Name: WP e-Commerce Featured Products Security & Risk Analysis
wordpress.org/plugins/wp-e-commerce-featured-productsAdds a Widget and Shortcode to display Featured Products for WP e-Commerce Plugin.
Is Name: WP e-Commerce Featured Products Safe to Use in 2026?
Generally Safe
Score 100/100Name: WP e-Commerce Featured Products has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "wp-e-commerce-featured-products" plugin v1.0.1 exhibits a mixed security posture. On the positive side, the plugin demonstrates good practices by having no recorded vulnerabilities (CVEs) and no critical or high-severity taint flows, suggesting a generally well-maintained codebase in those areas. The absence of dangerous functions, file operations, and external HTTP requests also contributes positively. However, significant concerns arise from the static analysis. The plugin fails to implement any nonce checks or capability checks, which is a major oversight for security, especially considering its single shortcode entry point. Furthermore, a very low percentage (6%) of output escaping is concerning, indicating a high likelihood of cross-site scripting (XSS) vulnerabilities. While there are no directly exploitable SQL injection risks due to prepared statements, the lack of input validation and output sanitization, coupled with the missing security checks on its sole entry point, presents a substantial risk.
Key Concerns
- Missing nonce checks
- Missing capability checks
- Low output escaping percentage (potential XSS)
Name: WP e-Commerce Featured Products Security Vulnerabilities
Name: WP e-Commerce Featured Products Code Analysis
Output Escaping
Name: WP e-Commerce Featured Products Attack Surface
Shortcodes 1
WordPress Hooks 2
Maintenance & Trust
Name: WP e-Commerce Featured Products Maintenance & Trust
Maintenance Signals
Community Trust
Name: WP e-Commerce Featured Products Alternatives
Name: WP e-Commerce Popular Products
wp-e-commerce-popular-products
Adds a Widget and Shortcode to display Popular Products for WP e-Commerce Plugin.
Name: WP e-Commerce Table Price Shortcode
wp-e-commerce-table-price-shortcode
This plugin adds a shortcode for use with the WordPress e-Commerce Plugin.
DropStream – Automated eCommerce Fulfillment
wp-dropstream
DropStream is a powerful eCommerce plugin that integrates your WordPress site with your shipping solution or third-party fulfillment provider, allowin …
GoUrl WP eCommerce – Bitcoin Altcoin Payment Gateway Addon
gourl-wp-ecommerce-bitcoin-altcoin-payment-gateway-addon
Provides Bitcoin/Altcoin Payment Gateway for WP eCommerce 3.8.10+ or higher. Accept Bitcoin, Bitcoin Cash, Litecoin, Dogecoin, Dash, etc Payments on Y …
Content Shelf Shopping Cart
content-shelf-shopping-cart
Content Shelf is shopping cart software for selling digital content, tangible products, services, subscriptions and gift cards.
Name: WP e-Commerce Featured Products Developer Profile
19 plugins · 2K total installs
How We Detect Name: WP e-Commerce Featured Products
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/wp-e-commerce-featured-products/css/style.css/wp-content/plugins/wp-e-commerce-featured-products/css/style.css?ver=HTML / DOM Fingerprints
widget_wpsc_featured_productswpsc_product_titlewpsc-special-descriptionproduct_imageno-imageid="product_image_WPSC_URL<h4><strong><a class="wpsc_product_title" href="<div class="wpsc-special-description"><img class="product_image" id="product_image_<img class="no-image" id="product_image_