Does Variation Hub have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Variation Hub compatible with WordPress 6.8.5?

According to WordPress.org data, Variation Hub 1.0.0 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Variation Hub compatible with PHP 8.1+?

Variation Hub requires PHP 8.1 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Variation Hub updated?

Variation Hub was last updated on Nov 28, 2025. Frequent updates are generally a positive security signal.

What is Variation Hub's security score?

Variation Hub has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Variation Hub Security & Risk Analysis

wordpress.org/plugins/variation-hub

Professional WooCommerce variation management with Excel-like spreadsheet interface for bulk editing.

0 active installs v1.0.0 PHP 8.1+ WP 6.0+ Updated Nov 28, 2025

bulk-editproduct-managementspreadsheetvariationswoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Variation Hub Safe to Use in 2026?

Generally Safe

Score 100/100

Variation Hub has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5mo ago

Risk Assessment

The "variation-hub" v1.0.0 plugin exhibits a generally good security posture, with a strong emphasis on prepared statements for SQL queries and proper output escaping. The absence of known CVEs and recorded vulnerabilities is a positive indicator of its historical security. However, the presence of an unprotected AJAX handler represents a significant security concern, as it could potentially be exploited by unauthenticated users.

While the static analysis did not reveal critical or high severity taint flows, the unprotected AJAX endpoint remains a tangible risk. This entry point allows for direct interaction with the plugin without any validation, which could lead to various attacks if the functionality within it is not meticulously secured. The plugin also has a modest attack surface with only two entry points, but the unprotected nature of one diminishes this benefit.

In conclusion, "variation-hub" v1.0.0 benefits from good coding practices regarding data handling. Nevertheless, the unprotected AJAX handler is a critical weakness that requires immediate attention to prevent potential security breaches.

Key Concerns

Unprotected AJAX handler

Vulnerabilities

None known

Variation Hub Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Variation Hub Release Timeline

v1.0.0Current

Code Analysis

Analyzed Mar 17, 2026

Variation Hub Code Analysis

Dangerous Functions

Raw SQL Queries

31 prepared

Unescaped Output

61 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

67% prepared46 total queries

Output Escaping

84% escaped73 total outputs

Data Flows · Security

All sanitized

Data Flow Analysis

1 flows

<class-license-manager> (includes\core\class-license-manager.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

Variation Hub Attack Surface

Entry Points2

Unprotected1

AJAX Handlers 2

authwp_ajax_varihu_dismiss_security_incidentincludes\core\class-license-manager.php:912

authwp_ajax_varihu_refresh_noncevariation-hub.php:186

WordPress Hooks 20

actionadmin_menuincludes\admin\class-admin.php:39

actionadmin_enqueue_scriptsincludes\admin\class-admin.php:40

filterscript_loader_tagincludes\admin\class-admin.php:168

actionwoocommerce_update_product_variationincludes\api\class-bulk-operations-controller.php:333

actionwoocommerce_new_product_variationincludes\core\class-cache-hooks.php:22

actionwoocommerce_update_product_variationincludes\core\class-cache-hooks.php:25

actionwoocommerce_delete_product_variationincludes\core\class-cache-hooks.php:28

actionwoocommerce_update_productincludes\core\class-cache-hooks.php:31

actionsave_post_product_variationincludes\core\class-cache-hooks.php:34

actionwoocommerce_variable_product_bulk_edit_saveincludes\core\class-cache-hooks.php:37

actionwoocommerce_variation_set_stockincludes\core\class-cache-hooks.php:40

actionpmxi_saved_postincludes\core\class-cache-hooks.php:43

actionvarihu_cache_sync_batchincludes\core\class-cache-hooks.php:46

actionvarihu_validate_license_dailyincludes\core\class-license-manager.php:906

actionadmin_noticesincludes\core\class-license-manager.php:909

actionbefore_woocommerce_initvariation-hub.php:29

actionadmin_noticesvariation-hub.php:90

actionadmin_noticesvariation-hub.php:108

actionrest_api_initvariation-hub.php:141

actionplugins_loadedvariation-hub.php:165

Scheduled Events 2

varihu_sync_imported_variation

varihu_validate_license_daily

Maintenance & Trust

Variation Hub Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedNov 28, 2025

PHP min version8.1

Downloads170

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Variation Hub Alternatives

WhizManage — Management Suite for WooCommerce

whizmanage

100

The all-in-one WooCommerce management dashboard. Edit products, orders, coupons, customers, and discount rules — all from one blazing-fast interface.

30 No CVEs

Bulk Edit Products for WooCommerce – WP Sheet Editor

woo-bulk-edit-products

100

Modern Bulk Editor for WooCommerce products, create and edit hundreds of products in a spreadsheet inside wp-admin. No need to export/import

10K No CVEs

Bulk Edit Posts and Products in Spreadsheet

wp-sheet-editor-bulk-spreadsheet-editor-for-posts-and-pages

100

Modern Bulk Editor for Posts and Pages, create and edit hundreds of posts at once in a spreadsheet inside wp-admin. Search and quick edits.

9K No CVEs

Bulk Edit and Create User Profiles – WP Sheet Editor

bulk-edit-user-profiles-in-spreadsheet

100

Modern Bulk Editor for Users and Profiles, create and edit hundreds of users in a spreadsheet inside wp-admin. Quick edits.

1K 1 CVE

Bulk Edit Coupons for WooCommerce – WP Sheet Editor

woo-coupons-bulk-editor

100

Modern Bulk Editor for WooCommerce Coupons, create and edit hundreds of coupons in a spreadsheet inside wp-admin. Quick view and edits.

500 No CVEs

Developer Profile

Variation Hub Developer Profile

Bakonyi Péter

1 plugin · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Variation Hub

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/variation-hub/assets/css/admin.css/wp-content/plugins/variation-hub/assets/js/admin.js

Script Paths

/wp-content/plugins/variation-hub/assets/js/admin.js

Version Parameters

variation-hub/assets/css/admin.css?ver=variation-hub/assets/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

variation-hub-wrap

Data Attributes

data-product-iddata-attribute-id

JS Globals

VariationHub

REST Endpoints

/wp-json/variation-hub/v1/variations/wp-json/variation-hub/v1/bulk-operations/wp-json/variation-hub/v1/attributes/wp-json/variation-hub/v1/export-import/wp-json/variation-hub/v1/fast-variations/wp-json/variation-hub/v1/cache/wp-json/variation-hub/v1/license

FAQ