Does Markup For WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in Markup For WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Markup For WooCommerce compatible with WordPress 6.7.5?

According to WordPress.org data, Markup For WooCommerce 1.9.1 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is Markup For WooCommerce compatible with PHP 7.4+?

Markup For WooCommerce requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Markup For WooCommerce updated?

Markup For WooCommerce was last updated on Unknown. Frequent updates are generally a positive security signal.

What is Markup For WooCommerce's security score?

Markup For WooCommerce has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Markup For WooCommerce Security & Risk Analysis

wordpress.org/plugins/wc-markup

The easiest way to apply markup to your WooCommerce products and track earnings generated by the plugin.

50 active installs v1.9.1 PHP 7.4+ WP 6.7+ Updated Unknown

ecommerceproductproductsshopwoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Markup For WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Markup For WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The 'wc-markup' plugin v1.9.1 exhibits a generally good security posture based on the static analysis. The complete absence of AJAX handlers, REST API routes, shortcodes, and cron events with unprotected entry points is a significant strength. Furthermore, all SQL queries utilize prepared statements, indicating a robust defense against SQL injection vulnerabilities. The plugin also demonstrates good practices in output escaping, with a high percentage of outputs being properly escaped. However, the presence of dangerous functions, file operations, and external HTTP requests warrants attention, as these can be potential vectors for exploitation if not handled with extreme care. The lack of nonce checks and capability checks on entry points, which are currently zero but could increase in the future, is a notable weakness.

The vulnerability history of 'wc-markup' is clean, with no recorded CVEs, which suggests a responsible development team and a history of secure coding. This lack of past vulnerabilities, combined with the current static analysis findings, indicates a low immediate risk. However, the identified code signals like 'dangerous functions' and 'external HTTP requests' coupled with the complete absence of authentication checks for any potential future entry points represent areas where a proactive security approach is crucial. The development team should prioritize implementing proper nonce and capability checks should any new entry points be introduced to maintain this favorable security profile.

Key Concerns

Dangerous functions detected
File operations detected
External HTTP requests detected
No nonce checks
No capability checks
Some outputs not properly escaped

Vulnerabilities

None known

Markup For WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Markup For WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

14 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

systemsystem( "msguniq --use-first $output_shell -o $output_shell" );makepot.php:240

systemsystem( "msguniq $output_shell -o $output_shell" );makepot.php:304

systemsystem( "msgcat --more-than=1 --use-first $frontend_pot $admin_pot > $common_pot" );makepot.php:311

systemsystem( "msgcat -u --use-first $admin_pot $common_pot -o $admin_pot" );makepot.php:312

systemsystem( "msgcat --more-than=1 --use-first $frontend_pot $admin_pot $net_admin_pot > $common_pot" );makepot.php:349

systemsystem( "msgcat -u --use-first $net_admin_pot $common_pot -o $net_admin_pot" );makepot.php:350

systemsystem("msguniq $output_shell -o $output_shell");makepot.php:509

systemsystem("msguniq $output_shell -o $output_shell");makepot.php:564

Output Escaping

74% escaped19 total outputs

Attack Surface

Markup For WooCommerce Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 20

actionadmin_noticesadmin\class-wc-markup-admin.php:513

actionplugins_loadedincludes\class-wc-markup.php:142

actionadmin_enqueue_scriptsincludes\class-wc-markup.php:156

actionadmin_enqueue_scriptsincludes\class-wc-markup.php:157

actionwoocommerce_process_product_metaincludes\class-wc-markup.php:158

actionadmin_headincludes\class-wc-markup.php:159

actionwoocommerce_product_data_panelsincludes\class-wc-markup.php:160

actionwoocommerce_variation_options_pricingincludes\class-wc-markup.php:166

filterwoocommerce_product_data_tabsincludes\class-wc-markup.php:175

filterwoocommerce_product_get_priceincludes\class-wc-markup.php:176

filterwoocommerce_product_get_regular_priceincludes\class-wc-markup.php:177

filterwoocommerce_get_sections_productsincludes\class-wc-markup.php:185

filterwoocommerce_get_settings_productsincludes\class-wc-markup.php:192

actionadmin_menuincludes\class-wc-markup.php:200

actionadmin_initincludes\class-wc-markup.php:201

actionadmin_noticesincludes\class-wc-markup.php:202

actionadmin_noticesincludes\class-wc-markup.php:203

filterplugin_action_links_wc-markup/wc-markup.phpincludes\class-wc-markup.php:204

actionwp_enqueue_scriptsincludes\class-wc-markup.php:219

actionwp_enqueue_scriptsincludes\class-wc-markup.php:220

Maintenance & Trust

Markup For WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedUnknown

PHP min version7.4

Downloads4K

Community Trust

Rating86/100

Number of ratings6

Active installs50

Alternatives

Markup For WooCommerce Alternatives

Cost Of Goods For WooCommerce

cost-of-goods

Maximize your store's profitability by accurately tracking the cost of goods sold (COGS) with our robust WooCommerce integration.

200 No CVEs

ProductGenie AI Shopping Assistant

productgenie-ai-shopping-assistant

100

Add an AI Shopping Assistant to your eCommerce Store

0 No CVEs

Bulky – Bulk Edit Products for WooCommerce

bulky-bulk-edit-products-for-woo

100

A helpful tool that allows you to bulk edit available attributes of products such as ID, Title, Content,...

10K No CVEs

WooCommerce Grid / List toggle

woocommerce-grid-list-toggle

Adds a grid/list view toggle to product archives

10K No CVEs

External Store for Shopify

wp-shopify

Display products from your Shopify store on your WordPress blog using shortcodes.

3K 2 CVEs

Developer Profile

Markup For WooCommerce Developer Profile

WpIron

4 plugins · 490 total installs

trust score

Avg Security Score

98/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Markup For WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wc-markup/admin/css/wc-markup-admin.css/wp-content/plugins/wc-markup/admin/js/wc-markup-admin.min.js

Script Paths

/wp-content/plugins/wc-markup/admin/js/wc-markup-admin.min.js

Version Parameters

wc-markup/admin/css/wc-markup-admin.css?ver=wc-markup/admin/js/wc-markup-admin.min.js?ver=

HTML / DOM Fingerprints

Data Attributes

data-markup_price_typedata-markup_price

JS Globals

markupforwc_ajax_object

FAQ