Simple Product Milestones Security & Risk Analysis

wordpress.org/plugins/simple-product-milestones

Create and customize milestones for your WooCommerce products.

0 active installs v1.0.0 PHP 7.4+ WP 4.0+ Updated Aug 16, 2023
custommilestonesproductssimplewoocomerce
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Safety Verdict

Is Simple Product Milestones Safe to Use in 2026?

Generally Safe

Score 85/100

Simple Product Milestones has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2yr ago
Risk Assessment

The "simple-product-milestones" v1.0.0 plugin exhibits a strong security posture based on the provided static analysis. It demonstrates excellent practices by avoiding dangerous functions, using prepared statements exclusively for SQL queries, and ensuring all output is properly escaped. The absence of file operations and external HTTP requests further reduces its attack surface. Crucially, the plugin has no recorded vulnerabilities or CVEs, indicating a history of secure development and maintenance.

However, a significant concern arises from the complete lack of nonce checks and capability checks. While the current attack surface is small and lacks unprotected entry points, this omission leaves the plugin vulnerable to potential CSRF attacks and unauthorized privilege escalation if any of its entry points were to be exposed or modified in future versions. The absence of taint analysis data is also a minor limitation, as it prevents a deeper understanding of potential data flow vulnerabilities. Overall, the plugin is commendably secure in its current state, but the lack of authorization checks is a notable weakness that should be addressed for robust security.

Key Concerns

  • Missing Nonce Checks
  • Missing Capability Checks
Vulnerabilities
None known

Simple Product Milestones Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Simple Product Milestones Release Timeline

v1.0.0Current
Code Analysis
Analyzed Apr 16, 2026

Simple Product Milestones Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
28 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

100% escaped28 total outputs
Attack Surface

Simple Product Milestones Attack Surface

Entry Points1
Unprotected0

Shortcodes 1

[simple-product-milestones] Functionality/Shortcodes.php:26
WordPress Hooks 9
actionafter_setup_themeFunctionality/ProductFields.php:19
actioncpf_register_fieldsFunctionality/ProductFields.php:20
actioninitFunctionality/Shortcodes.php:21
filterwoocommerce_product_data_tabsFunctionality/WoocommerceActions.php:15
actionwoocommerce_before_add_to_cart_formFunctionality/WoocommerceActions.php:16
actionwp_enqueue_scriptsIncludes/AssetsLoader.php:20
actionadmin_enqueue_scriptsIncludes/AssetsLoader.php:21
actionplugins_loadedIncludes/Loader.php:15
actionwp_enqueue_scriptsIncludes/Loader.php:16
Maintenance & Trust

Simple Product Milestones Maintenance & Trust

Maintenance Signals

WordPress version tested6.3.8
Last updatedAug 16, 2023
PHP min version7.4
Downloads2K

Community Trust

Rating0/100
Number of ratings0
Active installs0
Developer Profile

Simple Product Milestones Developer Profile

Albert Tarres

2 plugins · 10 total installs

89
trust score
Avg Security Score
93/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Simple Product Milestones

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/simple-product-milestones/dist/app.css/wp-content/plugins/simple-product-milestones/dist/app.js
Version Parameters
simple-product-milestones/app.css?ver=simple-product-milestones/app.js?ver=

HTML / DOM Fingerprints

Shortcode Output
[simple-product-milestones]
FAQ

Frequently Asked Questions about Simple Product Milestones