WP-Safety

Utánvét Ellenőr Security & Risk Analysis

wordpress.org/plugins/uv-b-connector-for-woocommerce

Connect your WooCommerce site to our SaaS available at https://utanvet-ellenor.hu Register to obtain API keys.

200 active installs v4.1.0 PHP 8.1+ WP + Updated Mar 5, 2026
cash-on-deliverycheckellenorfilterutanvet
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Utánvét Ellenőr Safe to Use in 2026?

Generally Safe

Score 100/100

Utánvét Ellenőr has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 29d ago
Risk Assessment

The 'uv-b-connector-for-woocommerce' plugin version 4.1.0 exhibits a mixed security posture. On the positive side, it demonstrates good practices by avoiding dangerous functions, using prepared statements exclusively for SQL queries, and not performing file operations or external HTTP requests. The presence of nonces, while not universally applied to all entry points, is also a positive sign. However, significant concerns arise from its attack surface. The plugin exposes two AJAX handlers, both of which lack proper authentication checks, creating a direct pathway for unauthorized actions if these handlers are exploitable.

The static analysis did not reveal any taint flows, suggesting that there might not be easily discoverable cross-site scripting or injection vulnerabilities through the analyzed code paths. The plugin's vulnerability history is clean, with no recorded CVEs, which generally indicates a well-maintained codebase or limited exposure. Despite this clean history, the lack of capability checks on the unprotected AJAX endpoints is a critical oversight that could be exploited if vulnerabilities exist within those handlers. Therefore, while the plugin has some robust security implementations, the unprotected AJAX endpoints present a tangible risk that needs immediate attention.

Key Concerns

  • AJAX handlers without authentication checks
  • AJAX handlers without capability checks
  • Output escaping is not fully implemented
Vulnerabilities
None known

Utánvét Ellenőr Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Utánvét Ellenőr Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
6
12 escaped
Nonce Checks
2
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
1

Bundled Libraries

Guzzle

Output Escaping

67% escaped18 total outputs
Attack Surface
2 unprotected

Utánvét Ellenőr Attack Surface

Entry Points2
Unprotected2

AJAX Handlers 2

authwp_ajax_check_if_email_is_flaggedincludes\class-uvb-connector-woocommerce.php:194
noprivwp_ajax_check_if_email_is_flaggedincludes\class-uvb-connector-woocommerce.php:195
WordPress Hooks 24
actionadmin_menuadmin\class-uvb-connector-woocommerce-settings.php:18
actionadmin_initadmin\class-uvb-connector-woocommerce-settings.php:19
actionplugins_loadedincludes\class-uvb-connector-woocommerce.php:142
actionadmin_enqueue_scriptsincludes\class-uvb-connector-woocommerce.php:156
actioninitincludes\class-uvb-connector-woocommerce.php:159
actionwc_order_statusesincludes\class-uvb-connector-woocommerce.php:160
actionwoocommerce_order_status_completedincludes\class-uvb-connector-woocommerce.php:163
actionwoocommerce_order_status_uvb_flaggedincludes\class-uvb-connector-woocommerce.php:164
actionwoocommerce_new_orderincludes\class-uvb-connector-woocommerce.php:167
actionmanage_edit-shop_order_columnsincludes\class-uvb-connector-woocommerce.php:168
actionmanage_woocommerce_page_wc-orders_columnsincludes\class-uvb-connector-woocommerce.php:169
actionmanage_shop_order_posts_custom_columnincludes\class-uvb-connector-woocommerce.php:170
actionmanage_woocommerce_page_wc-orders_custom_columnincludes\class-uvb-connector-woocommerce.php:171
filterbulk_actions-edit-shop_orderincludes\class-uvb-connector-woocommerce.php:174
filterbulk_actions-woocommerce_page_wc-ordersincludes\class-uvb-connector-woocommerce.php:175
actionhandle_bulk_actions-edit-shop_orderincludes\class-uvb-connector-woocommerce.php:176
actionhandle_bulk_actions-woocommerce_page_wc-ordersincludes\class-uvb-connector-woocommerce.php:177
actionadmin_menuincludes\class-uvb-connector-woocommerce.php:179
actionwp_enqueue_scriptsincludes\class-uvb-connector-woocommerce.php:192
actionwoocommerce_available_payment_gatewaysincludes\class-uvb-connector-woocommerce.php:197
actionwoocommerce_store_api_cart_update_customer_from_requestincludes\class-uvb-connector-woocommerce.php:198
actionwoocommerce_store_api_checkout_update_customer_from_requestincludes\class-uvb-connector-woocommerce.php:199
actionwoocommerce_store_api_checkout_update_order_from_requestincludes\class-uvb-connector-woocommerce.php:200
actionbefore_woocommerce_inituvb-connector-woocommerce.php:89
Maintenance & Trust

Utánvét Ellenőr Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedMar 5, 2026
PHP min version8.1
Downloads6K

Community Trust

Rating100/100
Number of ratings3
Active installs200
Alternatives

Utánvét Ellenőr Alternatives

Kiswa COD Fee for WooCommerce

Kiswa COD Fee for WooCommerce

kiswa-cod-fee-for-woocommerce

A
100

Add a simple extra fee when customers choose Cash on Delivery (COD) in WooCommerce.

30 No CVEs
COD Express Checkout

COD Express Checkout

cod-express-checkout

A
100

Add a customizable one-click COD checkout form to product pages. Skip cart, skip checkout, more sales.

20 No CVEs
MailboxValidator Email Validator

MailboxValidator Email Validator

mailboxvalidator-email-validator

A
100

Email verification for WordPress forms. Block disposable, block spam, block invalid email, block free email and role-based email.

20 No CVEs
Antispam Bee

Antispam Bee

antispam-bee

A
100

Sophisticated antispam plugin for effective daily comment and trackback spam-fighting. Built with data protection and privacy in mind.

700K 1 CVE
Checkout Field Editor (Checkout Manager) for WooCommerce

Checkout Field Editor (Checkout Manager) for WooCommerce

woo-checkout-field-editor-pro

A
93

Checkout Field Editor (Checkout Manager) for WooCommerce – The best WooCommerce checkout manager plugin to manage WooCommerce checkout fields.

500K 3 CVEs
Developer Profile

Utánvét Ellenőr Developer Profile

otto.radics

1 plugin · 200 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Utánvét Ellenőr

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/uv-b-connector-for-woocommerce/admin/css/uvb-connector-woocommerce-admin.css
Version Parameters
uvb-connector-woocommerce/admin/css/uvb-connector-woocommerce-admin.css?ver=uvb-connector-woocommerce

HTML / DOM Fingerprints

Data Attributes
data-uvb_connector_woocommerce_public_api_keydata-uvb_connector_woocommerce_private_api_keydata-uvb_connector_woocommerce_sandbox_modedata-uvb_connector_woocommerce_reputation_threshold
JS Globals
UVBConnectorWooCommerceAdmin
FAQ

Frequently Asked Questions about Utánvét Ellenőr