WP-Safety

Live Sales Notification (Recent Sales Popups) Security & Risk Analysis

wordpress.org/plugins/sales-pop

Beautiful live sales popups to feed recent orders to visitors. Best social proof to motivate customers to purchase and build brand trust.

400 active installs v1.4.18 PHP 5.6+ WP 4.4+ Updated Dec 19, 2019
ecommercelive-sales-feedpopuprecent-sales-notificationwoocommerce
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Live Sales Notification (Recent Sales Popups) Safe to Use in 2026?

Generally Safe

Score 85/100

Live Sales Notification (Recent Sales Popups) has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago
Risk Assessment

The sales-pop plugin version 1.4.18 exhibits a concerning security posture primarily due to a significant lack of security checks on its entry points. The static analysis reveals a single AJAX handler that lacks any authentication checks, presenting a direct attack vector. Furthermore, the absence of nonce checks and capability checks across the plugin indicates a systemic weakness in protecting sensitive operations from unauthorized access. The presence of the `unserialize` function, a known source of deserialization vulnerabilities, also raises a red flag, although no specific exploitable flows were identified in the taint analysis. Despite a clean vulnerability history with no recorded CVEs, this does not negate the inherent risks introduced by the weak coding practices identified. The plugin's strengths lie in its adherence to prepared statements for a majority of its SQL queries and a relatively high percentage of properly escaped outputs. However, these positive aspects are overshadowed by the critical lack of security on its attack surface, making it vulnerable to potential exploits if an attacker can leverage the unprotected AJAX endpoint.

Key Concerns

  • AJAX handler without authentication
  • Missing nonce checks
  • Missing capability checks
  • Dangerous function: unserialize
Vulnerabilities
None known

Live Sales Notification (Recent Sales Popups) Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Live Sales Notification (Recent Sales Popups) Release Timeline

v1.4.18Current
v1.4.17
v1.4.16
v1.4.15
v1.4.14
v1.4.13
v1.4.11
v1.4.9
v1.4.8
v1.4.7
v1.4.6
v1.4.5
v1.4.4
v1.4.3
v1.4.2
v1.4.1
v1.4.0
v1.3.3
v1.3.2
v1.3.1
Code Analysis
Analyzed Mar 16, 2026

Live Sales Notification (Recent Sales Popups) Code Analysis

Dangerous Functions
5
Raw SQL Queries
14
21 prepared
Unescaped Output
5
12 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Dangerous Functions Found

unserialize$image = unserialize($image);src\Platforms\WooCommerce\Data\CartManager.php:157
unserialize$sm_cloud = ($isUseGCS && isset($imageConverted['sm_cloud'])) ? unserialize($imageConverted['sm_clousrc\Platforms\WooCommerce\Data\CollectionManager.php:191
unserialize$image = unserialize($image);src\Platforms\WooCommerce\Data\CollectionManager.php:195
unserialize$sm_cloud = ($isUseGCS && isset($imageConverted['sm_cloud'])) ? unserialize($imageConverted['sm_clousrc\Platforms\WooCommerce\Data\ProductManager.php:564
unserialize$image = unserialize($image);src\Platforms\WooCommerce\Data\ProductManager.php:568

SQL Query Safety

60% prepared35 total queries

Output Escaping

71% escaped17 total outputs
Attack Surface
1 unprotected

Live Sales Notification (Recent Sales Popups) Attack Surface

Entry Points1
Unprotected1

AJAX Handlers 1

authwp_ajax_beeketingwoocommerce_verify_account_callbacksrc\Platforms\WooCommerce\Plugin\Handler.php:67
WordPress Hooks 32
filterwoocommerce_add_to_cart_fragmentssrc\Platforms\WooCommerce\Data\CartManager.php:34
actionwoocommerce_cart_loaded_from_sessionsrc\Platforms\WooCommerce\Plugin\Handler.php:85
actionwp_loadedsrc\Platforms\WooCommerce\Plugin\Handler.php:87
actionadmin_menusrc\Platforms\WooCommerce\Plugin\Hooks.php:46
actioncurrent_screensrc\Platforms\WooCommerce\Plugin\Hooks.php:83
actionadmin_noticessrc\Platforms\WooCommerce\Plugin\Hooks.php:134
actionadmin_noticessrc\Platforms\WooCommerce\Plugin\Hooks.php:147
actionwp_dashboard_setupsrc\Platforms\WooCommerce\Plugin\Hooks.php:158
filterwoocommerce_update_options_generalsrc\Platforms\WooCommerce\Plugin\Hooks.php:300
actionupdated_optionsrc\Platforms\WooCommerce\Plugin\Hooks.php:301
actioncreated_termsrc\Platforms\WooCommerce\Plugin\Hooks.php:304
actionedited_termsrc\Platforms\WooCommerce\Plugin\Hooks.php:305
actiondelete_termsrc\Platforms\WooCommerce\Plugin\Hooks.php:306
actionuser_registersrc\Platforms\WooCommerce\Plugin\Hooks.php:309
actionprofile_updatesrc\Platforms\WooCommerce\Plugin\Hooks.php:310
actiondelete_usersrc\Platforms\WooCommerce\Plugin\Hooks.php:311
actionwoocommerce_thankyousrc\Platforms\WooCommerce\Plugin\Hooks.php:315
actionwoocommerce_checkout_update_order_metasrc\Platforms\WooCommerce\Plugin\Hooks.php:317
actionwoocommerce_process_shop_order_metasrc\Platforms\WooCommerce\Plugin\Hooks.php:321
actionsave_postsrc\Platforms\WooCommerce\Plugin\Hooks.php:324
actionwoocommerce_ajax_save_product_variationssrc\Platforms\WooCommerce\Plugin\Hooks.php:325
actiontrash_productsrc\Platforms\WooCommerce\Plugin\Hooks.php:326
actionuntrashed_postsrc\Platforms\WooCommerce\Plugin\Hooks.php:327
actionwoocommerce_initsrc\Platforms\WooCommerce\Plugin\Hooks.php:330
filterwp_die_ajax_handlersrc\Platforms\WooCommerce\Plugin\Hooks.php:346
actionwp_footersrc\Platforms\WooCommerce\Plugin\Hooks.php:379
actionactivated_pluginsrc\Platforms\WooCommerce\Plugin\Loader.php:202
actioninitsrc\Platforms\WooCommerce\Plugin\Loader.php:213
actionplugins_loadedsrc\Platforms\WooCommerce\Plugin\Loader.php:222
actionadmin_initsrc\Platforms\WooCommerce\Plugin\Loader.php:223
filterplugin_row_metasrc\Platforms\WooCommerce\Plugin\SalesPop\SalesPopHooks.php:14
filterplugin_action_linkssrc\Platforms\WooCommerce\Plugin\SalesPop\SalesPopHooks.php:16
Maintenance & Trust

Live Sales Notification (Recent Sales Popups) Maintenance & Trust

Maintenance Signals

WordPress version tested5.3.21
Last updatedDec 19, 2019
PHP min version5.6
Downloads145K

Community Trust

Rating98/100
Number of ratings304
Active installs400
Alternatives

Live Sales Notification (Recent Sales Popups) Alternatives

PiWeb Live sales notification for WooCommerce

PiWeb Live sales notification for WooCommerce

live-sales-notifications-for-woocommerce

B
73

Fake sales alert for WooCommerce or Live sales notification for WooCommerce. Boost sales by encouraging your visitors to buy when they see your live n …

60K 1 unpatched
WP Live Social-Proof

WP Live Social-Proof

wp-real-time-social-proof

A
100

The best animated, live, social-proof plugin for WooCommerce, Easy Digital Downloads or webinars and subscriptions to compel buyer action.

100 No CVEs
Automatic Lead Generator for WooCommerce

Automatic Lead Generator for WooCommerce

coupon-pop-for-wp

A
92

Automatic Lead Generator plugin increasing your visitors' engagement and conversion rate from day one!

50 No CVEs
Live Sales Notification

Live Sales Notification

live-sales-notification

A
85

Live sales notification from woocommerce live-data/demo data with javascript library. This plugin illustrate a beautiful pop-up view to the users, wh …

10 No CVEs
Live Sales Notifier for WooCommerce

Live Sales Notifier for WooCommerce

wp-sales-notifier

A
85

Automatically display recent woocommerce sales to boost your sales on your online store as social proof.

10 No CVEs
Developer Profile

Live Sales Notification (Recent Sales Popups) Developer Profile

Beeketing

2 plugins · 1K total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Live Sales Notification (Recent Sales Popups)

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/sales-pop/assets/css/sales-pop.css/wp-content/plugins/sales-pop/assets/js/sales-pop.js/wp-content/plugins/sales-pop/assets/css/sales-pop-admin.css/wp-content/plugins/sales-pop/assets/js/sales-pop-admin.js/wp-content/plugins/sales-pop/assets/js/sales-pop-checkout.js/wp-content/plugins/sales-pop/assets/js/sales-pop-cart.js
Script Paths
sales_pop.js
Version Parameters
sales-pop/assets/css/sales-pop.css?ver=sales-pop/assets/js/sales-pop.js?ver=sales-pop/assets/css/sales-pop-admin.css?ver=sales-pop/assets/js/sales-pop-admin.js?ver=sales-pop/assets/js/sales-pop-checkout.js?ver=sales-pop/assets/js/sales-pop-cart.js?ver=

HTML / DOM Fingerprints

CSS Classes
sales-pop-popupsales-pop-noticesales-pop-widget
HTML Comments
<!-- Beeketing for WooCommerce Widget --><!-- Beeketing: Sales Pop Checkout --><!-- Beeketing: Sales Pop Cart --><!-- Beeketing: Sales Pop Plugin -->
Data Attributes
data-sales-pop-iddata-sales-pop-urldata-sales-pop-optionsdata-sales-pop-widget-id
JS Globals
salesPopConfig BeeketingSalesPopsalesPopCheckout
REST Endpoints
/wp-json/sales-pop/v1/settings/wp-json/sales-pop/v1/sales
Shortcode Output
[sales_pop_display_latest_sales][sales_pop_recent_purchase][sales_pop_message]
FAQ

Frequently Asked Questions about Live Sales Notification (Recent Sales Popups)