Does Simple Registration for WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in Simple Registration for WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Simple Registration for WooCommerce compatible with WordPress 6.8.5?

According to WordPress.org data, Simple Registration for WooCommerce 1.5.9 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

How often is Simple Registration for WooCommerce updated?

Simple Registration for WooCommerce was last updated on Oct 23, 2025. Frequent updates are generally a positive security signal.

What is Simple Registration for WooCommerce's security score?

Simple Registration for WooCommerce has a WP-Safety security score of 91/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Simple Registration for WooCommerce Security & Risk Analysis

wordpress.org/plugins/woocommerce-simple-registration

A simple plugin to add a [woocommerce_simple_registration] shortcode to display the registration form on a separate page.

4K active installs v1.5.9 PHP + WP 4.7.0+ Updated Oct 23, 2025

woocommercewoocommerce-formwoocommerce-registerwoocommerce-registrationwoocommerce-registration-form

A · Safe

CVEs total2

Unpatched0

Last CVEOct 24, 2025

Plugin page Download

Safety Verdict

Is Simple Registration for WooCommerce Safe to Use in 2026?

Generally Safe

Score 91/100

Simple Registration for WooCommerce has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Oct 24, 2025Updated 5mo ago

Risk Assessment

The "woocommerce-simple-registration" plugin v1.5.9 exhibits a mixed security posture. While the static analysis shows a generally good foundation with no identified dangerous functions, 100% of SQL queries using prepared statements, and reasonable output escaping (77%), there are significant concerns stemming from its vulnerability history. The presence of two known CVEs, including one critical and one high severity, indicates a pattern of past security weaknesses. The types of past vulnerabilities, Cross-Site Request Forgery (CSRF) and Incorrect Privilege Assignment, are serious and can lead to unauthorized actions or data breaches. Although currently there are no unpatched vulnerabilities, the historical data suggests a need for vigilance.

The static analysis data indicates a very small attack surface with only one shortcode as an entry point, and importantly, no unprotected entry points. Taint analysis also found no issues, which is a positive sign. However, the vulnerability history overshadows these strengths. The fact that vulnerabilities have been discovered, including critical ones, suggests that past implementations may not have adequately secured against common attack vectors or properly handled user privileges. This historical context warrants a cautious approach to this plugin.

In conclusion, while the current version's static analysis report is largely positive regarding coding practices and attack surface, the plugin's past security incidents are a significant red flag. The presence of past critical and high severity vulnerabilities related to CSRF and privilege assignment necessitates a thorough review of any site using this plugin to ensure these issues have been permanently remediated and that future updates maintain a strong security focus. The plugin's strengths lie in its minimal attack surface and adherence to secure coding practices in the analyzed aspects, but its weaknesses are defined by its documented history of exploitable flaws.

Key Concerns

Known critical severity CVE
Known high severity CVE
Bundled outdated library: DataTables
Bundled outdated library: Select2

Vulnerabilities

Simple Registration for WooCommerce Security Vulnerabilities

CVEs by Year

1 CVE in 2024

2024

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Critical

High

2 total CVEs

CVE-2025-12095high · 8.8Cross-Site Request Forgery (CSRF)

Simple Registration for WooCommerce <= 1.5.8 - Cross-Site Request Forgery to Privilege Escalation via Role Request Approval

Oct 24, 2025 Patched in 1.5.9 (1d)

CVE-2024-32511critical · 9.8Incorrect Privilege Assignment

Simple Registration for WooCommerce <= 1.5.6 - Unauthenticated Privilege Escalation

Apr 15, 2024 Patched in 1.5.7 (37d)

Code Analysis

Analyzed Mar 16, 2026

Simple Registration for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

27 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

DataTablesSelect2

Output Escaping

77% escaped35 total outputs

Data Flows

All sanitized

Data Flow Analysis

5 flows

display_role_requests_page (includes\display-role-admin.php:126)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Simple Registration for WooCommerce Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[woocommerce_simple_registration] woocommerce-simple-registration.php:85

WordPress Hooks 12

actionadmin_menuincludes\display-role-admin.php:4

actionadmin_initincludes\display-role-admin.php:53

filterwoocommerce_social_login_settingsincludes\wc-social-login.php:27

actionwoocommerce_register_form_endincludes\wc-social-login.php:30

actionadmin_print_styleswoocommerce-simple-registration.php:27

filterbody_classwoocommerce-simple-registration.php:88

actionwoocommerce_register_form_startwoocommerce-simple-registration.php:91

actionwoocommerce_created_customerwoocommerce-simple-registration.php:92

filterwoocommerce_account_settingswoocommerce-simple-registration.php:95

filterregister_urlwoocommerce-simple-registration.php:98

actionuser_registerwoocommerce-simple-registration.php:112

actionplugins_loadedwoocommerce-simple-registration.php:391

Maintenance & Trust

Simple Registration for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedOct 23, 2025

PHP min version

Downloads183K

Community Trust

Rating70/100

Number of ratings17

Active installs4K

Alternatives

Simple Registration for WooCommerce Alternatives

Nss Wooregistration Form

nss-wooregistration-form

Custom woocommerce login/registration form with custom fields.

70 No CVEs

RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login

custom-registration-form-builder-with-submission-manager

Create customized user registration forms, accept payments, track submissions, manage users, analyze stats, assign user roles and more!

9K 44 CVEs

Extra Product Options Builder for WooCommerce

additional-product-fields-for-woocommerce

The most customizable extra product options builder for WooCommerce. You will love how many fields and features the free version has.

2K 2 CVEs

Registration Form for WooCommerce

registration-form-for-woocommerce

100

Easily collect additional customer information by adding custom fields to the default WooCommerce registration form using the Registration Form for Wo …

900 No CVEs

One-Click Post Checkout Registration for WooCommerce

post-checkout-registration-for-woocommerce

100

Reduce abandonment and allows guest users to register after checkout with one-click.

60 No CVEs

Developer Profile

Simple Registration for WooCommerce Developer Profile

Astoundify

10 plugins · 23K total installs

trust score

Avg Security Score

90/100

Avg Patch Time

31 days

View full developer profile

Detection Fingerprints

How We Detect Simple Registration for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/woocommerce-simple-registration/assets/css/bootstrap.min.css/wp-content/plugins/woocommerce-simple-registration/assets/css/dataTables.bootstrap5.css/wp-content/plugins/woocommerce-simple-registration/assets/select2/css/select2.min.css/wp-content/plugins/woocommerce-simple-registration/assets/js/bootstrap.bundle.min.js/wp-content/plugins/woocommerce-simple-registration/assets/js/custom.js/wp-content/plugins/woocommerce-simple-registration/assets/js/dataTables.bootstrap5.js/wp-content/plugins/woocommerce-simple-registration/assets/js/dataTables.js/wp-content/plugins/woocommerce-simple-registration/assets/select2/js/select2.full.min.js

Script Paths

/wp-content/plugins/woocommerce-simple-registration/assets/select2/js/select2.full.min.js/wp-content/plugins/woocommerce-simple-registration/assets/js/bootstrap.bundle.min.js/wp-content/plugins/woocommerce-simple-registration/assets/js/dataTables.js/wp-content/plugins/woocommerce-simple-registration/assets/js/dataTables.bootstrap5.js/wp-content/plugins/woocommerce-simple-registration/assets/js/custom.js

Version Parameters

woocommerce-simple-registration/assets/select2/css/select2.min.css?ver=woocommerce-simple-registration/assets/select2/js/select2.full.min.js?ver=woocommerce-simple-registration/assets/css/bootstrap.min.css?ver=woocommerce-simple-registration/assets/css/dataTables.bootstrap5.css?ver=woocommerce-simple-registration/assets/js/bootstrap.bundle.min.js?ver=woocommerce-simple-registration/assets/js/dataTables.js?ver=woocommerce-simple-registration/assets/js/dataTables.bootstrap5.js?ver=woocommerce-simple-registration/assets/js/custom.js?ver=

HTML / DOM Fingerprints

CSS Classes

woocommerce-registerwoocommerce-accountwoocommerce-page

Data Attributes

id="reg_sr_firstname"id="reg_sr_lastname"name="sr_firstname"name="sr_lastname"name="role_request"

JS Globals

select2

Shortcode Output

[woocommerce_simple_registration]

FAQ