WP-Safety

wiseCampaign – WooCommerce Conversions Made Easy Security & Risk Analysis

wordpress.org/plugins/wisecampaign

Turn visitors into buyers faster with banners, urgency timers, direct checkout, discounts, popups & mini-cart.

40 active installs v1.1.14 PHP 7.4+ WP 5.4+ Updated Jan 6, 2026
announcementsbannercountdownsales-notificationswoocommerce-discounts
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is wiseCampaign – WooCommerce Conversions Made Easy Safe to Use in 2026?

Generally Safe

Score 100/100

wiseCampaign – WooCommerce Conversions Made Easy has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago
Risk Assessment

The 'wisecampaign' v1.1.14 plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices regarding dangerous functions, file operations, and a high percentage of properly escaped outputs. The absence of known CVEs and taint flows with unsanitized paths is also a strong indicator of a generally secure codebase. However, there are significant concerns regarding its attack surface. A substantial portion of its entry points, specifically 13 out of 29, lack proper authentication or permission checks. This includes all 13 REST API routes and 0 of the AJAX handlers. While the total number of SQL queries is moderate, a concerning 67% are not using prepared statements, which could lead to SQL injection vulnerabilities if user input is not strictly validated and sanitized before being used in these queries.

The vulnerability history is clean, showing no recorded CVEs. This is a positive sign, suggesting the developers have a good track record or the plugin has not been a target of significant exploitation. However, the presence of numerous unprotected entry points and the use of raw SQL queries in a significant percentage of its database interactions present a tangible risk that could be exploited regardless of past history. The plugin's strengths lie in its output sanitization and lack of malicious function usage, but these are overshadowed by the considerable exposure of its REST API and the potential for SQL injection due to un-prepared statements.

Key Concerns

  • REST API routes without permission callbacks
  • SQL queries not using prepared statements
  • AJAX handlers without auth checks
Vulnerabilities
None known

wiseCampaign – WooCommerce Conversions Made Easy Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

wiseCampaign – WooCommerce Conversions Made Easy Code Analysis

Dangerous Functions
0
Raw SQL Queries
4
2 prepared
Unescaped Output
39
216 escaped
Nonce Checks
11
Capability Checks
5
File Operations
0
External Requests
4
Bundled Libraries
0

SQL Query Safety

33% prepared6 total queries

Output Escaping

85% escaped255 total outputs
Data Flows
All sanitized

Data Flow Analysis

2 flows
ajax_save_settings (includes\features\wiseCart.php:502)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
13 unprotected

wiseCampaign – WooCommerce Conversions Made Easy Attack Surface

Entry Points29
Unprotected13

AJAX Handlers 15

authwp_ajax_wisecampaign_dc_save_settingsincludes\features\direct-checkout.php:551
authwp_ajax_wisecampaign_toggle_statusincludes\features\SalesNotification.php:20
authwp_ajax_wisecampaign_save_all_settingsincludes\features\SalesNotification.php:21
authwp_ajax_wisecampaign_reset_settingsincludes\features\SalesNotification.php:22
authwp_ajax_wisecart_save_settingsincludes\features\wiseCart.php:25
authwp_ajax_wisecart_apply_couponincludes\features\wiseCart.php:34
noprivwp_ajax_wisecart_apply_couponincludes\features\wiseCart.php:35
authwp_ajax_wisecart_update_quantityincludes\features\wiseCart.php:36
noprivwp_ajax_wisecart_update_quantityincludes\features\wiseCart.php:37
authwp_ajax_get_wisecart_contentincludes\features\wiseCart.php:39
noprivwp_ajax_get_wisecart_contentincludes\features\wiseCart.php:40
authwp_ajax_wisecart_load_checkoutincludes\features\wiseCart.php:42
noprivwp_ajax_wisecart_load_checkoutincludes\features\wiseCart.php:43
authwp_ajax_wisecart_mark_success_viewedincludes\features\wiseCart.php:46
noprivwp_ajax_wisecart_mark_success_viewedincludes\features\wiseCart.php:47

REST API Routes 13

GET/wp-json/wise-campaign-plugin/v1/settingincludes\Classes\Menu.php:37
POST/wp-json/wise-campaign-plugin/v1/settingincludes\Classes\Menu.php:45
GET/wp-json/wisecampaign-plugin-theme/v1/settingincludes\Classes\Menu.php:55
POST/wp-json/wisecampaign-plugin-theme/v1/settingincludes\Classes\Menu.php:63
GET/wp-json/wise-campaign-plugin/v1/plugin-versionincludes\Classes\Menu.php:73
GET/wp-json/wise-campaign-plugin/v1/stockbar-statusincludes\Classes\StockBar.php:123
POST/wp-json/wise-campaign-plugin/v1/stockbar-statusincludes\Classes\StockBar.php:130
GET/wp-json/wise-campaign-plugin/v1/stockbarsincludes\Classes\StockBar.php:137
POST/wp-json/wise-campaign-plugin/v1/stockbarsincludes\Classes\StockBar.php:144
POST/wp-json/wise-campaign-plugin/v1/stockbars/settingincludes\Classes\StockBar.php:151
GET/wp-json/wise-campaign-plugin/v1/stockbars/settingincludes\Classes\StockBar.php:158
POST/wp-json/wise-campaign-plugin/v1/stockbars/set-activeincludes\Classes\StockBar.php:165
GET/wp-json/wise-campaign-plugin/v1/pro-statusincludes\Classes\StockBar.php:171

Shortcodes 1

[wise_banner] includes\Classes\Menu.php:21
WordPress Hooks 36
actionrest_api_initincludes\Classes\Banner.php:29
actionadmin_menuincludes\Classes\Menu.php:16
actionadmin_menuincludes\Classes\Menu.php:17
actionadmin_headincludes\Classes\Menu.php:18
filterplugin_action_links_wisecampaign/wisecampaign.phpincludes\Classes\Menu.php:19
actionrest_api_initincludes\Classes\Menu.php:20
actionwp_footerincludes\Classes\Menu.php:24
actionwp_headincludes\Classes\Menu.php:28
actionadmin_enqueue_scriptsincludes\Classes\Register.php:14
actionwp_enqueue_scriptsincludes\Classes\Register.php:16
actionwp_enqueue_scriptsincludes\Classes\Register.php:17
actionrest_api_initincludes\Classes\StockBar.php:20
actionwoocommerce_before_add_to_cart_buttonincludes\Classes\StockBar.php:43
actionwoocommerce_after_shop_loop_item_titleincludes\Classes\StockBar.php:48
actionadmin_initincludes\features\direct-checkout.php:87
actionadmin_enqueue_scriptsincludes\features\direct-checkout.php:204
actionadmin_headincludes\features\direct-checkout.php:388
actionwp_enqueue_scriptsincludes\features\direct-checkout.php:425
actionwoocommerce_after_add_to_cart_buttonincludes\features\direct-checkout.php:435
actionwoocommerce_after_shop_loop_itemincludes\features\direct-checkout.php:438
actionwpincludes\features\direct-checkout.php:441
actionadmin_initincludes\features\SalesNotification.php:18
actionadmin_enqueue_scriptsincludes\features\SalesNotification.php:19
actionwp_enqueue_scriptsincludes\features\SalesNotification.php:26
actionwp_footerincludes\features\SalesNotification.php:27
actionadmin_initincludes\features\wiseCart.php:23
actionadmin_enqueue_scriptsincludes\features\wiseCart.php:24
actionwp_headincludes\features\wiseCart.php:28
actionwp_enqueue_scriptsincludes\features\wiseCart.php:29
actionwp_footerincludes\features\wiseCart.php:30
filterwoocommerce_add_to_cart_fragmentsincludes\features\wiseCart.php:31
filterwoocommerce_add_to_cart_redirectincludes\features\wiseCart.php:32
actiontemplate_redirectincludes\features\wiseCart.php:33
actionwoocommerce_thankyouincludes\features\wiseCart.php:45
actionbefore_woocommerce_initwisecampaign.php:77
actionplugins_loadedwisecampaign.php:142
Maintenance & Trust

wiseCampaign – WooCommerce Conversions Made Easy Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 6, 2026
PHP min version7.4
Downloads3K

Community Trust

Rating100/100
Number of ratings4
Active installs40
Alternatives

wiseCampaign – WooCommerce Conversions Made Easy Alternatives

Announcement & Notification Banner – Bulletin

Announcement & Notification Banner – Bulletin

bulletin-announcements

A
96

Publish a slick announcement banner notice across your website or Woocommerce shop. Extend with icons, countdowns, placement rules and more!

2K 5 CVEs
PromoBar by BestWebSoft – Customizable Advertisement Banner for WordPress Website

PromoBar by BestWebSoft – Customizable Advertisement Banner for WordPress Website

promobar

A
100

Add and display HTML advertisement banner on WordPress website. Customize bar styles and appearance. Add countdown timer to your WordPress website.

60 1 CVE
Smart Countdown Scarcity

Smart Countdown Scarcity

smart-countdown-scarcity

A
100

Display time-limited, product-specific sale banners on WooCommerce products to create urgency and increase conversions.

0 No CVEs
CookieYes – Cookie Banner for Cookie Consent (Easy to setup GDPR/CCPA Compliant Cookie Notice)

CookieYes – Cookie Banner for Cookie Consent (Easy to setup GDPR/CCPA Compliant Cookie Notice)

cookie-law-info

A
100

Easily set up cookie banner or notice in WordPress, and policy pages for compliance with global cookie laws (GDPR, DSGVO, RGPD, CCPA/CPRA, etc).

1.0M 1 CVE
CookieAdmin – Cookie Consent Banner

CookieAdmin – Cookie Consent Banner

cookieadmin

A
100

CookieAdmin provides easy to configure cookie consent banner with GDPR and CCPA law support.

300K No CVEs
Developer Profile

wiseCampaign – WooCommerce Conversions Made Easy Developer Profile

wisemattic

1 plugin · 40 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect wiseCampaign – WooCommerce Conversions Made Easy

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wisecampaign/assets/css/style.css/wp-content/plugins/wisecampaign/assets/js/script.js/wp-content/plugins/wisecampaign/assets/js/admin/admin.js/wp-content/plugins/wisecampaign/assets/css/admin/admin.css/wp-content/plugins/wisecampaign/includes/features/assets/css/sales-notification.css/wp-content/plugins/wisecampaign/includes/features/assets/js/sales-notification.js/wp-content/plugins/wisecampaign/includes/features/assets/js/wisecart.js/wp-content/plugins/wisecampaign/includes/features/assets/css/wisecart.css+1 more
Script Paths
/wp-content/plugins/wisecampaign/assets/js/script.js/wp-content/plugins/wisecampaign/assets/js/admin/admin.js/wp-content/plugins/wisecampaign/includes/features/assets/js/sales-notification.js/wp-content/plugins/wisecampaign/includes/features/assets/js/wisecart.js/wp-content/plugins/wisecampaign/includes/features/assets/js/direct-checkout.js
Version Parameters
wisecampaign/assets/css/style.css?ver=wisecampaign/assets/js/script.js?ver=wisecampaign/assets/js/admin/admin.js?ver=wisecampaign/assets/css/admin/admin.css?ver=wisecampaign/includes/features/assets/css/sales-notification.css?ver=wisecampaign/includes/features/assets/js/sales-notification.js?ver=wisecampaign/includes/features/assets/js/wisecart.js?ver=wisecampaign/includes/features/assets/css/wisecart.css?ver=wisecampaign/includes/features/assets/js/direct-checkout.js?ver=

HTML / DOM Fingerprints

CSS Classes
wisecampaign-sales-notificationwisecampaign-sales-notification-containerwisecampaign-stockbarwisecampaign-stockbar-containerwisecampaign-direct-checkout-form
Data Attributes
data-wisecampaign-iddata-wisecampaign-type
JS Globals
WisecampaignAjax
FAQ

Frequently Asked Questions about wiseCampaign – WooCommerce Conversions Made Easy