WP-Safety

Store Restriction for WooCommerce – Advanced B2B, Wholesale & Content Visibility Control Security & Risk Analysis

wordpress.org/plugins/store-restriction-for-woocommerce

Securely hide products and categories by core role or country. Get the Pro version here: https://woocommerce.com/products/conditional-store-restrictio …

10 active installs v1.4.0 PHP 7.0+ WP 5.0+ Updated Mar 15, 2026
b2brestrict-productsvisibilitywholesalewoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Store Restriction for WooCommerce – Advanced B2B, Wholesale & Content Visibility Control Safe to Use in 2026?

Generally Safe

Score 100/100

Store Restriction for WooCommerce – Advanced B2B, Wholesale & Content Visibility Control has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 19d ago
Risk Assessment

The "store-restriction-for-woocommerce" plugin v1.4.0 exhibits a concerning security posture primarily due to its extensive, unprotected REST API attack surface. While the code demonstrates good practices by utilizing prepared statements for all SQL queries and properly escaping all output, the absence of permission callbacks on all 12 REST API routes presents a significant risk. This means any authenticated user, or potentially even unauthenticated users depending on WordPress's default REST API behavior, could interact with these endpoints without proper authorization checks. The lack of nonce checks and the presence of file operations also add to the potential attack vectors, though the absence of known vulnerabilities in its history is a positive sign. The bundled Freemius library, while not inherently a risk, should be monitored for its own security updates. Overall, the plugin has strengths in its data handling, but the unprotected entry points are a major weakness that requires immediate attention.

Key Concerns

  • 12 unprotected REST API routes
  • 0 nonce checks
  • 2 file operations detected
  • Bundled outdated Freemius v1.0
Vulnerabilities
None known

Store Restriction for WooCommerce – Advanced B2B, Wholesale & Content Visibility Control Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Store Restriction for WooCommerce – Advanced B2B, Wholesale & Content Visibility Control Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
5 escaped
Nonce Checks
0
Capability Checks
8
File Operations
2
External Requests
0
Bundled Libraries
1

Bundled Libraries

Freemius1.0

Output Escaping

100% escaped5 total outputs
Attack Surface
12 unprotected

Store Restriction for WooCommerce – Advanced B2B, Wholesale & Content Visibility Control Attack Surface

Entry Points12
Unprotected12

REST API Routes 12

POST/wp-json/srfw/v1/settings/globalincludes\admin\class-srfw-register.php:16
GET/wp-json/srfw/v1/settings/get-saved-dataincludes\admin\class-srfw-register.php:21
POST/wp-json/srfw/v1/settings/roleincludes\admin\class-srfw-register.php:26
GET/wp-json/srfw/v1/settings/role/(?P<role>[a-zA-Z0-9_-]+)includes\admin\class-srfw-register.php:31
GET/wp-json/srfw/v1/settings/rolesincludes\admin\class-srfw-register.php:36
POST/wp-json/srfw/v1/settings/countryincludes\admin\class-srfw-register.php:41
GET/wp-json/srfw/v1/settings/country/(?P<country>[a-zA-Z0-9_-]+)includes\admin\class-srfw-register.php:46
GET/wp-json/srfw/v1/settings/countriesincludes\admin\class-srfw-register.php:51
POST/wp-json/srfw/v1/settings/roles/bulkincludes\admin\class-srfw-register.php:57
POST/wp-json/srfw/v1/settings/countries/bulkincludes\admin\class-srfw-register.php:63
POST/wp-json/srfw/v1/settings/orderincludes\admin\class-srfw-register.php:69
GET/wp-json/srfw/v1/settings/orderincludes\admin\class-srfw-register.php:74
WordPress Hooks 13
actionadmin_enqueue_scriptsincludes\admin\class-srfw-register.php:9
actionrest_api_initincludes\admin\class-srfw-register.php:10
actionadmin_initincludes\admin\class-srfw-register.php:11
filterwoocommerce_settings_tabs_arrayincludes\admin\class-srfw-register.php:379
actionwoocommerce_settings_tabs_srfwincludes\admin\class-srfw-register.php:380
actiontemplate_redirectincludes\front\class-srfw-front.php:9
actionpre_get_postsincludes\front\class-srfw-front.php:10
filterwoocommerce_product_is_visibleincludes\front\class-srfw-front.php:11
filterwoocommerce_is_purchasableincludes\front\class-srfw-front.php:12
filterwoocommerce_add_to_cart_validationincludes\front\class-srfw-front.php:13
actionbefore_woocommerce_initstore-restriction-for-woocommerce.php:78
filterplugin_row_metastore-restriction-for-woocommerce.php:89
actionadmin_noticesstore-restriction-for-woocommerce.php:91
Maintenance & Trust

Store Restriction for WooCommerce – Advanced B2B, Wholesale & Content Visibility Control Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 15, 2026
PHP min version7.0
Downloads1K

Community Trust

Rating100/100
Number of ratings3
Active installs10
Alternatives

Store Restriction for WooCommerce – Advanced B2B, Wholesale & Content Visibility Control Alternatives

Wholesale Suite – B2B, Dynamic Pricing & WooCommerce Wholesale Prices

Wholesale Suite – B2B, Dynamic Pricing & WooCommerce Wholesale Prices

woocommerce-wholesale-prices

A
89

WooCommerce wholesale plugin for serving wholesale & B2B customers. Adds wholesale pricing, user roles, dynamic pricing & more.

20K 6 CVEs
B2BKing — Ultimate WooCommerce B2B and Wholesale Solution — Dynamic Pricing, Wholesale Order Form & More

B2BKing — Ultimate WooCommerce B2B and Wholesale Solution — Dynamic Pricing, Wholesale Order Form & More

b2bking-wholesale-for-woocommerce

A
99

B2BKing is the complete solution for running a Wholesale, B2B or B2B + B2C hybrid store with WooCommerce.

10K 2 CVEs
CatalogX – Catalog Mode, Enquiry & Quotes for WooCommerce

CatalogX – Catalog Mode, Enquiry & Quotes for WooCommerce

woocommerce-catalog-enquiry

A
96

WooCommerce Catalog Mode, product enquiry, and request a quote plugin. Hide prices, disable cart, and collect enquiries easily.

6K 5 CVEs
Country Based Restrictions for WooCommerce

Country Based Restrictions for WooCommerce

woo-product-country-base-restrictions

A
100

Restrict WooCommerce products by country — hide or block purchases using geolocation so only customers in allowed countries can buy.

5K No CVEs
WholesaleX – B2B & Wholesale Plugin for WooCommerce with Wholesale Prices

WholesaleX – B2B & Wholesale Plugin for WooCommerce with Wholesale Prices

wholesalex

A
97

Best WooCommerce wholesale plugin with features like b2b wholesale prices, wholesale order form, tiered pricing, catalog mode, dynamic pricing, etc!

2K 4 CVEs
Developer Profile

Store Restriction for WooCommerce – Advanced B2B, Wholesale & Content Visibility Control Developer Profile

VerseSofts

7 plugins · 130 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Store Restriction for WooCommerce – Advanced B2B, Wholesale & Content Visibility Control

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/store-restriction-for-woocommerce/assets/css/admin-style.css/wp-content/plugins/store-restriction-for-woocommerce/assets/js/admin-script.js
Script Paths
/wp-content/plugins/store-restriction-for-woocommerce/freemius/start.php/wp-content/plugins/store-restriction-for-woocommerce/includes/admin/class-srfw-register.php/wp-content/plugins/store-restriction-for-woocommerce/includes/front/class-srfw-front.php

HTML / DOM Fingerprints

CSS Classes
srfw-settings-pagesrfw-admin-settings
HTML Comments
<!-- Freemius Integration Start (restored) --><!-- Freemius Integration End -->
Data Attributes
data-tab-iddata-settings-group
JS Globals
srfw_fs
REST Endpoints
/srfw/v1/settings/global/srfw/v1/settings/get-saved-data/srfw/v1/settings/role/srfw/v1/settings/role/(?P<role>[a-zA-Z0-9_-]+)/srfw/v1/settings/roles/srfw/v1/settings/country/srfw/v1/settings/country/(?P<country>[a-zA-Z0-9_-]+)/srfw/v1/settings/countries/srfw/v1/settings/roles/bulk/srfw/v1/settings/countries/bulk/srfw/v1/settings/order
FAQ

Frequently Asked Questions about Store Restriction for WooCommerce – Advanced B2B, Wholesale & Content Visibility Control