WP-Safety

Square Sync for WooCommerce | Comprehensive Data Sync Between Square and WooCommerce Security & Risk Analysis

wordpress.org/plugins/squarewoosync

Square sync for WooCommerce — connect your Square POS to sync Square products, inventory, orders, customers and more with WooCommerce in real-time.

200 active installs v6.0.9 PHP 7.4+ WP 5.4+ Updated Feb 25, 2026
squaresquare-inventorysquare-paymentssquare-syncwoocommerce-square
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Square Sync for WooCommerce | Comprehensive Data Sync Between Square and WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Square Sync for WooCommerce | Comprehensive Data Sync Between Square and WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The "squarewoosync" v6.0.9 plugin exhibits a mixed security posture. On the positive side, it shows a strong commitment to secure coding practices with a high percentage of SQL queries using prepared statements and properly escaped output. The absence of known CVEs and a clean vulnerability history suggest a generally well-maintained codebase. However, there are notable areas of concern. The presence of 2 AJAX handlers without authentication checks presents a significant attack vector, potentially allowing unauthorized actions if these endpoints are accessible. Additionally, the taint analysis revealed 2 flows with unsanitized paths, although these are not currently flagged as critical or high severity. These unsanitized paths could, in certain circumstances, lead to unexpected behavior or vulnerabilities if exploited.

Key Concerns

  • AJAX handlers without authentication checks
  • Flows with unsanitized paths detected
Vulnerabilities
None known

Square Sync for WooCommerce | Comprehensive Data Sync Between Square and WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Square Sync for WooCommerce | Comprehensive Data Sync Between Square and WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
21
74 prepared
Unescaped Output
35
163 escaped
Nonce Checks
13
Capability Checks
8
File Operations
4
External Requests
7
Bundled Libraries
0

SQL Query Safety

78% prepared95 total queries

Output Escaping

82% escaped198 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

3 flows2 with unsanitized paths
<WC_SquareSync_Gateway> (includes\Payments\WC_SquareSync_Gateway.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

Square Sync for WooCommerce | Comprehensive Data Sync Between Square and WooCommerce Attack Surface

Entry Points12
Unprotected2

AJAX Handlers 12

authwp_ajax_squaresync_credit_card_get_token_by_idincludes\Payments\WC_SquareSync_Gateway.php:91
noprivwp_ajax_squaresync_credit_card_get_token_by_idincludes\Payments\WC_SquareSync_Gateway.php:93
authwp_ajax_get_payment_requestincludes\Payments\WC_SquareSync_Gateway.php:98
noprivwp_ajax_get_payment_requestincludes\Payments\WC_SquareSync_Gateway.php:99
authwp_ajax_recalculate_totalsincludes\Payments\WC_SquareSync_Gateway.php:102
noprivwp_ajax_recalculate_totalsincludes\Payments\WC_SquareSync_Gateway.php:103
noprivwp_ajax_get_needs_shippingincludes\Payments\WC_SquareSync_Gateway.php:105
authwp_ajax_get_needs_shippingincludes\Payments\WC_SquareSync_Gateway.php:106
authwp_ajax_check_export_validationincludes\Woo\ValidateWooProduct.php:13
noprivwp_ajax_check_export_validationincludes\Woo\ValidateWooProduct.php:14
authwp_ajax_check_sync_validationincludes\Woo\ValidateWooProduct.php:16
noprivwp_ajax_check_sync_validationincludes\Woo\ValidateWooProduct.php:17
WordPress Hooks 69
actionadmin_menuincludes\Admin\Menu.php:24
actioninitincludes\Assets\Manager.php:24
actionadmin_enqueue_scriptsincludes\Assets\Manager.php:25
actionshutdownincludes\Logger\Logger.php:33
filterwoocommerce_product_data_tabsincludes\Modifiers\ProductModifiers.php:33
actionwoocommerce_product_data_panelsincludes\Modifiers\ProductModifiers.php:34
actionadmin_enqueue_scriptsincludes\Modifiers\ProductModifiers.php:37
actionadmin_print_footer_scriptsincludes\Modifiers\ProductModifiers.php:38
actionsave_postincludes\Modifiers\ProductModifiers.php:41
actionwoocommerce_before_add_to_cart_buttonincludes\Modifiers\ProductModifiers.php:44
filterwoocommerce_add_cart_item_dataincludes\Modifiers\ProductModifiers.php:47
actionwoocommerce_before_calculate_totalsincludes\Modifiers\ProductModifiers.php:48
filterwoocommerce_get_item_dataincludes\Modifiers\ProductModifiers.php:51
actionwoocommerce_checkout_create_order_line_itemincludes\Modifiers\ProductModifiers.php:54
actionwoocommerce_order_status_completedincludes\Orders\WooOrder.php:15
actionsquarewoosync-pro_update_square_order_statusincludes\Orders\WooOrder.php:18
actionwp_enqueue_scriptsincludes\Payments\WC_SquareSync_CashApp_Gateway.php:52
actionwp_enqueue_scriptsincludes\Payments\WC_SquareSync_Gateway.php:86
filterwoocommerce_checkout_fieldsincludes\Payments\WC_SquareSync_Gateway.php:87
actionwc_ajax_square_digital_wallet_get_payment_requestincludes\Payments\WC_SquareSync_Gateway.php:95
actionwc_ajax__nopriv_square_digital_wallet_get_payment_requestincludes\Payments\WC_SquareSync_Gateway.php:96
actionwc_ajax_square_digital_wallet_recalculate_totalsincludes\Payments\WC_SquareSync_Gateway.php:101
actionwoocommerce_add_payment_methodincludes\Payments\WC_SquareSync_Gateway.php:109
actionupdate_option_woocommerce_squaresync_credit_settingsincludes\Payments\WC_SquareSync_Gateway.php:112
actionrest_api_initincludes\REST\Api.php:50
filterwp_new_user_notification_emailincludes\REST\CustomersController.php:867
filtersend_password_change_emailincludes\REST\CustomersController.php:868
filtercron_schedulesincludes\Security\SquareTokenManager.php:35
actioninitincludes\Security\SquareTokenManager.php:43
actionsws_import_chunkincludes\Square\SquareImport.php:25
actioninitincludes\Woo\SyncProduct.php:31
actionadd_meta_boxesincludes\Woo\SyncProduct.php:40
actionadmin_enqueue_scriptsincludes\Woo\SyncProduct.php:43
actionsws_sync_inventory_after_product_sold_eventincludes\Woo\SyncProduct.php:45
actionsws_sync_order_after_product_sold_eventincludes\Woo\SyncProduct.php:46
actionwoocommerce_order_status_changedincludes\Woo\SyncProduct.php:49
actionwoocommerce_order_status_changedincludes\Woo\SyncProduct.php:51
actionwoocommerce_checkout_order_processedincludes\Woo\SyncProduct.php:53
actionwoocommerce_store_api_checkout_order_processedincludes\Woo\SyncProduct.php:55
actionwoocommerce_checkout_create_orderincludes\Woo\SyncProduct.php:59
actionadmin_noticesincludes\Woo\SyncProduct.php:2143
filterhandle_bulk_actions-edit-productincludes\Woo\WooImport.php:26
actionadmin_noticesincludes\Woo\WooImport.php:29
actionsquarewoosync_export_bulk_productsincludes\Woo\WooImport.php:32
actionpmxi_after_xml_importincludes\Woo\WooImport.php:36
actionpmxi_saved_postincludes\Woo\WooImport.php:37
actionplugins_loadedsquarewoosync.php:47
actionplugins_loadedsquarewoosync.php:48
actionadmin_noticessquarewoosync.php:93
filterwoocommerce_payment_gatewayssquarewoosync.php:101
actionwoocommerce_blocks_payment_method_type_registrationsquarewoosync.php:102
actionsws_reset_is_fetchingsquarewoosync.php:157
actionexport_products_to_squaresquarewoosync.php:165
actionupdate_square_inventory_cronsquarewoosync.php:169
actionwp_trash_postsquarewoosync.php:172
actionadmin_noticessquarewoosync.php:253
actionrestrict_manage_postssquarewoosync.php:336
filterpre_get_postssquarewoosync.php:351
actionshow_user_profilesquarewoosync.php:450
actionedit_user_profilesquarewoosync.php:451
actionpersonal_options_updatesquarewoosync.php:452
actionedit_user_profile_updatesquarewoosync.php:453
actionadmin_menusquarewoosync.php:456
actionwoocommerce_before_order_itemmetasquarewoosync.php:627
actionshow_user_profilesquarewoosync.php:690
actionedit_user_profilesquarewoosync.php:691
actionpersonal_options_updatesquarewoosync.php:706
actionedit_user_profile_updatesquarewoosync.php:707
actionupgrader_process_completesquarewoosync.php:733

Scheduled Events 2

sws_reset_is_fetching
squarewoosync_sync_bulk_products
Maintenance & Trust

Square Sync for WooCommerce | Comprehensive Data Sync Between Square and WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 25, 2026
PHP min version7.4
Downloads11K

Community Trust

Rating100/100
Number of ratings11
Active installs200
Alternatives

Square Sync for WooCommerce | Comprehensive Data Sync Between Square and WooCommerce Alternatives

WP Easy Pay – Payment and Donation form Builder for Square

WP Easy Pay – Payment and Donation form Builder for Square

wp-easy-pay

A
97

Integrate Square with WordPress easily, quickly, and securely. The Square Payment Form Builder for WordPress to accept Subscriptions, Donations and On &hellip;

1K 4 CVEs
WC Shop Sync – Square Payment Gateway and Product Synchronization for WooCommerce

WC Shop Sync – Square Payment Gateway and Product Synchronization for WooCommerce

woosquare

A
99

Want to add Square Payment Gateway for WooCommerce? Download WC Shop Sync plugin to add Square payments, inventory sync, customer data, orders, etc.

900 2 CVEs
FooSales – Point of Sale (POS) for WooCommerce

FooSales – Point of Sale (POS) for WooCommerce

foosales

A
100

FooSales POS is a point of sale (POS) system for WooCommerce that turns any computer, iPad or Android tablet into a retail checkout.

700 No CVEs
MemberPress Square — Accept Square Payments in MemberPress

MemberPress Square — Accept Square Payments in MemberPress

pay-with-square-in-memberpress

A
100

Want to integrate Square payments in Memberpress for your wordpress site? Install Memberpress Square to accept Square Payments & create subscriptions.

70 No CVEs
MyPayKit – Payment Forms for Square

MyPayKit – Payment Forms for Square

mypaykit-payment-forms-for-square

A
100

Create professional payment forms and accept Square payments in minutes. Simple setup, secure processing.

60 No CVEs
Developer Profile

Square Sync for WooCommerce | Comprehensive Data Sync Between Square and WooCommerce Developer Profile

squarewoosync

1 plugin · 200 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Square Sync for WooCommerce | Comprehensive Data Sync Between Square and WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/squarewoosync/assets/css/squarewoosync-frontend.css/wp-content/plugins/squarewoosync/assets/js/squarewoosync-frontend.js/wp-content/plugins/squarewoosync/build/app.css/wp-content/plugins/squarewoosync/build/app.js
Script Paths
/wp-content/plugins/squarewoosync/assets/js/squarewoosync-frontend.js/wp-content/plugins/squarewoosync/build/app.js
Version Parameters
squarewoosync/assets/css/squarewoosync-frontend.css?ver=squarewoosync/assets/js/squarewoosync-frontend.js?ver=squarewoosync/build/app.css?ver=squarewoosync/build/app.js?ver=

HTML / DOM Fingerprints

CSS Classes
squarewoosync-admin-wrappersquarewoosync-settings-sectionsquarewoosync-oauth-connect
HTML Comments
SquareWooSync Admin WrapperSquareWooSync Settings SectionSquareWooSync OAuth Connect Section
Data Attributes
data-squarewoosync-id
JS Globals
squareWooSyncFrontend
REST Endpoints
/wp-json/squarewoosync/v1/settings/wp-json/squarewoosync/v1/sync-products/wp-json/squarewoosync/v1/oauth/connect
FAQ

Frequently Asked Questions about Square Sync for WooCommerce | Comprehensive Data Sync Between Square and WooCommerce