Salsify Sync – Salsify product data to WooCommerce with real-time updates and field mapping Security & Risk Analysis

Seamlessly sync Salsify products to WooCommerce. Save time, reduce errors, and keep your store updated automatically with Salsi Sync.

0 active installs v1.2 PHP + WP 6.4+ Updated Sep 18, 2025

api-integrationproductssalsifysyncwoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Salsify Sync – Salsify product data to WooCommerce with real-time updates and field mapping Safe to Use in 2026?

Generally Safe

Score 100/100

Salsify Sync – Salsify product data to WooCommerce with real-time updates and field mapping has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6mo ago

Risk Assessment

The salsisync v1.2 plugin exhibits a generally strong security posture with a notable absence of critical vulnerabilities in its history and code analysis. The plugin correctly utilizes prepared statements for all SQL queries and has a high percentage of properly escaped output, indicating good practices in preventing common web vulnerabilities like SQL injection and cross-site scripting. The lack of known CVEs and bundled libraries is also a positive sign.

However, there are specific areas of concern that warrant attention. The presence of 32 AJAX handlers, with 2 of them lacking authentication checks, presents a significant attack surface. This means these two endpoints could potentially be exploited by unauthenticated users, leading to unintended actions or information disclosure, depending on their functionality. While taint analysis shows no unsanitized flows, the unsupervised AJAX endpoints represent a direct risk that needs to be mitigated.

In conclusion, salsisync v1.2 is largely well-secured, especially in its handling of database interactions and output. The primary weakness lies in the exposed AJAX handlers. Addressing these unprotected entry points should be the immediate priority to further harden the plugin's security.

Key Concerns

Unprotected AJAX handlers

Vulnerabilities

None known

Salsify Sync – Salsify product data to WooCommerce with real-time updates and field mapping Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Salsify Sync – Salsify product data to WooCommerce with real-time updates and field mapping Code Analysis

Dangerous Functions

Raw SQL Queries

10 prepared

Unescaped Output

163 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared10 total queries

Output Escaping

88% escaped185 total outputs

Data Flows

All sanitized

Data Flow Analysis

7 flows

salsisync_check_updated_product_from_salsify_api (inc\classes\class-settings-tab-sync-check-for-update.php:74)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

Salsify Sync – Salsify product data to WooCommerce with real-time updates and field mapping Attack Surface

Entry Points32

Unprotected2

AJAX Handlers 32

noprivwp_ajax_salsisync_dismiss_success_noticeinc\classes\class-settings-tab-general.php:80

authwp_ajax_salsisync_dismiss_success_noticeinc\classes\class-settings-tab-general.php:81

noprivwp_ajax_salsisync_ajax_verify_salsify_api_credentialsinc\classes\class-settings-tab-general.php:87

authwp_ajax_salsisync_ajax_verify_salsify_api_credentialsinc\classes\class-settings-tab-general.php:88

noprivwp_ajax_salsisync_ajax_fetch_all_productsinc\classes\class-settings-tab-general.php:89

authwp_ajax_salsisync_ajax_fetch_all_productsinc\classes\class-settings-tab-general.php:90

noprivwp_ajax_salsisync_map_keys_from_all_productsinc\classes\class-settings-tab-general.php:91

authwp_ajax_salsisync_map_keys_from_all_productsinc\classes\class-settings-tab-general.php:92

noprivwp_ajax_salsisync_check_updated_product_from_salsify_apiinc\classes\class-settings-tab-sync-check-for-update.php:59

authwp_ajax_salsisync_check_updated_product_from_salsify_apiinc\classes\class-settings-tab-sync-check-for-update.php:60

noprivwp_ajax_salsisync_count_products_for_insertinc\classes\class-settings-tab-sync-product-sync-for-insert.php:59

authwp_ajax_salsisync_count_products_for_insertinc\classes\class-settings-tab-sync-product-sync-for-insert.php:60

noprivwp_ajax_salsisync_sync_insert_productinc\classes\class-settings-tab-sync-product-sync-for-insert.php:62

authwp_ajax_salsisync_sync_insert_productinc\classes\class-settings-tab-sync-product-sync-for-insert.php:63

noprivwp_ajax_salsisync_count_products_for_updateinc\classes\class-settings-tab-sync-product-sync-for-update.php:59

authwp_ajax_salsisync_count_products_for_updateinc\classes\class-settings-tab-sync-product-sync-for-update.php:60

noprivwp_ajax_salsisync_sync_update_productinc\classes\class-settings-tab-sync-product-sync-for-update.php:62

authwp_ajax_salsisync_sync_update_productinc\classes\class-settings-tab-sync-product-sync-for-update.php:63

noprivwp_ajax_salsisync_get_product_data_countinc\classes\class-settings-tab-sync.php:163

authwp_ajax_salsisync_get_product_data_countinc\classes\class-settings-tab-sync.php:164

noprivwp_ajax_salsisync_insert_data_iteminc\classes\class-settings-tab-sync.php:169

authwp_ajax_salsisync_insert_data_iteminc\classes\class-settings-tab-sync.php:170

noprivwp_ajax_salsisync_test_insert_data_iteminc\classes\class-settings-tab-sync.php:174

authwp_ajax_salsisync_test_insert_data_iteminc\classes\class-settings-tab-sync.php:175

noprivwp_ajax_salsisync_update_test_data_insert_statusinc\classes\class-settings-tab-sync.php:179

authwp_ajax_salsisync_update_test_data_insert_statusinc\classes\class-settings-tab-sync.php:180

noprivwp_ajax_salsisync_set_ajax_running_statusinc\classes\class-settings-tab-sync.php:185

authwp_ajax_salsisync_set_ajax_running_statusinc\classes\class-settings-tab-sync.php:186

noprivwp_ajax_salsisync__reset_custom_data_mapping_valueinc\classes\class-settings-tab-sync.php:190

authwp_ajax_salsisync__reset_custom_data_mapping_valueinc\classes\class-settings-tab-sync.php:191

noprivwp_ajax_salsisync__fetch_and_show_log_datainc\classes\class-settings-tab-sync.php:196

authwp_ajax_salsisync__fetch_and_show_log_datainc\classes\class-settings-tab-sync.php:197

WordPress Hooks 24

actionadmin_noticesinc\classes\class-activator.php:72

actionadmin_enqueue_scriptsinc\classes\class-admin.php:61

actionadmin_enqueue_scriptsinc\classes\class-admin.php:62

actionadmin_enqueue_scriptsinc\classes\class-admin.php:63

filterplugin_row_metainc\classes\class-admin.php:64

actioninitinc\classes\class-blocks.php:39

filterblock_categories_allinc\classes\class-blocks.php:40

actionadmin_noticesinc\classes\class-dependency.php:22

actionwp_enqueue_scriptsinc\classes\class-front.php:62

actionwp_enqueue_scriptsinc\classes\class-front.php:63

actionenqueue_block_assetsinc\classes\class-front.php:65

filterscript_loader_taginc\classes\class-front.php:66

filtershould_load_separate_core_block_assetsinc\classes\class-front.php:67

actionplugins_loadedinc\classes\class-i18.php:51

actionadmin_menuinc\classes\class-options.php:62

actionadmin_enqueue_scriptsinc\classes\class-options.php:63

filterwoocommerce_product_data_tabsinc\classes\class-options.php:77

actionwoocommerce_product_data_panelsinc\classes\class-options.php:78

actionadmin_initinc\classes\class-settings-tab-data.php:113

actionadmin_initinc\classes\class-settings-tab-general.php:76

actionadmin_initinc\classes\class-settings-tab-general.php:82

actionadmin_initinc\classes\class-settings-tab-help.php:53

actionadmin_initinc\classes\class-settings-tab-template.php:62

filtertemplate_includeinc\classes\class-settings-tab-template.php:69

Maintenance & Trust

Salsify Sync – Salsify product data to WooCommerce with real-time updates and field mapping Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedSep 18, 2025

PHP min version

Downloads742

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Salsify Sync – Salsify product data to WooCommerce with real-time updates and field mapping Alternatives

Unica Woo Affiliate

unica-woo-affiliate-1

Automatically import external/affiliate products from Unica.vn into your WooCommerce store. Keep your affiliate catalog updated with ease.

0 No CVEs

MIPL Multistore Sync for WooCommerce. Sync Products, Stock and Orders.

mipl-wc-multisite-sync

Synchronize products, stock, orders, customers, coupons and reviews seamlessly across multiple WooCommerce stores.

200 1 CVE

Syncio — Multistore Product & Inventory Sync For WooCommerce

syncio-multistore-product-inventory-sync-for-woocommerce

100

Real-time sync inventory and products across multiple WooCommerce and Shopify stores.

100 No CVEs

Channel3 for WooCommerce

channel3-for-woocommerce

100

Sync your WooCommerce product catalog to Channel3.

0 No CVEs

CodingMall Product Relay for WooCommerce

codingmall-product-relay-for-woocommerce

100

Sync WooCommerce products, prices, and stock between multiple stores via the REST API.

0 No CVEs

Developer Profile

Salsify Sync – Salsify product data to WooCommerce with real-time updates and field mapping Developer Profile

MULTIDOTS Inc

7 plugins · 210 total installs

trust score

Avg Security Score

99/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Salsify Sync – Salsify product data to WooCommerce with real-time updates and field mapping

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/salsisync/assets/build/admin.css/wp-content/plugins/salsisync/dist/js/ajax-insert-data.js/wp-content/plugins/salsisync/assets/build/admin.js/wp-content/plugins/salsisync/assets/build/main.css

Script Paths

/wp-content/plugins/salsisync/assets/build/admin.js/wp-content/plugins/salsisync/dist/js/ajax-insert-data.js

Version Parameters

salsisync/assets/build/admin.css?ver=salsisync/dist/js/ajax-insert-data.js?ver=salsisync/assets/build/admin.js?ver=salsisync-front/assets/build/main.css?ver=

HTML / DOM Fingerprints

JS Globals

siteConfigtheme_options_ajax

FAQ

Salsify Sync – Salsify product data to WooCommerce with real-time updates and field mapping Security & Risk Analysis

Is Salsify Sync – Salsify product data to WooCommerce with real-time updates and field mapping Safe to Use in 2026?

Generally Safe

Key Concerns

Salsify Sync – Salsify product data to WooCommerce with real-time updates and field mapping Security Vulnerabilities

Salsify Sync – Salsify product data to WooCommerce with real-time updates and field mapping Code Analysis

SQL Query Safety

Output Escaping

Data Flow Analysis

Salsify Sync – Salsify product data to WooCommerce with real-time updates and field mapping Attack Surface

AJAX Handlers 32

Salsify Sync – Salsify product data to WooCommerce with real-time updates and field mapping Maintenance & Trust

Maintenance Signals

Community Trust

Salsify Sync – Salsify product data to WooCommerce with real-time updates and field mapping Alternatives

Unica Woo Affiliate

MIPL Multistore Sync for WooCommerce. Sync Products, Stock and Orders.

Syncio — Multistore Product & Inventory Sync For WooCommerce

Channel3 for WooCommerce

CodingMall Product Relay for WooCommerce

Salsify Sync – Salsify product data to WooCommerce with real-time updates and field mapping Developer Profile

How We Detect Salsify Sync – Salsify product data to WooCommerce with real-time updates and field mapping

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Salsify Sync – Salsify product data to WooCommerce with real-time updates and field mapping