WP-Safety

Product Feed for Google Shopping, Microsoft Advertising and 40+ Channels for WooCommerce Merchant Security & Risk Analysis

wordpress.org/plugins/shopping-feed-for-google

Automate real-time product syncing to Google, Microsoft & Facebook from WooCommerce. Launch campaigns and track interactions with Google Analytics 4.

2K active installs v5.0.0 PHP 7.2+ WP 4.4+ Updated Feb 3, 2026
conversion-trackinggoogle-feedmicrosoft-advertising-feedp-max-campaignwoocommerce-product-feed
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Product Feed for Google Shopping, Microsoft Advertising and 40+ Channels for WooCommerce Merchant Safe to Use in 2026?

Generally Safe

Score 100/100

Product Feed for Google Shopping, Microsoft Advertising and 40+ Channels for WooCommerce Merchant has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The "shopping-feed-for-google" v5.0.0 plugin exhibits a concerning security posture due to a significant number of unprotected entry points. With 6 out of 8 identified entry points lacking proper authentication or permission checks, the plugin is highly susceptible to unauthorized access and potential manipulation. This vast attack surface, coupled with the presence of dangerous functions like `unserialize` and SQL queries that are not prepared, significantly increases the risk of exploits. The lack of proper output escaping in over half of the detected outputs further exacerbates this, creating opportunities for cross-site scripting (XSS) vulnerabilities. Despite the absence of known CVEs, the internal code analysis reveals several critical weaknesses that should not be overlooked. The plugin demonstrates a pattern of weak access control and insecure data handling. While the absence of known vulnerabilities is a positive sign, it does not negate the inherent risks identified within the code itself. The plugin has a good number of capability checks and nonce checks, but this is overshadowed by the number of unprotected entry points and the use of dangerous functions.

Key Concerns

  • High number of unprotected AJAX handlers
  • Unprotected REST API route
  • Dangerous function: unserialize
  • SQL queries without prepared statements
  • Low percentage of properly escaped output
  • File operation present
  • External HTTP requests present
Vulnerabilities
None known

Product Feed for Google Shopping, Microsoft Advertising and 40+ Channels for WooCommerce Merchant Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Product Feed for Google Shopping, Microsoft Advertising and 40+ Channels for WooCommerce Merchant Code Analysis

Dangerous Functions
1
Raw SQL Queries
2
0 prepared
Unescaped Output
32
37 escaped
Nonce Checks
1
Capability Checks
2
File Operations
1
External Requests
2
Bundled Libraries
1

Dangerous Functions Found

unserialize$shop_secret = unserialize($shop_secret);helpers\helper.php:75

Bundled Libraries

jQuery

SQL Query Safety

0% prepared2 total queries

Output Escaping

54% escaped69 total outputs
Attack Surface
6 unprotected

Product Feed for Google Shopping, Microsoft Advertising and 40+ Channels for WooCommerce Merchant Attack Surface

Entry Points8
Unprotected6

AJAX Handlers 6

authwp_ajax_gsf_dismiss_noticeclasses\class-wp-gsf-admin-notification.php:13
authwp_ajax_refresh_product_statusclasses\class-wp-gsf-product-status.php:16
authwp_ajax_gsf_wp_actionshopping-feed-for-google.php:41
noprivwp_ajax_gsf_wp_actionshopping-feed-for-google.php:42
authwp_ajax_ajaxRequestGSFshopping-feed-for-google.php:123
noprivwp_ajax_ajaxRequestGSFshopping-feed-for-google.php:124

REST API Routes 2

POST/wp-json/gsf/v1/deactive-feedbackclasses\class-wp-gsf-feedback.php:16
POST/wp-json/gsf/v1/update-optionsclasses\class-wp-gsf-rest-controller.php:12
WordPress Hooks 42
actionactivated_pluginclasses\class-wp-gsf-activator.php:9
actionadmin_enqueue_scriptsclasses\class-wp-gsf-admin-notification.php:11
actionadmin_noticesclasses\class-wp-gsf-admin-notification.php:12
actionadmin_enqueue_scriptsclasses\class-wp-gsf-embedded.php:8
actionadmin_headclasses\class-wp-gsf-embedded.php:9
actionadmin_footerclasses\class-wp-gsf-feedback.php:8
actionrest_api_initclasses\class-wp-gsf-feedback.php:9
actionadmin_noticesclasses\class-wp-gsf-missing-dependency-reporter.php:18
filtermanage_edit-product_columnsclasses\class-wp-gsf-product-status.php:12
actionmanage_product_posts_custom_columnclasses\class-wp-gsf-product-status.php:13
actionadmin_enqueue_scriptsclasses\class-wp-gsf-product-status.php:14
actionadd_meta_boxesclasses\class-wp-gsf-product-status.php:15
actiongsfwc_get_feed_statusclasses\class-wp-gsf-product-status.php:17
actiontransition_post_statusclasses\class-wp-gsf-product-status.php:18
actionrest_api_initclasses\class-wp-gsf-rest-controller.php:8
actionwp_dashboard_setupclasses\class-wp-gsf-tips.php:4
actionadmin_headclasses\class-wp-gsf-tips.php:5
actionwp_footerhelpers\helper.php:286
actionadmin_print_footer_scriptshelpers\helper.php:1264
actionadmin_menushopping-feed-for-google.php:40
actionwp_headshopping-feed-for-google.php:43
actionadmin_noticesshopping-feed-for-google.php:46
actionshow_gsf_admin_noticesshopping-feed-for-google.php:47
actionupgrader_process_completeshopping-feed-for-google.php:50
actionadmin_noticesshopping-feed-for-google.php:51
actionwp_enqueue_scriptsshopping-feed-for-google.php:66
actionwpshopping-feed-for-google.php:78
filterwoocommerce_add_to_cartshopping-feed-for-google.php:81
filterget_search_queryshopping-feed-for-google.php:90
actionwoocommerce_checkout_update_order_metashopping-feed-for-google.php:92
filterrender_blockshopping-feed-for-google.php:96
actiongsf_before_woocommerce/checkoutshopping-feed-for-google.php:98
actiongsf_before_woocommerce/cartshopping-feed-for-google.php:99
filterwoocommerce_get_price_htmlshopping-feed-for-google.php:106
filterwoocommerce_add_order_item_metashopping-feed-for-google.php:107
filterwoocommerce_add_cart_item_datashopping-feed-for-google.php:108
actionwoocommerce_before_calculate_totalsshopping-feed-for-google.php:109
actionwoocommerce_initshopping-feed-for-google.php:110
filterwoocommerce_show_variation_priceshopping-feed-for-google.php:111
actionwp_headshopping-feed-for-google.php:121
filterplugin_row_metashopping-feed-for-google.php:130
actionplugins_loadedshopping-feed-for-google.php:153
Maintenance & Trust

Product Feed for Google Shopping, Microsoft Advertising and 40+ Channels for WooCommerce Merchant Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 3, 2026
PHP min version7.2
Downloads79K

Community Trust

Rating96/100
Number of ratings84
Active installs2K
Alternatives

Product Feed for Google Shopping, Microsoft Advertising and 40+ Channels for WooCommerce Merchant Alternatives

Product Feed PRO for WooCommerce by AdTribes – Product Feeds for WooCommerce

Product Feed PRO for WooCommerce by AdTribes – Product Feeds for WooCommerce

woo-product-feed-pro

A
97

Most popular WooCommerce product feed plugin supporting Google shopping feed, meta/facebook feed, bing product feed & more.

80K 6 CVEs
Pixel Manager for WooCommerce – Conversion Tracking, Google Ads, GA4, TikTok, Dynamic Remarketing

Pixel Manager for WooCommerce – Conversion Tracking, Google Ads, GA4, TikTok, Dynamic Remarketing

woocommerce-google-adwords-conversion-tracking-tag

A
95

Conversion tracking for WooCommerce. Google Ads, GA4, Meta/Facebook Pixel, TikTok & more. Recover 30% more conversions with server-side tracking!

50K 4 CVEs
Product Feed Manager For WooCommerce – Sell on 200+ Online Marketplaces

Product Feed Manager For WooCommerce – Sell on 200+ Online Marketplaces

best-woocommerce-feed

A
99

Generate WooCommerce product feeds for 200+ marketplaces. Sell on Google Shopping, Facebook, Instagram, Amazon, eBay, TikTok and more.

10K 2 CVEs
CallRail Phone Call Tracking

CallRail Phone Call Tracking

callrail-phone-call-tracking

A
99

Dynamically swap CallRail tracking phone numbers based on the visitor's referring source.

10K 2 CVEs
Conversios: Google Analytics (GA4), Google Ads, Conversion and Analytics Tracking for Multi-Channels

Conversios: Google Analytics (GA4), Google Ads, Conversion and Analytics Tracking for Multi-Channels

enhanced-e-commerce-for-woocommerce-store

A
88

Track GA4 Analytics, Google Ads, Microsoft Ads, & Conversion with server-side tracking (CAPI) & product feed to improve ROAS, reports for WooCommerce.

10K 10 CVEs
Developer Profile

Product Feed for Google Shopping, Microsoft Advertising and 40+ Channels for WooCommerce Merchant Developer Profile

simprosys

1 plugin · 2K total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Product Feed for Google Shopping, Microsoft Advertising and 40+ Channels for WooCommerce Merchant

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/shopping-feed-for-google/assets/css/gsf-styles.min.css/wp-content/plugins/shopping-feed-for-google/assets/js/gsf-script.min.js/wp-content/plugins/shopping-feed-for-google/js/jquery.min.js
Script Paths
/wp-content/plugins/shopping-feed-for-google/assets/js/gsf-script.min.js
Version Parameters
shopping-feed-for-google/style.css?ver=shopping-feed-for-google/assets/css/gsf-styles.min.css?ver=shopping-feed-for-google/assets/js/gsf-script.min.js?ver=shopping-feed-for-google/js/jquery.min.js?ver=

HTML / DOM Fingerprints

CSS Classes
gsf-notification-admin-stylegsf-notification-admin-js
Data Attributes
gsf_dismiss_notice
JS Globals
gsfwc_ajaxurl
FAQ

Frequently Asked Questions about Product Feed for Google Shopping, Microsoft Advertising and 40+ Channels for WooCommerce Merchant