WP-Safety

Product Category Slider & Grid for WooCommerce – WooCategory Security & Risk Analysis

wordpress.org/plugins/woo-category-slider-grid

Display product categories in responsive sliders or grids to showcase them effectively on your WooCommerce store and improve shoppers' navigation.

10K active installs v1.6.4 PHP 7.0+ WP 5.0+ Updated Jan 13, 2026
category-carouselproduct-categoryproduct-category-showcaseshop-category-gridwoocommerce-category-slider
100
A · Safe
CVEs total1
Unpatched0
Last CVEAug 24, 2023
Plugin page Download
Safety Verdict

Is Product Category Slider & Grid for WooCommerce – WooCategory Safe to Use in 2026?

Generally Safe

Score 100/100

Product Category Slider & Grid for WooCommerce – WooCategory has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Aug 24, 2023Updated 2mo ago
Risk Assessment

The "woo-category-slider-grid" plugin v1.6.4 exhibits a mixed security posture. While it demonstrates good practices such as exclusively using prepared statements for SQL queries and a high percentage of properly escaped outputs, several concerning aspects exist. The presence of 10 AJAX handlers, with 3 lacking authentication checks, presents a significant attack surface. This is further exacerbated by the dangerous use of the `unserialize` function, which, if combined with an unauthenticated AJAX endpoint, could lead to critical vulnerabilities like Remote Code Execution. The plugin's vulnerability history, although currently clear of unpatched issues, includes a past medium-severity vulnerability attributed to Missing Authorization, a pattern that aligns with the identified unprotected AJAX handlers. The lack of any identified critical or high-severity taint flows is a positive sign, but the combination of the `unserialize` function and unprotected AJAX endpoints warrants caution. Overall, the plugin has strengths in its data handling but weaknesses in its access control for AJAX endpoints.

Key Concerns

  • AJAX handlers without authentication checks
  • Use of the unserialize() function
  • Past medium severity vulnerability (Missing Authorization)
Vulnerabilities
1

Product Category Slider & Grid for WooCommerce – WooCategory Security Vulnerabilities

CVEs by Year

1 CVE in 2023
2023
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2023-41132medium · 4.3Missing Authorization

Category Slider for WooCommerce <= 1.4.15 - Missing Authorization via notice dismissal functionality

Aug 24, 2023 Patched in 1.4.16 (238d)
Code Analysis
Analyzed Mar 16, 2026

Product Category Slider & Grid for WooCommerce – WooCategory Code Analysis

Dangerous Functions
1
Raw SQL Queries
0
0 prepared
Unescaped Output
86
653 escaped
Nonce Checks
15
Capability Checks
14
File Operations
0
External Requests
1
Bundled Libraries
0

Dangerous Functions Found

unserialize$plugins = unserialize( $response['body'] );admin\help-page\help-page.php:170

Output Escaping

88% escaped739 total outputs
Data Flows
All sanitized

Data Flow Analysis

6 flows
<class-woo-category-slider-admin> (admin\class-woo-category-slider-admin.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
3 unprotected

Product Category Slider & Grid for WooCommerce – WooCategory Attack Surface

Entry Points11
Unprotected3

AJAX Handlers 10

authwp_ajax_sp-woocatslider-never-show-review-noticeadmin\partials\notices\review.php:28
authwp_ajax_dismiss_smart_brand_noticeadmin\partials\notices\review.php:29
authwp_ajax_dismiss_product_slider_noticeadmin\partials\notices\review.php:30
authwp_ajax_shapedplugin_dismiss_offer_banneradmin\partials\notices\ShapedPlugin_Offer_Banner.php:34
authwp_ajax_spf-get-iconsadmin\partials\wcsp-framework\functions\actions.php:78
authwp_ajax_spf-resetadmin\partials\wcsp-framework\functions\actions.php:102
authwp_ajax_sp_wcsp_preview_meta_boxadmin\preview\class-woo-category-slider-preview.php:36
authwp_ajax_wcsp_export_shortcodeswoo-category-slider-grid.php:188
authwp_ajax_wcsp_import_shortcodeswoo-category-slider-grid.php:189
authwp_ajax_dismiss_woo_noticewoo-category-slider-grid.php:208

Shortcodes 1

[woocatslider] includes\class-woo-category-slider-shortcode.php:55
WordPress Hooks 50
actionafter_setup_themeadmin\class-woo-category-slider-admin.php:43
actionadmin_action_wcs_shortcode_duplicateadmin\class-woo-category-slider-admin.php:45
filterpost_row_actionsadmin\class-woo-category-slider-admin.php:46
actionelementor/preview/enqueue_scriptsadmin\class-woo-category-slider-element-shortcode-addons-deprecated.php:69
actionelementor/preview/enqueue_stylesadmin\class-woo-category-slider-element-shortcode-addons-deprecated.php:70
actionelementor/editor/before_enqueue_scriptsadmin\class-woo-category-slider-element-shortcode-addons-deprecated.php:71
actionelementor/initadmin\class-woo-category-slider-element-shortcode-addons-deprecated.php:142
actionelementor/widgets/registeradmin\class-woo-category-slider-element-shortcode-addons-deprecated.php:159
actionelementor/preview/enqueue_scriptsadmin\class-woo-category-slider-element-shortcode-addons.php:72
actionelementor/preview/enqueue_stylesadmin\class-woo-category-slider-element-shortcode-addons.php:73
actionelementor/editor/before_enqueue_scriptsadmin\class-woo-category-slider-element-shortcode-addons.php:74
actionelementor/initadmin\class-woo-category-slider-element-shortcode-addons.php:145
actionelementor/widgets/registeradmin\class-woo-category-slider-element-shortcode-addons.php:162
actioninitadmin\GutenbergBlock\class-woo-category-slider-shortcode-init.php:36
actionenqueue_block_editor_assetsadmin\GutenbergBlock\class-woo-category-slider-shortcode-init.php:37
actionadmin_menuadmin\help-page\help-page.php:63
actionadmin_print_scriptsadmin\help-page\help-page.php:69
actionspf_enqueueadmin\help-page\help-page.php:70
actionadmin_noticesadmin\partials\notices\review.php:27
actionadmin_noticesadmin\partials\notices\ShapedPlugin_Offer_Banner.php:33
actionwp_enqueue_scriptsadmin\partials\wcsp-framework\classes\abstract.class.php:51
actionwp_headadmin\partials\wcsp-framework\classes\abstract.class.php:56
actionadd_meta_boxesadmin\partials\wcsp-framework\classes\metabox.class.php:107
actionsave_postadmin\partials\wcsp-framework\classes\metabox.class.php:108
actionadmin_menuadmin\partials\wcsp-framework\classes\options.class.php:169
actionadmin_bar_menuadmin\partials\wcsp-framework\classes\options.class.php:170
actionnetwork_admin_menuadmin\partials\wcsp-framework\classes\options.class.php:174
actionafter_setup_themeadmin\partials\wcsp-framework\classes\setup.class.php:95
actioninitadmin\partials\wcsp-framework\classes\setup.class.php:96
actionswitch_themeadmin\partials\wcsp-framework\classes\setup.class.php:97
actionadmin_enqueue_scriptsadmin\partials\wcsp-framework\classes\setup.class.php:98
actionadmin_footeradmin\partials\wcsp-framework\functions\actions.php:140
actioncustomize_controls_print_footer_scriptsadmin\partials\wcsp-framework\functions\actions.php:141
actionplugins_loadedincludes\class-woo-category-slider-updates.php:45
actionwidgets_initincludes\class-woo-category-slider-widget.php:150
actionadmin_enqueue_scriptswoo-category-slider-grid.php:191
actioninitwoo-category-slider-grid.php:192
actionmanage_sp_wcslider_posts_custom_columnwoo-category-slider-grid.php:193
filtermanage_sp_wcslider_posts_columnswoo-category-slider-grid.php:194
filterplugin_action_linkswoo-category-slider-grid.php:195
filterplugin_row_metawoo-category-slider-grid.php:196
filterpost_updated_messageswoo-category-slider-grid.php:197
filteradmin_footer_textwoo-category-slider-grid.php:198
filterupdate_footerwoo-category-slider-grid.php:199
actionactivated_pluginwoo-category-slider-grid.php:202
actionadmin_noticeswoo-category-slider-grid.php:206
actionbefore_woocommerce_initwoo-category-slider-grid.php:209
actionwp_loadedwoo-category-slider-grid.php:235
actionwp_enqueue_scriptswoo-category-slider-grid.php:236
actionsave_postwoo-category-slider-grid.php:237
Maintenance & Trust

Product Category Slider & Grid for WooCommerce – WooCategory Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 13, 2026
PHP min version7.0
Downloads241K

Community Trust

Rating96/100
Number of ratings91
Active installs10K
Alternatives

Product Category Slider & Grid for WooCommerce – WooCategory Alternatives

WPB Category Slider for WooCommerce – Product Categories Carousel & Grid

WPB Category Slider for WooCommerce – Product Categories Carousel & Grid

wpb-woocommerce-category-slider

B
76

Display WooCommerce product categories in responsive sliders and grids to boost navigation, engagement, and product discovery.

800 1 unpatched
Dynamic Product Category Grid, Slider for WooCommerce

Dynamic Product Category Grid, Slider for WooCommerce

dynamic-product-categories-design

A
98

Show woocommerce categories in slider and grid layout with shortcode builder and Elementor widget.

200 1 CVE
Product Category Slider for Elementor

Product Category Slider for Elementor

woo-category-slider-for-elementor

A
85

Display Product Category Slider For Elementor aesthetically in a slider to your store and boost conversion rate! Highly customizable.

100 No CVEs
Product Slider, Product Grid, Product Masonry

Product Slider, Product Grid, Product Masonry

woocommerce-products-slider

B
72

Fully responsive and mobile ready Carousel Slider for your woo-commerce product. unlimited slider anywhere via short-codes and easy admin setting.

10K 1 unpatched
Banner Management, Product Slider, Product Carousel for WooCommerce

Banner Management, Product Slider, Product Carousel for WooCommerce

banner-management-for-woocommerce

B
71

Allows you to set single or multiple banners on the WooCommerce category and page.

2K 1 unpatched
Developer Profile

Product Category Slider & Grid for WooCommerce – WooCategory Developer Profile

ShapedPlugin LLC

18 plugins · 315K total installs

77
trust score
Avg Security Score
97/100
Avg Patch Time
385 days
View full developer profile
Detection Fingerprints

How We Detect Product Category Slider & Grid for WooCommerce – WooCategory

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/woo-category-slider-grid/public/css/woo-category-slider.css/wp-content/plugins/woo-category-slider-grid/public/css/slick.css/wp-content/plugins/woo-category-slider-grid/public/css/slick-theme.css/wp-content/plugins/woo-category-slider-grid/public/js/woo-category-slider.js/wp-content/plugins/woo-category-slider-grid/public/js/slick.min.js/wp-content/plugins/woo-category-slider-grid/public/js/isotope.pkgd.min.js/wp-content/plugins/woo-category-slider-grid/public/js/imagesloaded.pkgd.min.js/wp-content/plugins/woo-category-slider-grid/admin/css/admin-style.css+5 more
Script Paths
woo-category-slider-grid/public/js/woo-category-slider.jswoo-category-slider-grid/public/js/slick.min.jswoo-category-slider-grid/public/js/isotope.pkgd.min.jswoo-category-slider-grid/public/js/imagesloaded.pkgd.min.jswoo-category-slider-grid/admin/js/admin-script.jswoo-category-slider-grid/admin/js/wcsp-framework/assets/js/wcsp-framework.js+1 more
Version Parameters
woo-category-slider-grid/public/css/woo-category-slider.css?ver=woo-category-slider-grid/public/js/woo-category-slider.js?ver=woo-category-slider-grid/admin/css/admin-style.css?ver=woo-category-slider-grid/admin/js/admin-script.js?ver=

HTML / DOM Fingerprints

CSS Classes
wcsp-wcs-slider-wrapperwcsp-wcs-category-slider-gridsp-wc-category-slidersp-wc-category-gridsp-wc-category-hierarchy-gridsp-wc-category-inline-layoutsp-wc-category-slider-itemsp-wc-category-grid-item+2 more
HTML Comments
<!-- Start WooCategory Product Category Slider/Grid --><!-- End WooCategory Product Category Slider/Grid --><!-- WooCategory Framework Notice --><!-- WooCategory Review Notice -->
Data Attributes
data-wcsp-options
JS Globals
wcsp_wcs_php_vars
Shortcode Output
[woo_category_slider][woo_category_grid][woo_category_hierarchy_grid][woo_category_inline_layout]
FAQ

Frequently Asked Questions about Product Category Slider & Grid for WooCommerce – WooCategory