho-for-woocommerce.php:39

actionplugins_loadedqalimucho-for-woocommerce.php:90

actiontemplate_redirectqalimucho-for-woocommerce.php:111

actionwoocommerce_blocks_payment_method_type_registrationqalimucho-for-woocommerce.php:123

actionwoocommerce_blocks_loadedqalimucho-for-woocommerce.php:130

filterwoocommerce_payment_gatewaysqalimucho-for-woocommerce.php:142

actionwp_headqalimucho-for-woocommerce.php:150

actionbefore_woocommerce_initqalimucho-for-woocommerce.php:163

actionadmin_noticesqalimucho-for-woocommerce.php:178

actionadmin_menuqalimucho-for-woocommerce.php:206

actionadmin_post_qalimucho_regenerate_secretqalimucho-for-woocommerce.php:282

actionadmin_post_qalimucho_manual_cleanupqalimucho-for-woocommerce.php:314

Scheduled Events 2

qalimucho_cleanup_test_orders

Maintenance & Trust

QAlimucho for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 23, 2026

PHP min version7.4

Downloads79

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

QAlimucho for WooCommerce Alternatives

Diluted Test Order for WooCommerce

diluted-test-order-for-woocommerce

100

Adds a fake payment method so you can test the full checkout flow without a real payment provider. Ideal for staging, QA and local development.

0 No CVEs

MailPoet – Newsletters, Email Marketing, and Automation

mailpoet

Send beautiful newsletters from WordPress. Collect subscribers with signup forms, automate your emails for WooCommerce, blog post notifications & more

500K 3 CVEs

Checkout Field Editor (Checkout Manager) for WooCommerce

woo-checkout-field-editor-pro

Checkout Field Editor (Checkout Manager) for WooCommerce – The best WooCommerce checkout manager plugin to manage WooCommerce checkout fields.

500K 3 CVEs

Checkout Field Manager (Checkout Manager) for WooCommerce

woocommerce-checkout-manager

Checkout Field Manager (Checkout Manager) for WooCommerce is the most advanced plugin to customize checkout fields on your WooCommerce checkout page.

90K 5 CVEs

Flexible Checkout Fields for WooCommerce – WooCommerce Checkout Manager

flexible-checkout-fields

The best WooCommerce checkout manager. Edit, remove or add checkout fields. Customize WooCommerce checkout with this checkout field customizer.

80K 2 CVEs

Developer Profile

QAlimucho for WooCommerce Developer Profile

adanselm

1 plugin · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect QAlimucho for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

Data Attributes

name="qalimucho"content="active"

FAQ