Does TC Ecommerce – Create Android & iOS Apps for WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in TC Ecommerce – Create Android & iOS Apps for WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is TC Ecommerce – Create Android & iOS Apps for WooCommerce compatible with WordPress 6.8.0?

According to WordPress.org data, TC Ecommerce – Create Android & iOS Apps for WooCommerce 1.4.1 has been tested up to WordPress 6.8.0. Check the plugin's changelog for the latest compatibility information.

Is TC Ecommerce – Create Android & iOS Apps for WooCommerce compatible with PHP 7.4+?

TC Ecommerce – Create Android & iOS Apps for WooCommerce requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

TC Ecommerce – Create Android & iOS Apps for WooCommerce Security & Risk Analysis

wordpress.org/plugins/tc-ecommerce

TC eCommerce Plugin is complete mobile app solution for android and iOS platform with WordPress WooCommerce as backend.

30 active installs v1.4.1 PHP 7.4+ WP 5.3+ Updated Jun 24, 2025

app-builderwoocommerce-appflutter-appionic-appmobile-builder

A · Safe

CVEs total2

Unpatched0

Last CVEJan 27, 2025

Plugin page Download

Safety Verdict

Is TC Ecommerce – Create Android & iOS Apps for WooCommerce Safe to Use in 2026?

Generally Safe

Score 95/100

TC Ecommerce – Create Android & iOS Apps for WooCommerce has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Jan 27, 2025Updated 9mo ago

Risk Assessment

The 'tc-ecommerce' plugin v1.4.1 presents a mixed security posture. While it demonstrates good practices in SQL query preparation (97% prepared) and output escaping (89%), significant concerns arise from its attack surface and past vulnerabilities. The presence of 8 AJAX handlers, with 3 lacking authentication checks, directly exposes critical functionalities to unauthenticated users. Furthermore, the taint analysis, though not yielding critical or high severity unsanitized paths, still identified 5 flows with unsanitized paths, indicating potential for subtle vulnerabilities. The plugin's history of 2 known CVEs, including a past critical SQL injection and authentication bypass, is a significant red flag. The fact that these past vulnerabilities are currently patched is positive, but the pattern of critical and high severity issues suggests a history of insecure coding practices that could resurface. The use of the `unserialize` function, even once, without explicit context, raises concerns about potential deserialization vulnerabilities if untrusted data is processed.

Key Concerns

Unprotected AJAX handlers
Past critical CVE history
Past high CVE history
Flows with unsanitized paths
Dangerous function: unserialize

Vulnerabilities

TC Ecommerce – Create Android & iOS Apps for WooCommerce Security Vulnerabilities

CVEs by Year

2 CVEs in 2025

2025

Patched Has unpatched

Severity Breakdown

Critical

High

2 total CVEs

CVE-2024-13726high · 7.5Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Themes Coder <= 1.3.4 - Unauthenticated SQL Injection

Jan 27, 2025 Patched in 1.4.0 (152d)

CVE-2024-12402critical · 9.8Authentication Bypass Using an Alternate Path or Channel

Themes Coder – Create Android & iOS Apps For Your Woocommerce Site <= 1.3.4 - Insecure Direct Object Reference to Password Change/Account Takeover/Privilege Escalation

Jan 6, 2025 Patched in 1.4.0 (199d)

Code Analysis

Analyzed Mar 16, 2026

TC Ecommerce – Create Android & iOS Apps for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

38 prepared

Unescaped Output

279

2206 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$store_info = unserialize( $terms_data['vendor_data'][0] );controller\app_settings.php:973

Bundled Libraries

Select2

SQL Query Safety

97% prepared39 total queries

Output Escaping

89% escaped2485 total outputs

Data Flows

5 unsanitized

Data Flow Analysis

13 flows5 with unsanitized paths

save_scheme (framework\inc\extensions\color_scheme\class-redux-extension-color-scheme.php:573)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

3 unprotected

TC Ecommerce – Create Android & iOS Apps for WooCommerce Attack Surface

Entry Points15

Unprotected3

AJAX Handlers 8

authwp_ajax_redux_hide_admin_noticeframework\inc\classes\class-redux-admin-notices.php:41

authwp_ajax_redux_update_google_fontsframework\inc\classes\class-redux-ajax-typography.php:26

authwp_ajax_redux_color_schemesframework\inc\extensions\color_scheme\class-redux-extension-color-scheme.php:78

noprivwp_ajax_redux_color_schemesframework\inc\extensions\color_scheme\class-redux-extension-color-scheme.php:79

authwp_ajax_redux_custom_fontsframework\inc\extensions\custom_fonts\class-redux-extension-custom-fonts.php:137

authwp_ajax_redux_custom_font_timerframework\inc\extensions\custom_fonts\class-redux-extension-custom-fonts.php:138

authwp_ajax_redux_get_iconsframework\inc\extensions\icon_select\class-redux-extension-icon-select.php:50

authwp_ajax_redux_delete_widget_areaframework\inc\extensions\widget_areas\class-redux-extension-widget-areas.php:54

Shortcodes 7

[bloginfo] framework\inc\extensions\shortcodes\class-redux-shortcodes.php:69

[redux_bloginfo] framework\inc\extensions\shortcodes\class-redux-shortcodes.php:71

[themeinfo] framework\inc\extensions\shortcodes\class-redux-shortcodes.php:75

[redux_themeinfo] framework\inc\extensions\shortcodes\class-redux-shortcodes.php:77

[date] framework\inc\extensions\shortcodes\class-redux-shortcodes.php:81

[redux_date] framework\inc\extensions\shortcodes\class-redux-shortcodes.php:83

[social_profiles] framework\inc\extensions\social_profiles\social_profiles\inc\class-redux-social-profiles-shortcode.php:43

WordPress Hooks 102

actionplugins_loadedframework\class-redux-core.php:222

filterdebug_informationframework\class-redux-core.php:347

actionadmin_noticesframework\inc\classes\class-redux-admin-notices.php:42

actionadmin_initframework\inc\classes\class-redux-admin-notices.php:43

actionafter_setup_themeframework\inc\classes\class-redux-api.php:123

actioninitframework\inc\classes\class-redux-api.php:124

actionswitch_themeframework\inc\classes\class-redux-api.php:125

actionplugins_loadedframework\inc\classes\class-redux-api.php:181

actionReduxFrameworkPlugin_admin_noticeframework\inc\classes\class-redux-api.php:1742

actionredux_framework_plugin_admin_noticeframework\inc\classes\class-redux-api.php:1743

actionadmin_enqueue_scriptsframework\inc\classes\class-redux-enqueue.php:58

actionwp_enqueue_scriptsframework\inc\classes\class-redux-enqueue.php:61

filterredux/fieldsframework\inc\classes\class-redux-extension-abstract.php:169

actionwp_headframework\inc\classes\class-redux-functions-ex.php:216

actioninitframework\inc\classes\class-redux-i18n.php:26

actionredux/constructframework\inc\classes\class-redux-instances.php:75

actionadmin_initframework\inc\classes\class-redux-options-constructor.php:63

actionwp_headframework\inc\classes\class-redux-output.php:31

actionwp_enqueue_scriptsframework\inc\classes\class-redux-output.php:32

actionlogin_headframework\inc\classes\class-redux-output.php:37

actionlogin_enqueue_scriptsframework\inc\classes\class-redux-output.php:38

actionadmin_headframework\inc\classes\class-redux-output.php:43

actionadmin_enqueue_scriptsframework\inc\classes\class-redux-output.php:44

filterstyle_loader_tagframework\inc\classes\class-redux-output.php:185

filterwp_resource_hintsframework\inc\classes\class-redux-output.php:186

actionadmin_menuframework\inc\classes\class-redux-page-render.php:49

actionnetwork_admin_menuframework\inc\classes\class-redux-page-render.php:53

actionadmin_headframework\inc\classes\class-redux-page-render.php:142

filteradmin_footer_textframework\inc\classes\class-redux-page-render.php:145

filterdeprecated_file_trigger_errorframework\inc\classes\class-redux-panel.php:317

actioncustomize_registerframework\inc\extensions\customizer\class-redux-extension-customizer.php:142

actionwp_headframework\inc\extensions\customizer\class-redux-extension-customizer.php:143

actioncustomize_save_afterframework\inc\extensions\customizer\class-redux-extension-customizer.php:145

actioncustomize_controls_print_scriptsframework\inc\extensions\customizer\class-redux-extension-customizer.php:148

actioncustomize_controls_initframework\inc\extensions\customizer\class-redux-extension-customizer.php:149

actionwp_enqueue_stylesframework\inc\extensions\customizer\class-redux-extension-customizer.php:150

actionredux/extension/customizer/control_initframework\inc\extensions\customizer\class-redux-extension-customizer.php:152

actioncustomize_controls_print_stylesframework\inc\extensions\customizer\class-redux-extension-customizer.php:155

filterupload_mimesframework\inc\extensions\custom_fonts\class-redux-extension-custom-fonts.php:150

actionwp_headframework\inc\extensions\custom_fonts\class-redux-extension-custom-fonts.php:151

filtertiny_mce_before_initframework\inc\extensions\custom_fonts\class-redux-extension-custom-fonts.php:152

actionadmin_footerframework\inc\extensions\icon_select\icon_select\class-redux-icon-select.php:388

actioncustomize_controls_print_footer_scriptsframework\inc\extensions\icon_select\icon_select\class-redux-icon-select.php:389

filterupload_mimesframework\inc\extensions\import_export\class-redux-extension-import-export.php:64

actionsave_postframework\inc\extensions\metaboxes\class-redux-extension-metaboxes.php:198

actionpre_post_updateframework\inc\extensions\metaboxes\class-redux-extension-metaboxes.php:199

actionadmin_noticesframework\inc\extensions\metaboxes\class-redux-extension-metaboxes.php:200

actionadmin_enqueue_scriptsframework\inc\extensions\metaboxes\class-redux-extension-metaboxes.php:201

actionthe_postframework\inc\extensions\metaboxes\class-redux-extension-metaboxes.php:204

actionloop_endframework\inc\extensions\metaboxes\class-redux-extension-metaboxes.php:205

actioninitframework\inc\extensions\metaboxes\class-redux-metaboxes-api.php:89

actionadmin_enqueue_scriptsframework\inc\extensions\metaboxes\class-redux-metaboxes-api.php:129

actionwp_enqueue_scriptsframework\inc\extensions\social_profiles\class-redux-extension-social-profiles.php:115

filterredux/metaboxes/save/before_validateframework\inc\extensions\social_profiles\class-redux-extension-social-profiles.php:119

actionwidgets_initframework\inc\extensions\social_profiles\social_profiles\inc\class-redux-social-profiles-widget.php:53

actionadmin_noticesframework\inc\extensions\taxonomy\class-redux-extension-taxonomy.php:162

actionadmin_enqueue_scriptsframework\inc\extensions\taxonomy\class-redux-extension-taxonomy.php:163

actioninitframework\inc\extensions\taxonomy\class-redux-taxonomy-api.php:77

actioncreate_termframework\inc\extensions\taxonomy\redux-taxonomy-helpers.php:29

actionadmin_noticesframework\inc\extensions\users\class-redux-extension-users.php:155

actionadmin_enqueue_scriptsframework\inc\extensions\users\class-redux-extension-users.php:156

actionpersonal_options_updateframework\inc\extensions\users\class-redux-extension-users.php:161

actionedit_user_profile_updateframework\inc\extensions\users\class-redux-extension-users.php:162

actionshow_user_profileframework\inc\extensions\users\class-redux-extension-users.php:315

actionedit_user_profileframework\inc\extensions\users\class-redux-extension-users.php:316

actionuser_new_formframework\inc\extensions\users\class-redux-extension-users.php:317

actioninitframework\inc\extensions\users\class-redux-users-api.php:77

actioncreate_termframework\inc\extensions\users\redux-users-helpers.php:29

actioninitframework\inc\extensions\widget_areas\class-redux-widget-areas.php:72

actionadmin_print_scriptsframework\inc\extensions\widget_areas\class-redux-widget-areas.php:75

actionload-widgets.phpframework\inc\extensions\widget_areas\class-redux-widget-areas.php:76

actionload-widgets.phpframework\inc\extensions\widget_areas\class-redux-widget-areas.php:77

actionadmin_enqueue_scriptsframework\inc\themecheck\class-redux-themecheck.php:71

actionadmin_enqueue_scriptsframework\inc\themecheck\class-redux-themecheck.php:72

actionthemecheck_checks_loadedframework\inc\themecheck\class-redux-themecheck.php:74

actionthemecheck_checks_loadedframework\inc\themecheck\class-redux-themecheck.php:75

actioninitframework\inc\validation\unique_slug\class-redux-validation-unique-slug.php:82

actioninitframework\inc\welcome\class-redux-welcome.php:49

actionadmin_menuframework\inc\welcome\class-redux-welcome.php:61

filteradmin_footer_textframework\inc\welcome\class-redux-welcome.php:67

actionadmin_headframework\inc\welcome\class-redux-welcome.php:68

actionwoocommerce_coupon_optionsfunctions\tc_app_notifications_function.php:6

actioninitfunctions\tc_geo_fencing_functions.php:45

actionadd_meta_boxesfunctions\tc_geo_fencing_functions.php:72

actionsave_postfunctions\tc_geo_fencing_functions.php:103

filterrest_pre_serve_requestfunctions\tc_miscellaneous_functions.php:193

filterwoocommerce_ship_to_different_address_checkedfunctions\tc_miscellaneous_functions.php:234

actionadmin_enqueue_scriptsfunctions\tc_miscellaneous_functions.php:263

actionadmin_menutc-ecommerce.php:35

actionadmin_menutc-ecommerce.php:48

actionadmin_menutc-ecommerce.php:49

actionadmin_menutc-ecommerce.php:52

actionrest_api_inittc-ecommerce.php:75

actionadmin_noticestc-ecommerce.php:81

actionwp_headtc-ecommerce.php:84

actionplugins_loadedtc-ecommerce.php:85

actionwoocommerce_coupon_options_savetc-ecommerce.php:86

actionrest_api_inittc-ecommerce.php:87

actionshow_user_profiletc-ecommerce.php:89

actionedit_user_profiletc-ecommerce.php:90

actionpersonal_options_updatetc-ecommerce.php:92

actionedit_user_profile_updatetc-ecommerce.php:93

Maintenance & Trust

TC Ecommerce – Create Android & iOS Apps for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.0

Last updatedJun 24, 2025

PHP min version7.4

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs30

Alternatives

TC Ecommerce – Create Android & iOS Apps for WooCommerce Alternatives

MStore API – Create Native Android & iOS Apps On The Cloud

mstore-api

Take your WordPress store mobile with MStore API! This plugin bridges the gap between your WordPress website and the powerful FluxBuilder app builder.

3K 28 CVEs

Mobile builder

mobile-builder

The most advanced drag & drop app builder. Create multi templates and app controls.

100 1 unpatched

Taqnix

taqnix

100

Build AI-powered mobile apps for WordPress/WooCommerce. No code, 100+ templates, push alerts, payments. Launch in minutes.

40 No CVEs

B2App – Android & iOS native apps builder without using code

b2app-no-code-mobile-app-builder

This Plugin is used for convert WooCommerce store to Android & iOS mobile app without using code.

10 No CVEs

WP Data Access – No-Code App Builder with Tables, Forms, Charts & Maps

wp-data-access

Turn your data into WordPress apps with tables, forms, charts & maps — no code required, with optional hooks for developers. Supports 35+ languages.

10K 6 CVEs

Developer Profile

TC Ecommerce – Create Android & iOS Apps for WooCommerce Developer Profile

themescoder

1 plugin · 30 total installs

trust score

Avg Security Score

95/100

Avg Patch Time

176 days

View full developer profile

Detection Fingerprints

How We Detect TC Ecommerce – Create Android & iOS Apps for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/tc-ecommerce/assets/css/tc-ecommerce.css/wp-content/plugins/tc-ecommerce/assets/js/tc-ecommerce.js/wp-content/plugins/tc-ecommerce/assets/css/tc-app-common-style.css/wp-content/plugins/tc-ecommerce/assets/js/tc-app-common-script.js/wp-content/plugins/tc-ecommerce/assets/js/tc_app_validation.js/wp-content/plugins/tc-ecommerce/assets/js/tc_app_push_notification.js/wp-content/plugins/tc-ecommerce/assets/js/tc_app_custom.js

Script Paths

/wp-content/plugins/tc-ecommerce/assets/js/tc-ecommerce.js/wp-content/plugins/tc-ecommerce/assets/js/tc-app-common-script.js/wp-content/plugins/tc-ecommerce/assets/js/tc_app_validation.js/wp-content/plugins/tc-ecommerce/assets/js/tc_app_push_notification.js/wp-content/plugins/tc-ecommerce/assets/js/tc_app_custom.js

Version Parameters

tc-ecommerce/assets/css/tc-ecommerce.css?ver=tc-ecommerce/assets/js/tc-ecommerce.js?ver=tc-ecommerce/assets/css/tc-app-common-style.css?ver=tc-ecommerce/assets/js/tc-app-common-script.js?ver=tc-ecommerce/assets/js/tc_app_validation.js?ver=tc-ecommerce/assets/js/tc_app_push_notification.js?ver=tc-ecommerce/assets/js/tc_app_custom.js?ver=

HTML / DOM Fingerprints

CSS Classes

tc-app-push-notificationtc-app-common-style

Data Attributes

tc_app_purchase_codetc_app_plugin_activetc_app_buyertc_app_expiry

JS Globals

tc_app_purchase_codetc_app_plugin_activetc_app_buyertc_app_expirytc_user_routestc_app_routes+1 more

REST Endpoints

/wp-json/tc-ecommerce/v1/tc_user_routes/wp-json/tc-ecommerce/v1/tc_app_routes/wp-json/tc-ecommerce/v1/tc_tera_wallet_routes

Shortcode Output

template-mobile-checkout.php

FAQ

TC Ecommerce – Create Android & iOS Apps for WooCommerce Security & Risk Analysis

Is TC Ecommerce – Create Android & iOS Apps for WooCommerce Safe to Use in 2026?

Generally Safe

Key Concerns

TC Ecommerce – Create Android & iOS Apps for WooCommerce Security Vulnerabilities

CVEs by Year

Severity Breakdown

TC Ecommerce – Create Android & iOS Apps for WooCommerce Code Analysis

Dangerous Functions Found

Bundled Libraries

SQL Query Safety

Output Escaping

Data Flow Analysis

TC Ecommerce – Create Android & iOS Apps for WooCommerce Attack Surface

AJAX Handlers 8

Shortcodes 7

TC Ecommerce – Create Android & iOS Apps for WooCommerce Maintenance & Trust

Maintenance Signals

Community Trust

TC Ecommerce – Create Android & iOS Apps for WooCommerce Alternatives

MStore API – Create Native Android & iOS Apps On The Cloud

Mobile builder

Taqnix

B2App – Android & iOS native apps builder without using code

WP Data Access – No-Code App Builder with Tables, Forms, Charts & Maps

TC Ecommerce – Create Android & iOS Apps for WooCommerce Developer Profile

How We Detect TC Ecommerce – Create Android & iOS Apps for WooCommerce

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about TC Ecommerce – Create Android & iOS Apps for WooCommerce