WP-Safety

Product Gallery Slider, Additional Variation Images for WooCommerce Security & Risk Analysis

wordpress.org/plugins/woo-product-gallery-slider

Enhance your customers' shopping experience and boost sales instantly with this WooCommerce Product Gallery Slider! 🚀

20K active installs v2.3.22 PHP 7.4+ WP 5.0+ Updated Oct 30, 2025
additional-variation-imageproduct-gallery-sliderwoocommerce-product-gallery-carouselwoocommerce-product-gallery-sliderwoocommerce-product-image-slider
99
A · Safe
CVEs total2
Unpatched0
Last CVEMay 25, 2023
Plugin page Download
Safety Verdict

Is Product Gallery Slider, Additional Variation Images for WooCommerce Safe to Use in 2026?

Generally Safe

Score 99/100

Product Gallery Slider, Additional Variation Images for WooCommerce has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: May 25, 2023Updated 5mo ago
Risk Assessment

The "woo-product-gallery-slider" plugin v2.3.22 exhibits a mixed security posture. On the positive side, the static analysis reveals robust adherence to secure coding practices in several areas. Notably, all SQL queries are properly prepared, and a significant majority of output is escaped, mitigating common web vulnerabilities. The presence of numerous nonce and capability checks on its AJAX handlers further suggests a strong defense against unauthorized actions. However, two flows with unsanitized paths identified during taint analysis are a notable concern, even if they did not reach critical or high severity. The plugin's vulnerability history, with two known medium severity CVEs, both related to Cross-Site Request Forgery (CSRF) and Missing Authorization, raises a red flag. The pattern of these past vulnerabilities, coupled with the taint analysis findings, indicates potential weaknesses in handling user-supplied data or enforcing proper access controls, despite the current checks in place. While the plugin has strengths in its SQL handling and output escaping, the past vulnerability history and the presence of unsanitized paths warrant careful attention and ongoing monitoring.

Key Concerns

  • Taint flow with unsanitized paths
  • Two known medium CVEs in history
  • Less than ideal output escaping percentage
Vulnerabilities
2

Product Gallery Slider, Additional Variation Images for WooCommerce Security Vulnerabilities

CVEs by Year

1 CVE in 2022
2022
1 CVE in 2023
2023
Patched Has unpatched

Severity Breakdown

Medium
2

2 total CVEs

CVE-2022-45372medium · 4.3Cross-Site Request Forgery (CSRF)

Product Gallery Slider for WooCommerce <= 2.2.8 - Cross-Site Request Forgery

May 25, 2023 Patched in 2.2.9 (243d)
WF-84003388-c47c-41db-8d2d-4643aa375a89-woo-product-gallery-slidermedium · 4.3Missing Authorization

Appsero <= 1.2.1 - Missing Authorization

Dec 16, 2022 Patched in 2.2.7 (699d)
Code Analysis
Analyzed Mar 16, 2026

Product Gallery Slider, Additional Variation Images for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
6 prepared
Unescaped Output
263
633 escaped
Nonce Checks
17
Capability Checks
6
File Operations
0
External Requests
2
Bundled Libraries
0

SQL Query Safety

100% prepared6 total queries

Output Escaping

71% escaped896 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

5 flows2 with unsanitized paths
product_variation (src\Product.php:97)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Product Gallery Slider, Additional Variation Images for WooCommerce Attack Surface

Entry Points8
Unprotected0

AJAX Handlers 7

authwp_ajax_csf-get-iconsincludes\codestar\functions\actions.php:50
authwp_ajax_csf-exportincludes\codestar\functions\actions.php:87
authwp_ajax_csf-importincludes\codestar\functions\actions.php:123
authwp_ajax_csf-resetincludes\codestar\functions\actions.php:150
authwp_ajax_csf-chosenincludes\codestar\functions\actions.php:189
authwp_ajax_twist_variation_ajaxsrc\Product.php:33
noprivwp_ajax_twist_variation_ajaxsrc\Product.php:34

Shortcodes 1

[product_gallery_slider] src\Product.php:30
WordPress Hooks 83
filterinstall_plugins_table_api_args_featuredincludes\class-plugin-suggest.php:8
filterplugins_api_resultincludes\class-plugin-suggest.php:23
actioninitincludes\class-plugin-suggest.php:100
actionwoocommerce_product_options_general_product_dataincludes\class-variation-images.php:15
actionwoocommerce_variation_optionsincludes\class-variation-images.php:16
actionwoocommerce_save_product_variationincludes\class-variation-images.php:17
filterwoocommerce_available_variationincludes\class-variation-images.php:18
actionadmin_enqueue_scriptsincludes\class-variation-images.php:20
actionsave_postincludes\class-variation-images.php:21
actionwp_enqueue_scriptsincludes\codestar\classes\abstract.class.php:21
actionadmin_menuincludes\codestar\classes\admin-options.class.php:107
actionadmin_bar_menuincludes\codestar\classes\admin-options.class.php:108
actionnetwork_admin_menuincludes\codestar\classes\admin-options.class.php:112
filteradmin_footer_textincludes\codestar\classes\admin-options.class.php:432
actionadd_meta_boxes_commentincludes\codestar\classes\comment-options.class.php:38
actionedit_commentincludes\codestar\classes\comment-options.class.php:39
actioncustomize_registerincludes\codestar\classes\customize-options.class.php:44
actioncustomize_save_afterincludes\codestar\classes\customize-options.class.php:45
actionwp_enqueue_scriptsincludes\codestar\classes\customize-options.class.php:49
actionadd_meta_boxesincludes\codestar\classes\metabox-options.class.php:50
actionsave_postincludes\codestar\classes\metabox-options.class.php:51
actionedit_attachmentincludes\codestar\classes\metabox-options.class.php:52
actionwp_nav_menu_item_custom_fieldsincludes\codestar\classes\nav-menu-options.class.php:32
actionwp_update_nav_menu_itemincludes\codestar\classes\nav-menu-options.class.php:33
filterwp_edit_nav_menu_walkerincludes\codestar\classes\nav-menu-options.class.php:35
actionadmin_initincludes\codestar\classes\profile-options.class.php:32
actionshow_user_profileincludes\codestar\classes\profile-options.class.php:44
actionedit_user_profileincludes\codestar\classes\profile-options.class.php:45
actionpersonal_options_updateincludes\codestar\classes\profile-options.class.php:47
actionedit_user_profile_updateincludes\codestar\classes\profile-options.class.php:48
actionafter_setup_themeincludes\codestar\classes\setup.class.php:73
actioninitincludes\codestar\classes\setup.class.php:74
actionswitch_themeincludes\codestar\classes\setup.class.php:75
actionadmin_enqueue_scriptsincludes\codestar\classes\setup.class.php:76
actionwp_enqueue_scriptsincludes\codestar\classes\setup.class.php:77
actionwp_headincludes\codestar\classes\setup.class.php:78
filteradmin_body_classincludes\codestar\classes\setup.class.php:79
actionadmin_footerincludes\codestar\classes\shortcode-options.class.php:47
actioncustomize_controls_print_footer_scriptsincludes\codestar\classes\shortcode-options.class.php:48
actionelementor/editor/before_enqueue_scriptsincludes\codestar\classes\shortcode-options.class.php:59
actionelementor/editor/footerincludes\codestar\classes\shortcode-options.class.php:60
actionelementor/editor/footerincludes\codestar\classes\shortcode-options.class.php:61
actionenqueue_block_editor_assetsincludes\codestar\classes\shortcode-options.class.php:258
actionmedia_buttonsincludes\codestar\classes\shortcode-options.class.php:262
actionadmin_initincludes\codestar\classes\taxonomy-options.class.php:41
actionadmin_footerincludes\codestar\fields\icon\icon.php:41
actioncustomize_controls_print_footer_scriptsincludes\codestar\fields\icon\icon.php:42
actionadmin_print_footer_scriptsincludes\codestar\fields\link\link.php:65
actionprint_default_editor_scriptsincludes\codestar\fields\wp_editor\wp_editor.php:62
actionadmin_menuincludes\codestar\views\welcome.php:19
filterplugin_action_linksincludes\codestar\views\welcome.php:20
filterplugin_row_metaincludes\codestar\views\welcome.php:21
actionadmin_enqueue_scriptsincludes\core.php:8
actionadmin_menuincludes\core.php:9
actionadmin_menuincludes\core.php:10
filterplugin_row_metaincludes\functions.php:51
filterwc_get_templateincludes\functions.php:69
actionwoocommerce_admin_field_payment_gatewaysincludes\functions.php:189
actionswitch_themeincludes\usage-tracking\Insights.php:135
actionswitch_themeincludes\usage-tracking\Insights.php:136
actionadmin_footerincludes\usage-tracking\Insights.php:146
actionadmin_noticesincludes\usage-tracking\Insights.php:161
actionadmin_initincludes\usage-tracking\Insights.php:164
filtercron_schedulesincludes\usage-tracking\Insights.php:168
actionadmin_menuincludes\usage-tracking\License.php:219
actionafter_switch_themeincludes\usage-tracking\License.php:781
actionswitch_themeincludes\usage-tracking\License.php:782
actionadmin_enqueue_scriptssrc\Bootstrap.php:26
actionadmin_noticessrc\Bootstrap.php:28
actioncsf_options_aftersrc\Bootstrap.php:30
actioncsf_options_beforesrc\Bootstrap.php:31
actionadmin_initsrc\Bootstrap.php:32
actionadmin_initsrc\Bootstrap.php:34
actioncsf_wpgs_form_save_aftersrc\Options.php:32
actionwp_enqueue_scriptssrc\Product.php:27
actionafter_setup_themesrc\Product.php:28
filterastra_addon_override_single_product_layoutsrc\Product.php:72
filteryith_wccl_enable_handle_variation_gallerysrc\Product.php:73
actionwoocommerce_before_single_product_summarysrc\Product.php:83
filterwoocommerce_gallery_image_sizesrc\Product.php:85
actionbefore_woocommerce_initwoo-product-gallery-slider.php:26
actionadmin_initwoo-product-gallery-slider.php:87
actionwoocommerce_loadedwoo-product-gallery-slider.php:88
Maintenance & Trust

Product Gallery Slider, Additional Variation Images for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedOct 30, 2025
PHP min version7.4
Downloads717K

Community Trust

Rating92/100
Number of ratings157
Active installs20K
Alternatives

Product Gallery Slider, Additional Variation Images for WooCommerce Alternatives

Product Gallery Slider, Additional Variation Images, Product Video, Product Image Zoom and Lightbox for WooCommerce – WooGallery

Product Gallery Slider, Additional Variation Images, Product Video, Product Image Zoom and Lightbox for WooCommerce – WooGallery

gallery-slider-for-woocommerce

A
100

🔥 All-in-One WooCommerce Product Image and Video Gallery Solution to Enhance Your Customers' Shopping Experience and Boost Sales Instantly! 🚀

20K No CVEs
TP WooCommerce Product Gallery

TP WooCommerce Product Gallery

tp-woocommerce-product-gallery

A
100

Increase your sales by change woocommerce default product gallery to beautiful gallery with a lot of new features.

1K No CVEs
Product Image and Video Gallery Slider for WooCommerce

Product Image and Video Gallery Slider for WooCommerce

product-gallery-slider-for-wc

A
100

Beautiful image and video gallery slider for WooCommerce products.

600 No CVEs
Product Gallery, Magazine & Grid View for WooCommerce

Product Gallery, Magazine & Grid View for WooCommerce

prg-product-gallery

A
100

Product Gallery, Magazine & Grid View Plugin.

0 No CVEs
WPA WooCommerce Product Gallery Slider Lite

WPA WooCommerce Product Gallery Slider Lite

wpa-woocommerce-product-gallery-lite

A
85

The most beautiful image gallery for WooCommerce product single page, this gallery support image zoom and image popup.

400 No CVEs
Developer Profile

Product Gallery Slider, Additional Variation Images for WooCommerce Developer Profile

Niloy - Codeixer

7 plugins · 29K total installs

76
trust score
Avg Security Score
96/100
Avg Patch Time
856 days
View full developer profile
Detection Fingerprints

How We Detect Product Gallery Slider, Additional Variation Images for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/woo-product-gallery-slider/assets/css/admin.css/wp-content/plugins/woo-product-gallery-slider/assets/js/admin.js/wp-content/plugins/woo-product-gallery-slider/assets/js/public.js/wp-content/plugins/woo-product-gallery-slider/includes/codestar/assets/css/framework.css/wp-content/plugins/woo-product-gallery-slider/includes/codestar/assets/js/framework.js
Script Paths
/wp-content/plugins/woo-product-gallery-slider/assets/js/admin.js/wp-content/plugins/woo-product-gallery-slider/assets/js/public.js/wp-content/plugins/woo-product-gallery-slider/includes/codestar/assets/js/framework.js
Version Parameters
woo-product-gallery-slider/assets/css/admin.css?ver=woo-product-gallery-slider/assets/js/admin.js?ver=woo-product-gallery-slider/assets/js/public.js?ver=woo-product-gallery-slider/includes/codestar/assets/css/framework.css?ver=woo-product-gallery-slider/includes/codestar/assets/js/framework.js?ver=

HTML / DOM Fingerprints

CSS Classes
wpgs-variation-gallery
HTML Comments
<!-- Product Gallery Slider for Woocommerce --><!-- Product Gallery Slider -->
Data Attributes
data-wpgs-image-iddata-wpgs-variation-iddata-wpgs-gallery-iddata-wpgs-slider-options
JS Globals
wpgs_product_data
FAQ

Frequently Asked Questions about Product Gallery Slider, Additional Variation Images for WooCommerce