WP-Safety

TrustLens – Customer Risk Intelligence & Abuse Detection for WooCommerce Security & Risk Analysis

wordpress.org/plugins/trustlens

Detect return abuse, coupon abuse, risky customers, and linked accounts in WooCommerce with behavior-based trust scores and risk segments.

0 active installs v1.1.8 PHP 7.4+ WP 6.4+ Updated Mar 31, 2026
chargebackscoupon-abusefraud-preventionreturn-abusewoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is TrustLens – Customer Risk Intelligence & Abuse Detection for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

TrustLens – Customer Risk Intelligence & Abuse Detection for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The TrustLens plugin v1.2.1 exhibits a strong security posture in several key areas, indicating good development practices. Notably, 100% of SQL queries use prepared statements, and all output is properly escaped, significantly mitigating risks of SQL injection and cross-site scripting (XSS) vulnerabilities. The complete absence of file operations and external HTTP requests further reduces the potential attack surface. A robust implementation of nonce and capability checks on its AJAX handlers, with no unprotected entry points, is also a positive sign. The plugin's vulnerability history is clean, with no known CVEs, which suggests a history of secure development or prompt patching.

However, the static analysis does reveal some areas for concern. The taint analysis highlights 5 high-severity flows with unsanitized paths, which could potentially lead to exploitable vulnerabilities if not handled correctly within the application logic. While the analysis doesn't explicitly label these as vulnerabilities, the presence of unsanitized paths is a significant red flag that warrants careful investigation. The bundling of Freemius v1.0, while a common practice, could also represent a potential risk if this specific version has known vulnerabilities, although no history of such issues is provided.

In conclusion, TrustLens v1.2.1 is generally well-secured due to its diligent use of prepared statements and output escaping. The lack of historical vulnerabilities is reassuring. The primary risk lies in the identified unsanitized paths in the taint analysis. Addressing these potential flows and ensuring the bundled Freemius library is up-to-date or free from known issues would further solidify the plugin's security.

Key Concerns

  • High severity taint flows with unsanitized paths
  • Bundled outdated library (Freemius v1.0)
Vulnerabilities
None known

TrustLens – Customer Risk Intelligence & Abuse Detection for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

TrustLens – Customer Risk Intelligence & Abuse Detection for WooCommerce Release Timeline

v1.1.8Current
v1.1.7
v1.1.6
v1.1.5
v1.1.4
v1.1.3
v1.1.2
v1.1.1
v1.1.0
v1.0.6
v1.0.5
v1.0.4
v1.0.3
v1.0.1
Code Analysis
Analyzed Apr 16, 2026

TrustLens – Customer Risk Intelligence & Abuse Detection for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
199 prepared
Unescaped Output
4
1175 escaped
Nonce Checks
31
Capability Checks
13
File Operations
0
External Requests
0
Bundled Libraries
1

Bundled Libraries

Freemius1.0

SQL Query Safety

100% prepared199 total queries

Output Escaping

100% escaped1179 total outputs
Data Flows · Security
6 unsanitized

Data Flow Analysis

6 flows6 with unsanitized paths
maybe_render_report (includes/class-dispute-report.php:79)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

TrustLens – Customer Risk Intelligence & Abuse Detection for WooCommerce Attack Surface

Entry Points30
Unprotected0

AJAX Handlers 30

authwp_ajax_wstl_block_customeradmin/class-admin-ajax.php:25
authwp_ajax_wstl_unblock_customeradmin/class-admin-ajax.php:26
authwp_ajax_wstl_allowlist_customeradmin/class-admin-ajax.php:27
authwp_ajax_wstl_remove_allowlistadmin/class-admin-ajax.php:28
authwp_ajax_wstl_start_syncadmin/class-admin-ajax.php:29
authwp_ajax_wstl_process_sync_batchadmin/class-admin-ajax.php:30
authwp_ajax_wstl_stop_syncadmin/class-admin-ajax.php:31
authwp_ajax_wstl_reset_syncadmin/class-admin-ajax.php:32
authwp_ajax_wstl_generate_api_keyadmin/class-admin-ajax.php:33
authwp_ajax_wstl_reset_dataadmin/class-admin-ajax.php:34
authwp_ajax_wstl_bulk_actionadmin/class-admin-ajax.php:35
authwp_ajax_wstl_recalculate_scoreadmin/class-admin-ajax.php:36
authwp_ajax_wstl_chargeback_backfill_stepadmin/class-admin-ajax.php:37
authwp_ajax_wstl_save_noteadmin/class-admin-ajax.php:38
authwp_ajax_wstl_export_csvadmin/class-admin-ajax.php:39
authwp_ajax_wstl_send_test_notificationadmin/class-admin-ajax.php:40
authwp_ajax_wstl_save_automation_ruleadmin/class-admin-ajax.php:43
authwp_ajax_wstl_delete_automation_ruleadmin/class-admin-ajax.php:44
authwp_ajax_wstl_update_automation_rule_enabledadmin/class-admin-ajax.php:45
authwp_ajax_wstl_add_webhookadmin/class-admin-ajax.php:49
authwp_ajax_wstl_delete_webhookadmin/class-admin-ajax.php:50
authwp_ajax_wstl_test_webhookadmin/class-admin-ajax.php:51
authwp_ajax_wstl_add_report_scheduleadmin/class-admin-ajax.php:55
authwp_ajax_wstl_delete_report_scheduleadmin/class-admin-ajax.php:56
authwp_ajax_wstl_send_report_nowadmin/class-admin-ajax.php:57
authwp_ajax_wstl_update_report_schedule_enabledadmin/class-admin-ajax.php:58
authwp_ajax_wstl_dismiss_review_noticeadmin/class-admin-notices.php:31
authwp_ajax_wstl_remind_later_review_noticeadmin/class-admin-notices.php:32
authwp_ajax_wstl_export_customersincludes/class-data-export.php:60
authwp_ajax_wstl_export_customer_dataincludes/class-data-export.php:61
WordPress Hooks 70
actionadmin_noticesadmin/class-admin-notices.php:30
actionadmin_initadmin/class-admin-pages.php:25
actionadmin_menuadmin/class-admin-pages.php:26
actionadmin_enqueue_scriptsadmin/class-admin-pages.php:27
actionwp_dashboard_setupadmin/class-admin-pages.php:28
actionadd_meta_boxesadmin/class-admin-pages.php:29
actionadmin_initadmin/class-admin-settings.php:25
actiontrustlens/process_bulk_operationincludes/class-bulk-operations.php:587
actionwc_stripe_payment_completeincludes/class-card-brand-detector.php:86
actionwoocommerce_payments_payment_authenticatedincludes/class-card-brand-detector.php:87
actionwoocommerce_payment_completeincludes/class-card-brand-detector.php:88
actionwoocommerce_checkout_processincludes/class-checkout-blocker.php:61
filterwoocommerce_add_to_cart_validationincludes/class-checkout-blocker.php:64
filterwp_privacy_personal_data_exportersincludes/class-data-export.php:56
filterwp_privacy_personal_data_erasersincludes/class-data-export.php:57
actionadmin_initincludes/class-dispute-report.php:61
actiontrustlens/customer_profile_actionsincludes/class-dispute-report.php:64
actiontrustlens/order_metabox_actionsincludes/class-dispute-report.php:67
actiontrustlens/sync_batchincludes/class-historical-sync.php:77
actiontrustlens/sync_completeincludes/class-historical-sync.php:78
actionaction_scheduler_initincludes/class-install.php:625
actionplugins_loadedincludes/class-install.php:648
actionwoocommerce_checkout_order_createdincludes/class-linked-accounts.php:61
filtertrustlens/score_signalsincludes/class-linked-accounts.php:64
actiontrustlens/daily_cleanupincludes/class-linked-accounts.php:67
actiontrustlens/checkout_blockedincludes/class-notifications.php:67
actiontrustlens/welcome_summaryincludes/class-notifications.php:70
actiontrustlens/weekly_summaryincludes/class-notifications.php:73
actionwoocommerce_checkout_order_createdincludes/class-order-trust-column.php:132
actiontrustlens/backfill_email_hash_metaincludes/class-order-trust-column.php:137
filtermanage_woocommerce_page_wc-orders_columnsincludes/class-order-trust-column.php:145
actionmanage_woocommerce_page_wc-orders_custom_columnincludes/class-order-trust-column.php:146
filtermanage_woocommerce_page_wc-orders_sortable_columnsincludes/class-order-trust-column.php:147
actionwoocommerce_order_list_table_restrict_manage_ordersincludes/class-order-trust-column.php:148
filterwoocommerce_order_list_table_prepare_items_query_argsincludes/class-order-trust-column.php:149
filtermanage_edit-shop_order_columnsincludes/class-order-trust-column.php:152
actionmanage_shop_order_posts_custom_columnincludes/class-order-trust-column.php:153
filtermanage_edit-shop_order_sortable_columnsincludes/class-order-trust-column.php:154
actionrestrict_manage_postsincludes/class-order-trust-column.php:155
actionpre_get_postsincludes/class-order-trust-column.php:156
filterwoocommerce_orders_table_query_clausesincludes/class-order-trust-column.php:528
filterposts_joinincludes/class-order-trust-column.php:631
filterposts_whereincludes/class-order-trust-column.php:634
filterposts_orderbyincludes/class-order-trust-column.php:638
actionrest_api_initincludes/class-rest-api.php:62
actioninitincludes/class-trustlens.php:158
actioninitincludes/class-trustlens.php:159
actiontrustlens/calculate_scoreincludes/class-trustlens.php:162
actiontrustlens/daily_cleanupincludes/class-trustlens.php:165
actioninitincludes/class-trustlens.php:203
actionwp_mail_failedincludes/functions.php:581
actionwoocommerce_order_refundedincludes/modules/class-module-categories.php:75
actionwoocommerce_checkout_order_createdincludes/modules/class-module-categories.php:78
actionwoocommerce_checkout_order_createdincludes/modules/class-module-coupons.php:60
actionwoocommerce_order_refundedincludes/modules/class-module-coupons.php:63
filterwoocommerce_coupon_is_validincludes/modules/class-module-coupons.php:66
actiontrustlens/linked_accounts_detectedincludes/modules/class-module-coupons.php:69
actionwoocommerce_order_status_completedincludes/modules/class-module-orders.php:58
actionwoocommerce_checkout_order_createdincludes/modules/class-module-orders.php:61
actionwoocommerce_order_status_cancelledincludes/modules/class-module-orders.php:64
actionwoocommerce_order_refundedincludes/modules/class-module-returns.php:57
actionwoocommerce_order_status_completedincludes/modules/class-module-shipping-anomalies.php:58
actiontrustlens/backfill_address_country_codesincludes/modules/class-module-shipping-anomalies.php:80
actionafter_uninstalltrustlens.php:57
actionadmin_noticestrustlens.php:256
actionadmin_noticestrustlens.php:311
filtercron_schedulestrustlens.php:381
actionactivated_plugintrustlens.php:408
actionplugins_loadedtrustlens.php:420
actionbefore_woocommerce_inittrustlens.php:426

Scheduled Events 6

trustlens/welcome_summary
trustlens/daily_cleanup
trustlens/daily_digest
trustlens/monthly_report
trustlens/weekly_summary
trustlens/chargeback_alert_check
Maintenance & Trust

TrustLens – Customer Risk Intelligence & Abuse Detection for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 31, 2026
PHP min version7.4
Downloads546

Community Trust

Rating100/100
Number of ratings3
Active installs0
Alternatives

TrustLens – Customer Risk Intelligence & Abuse Detection for WooCommerce Alternatives

Fraud Prevention For WooCommerce and EDD

Fraud Prevention For WooCommerce and EDD

woo-blocker-lite-prevent-fake-orders-and-blacklist-fraud-customers

A
95

It will Prevent fake orders and Blacklist fraud customers of your store.

5K 3 CVEs
Blacklist Manager – WooCommerce Anti-Fraud & Checkout Verification & Spam Prevention

Blacklist Manager – WooCommerce Anti-Fraud & Checkout Verification & Spam Prevention

wc-blacklist-manager

A
100

Anti-fraud, checkout verification and spam prevention plugin for WooCommerce and WordPress forms.

2K No CVEs
FraudLabs Pro for WooCommerce

FraudLabs Pro for WooCommerce

fraudlabs-pro-for-woocommerce

A
98

Fraud prevention plugin for WooCommerce to minimize payment fraud and avoid chargebacks. With the FraudLabs Pro Micro Plan, you can get 500 free fraud …

1K 2 CVEs
Anti Fake Orders & IP Blocker

Anti Fake Orders & IP Blocker

anti-fake-orders-ip-blocker

A
100

Protect your WooCommerce store from fake orders by blocking suspicious IPs, emails, and detecting bot checkout activity.

400 No CVEs
IPQualityScore Fraud Detection

IPQualityScore Fraud Detection

ipqualityscore-fraud-detection

A
85

IPQualityScore Fraud Detection and Fraud Prevention Tools identify malicious behavior and fraudulent activity featuring Proxy & VPN Detection &amp …

90 No CVEs
Developer Profile

TrustLens – Customer Risk Intelligence & Abuse Detection for WooCommerce Developer Profile

webstepper

2 plugins · 10 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect TrustLens – Customer Risk Intelligence & Abuse Detection for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

FAQ

Frequently Asked Questions about TrustLens – Customer Risk Intelligence & Abuse Detection for WooCommerce