Does Product Widget Slider for WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in Product Widget Slider for WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Product Widget Slider for WooCommerce compatible with WordPress 6.9.0?

According to WordPress.org data, Product Widget Slider for WooCommerce 2.2.3 has been tested up to WordPress 6.9.0. Check the plugin's changelog for the latest compatibility information.

How often is Product Widget Slider for WooCommerce updated?

Product Widget Slider for WooCommerce was last updated on Dec 2, 2025. Frequent updates are generally a positive security signal.

What is Product Widget Slider for WooCommerce's security score?

Product Widget Slider for WooCommerce has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Product Widget Slider for WooCommerce Security & Risk Analysis

wordpress.org/plugins/woo-widget-product-slideshow

Beautifully lightweight, mobile & tablet responsive Product Widget Slider for WooCommerce plugin that packs a powerful marketing punch

300 active installs v2.2.3 PHP + WP 6.0+ Updated Dec 2, 2025

woocommercewoocommerce-product-imageswoocommerce-widget-product-slideshowwoocommerce-widgetswoothemes

A · Safe

CVEs total1

Unpatched0

Last CVENov 2, 2022

Download

Safety Verdict

Is Product Widget Slider for WooCommerce Safe to Use in 2026?

Generally Safe

Score 99/100

Product Widget Slider for WooCommerce has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Nov 2, 2022Updated 4mo ago

Risk Assessment

The "woo-widget-product-slideshow" plugin version 2.2.3 demonstrates a generally positive security posture with several strengths. The static analysis reveals no dangerous functions, all SQL queries are properly prepared, and a high percentage of output is correctly escaped, indicating good development practices in these critical areas. The presence of nonce and capability checks on multiple entry points is also a positive sign. However, there are areas for improvement. The taint analysis flagged two flows with unsanitized paths, which, although not classified as critical or high severity in this instance, represent a potential risk if not addressed. The plugin also makes external HTTP requests, which can introduce vulnerabilities if the target endpoints are compromised or if data is not handled securely. The vulnerability history shows one known CVE, a Cross-Site Request Forgery (CSRF), which was patched in 2022. While the absence of currently unpatched vulnerabilities is good, the past occurrence of CSRF, combined with the unsanitized path flows, suggests a need for continued vigilance and robust input validation. Overall, the plugin is relatively secure, but the identified taint flow issues and historical CSRF vulnerability warrant attention.

Key Concerns

Taint flows with unsanitized paths
External HTTP requests
Past CSRF vulnerability (patched)

Vulnerabilities

Product Widget Slider for WooCommerce Security Vulnerabilities

CVEs by Year

1 CVE in 2022

2022

Patched Has unpatched

Severity Breakdown

High

1 total CVE

WF-0a5a0ca6-f355-4110-a533-04e46c741ec9-woo-widget-product-slideshowhigh · 8.8Cross-Site Request Forgery (CSRF)

a3 Lazy Load <= 2.6.0 - Cross-Site Request Forgery to Settings Reset

Nov 2, 2022 Patched in 1.9.2 (447d)

Code Analysis

Analyzed Mar 16, 2026

Product Widget Slider for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

212

994 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

jQuery

Output Escaping

82% escaped1206 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

6 flows2 with unsanitized paths

a3_admin_ui_event (admin\admin-interface.php:174)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Product Widget Slider for WooCommerce Attack Surface

Entry Points2

Unprotected0

Shortcodes 2

[wc_product_slider] shortcodes\class-slider-shortcodes.php:31

[wc_product_slider_carousel] shortcodes\class-slider-shortcodes.php:32

WordPress Hooks 37

actionplugins_loadedadmin\admin-init.php:39

actionplugins_loadedadmin\admin-init.php:47

actioninitadmin\admin-interface.php:49

actioninitadmin\admin-interface.php:50

actionadmin_enqueue_scriptsadmin\admin-interface.php:65

actionadmin_enqueue_scriptsadmin\admin-interface.php:66

actionadmin_print_scriptsadmin\admin-interface.php:69

actionadmin_print_footer_scriptsadmin\admin-interface.php:70

actionadmin_enqueue_scriptsadmin\admin-interface.php:81

actionadmin_enqueue_scriptsadmin\includes\uploader\class-uploader.php:59

filterfilesystem_methodadmin\less\sass.php:75

actioninitadmin\plugin-init.php:28

actionadmin_enqueue_scriptsadmin\plugin-init.php:31

filterplugin_row_metaadmin\plugin-init.php:34

actionadmin_enqueue_scriptsadmin\plugin-init.php:37

actionwp_enqueue_scriptsadmin\plugin-init.php:48

actionwp_enqueue_scriptsadmin\plugin-init.php:51

actionwidgets_initadmin\plugin-init.php:62

actionadmin_footeradmin\plugin-init.php:65

actioninitadmin\plugin-init.php:69

actionplugins_loadedadmin\settings\card-skin\skin-settings.php:77

actionplugins_loadedadmin\settings\carousel\carousel-settings.php:77

actionplugins_loadedadmin\settings\global-settings.php:81

actionplugins_loadedadmin\settings\mobile-skin\skin-settings.php:77

actionplugins_loadedadmin\settings\widget-skin\skin-settings.php:81

actionwp_enqueue_scriptsclasses\class-slider-backbone.php:21

actionwp_enqueue_scriptsclasses\class-slider-backbone.php:22

actionwp_footerclasses\class-slider-backbone.php:23

actionwp_footerclasses\class-slider-mobile-display.php:31

actionplugins_loadedclasses\class-slider-wpml.php:19

actionbefore_woocommerce_initproduct-image-gallery-widget.php:48

actionmedia_buttonsshortcodes\class-slider-shortcodes.php:29

actionadmin_footershortcodes\class-slider-shortcodes.php:30

actioninitsrc\blocks\slider\block.php:41

actioninitsrc\blocks.php:21

actionenqueue_block_assetssrc\blocks.php:24

filterblock_categories_allsrc\blocks.php:29

Maintenance & Trust

Product Widget Slider for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.0

Last updatedDec 2, 2025

PHP min version

Downloads142K

Community Trust

Rating44/100

Number of ratings6

Active installs300

Alternatives

Product Widget Slider for WooCommerce Alternatives

Delete product images for WooCommerce

wc-delete-product-images

Removes product assigned images (featured and gallery only) on product delete.

1K No CVEs

Dynamic Product Gallery for WooCommerce

woocommerce-dynamic-gallery

Bring your product pages and presentation alive with Dynamic Product Gallery for WooCommerce. Beautifully.

1K 2 CVEs

TopperPack – Complete Elementor Addons, Theme & CPT Builder

topper-pack

100+ Elementor widgets & extensions for WordPress. Build stunning websites with WooCommerce tools, advanced UI elements, and regular updates.

400 1 unpatched

Custom WooCommerce Add to Cart

custom-text-on-add-to-cart-button-for-woocommerce

Customize the WooCommerce "Add to Cart" button text on a per-product basis.

100 No CVEs

Stax Addons for WooCommerce and Elementor

stax-woo-addons-for-elementor

100

Lightweight WooCommerce widgets for Elementor — product grids, image galleries, and more. Fast, modular, zero bloat.

100 No CVEs

Developer Profile

Product Widget Slider for WooCommerce Developer Profile

Steve Truman

13 plugins · 117K total installs

trust score

Avg Security Score

91/100

Avg Patch Time

539 days

View full developer profile

Detection Fingerprints

How We Detect Product Widget Slider for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/woo-widget-product-slideshow/assets/css/woo-widget-product-slideshow.css/wp-content/plugins/woo-widget-product-slideshow/assets/css/admin.css/wp-content/plugins/woo-widget-product-slideshow/assets/js/admin.js/wp-content/plugins/woo-widget-product-slideshow/assets/js/woo-widget-product-slideshow.js/wp-content/plugins/woo-widget-product-slideshow/assets/js/woo-widget-product-slideshow-admin.js/wp-content/plugins/woo-widget-product-slideshow/assets/js/cycle2.js/wp-content/plugins/woo-widget-product-slideshow/assets/js/cycle2-carousel.js/wp-content/plugins/woo-widget-product-slideshow/assets/js/cycle2-swipe.js+57 more

Script Paths

/wp-content/plugins/woo-widget-product-slideshow/assets/js/admin.js/wp-content/plugins/woo-widget-product-slideshow/assets/js/woo-widget-product-slideshow.js/wp-content/plugins/woo-widget-product-slideshow/assets/js/woo-widget-product-slideshow-admin.js/wp-content/plugins/woo-widget-product-slideshow/assets/js/cycle2.js/wp-content/plugins/woo-widget-product-slideshow/assets/js/cycle2-carousel.js/wp-content/plugins/woo-widget-product-slideshow/assets/js/cycle2-swipe.js+56 more

HTML / DOM Fingerprints

CSS Classes

wcps-widget-wrapwcps-product-image-slideshow-widgetwcps-content-wrapperwcps-img-wrapperwcps-slideshow-wrapper

HTML Comments

Data Attributes

data-cycle-slidesdata-cycle-fxdata-cycle-speeddata-cycle-timeoutdata-cycle-pause-on-hoverdata-cycle-auto-height+11 more

JS Globals

wc_product_slider_legacy_apiwc_product_slider_wpmlwc_pslider_blocks

FAQ