WP-Safety

Registration Form for WooCommerce Security & Risk Analysis

wordpress.org/plugins/registration-form-for-woocommerce

Easily collect additional customer information by adding custom fields to the default WooCommerce registration form using the Registration Form for Wo …

900 active installs v1.0.9 PHP 7.4+ WP 5.5+ Updated Jul 9, 2025
form-fieldsregistrationregistration-fieldsregistration-formwoocommerce-registration
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Registration Form for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Registration Form for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8mo ago
Risk Assessment

The plugin "registration-form-for-woocommerce" v1.0.9 demonstrates a generally strong security posture based on the provided static analysis and vulnerability history. The absence of known vulnerabilities and the effective use of prepared statements for SQL queries are significant strengths. Furthermore, the high percentage of properly escaped output and the presence of numerous nonce and capability checks indicate a good understanding of secure coding practices within the plugin.

While the overall picture is positive, there are a few areas that warrant attention. The plugin's attack surface, though currently unprotected entry points are zero, consists of 2 AJAX handlers and 1 shortcode. The static analysis does not explicitly state if these entry points have robust authorization checks, which could represent a potential blind spot. Additionally, the presence of 3 external HTTP requests, while not inherently risky, should be monitored for potential vulnerabilities if the target endpoints are not trusted or properly secured.

The lack of any recorded vulnerabilities, even at lower severity levels, across its entire history is a very encouraging sign. This suggests a history of responsible development and maintenance. In conclusion, the plugin appears to be well-secured, with its primary strengths lying in its secure handling of database interactions and output. The focus should remain on ensuring thorough authorization checks for all its entry points and carefully managing external HTTP requests.

Key Concerns

  • AJAX handlers without explicit auth check data
  • External HTTP requests present
Vulnerabilities
None known

Registration Form for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Registration Form for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
6
184 escaped
Nonce Checks
11
Capability Checks
6
File Operations
0
External Requests
3
Bundled Libraries
1

Bundled Libraries

Select2

Output Escaping

97% escaped190 total outputs
Data Flows
All sanitized

Data Flow Analysis

1 flows
<form-login> (includes\templates\form-login.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Registration Form for WooCommerce Attack Surface

Entry Points3
Unprotected0

AJAX Handlers 2

noprivwp_ajax_upload_profile_pictureincludes\Ajax.php:35
authwp_ajax_upload_profile_pictureincludes\Ajax.php:36

Shortcodes 1

[tgwcfb_registration_form] includes\Shortcode.php:45
WordPress Hooks 76
filtermanage_users_columnsincludes\Admin.php:38
filtermanage_users_custom_columnincludes\Admin.php:39
actionedit_user_profileincludes\Admin.php:40
actionshow_user_profileincludes\Admin.php:41
actionedit_user_profile_updateincludes\Admin.php:42
actionpersonal_options_updateincludes\Admin.php:43
filteruser_row_actionsincludes\Admin.php:44
actionload-users.phpincludes\Admin.php:45
filterbulk_actions-usersincludes\Admin.php:46
filterload-users.phpincludes\Admin.php:47
filterblock_categories_allincludes\Blocks.php:108
filterallowed_block_types_allincludes\Blocks.php:109
filterblock_categoriesincludes\Blocks.php:111
filterallowed_block_typesincludes\Blocks.php:112
actioninitincludes\Blocks.php:114
filteradmin_body_classincludes\Blocks.php:169
actionwp_loadedincludes\FormHandler.php:60
actionwoocommerce_register_postincludes\FormHandler.php:61
actionwoocommerce_register_postincludes\FormHandler.php:62
actionwoocommerce_after_checkout_validationincludes\FormHandler.php:63
actionwoocommerce_save_account_details_errorsincludes\FormHandler.php:64
actionwoocommerce_save_account_detailsincludes\FormHandler.php:65
actionuser_registerincludes\FormHandler.php:66
filterwoocommerce_registration_redirectincludes\FormHandler.php:67
filterwoocommerce_add_errorincludes\FormHandler.php:68
filteroption_woocommerce_registration_generate_usernameincludes\FormHandler.php:94
filteroption_woocommerce_registration_generate_passwordincludes\FormHandler.php:100
filterwoocommerce_new_customer_dataincludes\FormHandler.php:325
filterwoocommerce_registration_auth_new_customerincludes\FormHandler.php:524
filterwoocommerce_add_successincludes\FormHandler.php:531
actioninitincludes\Install.php:35
actionadmin_noticesincludes\Notice.php:57
actioninitincludes\PostType.php:35
actioninitincludes\PostType.php:36
filterdefault_contentincludes\PostType.php:37
filterdefault_titleincludes\PostType.php:38
filtermanage_edit-tgwcfb_form_columnsincludes\PostType.php:39
actionmanage_tgwcfb_form_posts_custom_columnincludes\PostType.php:40
filtermonths_dropdown_resultsincludes\PostType.php:41
filterpost_row_actionsincludes\PostType.php:42
actionadmin_menuincludes\PostType.php:43
actionadmin_footerincludes\PostType.php:44
filterpll_get_post_typesincludes\PostType.php:45
actioninitincludes\Preview.php:42
filteredit_post_linkincludes\Preview.php:62
actionpre_get_postsincludes\Preview.php:63
filterhome_template_hierarchyincludes\Preview.php:64
filterfrontpage_template_hierarchyincludes\Preview.php:65
actiontemplate_redirectincludes\Preview.php:66
filterthe_titleincludes\Preview.php:122
filterthe_contentincludes\Preview.php:123
filterget_the_excerptincludes\Preview.php:124
filterpost_thumbnail_htmlincludes\Preview.php:125
actionrest_api_initincludes\RESTAPI.php:49
actioninitincludes\ScriptStyle.php:34
actionadmin_enqueue_scriptsincludes\ScriptStyle.php:35
actioninitincludes\Shortcode.php:34
filterbody_classincludes\Shortcode.php:84
filterwc_get_templateincludes\Sync.php:38
actioninitincludes\Sync.php:39
filterget_avatar_urlincludes\Sync.php:40
actiontgwcfb_edit_account_formincludes\Sync.php:41
filterwoocommerce_email_classesincludes\Sync.php:42
actionwoocommerce_email_customer_detailsincludes\Sync.php:43
actionwoocommerce_admin_order_data_after_shipping_addressincludes\Sync.php:51
actionwoocommerce_order_details_after_customer_detailsincludes\Sync.php:57
actionadmin_initincludes\Sync.php:63
actionrender_blockincludes\Sync.php:64
actiontgwcfb_before_customer_login_formincludes\Sync.php:155
actiontgwcfb_before_customer_registration_formincludes\Sync.php:156
filterrender_blockincludes\Sync.php:204
actioninitincludes\WooCommerceRegistrationFormBuilder.php:117
actionin_admin_headerincludes\WooCommerceRegistrationFormBuilder.php:118
actionadmin_initincludes\WooCommerceRegistrationFormBuilder.php:119
actionbefore_woocommerce_initincludes\WooCommerceRegistrationFormBuilder.php:122
actionadmin_initregistration-form-for-woocommerce.php:32
Maintenance & Trust

Registration Form for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedJul 9, 2025
PHP min version7.4
Downloads11K

Community Trust

Rating100/100
Number of ratings3
Active installs900
Alternatives

Registration Form for WooCommerce Alternatives

RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login

RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login

custom-registration-form-builder-with-submission-manager

B
76

Create customized user registration forms, accept payments, track submissions, manage users, analyze stats, assign user roles and more!

9K 44 CVEs
Simple Registration for WooCommerce

Simple Registration for WooCommerce

woocommerce-simple-registration

A
91

A simple plugin to add a [woocommerce_simple_registration] shortcode to display the registration form on a separate page.

4K 2 CVEs
Nss Wooregistration Form

Nss Wooregistration Form

nss-wooregistration-form

A
92

Custom woocommerce login/registration form with custom fields.

70 No CVEs
Custom Registration Fields for WooCommerce

Custom Registration Fields for WooCommerce

custom-registration-fields-for-woocommerce

A
92

Add custom registration fields to WooCommerce and WordPress user registration forms, capturing additional information from users with ease.

60 No CVEs
Easy Custom Registration Fields

Easy Custom Registration Fields

easy-custom-registration-fields

A
100

Easy Custom Registration Fields; Customize easily user registration fields.

0 No CVEs
Developer Profile

Registration Form for WooCommerce Developer Profile

ThemeGrill

31 plugins · 252K total installs

77
trust score
Avg Security Score
97/100
Avg Patch Time
184 days
View full developer profile
Detection Fingerprints

How We Detect Registration Form for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/registration-form-for-woocommerce/assets/css/style.css/wp-content/plugins/registration-form-for-woocommerce/assets/css/checkout.css/wp-content/plugins/registration-form-for-woocommerce/assets/js/checkout.js/wp-content/plugins/registration-form-for-woocommerce/assets/js/edit.js
Script Paths
/wp-content/plugins/registration-form-for-woocommerce/vendor/wp-scripts/src/index.js
Version Parameters
registration-form-for-woocommerce/assets/css/style.css?ver=registration-form-for-woocommerce/assets/css/checkout.css?ver=registration-form-for-woocommerce/assets/js/checkout.js?ver=registration-form-for-woocommerce/assets/js/edit.js?ver=

HTML / DOM Fingerprints

CSS Classes
tgwcfb-registration-formtgwcfb-checkout-formfield-width-100field-width-50
HTML Comments
<!-- wp:tgwcfb/username<!-- /wp:tgwcfb/username<!-- wp:tgwcfb/email<!-- /wp:tgwcfb/email+26 more
Data Attributes
data-blockdata-block-name
JS Globals
TGWCFB
Shortcode Output
<p id="reg_username_field" class="form-row field-width-100"><label for="reg_username">Username <span class="required">*</span></label><input type="text" placeholder="" class="input-text" name="username" id="reg_username" autocomplete="username"/></p><p id="reg_email_field" class="form-row field-width-100"><label for="reg_email">Email address <span class="required">*</span></label><input type="email" placeholder="" class="input-text" name="email" id="reg_email" autocomplete="email"/></p><p id="reg_password_field" class="form-row field-width-100"><label for="reg_password">Password <span class="required">*</span></label><span class="password-input"><input type="password" placeholder="" class="input-text" name="password" id="reg_password" autocomplete="new-password"/></span></p>
FAQ

Frequently Asked Questions about Registration Form for WooCommerce