FeedCraft Product Feed Security & Risk Analysis
wordpress.org/plugins/thebasics-product-feedPowerful Google Merchant Center feed generator for WooCommerce. Adds GTIN, MPN, and Brand fields with high-performance XML/JSON REST API feeds.
Is FeedCraft Product Feed Safe to Use in 2026?
Generally Safe
Score 100/100FeedCraft Product Feed has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The plugin "thebasics-product-feed" v2.0.2 exhibits a generally strong security posture based on the provided static analysis. The absence of any identified attack surface, dangerous functions, direct SQL queries, or taint flows is a significant strength. Furthermore, the plugin demonstrates good practices by utilizing prepared statements for SQL and implementing nonce and capability checks, indicating a developer awareness of common WordPress security vulnerabilities.
However, a notable area of concern is the output escaping. With 52% of outputs properly escaped, there is a risk that the remaining 48% could be vulnerable to Cross-Site Scripting (XSS) attacks if the data originates from user input and is not properly sanitized before rendering. While no specific vulnerabilities or CVEs are recorded, this unescaped output presents a potential, albeit unconfirmed, risk.
In conclusion, the plugin is well-defended against many common attack vectors. The primary weakness lies in the incomplete output escaping, which warrants attention. The lack of recorded vulnerabilities is positive but should not lead to complacency, especially given the identified output escaping issues.
Key Concerns
- Significant portion of outputs not properly escaped
FeedCraft Product Feed Security Vulnerabilities
FeedCraft Product Feed Code Analysis
Output Escaping
FeedCraft Product Feed Attack Surface
WordPress Hooks 10
Maintenance & Trust
FeedCraft Product Feed Maintenance & Trust
Maintenance Signals
Community Trust
FeedCraft Product Feed Alternatives
Product Feed PRO for WooCommerce by AdTribes – Product Feeds for WooCommerce
woo-product-feed-pro
Most popular WooCommerce product feed plugin supporting Google shopping feed, meta/facebook feed, bing product feed & more.
Product Feed Manager For WooCommerce – Sell on 200+ Online Marketplaces
best-woocommerce-feed
Generate WooCommerce product feeds for 200+ marketplaces. Sell on Google Shopping, Facebook, Instagram, Amazon, eBay, TikTok and more.
WPMR Google Feed Manager for WooCommerce – Sell on Google Merchant Center & Shopping
wp-product-feed-manager
Easily create high-quality product feeds for Google Shopping and Google Merchant Center in your WooCommerce store. Increase sales on Google now!
WebToffee WooCommerce Product Feeds – Google Shopping, Pinterest, TikTok Ads, & More
webtoffee-product-feed
Create WooCommerce product feeds containing unlimited number of products. Supports Google Product feed, Facebook catalog feed, Instagram, Bing & m …
ELEX WooCommerce Google Shopping (Google Product Feed)
elex-woocommerce-google-product-feed-plugin-basic
The ELEX WooCommerce Google Shopping (Google Product Feed) plugin is a free WooCommerce plugin that serves in feeding your WooCommerce products to Goo …
FeedCraft Product Feed Developer Profile
1 plugin · 0 total installs
How We Detect FeedCraft Product Feed
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/thebasics-product-feed/assets/css/admin.css/wp-content/plugins/thebasics-product-feed/assets/js/admin.js/wp-content/plugins/thebasics-product-feed/assets/js/admin.jsthebasics-product-feed/assets/css/admin.css?ver=thebasics-product-feed/assets/js/admin.js?ver=HTML / DOM Fingerprints
feedcraft-settingsname="prime_feed_default_age_group"name="prime_feed_default_gender"name="prime_feed_require_images"name="prime_feed_color_attributes"name="prime_feed_size_attributes"name="prime_feed_size_case"+1 more/wp-json/feedcraft-product-feed/v1/xml/wp-json/feedcraft-product-feed/v1/json