WP-Safety

Checkout Field Editor (Checkout Page Manager) for WooCommerce Security & Risk Analysis

wordpress.org/plugins/woo-checkout-regsiter-field-editor

Checkout Field Editor for WooCommerce is the leading plugin for customizing, editing, removing, and managing your WooCommerce checkout fields.

2K active installs v2.5.1 PHP 5.6+ WP 4.9+ Updated Apr 10, 2026
checkout-editorcheckout-field-editor-for-woocommercecheckout-managercustom-fieldswoocommerce-checkout-field-editor
100
A · Safe
CVEs total1
Unpatched0
Last CVEApr 5, 2024
Plugin page Download
Safety Verdict

Is Checkout Field Editor (Checkout Page Manager) for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Checkout Field Editor (Checkout Page Manager) for WooCommerce has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

1 known CVELast CVE: Apr 5, 2024Updated 1mo ago
Risk Assessment

The plugin exhibits a mixed security posture. While it demonstrates good practices in SQL query handling and leverages nonces, significant concerns arise from its attack surface and output escaping. The presence of two AJAX handlers without authentication checks represents a direct risk of unauthorized actions if these handlers can be triggered by unauthenticated users. Furthermore, a substantial portion of output is not properly escaped, creating a potential for Cross-Site Scripting (XSS) vulnerabilities. The plugin's vulnerability history shows a past medium severity CVE, which was Cross-Site Request Forgery (CSRF) in nature. Although currently unpatched vulnerabilities are zero, the past occurrence of CSRF, coupled with the unprotected AJAX endpoints, suggests a recurring pattern of potential access control and input validation weaknesses. Overall, while the use of prepared statements for SQL is a strong positive, the unprotected entry points and unescaped output necessitate careful attention to mitigate immediate risks.

Key Concerns

  • Unprotected AJAX handlers
  • Low percentage of properly escaped output
  • Past medium severity CVE (CSRF)
  • Flows with unsanitized paths
Vulnerabilities
1 published

Checkout Field Editor (Checkout Page Manager) for WooCommerce Security Vulnerabilities

CVEs by Year

1 CVE in 2024
2024
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2024-31262medium · 4.3Cross-Site Request Forgery (CSRF)

WooCommerce Checkout Field Editor (Checkout Manager) <= 2.1.8 - Cross-Site Request Forgery

Apr 5, 2024 Patched in 2.1.9 (7d)
Version History

Checkout Field Editor (Checkout Page Manager) for WooCommerce Release Timeline

v2.5.1Current
v2.5.0
v2.4.9
v2.4.8
v2.4.7
v2.4.6
v2.4.5
v2.4.4
v2.4.3
v2.4.2
v2.4.1
v2.4.0
v2.3.9
v2.3.8
v2.3.7
v2.3.6
v2.3.5
v2.3.4
v2.3.3
v2.3.2
Code Analysis
Analyzed Mar 16, 2026

Checkout Field Editor (Checkout Page Manager) for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
312
286 escaped
Nonce Checks
3
Capability Checks
0
File Operations
2
External Requests
1
Bundled Libraries
0

Output Escaping

48% escaped598 total outputs
Data Flows · Security
1 unsanitized

Data Flow Analysis

6 flows1 with unsanitized paths
render_tabs_and_sections (admin\class-jwcfe-admin.php:235)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

Checkout Field Editor (Checkout Page Manager) for WooCommerce Attack Surface

Entry Points3
Unprotected2

AJAX Handlers 3

authwp_ajax_jwcfe_send_feedbackincludes\class-jwcfe-deactivation-feedback.php:7
authwp_ajax_save_custom_form_fieldsincludes\class-jwcfe.php:110
authwp_ajax_get_product_attributesincludes\class-jwcfe.php:114
WordPress Hooks 61
actionadmin_enqueue_scriptsincludes\class-jwcfe-deactivation-feedback.php:6
actioninitincludes\class-jwcfe.php:41
actionplugins_loadedincludes\class-jwcfe.php:65
actionplugins_loadedincludes\class-jwcfe.php:94
actionadmin_menuincludes\class-jwcfe.php:107
actionadmin_enqueue_scriptsincludes\class-jwcfe.php:108
filterwoocommerce_screen_idsincludes\class-jwcfe.php:109
actionwoocommerce_admin_order_data_after_billing_addressincludes\class-jwcfe.php:111
actionwoocommerce_admin_order_data_after_shipping_addressincludes\class-jwcfe.php:112
actionwoocommerce_order_details_after_order_tableincludes\class-jwcfe.php:113
actionwp_enqueue_scriptsincludes\class-jwcfe.php:119
actionadmin_initmain.php:54
actionbefore_woocommerce_initmain.php:138
actionwpo_wcpdf_after_order_detailspublic\class-jwcfe-print-invoice-wp-overnight.php:11
actionwpo_wcpdf_after_order_datapublic\class-jwcfe-print-invoice-wp-overnight.php:12
actionwc_pip_after_bodypublic\class-jwcfe-print-invoice.php:11
filterwoocommerce_enable_order_notes_fieldpublic\class-jwcfe-public-checkout.php:33
filterwoocommerce_get_country_locale_basepublic\class-jwcfe-public-checkout.php:34
filterwoocommerce_get_country_localepublic\class-jwcfe-public-checkout.php:35
filterwoocommerce_billing_fieldspublic\class-jwcfe-public-checkout.php:37
filterwoocommerce_shipping_fieldspublic\class-jwcfe-public-checkout.php:38
filterwoocommerce_checkout_fieldspublic\class-jwcfe-public-checkout.php:39
filterwoocommerce_default_address_fieldspublic\class-jwcfe-public-checkout.php:40
actionwoocommerce_checkout_update_order_metapublic\class-jwcfe-public-checkout.php:41
actionwoocommerce_after_checkout_validationpublic\class-jwcfe-public-checkout.php:44
actionwoocommerce_email_order_metapublic\class-jwcfe-public-checkout.php:45
filterwoocommerce_form_field_checkboxpublic\class-jwcfe-public-checkout.php:48
filterwoocommerce_form_field_checkboxgrouppublic\class-jwcfe-public-checkout.php:49
filterwoocommerce_form_field_monthpublic\class-jwcfe-public-checkout.php:50
filterwoocommerce_form_field_weekpublic\class-jwcfe-public-checkout.php:51
filterwoocommerce_form_field_multiselectpublic\class-jwcfe-public-checkout.php:52
filterwoocommerce_form_field_datepublic\class-jwcfe-public-checkout.php:53
filterwoocommerce_form_field_textareapublic\class-jwcfe-public-checkout.php:54
filterwoocommerce_form_field_textpublic\class-jwcfe-public-checkout.php:55
filterwoocommerce_form_field_emailpublic\class-jwcfe-public-checkout.php:56
filterwoocommerce_form_field_phonepublic\class-jwcfe-public-checkout.php:57
filterwoocommerce_form_field_selectpublic\class-jwcfe-public-checkout.php:58
filterwoocommerce_form_field_radiopublic\class-jwcfe-public-checkout.php:59
filterwoocommerce_form_field_filepublic\class-jwcfe-public-checkout.php:60
filterwoocommerce_form_field_timepickerpublic\class-jwcfe-public-checkout.php:61
filterwoocommerce_form_field_numberpublic\class-jwcfe-public-checkout.php:62
filterwoocommerce_form_field_headingpublic\class-jwcfe-public-checkout.php:65
filterwoocommerce_form_field_customcontentpublic\class-jwcfe-public-checkout.php:66
filterwoocommerce_form_field_paragraphpublic\class-jwcfe-public-checkout.php:68
actionwp_enqueue_scriptspublic\class-jwcfe-public-checkout.php:69
actionwoocommerce_initpublic\class-jwcfe-public-checkout.php:70
filterwc_customer_order_csv_export_order_headerspublic\class-jwcfe-wc-checkout-field-editor-export-handler.php:11
filterwc_customer_order_csv_export_order_rowpublic\class-jwcfe-wc-checkout-field-editor-export-handler.php:12
actionwpo_wcpdf_before_order_datapublic\class-jwcfe-wc-pdf-invoices-packing-slips-handler.php:13
actionwpo_wcpdf_after_order_datapublic\class-jwcfe-wc-pdf-invoices-packing-slips-handler.php:14
actionwpo_wcpdf_before_documentpublic\class-jwcfe-wc-pdf-invoices-packing-slips-handler.php:16
actionwpo_wcpdf_after_documentpublic\class-jwcfe-wc-pdf-invoices-packing-slips-handler.php:17
actionwpo_wcpdf_before_order_detailspublic\class-jwcfe-wc-pdf-invoices-packing-slips-handler.php:18
actionwpo_wcpdf_after_order_detailspublic\class-jwcfe-wc-pdf-invoices-packing-slips-handler.php:19
actionwpo_wcpdf_after_document_labelpublic\class-jwcfe-wc-pdf-invoices-packing-slips-handler.php:20
actionwpo_wcpdf_before_billing_addresspublic\class-jwcfe-wc-pdf-invoices-packing-slips-handler.php:22
actionwpo_wcpdf_after_billing_addresspublic\class-jwcfe-wc-pdf-invoices-packing-slips-handler.php:23
actionwpo_wcpdf_before_shipping_addresspublic\class-jwcfe-wc-pdf-invoices-packing-slips-handler.php:24
actionwpo_wcpdf_after_shipping_addresspublic\class-jwcfe-wc-pdf-invoices-packing-slips-handler.php:25
actionwpo_wcpdf_before_customer_notespublic\class-jwcfe-wc-pdf-invoices-packing-slips-handler.php:27
actionwpo_wcpdf_after_customer_notespublic\class-jwcfe-wc-pdf-invoices-packing-slips-handler.php:28
Maintenance & Trust

Checkout Field Editor (Checkout Page Manager) for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedApr 10, 2026
PHP min version5.6
Downloads109K

Community Trust

Rating92/100
Number of ratings30
Active installs2K
Alternatives

Checkout Field Editor (Checkout Page Manager) for WooCommerce Alternatives

H6 Smart Checkout Fields for WooCommerce

H6 Smart Checkout Fields for WooCommerce

h6-smart-checkout-fields-for-woocommerce

A
100

Edit, reorder, disable, and add custom WooCommerce checkout fields. Manage labels, placeholders, and layouts from a simple settings screen.

0 No CVEs
Checkout Field Editor (Checkout Manager) for WooCommerce

Checkout Field Editor (Checkout Manager) for WooCommerce

woo-checkout-field-editor-pro

A
93

Checkout Field Editor (Checkout Manager) for WooCommerce – The best WooCommerce checkout manager plugin to manage WooCommerce checkout fields.

500K 3 CVEs
Checkout Field Manager (Checkout Manager) for WooCommerce

Checkout Field Manager (Checkout Manager) for WooCommerce

woocommerce-checkout-manager

A
92

Checkout Field Manager (Checkout Manager) for WooCommerce is the most advanced plugin to customize checkout fields on your WooCommerce checkout page.

90K 5 CVEs
Flexible Checkout Fields for WooCommerce – WooCommerce Checkout Manager

Flexible Checkout Fields for WooCommerce – WooCommerce Checkout Manager

flexible-checkout-fields

A
99

The best WooCommerce checkout manager. Edit, remove or add checkout fields. Customize WooCommerce checkout with this checkout field customizer.

80K 2 CVEs
Custom WooCommerce Checkout Fields Editor

Custom WooCommerce Checkout Fields Editor

add-fields-to-checkout-page-woocommerce

C
66

Custom WooCommerce Checkout Fields Editor

2K 1 unpatched
Developer Profile

Checkout Field Editor (Checkout Page Manager) for WooCommerce Developer Profile

jcodex

4 plugins · 2K total installs

95
trust score
Avg Security Score
93/100
Avg Patch Time
7 days
View full developer profile
Detection Fingerprints

How We Detect Checkout Field Editor (Checkout Page Manager) for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/woo-checkout-regsiter-field-editor/assets/css/jwcfe-newstyle.css/wp-content/plugins/woo-checkout-regsiter-field-editor/assets/js/polyfill.js/wp-content/plugins/woo-checkout-regsiter-field-editor/assets/js/jwcfe-admin-pro.js
Script Paths
/wp-content/plugins/woo-checkout-regsiter-field-editor/assets/js/polyfill.js/wp-content/plugins/woo-checkout-regsiter-field-editor/assets/js/jwcfe-admin-pro.js
Version Parameters
woo-checkout-regsiter-field-editor/assets/css/jwcfe-newstyle.css?ver=woo-checkout-regsiter-field-editor/assets/js/polyfill.js?ver=woo-checkout-regsiter-field-editor/assets/js/jwcfe-admin-pro.js?ver=

HTML / DOM Fingerprints

JS Globals
WcfeAdmin
FAQ

Frequently Asked Questions about Checkout Field Editor (Checkout Page Manager) for WooCommerce