
Teleshop Security & Risk Analysis
wordpress.org/plugins/teleshopCreate your online store in Telegram in minutes!
Is Teleshop Safe to Use in 2026?
Generally Safe
Score 92/100Teleshop has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "teleshop" plugin v1.0.2 exhibits a mixed security posture. On the positive side, it demonstrates excellent practices by exclusively using prepared statements for SQL queries and ensuring all output is properly escaped, indicating a strong defense against common injection and XSS vulnerabilities. The absence of file operations and external HTTP requests further reduces its attack surface in those areas. However, a significant concern arises from the plugin's attack surface. All four identified AJAX handlers lack authentication checks, making them susceptible to unauthorized access and execution by unauthenticated users. This is further exacerbated by a taint analysis flow flagged with "unsanitized paths" and high severity, suggesting a potential pathway for malicious input to be processed in an unsafe manner, despite the overall low number of flows analyzed.
The plugin's vulnerability history is currently clean, with no recorded CVEs. This suggests a lack of past security incidents, which is positive. However, it's important to note that a clean history does not guarantee future security, especially when significant attack surface vulnerabilities are present. The plugin's strengths lie in its secure handling of database interactions and output, but the critical weakness of unprotected AJAX endpoints and a potentially unsanitized taint flow represent a substantial risk that needs immediate attention.
Key Concerns
- AJAX handlers without authentication
- High severity taint flow with unsanitized path
Teleshop Security Vulnerabilities
Teleshop Release Timeline
Teleshop Code Analysis
Bundled Libraries
SQL Query Safety
Output Escaping
Data Flow Analysis
Teleshop Attack Surface
AJAX Handlers 4
WordPress Hooks 14
Maintenance & Trust
Teleshop Maintenance & Trust
Maintenance Signals
Community Trust
Teleshop Alternatives
External Product New Tab for WooCommerce
wc-external-product-new-tab
This plugin sets all external / affiliate product buy now links on a WooCommerce site to open in a new web browser tab.
Invoice Payment Gateway for WooCommerce
wc-invoice-gateway
The Invoice Payment Gateway for WooCommerce plugin adds an Invoice Payment Gateway feature to the WooCommerce plugin for B2B transactions when instant …
Recently Viewed Product for WooCommerce
recently-viewed-products-for-woocommerce
Recently Viewed Products for WooCommerce Listing page, you can easily add recently viewed product section by activate the plugin.
Cargus
cargus
Use Cargus delivery methods to ship and deliver your orders.
Bot for Telegram on WooCommerce
bot-for-telegram-on-woocommerce
Bot for Telegram on WooCommerce is a plugin that allows you to create a telegram online store based on your website with WooCommerce.
Teleshop Developer Profile
1 plugin · 0 total installs
How We Detect Teleshop
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/teleshop/assets/css/widget.css/wp-content/plugins/teleshop/assets/js/widget.js/wp-content/plugins/teleshop/assets/js/widget.jsteleshop/assets/css/widget.css?ver=teleshop/assets/js/widget.js?ver=HTML / DOM Fingerprints
teleshop-widget-buttondata-teleshop-bot-tokendata-teleshop-bot-usernamedata-teleshop-bot-urldata-teleshop-bot-themedata-teleshop-button-textTeleshopWidget[teleshop_widget]