Does WPC Force Sells for WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in WPC Force Sells for WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WPC Force Sells for WooCommerce compatible with WordPress 6.9.4?

According to WordPress.org data, WPC Force Sells for WooCommerce 6.3.8 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

How often is WPC Force Sells for WooCommerce updated?

WPC Force Sells for WooCommerce was last updated on Mar 15, 2026. Frequent updates are generally a positive security signal.

What is WPC Force Sells for WooCommerce's security score?

WPC Force Sells for WooCommerce has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WPC Force Sells for WooCommerce Security & Risk Analysis

wordpress.org/plugins/wpc-force-sells

WPC Force Sells allows users to create a deal that combines various related products and put them for sale altogether.

700 active installs v6.3.8 PHP + WP 4.0+ Updated Mar 15, 2026

force-sellskitwoocommercewpc

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is WPC Force Sells for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

WPC Force Sells for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 19d ago

Risk Assessment

The "wpc-force-sells" plugin v6.3.8 exhibits a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all SQL queries and generally strong output escaping. The absence of known CVEs and recorded vulnerabilities in its history suggests a relatively stable security track record. However, there are significant concerns regarding its attack surface. With 8 AJAX handlers identified, 2 of which lack authentication checks, there's a clear risk of unauthorized actions being performed by unauthenticated users. Additionally, the presence of the `unserialize` function is a known risk if not handled with extreme care, as it can lead to object injection vulnerabilities if the input is not strictly validated and comes from an untrusted source. The taint analysis, while reporting no critical or high severity unsanitized flows, does indicate 2 flows with unsanitized paths, which warrants attention.

Key Concerns

AJAX handlers without authentication checks
Presence of dangerous function (unserialize)
Flows with unsanitized paths detected

Vulnerabilities

None known

WPC Force Sells for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

WPC Force Sells for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

237 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$plugins = unserialize( $response['body'] );includes\dashboard\wpc-dashboard.php:101

unserialize$plugins = unserialize( $response['body'] );includes\dashboard\wpc-dashboard.php:179

unserialize$plugins = unserialize( $response['body'] );includes\kit\wpc-kit.php:98

SQL Query Safety

100% prepared2 total queries

Output Escaping

93% escaped256 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

6 flows2 with unsanitized paths

ajax_get_search_results (includes\class-woofs.php:1341)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

WPC Force Sells for WooCommerce Attack Surface

Entry Points8

Unprotected2

AJAX Handlers 8

authwp_ajax_woofs_update_search_settingsincludes\class-woofs.php:42

authwp_ajax_woofs_get_search_resultsincludes\class-woofs.php:43

authwp_ajax_woofs_add_textincludes\class-woofs.php:44

authwp_ajax_wpc_get_pluginsincludes\dashboard\wpc-dashboard.php:9

authwp_ajax_wpc_get_suggestionincludes\dashboard\wpc-dashboard.php:10

authwp_ajax_wpc_exportincludes\dashboard\wpc-dashboard.php:11

authwp_ajax_wpc_importincludes\dashboard\wpc-dashboard.php:12

authwp_ajax_wpc_get_essential_kitincludes\kit\wpc-kit.php:22

WordPress Hooks 61

filterrest_request_after_callbacksincludes\class-blocks.php:84

filterwoocommerce_hydration_request_after_callbacksincludes\class-blocks.php:85

actionwoocommerce_blocks_mini-cart_block_registrationincludes\class-blocks.php:86

actionwoocommerce_blocks_cart_block_registrationincludes\class-blocks.php:92

actionwoocommerce_blocks_checkout_block_registrationincludes\class-blocks.php:98

actioninitincludes\class-woofs.php:25

filterwoocommerce_available_variationincludes\class-woofs.php:28

actionadmin_initincludes\class-woofs.php:31

filterpre_update_optionincludes\class-woofs.php:32

actionadmin_menuincludes\class-woofs.php:33

actionwp_enqueue_scriptsincludes\class-woofs.php:36

actionadmin_enqueue_scriptsincludes\class-woofs.php:39

filterwoocommerce_product_data_tabsincludes\class-woofs.php:47

actionwoocommerce_product_data_panelsincludes\class-woofs.php:48

actionwoocommerce_process_product_metaincludes\class-woofs.php:49

filterwoocommerce_product_price_classincludes\class-woofs.php:52

actionwoocommerce_before_add_to_cart_formincludes\class-woofs.php:56

actionwoocommerce_after_add_to_cart_formincludes\class-woofs.php:60

actionwoocommerce_before_add_to_cart_buttonincludes\class-woofs.php:63

filterwoocommerce_add_to_cart_validationincludes\class-woofs.php:66

actionwoocommerce_add_to_cartincludes\class-woofs.php:67

filterwoocommerce_add_cart_item_dataincludes\class-woofs.php:68

filterwoocommerce_get_cart_item_from_sessionincludes\class-woofs.php:69

filterwoocommerce_cart_contents_countincludes\class-woofs.php:75

filterwoocommerce_get_item_countincludes\class-woofs.php:76

filterwoocommerce_cart_item_remove_linkincludes\class-woofs.php:79

filterwoocommerce_cart_item_nameincludes\class-woofs.php:80

filterwoocommerce_cart_item_quantityincludes\class-woofs.php:81

actionwoocommerce_cart_item_removedincludes\class-woofs.php:82

actionwoocommerce_checkout_create_order_line_itemincludes\class-woofs.php:85

filterwoocommerce_order_item_nameincludes\class-woofs.php:86

actionwoocommerce_order_item_meta_startincludes\class-woofs.php:90

filterwoocommerce_hidden_order_itemmetaincludes\class-woofs.php:94

actionwoocommerce_before_order_itemmetaincludes\class-woofs.php:95

filterwoocommerce_cart_item_visibleincludes\class-woofs.php:98

filterwoocommerce_checkout_cart_item_visibleincludes\class-woofs.php:99

filterwoocommerce_get_item_dataincludes\class-woofs.php:103

filterwoocommerce_widget_cart_item_visibleincludes\class-woofs.php:107

filterwoocommerce_order_item_visibleincludes\class-woofs.php:110

filterdisplay_post_statesincludes\class-woofs.php:113

filterplugin_action_linksincludes\class-woofs.php:116

filterplugin_row_metaincludes\class-woofs.php:117

actionwoocommerce_before_mini_cart_contentsincludes\class-woofs.php:120

actionwoocommerce_before_calculate_totalsincludes\class-woofs.php:121

filterpre_get_postsincludes\class-woofs.php:125

actionpre_get_postsincludes\class-woofs.php:128

actionpre_get_postsincludes\class-woofs.php:131

filterwoofs_item_idincludes\class-woofs.php:136

filterwoocommerce_products_admin_list_table_filtersincludes\class-woofs.php:140

actionpre_get_postsincludes\class-woofs.php:141

filterwpcsm_locationsincludes\class-woofs.php:144

filterwoocommerce_product_export_meta_valueincludes\class-woofs.php:147

filterwoocommerce_product_import_pre_insert_product_objectincludes\class-woofs.php:150

actionadmin_enqueue_scriptsincludes\dashboard\wpc-dashboard.php:7

actionadmin_menuincludes\dashboard\wpc-dashboard.php:8

actionbefore_woocommerce_initincludes\hpos.php:7

actionadmin_enqueue_scriptsincludes\kit\wpc-kit.php:20

actionadmin_menuincludes\kit\wpc-kit.php:21

actionadmin_initincludes\log\wpc-log.php:6

actionplugins_loadedwpc-force-sells.php:39

actionadmin_noticeswpc-force-sells.php:43

Maintenance & Trust

WPC Force Sells for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 15, 2026

PHP min version

Downloads40K

Community Trust

Rating100/100

Number of ratings4

Active installs700

Alternatives

WPC Force Sells for WooCommerce Alternatives

WPC Product Bundles for WooCommerce

woo-product-bundle

100

WPC Product Bundles is a plugin that helps you bundle a few products, offer them at a discount, and watch the sales go up!

30K 1 CVE

WPC Composite Products for WooCommerce

wpc-composite-products

WPC Composite Products provide a powerful kit-building solution for WooCommerce store.

9K 1 CVE

WPC Grouped Product for WooCommerce

wpc-grouped-product

WPC Grouped Product helps you make up standalone products that are presented as a group.

3K 1 CVE

WPC Mystery Box for WooCommerce

wpc-mystery-box

100

WPC Mystery Box allows you to sell boxes that contain randomly products.

50 No CVEs

WPC Smart Quick View for WooCommerce

woo-smart-quick-view

WPC Smart Quick View allows users to get a quick look at products without opening the product page.

100K 3 CVEs

Developer Profile

WPC Force Sells for WooCommerce Developer Profile

WPClever

71 plugins · 441K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

68 days

View full developer profile

Detection Fingerprints

How We Detect WPC Force Sells for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wpc-force-sells/assets/css/blocks.css/wp-content/plugins/wpc-force-sells/assets/js/blocks.js

Script Paths

/wp-content/plugins/wpc-force-sells/assets/js/blocks.js

Version Parameters

wpc-force-sells/assets/css/blocks.css?ver=wpc-force-sells/assets/js/blocks.js?ver=

HTML / DOM Fingerprints

CSS Classes

woofs_linkedwoofs_main

Data Attributes

woofs_idswoofs_parent_idwoofs_mainwoofs_linkedwoofs_hide_linked

JS Globals

WPCleverWoofs_Blocks

REST Endpoints

/wp-json/wc/store/

FAQ