WP-Safety

Thank You Page for WooCommerce Security & Risk Analysis

wordpress.org/plugins/wc-thanks-redirect

Thank You Page for WooCommerce allows adding Thank You Page or Thank You URL for WooCommerce Products for your Customers.

10K active installs v4.3.1 PHP 7.4+ WP 6.2+ Updated Feb 17, 2026
custom-thank-you-pagethank-you-pagewoo-thank-you-pagewoocommerce-thank-youwoocommerce-thank-you-page
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Thank You Page for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Thank You Page for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The wc-thanks-redirect plugin version 4.3.1 exhibits a strong security posture based on the provided static analysis and vulnerability history. The code demonstrates good practices by utilizing prepared statements for all SQL queries and properly escaping a high percentage (95%) of its outputs. Notably, there are no identified dangerous functions, file operations, or external HTTP requests, further reducing the attack surface. The plugin also incorporates capability checks, indicating an effort to restrict access to sensitive functionalities. The absence of any known CVEs, past or present, and the clean taint analysis with zero critical or high severity flows are significant strengths.

However, a minor concern arises from the lack of nonce checks. While the attack surface is small and the single entry point (shortcode) is not explicitly stated as unprotected, the absence of nonces could theoretically introduce vulnerabilities if the shortcode were to be manipulated in a way that bypasses other security measures or performs unintended actions. The bundled Freemius library also represents a potential risk if it is outdated or contains known vulnerabilities, though no specific information on this is provided. Overall, the plugin appears to be well-secured, but the lack of nonces warrants attention.

Key Concerns

  • No nonce checks present
  • Bundled Freemius v1.0 library
Vulnerabilities
None known

Thank You Page for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Thank You Page for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
4 prepared
Unescaped Output
4
76 escaped
Nonce Checks
0
Capability Checks
4
File Operations
0
External Requests
0
Bundled Libraries
1

Bundled Libraries

Freemius1.0

SQL Query Safety

100% prepared4 total queries

Output Escaping

95% escaped80 total outputs
Data Flows
All sanitized

Data Flow Analysis

2 flows
shortcode_order_details (src\Front.php:55)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Thank You Page for WooCommerce Attack Surface

Entry Points1
Unprotected0

Shortcodes 1

[TRFW_ORDER_DETAILS] src\Front.php:38
WordPress Hooks 27
actionadmin_menusrc\Admin.php:40
filterwoocommerce_get_sections_productssrc\Admin.php:42
filterwoocommerce_get_settings_productssrc\Admin.php:44
actionwoocommerce_product_options_general_product_datasrc\Admin.php:46
actionwoocommerce_process_product_metasrc\Admin.php:48
actionadmin_enqueue_scriptssrc\Admin.php:50
actionadmin_footersrc\Admin.php:52
actionadmin_body_classsrc\Admin.php:54
actionrest_api_initsrc\Api.php:47
actiontemplate_redirectsrc\Compatibility\PYS_Tracking.php:42
actionwoocommerce_thankyousrc\Front.php:40
actionwp_footersrc\Front.php:42
filterwoocommerce_payment_gatewayssrc\Front.php:44
filterwoocommerce_available_payment_gatewayssrc\Modules\SandBoxPayment.php:43
actionwoocommerce_email_before_order_tablesrc\Modules\SandBoxPayment.php:48
actionwoocommerce_blocks_payment_method_type_registrationsrc\Modules\SandBoxPayment.php:154
filterwoocommerce_block_cart_and_checkout_payment_methodssrc\Modules\SandBoxPayment.php:164
filterplugin_iconwc-thanks-redirect.php:87
actioninitwc-thanks-redirect.php:125
actioninitwc-thanks-redirect.php:127
actionbefore_woocommerce_initwc-thanks-redirect.php:129
actionwoocommerce_blocks_loadedwc-thanks-redirect.php:133
actionplugins_loadedwc-thanks-redirect.php:135
actionadmin_noticeswc-thanks-redirect.php:146
actionadmin_noticeswc-thanks-redirect.php:151
actionwoocommerce_blocks_payment_method_type_registrationwc-thanks-redirect.php:230
filterwoocommerce_payment_gatewayswc-thanks-redirect.php:251
Maintenance & Trust

Thank You Page for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 17, 2026
PHP min version7.4
Downloads278K

Community Trust

Rating100/100
Number of ratings43
Active installs10K
Alternatives

Thank You Page for WooCommerce Alternatives

NextMove Lite – Thank You Page for WooCommerce

NextMove Lite – Thank You Page for WooCommerce

woo-thank-you-page-nextmove-lite

B
72

The only plugin in WooCommerce that empowers you to build profit-pulling Thank You Pages with plug & play components.

10K 1 unpatched
ThankRedirect – Custom Thank You Pages for WooCommerce

ThankRedirect – Custom Thank You Pages for WooCommerce

wc-thank-you-page

A
100

Redirect customers to beautiful custom thank you pages and turn every WooCommerce order into repeat sales.

90 No CVEs
Thank You Page Customizer for WooCommerce – Increase Your Sales

Thank You Page Customizer for WooCommerce – Increase Your Sales

woo-thank-you-page-customizer

A
95

Craft a stunning thank you page effortlessly with our user-friendly customization tools, offer coupons to customers after purchase.

4K 5 CVEs
Custom Thank You Page Customize For WooCommerce by Binary Carpenter

Custom Thank You Page Customize For WooCommerce by Binary Carpenter

bc-woo-custom-thank-you-pages

A
91

Create thank you pages for all products, per products or per category

2K 1 CVE
Custom Thank You Page For Woocommerce

Custom Thank You Page For Woocommerce

custom-thank-you-page-for-woocommerce-product

A
85

This is a modification of the CloudSkyrocket.com plugin. It is very simple and strait forward Plugin for Woocommerce Shop Owners that would like to se …

10 No CVEs
Developer Profile

Thank You Page for WooCommerce Developer Profile

Nitin Prakash

7 plugins · 14K total installs

93
trust score
Avg Security Score
99/100
Avg Patch Time
8 days
View full developer profile
Detection Fingerprints

How We Detect Thank You Page for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wc-thanks-redirect/assets/css/wctr-styles.css/wp-content/plugins/wc-thanks-redirect/assets/js/wctr-scripts.js/wp-content/plugins/wc-thanks-redirect/assets/js/wctr-admin.js
Script Paths
/wp-content/plugins/wc-thanks-redirect/assets/js/wctr-scripts.js/wp-content/plugins/wc-thanks-redirect/assets/js/wctr-admin.js
Version Parameters
wc-thanks-redirect/assets/css/wctr-styles.css?ver=wc-thanks-redirect/assets/js/wctr-scripts.js?ver=wc-thanks-redirect/assets/js/wctr-admin.js?ver=

HTML / DOM Fingerprints

Data Attributes
data-wctr-thankyou-redirect-iddata-wctr-thankyou-redirect-product-idsdata-wctr-thankyou-redirect-page-iddata-wctr-thankyou-redirect-custom-urldata-wctr-thankyou-redirect-enable-order-detailsdata-wctr-thankyou-redirect-order-details-template
JS Globals
WCTR_FRONT_SETTINGS
FAQ

Frequently Asked Questions about Thank You Page for WooCommerce