WP-Safety

QR Code Woocommerce Security & Risk Analysis

wordpress.org/plugins/qr-code-woocommerce

This plugin creates printable QR Codes for Simple and Variable product types also for Coupon code as well.

1K active installs v2.0.5 PHP 7.1+ WP 5.6+ Updated Dec 12, 2022
qr-codeqrcodewoocommerce
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is QR Code Woocommerce Safe to Use in 2026?

Generally Safe

Score 85/100

QR Code Woocommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago
Risk Assessment

The qr-code-woocommerce plugin v2.0.5 exhibits a generally strong security posture, with no identified vulnerabilities in its history and a clean bill of health from taint analysis. The static analysis reveals a minimal attack surface, with only one shortcode and no AJAX handlers, REST API routes, or cron events that are unprotected. Furthermore, the code demonstrates good practices regarding SQL queries, utilizing prepared statements exclusively, and the absence of dangerous function usage or external HTTP requests.

However, there are areas for improvement. The static analysis indicates that 29% of output escaping is not properly handled, which could lead to cross-site scripting (XSS) vulnerabilities if user-supplied data is displayed without adequate sanitization. Additionally, the plugin lacks nonce checks and capability checks, which are crucial for securing functionality against unauthorized access and manipulation, especially when dealing with any form of user interaction or data modification.

The complete absence of recorded vulnerabilities in its history is a positive sign, suggesting a commitment to security by the developers. Despite the noted weaknesses in output escaping and the absence of critical security checks like nonces and capability checks, the plugin's minimal attack surface and lack of known vulnerabilities offer a relatively low immediate risk. Developers should prioritize addressing the unescaped output and implement nonce and capability checks to further harden the plugin's security.

Key Concerns

  • Unescaped output detected
  • Missing nonce checks
  • Missing capability checks
Vulnerabilities
None known

QR Code Woocommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

QR Code Woocommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
12
29 escaped
Nonce Checks
0
Capability Checks
0
File Operations
1
External Requests
0
Bundled Libraries
0

Output Escaping

71% escaped41 total outputs
Attack Surface

QR Code Woocommerce Attack Surface

Entry Points1
Unprotected0

Shortcodes 1

[wooqr] includes\class-woo-qr-codes.php:18
WordPress Hooks 13
actionadmin_menuincludes\class-woo-admin-panel.php:12
actionadmin_initincludes\class-woo-admin-panel.php:13
actionadmin_enqueue_scriptsincludes\class-woo-admin-panel.php:14
actionadmin_menuincludes\class-woo-bulk-qr-codes.php:3
actioninitincludes\class-woo-coupon-public-url.php:1
actionwoocommerce_before_cartincludes\class-woo-coupon-public-url.php:16
actionadd_meta_boxesincludes\class-woo-qr-codes-admin.php:12
actionwoocommerce_product_after_variable_attributesincludes\class-woo-qr-codes-admin.php:13
actionadmin_enqueue_scriptsincludes\class-woo-qr-codes-admin.php:14
actioninitincludes\class-woo-qr-codes.php:17
actionwp_enqueue_scriptsincludes\class-woo-qr-codes.php:19
actionrest_api_initincludes\class-woo-qr-codes.php:20
actionadmin_noticeswoocommerce-qrc.php:221
Maintenance & Trust

QR Code Woocommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.1.10
Last updatedDec 12, 2022
PHP min version7.1
Downloads20K

Community Trust

Rating100/100
Number of ratings5
Active installs1K
Alternatives

QR Code Woocommerce Alternatives

Kaya QR Code Generator

Kaya QR Code Generator

kaya-qr-code-generator

A
99

Generate QR Code through Widgets and Shortcodes, without any dependencies.

20K 2 CVEs
QR Code Composer – QR Code Generator

QR Code Composer – QR Code Generator

qr-code-composer

A
99

Generate QR codes for URLs, text, WiFi, email & more in seconds. No setup needed.

3K 1 CVE
Master QR Code Generator – Static QR Code Generator

Master QR Code Generator – Static QR Code Generator

master-qr-generator

A
100

Generates QR codes for every page, post, product, and custom post for the WordPress website.

400 No CVEs
Flex QR Code Generator

Flex QR Code Generator

flex-qr-code-generator

C
58

Generate customized or automated Nice QR codes for pages, posts or products and show the qrcode with shortcode, widget or block.

90 1 unpatched
QR Link Generator for WP

QR Link Generator for WP

qr-link-generator-for-wp

A
100

Generates QR codes from a frontend form via shortcode and adds QR codes to WooCommerce products.

60 No CVEs
Developer Profile

QR Code Woocommerce Developer Profile

G Matta

4 plugins · 2K total installs

71
trust score
Avg Security Score
89/100
Avg Patch Time
630 days
View full developer profile
Detection Fingerprints

How We Detect QR Code Woocommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/qr-code-woocommerce/assets/admin/css/wcqrc-admin-panel.css/wp-content/plugins/qr-code-woocommerce/assets/common/js/kjua.js/wp-content/plugins/qr-code-woocommerce/assets/admin/js/kjua-scripts.js
Script Paths
/wp-content/plugins/qr-code-woocommerce/assets/common/js/kjua.js/wp-content/plugins/qr-code-woocommerce/assets/admin/js/kjua-scripts.js
Version Parameters
qr-code-woocommerce/assets/admin/css/wcqrc-admin-panel.css?ver=qr-code-woocommerce/assets/common/js/kjua.js?ver=qr-code-woocommerce/assets/admin/js/kjua-scripts.js?ver=

HTML / DOM Fingerprints

CSS Classes
wcqrc-admin-panel-style
Data Attributes
data-kjua-renderdata-kjua-sizedata-kjua-crispdata-kjua-filldata-kjua-backdata-kjua-minversion+10 more
JS Globals
WooCommerceQrCodes
FAQ

Frequently Asked Questions about QR Code Woocommerce