Does WC Price History have any unpatched vulnerabilities?

No. All known vulnerabilities in WC Price History have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WC Price History compatible with WordPress 6.9.4?

According to WordPress.org data, WC Price History 3.2.3 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is WC Price History compatible with PHP 7.2+?

WC Price History requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is WC Price History updated?

WC Price History was last updated on Mar 9, 2026. Frequent updates are generally a positive security signal.

What is WC Price History's security score?

WC Price History has a WP-Safety security score of 98/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WC Price History Security & Risk Analysis

wordpress.org/plugins/wc-price-history

What was the lowest price recently? Build customer trust through transparency! Track and display product price history in WooCommerce store.

4K active installs v3.2.3 PHP 7.2+ WP 5.8+ Updated Mar 9, 2026

historylowestomnibuspriceswoocommerce

A · Safe

CVEs total2

Unpatched0

Last CVEJan 7, 2025

Plugin page Download

Safety Verdict

Is WC Price History Safe to Use in 2026?

Generally Safe

Score 98/100

WC Price History has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Jan 7, 2025Updated 25d ago

Risk Assessment

The wc-price-history plugin v3.2.3 exhibits a generally strong security posture, with excellent adherence to best practices in output escaping and a high percentage of SQL queries utilizing prepared statements. The absence of dangerous functions, file operations, and external HTTP requests is also a positive indicator. The plugin has a moderate attack surface of 9 entry points, all of which appear to have authentication checks in place, which is commendable.

However, the taint analysis reveals two flows with unsanitized paths, both flagged with high severity. This is a significant concern and suggests that user-supplied data within these flows is not being adequately sanitized before use, potentially leading to vulnerabilities like Cross-Site Scripting (XSS) or other injection attacks if these paths are reachable by attackers. The vulnerability history, which includes past issues related to Deserialization of Untrusted Data and Missing Authorization, further reinforces the need for caution, especially given the recent high-severity taint flows. The plugin has a history of vulnerabilities, indicating a pattern that requires careful monitoring. While current unpatched CVEs are zero, past issues and the identified taint flows suggest potential weaknesses.

In conclusion, the plugin demonstrates good foundational security practices, but the presence of high-severity unsanitized taint flows presents a clear and present risk. The historical vulnerability pattern also warrants ongoing vigilance. Addressing the identified taint flows should be the immediate priority to mitigate potential security risks.

Key Concerns

High severity taint flows with unsanitized paths
Past vulnerabilities: Deserialization, Missing Auth
Moderate attack surface (9 total entry points)

Vulnerabilities

WC Price History Security Vulnerabilities

CVEs by Year

1 CVE in 2024

2024

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

High

Medium

2 total CVEs

CVE-2025-22510high · 7.2Deserialization of Untrusted Data

WC Price History for Omnibus <= 2.1.4 - Authenticated (Shop manager+) PHP Object Injection

Jan 7, 2025 Patched in 2.1.5 (8d)

CVE-2024-12617medium · 5.4Missing Authorization

WC Price History for Omnibus <= 2.1.3 - Missing Authorization

Dec 23, 2024 Patched in 2.1.4 (1d)

Code Analysis

Analyzed Mar 16, 2026

WC Price History Code Analysis

Dangerous Functions

Raw SQL Queries

37 prepared

Unescaped Output

23 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

93% prepared40 total queries

Output Escaping

100% escaped23 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

export_product_with_price_history (app\PriorPrice\Export.php:100)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

WC Price History Attack Surface

Entry Points9

Unprotected0

AJAX Handlers 8

authwp_ajax_wc_price_history_first_scan_finished_notice_dismissedapp\PriorPrice\Ajax.php:42

authwp_ajax_wc_price_history_clean_historyapp\PriorPrice\Ajax.php:43

authwp_ajax_wc_price_history_fix_historyapp\PriorPrice\Ajax.php:44

authwp_ajax_wc_price_history_force_first_scan_endapp\PriorPrice\Ajax.php:45

authwp_ajax_wc_price_history_restart_first_scanapp\PriorPrice\Ajax.php:46

authwp_ajax_wc_price_history_migrate_batchapp\PriorPrice\Ajax.php:47

authwp_ajax_wc_price_history_migration_notice_dismissedapp\PriorPrice\Database\AdminNotice.php:26

authwp_ajax_wc_price_history_export_product_with_price_historyapp\PriorPrice\Export.php:45

Shortcodes 1

[wc_price_history] app\PriorPrice\Shortcode.php:67

WordPress Hooks 28

actionadmin_enqueue_scriptsapp\PriorPrice\AdminAssets.php:17

actionadmin_noticesapp\PriorPrice\Database\AdminNotice.php:24

actionadmin_initapp\PriorPrice\Database\AdminNotice.php:25

actionwoocommerce_product_write_panel_tabsapp\PriorPrice\EducationalTab.php:27

actionwoocommerce_product_data_panelsapp\PriorPrice\EducationalTab.php:28

actionadd_meta_boxesapp\PriorPrice\Export.php:43

actionadmin_noticesapp\PriorPrice\FirstScan.php:61

actionadmin_initapp\PriorPrice\FirstScan.php:62

actionwp_enqueue_scriptsapp\PriorPrice\FrontEndAssets.php:18

actionplugins_loadedapp\PriorPrice\Hooks.php:19

filterplugin_row_metaapp\PriorPrice\Marketing.php:22

actionwc_price_history_settings_page_rate_us_textapp\PriorPrice\Marketing.php:23

actionplugins_loadedapp\PriorPrice\Migrations.php:26

filterwoocommerce_register_post_type_productapp\PriorPrice\Migrations.php:30

filterwoocommerce_get_price_htmlapp\PriorPrice\Prices.php:46

actionwoocommerce_product_duplicate_before_saveapp\PriorPrice\ProductDuplicate.php:29

actionwoocommerce_product_duplicateapp\PriorPrice\ProductDuplicate.php:31

actionwoocommerce_new_productapp\PriorPrice\ProductUpdates.php:27

actionwoocommerce_new_product_variationapp\PriorPrice\ProductUpdates.php:28

actionwoocommerce_update_productapp\PriorPrice\ProductUpdates.php:29

actionwoocommerce_save_product_variationapp\PriorPrice\ProductUpdates.php:30

actionadmin_initapp\PriorPrice\SettingsData.php:15

actionadmin_menuapp\PriorPrice\SettingsPage.php:20

actionadmin_initapp\PriorPrice\SettingsPage.php:21

actioninitapp\PriorPrice\Shortcode.php:50

filterwoocommerce_available_variationapp\PriorPrice\Variations.php:40

actionplugins_loadedplugin.php:41

actionadmin_noticesplugin.php:43

Maintenance & Trust

WC Price History Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 9, 2026

PHP min version7.2

Downloads50K

Community Trust

Rating100/100

Number of ratings23

Active installs4K

Alternatives

WC Price History Alternatives

Product Price History Tracker for WooCommerce

product-price-history-tracker-for-woocommerce

100

Easily track WooCommerce product prices and display the lowest price in the last 30 days to comply with the EU Omnibus Directive.

20 No CVEs

Omnibus Directive for Products

omnibus-directive-for-products

omnibus-for-wc-products Display lowest woocommerce price in your theme

0 No CVEs

Plot prices woocommerce product (product price history)

plot-prices

Chart plugin to view plot price changes of woocommerce product.

70 No CVEs

Lowest Price Tracker

lowest-price-tracker

100

Tracks product price changes and displays the lowest price in the last 30 days for discounted products.

0 No CVEs

PW WooCommerce Bulk Edit

pw-bulk-edit

A powerful way to update your WooCommerce product catalog. Finally, no more tedious clicking through countless pages!

20K 1 CVE

Developer Profile

WC Price History Developer Profile

kkarpieszuk

3 plugins · 4K total installs

trust score

Avg Security Score

89/100

Avg Patch Time

5 days

View full developer profile

Detection Fingerprints

How We Detect WC Price History

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wc-price-history/assets/css/admin.css/wp-content/plugins/wc-price-history/assets/css/frontend.css/wp-content/plugins/wc-price-history/assets/css/migration.css/wp-content/plugins/wc-price-history/assets/js/admin.js/wp-content/plugins/wc-price-history/assets/js/export.js/wp-content/plugins/wc-price-history/assets/js/frontend.js/wp-content/plugins/wc-price-history/assets/js/migration.js

Script Paths

/wp-content/plugins/wc-price-history/assets/js/admin.js/wp-content/plugins/wc-price-history/assets/js/export.js/wp-content/plugins/wc-price-history/assets/js/frontend.js/wp-content/plugins/wc-price-history/assets/js/migration.js

Version Parameters

wc-price-history/assets/css/admin.css?ver=wc-price-history/assets/css/frontend.css?ver=wc-price-history/assets/css/migration.css?ver=wc-price-history/assets/js/admin.js?ver=wc-price-history/assets/js/export.js?ver=wc-price-history/assets/js/frontend.js?ver=wc-price-history/assets/js/migration.js?ver=

HTML / DOM Fingerprints

CSS Classes

wc-price-history-adminwc-price-history-migration

Data Attributes

data-wc-price-history-chart

JS Globals

wc_price_history_adminwc_price_history_exportwcPriceHistoryMigration

FAQ