WP-Safety

Reseller Store Security & Risk Analysis

wordpress.org/plugins/reseller-store

Design your own storefront for your Basic and Pro Reseller plan and have more control over your customers experience and business!

2K active installs v2.2.16 PHP 5.4+ WP 4.6+ Updated May 28, 2025
postsproductsprogramresellerstorefront
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Reseller Store Safe to Use in 2026?

Generally Safe

Score 100/100

Reseller Store has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10mo ago
Risk Assessment

The "reseller-store" v2.2.16 plugin exhibits a generally good security posture, with no known critical vulnerabilities in its history and a strong adherence to secure coding practices. The vast majority of its SQL queries utilize prepared statements, and a high percentage of output is properly escaped, significantly reducing the risk of common web vulnerabilities like SQL injection and cross-site scripting. The absence of critical taint flows also indicates that data is handled with reasonable care.

However, there is a notable concern regarding its attack surface. The plugin exposes one AJAX handler that lacks authentication checks. This could potentially allow unauthenticated users to trigger actions within the plugin, leading to unauthorized operations or information disclosure if the handler's functionality is sensitive. While the plugin demonstrates strengths in preventing direct code-level vulnerabilities through prepared statements and escaping, this single unprotected entry point represents a tangible risk that requires attention. The plugin's history of zero CVEs is a positive indicator of diligent development, but the presence of the unprotected AJAX handler is a weakness that contrasts with its otherwise robust security practices.

Key Concerns

  • AJAX handler without auth checks
Vulnerabilities
None known

Reseller Store Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Reseller Store Code Analysis

Dangerous Functions
0
Raw SQL Queries
1
15 prepared
Unescaped Output
38
195 escaped
Nonce Checks
7
Capability Checks
5
File Operations
1
External Requests
1
Bundled Libraries
0

SQL Query Safety

94% prepared16 total queries

Output Escaping

84% escaped233 total outputs
Attack Surface
1 unprotected

Reseller Store Attack Surface

Entry Points12
Unprotected1

AJAX Handlers 4

authwp_ajax_rstore_dismiss_admin_noticeincludes\class-admin-notices.php:32
authwp_ajax_rstore_options_saveincludes\class-settings.php:99
authwp_ajax_rstore_product_importincludes\class-settings.php:100
authwp_ajax_rstore_installincludes\class-setup.php:73

Shortcodes 8

[rstore-domain-search] includes\class-shortcodes.php:57
[rstore_domain_search] includes\class-shortcodes.php:70
[rstore_cart_button] includes\class-shortcodes.php:83
[rstore_product] includes\class-shortcodes.php:96
[rstore_login] includes\class-shortcodes.php:109
[rstore_domain_transfer] includes\class-shortcodes.php:122
[rstore_domain] includes\class-shortcodes.php:135
[rstore_icon] includes\class-shortcodes.php:148
WordPress Hooks 67
actionplugins_loadedclass-plugin.php:60
actionadmin_enqueue_scriptsincludes\class-admin-notices.php:43
actionadmin_noticesincludes\class-admin-notices.php:44
actionadmin_noticesincludes\class-admin-notices.php:48
actionenqueue_block_editor_assetsincludes\class-blocks.php:51
filterblock_categories_allincludes\class-blocks.php:53
actioninitincludes\class-blocks.php:55
actionplugins_loadedincludes\class-butterbean.php:32
actionbutterbean_registerincludes\class-butterbean.php:33
actionbutterbean_registerincludes\class-butterbean.php:34
filterbutterbean_pre_control_templateincludes\class-butterbean.php:36
actionwp_enqueue_scriptsincludes\class-display.php:32
actionenqueue_embed_scriptsincludes\class-display.php:34
actionadmin_enqueue_scriptsincludes\class-display.php:36
actionembed_headincludes\class-embed.php:32
filterthe_excerpt_embedincludes\class-embed.php:34
actionadmin_initincludes\class-permalinks.php:38
actionadmin_enqueue_scriptsincludes\class-permalinks.php:39
actioninitincludes\class-post-type.php:64
actionmanage_posts_custom_columnincludes\class-post-type.php:65
actiondelete_postincludes\class-post-type.php:66
filterposts_clausesincludes\class-post-type.php:69
filterthe_contentincludes\class-post-type.php:71
filterthe_excerptincludes\class-post-type.php:72
filterpost_thumbnail_htmlincludes\class-post-type.php:73
filterview_mode_post_typesincludes\class-post-type.php:95
actionsave_postincludes\class-post-type.php:127
actionsave_postincludes\class-post-type.php:167
actionedit_form_topincludes\class-post-type.php:178
actioninitincludes\class-restrictions.php:31
actionadmin_menuincludes\class-restrictions.php:32
actionwp_before_admin_bar_renderincludes\class-restrictions.php:33
actionmanage_posts_extra_tablenavincludes\class-restrictions.php:34
actionadmin_enqueue_scriptsincludes\class-settings.php:96
actionadmin_initincludes\class-settings.php:97
actionadmin_menuincludes\class-settings.php:98
filterrstore_product_layout_typeincludes\class-settings.php:104
filterrstore_product_image_sizeincludes\class-settings.php:114
filterrstore_product_button_labelincludes\class-settings.php:124
filterrstore_product_text_cartincludes\class-settings.php:134
filterrstore_product_text_moreincludes\class-settings.php:144
filterrstore_product_show_titleincludes\class-settings.php:154
filterrstore_product_show_contentincludes\class-settings.php:164
filterrstore_product_show_priceincludes\class-settings.php:174
filterrstore_product_redirectincludes\class-settings.php:184
filterrstore_product_content_heightincludes\class-settings.php:195
filterrstore_domain_titleincludes\class-settings.php:212
filterrstore_domain_text_placeholderincludes\class-settings.php:222
filterrstore_domain_text_searchincludes\class-settings.php:232
filterrstore_domain_transfer_titleincludes\class-settings.php:242
filterrstore_domain_transfer_text_placeholderincludes\class-settings.php:252
filterrstore_domain_transfer_text_searchincludes\class-settings.php:262
filterrstore_domain_page_sizeincludes\class-settings.php:272
filterrstore_domain_modalincludes\class-settings.php:282
filterrstore_sync_ttlincludes\class-settings.php:292
filterrstore_api_query_argsincludes\class-settings.php:304
actionadmin_enqueue_scriptsincludes\class-setup.php:71
actionadmin_menuincludes\class-setup.php:72
actioninitincludes\class-sync.php:103
actioninitincludes\class-taxonomy-category.php:51
actioninitincludes\class-taxonomy-tag.php:51
actionwidgets_initincludes\class-widgets.php:49
actioninitincludes\class-widgets.php:52
actionvc_before_initincludes\class-widgets.php:55
filterrstore_is_productincludes\functions\product-functions.php:223
filterrstore_is_widgetincludes\functions\product-functions.php:241
actionadmin_noticesreseller-store.php:29
Maintenance & Trust

Reseller Store Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedMay 28, 2025
PHP min version5.4
Downloads115K

Community Trust

Rating74/100
Number of ratings10
Active installs2K
Alternatives

Reseller Store Alternatives

Hide Posts

Hide Posts

whp-hide-posts

A
100

Allows you to hide any posts on the home page, category page, search page, tags page, authors page, RSS Feed, REST API, XML sitemaps, SEO integrations …

20K No CVEs
WP Dummy Content Generator

WP Dummy Content Generator

wp-dummy-content-generator

A
91

Generate realistic dummy content for WordPress quickly. Ideal for developers and designers to populate sites for testing and development.

7K 5 CVEs
Custom Layouts – Post + Product grids made easy

Custom Layouts – Post + Product grids made easy

custom-layouts

A
98

Build a list or grid layout of any post type (posts, products, pages + more).

4K 2 CVEs
Same Category Posts

Same Category Posts

same-category-posts

A
99

Show posts related to the current category or other custom post types.

3K 1 CVE
MAS Elementor

MAS Elementor

mas-addons-for-elementor

A
99

MAS Elementor is a free plugin. It is the addon for Elementor Plugin

1K 2 CVEs
Developer Profile

Reseller Store Developer Profile

GoDaddy

5 plugins · 364K total installs

90
trust score
Avg Security Score
94/100
Avg Patch Time
13 days
View full developer profile
Detection Fingerprints

How We Detect Reseller Store

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/reseller-store/js/admin-notice.js/wp-content/plugins/reseller-store/js/admin-notice.min.js/wp-content/plugins/reseller-store/js/editor.blocks.min.js/wp-content/plugins/reseller-store/css/blocks-editor.css/wp-content/plugins/reseller-store/css/blocks-editor.min.css
Script Paths
/wp-content/plugins/reseller-store/js/admin-notice.js/wp-content/plugins/reseller-store/js/admin-notice.min.js/wp-content/plugins/reseller-store/js/editor.blocks.min.js
Version Parameters
reseller-store/js/admin-notice.js?ver=reseller-store/js/admin-notice.min.js?ver=reseller-store/js/editor.blocks.min.js?ver=reseller-store/css/blocks-editor.css?ver=reseller-store/css/blocks-editor.min.css?ver=

HTML / DOM Fingerprints

CSS Classes
rstore-productrstore-domainwidget-title
HTML Comments
<!-- GoDaddy Reseller Store admin notices. --><!-- Display Reseller Store admin notices. --><!-- GoDaddy Reseller Store product widget class. --><!-- Handles the Reseller store product widget. -->+2 more
Data Attributes
data-rstore-widget
JS Globals
rstore_admin_notice
Shortcode Output
<div class="widget rstore-product"><div class="widget rstore-domain">
FAQ

Frequently Asked Questions about Reseller Store