
Woo Button Text Security & Risk Analysis
wordpress.org/plugins/woo-button-textSimple WooCommerce button text changer / Styler / add to cart text changer for WooCommerce.
Is Woo Button Text Safe to Use in 2026?
Generally Safe
Score 85/100Woo Button Text has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "woo-button-text" plugin, version 6.0.3, exhibits a generally good security posture with no known vulnerabilities or critical issues identified in taint analysis. The plugin demonstrates strong practices regarding SQL queries, utilizing prepared statements exclusively, and avoids external HTTP requests and file operations, all of which are positive indicators. The absence of any CVEs in its history further suggests a commitment to security.
However, the static analysis reveals a significant concern: the presence of the `create_function` PHP function. This function is deprecated and can be a source of security vulnerabilities if not handled with extreme care, as it allows for the dynamic creation of functions from strings, potentially enabling code injection if user input is not strictly validated. Additionally, the plugin has a concerningly low percentage of properly escaped output (42%), meaning that a substantial portion of dynamic content displayed to users might be vulnerable to cross-site scripting (XSS) attacks. The lack of nonce checks and capability checks, while not directly indicative of a vulnerability without an exposed attack vector, highlights a potential weakness that could be exploited if an entry point were to be introduced in the future.
In conclusion, while the plugin benefits from a clean vulnerability history and secure database practices, the use of `create_function` and the high proportion of unescaped output represent notable risks. Developers should prioritize refactoring the use of `create_function` and implementing robust output escaping to mitigate potential security threats, particularly XSS.
Key Concerns
- Use of deprecated `create_function`
- Low percentage of properly escaped output
- No nonce checks found
- No capability checks found
Woo Button Text Security Vulnerabilities
Woo Button Text Release Timeline
Woo Button Text Code Analysis
Dangerous Functions Found
Output Escaping
Woo Button Text Attack Surface
WordPress Hooks 14
Maintenance & Trust
Woo Button Text Maintenance & Trust
Maintenance Signals
Community Trust
Woo Button Text Alternatives
Direct Checkout – Quick View – Buy Now For WooCommerce
quick-view-and-buy-now-for-woocommerce
Quick View and Buy Now plugin makes the buying process easy in your store to increase conversion and encorage clients buying from your website by addi …
TT Add to Cart Buy Now for WooCommerce
tt-add-to-cart-buy-now-for-woocommerce
A WooCommerce plugin that allow user to customize the Add to cart button and add a simple "Buy Now" button to your WooCommerce website.
Buy Now Woocommerce
vmi-direct-checkout
Buy Now woocommerce is a helpful tool to simplify the checkout process. Buy Now woocommerce converts into a one-click process, customer decision to sa …
Buy Now Button Redirect for WooCommerce
buy-now-button-redirect-for-woocommerce
Redirect WooCommerce "Add to Cart" buttons directly to checkout, cart, or custom URLs with global and per-product settings.
One Click Buy Now Button
one-click-buy-now-button
Add a fully customizable "Buy Now" button under WooCommerce Add to Cart. Secure, lightweight and works with both simple and variable products.
Woo Button Text Developer Profile
1 plugin · 600 total installs
How We Detect Woo Button Text
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/woo-button-text/styles/woobuttonstyle.php/wp-content/plugins/woo-button-text/js/exclutips-jquery.jsjs/exclutips-jquery.jsHTML / DOM Fingerprints
alt