WP-Safety

WC Weight Meter Security & Risk Analysis

wordpress.org/plugins/wc-weight-meter

A WooCommerce weight meter plugin that allows customers to view the total weight of their cart in real-time with a customizable progress bar.

0 active installs v1.2.1 PHP 7.4+ WP 5.0+ Updated Apr 24, 2025
cart-weightcustomizableprogress-barwc-weight-meterwoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is WC Weight Meter Safe to Use in 2026?

Generally Safe

Score 100/100

WC Weight Meter has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11mo ago
Risk Assessment

The 'wc-weight-meter' v1.2.1 plugin demonstrates some positive security practices, particularly in its handling of SQL queries and output escaping. All SQL queries utilize prepared statements, and all observed output is properly escaped, which are crucial for preventing common web vulnerabilities. Furthermore, the absence of any recorded CVEs, historical or current, and a lack of recorded common vulnerability types suggests a generally stable and secure codebase in the past. The plugin also avoids making external HTTP requests and does not bundle any libraries, reducing potential attack vectors.

However, the analysis reveals significant security concerns related to its attack surface. Two AJAX handlers are present, and critically, both of them lack any authentication checks. This represents a substantial risk as unauthenticated users could potentially trigger these handlers, leading to unintended actions or information disclosure. The absence of nonce checks and capability checks on these AJAX endpoints further exacerbates this risk. While no taint analysis issues or dangerous functions were identified, the unprotected entry points are a glaring weakness that could be exploited.

In conclusion, while 'wc-weight-meter' v1.2.1 has strengths in its secure data handling and a clean vulnerability history, the unprotected AJAX handlers present a high-priority risk. The lack of authentication and nonce checks on these entry points creates an open door for potential exploitation. Addressing these unprotected AJAX handlers should be the primary focus for improving the plugin's security posture.

Key Concerns

  • AJAX handlers without auth checks
  • AJAX handlers without nonce checks
  • AJAX handlers without capability checks
Vulnerabilities
None known

WC Weight Meter Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

WC Weight Meter Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
9 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

100% escaped9 total outputs
Attack Surface
2 unprotected

WC Weight Meter Attack Surface

Entry Points3
Unprotected2

AJAX Handlers 2

authwp_ajax_update_weight_meterincludes\class-wc-weight-meter.php:10
noprivwp_ajax_update_weight_meterincludes\class-wc-weight-meter.php:11

Shortcodes 1

[weight_meter] includes\class-wc-weight-meter.php:9
WordPress Hooks 4
actionadmin_menuincludes\class-wc-weight-meter-settings.php:16
actionadmin_initincludes\class-wc-weight-meter-settings.php:17
actionwp_enqueue_scriptsincludes\class-wc-weight-meter.php:8
actionplugins_loadedWC-weight-meter.php:33
Maintenance & Trust

WC Weight Meter Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedApr 24, 2025
PHP min version7.4
Downloads308

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

WC Weight Meter Alternatives

Free Shipping Label and Progress Bar for WooCommerce

Free Shipping Label and Progress Bar for WooCommerce

free-shipping-label

A
100

Increase order revenue by showing your customers just how close they are to your free shipping threshold.

5K No CVEs
Toggle Tax For Woocommerce

Toggle Tax For Woocommerce

toggle-tax-for-woocommerce

A
100

Toggle Tax For Woocommerce allows store owners to easily toggle tax display for their products in WooCommerce. This plugin allows customers to toggle …

100 No CVEs
Free Shipping Bar and Message for WooCommerce

Free Shipping Bar and Message for WooCommerce

free-woo-shipping-bar

A
92

Free Shipping Bar for WooCommerce displays customizable free shipping info on your site’s header, footer, or as a progress bar to boost sales.

10 No CVEs
Custom Checkbox Ultimate for WooCommerce

Custom Checkbox Ultimate for WooCommerce

custom-checkbox-ultimate-for-woocommerce

A
92

Add customizable checkbox options on WooCommerce product pages for additional services and charges.

0 No CVEs
QSearch.ai

QSearch.ai

qsearch-ai

A
85

Watch your conversion rates skyrocket by adding the most advanced search function to your WooCommerce store. The QSearch plugin features: * Predictiv …

0 No CVEs
Developer Profile

WC Weight Meter Developer Profile

sotfsdapps

2 plugins · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect WC Weight Meter

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wc-weight-meter/assets/style.css/wp-content/plugins/wc-weight-meter/assets/script.js
Script Paths
/wp-content/plugins/wc-weight-meter/assets/script.js
Version Parameters
wc-weight-meter/assets/style.css?ver=wc-weight-meter/assets/script.js?ver=

HTML / DOM Fingerprints

CSS Classes
weight-progress-barprogress
JS Globals
wcWeightMeter
Shortcode Output
<div id="wc-weight-meter"> <div class="weight-progress-bar"> <div class="progress" style="width: 0%;"></div> </div> <span id="wc-weight-info">Loading weight meter...</span> </div>
FAQ

Frequently Asked Questions about WC Weight Meter