Does RomanCart Ecommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in RomanCart Ecommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is RomanCart Ecommerce compatible with WordPress 6.8.5?

According to WordPress.org data, RomanCart Ecommerce 2.0.8 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

How often is RomanCart Ecommerce updated?

RomanCart Ecommerce was last updated on Dec 3, 2025. Frequent updates are generally a positive security signal.

What is RomanCart Ecommerce's security score?

RomanCart Ecommerce has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

RomanCart Ecommerce Security & Risk Analysis

wordpress.org/plugins/romancart-ecommerce

Add Buy Buttons, Widgets or an entire Storefront to your pages and sell products, tickets and digital downloads in minutes.

20 active installs v2.0.8 PHP + WP 1.0.2+ Updated Dec 3, 2025

buy-buttonsecommerce-pluginromancartsell-downloadsshopping-cart

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is RomanCart Ecommerce Safe to Use in 2026?

Generally Safe

Score 100/100

RomanCart Ecommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago

Risk Assessment

The plugin 'romancart-ecommerce' v2.0.8 exhibits a strong security posture based on the provided static analysis. The absence of dangerous functions, raw SQL queries, unescaped output, and file operations is highly commendable. Furthermore, the presence of nonce and capability checks indicates good development practices for securing entry points.

The taint analysis reveals no critical or high-severity flows with unsanitized paths, suggesting that user-supplied data is handled securely and does not pose an immediate risk of injection attacks. The plugin's vulnerability history is also clean, with no recorded CVEs, which implies a stable and potentially well-maintained codebase.

While the static analysis shows excellent adherence to security best practices, the total entry points being 4 shortcodes is a notable aspect. Although they are reported as unprotected (0 without auth checks), it's essential to ensure that the implementation within these shortcodes truly enforces appropriate authorization and sanitization. The overall security is good, but the limited attack surface without specific authorization checks on shortcodes warrants careful consideration and verification during dynamic testing.

Key Concerns

Shortcodes without explicit auth checks

Vulnerabilities

None known

RomanCart Ecommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

RomanCart Ecommerce Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

10 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped10 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

romancart_adminpage (romancart_ecommerce.php:36)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

RomanCart Ecommerce Attack Surface

Entry Points4

Unprotected0

Shortcodes 4

[romancart_storefront] romancart_ecommerce.php:136

[romancart_button] romancart_ecommerce.php:165

[romancart_link] romancart_ecommerce.php:194

[romancart_widget] romancart_ecommerce.php:214

WordPress Hooks 2

actionadmin_menuromancart_ecommerce.php:31

actionwp_enqueue_scriptsromancart_ecommerce.php:227

Maintenance & Trust

RomanCart Ecommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedDec 3, 2025

PHP min version

Downloads5K

Community Trust

Rating100/100

Number of ratings1

Active installs20

Alternatives

RomanCart Ecommerce Alternatives

WooCommerce

woocommerce

Everything you need to launch an online store in days and keep it growing for years. From your first sale to millions in revenue, Woo is with you.

7.0M 43 CVEs

ShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce Solution

shopengine

WooCommerce builder for Elementor and Gutenberg. It offers product templates, product sliders, shopping cart, quick view, Woo wishlist, product filter …

90K 4 CVEs

Menu Cart for WooCommerce

woocommerce-menu-bar-cart

100

Automatically displays a shopping cart in your menu bar. Works with WooCommerce and Easy Digital Downloads (EDD)

80K 1 CVE

Ecwid by Lightspeed Ecommerce Shopping Cart

ecwid-shopping-cart

Powerful, easy to use ecommerce shopping cart for WordPress. Sell on Facebook and Instagram. iPhone & Android apps. Superb support.

20K 13 CVEs

Simple Shopping Cart

wordpress-simple-paypal-shopping-cart

Lightweight, user-friendly plugin to sell products/services on WordPress. Easily add a shopping cart and start accepting orders in minutes.

10K 11 CVEs

Developer Profile

RomanCart Ecommerce Developer Profile

romancartsupport

1 plugin · 20 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect RomanCart Ecommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/romancart-ecommerce/css/rc-style.css

Script Paths

https://remote.romancart.com/display.asp

Version Parameters

romancart-ecommerce/css/rc-style.css?ver=

HTML / DOM Fingerprints

CSS Classes

ROC_SettingsFormROC_cartROC_catnavROC_displayROC_loading_image

Data Attributes

id="ROC_cart"id="ROC_catnav"id="ROC_display"id="ROC_loading_image"name="ROC_SettingsForm"

Shortcode Output

[romancart_button][romancart_link][romancart_storefront][romancart_widget]

FAQ