Does Woo Ajax Filter have any unpatched vulnerabilities?

No. All known vulnerabilities in Woo Ajax Filter have been patched as of the latest data update. Always keep the plugin updated to the latest version.

How often is Woo Ajax Filter updated?

Woo Ajax Filter was last updated on Unknown. Frequent updates are generally a positive security signal.

What is Woo Ajax Filter's security score?

Woo Ajax Filter has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Woo Ajax Filter Security & Risk Analysis

wordpress.org/plugins/woo-ajax-filter

Woo Ajax Filter is a plugin allows you create ajax shop. It supports default widget of Woocommerce.

10 active installs v1.0.0 PHP + WP 3.3+ Updated Unknown

advanced-product-filtersajaxajax-filtered-navajax-filtered-navigationajax-navigation

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Woo Ajax Filter Safe to Use in 2026?

Generally Safe

Score 100/100

Woo Ajax Filter has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The "woo-ajax-filter" v1.0.0 plugin presents a mixed security posture. On the positive side, the absence of known CVEs and no critical or high-severity taint flows are excellent indicators. The plugin also demonstrates good practices by utilizing prepared statements for all SQL queries and not performing any file operations or external HTTP requests, which significantly reduces common attack vectors. However, there are notable concerns. The plugin has a complete lack of nonce checks and capability checks. Coupled with the fact that none of the identified AJAX handlers or REST API routes have authentication checks, this creates a significant attack surface that is unprotected. Furthermore, a very low percentage (13%) of output escaping is a critical weakness, suggesting a high risk of Cross-Site Scripting (XSS) vulnerabilities, especially given the presence of eight shortcodes which are common entry points for user-supplied data.

Key Concerns

Missing nonce checks on all entry points
Missing capability checks on all entry points
Low output escaping percentage (13%)
No authentication on AJAX handlers
No permission callbacks on REST API routes

Vulnerabilities

None known

Woo Ajax Filter Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Woo Ajax Filter Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

10 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

13% escaped79 total outputs

Attack Surface

Woo Ajax Filter Attack Surface

Entry Points8

Unprotected0

Shortcodes 8

[nwaf_clear] elements\clear\clear.php:8

[nwaf_active_filter] elements\clear\clear.php:9

[nwaf] elements\element.php:10

[nwaf_price] elements\price\price.php:6

[nwaf_rating] elements\rating\rating.php:8

[nwaf_soft] elements\soft\soft.php:6

[nwaf_tags] elements\tags\tags.php:8

[nwaf_taxonomy] elements\taxonomy\taxonomy.php:8

WordPress Hooks 22

actionadmin_initadmin\classes\options.php:13

actionadmin_menuadmin\classes\options.php:14

actionadmin_enqueue_scriptsadmin\classes\options.php:15

filterplugin_row_metac4d-woo-ajax-filter.php:29

actionc4d-plugin-manager-sectionc4d-woo-ajax-filter.php:45

actionnwaf_admin_element_formclasses\element.php:7

filterwoocommerce_product_categories_widget_argselements\category\category.php:9

actionwp_enqueue_scriptselements\category\category.php:11

actionnwaf_admin_element_formelements\clear\clear.php:11

actionwp_enqueue_scriptselements\menu\menu.php:6

actionwp_enqueue_scriptselements\price\price.php:8

actionnwaf_admin_element_formelements\rating\rating.php:10

actionwp_enqueue_scriptselements\rating\rating.php:12

filterwoocommerce_product_query_meta_queryelements\rating\rating.php:14

actionwp_enqueue_scriptselements\soft\soft.php:8

actionwp_enqueue_scriptselements\tags\tags.php:10

actionnwaf_admin_element_formelements\taxonomy\taxonomy.php:10

actionadmin_enqueue_scriptselements\taxonomy\taxonomy.php:12

actionwp_enqueue_scriptselements\taxonomy\taxonomy.php:14

actionwp_enqueue_scriptsfrontsite\frontsite.php:7

actionwoocommerce_before_main_contentfrontsite\frontsite.php:8

actionwoocommerce_after_main_contentfrontsite\frontsite.php:9

Maintenance & Trust

Woo Ajax Filter Maintenance & Trust

Maintenance Signals

WordPress version tested

Last updatedUnknown

PHP min version

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Woo Ajax Filter Alternatives

OOW PJAX

oow-pjax

100

Transform your WordPress site into a fast, seamless PJAX (PushState + AJAX) experience without jQuery.

30 No CVEs

Maxi Woo Ajax Navigation

maxi-woo-ajax-navigation

100

This plugin allows easy insert Woocommerce products list with Ajax navigation, category and order filter via shortcode.

10 No CVEs

AJAX Admin Navigation Sidebar AJAX

ajax-admin-navigation-sidebar-menus-by-ajax

100

The AJAX Admin Navigation Sidebar plugin improves the WordPress admin experience by enabling AJAX-based navigation. It reduces server load by preventi …

0 No CVEs

Ivory Search – WordPress Search Plugin

add-search-to-menu

Advanced WordPress custom search plugin. Provides Search Form Customizer, WooCommerce Search, AJAX Search & Live Search support!

100K 11 CVEs

FiboSearch – Ajax Search for WooCommerce

ajax-search-for-woocommerce

The most popular WooCommerce product search plugin. Gives your users a well-designed advanced AJAX search bar with live search suggestions.

100K 3 CVEs

Developer Profile

Woo Ajax Filter Developer Profile

coffee4dev

18 plugins · 400 total installs

trust score

Avg Security Score

86/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Woo Ajax Filter

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/woo-ajax-filter/admin/assets/css/admin.css/wp-content/plugins/woo-ajax-filter/admin/assets/js/default.js/wp-content/plugins/woo-ajax-filter/elements/category/assets/frontsite.js/wp-content/plugins/woo-ajax-filter/elements/category/assets/default.css/wp-content/plugins/woo-ajax-filter/elements/menu/assets/default.js/wp-content/plugins/woo-ajax-filter/elements/price/assets/default.js/wp-content/plugins/woo-ajax-filter/elements/price/assets/default.css/wp-content/plugins/woo-ajax-filter/elements/rating/assets/frontsite.js+1 more

HTML / DOM Fingerprints

CSS Classes

nwaf-admin-stylenwaf-admin-jsnwaf-category-jsnwaf-category-cssnwaf-menu-jsnwaf-price-jsnwaf-price-cssnwaf-rating-js+1 more

JS Globals

nwaf_admin_stylenwaf_admin_jsnwaf_category_jsnwaf_category_cssnwaf_menu_jsnwaf_price_js+3 more

Shortcode Output

[nwaf_price][nwaf_rating]

FAQ