WP-Safety

Suggestion Engine for WooCommerce Security & Risk Analysis

wordpress.org/plugins/woo-suggestion-engine

Boost sales with product suggestions during searches and custom shortcodes to show tailored product lists for different goal.

10 active installs v2.0.9 PHP 7.0+ WP 5.0+ Updated Unknown
search-enginesearch-woocommercewoo-searchwoo-suggested-productwoocommerce-product-suggestion
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Suggestion Engine for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Suggestion Engine for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs
Risk Assessment

The "woo-suggestion-engine" v2.0.9 plugin demonstrates a strong security posture based on the provided static analysis. All identified entry points, including AJAX handlers, REST API routes, and shortcodes, appear to have proper authentication and permission checks. The code extensively utilizes prepared statements for its SQL queries, and all output is properly escaped, mitigating common risks like SQL injection and Cross-Site Scripting (XSS). The absence of dangerous functions and file operations further strengthens its security. The plugin also incorporates a good number of nonce and capability checks, indicating a proactive approach to securing its functionality.

Furthermore, the vulnerability history is exceptionally clean, with no recorded CVEs. This lack of past security incidents suggests a well-maintained codebase or a history of responsible development. The taint analysis shows no critical or high-severity flows with unsanitized paths, reinforcing the confidence in the plugin's handling of user-supplied data.

While the plugin exhibits excellent security practices, the presence of external HTTP requests, though not inherently a vulnerability, can be a potential attack vector if the target endpoints are compromised or if the data transmitted is sensitive and not adequately secured. However, given the overall lack of detected vulnerabilities and robust security controls, this plugin appears to be a relatively safe option. The strengths significantly outweigh any minor potential concerns.

Key Concerns

  • External HTTP requests
Vulnerabilities
None known

Suggestion Engine for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Suggestion Engine for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
8
16 prepared
Unescaped Output
1
248 escaped
Nonce Checks
20
Capability Checks
9
File Operations
0
External Requests
3
Bundled Libraries
1

Bundled Libraries

Select2

SQL Query Safety

67% prepared24 total queries

Output Escaping

100% escaped249 total outputs
Data Flows
All sanitized

Data Flow Analysis

2 flows
hide_notices (includes\support.php:431)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Suggestion Engine for WooCommerce Attack Surface

Entry Points8
Unprotected0

AJAX Handlers 6

authwp_ajax_viwse_search_ajax_enableincludes\admin\search-engine.php:16
authwp_ajax_viwse_background_settingsincludes\admin\search-engine.php:17
authwp_ajax_viwse_background_processing_statusincludes\admin\search-engine.php:18
authwp_ajax_viwse_save_suggestionincludes\admin\suggestion.php:13
authwp_ajax_viwse_search_productincludes\admin\suggestion.php:14
authwp_ajax_viwse_search_categoryincludes\admin\suggestion.php:15

REST API Routes 1

POST/wp-json/woo-suggestion-engine/viwse_autocomplete_historyincludes\frontend\search.php:41

Shortcodes 1

[viwse_suggestion] includes\frontend\suggestion.php:54
WordPress Hooks 28
filterplugin_action_links_woo-suggestion-engine/woo-suggestion-engine.phpincludes\admin\admin.php:9
actioninitincludes\admin\admin.php:10
actioninitincludes\admin\search-engine.php:13
actionadmin_menuincludes\admin\search-engine.php:14
actionadmin_initincludes\admin\search-engine.php:15
actionadmin_enqueue_scriptsincludes\admin\search-engine.php:19
actionadmin_initincludes\admin\search-engine.php:21
actionadmin_menuincludes\admin\suggestion.php:12
filtercron_schedulesincludes\background-process\wp-background-process.php:66
actionrest_api_initincludes\frontend\search.php:22
actionwp_enqueue_scriptsincludes\frontend\search.php:23
actioninitincludes\frontend\suggestion.php:11
actionwoocommerce_after_single_product_summaryincludes\frontend\suggestion.php:13
actionwp_enqueue_scriptsincludes\frontend\suggestion.php:55
actionadmin_enqueue_scriptsincludes\support.php:32
actionadmin_noticesincludes\support.php:33
actionadmin_initincludes\support.php:34
actionadmin_menuincludes\support.php:35
filterplugin_row_metaincludes\support.php:37
actionadmin_initincludes\support.php:39
actionadmin_bar_menuincludes\support.php:41
actionadmin_noticesincludes\support.php:52
actionadmin_footerincludes\support.php:669
actionadmin_bar_menuincludes\support.php:807
actionadmin_noticesincludes\support.php:953
filterwoocommerce_post_classincludes\templates\viwse-suggestion-html.php:35
actionplugins_loadedwoo-suggestion-engine.php:42
actionbefore_woocommerce_initwoo-suggestion-engine.php:44
Maintenance & Trust

Suggestion Engine for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedUnknown
PHP min version7.0
Downloads3K

Community Trust

Rating100/100
Number of ratings2
Active installs10
Alternatives

Suggestion Engine for WooCommerce Alternatives

BoldGrid Easy SEO – Simple and Effective SEO

BoldGrid Easy SEO – Simple and Effective SEO

boldgrid-easy-seo

A
99

Easy SEO helps you easily create keyword rich content and rank higher in the search engines.

50K 2 CVEs
WP All Import – Import SEO Settings for Yoast SEO

WP All Import – Import SEO Settings for Yoast SEO

yoast-seo-settings-xml-csv-import

A
100

Drag & drop to import from any CSV, Excel, XML, or Google Sheets file into Yoast SEO's titles, meta descriptions, focus keywords, schema sett …

20K No CVEs
Internal Links Manager

Internal Links Manager

seo-automated-link-building

A
97

Boost your SEO and get better rankings with our automated link building plugin. With this plugin you can link any keyword to any URL - internal or ext …

10K 3 CVEs
WP All Import – Import SEO Settings for Rank Math SEO

WP All Import – Import SEO Settings for Rank Math SEO

import-xml-csv-settings-to-rank-math-seo

A
100

Drag & drop to import from any CSV, Excel, XML, or Google Sheets file into Rank Math SEO's titles, meta descriptions, focus keywords, schema …

7K No CVEs
Hide from Search

Hide from Search

mpress-hide-from-search

A
100

Hide individual WordPress pages from search engines and/or WordPress searches, such as confirmation and download pages.

3K No CVEs
Developer Profile

Suggestion Engine for WooCommerce Developer Profile

VillaTheme

58 plugins · 167K total installs

78
trust score
Avg Security Score
99/100
Avg Patch Time
214 days
View full developer profile
Detection Fingerprints

How We Detect Suggestion Engine for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/woo-suggestion-engine/assets/css/frontend.css/wp-content/plugins/woo-suggestion-engine/assets/js/frontend.js
Script Paths
/wp-content/plugins/woo-suggestion-engine/assets/js/frontend.js
Version Parameters
woo-suggestion-engine/assets/css/frontend.css?ver=woo-suggestion-engine/assets/js/frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
vi-wse-search-wrappervi-wse-search-inputvi-wse-search-result-wrappervi-wse-search-result-productvi-wse-search-result-categoryvi-wse-search-result-tag
Data Attributes
data-viwse-search-enabledata-viwse-search-ajax-enabledata-viwse-search-fuzzy-enabledata-viwse-search-synonymsdata-viwse-search-history-enabledata-viwse-search-product-title+7 more
JS Globals
VIWSE_DATA_PARAMS
Shortcode Output
[viwse_search_engine][viwse_search_suggest][viwse_suggestion_products][viwse_suggestion_categories]
FAQ

Frequently Asked Questions about Suggestion Engine for WooCommerce