WP-Safety

Ajax add to cart for WooCommerce Security & Risk Analysis

wordpress.org/plugins/woo-ajax-add-to-cart

Ajax add to cart for WooCommerce products

10K active installs v2.6.1 PHP 5.6+ WP 4.7+ Updated Mar 11, 2026
add-to-cartwoocommercewoocommerce-ajaxwoocommerce-ajax-cart
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Ajax add to cart for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Ajax add to cart for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 23d ago
Risk Assessment

The "woo-ajax-add-to-cart" plugin, version 2.6.1, exhibits a generally positive security posture based on the provided static analysis. The absence of AJAX handlers, REST API routes, shortcodes, and cron events with unprotected entry points is a significant strength. The plugin also demonstrates good practices with a high percentage of properly escaped output and robust use of capability checks. The presence of two nonce checks further enhances its security by protecting against CSRF attacks.

However, a notable concern lies in the handling of SQL queries. Both SQL queries identified are not using prepared statements, which represents a significant risk for potential SQL injection vulnerabilities. While no taint analysis revealed unsanitized paths, the lack of prepared statements means that any user-supplied data incorporated into these queries could be exploited. The single external HTTP request, while not inherently a vulnerability, warrants attention to ensure it is made securely and to a trusted endpoint.

Given the lack of any recorded vulnerabilities or CVEs historically, the plugin appears to have a good track record. This, combined with the strong presence of security features like nonce and capability checks, suggests a developer who is mindful of security. Despite the raw SQL query issue, the overall security posture is decent, but the identified SQL risk requires immediate attention.

Key Concerns

  • Raw SQL queries without prepared statements
Vulnerabilities
None known

Ajax add to cart for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Ajax add to cart for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
2
0 prepared
Unescaped Output
3
76 escaped
Nonce Checks
2
Capability Checks
5
File Operations
0
External Requests
1
Bundled Libraries
0

SQL Query Safety

0% prepared2 total queries

Output Escaping

96% escaped79 total outputs
Attack Surface

Ajax add to cart for WooCommerce Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 23
actionwp_default_scriptsjetpack_vendor\automattic\jetpack-assets\actions.php:11
actionplugins_loadedjetpack_vendor\automattic\jetpack-assets\actions.php:12
filterwp_resource_hintsjetpack_vendor\automattic\jetpack-assets\src\class-assets.php:182
actionwp_loadedjetpack_vendor\automattic\jetpack-assets\src\class-script-data.php:38
actionenqueue_block_editor_assetsjetpack_vendor\automattic\jetpack-assets\src\class-script-data.php:52
actionshutdownjetpack_vendor\automattic\jetpack-status\src\class-errors.php:38
actionwp_network_dashboard_setupjetpack_vendor\quadlayers\wp-dashboard-widget-news\src\Load.php:36
actionwp_dashboard_setupjetpack_vendor\quadlayers\wp-dashboard-widget-news\src\Load.php:37
actionadmin_noticesjetpack_vendor\quadlayers\wp-notice-plugin-promote\src\Load.php:95
actionadmin_noticesjetpack_vendor\quadlayers\wp-notice-plugin-promote\src\Load.php:104
actionadmin_noticesjetpack_vendor\quadlayers\wp-notice-plugin-required\src\Load.php:40
filterinstall_plugins_tabsjetpack_vendor\quadlayers\wp-plugin-install-tab\src\Load.php:33
actioninstall_plugins_quadlayersjetpack_vendor\quadlayers\wp-plugin-install-tab\src\Load.php:34
actionplugins_loadedjetpack_vendor\quadlayers\wp-plugin-suggestions\src\Page.php:47
actionadmin_menujetpack_vendor\quadlayers\wp-plugin-suggestions\src\Page.php:50
actionadmin_initjetpack_vendor\quadlayers\wp-plugin-suggestions\src\Page.php:55
filternetwork_admin_urljetpack_vendor\quadlayers\wp-plugin-suggestions\src\Page.php:56
filterself_admin_urljetpack_vendor\quadlayers\wp-plugin-suggestions\src\Table.php:52
filternetwork_admin_urljetpack_vendor\quadlayers\wp-plugin-suggestions\src\Table.php:53
filterplugin_row_metajetpack_vendor\quadlayers\wp-plugin-table-links\src\Load.php:36
actioninitvendor_packages\wp-notice-plugin-promote.php:4
actioninitvendor_packages\wp-plugin-table-links.php:4
actionbefore_woocommerce_initwoo-ajax-add-to-cart.php:56
Maintenance & Trust

Ajax add to cart for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 11, 2026
PHP min version5.6
Downloads599K

Community Trust

Rating94/100
Number of ratings77
Active installs10K
Alternatives

Ajax add to cart for WooCommerce Alternatives

Direct Checkout for WooCommerce

Direct Checkout for WooCommerce

woocommerce-direct-checkout

A
100

Formerly "WooCommerce Direct Checkout". This plugin simplifies the entire WooCommerce checkout process to improve your sales rate.

80K No CVEs
NC Ajax Cart for woocommerce

NC Ajax Cart for woocommerce

nc-ajax-cart-for-woocommerce

A
85

This plugin allows you to add ajax driven drop down cart for your woocommerce store using shortcode [nc_ajax_cart]

30 No CVEs
Ajax instant buy checkout for WooCommerce

Ajax instant buy checkout for WooCommerce

bss-ajax-checkout-instant

A
92

Ajax instant buy checkout for WooCommerce

0 No CVEs
Add to Cart Button Custom Text

Add to Cart Button Custom Text

add-to-cart-button-custom-text

A
100

Allows to customize the Add to cart button text in WooCommerce by product type in both archive and single product pages.

10K No CVEs
WPC AJAX Add to Cart for WooCommerce

WPC AJAX Add to Cart for WooCommerce

wpc-ajax-add-to-cart

A
100

It is a highly effective plugin for helping online stores cut down the site’s loading time, improve the user experience, and increase sales.

10K No CVEs
Developer Profile

Ajax add to cart for WooCommerce Developer Profile

quadlayers

17 plugins · 654K total installs

76
trust score
Avg Security Score
96/100
Avg Patch Time
501 days
View full developer profile
Detection Fingerprints

How We Detect Ajax add to cart for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/woo-ajax-add-to-cart/assets/css/frontend.css/wp-content/plugins/woo-ajax-add-to-cart/assets/js/frontend.js
Script Paths
/wp-content/plugins/woo-ajax-add-to-cart/assets/js/frontend.js
Version Parameters
woo-ajax-add-to-cart/assets/css/frontend.css?ver=woo-ajax-add-to-cart/assets/js/frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
qlwcajax-add-to-cart-buttonqlwcajax-buttonqlwcajax-cart-contentqlwcajax-add-to-cart-icon
HTML Comments
<!-- QLWCAJAX START --><!-- QLWCAJAX END -->
Data Attributes
data-qlwcajax-add-to-cart
JS Globals
qlwcajax_frontend_params
REST Endpoints
/wp-json/qlwcajax/v1/add-to-cart
Shortcode Output
[qlwcajax_add_to_cart_button][qlwcajax_cart_icon]
FAQ

Frequently Asked Questions about Ajax add to cart for WooCommerce