Does WC Download Products from AWS S3 have any unpatched vulnerabilities?

No. All known vulnerabilities in WC Download Products from AWS S3 have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WC Download Products from AWS S3 compatible with WordPress 5.4.19?

According to WordPress.org data, WC Download Products from AWS S3 1.0.0 has been tested up to WordPress 5.4.19. Check the plugin's changelog for the latest compatibility information.

Is WC Download Products from AWS S3 compatible with PHP 5.6+?

WC Download Products from AWS S3 requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is WC Download Products from AWS S3 updated?

WC Download Products from AWS S3 was last updated on Apr 16, 2020. Frequent updates are generally a positive security signal.

What is WC Download Products from AWS S3's security score?

WC Download Products from AWS S3 has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WC Download Products from AWS S3 Security & Risk Analysis

wordpress.org/plugins/wc-download-products-from-aws-s3

Allows using Amazon S3 to upload and download Woocommerce digital products.

10 active installs v1.0.0 PHP 5.6+ WP 4.9+ Updated Apr 16, 2020

amazon-s3awsaws-s3s3woocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is WC Download Products from AWS S3 Safe to Use in 2026?

Generally Safe

Score 85/100

WC Download Products from AWS S3 has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago

Risk Assessment

The static analysis of the "wc-download-products-from-aws-s3" plugin v1.0.0 reveals a generally strong security posture. The absence of identified dangerous functions, SQL injection vulnerabilities through prepared statements, and the presence of nonce checks are positive indicators. The high percentage of properly escaped output further suggests good development practices for preventing cross-site scripting (XSS) vulnerabilities.

However, there are notable areas for improvement. The complete lack of capability checks and permission callbacks on the identified entry points is a significant concern. While the attack surface appears small (0 AJAX handlers, 0 REST API routes, etc.), any potential future additions or overlooked entry points could be exploited without proper authorization checks. The bundling of Guzzle, while a useful library, also presents a potential risk if it's an outdated version, as it could introduce known vulnerabilities.

The plugin's vulnerability history is clean, with zero recorded CVEs. This is a very positive sign and suggests a history of secure development. However, the absence of past vulnerabilities does not guarantee future security, especially given the identified weaknesses in the current static analysis.

Key Concerns

No capability checks on entry points
Bundled library (Guzzle) might be outdated
18% of output is not properly escaped

Vulnerabilities

None known

WC Download Products from AWS S3 Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

WC Download Products from AWS S3 Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

55 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Guzzle

Output Escaping

82% escaped67 total outputs

Data Flows

All sanitized

Data Flow Analysis

1 flows

<AmazonS3Model> (src\Woocommerce\Extension\Amazon\AmazonS3Model.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

WC Download Products from AWS S3 Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 13

filterwoocommerce_settings_tabs_arraysrc\Woocommerce\Extension\Amazon\AmazonS3Controler.php:28

actionwoocommerce_settings_tabs_settings_tab_amazons3src\Woocommerce\Extension\Amazon\AmazonS3Controler.php:29

actionwoocommerce_update_options_settings_tab_amazons3src\Woocommerce\Extension\Amazon\AmazonS3Controler.php:30

actionmedia_upload_tabssrc\Woocommerce\Extension\Amazon\AmazonS3Controler.php:31

actionmedia_upload_woocommerce_amazon_s3_uploadsrc\Woocommerce\Extension\Amazon\AmazonS3Controler.php:32

actionmedia_upload_woocommerce_amazon_s3_bucketssrc\Woocommerce\Extension\Amazon\AmazonS3Controler.php:33

actionadmin_enqueue_scriptssrc\Woocommerce\Extension\Amazon\AmazonS3Controler.php:34

actionwp_loadedsrc\Woocommerce\Extension\Amazon\AmazonS3Controler.php:35

actionwoocommerce_file_download_methodsrc\Woocommerce\Extension\Amazon\AmazonS3Controler.php:36

actionwoocommerce_download_file_from_wc_amazon_s3_product_downloadsrc\Woocommerce\Extension\Amazon\AmazonS3Controler.php:37

actionadmin_noticessrc\Woocommerce\Extension\Amazon\AmazonS3Controler.php:38

actionwoocommerce_admin_field_woo_amazon_textsrc\Woocommerce\Extension\Amazon\AmazonS3Controler.php:39

actionplugins_loadedwc-download-products-from-aws-s3.php:60

Maintenance & Trust

WC Download Products from AWS S3 Maintenance & Trust

Maintenance Signals

WordPress version tested5.4.19

Last updatedApr 16, 2020

PHP min version5.6

Downloads1K

Community Trust

Rating100/100

Number of ratings2

Active installs10

Alternatives

WC Download Products from AWS S3 Alternatives

Ultimate Media On The Cloud Lite

ultimate-media-on-the-cloud-lite

With Ultimate Media On The Cloud plugin, you can easy migrate/ move and mange wordpress medias on the Cloud Storage Platforms like Amazon S3, Google C …

10 No CVEs

Upcasted S3 Offload – AWS S3, DigitalOcean Spaces, Backblaze, MinIO Storage Integration

upcasted-s3-offload

Easily migrate and manage WordPress Media Library files to AWS S3 or S3-compatible storage providers. Boost performance and reduce hosting costs.

200 1 CVE

WP Offload Media Lite for Amazon S3, DigitalOcean Spaces, and Google Cloud Storage

amazon-s3-and-cloudfront

100

Copies files to Amazon S3, DigitalOcean Spaces or Google Cloud Storage as they are uploaded to the Media Library. Optionally configure Amazon CloudFro …

30K 1 CVE

Image Hover Effects For WooCommerce Products

image-hover-effects-for-woocommerce-products

Allow user to display there woocommerce products with css3 animation effects any where they want.

100 No CVEs

Block Uploading Images for WP Offload Media

wp-offload-s3-filter-image-file-types

Stops images from uploading directly to your choice of CDN storage service.

60 No CVEs

Developer Profile

WC Download Products from AWS S3 Developer Profile

Piotr Włoch

2 plugins · 20 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WC Download Products from AWS S3

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wc-download-products-from-aws-s3/assets/js/script.js

Script Paths