Does Wishlist ShibainuIT have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Wishlist ShibainuIT compatible with WordPress 5.7.15?

According to WordPress.org data, Wishlist ShibainuIT 2.00 has been tested up to WordPress 5.7.15. Check the plugin's changelog for the latest compatibility information.

Is Wishlist ShibainuIT compatible with PHP 7.0+?

Wishlist ShibainuIT requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Wishlist ShibainuIT updated?

Wishlist ShibainuIT was last updated on Sep 25, 2021. Frequent updates are generally a positive security signal.

What is Wishlist ShibainuIT's security score?

Wishlist ShibainuIT has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Wishlist ShibainuIT Security & Risk Analysis

wordpress.org/plugins/wishlist-shibainuit

Its a woocommerce Wishlist plugin with full customization option.

10 active installs v2.00 PHP 7.0+ WP 5.0+ Updated Sep 25, 2021

custom-wishlistshibainushibainuit-wishlistwishlistwoocommerce-wishlist

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Wishlist ShibainuIT Safe to Use in 2026?

Generally Safe

Score 85/100

Wishlist ShibainuIT has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago

Risk Assessment

The "wishlist-shibainuit" plugin v2.00 exhibits a generally good security posture, with several key strengths. The absence of any recorded vulnerabilities, including critical or high severity ones, and no known unpatched CVEs suggest a mature and well-maintained codebase. The static analysis also reveals positive security practices such as 100% of SQL queries using prepared statements, which effectively mitigates SQL injection risks. Furthermore, the plugin has no external HTTP requests and zero file operations, reducing the attack surface related to external dependencies and filesystem manipulation.

However, there are areas that warrant attention. The plugin has 58 total outputs with only 55% properly escaped. This indicates a potential risk of Cross-Site Scripting (XSS) vulnerabilities, as unsanitized output can be rendered by the browser, allowing malicious scripts to execute. While the static analysis did not detect critical or high severity taint flows, the significant portion of unescaped output is a concern that could be exploited in certain scenarios. The presence of 2 nonce checks is a positive sign for AJAX handlers, but the fact that there are 3 AJAX handlers without explicit authentication checks (even though stated as 0 unprotected entry points) suggests a potential oversight in securing all AJAX actions. A more robust approach to access control for all entry points would further strengthen its security.

In conclusion, "wishlist-shibainuit" v2.00 demonstrates a strong foundation with its avoidance of known vulnerabilities and secure SQL practices. The primary area for improvement lies in enhancing output escaping to prevent potential XSS attacks. While the attack surface appears protected based on the provided data, a thorough review of authentication and capability checks for all AJAX handlers is recommended to ensure complete security. The lack of vulnerability history is a positive indicator, but the unescaped output remains a tangible risk that should be addressed.

Key Concerns

Significant portion of output unescaped
AJAX handlers without explicit auth checks

Vulnerabilities

None known

Wishlist ShibainuIT Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Wishlist ShibainuIT Release Timeline

v2.00Current

v1.00

Code Analysis

Analyzed Apr 16, 2026

Wishlist ShibainuIT Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

32 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

55% escaped58 total outputs

Data Flows · Security

All sanitized

Data Flow Analysis

2 flows

sit_update_wishlist_settings (inc/ajax.php:126)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Wishlist ShibainuIT Attack Surface

Entry Points4

Unprotected0

AJAX Handlers 3

authwp_ajax_sit_update_wishlistinc/ajax.php:4

noprivwp_ajax_sit_update_wishlistinc/ajax.php:5

authwp_ajax_sit_update_wishlist_settingsinc/ajax.php:124

Shortcodes 1

[SIT-WISHLIST-BUTTON] inc/add-to-wishlist-btn.php:16

WordPress Hooks 11

actioninitinc/add-endpoint.php:7

filterquery_varsinc/add-endpoint.php:12

actionwoocommerce_account_sit-wishlist_endpointinc/add-endpoint.php:18

filterwoocommerce_account_menu_itemsinc/add-endpoint.php:30

actionwp_footerinc/add-modal-frontend.php:4

actionwoocommerce_after_add_to_cart_buttoninc/add-to-wishlist-btn.php:8

filterwoocommerce_locate_core_templateinc/overwrite-templates.php:3

filterwoocommerce_locate_templateinc/overwrite-templates.php:4

actionadmin_menuinc/settings-page.php:8

actionwp_enqueue_scriptswishlist-shibainuit.php:34

actionadmin_enqueue_scriptswishlist-shibainuit.php:35

Maintenance & Trust

Wishlist ShibainuIT Maintenance & Trust

Maintenance Signals

WordPress version tested5.7.15

Last updatedSep 25, 2021

PHP min version7.0

Downloads865

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Wishlist ShibainuIT Alternatives

YITH WooCommerce Wishlist

yith-woocommerce-wishlist

YITH WooCommerce Wishlist add all Wishlist features to your website. Needs WooCommerce to work. WooCommerce 10.7.x compatible.

500K 8 CVEs

TI WooCommerce Wishlist

ti-woocommerce-wishlist

Boost your sales with a free WooCommerce Wishlist feature. Let your customers save and share their favorite products!

100K 9 CVEs

WCBoost – Wishlist

wcboost-wishlist

100

WCBoost - Wishlist lets shoppers create wishlists for later purchases, reminding them of desired items, driving repeat visits and boost sales.

40K No CVEs

QODE Wishlist for WooCommerce

qode-wishlist-for-woocommerce

Qode Wishlist for WooCommerce plugin is the ideal toolkit for letting your visitors save & share comprehensive lists with their products of interest.

10K 1 CVE

MoreConvert Wishlist for WooCommerce

smart-wishlist-for-more-convert

Free: WooCommerce Wishlist, Email automation, Elementor and Premium: Back-in-Stock Notifier, Save For Later, Multi-lists, reports, Email Marketing

9K 6 CVEs

Developer Profile

Wishlist ShibainuIT Developer Profile

coder618

2 plugins · 20 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Wishlist ShibainuIT

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wishlist-shibainuit/dist/css/style.css/wp-content/plugins/wishlist-shibainuit/dist/js/theme.js/wp-content/plugins/wishlist-shibainuit/dist/js/sit-admin.js

Version Parameters

wishlist-shibainuit/dist/css/style.css?ver=wishlist-shibainuit/dist/js/theme.js?ver=wishlist-shibainuit/dist/js/sit-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

sit-wishlist-btn-wrappersit-wishlist-btn

Data Attributes

data-noncedata-post-iddata-actiondata-admin-url

Shortcode Output

[SIT-WISHLIST-BUTTON]

FAQ