WP-Safety

ShopCentral – Advanced Store Management & Analytics for WooCommerce Security & Risk Analysis

wordpress.org/plugins/shopcentral

Manage your WooCommerce store with a powerful, centralized dashboard. View analytics, products, orders, and customers in a premium, high-performance i …

0 active installs v2.2.0 PHP 7.4+ WP 6.8+ Updated Mar 3, 2026
analyticsmulti-storestore-managerwoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is ShopCentral – Advanced Store Management & Analytics for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

ShopCentral – Advanced Store Management & Analytics for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The shopcentral plugin version 2.2.0 exhibits a mixed security posture. On one hand, the absence of any known historical CVEs and critical taint analysis findings suggests a relatively clean track record and diligent development regarding common severe vulnerabilities. The plugin also demonstrates a reasonable adherence to security best practices with a majority of SQL queries using prepared statements and most output being properly escaped.

However, significant concerns arise from the static analysis. The presence of 3 AJAX handlers, with 2 of them lacking authentication checks, creates a substantial attack surface that could be exploited by unauthenticated users. This is further compounded by only one nonce check across the entire plugin, which is insufficient to protect the limited authenticated entry points.

Overall, while the plugin hasn't historically been a target for known vulnerabilities, the current version has clear security weaknesses in its handling of AJAX requests. The potential for unauthorized actions via these unprotected AJAX handlers is the most pressing risk. Developers should prioritize addressing these unauthenticated entry points.

Key Concerns

  • 2 unprotected AJAX handlers
  • Low number of nonce checks for entry points
  • 53% of SQL queries use prepared statements (potential risk)
  • 25% of outputs are not properly escaped
Vulnerabilities
None known

ShopCentral – Advanced Store Management & Analytics for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

ShopCentral – Advanced Store Management & Analytics for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
20
23 prepared
Unescaped Output
2
6 escaped
Nonce Checks
1
Capability Checks
9
File Operations
0
External Requests
5
Bundled Libraries
0

SQL Query Safety

53% prepared43 total queries

Output Escaping

75% escaped8 total outputs
Attack Surface
2 unprotected

ShopCentral – Advanced Store Management & Analytics for WooCommerce Attack Surface

Entry Points3
Unprotected2

AJAX Handlers 3

authwp_ajax_shopcentral_deactivation_feedbackincludes\class-shopcentral-deactivation-survey.php:10
authwp_ajax_shopcentral_get_nonceshopcentral.php:86
noprivwp_ajax_shopcentral_get_nonceshopcentral.php:87
WordPress Hooks 20
actionrest_api_initincludes\class-shopcentral-advanced-analytics.php:14
actionrest_api_initincludes\class-shopcentral-api.php:9
actionrest_api_initincludes\class-shopcentral-automation-engine.php:16
actionwoocommerce_product_set_stockincludes\class-shopcentral-automation-engine.php:19
actiontransition_post_statusincludes\class-shopcentral-automation-engine.php:20
actionshopcentral_daily_automation_cronincludes\class-shopcentral-automation-engine.php:26
actionrest_api_initincludes\class-shopcentral-customer-intelligence.php:14
actionadmin_footerincludes\class-shopcentral-deactivation-survey.php:9
actionadmin_initincludes\class-shopcentral-event-tracker.php:9
actiondelete_pluginincludes\class-shopcentral-event-tracker.php:10
actionrest_api_initincludes\class-shopcentral-export-tools.php:14
actionrest_api_initincludes\class-shopcentral-marketing-controller.php:14
actionrest_api_initincludes\class-shopcentral-notification-system.php:14
filterhttp_request_host_is_externalincludes\class-shopcentral-remote-api.php:25
actionrest_api_initincludes\class-shopcentral-settings-api.php:13
actionrest_api_initincludes\class-shopcentral-store-api.php:51
actionadmin_initshopcentral.php:58
actionadmin_initshopcentral.php:59
actionadmin_menushopcentral.php:80
actionadmin_enqueue_scriptsshopcentral.php:81

Scheduled Events 1

shopcentral_daily_automation_cron
Maintenance & Trust

ShopCentral – Advanced Store Management & Analytics for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 3, 2026
PHP min version7.4
Downloads220

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

ShopCentral – Advanced Store Management & Analytics for WooCommerce Alternatives

Google Analytics for WooCommerce

Google Analytics for WooCommerce

woocommerce-google-analytics-integration

A
100

Provides integration between Google Analytics and WooCommerce.

200K No CVEs
Klaviyo

Klaviyo

klaviyo

A
99

Klaviyo for WooCommerce

100K 2 CVEs
Pixel Manager for WooCommerce – Conversion Tracking, Google Ads, GA4, TikTok, Dynamic Remarketing

Pixel Manager for WooCommerce – Conversion Tracking, Google Ads, GA4, TikTok, Dynamic Remarketing

woocommerce-google-adwords-conversion-tracking-tag

A
95

Conversion tracking for WooCommerce. Google Ads, GA4, Meta/Facebook Pixel, TikTok & more. Recover 30% more conversions with server-side tracking!

50K 4 CVEs
GTM Kit – Google Tag Manager & GA4 integration

GTM Kit – Google Tag Manager & GA4 integration

gtm-kit

A
99

Google Tag Manager and GA4 integration. Including WooCommerce data for Google Analytics 4 and support for server side GTM.

30K 1 CVE
WooCommerce Analytics

WooCommerce Analytics

woocommerce-analytics

A
100

Boost sales and maximize ROI with WooCommerce Analytics. Access order attribution data to optimize performance and drive business growth effectively.

20K No CVEs
Developer Profile

ShopCentral – Advanced Store Management & Analytics for WooCommerce Developer Profile

Dominopress

10 plugins · 1K total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect ShopCentral – Advanced Store Management & Analytics for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/shopcentral/assets/admin.js/wp-content/plugins/shopcentral/assets/vendors.js
Script Paths
/wp-content/plugins/shopcentral/assets/vendors.js/wp-content/plugins/shopcentral/assets/admin.js
Version Parameters
shopcentral-vendorsshopcentral-admin

HTML / DOM Fingerprints

JS Globals
shopCentralData
REST Endpoints
/wp-json/shopcentral/v1/
Shortcode Output
<div id="shopcentral-root"></div>
FAQ

Frequently Asked Questions about ShopCentral – Advanced Store Management & Analytics for WooCommerce