Does Stock Control have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Stock Control compatible with WordPress 6.5.8?

According to WordPress.org data, Stock Control 1.0.0 has been tested up to WordPress 6.5.8. Check the plugin's changelog for the latest compatibility information.

How often is Stock Control updated?

Stock Control was last updated on Jul 24, 2024. Frequent updates are generally a positive security signal.

What is Stock Control's security score?

Stock Control has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Stock Control Security & Risk Analysis

wordpress.org/plugins/stock-control

Bulk edit and logging for stock related data of WooCommerce.

0 active installs v1.0.0 PHP + WP 4.0+ Updated Jul 24, 2024

logloggingstock-log

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Stock Control Safe to Use in 2026?

Generally Safe

Score 92/100

Stock Control has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The stock-control plugin v1.0.0 demonstrates a mixed security posture. On the positive side, the plugin exhibits excellent practices in output escaping, ensuring all 42 identified outputs are properly escaped. It also shows a strong adherence to using prepared statements for SQL queries, with 89% of the 19 total queries utilizing this crucial security measure. The absence of file operations, external HTTP requests, and bundled libraries further reduces potential attack vectors. Taint analysis also revealed no high or critical severity unsanitized flows, which is a significant positive indicator.

However, a major concern arises from the presence of one AJAX handler that lacks any authentication checks. This represents a direct and significant vulnerability, as any unauthenticated user could potentially trigger this AJAX action. The absence of capability checks in general, coupled with the unprotected AJAX endpoint, significantly elevates the risk. While the plugin has no known vulnerability history, this lack of historical issues does not negate the critical risk posed by the unprotected AJAX entry point. A balanced conclusion suggests that while the plugin follows good practices in several key areas like output escaping and SQL query preparation, the unprotected AJAX handler is a critical flaw that requires immediate attention to improve its overall security.

Key Concerns

Unprotected AJAX handler found
Missing capability checks on AJAX

Vulnerabilities

None known

Stock Control Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Stock Control Release Timeline

v1.0.0Current

Code Analysis

Analyzed Mar 17, 2026

Stock Control Code Analysis

Dangerous Functions

Raw SQL Queries

17 prepared

Unescaped Output

42 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

89% prepared19 total queries

Output Escaping

100% escaped42 total outputs

Data Flows · Security

All sanitized

Data Flow Analysis

7 flows

get_stock_overview_data (views\StockControlOverviewTable.php:150)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

Stock Control Attack Surface

Entry Points1

Unprotected1

AJAX Handlers 1

authwp_ajax_save_stock_controlcontrollers\app\StockControlPlugin.php:157

WordPress Hooks 19

actionplugins_loadedcontrollers\app\StockControlPlugin.php:116

actionadmin_enqueue_scriptscontrollers\app\StockControlPlugin.php:138

actionadmin_enqueue_scriptscontrollers\app\StockControlPlugin.php:139

actionwoocommerce_product_set_stockcontrollers\app\StockControlPlugin.php:141

actionadmin_menucontrollers\app\StockControlPlugin.php:143

actionadmin_menucontrollers\app\StockControlPlugin.php:144

filterwoocommerce_settings_tabs_arraycontrollers\app\StockControlPlugin.php:147

actionwoocommerce_settings_tabs_stock_controlcontrollers\app\StockControlPlugin.php:148

actionwoocommerce_update_options_stock_controlcontrollers\app\StockControlPlugin.php:149

actionwoocommerce_update_options_stock_controlcontrollers\app\StockControlPlugin.php:150

actionwoocommerce_update_options_stock_controlcontrollers\app\StockControlPlugin.php:152

actionwpcontrollers\app\StockControlPlugin.php:154

actionpurge_stock_datacontrollers\app\StockControlPlugin.php:155

actionwp_enqueue_scriptscontrollers\app\StockControlPlugin.php:171

actionwp_enqueue_scriptscontrollers\app\StockControlPlugin.php:172

filterset-screen-optionviews\StockControlShowLogProduct.php:22

actionadmin_initviews\StockControlShowLogProduct.php:25

filterset-screen-optionviews\StockControlStockOverview.php:24

actionadmin_initviews\StockControlStockOverview.php:27

Scheduled Events 1

purge_stock_data

Maintenance & Trust

Stock Control Maintenance & Trust

Maintenance Signals

WordPress version tested6.5.8

Last updatedJul 24, 2024

PHP min version

Downloads915

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Stock Control Alternatives

Check & Log Email – Easy Email Testing & Mail logging

check-email

Check & Log email allows you to test if your website is correctly sending emails . Overriding of email headers and carbon copying to another address.

100K 6 CVEs

RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging

wp-rss-aggregator

The #1 WordPress RSS aggregator to quickly import RSS feeds, build a news aggregator, and for easy autoblogging.

50K 13 CVEs

RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator

feedzy-rss-feeds

The most powerful WordPress RSS aggregator, helping you curate content, autoblog, import RSS & display unlimited RSS feeds within a few minutes.

40K 11 CVEs

Mail logging – WP Mail Catcher

wp-mail-catcher

Stop from ever losing your emails again! This fast, lightweight plugin (under 140kb in size!) is also useful for debugging or backing up your messages

20K 5 CVEs

Disable Blog

disable-blog

100

All the power of WordPress, without a blog.

10K No CVEs

Developer Profile

Stock Control Developer Profile

oacstudio

3 plugins · 510 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

217 days

View full developer profile

Detection Fingerprints

How We Detect Stock Control

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/stock-control/admin/css/stock-control-admin.css/wp-content/plugins/stock-control/public/css/stock-control-public.css/wp-content/plugins/stock-control/admin/js/stock-control-admin.js/wp-content/plugins/stock-control/public/js/stock-control-public.js

Script Paths

/wp-content/plugins/stock-control/admin/js/stock-control-admin.js/wp-content/plugins/stock-control/public/js/stock-control-public.js

Version Parameters

stock-control/admin/css/stock-control-admin.css?ver=stock-control/public/css/stock-control-public.css?ver=stock-control/admin/js/stock-control-admin.js?ver=stock-control/public/js/stock-control-public.js?ver=

HTML / DOM Fingerprints

CSS Classes

oacs-sc-stock-control-wrap

HTML Comments

<!-- Friendly advice:  namespace declarations in root plugin file will eat plugin settings links functions that don't use namespaces ;). Avoid Namespaces in the plugin root file alltogether. The plugin root file = procedual code for the win. -->

+23 more

Data Attributes

data-page-title="Stock Control"data-plugin-slug="stock-control"

JS Globals

window.oacs_sc_stock_control_vars

REST Endpoints

/wp-json/oacs-sc-stock-control/v1/save-stock-control

FAQ