Does Riaxe Product Customizer have any unpatched vulnerabilities?

Yes — Riaxe Product Customizer currently has 4 unpatched vulnerabilities. We recommend switching to an alternative or applying any available workarounds.

Is Riaxe Product Customizer compatible with WordPress 6.7.5?

According to WordPress.org data, Riaxe Product Customizer 2.1.2 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is Riaxe Product Customizer compatible with PHP 5.6+?

Riaxe Product Customizer requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Riaxe Product Customizer updated?

Riaxe Product Customizer was last updated on Apr 2, 2025. Frequent updates are generally a positive security signal.

What is Riaxe Product Customizer's security score?

Riaxe Product Customizer has a WP-Safety security score of 23/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Riaxe Product Customizer Security & Risk Analysis

wordpress.org/plugins/riaxe-product-customizer

This Plugin allows the customization of printable products with custom pricing and custom options.

10 active installs v2.1.2 PHP 5.6+ WP 4.4+ Updated Apr 2, 2025

customizerdesignerwoocommerce

F · Critical Risk

CVEs total4

Unpatched4

Last CVEApr 15, 2026

Plugin page Download

Safety Verdict

Is Riaxe Product Customizer Safe to Use in 2026?

Critical Risk — Avoid

Score 23/100

Riaxe Product Customizer is critically unsafe with 4 known CVEs, 4 still unpatched. Avoid in production.

4 known CVEs 4 unpatched Last CVE: Apr 15, 2026Updated 1yr ago

Risk Assessment

The riaxe-product-customizer v2.1.2 plugin exhibits a severely insecure security posture due to a massive number of unprotected entry points. All 77 identified entry points, including AJAX handlers and REST API routes, lack any form of authentication or permission checks. This directly exposes the plugin's functionality to unauthenticated users, creating a significant risk of unauthorized access and potential manipulation of product customization features. While the code shows some positive signs with a high percentage of prepared SQL statements and properly escaped outputs, these strengths are overshadowed by the fundamental lack of access control across its entire attack surface. The absence of any known vulnerability history is a positive indicator of past development, but it does not mitigate the current, critical security flaws identified in the static analysis. The taint analysis further highlights critical vulnerabilities with unsanitized paths, indicating potential for file inclusion or command injection if these flows are exploited.

In conclusion, despite some good coding practices observed in SQL and output handling, the riaxe-product-customizer v2.1.2 plugin is highly vulnerable due to its completely exposed attack surface and the presence of critical unsanitized data flows. The lack of any authentication on numerous entry points is a critical design flaw. While the plugin has a clean vulnerability history, this analysis reveals immediate and severe risks that require urgent attention. Recommendations would focus on implementing robust authentication and authorization checks for all AJAX handlers and REST API routes, and thoroughly sanitizing all inputs identified in the taint analysis.

Key Concerns

All AJAX handlers lack authentication checks
All REST API routes lack permission callbacks
Taint analysis: 2 high severity unsanitized flows
Taint analysis: 4 total unsanitized path flows
No nonce checks on any entry points
No capability checks on any entry points

Vulnerabilities

Riaxe Product Customizer Security Vulnerabilities

CVEs by Year

4 CVEs in 2026 · unpatched

2026

Patched Has unpatched

Severity Breakdown

Critical

High

Medium

4 total CVEs

CVE-2026-3599high · 7.5Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Riaxe Product Customizer <= 2.1.2 - Unauthenticated SQL Injection via 'options' Parameter Keys in product_data

Apr 15, 2026Unpatched

CVE-2026-3595medium · 5.3Missing Authorization

Riaxe Product Customizer <= 2.1.2 - Unauthenticated Arbitrary User Deletion via 'user_id' Parameter

Apr 15, 2026Unpatched

CVE-2026-3596critical · 9.8Missing Authorization

Riaxe Product Customizer <= 2.1.2 - Missing Authorization to Unauthenticated Arbitrary Options Update to Privilege Escalation via 'install-imprint' AJAX Action

Apr 15, 2026Unpatched

CVE-2026-3594medium · 5.3Exposure of Sensitive Information to an Unauthorized Actor

Riaxe Product Customizer <= 2.4 - Unauthenticated Sensitive Information Disclosure via '/orders' REST API Endpoint

Apr 7, 2026Unpatched

Version History

Riaxe Product Customizer Release Timeline

No version history available.

Code Analysis

Analyzed Mar 17, 2026

Riaxe Product Customizer Code Analysis

Dangerous Functions

Raw SQL Queries

55 prepared

Unescaped Output

49 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

92% prepared60 total queries

Output Escaping

88% escaped56 total outputs

Data Flows

4 unsanitized

Data Flow Analysis

5 flows4 with unsanitized paths

ink_pd_register_scripts_and_styles (riaxe-product-designer.php:481)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

77 unprotected

Riaxe Product Customizer Attack Surface

Entry Points77

Unprotected77

AJAX Handlers 3

authwp_ajax_install-imprintriaxe-product-designer.php:182

noprivwp_ajax_install-imprintriaxe-product-designer.php:183

authwp_ajax_admin_load_thumbnailsriaxe-product-designer.php:268

REST API Routes 74

GET/wp-json/InkXEProductDesignerLite/ordersriaxe-product-designer.php:2802

GET/wp-json/InkXEProductDesignerLite/ordersriaxe-product-designer.php:2813

GET/wp-json/InkXEProductDesignerLite/product_details_with_variationsriaxe-product-designer.php:2824

GET/wp-json/InkXEProductDesignerLite/productsriaxe-product-designer.php:2835

GET/wp-json/InkXEProductDesignerLite/optionsriaxe-product-designer.php:2846

GET/wp-json/InkXEProductDesignerLite/product/attributesriaxe-product-designer.php:2858

GET/wp-json/InkXEProductDesignerLite/product/countriaxe-product-designer.php:2870

GET/wp-json/InkXEProductDesignerLite/categories/productsriaxe-product-designer.php:2881

GET/wp-json/InkXEProductDesignerLite/pathriaxe-product-designer.php:2892

GET/wp-json/InkXEProductDesignerLite/product/imagesriaxe-product-designer.php:2901

GET/wp-json/InkXEProductDesignerLite/attributesriaxe-product-designer.php:2913

GET/wp-json/InkXEProductDesignerLite/customer/multiple_shipping_addressriaxe-product-designer.php:2923

GET/wp-json/InkXEProductDesignerLite/customer/delete_shipping_addressriaxe-product-designer.php:2934

POST/wp-json/InkXEProductDesignerLite/customer/update_shipping_addressriaxe-product-designer.php:2945

POST/wp-json/InkXEProductDesignerLite/customer/create_shipping_addressriaxe-product-designer.php:2957

POST/wp-json/InkXEProductDesignerLite/customer/create_customerriaxe-product-designer.php:2969

POST/wp-json/InkXEProductDesignerLite/customer/update_customerriaxe-product-designer.php:2981

POST/wp-json/InkXEProductDesignerLite/customer/delete_customerriaxe-product-designer.php:2993

get/wp-json/InkXEProductDesignerLite/get_countriesriaxe-product-designer.php:3005

get/wp-json/InkXEProductDesignerLite/get_statesriaxe-product-designer.php:3015

get/wp-json/InkXEProductDesignerLite/customer/get_country_nameriaxe-product-designer.php:3026

get/wp-json/InkXEProductDesignerLite/customer/get_state_nameriaxe-product-designer.php:3037

get/wp-json/InkXEProductDesignerLite/customer_countriaxe-product-designer.php:3048

GET/wp-json/InkXEProductDesignerLite/order_shipping_addressriaxe-product-designer.php:3059

GET/wp-json/InkXEProductDesignerLite/store_order_statusesriaxe-product-designer.php:3070

GET/wp-json/InkXEProductDesignerLite/customer/multiple_shipping_addressriaxe-product-designer.php:3081

GET/wp-json/InkXEProductDesignerLite/customer/delete_shipping_addressriaxe-product-designer.php:3092

POST/wp-json/InkXEProductDesignerLite/customer/update_shipping_addressriaxe-product-designer.php:3103

POST/wp-json/InkXEProductDesignerLite/customer/create_shipping_addressriaxe-product-designer.php:3115

POST/wp-json/InkXEProductDesignerLite/customer/create_customerriaxe-product-designer.php:3126

POST/wp-json/InkXEProductDesignerLite/customer/update_customerriaxe-product-designer.php:3138

POST/wp-json/InkXEProductDesignerLite/customer/delete_customerriaxe-product-designer.php:3150

get/wp-json/InkXEProductDesignerLite/get_countriesriaxe-product-designer.php:3162

get/wp-json/InkXEProductDesignerLite/get_statesriaxe-product-designer.php:3173

get/wp-json/InkXEProductDesignerLite/customer/get_country_nameriaxe-product-designer.php:3185

get/wp-json/InkXEProductDesignerLite/customer/get_state_nameriaxe-product-designer.php:3197

POST/wp-json/InkXEProductDesignerLite/orders/archiveriaxe-product-designer.php:3208

GET/wp-json/InkXEProductDesignerLite/customersriaxe-product-designer.php:3218

GET/wp-json/InkXEProductDesignerLite/country_state_nameriaxe-product-designer.php:3230

GET/wp-json/InkXEProductDesignerLite/customer_detailsriaxe-product-designer.php:3241

GET/wp-json/InkXEProductDesignerLite/products_categoriesriaxe-product-designer.php:3252

GET/wp-json/InkXEProductDesignerLite/products/attributesriaxe-product-designer.php:3264

GET/wp-json/InkXEProductDesignerLite/products/attributes/termsriaxe-product-designer.php:3276

POST/wp-json/InkXEProductDesignerLite/products/attributes/createriaxe-product-designer.php:3288

GET/wp-json/InkXEProductDesignerLite/order_detailsriaxe-product-designer.php:3299

GET/wp-json/InkXEProductDesignerLite/order_item_detailsriaxe-product-designer.php:3310

GET/wp-json/InkXEProductDesignerLite/multi_storeriaxe-product-designer.php:3321

GET/wp-json/InkXEProductDesignerLite/product-detailsriaxe-product-designer.php:3332

GET/wp-json/InkXEProductDesignerLite/product-variantsriaxe-product-designer.php:3344

GET/wp-json/InkXEProductDesignerLite/product-categoriesriaxe-product-designer.php:3356

POST/wp-json/InkXEProductDesignerLite/products-save-tierriaxe-product-designer.php:3369

GET/wp-json/InkXEProductDesignerLite/product-get-tierriaxe-product-designer.php:3380

GET/wp-json/InkXEProductDesignerLite/product-descriptionriaxe-product-designer.php:3390

GET/wp-json/InkXEProductDesignerLite/products-remove-categoriesriaxe-product-designer.php:3400

POST/wp-json/InkXEProductDesignerLite/create-product-catagoriesriaxe-product-designer.php:3410

GET/wp-json/InkXEProductDesignerLite/categories-subcategoriesriaxe-product-designer.php:3420

POST/wp-json/InkXEProductDesignerLite/check-create-attributeriaxe-product-designer.php:3430

POST/wp-json/InkXEProductDesignerLite/create-new-attributeriaxe-product-designer.php:3440

POST/wp-json/InkXEProductDesignerLite/create-attributeriaxe-product-designer.php:3450

GET/wp-json/InkXEProductDesignerLite/single-customerriaxe-product-designer.php:3460

GET/wp-json/InkXEProductDesignerLite/total-user-countriaxe-product-designer.php:3470

GET/wp-json/InkXEProductDesignerLite/customer-idriaxe-product-designer.php:3480

GET/wp-json/InkXEProductDesignerLite/quote-customer-detailsriaxe-product-designer.php:3490

GET/wp-json/InkXEProductDesignerLite/attributes-termsriaxe-product-designer.php:3500

POST/wp-json/InkXEProductDesignerLite/variants-combinationriaxe-product-designer.php:3510

GET/wp-json/InkXEProductDesignerLite/order-logriaxe-product-designer.php:3523

POST/wp-json/InkXEProductDesignerLite/update-order-statusriaxe-product-designer.php:3533

GET/wp-json/InkXEProductDesignerLite/customer-addressriaxe-product-designer.php:3543

POST/wp-json/InkXEProductDesignerLite/create-orderriaxe-product-designer.php:3553

GET/wp-json/InkXEProductDesignerLite/line-item-detailsriaxe-product-designer.php:3563

POST/wp-json/InkXEProductDesignerLite/add-item-to-cartriaxe-product-designer.php:3576

GET/wp-json/InkXEProductDesignerLite/cusomize-enabledriaxe-product-designer.php:3589

GET/wp-json/InkXEProductDesignerLite/product-optionsriaxe-product-designer.php:3603

GET/wp-json/InkXEProductDesignerLite/product-imagesriaxe-product-designer.php:3618

WordPress Hooks 30

actionplugins_loadedriaxe-product-designer.php:178

actionrest_api_initriaxe-product-designer.php:180

actionactivated_pluginriaxe-product-designer.php:184

actionwoocommerce_initriaxe-product-designer.php:185

actionadmin_enqueue_scriptsriaxe-product-designer.php:267

actionwoocommerce_process_product_metariaxe-product-designer.php:269

actionadmin_initriaxe-product-designer.php:270

actionwoocommerce_product_options_general_product_datariaxe-product-designer.php:271

actionwoocommerce_order_item_add_action_buttonsriaxe-product-designer.php:272

actionadmin_menuriaxe-product-designer.php:273

actionwp_enqueue_scriptsriaxe-product-designer.php:275

actionwoocommerce_add_order_item_metariaxe-product-designer.php:276

actionwoocommerce_before_calculate_totalsriaxe-product-designer.php:277

actionwoocommerce_after_add_to_cart_buttonriaxe-product-designer.php:278

actionwoocommerce_before_add_to_cart_quantityriaxe-product-designer.php:279

actionwoocommerce_after_add_to_cart_quantityriaxe-product-designer.php:280

actiontemplate_redirectriaxe-product-designer.php:281

filterwoocommerce_available_variationriaxe-product-designer.php:282

filterwoocommerce_thankyouriaxe-product-designer.php:283

filterwoocommerce_add_cart_item_datariaxe-product-designer.php:284

filterwoocommerce_get_item_datariaxe-product-designer.php:285

filterwoocommerce_cart_item_thumbnailriaxe-product-designer.php:286

filterwoocommerce_cart_item_nameriaxe-product-designer.php:287

filterwoocommerce_cart_item_quantityriaxe-product-designer.php:288

filterwc_get_template_partriaxe-product-designer.php:289

filterwoocommerce_get_item_datariaxe-product-designer.php:290

filterwp_is_application_passwords_availableriaxe-product-designer.php:292

actionbefore_woocommerce_initriaxe-product-designer.php:295

filtermanage_media_columnsriaxe-product-designer.php:379

actionmanage_media_custom_columnriaxe-product-designer.php:380

Maintenance & Trust

Riaxe Product Customizer Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedApr 2, 2025

PHP min version5.6

Downloads2K

Community Trust

Rating74/100

Number of ratings3

Active installs10

Alternatives

Riaxe Product Customizer Alternatives

Checkout Field Editor for WooCommerce – Checkout Manager

checkout-field-editor-and-manager-for-woocommerce

100

WooCommerce checkout field editor and manager helps to manage checkout fields in WooCommerce

20K No CVEs

Email Templates Customizer and Designer for WordPress and WooCommerce

email-templates

Design and send custom emails with Email Templates plugin for WordPress and WooCommerce

20K 2 CVEs

Email Customizer for WooCommerce | Drag and Drop Email Templates Builder

email-customizer-for-woocommerce

WooCommerce Email Customizer plugin lets you customize transactional emails using a template builder, adding text, images & more to match your brand

10K 2 CVEs

PickPlugins Product Designer for WooCommerce

product-designer

Ready product designer plugin for WooCommerce

600 3 CVEs

Custom Product Builder for WooCommerce – Product Designer and Customizer

custom-product-builder-for-woocommerce

100

The WooCommerce product designer plugin trusted by 200+ stores. Let customers design custom t-shirts, mugs, phone cases, jewelry and more with an intu …

300 No CVEs

Developer Profile

Riaxe Product Customizer Developer Profile

imprintnext

1 plugin · 10 total installs

trust score

Avg Security Score

23/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Riaxe Product Customizer

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/riaxe-product-customizer/assets/css/style.css/wp-content/plugins/riaxe-product-customizer/assets/js/customizer.js/wp-content/plugins/riaxe-product-customizer/assets/js/frontend.js/wp-content/plugins/riaxe-product-customizer/assets/js/admin-script.js/wp-content/plugins/riaxe-product-customizer/assets/js/custom_script.js

Script Paths

/wp-content/plugins/riaxe-product-customizer/assets/js/customizer.js/wp-content/plugins/riaxe-product-customizer/assets/js/frontend.js/wp-content/plugins/riaxe-product-customizer/assets/js/admin-script.js/wp-content/plugins/riaxe-product-customizer/assets/js/custom_script.js

Version Parameters

riaxe-product-customizer/assets/css/style.css?ver=riaxe-product-customizer/assets/js/customizer.js?ver=riaxe-product-customizer/assets/js/frontend.js?ver=riaxe-product-customizer/assets/js/admin-script.js?ver=riaxe-product-customizer/assets/js/custom_script.js?ver=

HTML / DOM Fingerprints

CSS Classes

inkxe-customizerinkxe_customize_wrapinkxe-product-designer-lite

HTML Comments

Data Attributes

data-product-iddata-customizer-url

JS Globals

InkxeProductDesignerriaxe_product_customizer_params

REST Endpoints

/wp-json/riaxe-product-customizer/v1/get_products/wp-json/riaxe-product-customizer/v1/save_design/wp-json/riaxe-product-customizer/v1/get_design

Shortcode Output

[riaxe_product_customizer]

FAQ

Riaxe Product Customizer Security & Risk Analysis

Is Riaxe Product Customizer Safe to Use in 2026?

Critical Risk — Avoid

Key Concerns

Riaxe Product Customizer Security Vulnerabilities

CVEs by Year

Severity Breakdown

Riaxe Product Customizer Release Timeline

Riaxe Product Customizer Code Analysis

SQL Query Safety

Output Escaping

Data Flow Analysis

Riaxe Product Customizer Attack Surface

AJAX Handlers 3

REST API Routes 74

Riaxe Product Customizer Maintenance & Trust

Maintenance Signals

Community Trust

Riaxe Product Customizer Alternatives

Checkout Field Editor for WooCommerce – Checkout Manager

Email Templates Customizer and Designer for WordPress and WooCommerce

Email Customizer for WooCommerce | Drag and Drop Email Templates Builder

PickPlugins Product Designer for WooCommerce

Custom Product Builder for WooCommerce – Product Designer and Customizer

Riaxe Product Customizer Developer Profile

How We Detect Riaxe Product Customizer

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Riaxe Product Customizer