Does WooAmoConnector have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is WooAmoConnector compatible with WordPress 4.8.28?

According to WordPress.org data, WooAmoConnector 1.5 has been tested up to WordPress 4.8.28. Check the plugin's changelog for the latest compatibility information.

How often is WooAmoConnector updated?

WooAmoConnector was last updated on Oct 14, 2018. Frequent updates are generally a positive security signal.

What is WooAmoConnector's security score?

WooAmoConnector has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WooAmoConnector Security & Risk Analysis

wordpress.org/plugins/wooamoconnector

amoCRM (https://www.amocrm.com/) and WooCommerce - sync, integration, connection

100 active installs v1.5 PHP + WP 4.0+ Updated Oct 14, 2018

amoamocrmintegrationsyncwoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is WooAmoConnector Safe to Use in 2026?

Generally Safe

Score 85/100

WooAmoConnector has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7yr ago

Risk Assessment

The 'wooamoconnector' v1.5 plugin exhibits a generally good security posture based on the provided static analysis. The absence of identified dangerous functions, SQL injection vulnerabilities (all queries use prepared statements), and file operations is a significant strength. Furthermore, the zero known CVEs and no recorded vulnerabilities in its history suggest a mature and well-maintained codebase or limited historical exploitation. However, critical concerns arise from the complete lack of output escaping and the absence of nonce and capability checks. While the attack surface is currently minimal with no unprotected entry points, the 0% properly escaped output is a significant weakness. Any output generated by the plugin, even if not directly exploitable from the current entry points, could potentially lead to Cross-Site Scripting (XSS) vulnerabilities if the context of its usage changes or if new entry points are introduced in future versions. The single external HTTP request also warrants attention, as it could be a vector for vulnerabilities if not handled securely. The lack of any identified taint flows might be due to the limited complexity of the plugin or the analysis scope, but the absence of proper output sanitization remains a concrete risk.

Key Concerns

Output is not properly escaped
No nonce checks found
No capability checks found
One external HTTP request without details

Vulnerabilities

None known

WooAmoConnector Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

WooAmoConnector Release Timeline

No version history available.

Code Analysis

Analyzed Mar 16, 2026

WooAmoConnector Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped1 total outputs

Attack Surface

WooAmoConnector Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 11

filtercron_schedulesinc\class-root-wooac.php:11

actioninitinc\class-root-wooac.php:12

actionwooamoconnector_cron_workerinc\class-root-wooac.php:14

actionwoocommerce_order_status_changedinc\class-root-wooac.php:16

actionadmin_menuinc\class-root-wooac.php:18

actionwac_syncinc\class-root-wooac.php:19

actionwooac_added_leadinc\class-root-wooac.php:21

filterwooac_notes_addinc\class-root-wooac.php:23

actionadmin_menuinc\class-settings-api.php:7

actionadmin_initinc\class-settings-api.php:17

actionplugins_loadedwooamoconnector.php:22

Scheduled Events 1

wooamoconnector_cron_worker

Maintenance & Trust

WooAmoConnector Maintenance & Trust

Maintenance Signals

WordPress version tested4.8.28

Last updatedOct 14, 2018

PHP min version

Downloads4K

Community Trust

Rating0/100

Number of ratings0

Active installs100

Alternatives

WooAmoConnector Alternatives

WooMS

wooms

MoySklad (moysklad.ru) and WooCommerce - sync, integration, connection

500 3 unpatched

Data Sync for Xero by Wbsync

data-sync-x-by-wbsync

Automatically sync your data, like orders and inventory, from WooCommerce to Xero.

100 No CVEs

W2S Sync – WooCommerce to Shopify Sync

w2s-sync

100

Sync WooCommerce and Shopify products, orders, and customers with real-time and bidirectional sync with our WooCommerce to Shopify Sync Plugin.

90 No CVEs

Meliconnect

meliconnect

100

Seamless WooCommerce and Mercado Libre integration with real-time sync of products, stock, and prices.

50 No CVEs

ContactSync : Integration of Google Contacts for WooCommerce

contactsync-integration-of-google-contacts-for-woocommerce

100

The ContactSync Plugin syncs WooCommerce customer contacts with Google Contacts for streamlined customer management.

30 No CVEs

Developer Profile

WooAmoConnector Developer Profile

wpcraft

8 plugins · 710 total installs

trust score

Avg Security Score

79/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WooAmoConnector

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wooamoconnector/inc/assets/css/wooamoconnector.css/wp-content/plugins/wooamoconnector/inc/assets/js/wooamoconnector.js

Script Paths

/wp-content/plugins/wooamoconnector/inc/assets/js/wooamoconnector.js

HTML / DOM Fingerprints

JS Globals

wooamoconnector_ajax_object

REST Endpoints

/wp-json/wooamoconnector/v1/settings

FAQ