WP-Safety

spss12 Importer from Prom.ua to WooCoommerce Security & Risk Analysis

wordpress.org/plugins/spss12-import-prom-woo

Import products from Prom.ua xml feed directly into your woocommerce store.

0 active installs v0.1.1 PHP 8.1+ WP 5.5+ Updated Mar 23, 2026
apiimporterproductsprom-uawoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is spss12 Importer from Prom.ua to WooCoommerce Safe to Use in 2026?

Generally Safe

Score 100/100

spss12 Importer from Prom.ua to WooCoommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The "spss12-import-prom-woo" plugin v0.1.1 demonstrates a generally good security posture in terms of modern WordPress development practices. All identified SQL queries utilize prepared statements, and all output is properly escaped, significantly mitigating risks of SQL injection and cross-site scripting (XSS). The presence of nonce and capability checks also indicates an attempt to secure various functionalities. The plugin does not appear to have any known public vulnerabilities, which is a strong positive indicator.

However, the static analysis reveals critical concerns within the taint analysis. Specifically, there are three high-severity taint flows involving unsanitized paths. This suggests that user-supplied input, or data derived from it, is being used in file operations or other sensitive functions without adequate sanitization. While the plugin has limited entry points and doesn't expose direct AJAX handlers or REST API routes without checks, these taint flows represent a significant internal risk that could lead to path traversal, arbitrary file read/write, or other severe vulnerabilities if exploited.

In conclusion, the plugin benefits from strong defenses against common web vulnerabilities like SQL injection and XSS. The lack of historical vulnerabilities is also reassuring. Nevertheless, the identified high-severity unsanitized path flows are a critical weakness that requires immediate attention. The limited attack surface is a strength, but the internal code quality regarding path handling is a significant concern.

Key Concerns

  • High severity unsanitized path flows (3)
Vulnerabilities
None known

spss12 Importer from Prom.ua to WooCoommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

spss12 Importer from Prom.ua to WooCoommerce Release Timeline

v0.1.1Current
v0.0.25
Code Analysis
Analyzed Apr 16, 2026

spss12 Importer from Prom.ua to WooCoommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
3 prepared
Unescaped Output
1
210 escaped
Nonce Checks
1
Capability Checks
3
File Operations
6
External Requests
1
Bundled Libraries
0

SQL Query Safety

100% prepared3 total queries

Output Escaping

100% escaped211 total outputs
Data Flows · Security
3 unsanitized

Data Flow Analysis

3 flows3 with unsanitized paths
edit_import_page (src/Presentation/AdminController.php:39)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

spss12 Importer from Prom.ua to WooCoommerce Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 1
actionplugins_loadedspss12-import-prom-woo.php:55
Maintenance & Trust

spss12 Importer from Prom.ua to WooCoommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 23, 2026
PHP min version8.1
Downloads208

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

spss12 Importer from Prom.ua to WooCoommerce Alternatives

REST API Products Importer for WooCommerce

REST API Products Importer for WooCommerce

rest-api-products-importer-for-woocommerce

A
100

Import products from any external WordPress/WooCommerce site's REST API directly into your store.

0 No CVEs
Products and Orders Last Modified for WC REST API

Products and Orders Last Modified for WC REST API

products-and-orders-last-modified-for-wc-rest-api

A
85

Retrieve Last Modified Products and Orders via WooCommerce REST API

100 No CVEs
Products CSV Importer for Woocommerce

Products CSV Importer for Woocommerce

products-csv-importer-for-woocommerce

A
85

Given a CSV document of the proper template, imports all rows as Woocommerce products. Created by Simplistics Web Design.

10 No CVEs
API Improver for WooCommerce

API Improver for WooCommerce

api-improver-for-woocommerce

A
85

A plugin to improve your API REST.

0 No CVEs
CodingMall Product Relay for WooCommerce

CodingMall Product Relay for WooCommerce

codingmall-product-relay-for-woocommerce

A
100

Sync WooCommerce products, prices, and stock between multiple stores via the REST API.

0 No CVEs
Developer Profile

spss12 Importer from Prom.ua to WooCoommerce Developer Profile

spss12

1 plugin · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect spss12 Importer from Prom.ua to WooCoommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/spss12-import-prom-woo/assets/js/dist/plugin.min.js/wp-content/plugins/spss12-import-prom-woo/assets/js/src/plugin.js
Script Paths
/wp-content/plugins/spss12-import-prom-woo/assets/js/dist/plugin.min.js/wp-content/plugins/spss12-import-prom-woo/assets/js/src/plugin.js
Version Parameters
spss12-import-prom-woo/assets/js/dist/plugin.min.js?ver=spss12-import-prom-woo/assets/js/src/plugin.js?ver=

HTML / DOM Fingerprints

Data Attributes
data-iddata-user-id
JS Globals
sinefinePromimportAjax
REST Endpoints
/wp-json/spss12-prom-import/v1/import/product/wp-json/spss12-prom-import/v1/import/update-prices
FAQ

Frequently Asked Questions about spss12 Importer from Prom.ua to WooCoommerce