Does Hyyan WooCommerce Polylang Integration have any unpatched vulnerabilities?

Yes — Hyyan WooCommerce Polylang Integration currently has 1 unpatched vulnerability. We recommend switching to an alternative or applying any available workarounds.

Is Hyyan WooCommerce Polylang Integration compatible with WordPress 5.6.17?

According to WordPress.org data, Hyyan WooCommerce Polylang Integration 1.5.0 has been tested up to WordPress 5.6.17. Check the plugin's changelog for the latest compatibility information.

Is Hyyan WooCommerce Polylang Integration compatible with PHP 7.0+?

Hyyan WooCommerce Polylang Integration requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Hyyan WooCommerce Polylang Integration updated?

Hyyan WooCommerce Polylang Integration was last updated on Feb 16, 2021. Frequent updates are generally a positive security signal.

What is Hyyan WooCommerce Polylang Integration's security score?

Hyyan WooCommerce Polylang Integration has a WP-Safety security score of 63/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Hyyan WooCommerce Polylang Integration Security & Risk Analysis

wordpress.org/plugins/woo-poly-integration

Given that I am not using Wordpress these days and I haven't really been using WooPoly for a while. I am looking for maintainers to take over thi …

9K active installs v1.5.0 PHP 7.0+ WP 5.4+ Updated Feb 16, 2021

bilingualcmsmultilingualpolylangwoocommerce

C · Use Caution

CVEs total1

Unpatched1

Last CVEJan 18, 2026

Plugin page Download

Safety Verdict

Is Hyyan WooCommerce Polylang Integration Safe to Use in 2026?

Use With Caution

Score 63/100

Hyyan WooCommerce Polylang Integration has 1 unpatched vulnerability. Evaluate alternatives or apply available mitigations.

1 known CVE 1 unpatched Last CVE: Jan 18, 2026Updated 5yr ago

Risk Assessment

The "woo-poly-integration" v1.5.0 plugin exhibits significant security concerns. While it demonstrates some positive practices like using prepared statements for SQL queries and performing output escaping, these are overshadowed by critical vulnerabilities. The presence of unprotected AJAX handlers forms a substantial attack surface, offering direct entry points for malicious actors. Furthermore, the use of the `unserialize` function without proper input validation is a known risky practice that can lead to remote code execution vulnerabilities. The plugin's vulnerability history, particularly the existence of an unpatched medium severity vulnerability from 2026 and a pattern of "Missing Authorization" issues, strongly suggests a recurring lack of robust access control. This indicates a systemic weakness in how the plugin handles sensitive operations and user permissions.

Key Concerns

Unprotected AJAX handlers
Use of dangerous function: unserialize
Unpatched CVE (medium severity)
No nonce checks on AJAX
Lack of capability checks on AJAX
Flows with unsanitized paths

Vulnerabilities

Hyyan WooCommerce Polylang Integration Security Vulnerabilities

CVEs by Year

1 CVE in 2026 · unpatched

2026

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2026-24585medium · 4.3Missing Authorization

Hyyan WooCommerce Polylang Integration <= 1.5.0 - Missing Authorization

Jan 18, 2026Unpatched

Code Analysis

Analyzed Mar 16, 2026

Hyyan WooCommerce Polylang Integration Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

39 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$features = unserialize( 'a:13:{s:13:"fields-locker";s:2:"on";s:6:"emails";s:2:"on";s:7:"reports";s:src\Hyyan\WPI\Plugin.php:184

unserialize$metas = unserialize( 'a:9:{s:7:"general";a:10:{s:12:"product-type";s:12:"product-type";s:8:"_virtuasrc\Hyyan\WPI\Plugin.php:191

SQL Query Safety

67% prepared3 total queries

Output Escaping

60% escaped65 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

copyProductCatCustomFields (src\Hyyan\WPI\Taxonomies\Categories.php:78)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

Hyyan WooCommerce Polylang Integration Attack Surface

Entry Points2

Unprotected2

AJAX Handlers 2

authwp_ajax_woocommerce_feature_productsrc\Hyyan\WPI\Product\Product.php:64

authwp_ajax_woocommerce_remove_variationssrc\Hyyan\WPI\Product\Variable.php:35

WordPress Hooks 168

actionadmin_initsrc\Hyyan\WPI\Admin\Settings.php:30

actionadmin_menusrc\Hyyan\WPI\Admin\Settings.php:31

actionwoocommerce_system_status_reportsrc\Hyyan\WPI\Admin\StatusReport.php:8

filterwoocommerce_ajax_get_endpointsrc\Hyyan\WPI\Ajax.php:28

filterwoocommerce_breadcrumb_home_urlsrc\Hyyan\WPI\Breadcrumb.php:27

filterwoocommerce_add_to_cart_product_idsrc\Hyyan\WPI\Cart.php:33

filterwoocommerce_cart_item_productsrc\Hyyan\WPI\Cart.php:36

filterwoocommerce_cart_item_product_idsrc\Hyyan\WPI\Cart.php:37

filterwoocommerce_cart_item_permalinksrc\Hyyan\WPI\Cart.php:38

filterwoocommerce_get_item_datasrc\Hyyan\WPI\Cart.php:39

actionwp_enqueue_scriptssrc\Hyyan\WPI\Cart.php:42

actionwoocommerce_coupon_loadedsrc\Hyyan\WPI\Coupon.php:38

actionwp_loadedsrc\Hyyan\WPI\Coupon.php:40

filterwoocommerce_cart_totals_coupon_labelsrc\Hyyan\WPI\Coupon.php:43

filterwoocommerce_coupon_get_descriptionsrc\Hyyan\WPI\Coupon.php:45

filterwoocommerce_coupon_get__wjecf_enqueue_messagesrc\Hyyan\WPI\Coupon.php:56

filterwoocommerce_coupon_get__wjecf_select_free_product_messagesrc\Hyyan\WPI\Coupon.php:58

filterwoocommerce_coupon_get__wjecf_free_product_idssrc\Hyyan\WPI\Coupon.php:60

filterwoocommerce_email_subject_new_ordersrc\Hyyan\WPI\Emails.php:122

filterwoocommerce_email_heading_new_ordersrc\Hyyan\WPI\Emails.php:123

filterwoocommerce_email_recipient_new_ordersrc\Hyyan\WPI\Emails.php:124

filterwoocommerce_email_additional_content_new_ordersrc\Hyyan\WPI\Emails.php:125

filterwoocommerce_email_subject_customer_processing_ordersrc\Hyyan\WPI\Emails.php:128

filterwoocommerce_email_heading_customer_processing_ordersrc\Hyyan\WPI\Emails.php:129

filterwoocommerce_email_additional_content_customer_processing_ordersrc\Hyyan\WPI\Emails.php:130

filterwoocommerce_email_subject_customer_refunded_ordersrc\Hyyan\WPI\Emails.php:132

filterwoocommerce_email_heading_customer_refunded_ordersrc\Hyyan\WPI\Emails.php:133

filterwoocommerce_email_additional_content_customer_refunded_ordersrc\Hyyan\WPI\Emails.php:134

filterwoocommerce_email_additional_content_customer_partially_refunded_ordersrc\Hyyan\WPI\Emails.php:136

filterwoocommerce_email_subject_customer_notesrc\Hyyan\WPI\Emails.php:138

filterwoocommerce_email_heading_customer_notesrc\Hyyan\WPI\Emails.php:139

filterwoocommerce_email_additional_content_customer_notesrc\Hyyan\WPI\Emails.php:140

filterwoocommerce_email_subject_customer_invoicesrc\Hyyan\WPI\Emails.php:142

filterwoocommerce_email_heading_customer_invoicesrc\Hyyan\WPI\Emails.php:143

filterwoocommerce_email_additional_content_customer_invoicesrc\Hyyan\WPI\Emails.php:144

filterwoocommerce_email_subject_customer_invoice_paidsrc\Hyyan\WPI\Emails.php:146

filterwoocommerce_email_heading_customer_invoice_paidsrc\Hyyan\WPI\Emails.php:147

filterwoocommerce_email_additional_content_customer_invoice_paidsrc\Hyyan\WPI\Emails.php:148

filterwoocommerce_email_subject_customer_completed_ordersrc\Hyyan\WPI\Emails.php:150

filterwoocommerce_email_heading_customer_completed_ordersrc\Hyyan\WPI\Emails.php:151

filterwoocommerce_email_additional_content_customer_completed_ordersrc\Hyyan\WPI\Emails.php:152

filterwoocommerce_email_subject_customer_new_accountsrc\Hyyan\WPI\Emails.php:154

filterwoocommerce_email_heading_customer_new_accountsrc\Hyyan\WPI\Emails.php:155

filterwoocommerce_email_additional_content_customer_new_accountsrc\Hyyan\WPI\Emails.php:156

filterwoocommerce_email_subject_customer_reset_passwordsrc\Hyyan\WPI\Emails.php:158

filterwoocommerce_email_heading_customer_reset_passwordsrc\Hyyan\WPI\Emails.php:159

filterwoocommerce_email_additional_content_customer_reset_passwordsrc\Hyyan\WPI\Emails.php:160

filterwoocommerce_email_subject_customer_on_hold_ordersrc\Hyyan\WPI\Emails.php:163

filterwoocommerce_email_heading_customer_on_hold_ordersrc\Hyyan\WPI\Emails.php:164

filterwoocommerce_email_additional_content_customer_on_hold_ordersrc\Hyyan\WPI\Emails.php:165

filterwoocommerce_email_subject_cancelled_ordersrc\Hyyan\WPI\Emails.php:168

filterwoocommerce_email_heading_cancelled_ordersrc\Hyyan\WPI\Emails.php:169

filterwoocommerce_email_recipient_cancelled_ordersrc\Hyyan\WPI\Emails.php:170

filterwoocommerce_email_additional_content_cancelled_ordersrc\Hyyan\WPI\Emails.php:171

filterwoocommerce_email_subject_failed_ordersrc\Hyyan\WPI\Emails.php:174

filterwoocommerce_email_heading_failed_ordersrc\Hyyan\WPI\Emails.php:175

filterwoocommerce_email_recipient_failed_ordersrc\Hyyan\WPI\Emails.php:176

filterwoocommerce_email_additional_content_failed_ordersrc\Hyyan\WPI\Emails.php:177

filterwoocommerce_email_footer_textsrc\Hyyan\WPI\Emails.php:180

filterwoocommerce_email_from_addresssrc\Hyyan\WPI\Emails.php:181

filterwoocommerce_email_from_namesrc\Hyyan\WPI\Emails.php:182

filterwoocommerce_email_setup_localesrc\Hyyan\WPI\Emails.php:185

filterwoocommerce_email_restore_localesrc\Hyyan\WPI\Emails.php:186

actioninitsrc\Hyyan\WPI\Endpoints.php:38

actionwoocommerce_update_optionssrc\Hyyan\WPI\Endpoints.php:41

filterpre_update_option_rewrite_rulessrc\Hyyan\WPI\Endpoints.php:44

filterpll_the_language_linksrc\Hyyan\WPI\Endpoints.php:47

filterwp_get_nav_menu_itemssrc\Hyyan\WPI\Endpoints.php:50

actioncurrent_screensrc\Hyyan\WPI\Endpoints.php:53

filterwoocommerce_paypal_argssrc\Hyyan\WPI\Gateways.php:30

actionwp_loadedsrc\Hyyan\WPI\Gateways.php:33

filterwoocommerce_gateway_titlesrc\Hyyan\WPI\Gateways.php:36

filterwoocommerce_gateway_descriptionsrc\Hyyan\WPI\Gateways.php:37

actionload-settings_page_mlangsrc\Hyyan\WPI\Language.php:29

actionpll_add_languagesrc\Hyyan\WPI\Language.php:33

actionwoo-poly.settings.wpi-features_fieldssrc\Hyyan\WPI\Language.php:37

filterwc_get_price_decimal_separatorsrc\Hyyan\WPI\LocaleNumbers.php:28

filterwc_get_price_thousand_separatorsrc\Hyyan\WPI\LocaleNumbers.php:29

filterwc_price_argssrc\Hyyan\WPI\LocaleNumbers.php:30

filterwoocommerce_format_localized_decimalsrc\Hyyan\WPI\LocaleNumbers.php:33

filterwoocommerce_login_redirectsrc\Hyyan\WPI\Login.php:28

filterwoocommerce_product_get_gallery_image_idssrc\Hyyan\WPI\Media.php:29

filterpll_get_post_typessrc\Hyyan\WPI\Order.php:32

actionwoocommerce_checkout_update_order_metasrc\Hyyan\WPI\Order.php:36

filterwoocommerce_my_account_my_orders_querysrc\Hyyan\WPI\Order.php:45

filterwoocommerce_order_item_productsrc\Hyyan\WPI\Order.php:49

filterwoocommerce_order_data_store_cpt_get_orders_querysrc\Hyyan\WPI\Order.php:115

actioncurrent_screensrc\Hyyan\WPI\Order.php:144

actionadmin_print_scriptssrc\Hyyan\WPI\Order.php:148

filterpll_get_archive_urlsrc\Hyyan\WPI\Pages.php:43

filterparse_requestsrc\Hyyan\WPI\Pages.php:50

filterwoocommerce_shortcode_products_querysrc\Hyyan\WPI\Pages.php:53

filtershortcode_atts_product_categoriessrc\Hyyan\WPI\Pages.php:56

actioninitsrc\Hyyan\WPI\Permalinks.php:29

actioninitsrc\Hyyan\WPI\Plugin.php:38

actionplugins_loadedsrc\Hyyan\WPI\Plugin.php:39

actionadmin_initsrc\Hyyan\WPI\Plugin.php:40

actionpll_add_languagesrc\Hyyan\WPI\Plugin.php:42

actioncurrent_screensrc\Hyyan\WPI\Plugin.php:51

filterplugin_action_links_woo-poly-integration/__init__.phpsrc\Hyyan\WPI\Plugin.php:106

filterplugin_row_metasrc\Hyyan\WPI\Plugin.php:118

filterwoocommerce_get_privacy_policy_textsrc\Hyyan\WPI\Privacy.php:24

filterwoocommerce_demo_storesrc\Hyyan\WPI\Privacy.php:25

filterwoocommerce_get_terms_and_conditions_checkbox_textsrc\Hyyan\WPI\Privacy.php:26

actionwoocommerce_product_duplicatesrc\Hyyan\WPI\Product\Duplicator.php:25

actionwoocommerce_product_duplicate_before_savesrc\Hyyan\WPI\Product\Duplicator.php:29

actioncurrent_screensrc\Hyyan\WPI\Product\Meta.php:37

actionwoocommerce_product_quick_edit_savesrc\Hyyan\WPI\Product\Meta.php:40

filterwc_product_has_unique_skusrc\Hyyan\WPI\Product\Meta.php:45

actionwoocommerce_product_import_inserted_product_objectsrc\Hyyan\WPI\Product\Meta.php:51

actionwoocommerce_attribute_addedsrc\Hyyan\WPI\Product\Meta.php:56

filterpll_copy_post_metassrc\Hyyan\WPI\Product\Meta.php:87

filterpll_copy_post_metassrc\Hyyan\WPI\Product\Meta.php:122

filterpll_copy_post_metassrc\Hyyan\WPI\Product\Meta.php:142

actionsave_post_productsrc\Hyyan\WPI\Product\Meta.php:148

actionadmin_print_scriptssrc\Hyyan\WPI\Product\Meta.php:181

actionsave_postsrc\Hyyan\WPI\Product\Meta.php:798

actionadmin_print_scriptssrc\Hyyan\WPI\Product\Meta.php:814

filterpll_get_post_typessrc\Hyyan\WPI\Product\Product.php:33

filteradmin_initsrc\Hyyan\WPI\Product\Product.php:38

filterdefault_titlesrc\Hyyan\WPI\Product\Product.php:43

filterdefault_contentsrc\Hyyan\WPI\Product\Product.php:44

filterdefault_excerptsrc\Hyyan\WPI\Product\Product.php:45

filterwoocommerce_product_get_upsell_idssrc\Hyyan\WPI\Product\Product.php:59

filterwoocommerce_product_get_cross_sell_idssrc\Hyyan\WPI\Product\Product.php:60

filterwoocommerce_product_get_childrensrc\Hyyan\WPI\Product\Product.php:61

actionwoocommerce_product_set_stocksrc\Hyyan\WPI\Product\Stock.php:29

actionwoocommerce_variation_set_stocksrc\Hyyan\WPI\Product\Stock.php:32

actionwoocommerce_product_set_stocksrc\Hyyan\WPI\Product\Stock.php:46

actionwoocommerce_variation_set_stocksrc\Hyyan\WPI\Product\Stock.php:58

actionsave_post_productsrc\Hyyan\WPI\Product\Variable.php:31

actionsave_post_productsrc\Hyyan\WPI\Product\Variable.php:32

filterwoocommerce_variable_children_argssrc\Hyyan\WPI\Product\Variable.php:41

filterwoocommerce_hide_invisible_variationssrc\Hyyan\WPI\Product\Variable.php:151

actionsave_postsrc\Hyyan\WPI\Product\Variable.php:161

filterdelete_post_metadatasrc\Hyyan\WPI\Product\Variable.php:241

filteradd_post_metadatasrc\Hyyan\WPI\Product\Variable.php:242

filterupdate_post_metadatasrc\Hyyan\WPI\Product\Variable.php:243

actionadmin_print_scriptssrc\Hyyan\WPI\Product\Variable.php:394

actionadmin_enqueue_scriptssrc\Hyyan\WPI\Product\Variable.php:410

actioncurrent_screensrc\Hyyan\WPI\Product\Variable.php:431

actionadmin_print_scriptssrc\Hyyan\WPI\Product\Variable.php:442

filterwoocommerce_reports_get_order_report_datasrc\Hyyan\WPI\Reports.php:52

filterwoocommerce_reports_get_order_report_querysrc\Hyyan\WPI\Reports.php:55

filterwoocommerce_report_most_stocked_query_fromsrc\Hyyan\WPI\Reports.php:61

filterwoocommerce_report_out_of_stock_query_fromsrc\Hyyan\WPI\Reports.php:64

filterwoocommerce_report_low_in_stock_query_fromsrc\Hyyan\WPI\Reports.php:67

actionadmin_initsrc\Hyyan\WPI\Reports.php:72

actionadmin_initsrc\Hyyan\WPI\Reports.php:75

filterwoocommerce_report_sales_by_category_get_products_in_categorysrc\Hyyan\WPI\Reports.php:76

actionwp_loadedsrc\Hyyan\WPI\Shipping.php:35

filterwoocommerce_shipping_rate_labelsrc\Hyyan\WPI\Shipping.php:38

filterwoocommerce_order_shipping_methodsrc\Hyyan\WPI\Shipping.php:41

actionadmin_print_scriptssrc\Hyyan\WPI\Shipping.php:56

filterwoocommerce_get_price_suffixsrc\Hyyan\WPI\Tax.php:28

actioninitsrc\Hyyan\WPI\Taxonomies\Attributes.php:28

filterwoocommerce_attribute_labelsrc\Hyyan\WPI\Taxonomies\Attributes.php:34

actionadmin_print_scriptssrc\Hyyan\WPI\Taxonomies\Attributes.php:38

actionproduct_cat_add_form_fieldssrc\Hyyan\WPI\Taxonomies\Categories.php:29

actioncreated_termsrc\Hyyan\WPI\Taxonomies\Categories.php:32

actionedit_termsrc\Hyyan\WPI\Taxonomies\Categories.php:35

filterpll_get_taxonomiessrc\Hyyan\WPI\Taxonomies\Taxonomies.php:39

actionupdate_option_wpi-featuressrc\Hyyan\WPI\Taxonomies\Taxonomies.php:43

actionupdate_option_wpi-metas-listsrc\Hyyan\WPI\Taxonomies\Taxonomies.php:45

actionadmin_noticessrc\Hyyan\WPI\Tools\FlashMessages.php:25

filterplugin_localesrc\Hyyan\WPI\Utilities.php:598

actioninitsrc\Hyyan\WPI\Widgets\LayeredNav.php:25

filterget_product_search_formsrc\Hyyan\WPI\Widgets\SearchWidget.php:25

Maintenance & Trust

Hyyan WooCommerce Polylang Integration Maintenance & Trust

Maintenance Signals

WordPress version tested5.6.17

Last updatedFeb 16, 2021

PHP min version7.0

Downloads188K

Community Trust

Rating94/100

Number of ratings123

Active installs9K

Alternatives

Hyyan WooCommerce Polylang Integration Alternatives

WPML to Polylang

wpml-to-polylang

Import multilingual data from WPML into Polylang.

6K No CVEs

Switch Polylang To Ukrainian language

switch-polylang-to-ukrainian-language

Displays a popup with languages. For Ukraine, so that the Ukrainian version opens first by default.

20 No CVEs

Multilingual Polylang

multilingual-polylang

100

This plugin, which requires polylang

0 No CVEs

Show Language Counts for Polylang

show-language-counts-for-polylang

100

Adds per-language counts for Polylang-enabled posts and products in the admin without changing default counters. Unofficial, unaffiliated helper.

0 No CVEs

Translate Multilingual sites – TranslatePress

translatepress-multilingual

Translate your entire site directly from the front-end and go multilingual. Full support for WooCommerce, page builders + Google Translate integration

400K 5 CVEs

Developer Profile

Hyyan WooCommerce Polylang Integration Developer Profile

Hyyan Abo Fakher

1 plugin · 9K total installs

trust score

Avg Security Score

63/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Hyyan WooCommerce Polylang Integration

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/woo-poly-integration/assets/css/wpi-admin-settings.css/wp-content/plugins/woo-poly-integration/assets/css/wpi-front.css/wp-content/plugins/woo-poly-integration/assets/js/wpi-front.js

Version Parameters

/wp-content/plugins/woo-poly-integration/assets/css/wpi-admin-settings.css?ver=/wp-content/plugins/woo-poly-integration/assets/css/wpi-front.css?ver=/wp-content/plugins/woo-poly-integration/assets/js/wpi-front.js?ver=

HTML / DOM Fingerprints

CSS Classes

wpi-cart-switch-product

Data Attributes

data-product-iddata-variation-iddata-related-id

JS Globals

window.wpi_product_id

FAQ