Does Wahra Abandoned Cart Recovery have any unpatched vulnerabilities?

No. All known vulnerabilities in Wahra Abandoned Cart Recovery have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Wahra Abandoned Cart Recovery compatible with WordPress 6.9.4?

According to WordPress.org data, Wahra Abandoned Cart Recovery 1.0.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Wahra Abandoned Cart Recovery compatible with PHP 7.4+?

Wahra Abandoned Cart Recovery requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Wahra Abandoned Cart Recovery updated?

Wahra Abandoned Cart Recovery was last updated on Unknown. Frequent updates are generally a positive security signal.

What is Wahra Abandoned Cart Recovery's security score?

Wahra Abandoned Cart Recovery has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Wahra Abandoned Cart Recovery Security & Risk Analysis

wordpress.org/plugins/wahra-abandoned-cart-recovery

Recover lost sales by capturing abandoned carts and sending automated recovery emails. GDPR-compliant, lightweight, and built for WooCommerce.

0 active installs v1.0.0 PHP 7.4+ WP 6.0+ Updated Unknown

abandoned-cartcart-recoveryemail-recoveryexit-intentwoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Wahra Abandoned Cart Recovery Safe to Use in 2026?

Generally Safe

Score 100/100

Wahra Abandoned Cart Recovery has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The "wahra-abandoned-cart-recovery" v1.0.0 plugin exhibits a generally strong security posture with a robust implementation of security best practices. The static analysis reveals a complete absence of dangerous functions, file operations, and external HTTP requests. Furthermore, the plugin demonstrates excellent adherence to output escaping, with 97% of outputs being properly sanitized. The high percentage of SQL queries utilizing prepared statements (78%) and the presence of nonce and capability checks on entry points are also positive indicators.

However, the taint analysis highlights a significant concern: 6 out of 9 analyzed flows have unsanitized paths, with 6 flows identified as high severity. This suggests a potential for attackers to inject malicious data that is not adequately validated or sanitized before being processed. While the plugin has no known CVEs, this high number of unsanitized flows is a direct indicator of potential vulnerabilities that could be exploited. The plugin's vulnerability history being clean is a strength, but the current taint analysis findings warrant careful investigation and remediation to prevent future issues.

In conclusion, the plugin's foundation is solid, with many security measures in place. The main weakness lies in the identified unsanitized paths in the taint analysis, which, despite the lack of past CVEs, poses a real risk. Addressing these specific taint flows should be the priority to solidify the plugin's security and prevent potential exploits.

Key Concerns

High severity unsanitized taint flows

Vulnerabilities

None known

Wahra Abandoned Cart Recovery Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Wahra Abandoned Cart Recovery Code Analysis

Dangerous Functions

Raw SQL Queries

50 prepared

Unescaped Output

186 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

78% prepared64 total queries

Output Escaping

97% escaped191 total outputs

Data Flows

6 unsanitized

Data Flow Analysis

9 flows6 with unsanitized paths

handle_wizard_save (includes\Admin\class-wacr-setup-wizard.php:115)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Wahra Abandoned Cart Recovery Attack Surface

Entry Points5

Unprotected0

AJAX Handlers 5

authwp_ajax_wacr_send_test_emailincludes\Admin\class-wacr-admin-menu.php:56

authwp_ajax_wacr_capture_cartincludes\Cart\class-wacr-cart-capture.php:63

noprivwp_ajax_wacr_capture_cartincludes\Cart\class-wacr-cart-capture.php:64

authwp_ajax_wacr_update_emailincludes\Cart\class-wacr-cart-capture.php:65

noprivwp_ajax_wacr_update_emailincludes\Cart\class-wacr-cart-capture.php:66

WordPress Hooks 37

actionadmin_menuincludes\Admin\class-wacr-admin-menu.php:53

actionadmin_noticesincludes\Admin\class-wacr-admin-menu.php:174

actionadmin_noticesincludes\Admin\class-wacr-admin-menu.php:178

actionadmin_noticesincludes\Admin\class-wacr-admin-menu.php:186

actionadmin_menuincludes\Admin\class-wacr-setup-wizard.php:43

actionadmin_initincludes\Admin\class-wacr-setup-wizard.php:44

actionadmin_post_wacr_wizard_saveincludes\Admin\class-wacr-setup-wizard.php:45

actionadmin_post_wacr_wizard_skipincludes\Admin\class-wacr-setup-wizard.php:46

actionwoocommerce_add_to_cartincludes\Cart\class-wacr-cart-capture.php:54

actionwoocommerce_cart_item_removedincludes\Cart\class-wacr-cart-capture.php:55

actionwoocommerce_after_cart_item_quantity_updateincludes\Cart\class-wacr-cart-capture.php:56

actionwoocommerce_cart_emptiedincludes\Cart\class-wacr-cart-capture.php:57

actionwoocommerce_checkout_update_order_reviewincludes\Cart\class-wacr-cart-capture.php:60

actionwoocommerce_thankyouincludes\Cart\class-wacr-cart-capture.php:69

actionwoocommerce_order_status_completedincludes\Cart\class-wacr-cart-capture.php:70

actionwoocommerce_order_status_processingincludes\Cart\class-wacr-cart-capture.php:71

actionwp_footerincludes\Cart\class-wacr-cart-capture.php:74

actiontemplate_redirectincludes\Cart\class-wacr-cart-recovery.php:59

actioninitincludes\Cart\class-wacr-cart-recovery.php:62

filtercron_schedulesincludes\class-wacr-activator.php:71

actioninitincludes\Email\class-wacr-email-tracker.php:54

actioninitincludes\Email\class-wacr-email-tracker.php:57

filterwp_privacy_personal_data_exportersincludes\GDPR\class-wacr-gdpr-compliance.php:54

filterwp_privacy_personal_data_erasersincludes\GDPR\class-wacr-gdpr-compliance.php:57

actionadmin_initincludes\GDPR\class-wacr-gdpr-compliance.php:60

filterwoocommerce_privacy_export_personal_dataincludes\GDPR\class-wacr-gdpr-compliance.php:63

filterwoocommerce_privacy_erase_personal_dataincludes\GDPR\class-wacr-gdpr-compliance.php:66

actionplugins_loadedwahra-abandoned-cart-recovery.php:95

actionadmin_noticeswahra-abandoned-cart-recovery.php:174

actionrest_api_initwahra-abandoned-cart-recovery.php:254

actionwp_enqueue_scriptswahra-abandoned-cart-recovery.php:257

actionadmin_enqueue_scriptswahra-abandoned-cart-recovery.php:258

actionbefore_woocommerce_initwahra-abandoned-cart-recovery.php:261

filtercron_scheduleswahra-abandoned-cart-recovery.php:511

actionwacr_detect_abandoned_cartswahra-abandoned-cart-recovery.php:512

actionwacr_process_email_queuewahra-abandoned-cart-recovery.php:513

actionwacr_cleanup_old_datawahra-abandoned-cart-recovery.php:514

Scheduled Events 3

wacr_detect_abandoned_carts

wacr_process_email_queue

wacr_cleanup_old_data

Maintenance & Trust

Wahra Abandoned Cart Recovery Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedUnknown

PHP min version7.4

Downloads69

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Wahra Abandoned Cart Recovery Alternatives

Cart Lift – Abandoned Cart Recovery for WooCommerce and EDD

cart-lift

Track abandoned carts and send automated, customizable abandoned cart recovery emails. Get more leads, reduce cart abandonment, and increase revenue.

1K 2 CVEs

AlphaCommerce – Cart Recovery for WooCommerce

alphacommerce-cart-recovery

100

Free abandoned cart recovery for WooCommerce. Captures carts, sends multi-step recovery emails, and restores carts with one click — fully local.

0 No CVEs

RetentionFox – Abandoned Cart Recovery, Exit Intent & Popups for WooCommerce

retentionfox-for-woocommerce

100

Recover abandoned carts with on‑site nudges, exit‑intent popups, and branded recovery emails. No monthly fees or sending limits.

0 No CVEs

Booster for WooCommerce – PDF Invoices, Abandoned Cart, Variation Swatches & 100+ Tools

woocommerce-jetpack

Supercharge WooCommerce with FREE Abandoned Cart Recovery, Product Variation Swatches, PDF Invoices & 100+ tools. Boost sales & save time.

30K 32 CVEs

Abandoned Cart Recovery for WooCommerce

woo-abandoned-cart-recovery

A simple, effective solution to capture abandoned carts and auto-send reminders. Track logs and generate reports on carts, emails, and more

4K 2 CVEs

Developer Profile

Wahra Abandoned Cart Recovery Developer Profile

wahra

1 plugin · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Wahra Abandoned Cart Recovery

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wahra-abandoned-cart-recovery/assets/js/frontend/wacr-frontend.js/wp-content/plugins/wahra-abandoned-cart-recovery/assets/css/frontend/wacr-frontend.css

Script Paths

/wp-content/plugins/wahra-abandoned-cart-recovery/assets/js/frontend/wacr-frontend.js

Version Parameters

wahra-abandoned-cart-recovery/assets/js/frontend/wacr-frontend.js?ver=wahra-abandoned-cart-recovery/assets/css/frontend/wacr-frontend.css?ver=

HTML / DOM Fingerprints

JS Globals

wacr_frontend_params

REST Endpoints

/wp-json/wacr/v1/cart/wp-json/wacr/v1/stats/wp-json/wacr/v1/carts/wp-json/wacr/v1/config

FAQ