Does Woo-Divi have any unpatched vulnerabilities?

No. All known vulnerabilities in Woo-Divi have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Woo-Divi compatible with WordPress 4.5.33?

According to WordPress.org data, Woo-Divi 1.0.0 has been tested up to WordPress 4.5.33. Check the plugin's changelog for the latest compatibility information.

How often is Woo-Divi updated?

Woo-Divi was last updated on Nov 15, 2016. Frequent updates are generally a positive security signal.

What is Woo-Divi's security score?

Woo-Divi has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Woo-Divi Security & Risk Analysis

wordpress.org/plugins/woo-divi

This is an extension for the Divi Builder. You would require Divi Builder and WooCommerce to be present. This will add a button to the Divi Builder si …

20 active installs v1.0.0 PHP + WP 4+ Updated Nov 15, 2016

divi-extensionwoocommerce-add-to-cart

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Woo-Divi Safe to Use in 2026?

Generally Safe

Score 85/100

Woo-Divi has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9yr ago

Risk Assessment

The "woo-divi" plugin v1.0.0 exhibits a concerning security posture primarily due to its unprotected entry points. While the code analysis shows positive signs like 100% use of prepared statements for SQL queries and proper output escaping, these strengths are overshadowed by the presence of two AJAX handlers that lack any authentication or capability checks. This represents a significant attack surface that could be exploited by unauthenticated users.

The absence of nonce checks and capability checks on these AJAX handlers is a critical flaw. Without these protections, an attacker could potentially trigger these functions maliciously, leading to unintended actions within the WordPress environment. Taint analysis data is absent, which is neutral in this assessment, but the static analysis alone points to clear vulnerabilities. Furthermore, the plugin has no recorded vulnerability history, which, while positive, does not negate the immediately identifiable risks present in the current codebase.

In conclusion, the "woo-divi" plugin v1.0.0 has some good security practices in place regarding data handling and output. However, the fundamental flaw of unprotected AJAX endpoints creates a high risk. The lack of immediate vulnerabilities in its history does not compensate for this exposure. Users of this plugin should be aware of the potential for unauthorized actions through its AJAX functionalities.

Key Concerns

AJAX handlers without auth checks
AJAX handlers without capability checks
AJAX handlers without nonce checks

Vulnerabilities

None known

Woo-Divi Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Woo-Divi Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

9 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped9 total outputs

Attack Surface

2 unprotected

Woo-Divi Attack Surface

Entry Points2

Unprotected2

AJAX Handlers 2

authwp_ajax_call_to_action_add_to_cartincludes\class-woodivi.php:174

noprivwp_ajax_call_to_action_add_to_cartincludes\class-woodivi.php:175

WordPress Hooks 5

actionplugins_loadedincludes\class-woodivi.php:139

actionadmin_enqueue_scriptsincludes\class-woodivi.php:154

actionadmin_enqueue_scriptsincludes\class-woodivi.php:155

actionwp_enqueue_scriptsincludes\class-woodivi.php:172

actionwp_enqueue_scriptsincludes\class-woodivi.php:173

Maintenance & Trust

Woo-Divi Maintenance & Trust

Maintenance Signals

WordPress version tested4.5.33

Last updatedNov 15, 2016

PHP min version

Downloads7K

Community Trust

Rating0/100

Number of ratings0

Active installs20

Alternatives

Woo-Divi Alternatives

Custom Add to Cart labels for WooCommerce

wc-custom-add-to-cart-labels

100

This plugin lets you change the “add to cart” labels on all single product pages (per product type) and also on archive/shop page (per product type)

5K No CVEs

Add to Cart Text Changer and Customize Button, Add Custom Icon

woo-add-to-cart-text-change

100

Easy handle: Add to Cart Text Changer and Customize Button, Add Custom Icon. With icon of shop or cart.

2K 1 CVE

Modal Fly Cart & AJAX Add to Cart for WooCommerce

woocomm-popup-cart-ajax

100

Popup Cart Lite for WooCommerce for WooCommerce plugin that displays popup cart for add to cart action.

2K No CVEs

XT Ajax Add To Cart for WooCommerce

xt-woo-ajax-add-to-cart

"XT Ajax Add To Cart for WooCommerce" allows users to add single products or variable products to the cart without the need to reload the en …

1K 1 CVE

Email Inquiry & Cart Options for WooCommerce

woocommerce-email-inquiry-cart-options

Set Product Page Rules, Hide Add to Cart, Hide Price, Show Email Inquiry, Filter Rules by Roles for logged in users. 100% Mobile responsive Email Inqu …

800 1 unpatched

Developer Profile

Woo-Divi Developer Profile

vishalbasnet23

1 plugin · 20 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Woo-Divi

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/woo-divi/css/woodivi-admin.css/wp-content/plugins/woo-divi/js/woodivi-admin.js

Script Paths

/wp-content/plugins/woo-divi/js/woodivi-admin.js

Version Parameters

woo-divi/css/woodivi-admin.css?ver=woo-divi/js/woodivi-admin.js?ver=

HTML / DOM Fingerprints

FAQ