Does Products Quick View for WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in Products Quick View for WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Products Quick View for WooCommerce compatible with WordPress 6.9.0?

According to WordPress.org data, Products Quick View for WooCommerce 2.4.0 has been tested up to WordPress 6.9.0. Check the plugin's changelog for the latest compatibility information.

How often is Products Quick View for WooCommerce updated?

Products Quick View for WooCommerce was last updated on Dec 2, 2025. Frequent updates are generally a positive security signal.

What is Products Quick View for WooCommerce's security score?

Products Quick View for WooCommerce has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Products Quick View for WooCommerce Security & Risk Analysis

wordpress.org/plugins/woocommerce-products-quick-view

Add Quick View feature to all product cards on shop, category, tag pages. Opens full product page content, add to cart without leaving the page.

100 active installs v2.4.0 PHP + WP 6.0+ Updated Dec 2, 2025

quick-viewwoocommercewoocommerce-products-quick-viewwoocommerce-quick-view

A · Safe

CVEs total2

Unpatched0

Last CVEAug 14, 2023

Download

Safety Verdict

Is Products Quick View for WooCommerce Safe to Use in 2026?

Generally Safe

Score 99/100

Products Quick View for WooCommerce has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Aug 14, 2023Updated 4mo ago

Risk Assessment

The "woocommerce-products-quick-view" plugin v2.4.0 presents a mixed security posture. On the positive side, the plugin demonstrates good practices by utilizing prepared statements for all SQL queries and has a high rate of output escaping (76%), reducing the risk of XSS vulnerabilities. The absence of dangerous functions and critical/high severity taint flows is also a strength. However, significant concerns arise from its attack surface. With 6 AJAX handlers, 4 of which lack authentication checks, there's a substantial entry point for unauthenticated users to potentially exploit. This, combined with 2 identified flows with unsanitized paths from the taint analysis, indicates potential for privilege escalation or unintended actions if these paths can be triggered by an attacker. The vulnerability history reveals a pattern of "Missing Authorization" and "CSRF" issues, with a recent high-severity vulnerability (though currently patched) and a medium-severity one existing in the past. This history suggests a recurring weakness in authorization controls and a need for robust CSRF protection, which aligns with the static analysis findings of unprotected AJAX endpoints. While the use of WordPress nonces and capability checks is present, their effectiveness is undermined by the unprotected AJAX endpoints. Therefore, despite some good coding practices, the unprotected AJAX endpoints and past authorization/CSRF vulnerabilities pose a moderate to high risk.

Key Concerns

Unprotected AJAX handlers
Flows with unsanitized paths
Past high severity vulnerability (now patched)
Past medium severity vulnerability
Common vulnerability types: Missing Authorization
Common vulnerability types: CSRF

Vulnerabilities

Products Quick View for WooCommerce Security Vulnerabilities

CVEs by Year

1 CVE in 2022

2022

1 CVE in 2023

2023

Patched Has unpatched

Severity Breakdown

High

Medium

2 total CVEs

WF-39c9f055-2527-4678-bda1-27a29ab24acd-woocommerce-products-quick-viewmedium · 4.3Missing Authorization

Products Quick View for WooCommerce <= 2.2.0 - Missing Authorization

Aug 14, 2023 Patched in 2.3.0 (162d)

WF-0a5a0ca6-f355-4110-a533-04e46c741ec9-woocommerce-products-quick-viewhigh · 8.8Cross-Site Request Forgery (CSRF)

a3 Lazy Load <= 2.6.0 - Cross-Site Request Forgery to Settings Reset

Nov 2, 2022 Patched in 2.0.2 (447d)

Code Analysis

Analyzed Mar 16, 2026

Products Quick View for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

337

1057 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

jQuery

Output Escaping

76% escaped1394 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

9 flows2 with unsanitized paths

a3_admin_ui_event (admin\admin-interface.php:174)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

4 unprotected

Products Quick View for WooCommerce Attack Surface

Entry Points6

Unprotected4

AJAX Handlers 6

authwp_ajax_quick_view_custom_template_loadadmin\woocommerce-quick-view-ultimate-init.php:54

noprivwp_ajax_quick_view_custom_template_loadadmin\woocommerce-quick-view-ultimate-init.php:55

authwp_ajax_quick_view_prettyphoto_custom_template_loadadmin\woocommerce-quick-view-ultimate-init.php:56

noprivwp_ajax_quick_view_prettyphoto_custom_template_loadadmin\woocommerce-quick-view-ultimate-init.php:57

authwp_ajax_quick_view_ultimate_reload_cartclasses\class-woocommerce-quick-view-ultimate.php:65

noprivwp_ajax_quick_view_ultimate_reload_cartclasses\class-woocommerce-quick-view-ultimate.php:66

WordPress Hooks 42

actionplugins_loadedadmin\admin-init.php:39

actionplugins_loadedadmin\admin-init.php:47

actioninitadmin\admin-interface.php:49

actioninitadmin\admin-interface.php:50

actionadmin_enqueue_scriptsadmin\admin-interface.php:65

actionadmin_enqueue_scriptsadmin\admin-interface.php:66

actionadmin_print_scriptsadmin\admin-interface.php:69

actionadmin_print_footer_scriptsadmin\admin-interface.php:70

actionadmin_enqueue_scriptsadmin\admin-interface.php:81

actionadmin_enqueue_scriptsadmin\includes\uploader\class-uploader.php:59

actionwp_enqueue_scriptsadmin\less\sass.php:22

filterfilesystem_methodadmin\less\sass.php:57

actioninitadmin\woocommerce-quick-view-ultimate-init.php:34

actionadmin_enqueue_scriptsadmin\woocommerce-quick-view-ultimate-init.php:37

actionadmin_enqueue_scriptsadmin\woocommerce-quick-view-ultimate-init.php:40

filterplugin_row_metaadmin\woocommerce-quick-view-ultimate-init.php:43

actioninitadmin\woocommerce-quick-view-ultimate-init.php:61

actionwp_enqueue_scriptsclasses\class-quick-view-dynamic-gallery.php:17

actionwpclasses\class-woocommerce-quick-view-ultimate.php:35

actionwoocommerce_before_shop_loop_itemclasses\class-woocommerce-quick-view-ultimate.php:38

actionwoocommerce_before_shop_loop_item_titleclasses\class-woocommerce-quick-view-ultimate.php:44

actionwoocommerce_before_shop_loop_item_titleclasses\class-woocommerce-quick-view-ultimate.php:47

actionwp_enqueue_scriptsclasses\class-woocommerce-quick-view-ultimate.php:51

actionwoocommerce_after_shop_loopclasses\class-woocommerce-quick-view-ultimate.php:52

actionwp_headclasses\class-woocommerce-quick-view-ultimate.php:53

actionwp_enqueue_scriptsclasses\class-woocommerce-quick-view-ultimate.php:56

actionwp_headclasses\class-woocommerce-quick-view-ultimate.php:59

actionwp_footerclasses\class-woocommerce-quick-view-ultimate.php:62

actionwp_footerclasses\class-woocommerce-quick-view-ultimate.php:114

actionresponsi_before_shop_loop_item_content_containerclasses\class-woocommerce-quick-view-ultimate.php:159

actionwoo_main_endclasses\class-woocommerce-quick-view-ultimate.php:175

actiona3rev_main_endclasses\class-woocommerce-quick-view-ultimate.php:176

actionwp_footerclasses\class-woocommerce-quick-view-ultimate.php:179

actionwp_enqueue_scriptsclasses\dynamic-gallery\class-wc-dynamic-gallery.php:18

actionwoocommerce_api_wc_product_slider_legacy_apiincludes\compatibilities\carousel-slider-plugin\functions.php:34

actionwoocommerce_after_shop_loop_itemincludes\compatibilities\carousel-slider-plugin\functions.php:39

actionwoocommerce_before_shop_loop_itemincludes\compatibilities\x-theme\x-theme.php:12

actionwoocommerce_before_shop_loop_item_titleincludes\compatibilities\x-theme\x-theme.php:17

filterblock_categories_allsrc\blocks\index.php:12

actioninitsrc\blocks\index.php:82

filterwc_quick_view_block_usedsrc\blocks\quick-view\render.php:18

actionbefore_woocommerce_initwoocommerce-quick-view-ultimate.php:47

Maintenance & Trust

Products Quick View for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.0

Last updatedDec 2, 2025

PHP min version

Downloads67K

Community Trust

Rating56/100

Number of ratings17

Active installs100

Alternatives

Products Quick View for WooCommerce Alternatives

WC Products Quick View

wc-products-quick-view

A plugin to get preview of woocommerce products from product list.

10 No CVEs

YITH WooCommerce Quick View

yith-woocommerce-quick-view

This plugin adds the possibility to have a quick preview of the products right from product list

100K 2 CVEs

Quick View for WooCommerce

woo-quickview

Add a quick view button in the product loop so visitors can quickly view product information in a nice modal without opening the product page.

2K 2 CVEs

Addonify – Quick View For WooCommerce

addonify-quick-view

Addonify WooCommerce Quick View plugin adds functionality to have a quick preview of WooCommerce product on a popup modal.

1K 2 CVEs

WPB Quick View Popup for WooCommerce

woocommerce-lightbox

Add a quick view popup to WooCommerce products so customers can preview product details without leaving the shop page.

1K 1 CVE

Developer Profile

Products Quick View for WooCommerce Developer Profile

Steve Truman

13 plugins · 117K total installs

trust score

Avg Security Score

91/100

Avg Patch Time

539 days

View full developer profile

Detection Fingerprints

How We Detect Products Quick View for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/woocommerce-products-quick-view/assets/css/a3rev-admin-ui.css/wp-content/plugins/woocommerce-products-quick-view/assets/css/bootstrap-modal.css/wp-content/plugins/woocommerce-products-quick-view/assets/css/quick-view-ultimate.css/wp-content/plugins/woocommerce-products-quick-view/assets/js/a3rev-admin-ui.js/wp-content/plugins/woocommerce-products-quick-view/assets/js/admin-scripts.js/wp-content/plugins/woocommerce-products-quick-view/assets/js/quick-view-ultimate.js/wp-content/plugins/woocommerce-products-quick-view/assets/js/woocommerce-quick-view-ultimate.js/wp-content/plugins/woocommerce-products-quick-view/src/blocks/css/editor.css+1 more

Script Paths

woocommerce-products-quick-view/assets/js/a3rev-admin-ui.jswoocommerce-products-quick-view/assets/js/admin-scripts.jswoocommerce-products-quick-view/assets/js/quick-view-ultimate.jswoocommerce-products-quick-view/assets/js/woocommerce-quick-view-ultimate.jswoocommerce-products-quick-view/src/blocks/js/index.js

Version Parameters

woocommerce-products-quick-view/assets/css/a3rev-admin-ui.css?ver=woocommerce-products-quick-view/assets/css/bootstrap-modal.css?ver=woocommerce-products-quick-view/assets/css/quick-view-ultimate.css?ver=woocommerce-products-quick-view/assets/js/a3rev-admin-ui.js?ver=woocommerce-products-quick-view/assets/js/admin-scripts.js?ver=woocommerce-products-quick-view/assets/js/quick-view-ultimate.js?ver=woocommerce-products-quick-view/assets/js/woocommerce-quick-view-ultimate.js?ver=woocommerce-products-quick-view/src/blocks/css/editor.css?ver=woocommerce-products-quick-view/src/blocks/css/style.css?ver=

HTML / DOM Fingerprints

CSS Classes

quick_view_ultimate_frontenda3rev_admin_uiwcqv_popupwcqv_containerwcqv_itemwcqv_buttonwcqv_close_buttonwcqv_button_text+46 more

HTML Comments

+1 more

Data Attributes

data-quickview-product-iddata-productiddata-iddata-product_id

JS Globals

wc_qv_admin_pagewc_quick_view_ultimatewc_quick_view_template_default_gallery_classa3rev_quick_view_paramswc_qv_paramsWC_Quick_View_Ultimate_Vars+2 more

FAQ