Does Multi Currency For WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in Multi Currency For WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Multi Currency For WooCommerce compatible with WordPress 6.8.5?

According to WordPress.org data, Multi Currency For WooCommerce 1.5.7 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Multi Currency For WooCommerce compatible with PHP 5.6+?

Multi Currency For WooCommerce requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Multi Currency For WooCommerce updated?

Multi Currency For WooCommerce was last updated on Apr 20, 2025. Frequent updates are generally a positive security signal.

What is Multi Currency For WooCommerce's security score?

Multi Currency For WooCommerce has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Multi Currency For WooCommerce Security & Risk Analysis

wordpress.org/plugins/wc-multi-currency

WC Multicurrency is a prominent currency switcher plugin for WooCommerce. This plugin allows your website or online store visitors to switch to their …

1K active installs v1.5.7 PHP 5.6+ WP 4.4+ Updated Apr 20, 2025

convertercurrencycurrency-switchermulticurrencyswitcher-woocommerce

A · Safe

CVEs total2

Unpatched0

Last CVEApr 15, 2024

Plugin page Download

Safety Verdict

Is Multi Currency For WooCommerce Safe to Use in 2026?

Generally Safe

Score 99/100

Multi Currency For WooCommerce has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Apr 15, 2024Updated 11mo ago

Risk Assessment

The "wc-multi-currency" v1.5.7 plugin exhibits a generally good security posture with strong adherence to secure coding practices. The static analysis reveals a low attack surface, with no unprotected entry points and a high percentage of SQL queries utilizing prepared statements. Output escaping is also largely effective, and dangerous functions are not present. However, there are some areas for concern. The presence of file operations and external HTTP requests, while not inherently insecure, represent potential vectors if not handled with utmost care and proper validation. The limited number of capability checks and nonce checks, especially in conjunction with the presence of a shortcode, could be a potential area for further scrutiny regarding authorization.

The vulnerability history indicates a pattern of medium severity issues, specifically related to Missing Authorization and Cross-Site Request Forgery (CSRF). Although there are currently no unpatched CVEs, the recurrence of these vulnerability types suggests a need for continued vigilance and potentially more robust checks within the code to prevent them. The fact that the last vulnerability was recent (April 2024) reinforces the importance of ongoing security review. Overall, while the plugin demonstrates many good security practices, the historical vulnerability types and the limited number of authorization checks warrant careful consideration for improving its security resilience.

Key Concerns

Medium severity vulnerabilities in history (2 total)
Vulnerabilities include Missing Authorization and CSRF
Limited capability checks (1 total)
Limited nonce checks (1 total)
Presence of file operations (26)
Presence of external HTTP requests (2)

Vulnerabilities

Multi Currency For WooCommerce Security Vulnerabilities

CVEs by Year

1 CVE in 2023

2023

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

2 total CVEs

CVE-2024-32516medium · 4.3Missing Authorization

Multi Currency For WooCommerce <= 1.5.5 - Missing Authorization

Apr 15, 2024 Patched in 1.5.6 (9d)

CVE-2023-49840medium · 4.3Cross-Site Request Forgery (CSRF)

Multi Currency For WooCommerce <= 1.5.5 - Cross-Site Request Forgery

Dec 6, 2023 Patched in 1.5.6 (108d)

Code Analysis

Analyzed Mar 16, 2026

Multi Currency For WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

14 prepared

Unescaped Output

340 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Select2

SQL Query Safety

93% prepared15 total queries

Output Escaping

88% escaped388 total outputs

Attack Surface

Multi Currency For WooCommerce Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[WCMC] modules\APBDWMC_design.php:17

WordPress Hooks 37

actioninitappcore\APBDWooComMultiCurrency.php:23

actionadmin_noticesappcore\APBDWooComMultiCurrency.php:32

actioninitcore\AppsBDKarnelLite.php:193

filterplugin_row_metacore\AppsBDKarnelLite.php:1081

actioninitcore\AppsBDKarnelLite.php:1082

actionwp_enqueue_scriptscore\AppsBDKarnelLite.php:1085

actionwp_headcore\AppsBDKarnelLite.php:1086

actionadmin_enqueue_scriptscore\AppsBDKarnelLite.php:1087

actionadmin_print_stylescore\AppsBDKarnelLite.php:1088

actionadmin_print_scriptscore\AppsBDKarnelLite.php:1089

actionwp_enqueue_scriptscore\AppsBDKarnelLite.php:1090

actionwp_print_stylescore\AppsBDKarnelLite.php:1091

actionadmin_menucore\AppsBDKarnelLite.php:1092

actionadmin_noticescore\AppsBDKarnelLite.php:1093

actionwp_footermodules\APBDWMC_design.php:23

actionwoocommerce_cart_loaded_from_sessionmodules\APBDWMC_general.php:27

filterwoocommerce_product_get_regular_pricemodules\APBDWMC_general.php:30

filterwoocommerce_product_get_sale_pricemodules\APBDWMC_general.php:31

filterwoocommerce_product_get_pricemodules\APBDWMC_general.php:32

filterwoocommerce_variation_pricesmodules\APBDWMC_general.php:35

filterwoocommerce_product_variation_get_pricemodules\APBDWMC_general.php:38

filterwoocommerce_product_variation_get_regular_pricemodules\APBDWMC_general.php:39

filterwoocommerce_product_variation_get_sale_pricemodules\APBDWMC_general.php:40

filterwoocommerce_price_filter_resultsmodules\APBDWMC_general.php:43

filterwoocommerce_package_ratesmodules\APBDWMC_general.php:47

filterwoocommerce_general_settingsmodules\APBDWMC_general.php:49

actionwidgets_initmodules\APBDWMC_general.php:51

actionwidgets_initmodules\APBDWMC_general.php:56

actionwp_enqueue_scriptsmodules\APBDWMC_general.php:58

filterwoocommerce_currencymodules\APBDWMC_general.php:79

filterwoocommerce_currency_symbolmodules\APBDWMC_general.php:80

filterwoocommerce_price_formatmodules\APBDWMC_general.php:81

filterwoocommerce_admin_reportsmodules\APBDWMC_general.php:83

filterwc_get_price_decimalsmodules\APBDWMC_general.php:84

filterwoocommerce_available_payment_gatewaysmodules\APBDWMC_payment_currency.php:16

actionbefore_woocommerce_initwcmilticurrency.php:27

actionadmin_noticeswcmilticurrency.php:33

Maintenance & Trust

Multi Currency For WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedApr 20, 2025

PHP min version5.6

Downloads45K

Community Trust

Rating72/100

Number of ratings9

Active installs1K

Alternatives

Multi Currency For WooCommerce Alternatives

FOX – Currency Switcher Professional for WooCommerce

woocommerce-currency-switcher

FOX - Currency Switcher Professional for WooCommerce (former name is WOOCS) is currency plugin for woocommerce and multi currency shop, switch & pay

50K 12 CVEs

Currency Switcher for WooCommerce

currency-switcher-woocommerce

Currency Switcher for WooCommerce.

10K 2 CVEs

YayCurrency – WooCommerce Multi-Currency Switcher

yaycurrency

WooCommerce Multi-Currency made easy, powerful, and flexible.

8K 2 CVEs

Currency Switcher for WooCommerce by WBW

woo-currency

100

WBW Currency Switcher for WooCommerce allows customers to switch products prices to any currencies. Get rates converted in the real-time with dynamic …

4K 1 CVE

WPCS – WordPress Currency Switcher Professional

currency-switcher

WordPress Currency Switcher Professional - a WordPress plugin that allows switching price currencies on your site with real-time rate conversion!

1K 9 CVEs

Developer Profile

Multi Currency For WooCommerce Developer Profile

PalsCode

1 plugin · 1K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

59 days

View full developer profile

Detection Fingerprints

How We Detect Multi Currency For WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wc-multi-currency/assets/css/wc_multi_currency_custom.css/wp-content/plugins/wc-multi-currency/assets/js/wc_multi_currency_custom.js/wp-content/plugins/wc-multi-currency/assets/js/select2.js/wp-content/plugins/wc-multi-currency/assets/js/switch.js/wp-content/plugins/wc-multi-currency/assets/js/country_flag.js/wp-content/plugins/wc-multi-currency/assets/js/currency_converter.js/wp-content/plugins/wc-multi-currency/assets/css/font-awesome.min.css/wp-content/plugins/wc-multi-currency/assets/css/bootstrap-select.min.css

Script Paths

/wp-content/plugins/wc-multi-currency/assets/js/wc_multi_currency_custom.js/wp-content/plugins/wc-multi-currency/assets/js/select2.js/wp-content/plugins/wc-multi-currency/assets/js/switch.js/wp-content/plugins/wc-multi-currency/assets/js/country_flag.js/wp-content/plugins/wc-multi-currency/assets/js/currency_converter.js

Version Parameters

wc-multi-currency/assets/css/wc_multi_currency_custom.css?ver=wc-multi-currency/assets/js/wc_multi_currency_custom.js?ver=wc-multi-currency/assets/js/select2.js?ver=wc-multi-currency/assets/js/switch.js?ver=wc-multi-currency/assets/js/country_flag.js?ver=wc-multi-currency/assets/js/currency_converter.js?ver=wc-multi-currency/assets/css/font-awesome.min.css?ver=wc-multi-currency/assets/css/bootstrap-select.min.css?ver=

HTML / DOM Fingerprints

CSS Classes

woocs-select-currencycurrent-currency-wrapperwc-currency-selector

Data Attributes

data-currencydata-currency-symbol

JS Globals

wc_multi_currency_params

FAQ