WP-Safety

WPC Share Cart for WooCommerce Security & Risk Analysis

wordpress.org/plugins/wpc-share-cart

WPC Share Cart is a simple but powerful tool that can help your customer share their cart.

1K active installs v2.2.4 PHP + WP 4.0+ Updated Mar 15, 2026
cart-linkshare-cartwoocommercewpc
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is WPC Share Cart for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

WPC Share Cart for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 19d ago
Risk Assessment

The "wpc-share-cart" plugin v2.2.4 exhibits a generally strong security posture with several positive indicators. The absence of any known CVEs, including currently unpatched ones, and the consistent use of prepared statements for all SQL queries are significant strengths. Furthermore, the plugin demonstrates good practice by implementing nonce checks on most entry points and capability checks where applicable. The extensive output escaping also suggests a proactive approach to preventing cross-site scripting (XSS) vulnerabilities. However, the presence of the "unserialize" function is a notable concern, as it can be a vector for object injection vulnerabilities if not handled with extreme care and validation. The taint analysis revealing one flow with an unsanitized path, classified as high severity, directly aligns with this concern and indicates a specific area that requires immediate attention. While the plugin has no recorded past vulnerabilities, this doesn't negate the risks identified in the current analysis. The overall assessment is that while the plugin has implemented many good security practices, the identified high-severity taint flow and the use of "unserialize" introduce tangible risks that need to be addressed.

Key Concerns

  • High severity unsanitized taint flow
  • Use of potentially dangerous unserialize function
Vulnerabilities
None known

WPC Share Cart for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

WPC Share Cart for WooCommerce Code Analysis

Dangerous Functions
3
Raw SQL Queries
0
8 prepared
Unescaped Output
30
170 escaped
Nonce Checks
9
Capability Checks
2
File Operations
0
External Requests
3
Bundled Libraries
0

Dangerous Functions Found

unserialize$plugins = unserialize( $response['body'] );includes\dashboard\wpc-dashboard.php:101
unserialize$plugins = unserialize( $response['body'] );includes\dashboard\wpc-dashboard.php:179
unserialize$plugins = unserialize( $response['body'] );includes\kit\wpc-kit.php:98

SQL Query Safety

100% prepared8 total queries

Output Escaping

85% escaped200 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

7 flows1 with unsanitized paths
ajax_export (includes\dashboard\wpc-dashboard.php:215)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

WPC Share Cart for WooCommerce Attack Surface

Entry Points8
Unprotected0

AJAX Handlers 5

authwp_ajax_wpc_get_pluginsincludes\dashboard\wpc-dashboard.php:9
authwp_ajax_wpc_get_suggestionincludes\dashboard\wpc-dashboard.php:10
authwp_ajax_wpc_exportincludes\dashboard\wpc-dashboard.php:11
authwp_ajax_wpc_importincludes\dashboard\wpc-dashboard.php:12
authwp_ajax_wpc_get_essential_kitincludes\kit\wpc-kit.php:22

Shortcodes 3

[wpcss_btn] wpc-share-cart.php:142
[wpcss_list] wpc-share-cart.php:143
[wpcss_cart] wpc-share-cart.php:144
WordPress Hooks 23
actionadmin_enqueue_scriptsincludes\dashboard\wpc-dashboard.php:7
actionadmin_menuincludes\dashboard\wpc-dashboard.php:8
actionbefore_woocommerce_initincludes\hpos.php:7
actionadmin_enqueue_scriptsincludes\kit\wpc-kit.php:20
actionadmin_menuincludes\kit\wpc-kit.php:21
actionadmin_initincludes\log\wpc-log.php:6
actionplugins_loadedwpc-share-cart.php:39
actionadmin_noticeswpc-share-cart.php:43
filterquery_varswpc-share-cart.php:67
actioninitwpc-share-cart.php:69
actionwpwpc-share-cart.php:72
actionadmin_enqueue_scriptswpc-share-cart.php:75
actionadmin_initwpc-share-cart.php:76
filterpre_update_optionwpc-share-cart.php:77
actionadmin_menuwpc-share-cart.php:78
actionadmin_footerwpc-share-cart.php:79
actionwp_enqueue_scriptswpc-share-cart.php:82
filterplugin_action_linkswpc-share-cart.php:85
filterplugin_row_metawpc-share-cart.php:86
actionwoocommerce_cart_actionswpc-share-cart.php:89
actionwc_ajax_wpcss_sharewpc-share-cart.php:92
actionwp_footerwpc-share-cart.php:95
filterwpcss_disable_nonce_checkwpc-share-cart.php:98
Maintenance & Trust

WPC Share Cart for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 15, 2026
PHP min version
Downloads35K

Community Trust

Rating64/100
Number of ratings11
Active installs1K
Alternatives

WPC Share Cart for WooCommerce Alternatives

WC Share Cart URL

WC Share Cart URL

wc-share-cart-url

A
92

Share WooCommerce cart by URL. Send the cart to any Customer in WooCommerce store.

400 No CVEs
Lean Cart Share and Save for Later for WooCommerce

Lean Cart Share and Save for Later for WooCommerce

lean-cart-share-and-save

A
100

Lightweight cart sharing and saving for WooCommerce - let customers share carts via URLs and save carts for later.

0 No CVEs
WPC Smart Quick View for WooCommerce

WPC Smart Quick View for WooCommerce

woo-smart-quick-view

A
96

WPC Smart Quick View allows users to get a quick look at products without opening the product page.

100K 3 CVEs
WPC Smart Wishlist for WooCommerce

WPC Smart Wishlist for WooCommerce

woo-smart-wishlist

A
95

WPC Smart Wishlist is a simple but powerful tool that can help your customer save products for buying later.

100K 5 CVEs
WPC Smart Compare for WooCommerce

WPC Smart Compare for WooCommerce

woo-smart-compare

A
98

It helps customers compare products with mighty AJAX, doesn't require opening a new page or iframe, and allows drag-and-drop functionality.

80K 2 CVEs
Developer Profile

WPC Share Cart for WooCommerce Developer Profile

WPClever

71 plugins · 441K total installs

87
trust score
Avg Security Score
99/100
Avg Patch Time
68 days
View full developer profile
Detection Fingerprints

How We Detect WPC Share Cart for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wpc-share-cart/assets/css/frontend.css/wp-content/plugins/wpc-share-cart/assets/css/backend.css/wp-content/plugins/wpc-share-cart/assets/js/frontend.js/wp-content/plugins/wpc-share-cart/assets/js/backend.js/wp-content/plugins/wpc-share-cart/assets/js/frontend/share-cart.js/wp-content/plugins/wpc-share-cart/assets/js/backend/share-cart.js
Script Paths
/wp-content/plugins/wpc-share-cart/assets/css/frontend.css/wp-content/plugins/wpc-share-cart/assets/css/backend.css/wp-content/plugins/wpc-share-cart/assets/js/frontend.js/wp-content/plugins/wpc-share-cart/assets/js/backend.js/wp-content/plugins/wpc-share-cart/assets/js/frontend/share-cart.js/wp-content/plugins/wpc-share-cart/assets/js/backend/share-cart.js
Version Parameters
wpc-share-cart/assets/css/frontend.css?ver=wpc-share-cart/assets/css/backend.css?ver=wpc-share-cart/assets/js/frontend.js?ver=wpc-share-cart/assets/js/backend.js?ver=wpc-share-cart/assets/js/frontend/share-cart.js?ver=wpc-share-cart/assets/js/backend/share-cart.js?ver=

HTML / DOM Fingerprints

CSS Classes
wpc-share-cart-btn
Data Attributes
data-wpcss-id
JS Globals
wpcss_frontend_paramswpcss_backend_paramswpcss_share_cart_ajax_url
Shortcode Output
[wpcss_list][wpcss_btn][wpcss_cart]
FAQ

Frequently Asked Questions about WPC Share Cart for WooCommerce