WP-Safety

StoreCustomizer – A plugin to Customize all WooCommerce Pages Security & Risk Analysis

wordpress.org/plugins/woocustomizer

A store editor plugin for editing all WooCommerce store and product pages, cart, checkout and user account pages, all within the WordPress Customizer

20K active installs v2.6.3 PHP 5.6+ WP 5.0+ Updated Jul 11, 2025
customize-woocommerceecommerceonline-storewoocommercewoocommerce-addons
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is StoreCustomizer – A plugin to Customize all WooCommerce Pages Safe to Use in 2026?

Generally Safe

Score 100/100

StoreCustomizer – A plugin to Customize all WooCommerce Pages has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8mo ago
Risk Assessment

The woocustomizer v2.6.3 plugin exhibits a mixed security posture. On the positive side, it demonstrates strong output escaping practices with 92% of outputs properly escaped and no critical or high severity taint flows identified. Furthermore, the plugin has no recorded vulnerabilities or CVEs, suggesting a history of reasonably secure development. However, significant concerns arise from the static analysis. The presence of one unprotected AJAX handler represents a direct entry point that could be exploited by attackers without proper authentication. Additionally, all SQL queries are executed without prepared statements, which opens the door to potential SQL injection vulnerabilities, especially if any of the input data is not meticulously sanitized before being used in these queries. The lack of nonce checks on the AJAX handler is also a notable weakness.

Key Concerns

  • Unprotected AJAX handler found
  • Raw SQL queries without prepared statements
  • Bundled Freemius v1.0 library
  • No nonce checks on AJAX handlers
Vulnerabilities
None known

StoreCustomizer – A plugin to Customize all WooCommerce Pages Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

StoreCustomizer – A plugin to Customize all WooCommerce Pages Code Analysis

Dangerous Functions
0
Raw SQL Queries
2
0 prepared
Unescaped Output
25
291 escaped
Nonce Checks
0
Capability Checks
4
File Operations
0
External Requests
0
Bundled Libraries
1

Bundled Libraries

Freemius1.0

SQL Query Safety

0% prepared2 total queries

Output Escaping

92% escaped316 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

7 flows2 with unsanitized paths
settings_page (includes\class-wcz-settings.php:616)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

StoreCustomizer – A plugin to Customize all WooCommerce Pages Attack Surface

Entry Points1
Unprotected1

AJAX Handlers 1

authwp_ajax_wcz_admin_get_product_statsincludes\inc\woocommerce.php:12
WordPress Hooks 108
actionsave_postincludes\class-wcz-admin-api.php:21
actioninitincludes\class-wcz-settings.php:64
actionadmin_initincludes\class-wcz-settings.php:67
actionadmin_menuincludes\class-wcz-settings.php:70
actionadmin_initincludes\class-wcz.php:132
actionadmin_noticesincludes\class-wcz.php:133
actionadmin_initincludes\class-wcz.php:134
actionadmin_noticesincludes\class-wcz.php:135
actionwp_enqueue_scriptsincludes\class-wcz.php:137
actionwp_enqueue_scriptsincludes\class-wcz.php:138
actionadmin_enqueue_scriptsincludes\class-wcz.php:140
actionadmin_enqueue_scriptsincludes\class-wcz.php:146
actioncustomize_controls_enqueue_scriptsincludes\class-wcz.php:154
actioncustomize_controls_enqueue_scriptsincludes\class-wcz.php:155
actioninitincludes\class-wcz.php:163
actioncustomize_registerincludes\customizer\customizer-library\extensions\interface.php:152
actioninitincludes\customizer\customizer-library\extensions\style-builder.php:267
actioninitincludes\customizer\customizer-options.php:2734
actioncustomizer_library_stylesincludes\customizer\styles.php:1289
actionwp_enqueue_scriptsincludes\customizer\styles.php:1313
filterinitincludes\inc\woocommerce.php:16
filterbody_classincludes\inc\woocommerce.php:46
filteradmin_body_classincludes\inc\woocommerce.php:61
filterloop_shop_per_pageincludes\inc\woocommerce.php:86
filterwoocommerce_product_thumbnails_columnsincludes\inc\woocommerce.php:96
filterwoocommerce_upsell_display_argsincludes\inc\woocommerce.php:107
filterwoocommerce_output_related_products_argsincludes\inc\woocommerce.php:124
filterwoocommerce_cross_sells_columnsincludes\inc\woocommerce.php:134
filterwoocommerce_cross_sells_totalincludes\inc\woocommerce.php:140
filterloop_shop_columnsincludes\inc\woocommerce.php:146
filterwoocommerce_product_single_add_to_cart_textincludes\inc\woocommerce.php:153
filterwoocommerce_product_add_to_cart_textincludes\inc\woocommerce.php:159
filterwoocommerce_sale_flashincludes\inc\woocommerce.php:162
filterwoocommerce_get_availabilityincludes\inc\woocommerce.php:171
filterwoocommerce_show_page_titleincludes\inc\woocommerce.php:190
actionwoocommerce_product_meta_startincludes\inc\woocommerce.php:194
filterwc_product_sku_enabledincludes\inc\woocommerce.php:198
actionwoocommerce_after_shop_loop_itemincludes\inc\woocommerce.php:201
filterwoocommerce_checkout_coupon_messageincludes\inc\woocommerce.php:205
filtergettextincludes\inc\woocommerce.php:206
filtergettextincludes\inc\woocommerce.php:209
filterwoocommerce_coupons_enabledincludes\inc\woocommerce.php:217
filtergettextincludes\inc\woocommerce.php:221
filterwoocommerce_checkout_fieldsincludes\inc\woocommerce.php:225
filterwoocommerce_subcategory_count_htmlincludes\inc\woocommerce.php:229
actionwoocommerce_after_shop_loop_itemincludes\inc\woocommerce.php:234
actionwoocommerce_after_shop_loop_itemincludes\inc\woocommerce.php:236
actionwoocommerce_shop_loop_item_titleincludes\inc\woocommerce.php:242
actionwoocommerce_after_shop_loop_itemincludes\inc\woocommerce.php:244
actionwoocommerce_before_shop_loop_itemincludes\inc\woocommerce.php:246
actionwoocommerce_after_shop_loop_itemincludes\inc\woocommerce.php:255
actionwp_footerincludes\inc\woocommerce.php:257
filterwoocommerce_enable_order_notes_fieldincludes\inc\woocommerce.php:289
filterwoocommerce_quantity_input_argsincludes\inc\woocommerce.php:294
filterwoocommerce_dropdown_variation_attribute_options_argsincludes\inc\woocommerce.php:302
actionwoocommerce_after_cart_item_nameincludes\inc\woocommerce.php:306
actionwoocommerce_after_cart_item_nameincludes\inc\woocommerce.php:314
filtertemplate_redirectincludes\inc\woocommerce.php:324
filterwoocommerce_product_variation_title_include_attributesincludes\inc\woocommerce.php:598
filterwoocommerce_is_attribute_in_product_nameincludes\inc\woocommerce.php:599
filterwoocommerce_checkout_fieldsincludes\inc\woocommerce.php:686
filterwoocommerce_product_data_tabsincludes\inc\woocommerce.php:873
actionwoocommerce_product_data_panelsincludes\inc\woocommerce.php:941
actionwoocommerce_process_product_metaincludes\inc\woocommerce.php:963
actionwoocommerce_variation_options_pricingincludes\inc\woocommerce.php:993
actionwoocommerce_save_product_variationincludes\inc\woocommerce.php:1014
filterwoocommerce_product_tabsincludes\inc\woocommerce.php:1042
filterwoocommerce_product_description_headingincludes\inc\woocommerce.php:1044
filterwoocommerce_product_additional_information_headingincludes\inc\woocommerce.php:1047
filterwoocommerce_endpoint_orders_titleincludes\inc\woocommerce.php:1051
filterwoocommerce_endpoint_downloads_titleincludes\inc\woocommerce.php:1059
filterwoocommerce_endpoint_edit-address_titleincludes\inc\woocommerce.php:1067
filterwoocommerce_endpoint_edit-account_titleincludes\inc\woocommerce.php:1075
filterwoocommerce_get_price_htmlincludes\inc\woocommerce.php:1084
filterwoocommerce_after_quantity_input_fieldincludes\inc\woocommerce.php:1094
filterwoocommerce_after_add_to_cart_quantityincludes\inc\woocommerce.php:1096
actionwoocommerce_after_single_product_summaryincludes\inc\woocommerce.php:1104
actionwoocommerce_after_single_product_summaryincludes\inc\woocommerce.php:1107
actionwoocommerce_after_single_product_summaryincludes\inc\woocommerce.php:1110
actionwoocommerce_single_product_summaryincludes\inc\woocommerce.php:1113
filtergettextincludes\inc\woocommerce.php:1117
filterngettextincludes\inc\woocommerce.php:1118
filtergettextincludes\inc\woocommerce.php:1124
filterngettextincludes\inc\woocommerce.php:1125
actionwoocommerce_cart_is_emptyincludes\inc\woocommerce.php:1128
filterwoocommerce_return_to_shop_textincludes\inc\woocommerce.php:1131
filterwoocommerce_return_to_shop_redirectincludes\inc\woocommerce.php:1137
filterwoocommerce_coupons_enabledincludes\inc\woocommerce.php:1140
actionwoocommerce_after_cartincludes\inc\woocommerce.php:1147
filtergettextincludes\inc\woocommerce.php:1151
filterngettextincludes\inc\woocommerce.php:1152
filtergettextincludes\inc\woocommerce.php:1156
filterngettextincludes\inc\woocommerce.php:1157
filterwoocommerce_cart_item_quantityincludes\inc\woocommerce.php:1160
filterwoocommerce_cart_item_permalinkincludes\inc\woocommerce.php:1168
actionwoocommerce_after_checkout_formincludes\inc\woocommerce.php:1171
filtergettextincludes\inc\woocommerce.php:1174
actionwoocommerce_cart_totals_after_order_totalincludes\inc\woocommerce.php:1182
actiontemplate_redirectincludes\inc\woocommerce.php:1186
filterwoocommerce_order_button_textincludes\inc\woocommerce.php:1467
actionwoocommerce_review_order_after_order_totalincludes\inc\woocommerce.php:1507
actionwoocommerce_account_dashboardincludes\inc\woocommerce.php:1535
filterwoocommerce_account_menu_itemsincludes\inc\woocommerce.php:1606
filterwp_nav_menu_itemsincludes\inc\woocommerce.php:1677
filterwoocommerce_login_redirectincludes\inc\woocommerce.php:1694
actionbefore_woocommerce_initwoocustomizer.php:84
actionadmin_noticeswoocustomizer.php:102
actionafter_uninstallwoocustomizer.php:121
Maintenance & Trust

StoreCustomizer – A plugin to Customize all WooCommerce Pages Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedJul 11, 2025
PHP min version5.6
Downloads1.1M

Community Trust

Rating96/100
Number of ratings125
Active installs20K
Alternatives

StoreCustomizer – A plugin to Customize all WooCommerce Pages Alternatives

Memberships and User Profiles for WooCommerce – ProfileGrid WooCommerce Integration

Memberships and User Profiles for WooCommerce – ProfileGrid WooCommerce Integration

ecommerce-user-profiles-by-profilegrid

A
100

Sell more on WooCommerce with modern user profiles, user activities, content restriction, groups, paid memberships, and social commerce.

400 No CVEs
Visibility Control for WooCommerce

Visibility Control for WooCommerce

visibility-control-for-woocommerce

A
100

Visibility Control for WooCommerce helps you hide or show messages, menu and content for specific criterion anywhere on your WordPress page.

100 No CVEs
EasyCommerce – AI-Powered WordPress Ecommerce Plugin to Sell Digital Products, Subscriptions & Physical Goods

EasyCommerce – AI-Powered WordPress Ecommerce Plugin to Sell Digital Products, Subscriptions & Physical Goods

easycommerce

A
94

The only AI-powered WordPress ecommerce plugin. Generate content, create images, analyze sales automatically. Sell digital products, subscriptions, ph …

60 1 CVE
WOWRestro – Online Ordering System For WooCommerce

WOWRestro – Online Ordering System For WooCommerce

wowrestro

A
99

WOWRestro is an online ordering system for WooCommerce that makes it easier to receive takeaway and delivery orders.

10 1 CVE
QuickTools for WooCommerce

QuickTools for WooCommerce

quicktools-for-woocommerce

A
92

QuickTools for WooCommerce adds a "Total Sold" column, offering insights into sales and simplifying inventory management for better store performance

0 No CVEs
Developer Profile

StoreCustomizer – A plugin to Customize all WooCommerce Pages Developer Profile

Kaira

14 plugins · 33K total installs

90
trust score
Avg Security Score
94/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect StoreCustomizer – A plugin to Customize all WooCommerce Pages

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/woocustomizer/assets/css/backend/customizer-controls.css/wp-content/plugins/woocustomizer/assets/css/frontend/frontend-styles.css/wp-content/plugins/woocustomizer/assets/js/frontend/frontend-scripts.js
Script Paths
/wp-content/plugins/woocustomizer/assets/js/frontend/frontend-scripts.js
Version Parameters
woocustomizer/assets/css/backend/customizer-controls.css?ver=woocustomizer/assets/css/frontend/frontend-styles.css?ver=woocustomizer/assets/js/frontend/frontend-scripts.js?ver=

HTML / DOM Fingerprints

CSS Classes
wcz-
Data Attributes
data-wcz-id
JS Globals
wcz_frontend_params
REST Endpoints
/wp-json/woocustomizer/v1/
FAQ

Frequently Asked Questions about StoreCustomizer – A plugin to Customize all WooCommerce Pages