Does Social Proof for WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in Social Proof for WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Social Proof for WooCommerce compatible with WordPress 6.8.5?

According to WordPress.org data, Social Proof for WooCommerce 1.5 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Social Proof for WooCommerce compatible with PHP 7.0+?

Social Proof for WooCommerce requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Social Proof for WooCommerce updated?

Social Proof for WooCommerce was last updated on Aug 16, 2025. Frequent updates are generally a positive security signal.

What is Social Proof for WooCommerce's security score?

Social Proof for WooCommerce has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Social Proof for WooCommerce Security & Risk Analysis

wordpress.org/plugins/social-proof-for-woocommerce

Motivate your customers to buy from your online store. Show them social proof that other people are already buying from your store.

30 active installs v1.5 PHP 7.0+ WP 5.2+ Updated Aug 16, 2025

fomonotificationsrecent-salessocial-proofwoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Social Proof for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Social Proof for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7mo ago

Risk Assessment

The "social-proof-for-woocommerce" plugin v1.5 exhibits a mixed security posture. While it demonstrates good practices like a high percentage of prepared SQL statements and properly escaped output, there are significant concerns regarding its attack surface and data sanitization.

The static analysis reveals an attack surface of 5 AJAX handlers, with 2 of them lacking proper authentication checks. This is a critical weakness as it allows unauthenticated users to potentially interact with sensitive backend functionalities. Furthermore, the taint analysis highlights 4 flows with unsanitized paths, all classified as high severity. This indicates a significant risk of injection vulnerabilities where user-supplied data could be manipulated to execute arbitrary code or access unauthorized information.

The plugin's vulnerability history is clean, with no known CVEs. This is a positive indicator and suggests that the plugin has generally been well-maintained or has not been a target for major exploits. However, the absence of past vulnerabilities should not overshadow the current risks identified in the code analysis. The plugin's strengths lie in its proactive use of prepared statements and output escaping, but the presence of unprotected AJAX endpoints and high-severity unsanitized taint flows presents immediate and actionable security risks.

Key Concerns

Unprotected AJAX handlers
High severity unsanitized taint flows

Vulnerabilities

None known

Social Proof for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Social Proof for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

15 prepared

Unescaped Output

135 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

63% prepared24 total queries

Output Escaping

90% escaped150 total outputs

Data Flows

4 unsanitized

Data Flow Analysis

7 flows4 with unsanitized paths

logging_render_options_page (includes\admin\class-admin.php:308)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

Social Proof for WooCommerce Attack Surface

Entry Points5

Unprotected2

AJAX Handlers 5

authwp_ajax_get_wooproofincludes\class-ajax.php:50

authwp_ajax_wooProof_clicks_counterincludes\class-ajax.php:51

authwp_ajax_wooproof_deactivation_feedbackincludes\class-ajax.php:52

noprivwp_ajax_get_wooproofincludes\class-ajax.php:55

noprivwp_ajax_wooProof_clicks_counterincludes\class-ajax.php:56

WordPress Hooks 18

actionadmin_menuincludes\admin\class-admin.php:52

actionadmin_enqueue_scriptsincludes\admin\class-admin.php:53

actionadmin_footerincludes\admin\class-admin.php:54

actionwooProof_settings_tabincludes\admin\class-admin.php:57

actionwooProof_settings_tabincludes\admin\class-admin.php:58

actionwooProof_settings_tabincludes\admin\class-admin.php:59

actionwooProof_settings_contentincludes\admin\class-admin.php:60

actionwooProof_settings_contentincludes\admin\class-admin.php:61

actionwooProof_settings_contentincludes\admin\class-admin.php:62

actionadmin_initincludes\class-config-validator.php:52

actionadmin_noticesincludes\class-config-validator.php:53

actionwp_enqueue_scriptsincludes\class-frontend.php:33

actionwpincludes\class-frontend.php:34

actioninitincludes\class-frontend.php:35

actionwp_footerincludes\class-frontend.php:48

actionadmin_noticesincludes\class-logger.php:408

actionadmin_initincludes\class-settings.php:39

actionbefore_woocommerce_initincludes\class-social-proof-woocommerce.php:185

Maintenance & Trust

Social Proof for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedAug 16, 2025

PHP min version7.0

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs30

Alternatives

Social Proof for WooCommerce Alternatives

Nudgify Social Proof

nudgify

Increase your sign-ups and sales by up to 15% with real-time Social Proof and FOMO messages. Show customer reviews and recent activity in real-time.

600 1 CVE

Proof Factor – Social Proof Notifications for WooCommerce

proof-factor-social-proof-notifications-for-woocommerce

Proof Factor displays recent orders and purchases on your WooCommerce storefront!

80 No CVEs

Fomo for WooCommerce

fomo

100

Fomo displays recent orders on your WooCommerce storefront.

20 No CVEs

SalesPulse – Social Proof & FOMO Notifications

salespulse

100

Boost conversions with real-time social proof & FOMO popups. Show purchases, signups, reviews, visitor counts & announcement bars.

0 No CVEs

SurfPop – Social Proof & FOMO Notifications

surfpop

100

Boost conversions with elegant social proof notifications for WooCommerce. Show recent sales to create urgency and build trust.

0 No CVEs

Developer Profile

Social Proof for WooCommerce Developer Profile

ParagonWP

1 plugin · 30 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Social Proof for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/social-proof-for-woocommerce/assets/css/wooproof-admin.css/wp-content/plugins/social-proof-for-woocommerce/assets/js/wooproof-admin.js/wp-content/plugins/social-proof-for-woocommerce/assets/js/moment.min.js/wp-content/plugins/social-proof-for-woocommerce/assets/css/daterangepicker.css/wp-content/plugins/social-proof-for-woocommerce/assets/js/daterangepicker.min.js/wp-content/plugins/social-proof-for-woocommerce/assets/js/Chart.min.js

Script Paths

assets/js/wooproof-admin.jsassets/js/moment.min.jsassets/js/daterangepicker.min.jsassets/js/Chart.min.js

Version Parameters

social-proof-for-woocommerce/social-proof-for-woocommerce.php?ver=1.5

HTML / DOM Fingerprints

CSS Classes

nav-tab-wrappernav-tabnav-tab-active

Data Attributes

data-plugin_iddata-ajax_noncedata-deactivation_nonce

JS Globals

ig_wooproof

FAQ