Does ShopPanel have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is ShopPanel compatible with WordPress 6.9.4?

According to WordPress.org data, ShopPanel 1.0.6 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is ShopPanel compatible with PHP 7.4+?

ShopPanel requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is ShopPanel updated?

ShopPanel was last updated on Dec 1, 2025. Frequent updates are generally a positive security signal.

What is ShopPanel's security score?

ShopPanel has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

ShopPanel Security & Risk Analysis

wordpress.org/plugins/shoppanel

Shopify-style administration panel fully focused on ecommerce with WooCommerce.

10 active installs v1.0.6 PHP 7.4+ WP 6.0+ Updated Dec 1, 2025

admindashboardecommerceshopifywoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is ShopPanel Safe to Use in 2026?

Generally Safe

Score 100/100

ShopPanel has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5mo ago

Risk Assessment

The Shoppanel v1.0.6 plugin demonstrates a generally strong security posture, particularly concerning its handling of user input and database interactions. The absence of any recorded vulnerabilities or CVEs in its history is a significant positive indicator, suggesting a history of stable and secure development. Furthermore, the static analysis reveals a commendably clean codebase with no dangerous functions, no unsanitized taint flows, and all SQL queries utilizing prepared statements, which are excellent practices for preventing common web vulnerabilities.

However, there are areas that warrant attention. While the total number of entry points is low and none are explicitly unprotected, the plugin has 201 total output operations, with only 62% properly escaped. This means a significant portion of output might be vulnerable to cross-site scripting (XSS) attacks if unsanitized data is ever introduced. The presence of 13 nonce checks and 20 capability checks across its functions is positive, indicating an awareness of authentication and authorization, but the unescaped output remains a potential weakness.

In conclusion, Shoppanel v1.0.6 appears to be a well-developed plugin with robust database security and a clean history. The primary concern lies in the significant proportion of unescaped output, which presents a potential risk for XSS vulnerabilities. Addressing this would further solidify the plugin's security. Given the lack of historical vulnerabilities and the absence of critical static analysis findings, the overall risk is moderate, with the potential for XSS being the most notable concern.

Key Concerns

Significant portion of output not properly escaped

Vulnerabilities

None known

ShopPanel Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

ShopPanel Release Timeline

v1.0.6Current

v1.0.5

v1.0.4

v1.0.3

Code Analysis

Analyzed Mar 17, 2026

ShopPanel Code Analysis

Dangerous Functions

Raw SQL Queries

6 prepared

Unescaped Output

125 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared6 total queries

Output Escaping

62% escaped201 total outputs

Data Flows · Security

All sanitized

Data Flow Analysis

2 flows

save_settings (includes\class-settings.php:133)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

ShopPanel Attack Surface

Entry Points1

Unprotected0

AJAX Handlers 1

authwp_ajax_shoppanel_get_map_dataincludes\class-customer-map.php:45

WordPress Hooks 16

actionadmin_bar_menuincludes\class-admin-bar.php:45

actionadmin_menuincludes\class-admin-menu.php:46

actionadmin_menuincludes\class-admin-menu.php:47

actionadmin_enqueue_scriptsincludes\class-admin-menu.php:51

actionadmin_headincludes\class-admin-menu.php:52

actionadmin_initincludes\class-admin-redirect.php:45

actionadmin_initincludes\class-admin-redirect.php:46

filterlogin_redirectincludes\class-admin-redirect.php:47

actionadmin_post_shoppanel_save_settingsincludes\class-settings.php:45

actionplugins_loadedincludes\class-shoppanel.php:51

actionadmin_enqueue_scriptsincludes\class-shoppanel.php:54

actionadmin_headincludes\class-shoppanel.php:60

actionbefore_woocommerce_initshoppanel.php:66

actionplugins_loadedshoppanel.php:69

actioninitshoppanel.php:75

actionadmin_noticesshoppanel.php:102

Maintenance & Trust

ShopPanel Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 1, 2025

PHP min version7.4

Downloads250

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

ShopPanel Alternatives

Dashify: WooCommerce admin dashboard theme

dashify

100

A modern design and UI for the WooCommerce admin. Manage, search, and navigate orders faster. Make the WordPress admin dashboard ecommerce-focused.

1K No CVEs

RD Order Note Templates for WooCommerce

rd-wc-enhanced-order-notes

100

Create predefined templates for order notes that you can apply to orders

60 No CVEs

Dashboard Summary

dashboard-summary

100

Beautiful, colorful dashboard cards displaying blog and WooCommerce statistics with customizable gradient colors and responsive design.

20 No CVEs

Easy Store Management by AyudaWP

easy-store-management-ayudawp

100

Simplifies admin dashboard for WooCommerce shop managers by hiding non-store elements and reorganizing menus for better store management workflow.

10 No CVEs

Shop Metrics Report for WP

shop-metrics-report

The Shop Metrics Report for WP plugin sends your webshop order data of WooCommerce to your Shop Metrics Report dashboard. There are lots of live chart …

10 No CVEs

Developer Profile

ShopPanel Developer Profile

Kamalyon

3 plugins · 60 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect ShopPanel

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/shoppanel/assets/css/shoppanel-admin.css/wp-content/plugins/shoppanel/assets/js/shoppanel-admin.js

Script Paths

/wp-content/plugins/shoppanel/assets/js/shoppanel-admin.js

Version Parameters

shoppanel-admin.css?ver=shoppanel-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

shoppanel-activeshoppanel-hide-wp-admin-menu

FAQ