WP-Safety

RaCar One Account Per CPF Security & Risk Analysis

wordpress.org/plugins/racar-one-account-per-cpf

RaCar One Account Per CPF makes sure that only one account may have a CPF number during registration.

0 active installs v1.1 PHP 8.0+ WP 6.1+ Updated Mar 13, 2026
accountcpfracarwoo-commercewoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is RaCar One Account Per CPF Safe to Use in 2026?

Generally Safe

Score 100/100

RaCar One Account Per CPF has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 22d ago
Risk Assessment

The "racar-one-account-per-cpf" plugin v1.1 exhibits a generally good security posture based on the static analysis. The absence of any AJAX handlers, REST API routes, shortcodes, or cron events means there are no direct entry points to the plugin's functionality, significantly reducing the potential attack surface. The code signals are also positive, with no dangerous functions, all SQL queries using prepared statements, and no file operations or external HTTP requests. The high percentage of properly escaped output and the presence of nonce and capability checks further bolster its security.

Key Concerns

  • High percentage of output escaped, but some may not be.
  • No vulnerabilities recorded in history.
  • No dangerous functions detected.
  • All SQL queries use prepared statements.
  • No file operations detected.
  • No external HTTP requests detected.
  • Nonce checks present.
  • Capability checks present.
  • No bundled libraries.
  • Zero total entry points.
  • Zero taint flows with unsanitized paths.
Vulnerabilities
None known

RaCar One Account Per CPF Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

RaCar One Account Per CPF Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
4
22 escaped
Nonce Checks
5
Capability Checks
4
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

85% escaped26 total outputs
Attack Surface

RaCar One Account Per CPF Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 12
filterplugin_action_linksincludes\admin\class-roapc-action-list.php:19
actionadmin_menuincludes\admin\class-roapc-admin-options.php:37
actionadmin_menuincludes\admin\class-roapc-admin-options.php:38
actionadmin_initincludes\admin\class-roapc-admin-options.php:39
actionwoocommerce_register_postincludes\class-roapc-plugin.php:28
actionwoocommerce_register_form_startincludes\class-roapc-plugin.php:29
actionwoocommerce_created_customerincludes\class-roapc-plugin.php:30
actionadmin_enqueue_scriptsincludes\class-roapc-plugin.php:37
actionadmin_noticesincludes\class-roapc-plugin.php:40
actionadmin_noticesincludes\class-roapc-plugin.php:43
actionbefore_woocommerce_initracar-one-account-per-cpf.php:55
actionplugins_loadedracar-one-account-per-cpf.php:115
Maintenance & Trust

RaCar One Account Per CPF Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 13, 2026
PHP min version8.0
Downloads3K

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

RaCar One Account Per CPF Alternatives

My Account Customizer for WooCommerce

My Account Customizer for WooCommerce

my-account-customizer-for-woocommerce

A
100

Customize the "My account" page. Beautifully.

40 No CVEs
Brazilian Market on WooCommerce

Brazilian Market on WooCommerce

woocommerce-extra-checkout-fields-for-brazil

A
85

Adds Brazilian checkout fields in WooCommerce

70K No CVEs
Custom Order Status for WooCommerce

Custom Order Status for WooCommerce

custom-order-statuses-woocommerce

A
100

Custom Order Status for WooCommerce allows you to create and manage order statuses. It improves order management & overall order workflow.

10K 1 CVE
Saphali Woocommerce Lite

Saphali Woocommerce Lite

saphali-woocommerce-lite

A
100

A set of additions to the WooCommerce online store. Adds localization & special tools in WooCommerce.

10K 1 CVE
Password Strength Settings for WooCommerce

Password Strength Settings for WooCommerce

wc-password-strength-settings

A
85

Help secure your WooCommerce site by enforcing stronger passwords and taking additional control of your strength requirements.

10K No CVEs
Developer Profile

RaCar One Account Per CPF Developer Profile

Rafa Carvalhido

3 plugins · 410 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect RaCar One Account Per CPF

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/racar-one-account-per-cpf/css/roapc-stylesheet.css/wp-content/plugins/racar-one-account-per-cpf/js/roapc-javascript.js/wp-content/plugins/racar-one-account-per-cpf/includes/admin/css/roapc-admin-style.css/wp-content/plugins/racar-one-account-per-cpf/includes/admin/js/roapc-admin-javascript.js
Version Parameters
racar-one-account-per-cpf/css/roapc-stylesheet.css?ver=racar-one-account-per-cpf/js/roapc-javascript.js?ver=racar-one-account-per-cpf/includes/admin/css/roapc-admin-style.css?ver=racar-one-account-per-cpf/includes/admin/js/roapc-admin-javascript.js?ver=

HTML / DOM Fingerprints

HTML Comments
<!-- v.0.2.1 - inserindo função da versão PRO racar_search_for_duplicate_CPF(), habilitando página de admin -->
FAQ

Frequently Asked Questions about RaCar One Account Per CPF