WP-Safety

Audio Preview for WooCommerce Security & Risk Analysis

wordpress.org/plugins/woo-audio-preview

Add professional audio previews to your WooCommerce products. Let customers listen before they buy with support for all major audio formats and CDN se …

200 active installs v1.5.0 PHP 7.4+ WP 5.0+ Updated Jun 24, 2025
audiomusicpreviewsoundcloudwoocommerce
100
A · Safe
CVEs total1
Unpatched0
Last CVEApr 13, 2022
Plugin page Download
Safety Verdict

Is Audio Preview for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Audio Preview for WooCommerce has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

1 known CVELast CVE: Apr 13, 2022Updated 10mo ago
Risk Assessment

The 'woo-audio-preview' plugin, version 1.5.0, exhibits a mixed security posture. While it demonstrates good practices in several areas, such as the exclusive use of prepared statements for SQL queries and a high percentage of properly escaped output, there are notable concerns. The static analysis reveals a significant attack surface with 3 AJAX handlers, 2 of which lack authentication checks. This presents a potential avenue for attackers to interact with the plugin's functionality without proper authorization. Taint analysis shows no critical or high-severity issues, indicating that code flows, as analyzed, do not appear to be immediately exploitable for serious compromise. However, the presence of one historical medium-severity vulnerability, specifically related to missing authorization, in 2022 is a red flag. This pattern suggests a recurring weakness in how the plugin handles user permissions for certain functionalities. Although there are no currently unpatched vulnerabilities, the past incident underscores the need for vigilance regarding authorization checks, especially on exposed entry points like AJAX handlers.

In conclusion, the plugin has strengths in its secure handling of database interactions and output. However, the unprotected AJAX endpoints are a clear vulnerability. The historical vulnerability reinforces the importance of a comprehensive review of all entry points for proper authorization. Developers should prioritize addressing the unauthenticated AJAX handlers to mitigate immediate risks and to prevent future occurrences of authorization-related vulnerabilities.

Key Concerns

  • Unprotected AJAX handlers
  • Past medium severity vulnerability (Missing Authorization)
Vulnerabilities
1 published

Audio Preview for WooCommerce Security Vulnerabilities

CVEs by Year

1 CVE in 2022
2022
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

WF-74d222b9-22e9-485d-8111-d3bee505b200-woo-audio-previewmedium · 6.3Missing Authorization

Wbcom Designs Plugins (Various Versions) - Arbitrary Plugin Installation, Activation and Deactivation

Apr 13, 2022 Patched in 1.4.0 (1057d)
Version History

Audio Preview for WooCommerce Release Timeline

v1.5.0Current
v1.4.4
v1.4.3
v1.4.2
v1.4.1
v1.4.0
v1.3.01 CVE
WF-74d222b9-22e9-485d-8111-d3bee505b200-woo-audio-preview
v1.2.01 CVE
WF-74d222b9-22e9-485d-8111-d3bee505b200-woo-audio-preview
v1.1.01 CVE
WF-74d222b9-22e9-485d-8111-d3bee505b200-woo-audio-preview
v1.0.21 CVE
WF-74d222b9-22e9-485d-8111-d3bee505b200-woo-audio-preview
v1.0.11 CVE
WF-74d222b9-22e9-485d-8111-d3bee505b200-woo-audio-preview
v1.0.01 CVE
WF-74d222b9-22e9-485d-8111-d3bee505b200-woo-audio-preview
Code Analysis
Analyzed Mar 16, 2026

Audio Preview for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
8
116 escaped
Nonce Checks
4
Capability Checks
4
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

94% escaped124 total outputs
Data Flows · Security
All sanitized

Data Flow Analysis

2 flows
wbcom_addons_cards_links (admin\wbcom\wbcom-admin-settings.php:40)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

Audio Preview for WooCommerce Attack Surface

Entry Points4
Unprotected2

AJAX Handlers 3

authwp_ajax_wbcom_addons_cardsadmin\wbcom\wbcom-admin-settings.php:32
authwp_ajax_wcap_delete_audio_ajaxincludes\class-wc-audio-preview.php:162
noprivwp_ajax_wcap_delete_audio_ajaxincludes\class-wc-audio-preview.php:163

Shortcodes 1

[wbcom_admin_setting_header] admin\wbcom\wbcom-admin-settings.php:29
WordPress Hooks 26
actionadmin_initadmin\class-admin-review.php:73
actionadmin_initadmin\class-admin-review.php:74
actionadmin_noticesadmin\class-admin-review.php:151
actioninitadmin\class-admin-review.php:318
actionadmin_noticesadmin\class-wc-audio-preview-admin.php:718
actionadmin_menuadmin\wbcom\wbcom-admin-settings.php:30
actionadmin_enqueue_scriptsadmin\wbcom\wbcom-admin-settings.php:31
actionplugins_loadedincludes\class-wc-audio-preview.php:143
actionadmin_enqueue_scriptsincludes\class-wc-audio-preview.php:157
actionadmin_enqueue_scriptsincludes\class-wc-audio-preview.php:158
actionadd_meta_boxesincludes\class-wc-audio-preview.php:159
actionsave_postincludes\class-wc-audio-preview.php:160
actionpost_edit_form_tagincludes\class-wc-audio-preview.php:161
actionadmin_initincludes\class-wc-audio-preview.php:164
actionadmin_menuincludes\class-wc-audio-preview.php:167
actionin_admin_headerincludes\class-wc-audio-preview.php:169
actionadmin_noticesincludes\class-wc-audio-preview.php:170
actionwp_enqueue_scriptsincludes\class-wc-audio-preview.php:184
actionwp_enqueue_scriptsincludes\class-wc-audio-preview.php:185
actionwoocommerce_before_add_to_cart_formincludes\class-wc-audio-preview.php:186
actionwp_headpublic\class-wc-audio-preview-public.php:741
actionplugins_loadedwoo-product-audio-preview.php:73
actionadmin_noticeswoo-product-audio-preview.php:80
actionadmin_initwoo-product-audio-preview.php:89
actionactivated_pluginwoo-product-audio-preview.php:106
actionadmin_initwoo-product-audio-preview.php:139
Maintenance & Trust

Audio Preview for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedJun 24, 2025
PHP min version7.4
Downloads7K

Community Trust

Rating100/100
Number of ratings2
Active installs200
Alternatives

Audio Preview for WooCommerce Alternatives

MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar

MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar

mp3-music-player-by-sonaar

A
89

The most advanced Audio Player for Music & Podcast. For Elementor, Gutenberg, WooCommerce and more. Add unlimited players to any pages!

20K 14 CVEs
Music Player for WooCommerce

Music Player for WooCommerce

music-player-for-woocommerce

A
99

Music Player for WooCommerce includes the MediaElement.js music player in the pages of the products with audio files associated.

1K 2 CVEs
Audio Playlist for Woocommerce

Audio Playlist for Woocommerce

audio-playlist-for-woocommerce

A
85

Audio player with playlist for WooCommerce products.

10 No CVEs
Really Simple Featured Audio – Sell Music, Samples & Audio Products with WooCommerce

Really Simple Featured Audio – Sell Music, Samples & Audio Products with WooCommerce

really-simple-featured-audio

A
100

Turn your WooCommerce store into a professional audio marketplace. Perfect for selling music samples, audiobooks, and podcasts with audio previews.

10 No CVEs
Preview E-mails for WooCommerce

Preview E-mails for WooCommerce

woo-preview-emails

A
91

An Extension for WooCommerce that allows you to Preview Email Templates.

30K 2 CVEs
Developer Profile

Audio Preview for WooCommerce Developer Profile

wbcomdesigns

19 plugins · 10K total installs

78
trust score
Avg Security Score
98/100
Avg Patch Time
807 days
View full developer profile
Detection Fingerprints

How We Detect Audio Preview for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/woo-audio-preview/admin/js/wc_audio_preview_admin.js/wp-content/plugins/woo-audio-preview/public/css/wc-audio-preview-public.css/wp-content/plugins/woo-audio-preview/public/js/wc-audio-preview-public.js
Script Paths
/wp-content/plugins/woo-audio-preview/admin/js/wc_audio_preview_admin.js/wp-content/plugins/woo-audio-preview/public/js/wc-audio-preview-public.js
Version Parameters
woo-audio-preview/admin/js/wc_audio_preview_admin.js?ver=woo-audio-preview/public/css/wc-audio-preview-public.css?ver=woo-audio-preview/public/js/wc-audio-preview-public.js?ver=

HTML / DOM Fingerprints

CSS Classes
wcap-audio-player
HTML Comments
<!-- END Audio Preview for WooCommerce --><!-- Audio Preview for WooCommerce -->
Data Attributes
data-product_iddata-product_namedata-variation_iddata-preview-typedata-file-pathdata-file-url+1 more
JS Globals
WcAudioPreviewwcap_admin_params
Shortcode Output
[wc_audio_preview_shortcode]
FAQ

Frequently Asked Questions about Audio Preview for WooCommerce