WP-Safety

TWI Woocommerce Grid/Slider/Carousel Lite Security & Risk Analysis

wordpress.org/plugins/twi-woocommerce-gridslidercarousel-lite

Requires PHP: 5.6 Stable tag: 2.0.0 License: GPLv3 License URI: http://www.gnu.org/licenses/agpl-3.0.html Simple, easy and super flexible Awesome Woo …

10 active installs v2.0.0 PHP + WP 3.0+ Updated Feb 17, 2020
woocommerce-carouselwoocommerce-gridwoocommerce-product-carouselwoocommerce-product-sliderwoocommerce-slider
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is TWI Woocommerce Grid/Slider/Carousel Lite Safe to Use in 2026?

Generally Safe

Score 85/100

TWI Woocommerce Grid/Slider/Carousel Lite has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago
Risk Assessment

The security posture of the "twi-woocommerce-gridslidercarousel-lite" v2.0.0 plugin presents several areas of concern despite a lack of recorded historical vulnerabilities. The static analysis reveals significant weaknesses, particularly in its handling of user input and the overall attack surface. The presence of an unprotected AJAX handler is a critical finding, as it represents a direct entry point for unauthenticated attackers. This, combined with two taint analysis flows identified with unsanitized paths, suggests a high likelihood of exploiting vulnerabilities such as Cross-Site Scripting (XSS) or other forms of injection if an attacker can trigger these flows. Furthermore, the plugin's reliance on raw SQL queries without prepared statements introduces a substantial risk of SQL injection. While the plugin has a clean vulnerability history, this should not be interpreted as a guarantee of current security. The code itself indicates potential weaknesses that attackers could discover and exploit. The limited number of properly escaped outputs also increases the risk of XSS vulnerabilities. In conclusion, while the plugin benefits from a lack of known past exploits, the static analysis highlights critical security flaws that require immediate attention. The unprotected AJAX endpoint, unsanitized taint flows, and unescaped output represent significant risks that outweigh the positive aspects of a clean vulnerability history.

Key Concerns

  • Unprotected AJAX handler
  • Taint flows with unsanitized paths (High severity)
  • SQL queries without prepared statements
  • Low percentage of properly escaped output
  • Use of dangerous function 'create_function'
  • Bundled library (Select2) without version check
Vulnerabilities
None known

TWI Woocommerce Grid/Slider/Carousel Lite Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

TWI Woocommerce Grid/Slider/Carousel Lite Code Analysis

Dangerous Functions
1
Raw SQL Queries
1
0 prepared
Unescaped Output
232
7 escaped
Nonce Checks
4
Capability Checks
8
File Operations
5
External Requests
1
Bundled Libraries
1

Dangerous Functions Found

create_functionadd_filter( 'wp_default_editor', create_function('', 'return "tinymce";') );inc\bootstrap.php:195

Bundled Libraries

Select2

SQL Query Safety

0% prepared1 total queries

Output Escaping

3% escaped239 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths
vp_ajax_wrapper (inc\bootstrap.php:75)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

TWI Woocommerce Grid/Slider/Carousel Lite Attack Surface

Entry Points2
Unprotected1

AJAX Handlers 1

authwp_ajax_vp_ajax_wrapperinc\bootstrap.php:71

Shortcodes 1

[twi_woo_shortcode] shortcode.php:50
WordPress Hooks 35
actionafter_setup_themeconfig.php:56
actioninitcp\cp.php:2
actionafter_setup_themeinc\bootstrap.php:41
actiontgmpa_registerinc\bootstrap.php:47
actioninitinc\bootstrap.php:112
actioncurrent_screeninc\bootstrap.php:113
actionadmin_enqueue_scriptsinc\bootstrap.php:114
actioncurrent_screeninc\bootstrap.php:115
filterclean_urlinc\bootstrap.php:116
actionadmin_footerinc\bootstrap.php:161
filterwp_default_editorinc\bootstrap.php:195
actioninitinc\classes\metabox.php:43
actionvp_option_first_activationinc\classes\option.php:81
actionadmin_menuinc\classes\option.php:100
actionadmin_noticesinc\classes\option.php:162
actioncurrent_screeninc\classes\shortcodegenerator.php:47
actionadmin_footerinc\classes\shortcodegenerator.php:58
filtermce_external_pluginsinc\classes\shortcodegenerator.php:288
filtermce_buttonsinc\classes\shortcodegenerator.php:289
filterwp_fullscreen_buttonsinc\classes\shortcodegenerator.php:290
filteradmin_print_stylesinc\classes\shortcodegenerator.php:291
actionadmin_enqueue_scriptsinc\classes\wp\enqueuer.php:27
actionadmin_headinc\includes\wpalchemy\MetaBox.php:22
actionadmin_footerinc\includes\wpalchemy\MetaBox.php:24
actionadmin_initinc\includes\wpalchemy\MetaBox.php:506
actionimport_post_metainc\includes\wpalchemy\MetaBox.php:509
filteroutputinc\includes\wpalchemy\MetaBox.php:569
actionsave_postinc\includes\wpalchemy\MetaBox.php:579
actionadmin_headinc\includes\wpalchemy\MetaBox.php:619
actionadmin_footerinc\includes\wpalchemy\MetaBox.php:621
actionafter_setup_themelang.php:2
actionwp_enqueue_scriptsscripts_load.php:9
actionwp_enqueue_scriptsscripts_load.php:19
filterwidget_textshortcode.php:51
actionall_admin_noticestwi-awesome-woocommerce-slider-carousel-free.php:31
Maintenance & Trust

TWI Woocommerce Grid/Slider/Carousel Lite Maintenance & Trust

Maintenance Signals

WordPress version tested5.3.21
Last updatedFeb 17, 2020
PHP min version
Downloads6K

Community Trust

Rating86/100
Number of ratings6
Active installs10
Alternatives

TWI Woocommerce Grid/Slider/Carousel Lite Alternatives

Product Carousel Slider & Grid Ultimate for WooCommerce

Product Carousel Slider & Grid Ultimate for WooCommerce

woo-product-carousel-slider-and-grid-ultimate

A
86

The most intuitive solution to make your eCommerce site visually appealing. Create & customize WooCommerce product carousel, sliders, or grids easily

7K 6 CVEs
WPB Product Slider for WooCommerce

WPB Product Slider for WooCommerce

wpb-woocommerce-product-slider

A
100

Display WooCommerce products in a responsive slider or carousel with customizable layouts to boost engagement and improve product browsing.

5K No CVEs
Product Views for WooCommerce – Product Slider, Grid, Ticker, List & Masonry

Product Views for WooCommerce – Product Slider, Grid, Ticker, List & Masonry

gs-woocommerce-products-slider

A
100

Transform Product Displays for Better Sales! Enhance your WooCommerce store with a stunning product slider!

300 1 CVE
Product Carousel For WooCommerce – WoorouSell

Product Carousel For WooCommerce – WoorouSell

woorousell

A
91

WoorouSell allows you to showcase your woocommerce products in a beautiful and responsive carousel format!

300 1 CVE
WPMozo Product Carousel for WooCommerce

WPMozo Product Carousel for WooCommerce

wpmozo-product-carousel-for-woocommerce

A
92

WPMozo Product Carousel for WooCommerce will let you display your store products in a carousel.

70 No CVEs
Developer Profile

TWI Woocommerce Grid/Slider/Carousel Lite Developer Profile

khairulalamruet

1 plugin · 10 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect TWI Woocommerce Grid/Slider/Carousel Lite

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/twi-woocommerce-gridslidercarousel-lite/assets/css/owl.carousel.css/wp-content/plugins/twi-woocommerce-gridslidercarousel-lite/assets/css/owl.theme.default.css/wp-content/plugins/twi-woocommerce-gridslidercarousel-lite/assets/css/animate.min.css/wp-content/plugins/twi-woocommerce-gridslidercarousel-lite/assets/css/style.css/wp-content/plugins/twi-woocommerce-gridslidercarousel-lite/assets/js/owl.carousel.min.js/wp-content/plugins/twi-woocommerce-gridslidercarousel-lite/assets/js/wow.min.js/wp-content/plugins/twi-woocommerce-gridslidercarousel-lite/assets/js/custom.js
Script Paths
/wp-content/plugins/twi-woocommerce-gridslidercarousel-lite/assets/js/owl.carousel.min.js/wp-content/plugins/twi-woocommerce-gridslidercarousel-lite/assets/js/wow.min.js/wp-content/plugins/twi-woocommerce-gridslidercarousel-lite/assets/js/custom.js
Version Parameters
twi-woocommerce-gridslidercarousel-lite/assets/css/owl.carousel.css?ver=twi-woocommerce-gridslidercarousel-lite/assets/css/owl.theme.default.css?ver=twi-woocommerce-gridslidercarousel-lite/assets/css/animate.min.css?ver=twi-woocommerce-gridslidercarousel-lite/assets/css/style.css?ver=twi-woocommerce-gridslidercarousel-lite/assets/js/owl.carousel.min.js?ver=twi-woocommerce-gridslidercarousel-lite/assets/js/wow.min.js?ver=twi-woocommerce-gridslidercarousel-lite/assets/js/custom.js?ver=

HTML / DOM Fingerprints

CSS Classes
twi-product-carouseltwi-product-gridtwi-product-slider
HTML Comments
<!-- TWI Product Slider/Carousel/Grid by TWI --><!-- Shortcode Start --><!-- Shortcode End -->
Data Attributes
data-wow-delaydata-wow-durationdata-wow-offsetdata-wow-iteration
JS Globals
twi_product_carousel_optionstwi_product_slider_optionstwi_product_grid_options
Shortcode Output
[twi_product_slider][twi_product_carousel][twi_product_grid]
FAQ

Frequently Asked Questions about TWI Woocommerce Grid/Slider/Carousel Lite