Does QueryCraft – Filter everything, such as posts and products have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is QueryCraft – Filter everything, such as posts and products compatible with WordPress 6.8.5?

According to WordPress.org data, QueryCraft – Filter everything, such as posts and products 1.7.5 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is QueryCraft – Filter everything, such as posts and products compatible with PHP 7.4+?

QueryCraft – Filter everything, such as posts and products requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

QueryCraft – Filter everything, such as posts and products Security & Risk Analysis

wordpress.org/plugins/query-craft

The ultimate filtering tool for WordPress. Effortlessly filter posts, products, and any custom post type by any parameter.

0 active installs v1.7.5 PHP 7.4+ WP 5.8+ Updated Aug 30, 2025

ajax-filtercontent-filterpost-filterproduct-filterwoocommerce-filter

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is QueryCraft – Filter everything, such as posts and products Safe to Use in 2026?

Generally Safe

Score 100/100

QueryCraft – Filter everything, such as posts and products has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8mo ago

Risk Assessment

Based on the static analysis and vulnerability history, the "query-craft" v1.7.5 plugin exhibits a generally good security posture. It demonstrates strong adherence to secure coding practices by utilizing prepared statements for all SQL queries and properly escaping all output. The complete absence of known CVEs and a history free of past vulnerabilities further bolster this assessment. Furthermore, the plugin's attack surface, while consisting of 3 AJAX handlers, is noted to have no unprotected entry points. The presence of nonce and capability checks on AJAX handlers (though not explicitly detailed for each of the 3) suggests a conscious effort to secure these interactions.

Key Concerns

Taint flows with unsanitized paths
External HTTP requests

Vulnerabilities

None known

QueryCraft – Filter everything, such as posts and products Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

QueryCraft – Filter everything, such as posts and products Release Timeline

v1.7.5Current

Code Analysis

Analyzed Apr 16, 2026

QueryCraft – Filter everything, such as posts and products Code Analysis

Dangerous Functions

Raw SQL Queries

17 prepared

Unescaped Output

197 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared17 total queries

Output Escaping

100% escaped197 total outputs

Data Flows · Security

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

filter_posts (includes/admin/class-ajax-handler.php:79)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

QueryCraft – Filter everything, such as posts and products Attack Surface

Entry Points3

Unprotected0

AJAX Handlers 3

authwp_ajax_wowown_qc_get_taxonomies_for_post_typeincludes/admin/class-ajax-handler.php:34

authwp_ajax_wowown_qc_filter_postsincludes/admin/class-ajax-handler.php:35

noprivwp_ajax_wowown_qc_filter_postsincludes/admin/class-ajax-handler.php:36

WordPress Hooks 20

actionadmin_enqueue_scriptsincludes/admin/class-admin-assets.php:33

filterget_pagenum_linkincludes/admin/class-ajax-handler.php:314

actionadmin_menuincludes/admin/class-settings-page.php:37

actionadmin_initincludes/admin/class-settings-page.php:38

actionadd_meta_boxesincludes/class-meta-boxes.php:30

actionwidgets_initincludes/class-plugin.php:93

actioninitincludes/class-post-types.php:44

actionpre_get_postsincludes/class-query-manager.php:68

filterquery_varsincludes/class-rewrite-manager.php:73

filterrewrite_rules_arrayincludes/class-rewrite-manager.php:76

filterdo_parse_requestincludes/class-rewrite-manager.php:77

filterrequestincludes/class-rewrite-manager.php:78

actionparse_requestincludes/class-rewrite-manager.php:79

actionpre_get_postsincludes/class-rewrite-manager.php:304

actionwp_enqueue_scriptsincludes/frontend/class-frontend-assets.php:60

actionget_template_partincludes/frontend/class-frontend-assets.php:61

actionloop_startincludes/frontend/class-template-manager.php:31

actionloop_endincludes/frontend/class-template-manager.php:32

actionloop_no_resultsincludes/frontend/class-template-manager.php:33

filternavigation_markup_templateincludes/frontend/class-template-manager.php:34

Maintenance & Trust

QueryCraft – Filter everything, such as posts and products Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedAug 30, 2025

PHP min version7.4

Downloads270

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

QueryCraft – Filter everything, such as posts and products Alternatives

Filter Everything — WordPress & WooCommerce Filters

filter-everything

100

The most flexible filters plugin for WordPress & WooCommerce – filter anything.

50K No CVEs

Filter Everything Extra

filter-everything-extra

Additional functionality for the Filter Everything plugin.

0 No CVEs

annasta Filters for WooCommerce

annasta-woocommerce-product-filters

100

All-in-one products search and filtering solution for your WooCommerce shop with rich features and customization options.

2K No CVEs

Better Post & Filter Widgets for Elementor

better-post-filter-widgets-for-elementor

The only free pro-grade Elementor filtering system for posts, taxonomies, custom fields, ACF, WooCommerce, WPML & more. Ditch paid limits!

2K 1 CVE

Filter Plus – Product Filter & WordPress Filter

filter-plus

Filter Plus is WordPress and WooCommerce Product Filter plugin that enable filter anything in your website.

100 1 unpatched

Developer Profile

QueryCraft – Filter everything, such as posts and products Developer Profile

wowown

4 plugins · 40 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect QueryCraft – Filter everything, such as posts and products

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/query-craft/assets/css/admin.css/wp-content/plugins/query-craft/assets/js/admin.js/wp-content/plugins/query-craft/assets/css/frontend.css/wp-content/plugins/query-craft/assets/js/frontend.js

Script Paths

/wp-content/plugins/query-craft/assets/js/admin.js/wp-content/plugins/query-craft/assets/js/frontend.js

Version Parameters

query-craft/assets/css/admin.css?ver=query-craft/assets/js/admin.js?ver=query-craft/assets/css/frontend.css?ver=query-craft/assets/js/frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes

wowown-qc-admin-styleswowown-qc-admin-scriptwowown-qc-frontend-styleswowown-qc-frontend-script

JS Globals

wowownQcAdminwowownQcFrontendqcTemplatePartqcPaginationType

FAQ