Does Currency Switcher for WooCommerce by WBW have any unpatched vulnerabilities?

No. All known vulnerabilities in Currency Switcher for WooCommerce by WBW have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Currency Switcher for WooCommerce by WBW compatible with WordPress 6.9.4?

According to WordPress.org data, Currency Switcher for WooCommerce by WBW 2.2.6 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

How often is Currency Switcher for WooCommerce by WBW updated?

Currency Switcher for WooCommerce by WBW was last updated on Feb 17, 2026. Frequent updates are generally a positive security signal.

What is Currency Switcher for WooCommerce by WBW's security score?

Currency Switcher for WooCommerce by WBW has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Currency Switcher for WooCommerce by WBW Security & Risk Analysis

wordpress.org/plugins/woo-currency

WBW Currency Switcher for WooCommerce allows customers to switch products prices to any currencies. Get rates converted in the real-time with dynamic …

4K active installs v2.2.6 PHP + WP + Updated Feb 17, 2026

currencycurrency-convertercurrency-switchermulti-currencywoocommerce

A · Safe

CVEs total1

Unpatched0

Last CVEAug 22, 2022

Download

Safety Verdict

Is Currency Switcher for WooCommerce by WBW Safe to Use in 2026?

Generally Safe

Score 100/100

Currency Switcher for WooCommerce by WBW has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Aug 22, 2022Updated 1mo ago

Risk Assessment

The 'woo-currency' plugin v2.2.6 presents a mixed security posture. While the attack surface appears minimal with no identified AJAX handlers, REST API routes, shortcodes, or cron events, indicating a good defensive design in terms of entry points, several code signals raise concerns. The presence of dangerous functions like 'unserialize' and 'popen' is a significant red flag, potentially allowing for code execution if used with untrusted input. Furthermore, the extremely low percentage of properly escaped output (6%) suggests a high likelihood of Cross-Site Scripting (XSS) vulnerabilities, where malicious scripts could be injected into the website. The taint analysis, while showing no critical or high severity flows, did reveal that all analyzed flows had unsanitized paths, reinforcing the XSS risk. The plugin's vulnerability history shows one medium severity CVE related to XSS, which was patched, but the pattern of XSS vulnerabilities in the past, combined with the current static analysis findings, indicates a persistent risk. Despite the low attack surface and existing patches, the extensive use of unescaped output and the presence of dangerous functions warrant caution.

Key Concerns

Dangerous function 'unserialize' present
Dangerous function 'popen' present
Only 6% of outputs properly escaped
All taint flows have unsanitized paths
Medium severity CVE in history (XSS)
Low percentage of prepared statements (55% not prepared)
Bundled PHPMailer library
Bundled jQuery library

Vulnerabilities

Currency Switcher for WooCommerce by WBW Security Vulnerabilities

CVEs by Year

1 CVE in 2022

2022

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2022-2575medium · 5.5Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

WBW Currency Switcher <= 1.6.5 - Authenticated (Administrator+) Stored Cross-Site Scripting

Aug 22, 2022 Patched in 1.6.6 (519d)

Code Analysis

Analyzed Mar 16, 2026

Currency Switcher for WooCommerce by WBW Code Analysis

Dangerous Functions

Raw SQL Queries

5 prepared

Unescaped Output

556

37 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserializereturn unserialize($data);classes\utils.php:14

popenif (!@$mail = popen($sendmail, 'w')) {modules\mail\engines\class.phpmailer.php:1387

popenif (!@$mail = popen($sendmail, 'w')) {modules\mail\engines\class.phpmailer.php:1408

Bundled Libraries

PHPMailerjQuery

SQL Query Safety

45% prepared11 total queries

Output Escaping

6% escaped593 total outputs

Data Flows

6 unsanitized

Data Flow Analysis

6 flows6 with unsanitized paths

widget (modules\currency\includes\class-wcu_widget_layered_nav_filters.php:11)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Currency Switcher for WooCommerce by WBW Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 93

actionadmin_noticesclasses\errors.php:43

filterthe_contentclasses\errors.php:45

actioninitclasses\frame.php:125

actioninitclasses\frame.php:255

actionactivated_pluginclasses\modInstaller.php:120

actionactivated_pluginclasses\utils.php:340

actionwoocommerce_order_get_currencyclasses\utils.php:750

actionadmin_menumodules\adminmenu\mod.php:7

filterwp_headmodules\currency\mod.php:50

filterwc_price_argsmodules\currency\mod.php:51

filterwoocommerce_get_settings_generalmodules\currency\mod.php:53

actionwoocommerce_settings_tabs_arraymodules\currency\mod.php:54

actionwoocommerce_settings_tabs_wcu_currencymodules\currency\mod.php:55

filterwoocommerce_currencymodules\currency\mod.php:57

filterwoocommerce_currency_symbolmodules\currency\mod.php:58

filterwc_get_price_thousand_separatormodules\currency\mod.php:59

filterwc_get_price_decimal_separatormodules\currency\mod.php:60

filterwc_get_price_decimalsmodules\currency\mod.php:63

actionwoocommerce_blocks_loadedmodules\currency\mod.php:65

filterwoocommerce_cart_get_totalmodules\currency\mod.php:68

filterraw_woocommerce_pricemodules\currency\mod.php:71

filterwoocommerce_price_filter_widget_min_amountmodules\currency\mod.php:72

filterwoocommerce_price_filter_widget_max_amountmodules\currency\mod.php:73

filterwoocommerce_order_get_totalmodules\currency\mod.php:75

actionwoocommerce_email_headermodules\currency\mod.php:76

actionwoocommerce_before_calculate_totalsmodules\currency\mod.php:78

actionwoocommerce_after_calculate_totalsmodules\currency\mod.php:79

actionwoocommerce_before_checkout_processmodules\currency\mod.php:81

actionwoocommerce_checkout_order_processedmodules\currency\mod.php:82

filterwoocommerce_calculated_totalmodules\currency\mod.php:85

filterwoocommerce_paypal_express_checkout_get_detailsmodules\currency\mod.php:88

actionwoocommerce_checkout_order_processedmodules\currency\mod.php:89

actionwoocommerce_checkout_order_processedmodules\currency\mod.php:91

filterwpg_request_parammodules\currency\mod.php:93

filterwoocommerce_price_formatmodules\currency\mod.php:95

filterwc_epo_get_element_for_displaymodules\currency\mod.php:98

filterwoocommerce_tm_epo_price_on_cartmodules\currency\mod.php:99

filterwc_epo_product_pricemodules\currency\mod.php:100

filterwoocommerce_available_variationmodules\currency\mod.php:102

filterwoocommerce_get_variation_regular_pricemodules\currency\mod.php:104

filterwoocommerce_get_variation_sale_pricemodules\currency\mod.php:105

filterwoocommerce_variation_pricesmodules\currency\mod.php:106

filterwoocommerce_before_add_to_cart_formmodules\currency\mod.php:107

filterwoocommerce_admin_order_preview_line_itemsmodules\currency\mod.php:109

filterwc_get_templatemodules\currency\mod.php:111

actionwpo_wcpdf_process_template_ordermodules\currency\mod.php:112

actionwoocommerce_order_get_currencymodules\currency\mod.php:113

filterwoocommerce_checkout_update_order_reviewmodules\currency\mod.php:114

filterwoocommerce_get_formatted_order_totalmodules\currency\mod.php:116

filterwoocommerce_before_resend_order_emailsmodules\currency\mod.php:118

filterwoocommerce_email_actionsmodules\currency\mod.php:119

actionthe_postmodules\currency\mod.php:121

actionload-post.phpmodules\currency\mod.php:122

filterhttp_request_argsmodules\currency\mod.php:125

actionwoocommerce_checkout_order_processedmodules\currency\mod.php:126

actionwidgets_initmodules\currency\mod.php:132

filterwoocommerce_shortcode_products_querymodules\currency\mod.php:135

actionwoocommerce_product_querymodules\currency\mod.php:136

filterpre_handle_404modules\currency\mod.php:137

filterwc_braintree_output_display_itemsmodules\currency\mod.php:145

filterwoocommerce_format_localized_pricemodules\currency\mod.php:148

filterwcu_get_currencies_datamodules\currency\mod.php:150

actionwoocommerce_before_mini_cart_contentsmodules\currency\mod.php:153

actionwoocommerce_mini_cart_contentsmodules\currency\mod.php:154

actionyith_wapo_before_main_containermodules\currency\mod.php:158

actionyith_wapo_after_main_containermodules\currency\mod.php:159

filteryith_wapo_product_pricemodules\currency\mod.php:160

filteryith_wapo_get_addon_pricemodules\currency\mod.php:161

filteryith_wapo_option_pricemodules\currency\mod.php:162

filterwoocommerce_hydration_dispatch_requestmodules\currency\mod.php:164

filterwoocommerce_get_price_including_taxmodules\currency\mod.php:270

filterwoocommerce_get_price_excluding_taxmodules\currency\mod.php:271

filterwoocommerce_get_price_excluding_taxmodules\currency\mod.php:293

filterwoocommerce_get_price_including_taxmodules\currency\mod.php:294

filterwoocommerce_cart_get_subtotalmodules\currency\mod.php:295

filterwoocommerce_cart_get_totalmodules\currency\mod.php:296

filterwoocommerce_cart_get_shipping_totalmodules\currency\mod.php:297

filterwoocommerce_package_ratesmodules\currency\mod.php:298

actionwoocommerce_calculate_totalsmodules\currency\mod.php:299

filterwoocommerce_twoco_argsmodules\currency\mod.php:453

actionwp_loadedmodules\currency\mod.php:531

actionwp_footermodules\currency_switcher\mod.php:6

actionwidgets_initmodules\currency_widget\mod.php:10

actionadmin_enqueue_scriptsmodules\currency_widget\mod.php:11

filterwp_mail_content_typemodules\mail\mod.php:139

actioninitmodules\options\mod.php:9

actionadmin_footermodules\promo\mod.php:14

actioninitmodules\promo\mod.php:16

actionadmin_footermodules\promo\mod.php:18

actionadmin_noticesmodules\promo\mod.php:24

actionadmin_enqueue_scriptsmodules\templates\mod.php:40

actioninitmodules\templates\mod.php:41

actionbefore_woocommerce_initwcu.php:26

Maintenance & Trust

Currency Switcher for WooCommerce by WBW Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 17, 2026

PHP min version

Downloads238K

Community Trust

Rating88/100

Number of ratings36

Active installs4K

Alternatives

Currency Switcher for WooCommerce by WBW Alternatives

YayCurrency – WooCommerce Multi-Currency Switcher

yaycurrency

WooCommerce Multi-Currency made easy, powerful, and flexible.

8K 2 CVEs

Multi Currency Switcher for WooCommerce

psmwoo-multi-currency

100

Stop losing sales. Our multi currency switcher & converter shows local prices in WooCommerce to reduce cart abandonment and boost your global sales.

100 No CVEs

Easy Currency – Multi-Currency Converter for WooCommerce

easy-currency

100

Let shoppers view and switch WooCommerce product prices in multiple currencies, with automatic rates and checkout in the selected currency.

10 No CVEs

Currency Converter for WooCommerce

wc-multi-currency-switcher

100

Currency Converter for WooCommerce lets visitors switch product prices between currencies in real-time, based on your set exchange rates.

10 No CVEs

CURCY – Multi Currency for WooCommerce – Smoothly on WooCommerce 9.x

woo-multi-currency

Show multi-currency pricing and dual-currency display, accept multi-currency payment, support IP detection, custom/global rate, fixed price and more

20K 6 CVEs

Developer Profile

Currency Switcher for WooCommerce by WBW Developer Profile

WBW Plugins

3 plugins · 66K total installs

trust score

Avg Security Score

94/100

Avg Patch Time

169 days

View full developer profile

Detection Fingerprints

How We Detect Currency Switcher for WooCommerce by WBW

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/woo-currency/css/style.css/wp-content/plugins/woo-currency/css/woo-currency.css/wp-content/plugins/woo-currency/js/woo-currency.js/wp-content/plugins/woo-currency/js/script.js/wp-content/plugins/woo-currency/js/woo-currency-woo.js

Script Paths

/wp-content/plugins/woo-currency/js/woo-currency.js/wp-content/plugins/woo-currency/js/script.js/wp-content/plugins/woo-currency/js/woo-currency-woo.js

Version Parameters

woo-currency/css/style.css?ver=woo-currency/css/woo-currency.css?ver=woo-currency/js/woo-currency.js?ver=woo-currency/js/script.js?ver=woo-currency/js/woo-currency-woo.js?ver=

HTML / DOM Fingerprints

CSS Classes

wcu-currency- switcherwcu-currency-listwcu-currency-item

HTML Comments

Data Attributes

data-wcu-currency-iddata-wcu-currency-codedata-wcu-currency-symbol

JS Globals

wcu_params

Shortcode Output

[wcu_currency_switcher][wcu_currency_list][wcu_currency_item]

FAQ

Currency Switcher for WooCommerce by WBW Security & Risk Analysis

Is Currency Switcher for WooCommerce by WBW Safe to Use in 2026?

Generally Safe

Key Concerns

Currency Switcher for WooCommerce by WBW Security Vulnerabilities

CVEs by Year

Severity Breakdown

Currency Switcher for WooCommerce by WBW Code Analysis

Dangerous Functions Found

Bundled Libraries

SQL Query Safety

Output Escaping

Data Flow Analysis

Currency Switcher for WooCommerce by WBW Attack Surface

Currency Switcher for WooCommerce by WBW Maintenance & Trust

Maintenance Signals

Community Trust

Currency Switcher for WooCommerce by WBW Alternatives

YayCurrency – WooCommerce Multi-Currency Switcher

Multi Currency Switcher for WooCommerce

Easy Currency – Multi-Currency Converter for WooCommerce

Currency Converter for WooCommerce

CURCY – Multi Currency for WooCommerce – Smoothly on WooCommerce 9.x

Currency Switcher for WooCommerce by WBW Developer Profile

How We Detect Currency Switcher for WooCommerce by WBW

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Currency Switcher for WooCommerce by WBW