Does WC Contour – Product Bundles Builder for WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in WC Contour – Product Bundles Builder for WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WC Contour – Product Bundles Builder for WooCommerce compatible with WordPress 6.8.5?

According to WordPress.org data, WC Contour – Product Bundles Builder for WooCommerce 1.0.2 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is WC Contour – Product Bundles Builder for WooCommerce compatible with PHP 7.4+?

WC Contour – Product Bundles Builder for WooCommerce requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

What is WC Contour – Product Bundles Builder for WooCommerce's security score?

WC Contour – Product Bundles Builder for WooCommerce has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WC Contour – Product Bundles Builder for WooCommerce Security & Risk Analysis

wordpress.org/plugins/wccontour

Product Bundles Builder. Create and save customer's bundles.

0 active installs v1.0.2 PHP 7.4+ WP 5.5+ Updated Oct 26, 2025

bundles-builderproduct-builderproduct-bundleswoocommerce-builderwoocommerce-product-builder

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is WC Contour – Product Bundles Builder for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

WC Contour – Product Bundles Builder for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5mo ago

Risk Assessment

The wccontour plugin version 1.0.2 exhibits a generally positive security posture with many good practices in place. The plugin demonstrates a strong commitment to secure coding by utilizing prepared statements for the vast majority of its SQL queries and properly escaping almost all output. The absence of any known vulnerabilities in its history is also a significant positive indicator, suggesting diligent maintenance and robust development processes. The plugin also has no external HTTP requests, reducing the risk of server-side request forgery or external service compromise.

However, there are several areas for concern. The static analysis reveals a significant number of flows with unsanitized paths (7 out of 15 analyzed), with 6 of these classified as high severity taint flows. This indicates a substantial risk of data being processed or manipulated in an unsafe manner, potentially leading to vulnerabilities like directory traversal or arbitrary file read/write if these paths are exposed to user input. Additionally, while capability checks are absent, which is a point of concern, the plugin's total entry points are protected by authentication mechanisms, mitigating immediate risk from direct unauthorized access. The presence of a bundled library (Freemius v1.0) also warrants attention, as outdated bundled libraries can introduce known vulnerabilities if not kept up-to-date.

In conclusion, wccontour v1.0.2 has strengths in its SQL and output handling and a clean vulnerability history. Nevertheless, the high-severity taint flows related to unsanitized paths are a critical weakness that requires immediate investigation and remediation. Addressing these specific taint flow issues, alongside ensuring bundled libraries are current, will significantly enhance the plugin's security.

Key Concerns

High severity taint flows detected
Flows with unsanitized paths found
Bundled library may be outdated
No capability checks on entry points

Vulnerabilities

None known

WC Contour – Product Bundles Builder for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

WC Contour – Product Bundles Builder for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

228 prepared

Unescaped Output

621 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Freemius1.0

SQL Query Safety

90% prepared252 total queries

Output Escaping

97% escaped640 total outputs

Data Flows

7 unsanitized

Data Flow Analysis

15 flows7 with unsanitized paths

demo_import (includes\import.php:26)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

WC Contour – Product Bundles Builder for WooCommerce Attack Surface

Entry Points35

Unprotected0

AJAX Handlers 34

authwp_ajax_wccon_save_builderincludes\ajax.php:22

authwp_ajax_wccon_remove_builderincludes\ajax.php:24

authwp_ajax_wccon_product_taxincludes\ajax.php:25

authwp_ajax_wccon_product_attributeincludes\ajax.php:26

authwp_ajax_wccon_all_product_taxincludes\ajax.php:28

authwp_ajax_wccon_all_productsincludes\ajax.php:29

authwp_ajax_wccon_all_pagesincludes\ajax.php:30

authwp_ajax_wccon_update_list_itemincludes\ajax.php:32

authwp_ajax_wccon_save_settingsincludes\ajax.php:33

authwp_ajax_wccon_component_productsincludes\ajax.php:36

noprivwp_ajax_wccon_component_productsincludes\ajax.php:37

authwp_ajax_wccon_filter_builderincludes\ajax.php:38

noprivwp_ajax_wccon_filter_builderincludes\ajax.php:39

authwp_ajax_wccon_buy_productincludes\ajax.php:41

noprivwp_ajax_wccon_buy_productincludes\ajax.php:42

authwp_ajax_wccon_add_productincludes\ajax.php:44

noprivwp_ajax_wccon_add_productincludes\ajax.php:45

authwp_ajax_wccon_remove_productincludes\ajax.php:47

noprivwp_ajax_wccon_remove_productincludes\ajax.php:48

authwp_ajax_wccon_load_listincludes\ajax.php:51

noprivwp_ajax_wccon_load_listincludes\ajax.php:52

authwp_ajax_wccon_buy_listincludes\ajax.php:55

noprivwp_ajax_wccon_buy_listincludes\ajax.php:56

authwp_ajax_wccon_save_listincludes\ajax.php:59

authwp_ajax_wccon_remove_listincludes\ajax.php:62

authwp_ajax_wccon_users_listincludes\ajax.php:65

noprivwp_ajax_wccon_users_listincludes\ajax.php:66

authwp_ajax_wccon_user_listincludes\ajax.php:69

noprivwp_ajax_wccon_user_listincludes\ajax.php:70

authwp_ajax_wccon_load_moreincludes\ajax.php:73

noprivwp_ajax_wccon_load_moreincludes\ajax.php:74

authwp_ajax_wccon_delete_all_dataincludes\ajax.php:77

authwp_ajax_test_wpml_wcconincludes\ajax.php:80

authwp_ajax_wccon_ajax_demo_importincludes\import.php:20

Shortcodes 1

[wccon-builder] includes\shortcodes.php:22

WordPress Hooks 39

actionadmin_menuincludes\admin.php:31

actionadmin_enqueue_scriptsincludes\admin.php:32

actionadmin_enqueue_scriptsincludes\admin.php:33

actionadmin_headincludes\admin.php:35

actionwidgets_initincludes\admin.php:38

filterwidget_display_callbackincludes\admin.php:40

actioninitincludes\admin.php:43

filterwoocommerce_get_query_varsincludes\admin.php:44

filterwoocommerce_account_menu_itemsincludes\admin.php:45

actiontemplate_redirectincludes\admin.php:47

actionwoocommerce_attribute_addedincludes\admin.php:50

actionwoocommerce_attribute_updatedincludes\admin.php:51

actionwoocommerce_attribute_deletedincludes\admin.php:52

filterwccon_product_query_argsincludes\ajax.php:731

filterwccon_product_query_varsincludes\ajax.php:732

actionwccon_product_list_topbarincludes\front-actions.php:14

actionwccon_product_list_topbarincludes\front-actions.php:15

actionwccon_product_list_topbarincludes\front-actions.php:16

actionwccon_builder_topbar_itemsincludes\front-actions.php:19

actionwccon_builder_topbar_itemsincludes\front-actions.php:20

actionwccon_builder_topbar_actionsincludes\front-actions.php:22

actionwccon_builder_product_item_metaincludes\front-actions.php:25

actionwccon_builder_product_item_attributesincludes\front-actions.php:26

actionwp_enqueue_scriptsincludes\frontend.php:22

filterwoocommerce_available_variationincludes\frontend.php:23

actionwp_footerincludes\frontend.php:24

filterwccon_taxonomy_term_argsincludes\multilang.php:24

filterposts_joinincludes\product-query.php:109

filterposts_whereincludes\product-query.php:110

filterposts_groupbyincludes\product-query.php:111

filterposts_orderbyincludes\product-query.php:112

filterposts_joinincludes\product-query.php:127

filterposts_whereincludes\product-query.php:128

filterwoocommerce_available_variationtemplates\product-list.php:58

actionafter_uninstallwccontour.php:65

actionplugins_loadedwccontour.php:102

actioninitwccontour.php:103

actionadmin_noticeswccontour.php:231

actionbefore_woocommerce_initwccontour.php:279

Maintenance & Trust

WC Contour – Product Bundles Builder for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedOct 26, 2025

PHP min version7.4

Downloads3K

Community Trust

Rating100/100

Number of ratings2

Active installs0

Alternatives

WC Contour – Product Bundles Builder for WooCommerce Alternatives

Visual Product Configurator for Woocommerce Lite

visual-products-configurator-for-woocommerce

100

A woocommerce product customizer for woocommerce that allows customers to build any composite product visually.

200 No CVEs

ShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce Solution

shopengine

WooCommerce builder for Elementor and Gutenberg. It offers product templates, product sliders, shopping cart, quick view, Woo wishlist, product filter …

90K 4 CVEs

ShopLentor – All-in-One WooCommerce Growth & Store Enhancement Plugin

woolentor-addons

ShopLentor – More than a WooCommerce builder. A complete growth plugin to boost conversions, UX, and sales for your store.

90K 24 CVEs

Exclusive Addons for Elementor

exclusive-addons-for-elementor

Exclusive Addons is one of the Best Elementor Addons With 90+ Elementor Free & Pro Widgets with all the customizations options you ever imagined.

60K 24 CVEs

ShopBuilder – WooCommerce Builder For Elementor

shopbuilder

WooCommerce builder for Elementor includes 80+ widgets, WooCommerce templates, quick view, compare, wishlist, shop & archive page builder and more.

9K 3 CVEs

Developer Profile

WC Contour – Product Bundles Builder for WooCommerce Developer Profile

EvelynWaugh

3 plugins · 60 total installs

trust score

Avg Security Score

95/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WC Contour – Product Bundles Builder for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wccontour/build/css/frontend.css/wp-content/plugins/wccontour/build/js/frontend.js/wp-content/plugins/wccontour/build/js/frontend.vendors.js/wp-content/plugins/wccontour/build/css/style.css

Script Paths

/wp-content/plugins/wccontour/build/js/frontend.js/wp-content/plugins/wccontour/build/js/frontend.vendors.js

Version Parameters

wccontour/build/css/frontend.css?ver=wccontour/build/js/frontend.js?ver=wccontour/build/js/frontend.vendors.js?ver=wccontour/build/css/style.css?ver=

HTML / DOM Fingerprints

CSS Classes

wccon-wrapperwccon-product-builderwccon-product-bundle

Data Attributes

wccon-iddata-wccon-product-id

JS Globals

wccon_frontend_paramswccon

Shortcode Output

[wccon_product_builder][wccon_product_bundle]

FAQ