WP-Safety

SCM – Smart Currency Manager – Premium Variant for WcVendor Security & Risk Analysis

wordpress.org/plugins/scd-smart-currency-detector-premium-variant-for-wcvendor

ALL-IN-ONE solution for buyers, sellers, single/multi vendors sites, market places. Best currency plugin for WC Vendor Marketplace for currency conver …

0 active installs v4.8.0.1 PHP + WP 4.0.0+ Updated Unknown
auto-detectconversionconvertercurrencywoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is SCM – Smart Currency Manager – Premium Variant for WcVendor Safe to Use in 2026?

Generally Safe

Score 100/100

SCM – Smart Currency Manager – Premium Variant for WcVendor has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs
Risk Assessment

The plugin "scd-smart-currency-detector-premium-variant-for-wcvendor" v4.8.0.1 exhibits a mixed security posture. On the positive side, it demonstrates good practices by using prepared statements for all SQL queries and does not appear to have any known critical or high vulnerabilities in its history, nor does it bundle external libraries that could introduce risks. The taint analysis also shows no critical or high severity unsanitized flows.

However, a significant concern lies in its attack surface. A substantial portion of its entry points, specifically 7 out of 8 total, lack authentication checks. While the taint analysis doesn't immediately flag these as exploitable, the sheer number of unprotected AJAX handlers presents a considerable risk. Furthermore, the output escaping is not consistently applied, with only 32% of outputs being properly escaped, which could lead to cross-site scripting (XSS) vulnerabilities if malicious input is not handled correctly.

Overall, the plugin has a clean vulnerability history and uses secure database practices. However, the lack of proper authorization on a majority of its AJAX endpoints and insufficient output escaping are serious weaknesses that require immediate attention to mitigate potential security breaches.

Key Concerns

  • High number of AJAX handlers without auth checks
  • Low percentage of properly escaped output
Vulnerabilities
None known

SCM – Smart Currency Manager – Premium Variant for WcVendor Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

SCM – Smart Currency Manager – Premium Variant for WcVendor Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
51
24 escaped
Nonce Checks
4
Capability Checks
2
File Operations
3
External Requests
6
Bundled Libraries
0

Output Escaping

32% escaped75 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths
scd_license_activation (index.php:177)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
7 unprotected

SCM – Smart Currency Manager – Premium Variant for WcVendor Attack Surface

Entry Points8
Unprotected7

AJAX Handlers 7

authwp_ajax_puc_v4_debug_check_nowplugin-update-checker\Puc\v4p6\DebugBar\Extension.php:20
authwp_ajax_puc_v4_debug_request_infoplugin-update-checker\Puc\v4p6\DebugBar\PluginExtension.php:11
authwp_ajax_scd_show_user_currencyscd_multivendors_renders.php:80
authwp_ajax_scd_wcv_get_user_currencyscd_multivendors_renders.php:133
authwp_ajax_scd_update_user_currencyscd_multivendors_renders.php:147
authwp_ajax_scd_update_user_currency_optionscd_multivendors_renders.php:158
authwp_ajax_scd_convert_commission_ajaxscd_wcv_multivendor.php:457

Shortcodes 1

[scd_widget1] index.php:336
WordPress Hooks 75
actioninitindex.php:23
actioncurrent_screenindex.php:41
actionwp_enqueue_scriptsindex.php:51
filterscd-admin-tab-listindex.php:53
filterscd-pro-unactivatedindex.php:64
filterscd_noticeindex.php:73
filterscd_license_manager_tabindex.php:89
actionscd_activate_license_formindex.php:94
actionadmin_noticesindex.php:314
actionwoocommerce_email_order_detailsindex.php:359
filterwc_priceindex.php:362
filterwc_get_templateindex.php:366
filterdebug_bar_panelsplugin-update-checker\Puc\v4p6\DebugBar\Extension.php:17
actiondebug_bar_enqueue_scriptsplugin-update-checker\Puc\v4p6\DebugBar\Extension.php:18
filterupgrader_post_installplugin-update-checker\Puc\v4p6\Plugin\Package.php:32
actiondelete_site_transient_update_pluginsplugin-update-checker\Puc\v4p6\Plugin\Package.php:33
actionadmin_initplugin-update-checker\Puc\v4p6\Plugin\Ui.php:17
filterplugin_row_metaplugin-update-checker\Puc\v4p6\Plugin\Ui.php:24
filterplugin_row_metaplugin-update-checker\Puc\v4p6\Plugin\Ui.php:25
actionall_admin_noticesplugin-update-checker\Puc\v4p6\Plugin\Ui.php:26
filterplugins_apiplugin-update-checker\Puc\v4p6\Plugin\UpdateChecker.php:94
filtercron_schedulesplugin-update-checker\Puc\v4p6\Scheduler.php:50
actionadmin_initplugin-update-checker\Puc\v4p6\Scheduler.php:60
actionload-update-core.phpplugin-update-checker\Puc\v4p6\Scheduler.php:64
actionupgrader_process_completeplugin-update-checker\Puc\v4p6\Scheduler.php:71
actioninitplugin-update-checker\Puc\v4p6\UpdateChecker.php:88
filterupgrader_source_selectionplugin-update-checker\Puc\v4p6\UpdateChecker.php:132
filterhttp_request_host_is_externalplugin-update-checker\Puc\v4p6\UpdateChecker.php:136
actionplugins_loadedplugin-update-checker\Puc\v4p6\UpdateChecker.php:142
actionpuc_api_errorplugin-update-checker\Puc\v4p6\UpdateChecker.php:244
filterupgrader_pre_installplugin-update-checker\Puc\v4p6\UpgraderStatus.php:17
filterupgrader_package_optionsplugin-update-checker\Puc\v4p6\UpgraderStatus.php:18
filterupgrader_post_installplugin-update-checker\Puc\v4p6\UpgraderStatus.php:19
actionupgrader_process_completeplugin-update-checker\Puc\v4p6\UpgraderStatus.php:20
filterupgrader_pre_downloadplugin-update-checker\Puc\v4p6\Vcs\GitHubApi.php:362
filterhttp_request_argsplugin-update-checker\Puc\v4p6\Vcs\GitHubApi.php:387
actionadmin_initscd_free_install.php:16
filterscd_enable_js_conversionscd_multivendors_renders.php:5
filterscd_multivendors_activatescd_multivendors_renders.php:13
filterscd_target_currencyscd_multivendors_renders.php:184
filterwoocommerce_product_export_column_namesscd_multivendors_renders.php:188
filterwoocommerce_product_export_product_default_columnsscd_multivendors_renders.php:189
filterwoocommerce_product_export_product_column_scd_other_optionsscd_multivendors_renders.php:204
filterwoocommerce_product_importer_parsed_datascd_multivendors_renders.php:207
filteris_scd_multivendorscd_multivendors_renders.php:219
filterscd_disable_sidebar_currenciesscd_multivendors_renders.php:224
actionwcv_pro_store_settings_savedscd_multivendors_renders.php:230
actionwcv_after_shipping_tabscd_multivendors_renders.php:242
actionwcvendors_settings_after_shipping_tabscd_multivendors_renders.php:286
filterscd-settings-groupsscd_multivendors_settings.php:26
filterscd-options-fieldsscd_multivendors_settings.php:33
filterscd_init_currency_optionsscd_multivendors_settings.php:46
filterscd_list_currenciesscd_pro_currencies.php:3
actionwcv_dashboard_pages_navscd_wcv_multivendor.php:77
actionwcv_save_productscd_wcv_multivendor.php:90
actionwcv_product_options_general_product_datascd_wcv_multivendor.php:99
filterwcv_product_pricescd_wcv_multivendor.php:115
filterwcv_product_sale_pricescd_wcv_multivendor.php:136
filterwcvendors_pro_product_variation_pathscd_wcv_multivendor.php:170
actionwcv_save_product_variationscd_wcv_multivendor.php:176
filterwcv_orders_table_rowsscd_wcv_multivendor.php:196
filterwcv_order_row_actionsscd_wcv_multivendor.php:210
filterwc_pricescd_wcv_multivendor.php:212
filterwcv_product_table_rowsscd_wcv_multivendor.php:294
actionwoocommerce_before_template_partscd_wcv_multivendor.php:310
filterwc_pricescd_wcv_multivendor.php:312
actionwcvendors_email_order_detailsscd_wcv_multivendor.php:318
filterwc_price_argsscd_wcv_multivendor.php:320
filterwc_pricescd_wcv_multivendor.php:321
actionwcvendors_email_customer_detailsscd_wcv_multivendor.php:325
filterwcvendors_commissions_columnsscd_wcv_multivendor.php:415
actionwoocommerce_before_account_ordersscd_wcv_multivendor.php:472
filterwc_pricescd_wcv_multivendor.php:473
actionwoocommerce_order_details_before_order_tablescd_wcv_multivendor.php:476
filterwc_pricescd_wcv_multivendor.php:477
Maintenance & Trust

SCM – Smart Currency Manager – Premium Variant for WcVendor Maintenance & Trust

Maintenance Signals

WordPress version tested6.3.8
Last updatedUnknown
PHP min version
Downloads807

Community Trust

Rating20/100
Number of ratings1
Active installs0
Alternatives

SCM – Smart Currency Manager – Premium Variant for WcVendor Alternatives

SCM – Smart Currency Manager – Premium Variant for Dokan

SCM – Smart Currency Manager – Premium Variant for Dokan

scd-smart-currency-detector-variant-for-dokan

A
85

❓ Have you thought about letting your customers buy in your online shop using their own currency and payment method ❓

10 No CVEs
SCD – Smart Currency Detector – Premium Variant for WCFM

SCD – Smart Currency Detector – Premium Variant for WCFM

scd-smart-currency-detector-variant-for-wcfm

A
85

❓ Have you thought about letting your customers buy in your online shop using their own currency and payment method ❓

10 No CVEs
FOX – Currency Switcher Professional for WooCommerce

FOX – Currency Switcher Professional for WooCommerce

woocommerce-currency-switcher

A
93

FOX - Currency Switcher Professional for WooCommerce (former name is WOOCS) is currency plugin for woocommerce and multi currency shop, switch & pay

50K 12 CVEs
YayCurrency – WooCommerce Multi-Currency Switcher

YayCurrency – WooCommerce Multi-Currency Switcher

yaycurrency

A
96

WooCommerce Multi-Currency made easy, powerful, and flexible.

8K 2 CVEs
Currency Switcher for WooCommerce by WBW

Currency Switcher for WooCommerce by WBW

woo-currency

A
100

WBW Currency Switcher for WooCommerce allows customers to switch products prices to any currencies. Get rates converted in the real-time with dynamic …

4K 1 CVE
Developer Profile

SCM – Smart Currency Manager – Premium Variant for WcVendor Developer Profile

scd2021

4 plugins · 80 total installs

86
trust score
Avg Security Score
89/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect SCM – Smart Currency Manager – Premium Variant for WcVendor

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/scd-smart-currency-detector-premium-variant-for-wcvendor/js/scd_lic_form.js/wp-content/plugins/scd-smart-currency-detector-premium-variant-for-wcvendor/js/scd_wcv_multivendor.js
Script Paths
/wp-content/plugins/scd-smart-currency-detector-premium-variant-for-wcvendor/js/scd_lic_form.js/wp-content/plugins/scd-smart-currency-detector-premium-variant-for-wcvendor/js/scd_wcv_multivendor.js

HTML / DOM Fingerprints

CSS Classes
scd-notice
JS Globals
scd_ajax
FAQ

Frequently Asked Questions about SCM – Smart Currency Manager – Premium Variant for WcVendor