WP-Safety

Tryly.ai Virtual Try-On for WooCommerce Security & Risk Analysis

wordpress.org/plugins/tryly-ai-virtual-try-on-for-woocommerce

Transform your fashion store with virtual try-on technology. Let customers see how clothes look on them before buying - boost sales, reduce returns!

50 active installs v2.0.4 PHP 7.2+ WP 5.0+ Updated Feb 12, 2026
apparelclothingfashionvirtual-try-onwoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Tryly.ai Virtual Try-On for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Tryly.ai Virtual Try-On for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The plugin 'tryly-ai-virtual-try-on-for-woocommerce' v2.0.4 exhibits a generally strong security posture based on the provided static analysis. A significant strength is the complete absence of output unescaped data, coupled with robust nonce and capability checks on its AJAX endpoints, which form its primary attack surface. The plugin also avoids dangerous functions, file operations, and external HTTP requests, further bolstering its security. Its vulnerability history being clear of any recorded CVEs is also a positive indicator of its development practices.

However, there are areas for improvement. The SQL query usage is concerning, with only 29% of queries employing prepared statements. This leaves a significant portion of its database interactions potentially vulnerable to SQL injection if input sanitization is not perfectly implemented elsewhere. The presence of two 'flows with unsanitized paths' in the taint analysis, while not classified as critical or high severity, warrants attention as it suggests potential pathways for malicious input to reach sensitive functions without adequate sanitization. The limited attack surface is well-protected, but the reliance on sanitization for these specific paths is a point of caution.

In conclusion, the plugin demonstrates good fundamental security practices, especially concerning output handling and authentication on its entry points. The clear vulnerability history is reassuring. The primary weakness lies in its SQL query implementation and the identified unsanitized paths, which, although not yet exploited or critical, represent potential risks that should be addressed to achieve a fully robust security profile.

Key Concerns

  • SQL queries with low prepared statement usage
  • Flows with unsanitized paths
Vulnerabilities
None known

Tryly.ai Virtual Try-On for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Tryly.ai Virtual Try-On for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
5
2 prepared
Unescaped Output
0
45 escaped
Nonce Checks
4
Capability Checks
3
File Operations
0
External Requests
2
Bundled Libraries
0

SQL Query Safety

29% prepared7 total queries

Output Escaping

100% escaped45 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

4 flows2 with unsanitized paths
handle_connection_callback (includes\class-tryly-admin.php:59)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Tryly.ai Virtual Try-On for WooCommerce Attack Surface

Entry Points4
Unprotected0

AJAX Handlers 4

authwp_ajax_tryly_save_connectionincludes\class-tryly-admin.php:29
authwp_ajax_tryly_disconnectincludes\class-tryly-admin.php:30
authwp_ajax_tryly_check_connectionincludes\class-tryly-admin.php:31
authwp_ajax_tryly_get_stateincludes\class-tryly-admin.php:32
WordPress Hooks 11
actionadmin_menuincludes\class-tryly-admin.php:27
actionadmin_enqueue_scriptsincludes\class-tryly-admin.php:28
actionadmin_initincludes\class-tryly-admin.php:33
actionadmin_initincludes\class-tryly-admin.php:34
actionwp_enqueue_scriptsincludes\class-tryly-widget.php:27
actionwp_headincludes\class-tryly-widget.php:28
filterscript_loader_tagincludes\class-tryly-widget.php:75
actionbefore_woocommerce_inittryly-ai-virtual-try-on-for-woocommerce.php:28
actioninittryly-ai-virtual-try-on-for-woocommerce.php:105
actionplugins_loadedtryly-ai-virtual-try-on-for-woocommerce.php:218
actionadmin_noticestryly-ai-virtual-try-on-for-woocommerce.php:222
Maintenance & Trust

Tryly.ai Virtual Try-On for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedFeb 12, 2026
PHP min version7.2
Downloads915

Community Trust

Rating100/100
Number of ratings1
Active installs50
Alternatives

Tryly.ai Virtual Try-On for WooCommerce Alternatives

AI Virtual Try-On for WooCommerce

AI Virtual Try-On for WooCommerce

ai-virtual-try-on-for-woocommerce

A
100

AI-powered virtual try-on plugin for WooCommerce products using Replicate.com's IDM-VTON model.

0 No CVEs
Virtual Try-On for Shops

Virtual Try-On for Shops

virtual-try-on-for-shops

A
100

AI-powered virtual try-on for WooCommerce. Let customers see how clothes, glasses, jewelry, and pet accessories look before buying.

0 No CVEs
Virtual Try-On for WooCommerce

Virtual Try-On for WooCommerce

vistoureai-try-on-for-woocommerce

A
100

Adds virtual try-on functionality to WooCommerce stores. Help customers try dresses virtually before buying.

0 No CVEs
ConnectPOS | Point of Sale for WooCommerce

ConnectPOS | Point of Sale for WooCommerce

connectpos-pos-system-for-woocommerce

A
92

ConnectPOS is a global-awarded Point of Sale (POS) tailor-made for WooCommerce users in Fashion industry. We are the Bronze winner of 2021 Stevie Awar …

80 No CVEs
AI Try-On Assistant

AI Try-On Assistant

ai-try-on-assistant

A
100

A WooCommerce AI try-on assistant that allows customers to try on clothes, hairstyles, and makeup using Google Gemini AI.

10 No CVEs
Developer Profile

Tryly.ai Virtual Try-On for WooCommerce Developer Profile

tryly

1 plugin · 50 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Tryly.ai Virtual Try-On for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/tryly-ai-virtual-try-on-for-woocommerce/assets/css/tryly-admin.css/wp-content/plugins/tryly-ai-virtual-try-on-for-woocommerce/assets/css/tryly-frontend.css/wp-content/plugins/tryly-ai-virtual-try-on-for-woocommerce/assets/js/tryly-admin.js/wp-content/plugins/tryly-ai-virtual-try-on-for-woocommerce/assets/js/tryly-frontend.js
Script Paths
/wp-content/plugins/tryly-ai-virtual-try-on-for-woocommerce/assets/js/tryly-admin.js/wp-content/plugins/tryly-ai-virtual-try-on-for-woocommerce/assets/js/tryly-frontend.js
Version Parameters
/wp-content/plugins/tryly-ai-virtual-try-on-for-woocommerce/assets/css/tryly-admin.css?ver=/wp-content/plugins/tryly-ai-virtual-try-on-for-woocommerce/assets/css/tryly-frontend.css?ver=/wp-content/plugins/tryly-ai-virtual-try-on-for-woocommerce/assets/js/tryly-admin.js?ver=/wp-content/plugins/tryly-ai-virtual-try-on-for-woocommerce/assets/js/tryly-frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
tryly-admin-pagetryly-modal
HTML Comments
<!-- Tryly.ai Virtual Try-On for WooCommerce --><!-- Prevent direct access. --><!-- Admin functionality --><!-- Admin class. -->+26 more
Data Attributes
data-tryly-product-iddata-tryly-modal-trigger
JS Globals
tryly_admin_paramstryly_frontend_params
FAQ

Frequently Asked Questions about Tryly.ai Virtual Try-On for WooCommerce