WP-Safety

WPC Coupon Listing for WooCommerce Security & Risk Analysis

wordpress.org/plugins/wpc-coupon-listing

WPC Coupon Listing will display coupons in a list on the cart and checkout page for the buyer easy to use.

1K active installs v1.3.6 PHP + WP 4.0+ Updated Dec 22, 2025
couponcoupon-listingwoocommercewpc
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is WPC Coupon Listing for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

WPC Coupon Listing for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago
Risk Assessment

The "wpc-coupon-listing" plugin, version 1.3.6, presents a generally strong security posture based on the provided static analysis and vulnerability history. The absence of known CVEs and a clean vulnerability history across all severity levels is a significant positive indicator. The code exhibits good practices with 100% of SQL queries using prepared statements and a high percentage (93%) of properly escaped output, minimizing common web vulnerabilities. The presence of nonce and capability checks on entry points further reinforces this.

However, the static analysis does highlight a specific concern: the use of the `unserialize` function. While no taint flows with unsanitized paths were found in this analysis, the `unserialize` function is inherently risky if the data it processes can be influenced by user input. Without specific taint analysis showing these flows are properly handled or that the input is from a trusted source, this remains a potential attack vector that could lead to Remote Code Execution (RCE) or Denial of Service (DoS) if exploited.

In conclusion, while the plugin benefits from a clean track record and many robust security implementations, the presence of `unserialize` without explicit mitigation details introduces a moderate risk. Further investigation into how and from where data is serialized/unserialized would be beneficial. For now, the plugin's strengths in other areas significantly outweigh the single identified weakness, suggesting a generally secure but not flawless product.

Key Concerns

  • Use of unserialize() function
Vulnerabilities
None known

WPC Coupon Listing for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

WPC Coupon Listing for WooCommerce Code Analysis

Dangerous Functions
3
Raw SQL Queries
0
0 prepared
Unescaped Output
11
136 escaped
Nonce Checks
9
Capability Checks
2
File Operations
0
External Requests
3
Bundled Libraries
0

Dangerous Functions Found

unserialize$plugins = unserialize( $response['body'] );includes\dashboard\wpc-dashboard.php:111
unserialize$plugins = unserialize( $response['body'] );includes\dashboard\wpc-dashboard.php:189
unserialize$plugins = unserialize( $response['body'] );includes\kit\wpc-kit.php:98

Output Escaping

93% escaped147 total outputs
Data Flows
All sanitized

Data Flow Analysis

3 flows
ajax_export (includes\dashboard\wpc-dashboard.php:225)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

WPC Coupon Listing for WooCommerce Attack Surface

Entry Points7
Unprotected0

AJAX Handlers 5

authwp_ajax_wpc_get_pluginsincludes\dashboard\wpc-dashboard.php:19
authwp_ajax_wpc_get_suggestionincludes\dashboard\wpc-dashboard.php:20
authwp_ajax_wpc_exportincludes\dashboard\wpc-dashboard.php:21
authwp_ajax_wpc_importincludes\dashboard\wpc-dashboard.php:22
authwp_ajax_wpc_get_essential_kitincludes\kit\wpc-kit.php:22

Shortcodes 2

[wpccl_button] includes\class-frontend.php:23
[wpccl_list] includes\class-frontend.php:24
WordPress Hooks 23
actioninitincludes\class-backend.php:17
actionadmin_enqueue_scriptsincludes\class-backend.php:18
actionadmin_initincludes\class-backend.php:19
actionadmin_menuincludes\class-backend.php:20
filterwoocommerce_coupon_data_tabsincludes\class-backend.php:21
actionwoocommerce_coupon_data_panelsincludes\class-backend.php:22
actionwoocommerce_coupon_options_saveincludes\class-backend.php:23
filterplugin_action_linksincludes\class-backend.php:26
filterplugin_row_metaincludes\class-backend.php:27
filterwoocommerce_coupon_generator_coupon_meta_dataincludes\class-backend.php:30
actionwp_enqueue_scriptsincludes\class-frontend.php:17
actionwoocommerce_cart_couponincludes\class-frontend.php:18
actionwp_footerincludes\class-frontend.php:19
filterwoocommerce_checkout_coupon_messageincludes\class-frontend.php:20
actionwc_ajax_wpccl_load_couponsincludes\class-frontend.php:27
actionwc_ajax_wpccl_apply_couponincludes\class-frontend.php:28
actionadmin_enqueue_scriptsincludes\dashboard\wpc-dashboard.php:17
actionadmin_menuincludes\dashboard\wpc-dashboard.php:18
actionbefore_woocommerce_initincludes\hpos.php:7
actionadmin_enqueue_scriptsincludes\kit\wpc-kit.php:20
actionadmin_menuincludes\kit\wpc-kit.php:21
actionplugins_loadedwpc-coupon-listing.php:35
actionadmin_noticeswpc-coupon-listing.php:39
Maintenance & Trust

WPC Coupon Listing for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedDec 22, 2025
PHP min version
Downloads17K

Community Trust

Rating94/100
Number of ratings3
Active installs1K
Alternatives

WPC Coupon Listing for WooCommerce Alternatives

WPC Free Gift Coupons for WooCommerce

WPC Free Gift Coupons for WooCommerce

wpc-free-gift-coupons

A
100

WPC Free Gift Coupons for WooCommerce offers a new way to give away free gifts to customers during special sale occasions.

400 No CVEs
Discount Rules for WooCommerce

Discount Rules for WooCommerce

woo-discount-rules

A
97

The discount plugin for WooCommerce helps you create bulk discount, quantity discount, storewide sale, dynamic pricing discount offers easily.

100K 4 CVEs
WPC Smart Quick View for WooCommerce

WPC Smart Quick View for WooCommerce

woo-smart-quick-view

A
96

WPC Smart Quick View allows users to get a quick look at products without opening the product page.

100K 3 CVEs
WPC Smart Wishlist for WooCommerce

WPC Smart Wishlist for WooCommerce

woo-smart-wishlist

A
95

WPC Smart Wishlist is a simple but powerful tool that can help your customer save products for buying later.

100K 5 CVEs
WPC Smart Compare for WooCommerce

WPC Smart Compare for WooCommerce

woo-smart-compare

A
98

It helps customers compare products with mighty AJAX, doesn't require opening a new page or iframe, and allows drag-and-drop functionality.

80K 2 CVEs
Developer Profile

WPC Coupon Listing for WooCommerce Developer Profile

WPClever

71 plugins · 441K total installs

87
trust score
Avg Security Score
99/100
Avg Patch Time
68 days
View full developer profile
Detection Fingerprints

How We Detect WPC Coupon Listing for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wpc-coupon-listing/assets/css/backend.css/wp-content/plugins/wpc-coupon-listing/assets/js/backend.js
Script Paths
/wp-content/plugins/wpc-coupon-listing/assets/js/backend.js
Version Parameters
wpc-coupon-listing/assets/css/backend.css?ver=wpc-coupon-listing/assets/js/backend.js?ver=

HTML / DOM Fingerprints

CSS Classes
wpclever_settings_pagewpclever_settings_page_headerwpclever_settings_page_header_logowpclever_settings_page_header_textwpclever_settings_page_titlewpclever_settings_page_nav
Data Attributes
data-tabdata-parentdata-coupon-id
JS Globals
WPCleverWpcclFrontend
FAQ

Frequently Asked Questions about WPC Coupon Listing for WooCommerce