WP-Safety

Upgrade Store – The all-in-one toolkit to grow your online store. Security & Risk Analysis

wordpress.org/plugins/upgrade-store

Unleash the full potential of your WooCommerce store with our comprehensive "Upgrade Store" toolkit!

0 active installs v1.3.3 PHP 7.0+ WP 5.4+ Updated Aug 14, 2025
improve-conversionwoocommerce-extensionwoocommerce-modules
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Upgrade Store – The all-in-one toolkit to grow your online store. Safe to Use in 2026?

Generally Safe

Score 100/100

Upgrade Store – The all-in-one toolkit to grow your online store. has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9mo ago
Risk Assessment

The "upgrade-store" plugin v1.3.3 demonstrates a mixed security posture. On the positive side, it exhibits strong practices regarding SQL queries, utilizing prepared statements exclusively, and shows a high percentage of properly escaped output. The absence of file operations and external HTTP requests also reduces the attack surface in those areas. Furthermore, the plugin has no recorded vulnerabilities or CVEs, suggesting a history of responsible development or less exposure to common attack vectors.

However, a significant concern arises from the attack surface, specifically the presence of 8 unprotected AJAX handlers. This represents a substantial entry point for potential attackers to interact with the plugin's functionality without proper authorization checks, which is a critical oversight. While taint analysis shows no unsanitized flows, the sheer number of unprotected AJAX actions leaves ample room for unexpected behavior or privilege escalation if exploited through other means or if logic flaws exist within these handlers. The plugin's vulnerability history, while currently clean, does not negate the immediate risks posed by the unprotected AJAX endpoints.

In conclusion, while the "upgrade-store" plugin has commendable aspects like secure SQL handling and output escaping, the significant number of unprotected AJAX handlers poses a substantial security risk. This weakness overshadows its strengths and warrants immediate attention to implement proper authorization and nonce checks on all AJAX endpoints to mitigate potential exploitation.

Key Concerns

  • 8 unprotected AJAX handlers found
  • Bundled Freemius v1.0 library potentially outdated
Vulnerabilities
None known

Upgrade Store – The all-in-one toolkit to grow your online store. Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Upgrade Store – The all-in-one toolkit to grow your online store. Release Timeline

No version history available.
Code Analysis
Analyzed Mar 17, 2026

Upgrade Store – The all-in-one toolkit to grow your online store. Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
20 prepared
Unescaped Output
95
664 escaped
Nonce Checks
9
Capability Checks
10
File Operations
0
External Requests
0
Bundled Libraries
2

Bundled Libraries

Select2Freemius1.0

SQL Query Safety

100% prepared20 total queries

Output Escaping

87% escaped759 total outputs
Data Flows · Security
All sanitized

Data Flow Analysis

2 flows
upgrade_store_save_setting_data_ajax (admin\class-upgrade-store-admin.php:1631)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
8 unprotected

Upgrade Store – The all-in-one toolkit to grow your online store. Attack Surface

Entry Points10
Unprotected8

AJAX Handlers 8

authwp_ajax_upgrade_store_ajax_install_pluginincludes\class-upgrade-store.php:174
authwp_ajax_prefix_upgrade_store_hide_admin_notice_ajaxincludes\class-upgrade-store.php:233
noprivwp_ajax_prefix_upgrade_store_hide_admin_notice_ajaxincludes\class-upgrade-store.php:235
authwp_ajax_prefix_upgrade_store_save_setting_data_ajaxincludes\class-upgrade-store.php:237
authwp_ajax_upgrade_store_reset_settingsincludes\class-upgrade-store.php:239
noprivwp_ajax_prefix_upgrade_store_save_setting_data_ajaxincludes\class-upgrade-store.php:241
authwp_ajax_prefix_upgrade_store_get_product_detailsincludes\class-upgrade-store.php:287
noprivwp_ajax_prefix_upgrade_store_get_product_detailsincludes\class-upgrade-store.php:288

Shortcodes 2

[discount] includes\class-upgrade-store.php:304
[quantity] includes\class-upgrade-store.php:305
WordPress Hooks 43
actionplugins_loadedincludes\class-upgrade-store.php:157
actionadmin_noticesincludes\class-upgrade-store.php:173
actionadmin_initincludes\class-upgrade-store.php:176
actionadmin_enqueue_scriptsincludes\class-upgrade-store.php:177
actionadmin_enqueue_scriptsincludes\class-upgrade-store.php:178
actionadmin_menuincludes\class-upgrade-store.php:180
actionadmin_noticesincludes\class-upgrade-store.php:186
actionwoocommerce_product_data_tabsincludes\class-upgrade-store.php:191
actionwoocommerce_product_data_panelsincludes\class-upgrade-store.php:192
actioninitincludes\class-upgrade-store.php:196
actionin_admin_headerincludes\class-upgrade-store.php:198
actionadmin_headincludes\class-upgrade-store.php:200
actionsave_postincludes\class-upgrade-store.php:203
actioninitincludes\class-upgrade-store.php:217
actioncurrent_screenincludes\class-upgrade-store.php:225
actionsave_postincludes\class-upgrade-store.php:226
filterparent_fileincludes\class-upgrade-store.php:230
actionsave_postincludes\class-upgrade-store.php:242
actionsave_postincludes\class-upgrade-store.php:243
filtermanage_product-tab_posts_columnsincludes\class-upgrade-store.php:257
filteradmin_body_classincludes\class-upgrade-store.php:261
actionwoocommerce_product_options_skuincludes\class-upgrade-store.php:263
actionadmin_initincludes\class-upgrade-store.php:265
filteruse_block_editor_for_post_typeincludes\class-upgrade-store.php:267
actionwp_enqueue_scriptsincludes\class-upgrade-store.php:284
actionwp_enqueue_scriptsincludes\class-upgrade-store.php:285
actioninitincludes\class-upgrade-store.php:290
actionwoocommerce_single_product_summaryincludes\class-upgrade-store.php:292
actionwoocommerce_single_product_summaryincludes\class-upgrade-store.php:294
actionwoocommerce_after_shop_loop_itemincludes\class-upgrade-store.php:296
filterwoocommerce_product_tabsincludes\class-upgrade-store.php:300
filterwoocommerce_get_stock_htmlincludes\class-upgrade-store.php:302
actionwp_footerincludes\class-upgrade-store.php:308
actioninitincludes\class-upgrade-store.php:310
actionwoocommerce_before_single_productincludes\class-upgrade-store.php:312
actionwoocommerce_before_shop_loopincludes\class-upgrade-store.php:313
actionwoocommerce_before_shop_loop_item_titlepublic\class-upgrade-store-public.php:639
actionwoocommerce_before_shop_loop_item_titlepublic\class-upgrade-store-public.php:643
actionwoocommerce_before_shop_loop_item_titlepublic\class-upgrade-store-public.php:664
actionwoocommerce_before_shop_loop_item_titlepublic\class-upgrade-store-public.php:665
actionwoocommerce_after_shop_loop_itempublic\class-upgrade-store-public.php:667
actionwoocommerce_after_main_contentpublic\class-upgrade-store-public.php:672
actionwoocommerce_before_single_product_summarypublic\class-upgrade-store-public.php:719
Maintenance & Trust

Upgrade Store – The all-in-one toolkit to grow your online store. Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedAug 14, 2025
PHP min version7.0
Downloads1K

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Upgrade Store – The all-in-one toolkit to grow your online store. Alternatives

Custom Payment Gateway for WooCommerce

Custom Payment Gateway for WooCommerce

woocommerce-other-payment-gateway

A
100

Do not miss a single sale! This plugin is very useful to catch every possible sale.

8K No CVEs
Store Toolkit – WooCommerce Extensions, Quick Enhancements & Handy Tools

Store Toolkit – WooCommerce Extensions, Quick Enhancements & Handy Tools

woocommerce-store-toolkit

A
93

A huge set of Quick Enhancements and Handy Tools for WooCommerce – the ultimate WooCommerce booster!

8K 4 CVEs
WooCommerce Gateway Affirm

WooCommerce Gateway Affirm

woocommerce-gateway-affirm

A
100

Affirm Payments for WooCommerce: Buy now, pay later for your business—but smarter. Increase conversions and AOV by offering shoppers flexible payment …

6K No CVEs
Australia Post WooCommerce Extension

Australia Post WooCommerce Extension

australian-post-woocommerce-extension

A
100

Australia Post WooCommerce Extension integrates Australia Post with WooCommerce, calculating shipping costs and delivery times for customers.

3K No CVEs
Free Shipping Per Product for WooCommerce

Free Shipping Per Product for WooCommerce

woo-free-shipping-per-product

A
100

A simple way to set free shipping for certain products.

3K No CVEs
Developer Profile

Upgrade Store – The all-in-one toolkit to grow your online store. Developer Profile

Rizvi

6 plugins · 30 total installs

91
trust score
Avg Security Score
95/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Upgrade Store – The all-in-one toolkit to grow your online store.

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/upgrade-store/assets/css/upgrade-store-style.css/wp-content/plugins/upgrade-store/assets/js/upgrade-store-script.js
Script Paths
/wp-content/plugins/upgrade-store/assets/js/upgrade-store-script.js
Version Parameters
upgrade-store/assets/css/upgrade-store-style.css?ver=upgrade-store/assets/js/upgrade-store-script.js?ver=

HTML / DOM Fingerprints

CSS Classes
upgrade_store_noticeupgrade-store-quick-view
Data Attributes
data-upgrade_store_product_iddata-upgrade_store_nonce
JS Globals
upgrade_store_ajax_object
REST Endpoints
/wp-json/upgrade-store/v1/get-product-details/wp-json/upgrade-store/v1/add-to-cart
Shortcode Output
[upgrade_store_product_attachments][upgrade_store_product_notifications][upgrade_store_quick_view][upgrade_store_stocks_left]
FAQ

Frequently Asked Questions about Upgrade Store – The all-in-one toolkit to grow your online store.