WP-Safety

Wholesale Market Security & Risk Analysis

wordpress.org/plugins/wholesale-market

Create your own wholesale market by adding wholesale price for particular customers in woocommerce

200 active installs v2.2.2 PHP + WP 4.0+ Updated Jul 11, 2024
wholesale-pluginwholesale-priceswholesale-pricingwoocommercewoocommerce-wholesale
91
A · Safe
CVEs total1
Unpatched0
Last CVEDec 12, 2022
Plugin page Download
Safety Verdict

Is Wholesale Market Safe to Use in 2026?

Generally Safe

Score 91/100

Wholesale Market has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

1 known CVELast CVE: Dec 12, 2022Updated 1yr ago
Risk Assessment

The "wholesale-market" plugin v2.2.2 exhibits a generally good security posture with strong adherence to secure coding practices. Static analysis reveals a comprehensive set of security checks, including nonce and capability checks on all AJAX handlers, a robust 97% rate of proper output escaping, and the exclusive use of prepared statements for SQL queries. The absence of dangerous functions and external HTTP requests further bolsters its security. However, a single taint flow with unsanitized paths, while not classified as critical or high severity, warrants attention as it indicates a potential weakness in how file paths are handled, which could be exploited in specific scenarios.

The vulnerability history shows one past high-severity vulnerability, specifically a 'Path Traversal' issue, last patched in late 2022. The fact that there are no currently unpatched CVEs is positive, but the presence of a past high-severity path traversal vulnerability, combined with the taint analysis finding an unsanitized path flow, suggests that file path manipulation remains a potential area of concern for this plugin. Overall, the plugin demonstrates a strong foundation in secure development, but vigilance regarding file path handling and a continued commitment to patching any future vulnerabilities are essential for maintaining its security.

Key Concerns

  • Flow with unsanitized paths
  • Past high severity path traversal vulnerability
Vulnerabilities
1 published

Wholesale Market Security Vulnerabilities

CVEs by Year

1 CVE in 2022
2022
Patched Has unpatched

Severity Breakdown

High
1

1 total CVE

CVE-2022-4298high · 7.5Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Wholesale Market <= 2.2.0 - Information Disclosure via Unauthenticated Arbitrary File Download

Dec 12, 2022 Patched in 2.2.1 (407d)
Version History

Wholesale Market Release Timeline

v2.2.2Current
Code Analysis
Analyzed Mar 16, 2026

Wholesale Market Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
6
189 escaped
Nonce Checks
11
Capability Checks
3
File Operations
8
External Requests
0
Bundled Libraries
0

Output Escaping

97% escaped195 total outputs
Data Flows · Security
1 unsanitized

Data Flow Analysis

6 flows1 with unsanitized paths
ced_cwsm_csv_import_export_module_download_error_log (addons\csv-import-export\class-cwsm-csv-import-export.php:58)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Wholesale Market Attack Surface

Entry Points11
Unprotected0

AJAX Handlers 9

authwp_ajax_ced_cwsm_csv_import_export_module_read_csvaddons\csv-import-export\class-cwsm-csv-import-export.php:47
noprivwp_ajax_ced_wholesale_process_requestaddons\wholesale-request\admin\class-wholesale-request-function.php:26
authwp_ajax_ced_wholesale_process_requestaddons\wholesale-request\admin\class-wholesale-request-function.php:27
noprivwp_ajax_ced_wholesale_request_sendaddons\wholesale-request\admin\class-wholesale-user-register-addon.php:29
authwp_ajax_ced_wholesale_request_sendaddons\wholesale-request\admin\class-wholesale-user-register-addon.php:30
noprivwp_ajax_ced_save_wholesale_notificationaddons\wholesale-request\admin\class-wholesale-user-register-notification.php:30
authwp_ajax_ced_save_wholesale_notificationaddons\wholesale-request\admin\class-wholesale-user-register-notification.php:31
noprivwp_ajax_ced_wholesale_request_sendaddons\wholesale-request\include\class-wholesale-user-register-addon.php:29
authwp_ajax_ced_wholesale_request_sendaddons\wholesale-request\include\class-wholesale-user-register-addon.php:30

Shortcodes 2

[wholesale_request] addons\wholesale-request\admin\class-wholesale-user-register-addon.php:31
[wholesale_request] addons\wholesale-request\include\class-wholesale-user-register-addon.php:31
WordPress Hooks 91
actionadmin_initaddons\csv-import-export\class-cwsm-csv-import-export.php:36
actionadmin_initaddons\csv-import-export\class-cwsm-csv-import-export.php:37
actionadmin_enqueue_scriptsaddons\csv-import-export\class-cwsm-csv-import-export.php:39
filterwoocommerce_get_sections_ced_cwsm_pluginaddons\csv-import-export\class-cwsm-csv-import-export.php:41
filterwoocommerce_get_settings_ced_cwsm_pluginaddons\csv-import-export\class-cwsm-csv-import-export.php:42
filterced_cwsm_append_basic_sectionsaddons\csv-import-export\class-cwsm-csv-import-export.php:44
filterced_cwsm_append_basic_settingsaddons\csv-import-export\class-cwsm-csv-import-export.php:45
filterced_cwsm_ced_wura_wholesale_tax_module_settingaddons\hook-into-tax-setting\class-cwsm-user-addon-hook-into-tax-settings.php:28
filterwoocommerce_product_is_taxableaddons\hook-into-tax-setting\class-cwsm-user-addon-hook-into-tax-settings.php:29
actionadmin_enqueue_scriptsaddons\min-checkout-price-module\class-cwsm-min-checkout-price-module.php:33
actionwp_enqueue_scriptsaddons\min-checkout-price-module\class-cwsm-min-checkout-price-module.php:34
filterwoocommerce_get_sections_ced_cwsm_pluginaddons\min-checkout-price-module\class-cwsm-min-checkout-price-module.php:36
filterwoocommerce_get_settings_ced_cwsm_pluginaddons\min-checkout-price-module\class-cwsm-min-checkout-price-module.php:37
filterced_cwsm_append_basic_sectionsaddons\min-checkout-price-module\class-cwsm-min-checkout-price-module.php:39
filterced_cwsm_append_basic_settingsaddons\min-checkout-price-module\class-cwsm-min-checkout-price-module.php:40
actionwoocommerce_before_cartaddons\min-checkout-price-module\class-cwsm-min-checkout-price-module.php:44
filterwoocommerce_add_to_cart_fragmentsaddons\min-checkout-price-module\class-cwsm-min-checkout-price-module.php:45
actionwoocommerce_check_cart_itemsaddons\min-checkout-price-module\class-cwsm-min-checkout-price-module.php:46
actionadmin_enqueue_scriptsaddons\min-product-qty-module\class-cwsm-min-product-qty-module.php:34
filterwoocommerce_get_sections_ced_cwsm_pluginaddons\min-product-qty-module\class-cwsm-min-product-qty-module.php:36
filterwoocommerce_get_settings_ced_cwsm_pluginaddons\min-product-qty-module\class-cwsm-min-product-qty-module.php:37
filterced_cwsm_append_basic_sectionsaddons\min-product-qty-module\class-cwsm-min-product-qty-module.php:39
filterced_cwsm_append_basic_settingsaddons\min-product-qty-module\class-cwsm-min-product-qty-module.php:40
filterced_cwsm_add_options_to_delete_filter_decaddons\min-product-qty-module\class-cwsm-min-product-qty-module.php:42
filterced_cwsm_add_meta_keys_to_be_deleted_decaddons\min-product-qty-module\class-cwsm-min-product-qty-module.php:43
filterced_cwsm_add_options_to_delete_filteraddons\min-product-qty-module\class-cwsm-min-product-qty-module.php:44
filterced_cwsm_add_meta_keys_to_be_deletedaddons\min-product-qty-module\class-cwsm-min-product-qty-module.php:45
actionced_cwsm_add_simple_product_meta_fieldsaddons\min-product-qty-module\class-cwsm-min-product-qty-module.php:52
actionced_cwsm_save_added_simple_product_meta_fieldsaddons\min-product-qty-module\class-cwsm-min-product-qty-module.php:53
actionced_cwsm_add_variation_product_meta_fieldsaddons\min-product-qty-module\class-cwsm-min-product-qty-module.php:54
actionced_cwsm_save_added_variation_product_meta_fieldsaddons\min-product-qty-module\class-cwsm-min-product-qty-module.php:55
filterced_cwsm_avoid_wholesale_price_to_applyaddons\min-product-qty-module\class-cwsm-min-product-qty-module.php:57
filterced_cwsm_alter_common_fields_for_all_variationsaddons\min-product-qty-module\class-cwsm-min-product-qty-module.php:59
filterced_cwsm_isHaveToRender_ced_cwsm_min_qty_to_buyaddons\min-product-qty-module\class-cwsm-min-product-qty-module.php:61
filterced_cwsm_alter_auto_check_fieldsaddons\min-product-qty-module\class-cwsm-min-product-qty-module.php:63
actionced_cwsm_send_suggetion_sticky_formaddons\sticky-admin-suggestions\class-cwsm-sticky-send-suggestions.php:34
actionadmin_enqueue_scriptsaddons\sticky-admin-suggestions\class-cwsm-sticky-send-suggestions.php:35
actionced_cwsm_settings_tabs_arrayaddons\wholesale-advertisement\wholesale-advertisement-addon.php:24
filterced_cwsm_settings_ced_cwsm_wholesale_advertisementaddons\wholesale-advertisement\wholesale-advertisement-addon.php:25
filtermanage_edit-shop_order_columnsaddons\wholesale-request\admin\class-wholesale-order-coloumn.php:25
filtermanage_shop_order_posts_custom_columnaddons\wholesale-request\admin\class-wholesale-order-coloumn.php:26
filterrequestaddons\wholesale-request\admin\class-wholesale-order-coloumn.php:27
filtermanage_edit-shop_order_sortable_columnsaddons\wholesale-request\admin\class-wholesale-order-coloumn.php:28
actionwoocommerce_checkout_order_processedaddons\wholesale-request\admin\class-wholesale-order-coloumn.php:29
filterced_cwsm_append_basic_sectionsaddons\wholesale-request\admin\class-wholesale-price-tax.php:25
filterced_cwsm_append_basic_settingsaddons\wholesale-request\admin\class-wholesale-price-tax.php:26
filterwoocommerce_product_is_taxableaddons\wholesale-request\admin\class-wholesale-price-tax.php:27
actionadmin_enqueue_scriptsaddons\wholesale-request\admin\class-wholesale-request-function.php:25
actionwp_enqueue_scriptsaddons\wholesale-request\admin\class-wholesale-user-register-addon.php:26
actionwoocommerce_account_dashboardaddons\wholesale-request\admin\class-wholesale-user-register-addon.php:27
filterced_cwsm_append_basic_sectionsaddons\wholesale-request\admin\class-wholesale-user-register-addon.php:33
filterced_cwsm_append_basic_settingsaddons\wholesale-request\admin\class-wholesale-user-register-addon.php:34
filterwoocommerce_get_sections_ced_cwsm_pluginaddons\wholesale-request\admin\class-wholesale-user-register-notification.php:24
filterwoocommerce_get_settings_ced_cwsm_pluginaddons\wholesale-request\admin\class-wholesale-user-register-notification.php:25
filterced_cwsm_append_basic_sectionsaddons\wholesale-request\admin\class-wholesale-user-register-notification.php:27
filterced_cwsm_append_basic_settingsaddons\wholesale-request\admin\class-wholesale-user-register-notification.php:28
filtermanage_users_columnsaddons\wholesale-request\admin\class-wholesale-user-register-notification.php:32
filtermanage_users_custom_columnaddons\wholesale-request\admin\class-wholesale-user-register-notification.php:33
filtermanage_users_sortable_columnsaddons\wholesale-request\admin\class-wholesale-user-register-notification.php:34
filterrequestaddons\wholesale-request\admin\class-wholesale-user-register-notification.php:35
actionwp_enqueue_scriptsaddons\wholesale-request\include\class-wholesale-user-register-addon.php:26
actionwoocommerce_account_dashboardaddons\wholesale-request\include\class-wholesale-user-register-addon.php:27
filterced_cwsm_append_basic_sectionsaddons\wholesale-request\include\class-wholesale-user-register-addon.php:33
filterced_cwsm_append_basic_settingsaddons\wholesale-request\include\class-wholesale-user-register-addon.php:34
actionwidgets_initaddons\wholesale-request\widgets\wholesale-request-widgets.php:143
actionplugins_loadedclass-cwsm-core-class.php:120
filterplugin_row_metaclass-cwsm-core-class.php:124
actionwoocommerce_product_options_general_product_dataclass-cwsm-core-class.php:131
actionwoocommerce_process_product_meta_simpleclass-cwsm-core-class.php:133
actionwoocommerce_product_after_variable_attributesclass-cwsm-core-class.php:136
actionwoocommerce_save_product_variationclass-cwsm-core-class.php:138
actionwoocommerce_process_product_meta_variableclass-cwsm-core-class.php:139
actionwoocommerce_after_shop_loop_item_titleclass-cwsm-core-class.php:142
actionwoocommerce_single_product_summaryclass-cwsm-core-class.php:144
filterwoocommerce_available_variationclass-cwsm-core-class.php:146
actionwoocommerce_before_calculate_totalsclass-cwsm-core-class.php:149
actionadmin_enqueue_scriptsclass-cwsm-core-class.php:152
actionadmin_enqueue_scriptsclass-cwsm-core-class.php:154
actionadmin_menucore\adminSettingsCore\class-cwsm-admin-settings.php:18
actionafter_ced_cwsm_admin_settings_initiatedcore\adminSide\class-cwsm-basic-settings.php:167
filtermanage_edit-product_columnscore\adminSide\class-cwsm-productListingPage-customization.php:34
actionmanage_product_posts_custom_columncore\adminSide\class-cwsm-productListingPage-customization.php:35
actionwoocommerce_before_cartcore\frontEnd\class-cwsm-custom-cart-page-message.php:28
actionwp_enqueue_scriptscore\frontEnd\class-cwsm-custom-cart-page-message.php:29
filterwoocommerce_is_purchasablecore\frontEnd\class-cwsm-manage-add-to-cart-button.php:30
filterwoocommerce_variation_is_visiblecore\frontEnd\class-cwsm-manage-add-to-cart-button.php:33
filterwoocommerce_variation_is_purchasablecore\frontEnd\class-cwsm-manage-add-to-cart-button.php:34
actionbefore_woocommerce_initwholesale-market.php:73
actionadmin_initwholesale-market.php:212
actionadmin_noticeswholesale-market.php:218
actionadmin_enqueue_scriptswholesale-market.php:238
Maintenance & Trust

Wholesale Market Maintenance & Trust

Maintenance Signals

WordPress version tested6.5.8
Last updatedJul 11, 2024
PHP min version
Downloads22K

Community Trust

Rating92/100
Number of ratings21
Active installs200
Alternatives

Wholesale Market Alternatives

Whols – Wholesale Prices and B2B Store Solution for WooCommerce

Whols – Wholesale Prices and B2B Store Solution for WooCommerce

whols

A
100

WooCommerce Wholesale plugin for WooCommerce wholesale pricing. It is a b2b plugin for WooCommerce. WooCommerce B2B or B2B + B2C hybrid Store Solution

1K No CVEs
WholesaleX – B2B & Wholesale Plugin for WooCommerce with Wholesale Prices

WholesaleX – B2B & Wholesale Plugin for WooCommerce with Wholesale Prices

wholesalex

A
97

Best WooCommerce wholesale plugin with features like b2b wholesale prices, wholesale order form, tiered pricing, catalog mode, dynamic pricing, etc!

2K 4 CVEs
Wholesale for WooCommerce

Wholesale for WooCommerce

woo-wholesale-pricing

A
100

Wholesale for WooCommerce—This Wholesale Plugin Helps B2B and B2C Businesses Streamline Wholesale Products, Pricing, and User Roles, Automating their &hellip;

1K No CVEs
Premmerce Wholesale Pricing for WooCommerce

Premmerce Wholesale Pricing for WooCommerce

premmerce-woocommerce-wholesale-pricing

A
93

Premmerce Wholesale Pricing for WooCommerce is a plugin that allows you to add individual wholesale prices or other price types for WooCommerce produc &hellip;

500 4 CVEs
Wholesale Customers For WooCommerce

Wholesale Customers For WooCommerce

wholesale-customers-for-woo

A
100

The simplest way to sell wholesale through WooCommerce. Set wholesale prices, manage B2B customers, and control the buying experience.

60 No CVEs
Developer Profile

Wholesale Market Developer Profile

cedcommerce

25 plugins · 5K total installs

67
trust score
Avg Security Score
83/100
Avg Patch Time
204 days
View full developer profile
Detection Fingerprints

How We Detect Wholesale Market

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wholesale-market/assets/css/style.css/wp-content/plugins/wholesale-market/assets/js/custom.js/wp-content/plugins/wholesale-market/assets/js/jquery.custom.js/wp-content/plugins/wholesale-market/assets/js/bootstrap.bundle.min.js
Script Paths
/wp-content/plugins/wholesale-market/assets/js/bootstrap.bundle.min.js/wp-content/plugins/wholesale-market/assets/js/jquery.custom.js/wp-content/plugins/wholesale-market/assets/js/custom.js
Version Parameters
wholesale-market/assets/css/style.css?ver=wholesale-market/assets/js/custom.js?ver=wholesale-market/assets/js/jquery.custom.js?ver=wholesale-market/assets/js/bootstrap.bundle.min.js?ver=

HTML / DOM Fingerprints

CSS Classes
ced_cwsm_wholesale_customer
HTML Comments
<!-- Code to give setting option on Plugins Section begins... --><!-- code to give setting option on Plugins Section ends... --><!-- assigning customer role to wholesale-users begins... --><!-- assigning customer role to wholesale-users ends... -->+3 more
Data Attributes
data-wholesale-pricedata-wholesale-min-qtydata-wholesale-role
JS Globals
cwsm_common_obj
Shortcode Output
[ced_cwsm_wholesale_price]
FAQ

Frequently Asked Questions about Wholesale Market