WP-Safety

Product Sort and Display for WooCommerce Security & Risk Analysis

wordpress.org/plugins/woocommerce-product-sort-and-display

Create a true Supermarket shopping experience. Sort and show products on Shop page by category - auto show On Sale or Featured first, Endless Scroll.

2K active installs v2.4.4 PHP + WP 6.0+ Updated Apr 14, 2026
woocommercewoocommerce-product-displaywoocommerce-product-sortwoocommerce-productswoocommerce-shop-page
99
A · Safe
CVEs total2
Unpatched0
Last CVEApr 1, 2024
Download
Safety Verdict

Is Product Sort and Display for WooCommerce Safe to Use in 2026?

Generally Safe

Score 99/100

Product Sort and Display for WooCommerce has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

2 known CVEsLast CVE: Apr 1, 2024Updated 1mo ago
Risk Assessment

The "woocommerce-product-sort-and-display" plugin v2.4.3 exhibits a generally good security posture with a high percentage of prepared SQL statements and properly escaped output. However, there are notable concerns. The presence of one AJAX handler without authentication checks presents a significant risk, as it could be exploited by unauthenticated users. The taint analysis also revealed four flows with unsanitized paths, indicating potential vulnerabilities if these paths are user-controlled and not properly validated. The vulnerability history shows two past CVEs, with one high and one medium severity, and a recent vulnerability in April 2024. This history suggests a pattern of recurring security issues, particularly related to missing authorization and CSRF, which requires diligent patching and secure coding practices. While the plugin demonstrates strengths in data handling, the unprotected AJAX endpoint and past vulnerability trends are weaknesses that warrant attention.

Key Concerns

  • Unprotected AJAX handler detected
  • Flows with unsanitized paths found (4)
  • One high severity past CVE
  • One medium severity past CVE
  • Recent vulnerability (2024-04-01)
Vulnerabilities
2 published

Product Sort and Display for WooCommerce Security Vulnerabilities

CVEs by Year

1 CVE in 2022
2022
1 CVE in 2024
2024
Patched Has unpatched

Severity Breakdown

High
1
Medium
1

2 total CVEs

CVE-2024-1807medium · 6.5Missing Authorization

Product Sort and Display for WooCommerce <= 2.4.1 - Missing Authorization

Apr 1, 2024 Patched in 2.4.2 (1d)
WF-0a5a0ca6-f355-4110-a533-04e46c741ec9-woocommerce-product-sort-and-displayhigh · 8.8Cross-Site Request Forgery (CSRF)

a3 Lazy Load <= 2.6.0 - Cross-Site Request Forgery to Settings Reset

Nov 2, 2022 Patched in 2.2.3 (447d)
Version History

Product Sort and Display for WooCommerce Release Timeline

v2.4.4Current
v2.4.3
v2.4.2
v2.4.11 CVE
CVE-2024-1807
v2.4.01 CVE
CVE-2024-1807
v2.3.01 CVE
CVE-2024-1807
v2.2.41 CVE
CVE-2024-1807
v2.2.31 CVE
CVE-2024-1807
v2.2.22 CVEs
WF-0a5a0ca6-f355-4110-a533-04e46c741ec9-woocommerce-product-sort-and-display CVE-2024-1807
v2.2.12 CVEs
WF-0a5a0ca6-f355-4110-a533-04e46c741ec9-woocommerce-product-sort-and-display CVE-2024-1807
v2.2.02 CVEs
WF-0a5a0ca6-f355-4110-a533-04e46c741ec9-woocommerce-product-sort-and-display CVE-2024-1807
v2.1.02 CVEs
WF-0a5a0ca6-f355-4110-a533-04e46c741ec9-woocommerce-product-sort-and-display CVE-2024-1807
v2.0.152 CVEs
WF-0a5a0ca6-f355-4110-a533-04e46c741ec9-woocommerce-product-sort-and-display CVE-2024-1807
v2.0.142 CVEs
WF-0a5a0ca6-f355-4110-a533-04e46c741ec9-woocommerce-product-sort-and-display CVE-2024-1807
v2.0.132 CVEs
WF-0a5a0ca6-f355-4110-a533-04e46c741ec9-woocommerce-product-sort-and-display CVE-2024-1807
v2.0.122 CVEs
WF-0a5a0ca6-f355-4110-a533-04e46c741ec9-woocommerce-product-sort-and-display CVE-2024-1807
v2.0.112 CVEs
WF-0a5a0ca6-f355-4110-a533-04e46c741ec9-woocommerce-product-sort-and-display CVE-2024-1807
v2.0.92 CVEs
WF-0a5a0ca6-f355-4110-a533-04e46c741ec9-woocommerce-product-sort-and-display CVE-2024-1807
v2.0.82 CVEs
WF-0a5a0ca6-f355-4110-a533-04e46c741ec9-woocommerce-product-sort-and-display CVE-2024-1807
v2.0.72 CVEs
WF-0a5a0ca6-f355-4110-a533-04e46c741ec9-woocommerce-product-sort-and-display CVE-2024-1807
Code Analysis
Analyzed Mar 16, 2026

Product Sort and Display for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
1
22 prepared
Unescaped Output
86
983 escaped
Nonce Checks
9
Capability Checks
6
File Operations
2
External Requests
4
Bundled Libraries
1

Bundled Libraries

jQuery

SQL Query Safety

96% prepared23 total queries

Output Escaping

92% escaped1069 total outputs
Data Flows · Security
4 unsanitized

Data Flow Analysis

11 flows4 with unsanitized paths
a3_admin_ui_event (admin\admin-interface.php:174)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

Product Sort and Display for WooCommerce Attack Surface

Entry Points9
Unprotected1

AJAX Handlers 9

authwp_ajax_woocommerce_feature_productclasses\class-wc-psad-admin-hook.php:43
noprivwp_ajax_woocommerce_feature_productclasses\class-wc-psad-admin-hook.php:44
authwp_ajax_psad_yellow_message_dontshowclasses\class-wc-psad-admin-hook.php:47
noprivwp_ajax_psad_yellow_message_dontshowclasses\class-wc-psad-admin-hook.php:48
authwp_ajax_psad_yellow_message_dismissclasses\class-wc-psad-admin-hook.php:51
noprivwp_ajax_psad_yellow_message_dismissclasses\class-wc-psad-admin-hook.php:52
authwp_ajax_woocommerce_term_orderingclasses\class-wc-psad-admin-hook.php:58
authwp_ajax_psad_update_product_cat_custom_metaclasses\class-wc-psad-admin-hook.php:62
noprivwp_ajax_psad_update_product_cat_custom_metaclasses\class-wc-psad-admin-hook.php:63
WordPress Hooks 53
actionplugins_loadedadmin\admin-init.php:39
actionplugins_loadedadmin\admin-init.php:47
actioninitadmin\admin-interface.php:49
actioninitadmin\admin-interface.php:50
actionadmin_enqueue_scriptsadmin\admin-interface.php:65
actionadmin_enqueue_scriptsadmin\admin-interface.php:66
actionadmin_print_scriptsadmin\admin-interface.php:69
actionadmin_print_footer_scriptsadmin\admin-interface.php:70
actionadmin_enqueue_scriptsadmin\admin-interface.php:81
actionadmin_enqueue_scriptsadmin\includes\uploader\class-uploader.php:59
actionwp_enqueue_scriptsadmin\less\sass.php:22
filterfilesystem_methodadmin\less\sass.php:57
actionplugins_loadedadmin\settings\endless-scroll-settings.php:81
actionplugins_loadedadmin\settings\global-settings.php:81
actionplugins_loadedadmin\settings\view-all-count-meta-settings.php:81
actioninitadmin\wc-psad-init.php:39
actionadmin_enqueue_scriptsadmin\wc-psad-init.php:42
filterplugin_row_metaadmin\wc-psad-init.php:45
actionsave_postadmin\wc-psad-init.php:57
filterwoocommerce_catalog_orderbyadmin\wc-psad-init.php:60
filterwoocommerce_get_catalog_ordering_argsadmin\wc-psad-init.php:63
actioninitadmin\wc-psad-init.php:66
actionproduct_cat_add_form_fieldsclasses\class-wc-psad-admin-hook.php:27
actionproduct_cat_edit_formclasses\class-wc-psad-admin-hook.php:28
actioncreated_termclasses\class-wc-psad-admin-hook.php:29
actionedit_termclasses\class-wc-psad-admin-hook.php:30
filtermanage_edit-product_cat_columnsclasses\class-wc-psad-admin-hook.php:33
filtermanage_product_cat_custom_columnclasses\class-wc-psad-admin-hook.php:34
actionwp_enqueue_scriptsclasses\class-wc-psad-admin-hook.php:37
filterwoocommerce_default_catalog_orderby_optionsclasses\class-wc-psad-admin-hook.php:40
actionadmin_footerclasses\class-wc-psad-admin-hook.php:97
actionadmin_footerclasses\class-wc-psad-admin-hook.php:98
actionadmin_footerclasses\class-wc-psad-admin-hook.php:99
actionadmin_footerclasses\class-wc-psad-admin-hook.php:100
actionadmin_print_scriptsclasses\class-wc-psad-admin-hook.php:101
actionadmin_print_footer_scriptsclasses\class-wc-psad-admin-hook.php:102
filterposts_clausesclasses\class-wc-psad-functions.php:101
filterposts_clausesclasses\class-wc-psad-functions.php:117
filterposts_clausesclasses\class-wc-psad-functions.php:120
filterposts_clausesclasses\class-wc-psad-functions.php:123
filterloop_shop_per_pageclasses\class-wc-psad.php:43
actionresponsi_headclasses\class-wc-psad.php:46
actionwoo_headclasses\class-wc-psad.php:47
actionwp_headclasses\class-wc-psad.php:48
actionwoocommerce_before_shop_loopclasses\class-wc-psad.php:51
actionwoocommerce_before_shop_loopclasses\class-wc-psad.php:54
filterwoocommerce_product_subcategories_argsclasses\class-wc-psad.php:59
actionwoocommerce_before_shop_loopclasses\class-wc-psad.php:60
actionwoocommerce_after_shop_loopclasses\class-wc-psad.php:61
actionwoocommerce_after_shop_loopclasses\class-wc-psad.php:64
actionwp_enqueue_scriptsclasses\class-wc-psad.php:67
filterposts_clausesclasses\class-wc-psad.php:493
actionbefore_woocommerce_initwc-psad.php:45
Maintenance & Trust

Product Sort and Display for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested7.0
Last updatedApr 14, 2026
PHP min version
Downloads320K

Community Trust

Rating62/100
Number of ratings45
Active installs2K
Alternatives

Product Sort and Display for WooCommerce Alternatives

Product Import Export for WooCommerce – Import Export Product CSV Suite

Product Import Export for WooCommerce – Import Export Product CSV Suite

product-import-export-for-woo

A
94

Easily import/export WooCommerce products (simple, grouped, external/affiliate) via CSV. Transfer product data, including images, reviews, categories, &hellip;

90K 7 CVEs
WP All Import – Product Import for WooCommerce

WP All Import – Product Import for WooCommerce

woocommerce-xml-csv-product-import

A
100

Drag & drop to import products from any CSV, XML, Excel, or Google Sheets file. Supports variations, images, attributes, brands, and more with pow &hellip;

20K No CVEs
WP All Export – Product Export Add-On for WooCommerce

WP All Export – Product Export Add-On for WooCommerce

product-export-for-woocommerce

A
100

Drag & drop to export products to CSV, Excel, or XML files of any format. Supports variations, images, attributes, brands, and more with powerful &hellip;

10K No CVEs
Products Per Page for WooCommerce

Products Per Page for WooCommerce

woocommerce-products-per-page

A
100

Products Per Page for WooCommerce is a easy-to-setup plugin that integrates a 'products per page' dropdown on your WooCommerce pages.

10K No CVEs
Export All Posts, Products, Orders, Refunds & Users

Export All Posts, Products, Orders, Refunds & Users

wp-ultimate-exporter

B
77

Export any WordPress website including WooCommerce data seamlessly with our powerful export plugin. Save records as CSV, XML, or Excel file for secure &hellip;

9K 9 CVEs
Developer Profile

Product Sort and Display for WooCommerce Developer Profile

Steve Truman

13 plugins · 107K total installs

73
trust score
Avg Security Score
91/100
Avg Patch Time
539 days
View full developer profile
Detection Fingerprints

How We Detect Product Sort and Display for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/woocommerce-product-sort-and-display/assets/css/admin-style.css/wp-content/plugins/woocommerce-product-sort-and-display/assets/css/font-awesome.css/wp-content/plugins/woocommerce-product-sort-and-display/assets/css/frontend.css/wp-content/plugins/woocommerce-product-sort-and-display/assets/css/woocommerce-product-sort-and-display.css/wp-content/plugins/woocommerce-product-sort-and-display/assets/js/admin.js/wp-content/plugins/woocommerce-product-sort-and-display/assets/js/frontend.js/wp-content/plugins/woocommerce-product-sort-and-display/assets/js/woocommerce-product-sort-and-display.js/wp-content/plugins/woocommerce-product-sort-and-display/assets/js/bootstrap/modal.min.css+4 more
Script Paths
/wp-content/plugins/woocommerce-product-sort-and-display/assets/js/admin.js/wp-content/plugins/woocommerce-product-sort-and-display/assets/js/frontend.js/wp-content/plugins/woocommerce-product-sort-and-display/assets/js/woocommerce-product-sort-and-display.js/wp-content/plugins/woocommerce-product-sort-and-display/assets/js/bootstrap/util.min.js/wp-content/plugins/woocommerce-product-sort-and-display/assets/js/bootstrap/modal.min.js/wp-content/plugins/woocommerce-product-sort-and-display/assets/js/bootstrap/popper.min.js
Version Parameters
/wp-content/plugins/woocommerce-product-sort-and-display/assets/css/admin-style.css?ver=/wp-content/plugins/woocommerce-product-sort-and-display/assets/css/font-awesome.css?ver=/wp-content/plugins/woocommerce-product-sort-and-display/assets/css/frontend.css?ver=/wp-content/plugins/woocommerce-product-sort-and-display/assets/css/woocommerce-product-sort-and-display.css?ver=/wp-content/plugins/woocommerce-product-sort-and-display/assets/js/admin.js?ver=/wp-content/plugins/woocommerce-product-sort-and-display/assets/js/frontend.js?ver=/wp-content/plugins/woocommerce-product-sort-and-display/assets/js/woocommerce-product-sort-and-display.js?ver=/wp-content/plugins/woocommerce-product-sort-and-display/assets/js/bootstrap/modal.min.css?ver=/wp-content/plugins/woocommerce-product-sort-and-display/assets/js/bootstrap/util.min.js?ver=/wp-content/plugins/woocommerce-product-sort-and-display/assets/js/bootstrap/modal.min.js?ver=/wp-content/plugins/woocommerce-product-sort-and-display/assets/css/popover.min.css?ver=/wp-content/plugins/woocommerce-product-sort-and-display/assets/js/bootstrap/popper.min.js?ver=

HTML / DOM Fingerprints

CSS Classes
wc-psad-admina3rev-wcpsad-admin-ui-eventwc_psad_contentwc_psad_product_display_shortcode
HTML Comments
<!-- A3rev Plugin Admin Interface --><!-- Init scripts --><!-- Init styles --><!-- Admin Interface Constructor -->+4 more
Data Attributes
data-a3rev-wcpsad-actiondata-a3rev-wcpsad-nonce
JS Globals
wc_psad_admin_paramswc_psad_frontend_paramsa3rev_wcpsad_params
REST Endpoints
/wp-json/wc-psad/v1/settings
Shortcode Output
[wc_psad_product_display]
FAQ

Frequently Asked Questions about Product Sort and Display for WooCommerce