Does WPify Woo Czech have any unpatched vulnerabilities?

No. All known vulnerabilities in WPify Woo Czech have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WPify Woo Czech compatible with WordPress 6.9.4?

According to WordPress.org data, WPify Woo Czech 5.3.1 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is WPify Woo Czech compatible with PHP 8.1+?

WPify Woo Czech requires PHP 8.1 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is WPify Woo Czech updated?

WPify Woo Czech was last updated on Mar 5, 2026. Frequent updates are generally a positive security signal.

What is WPify Woo Czech's security score?

WPify Woo Czech has a WP-Safety security score of 98/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WPify Woo Czech Security & Risk Analysis

wordpress.org/plugins/wpify-woo

Adds Czech and Slovak features to WooCommerce: Heureka, CRN/VAT fields, free shipping notice, QR payments, async emails and more.

5K active installs v5.3.1 PHP 8.1+ WP 6.2+ Updated Mar 5, 2026

czechheurekaic-dicqr-paymentwoocommerce

A · Safe

CVEs total3

Unpatched0

Last CVEApr 30, 2024

Download

Safety Verdict

Is WPify Woo Czech Safe to Use in 2026?

Generally Safe

Score 98/100

WPify Woo Czech has a strong security track record. Known vulnerabilities have been patched promptly.

3 known CVEsLast CVE: Apr 30, 2024Updated 1mo ago

Risk Assessment

The wpify-woo plugin v5.3.1 exhibits a mixed security posture. While it demonstrates good practices in areas like using prepared statements for SQL queries and a relatively high percentage of output escaping (69%), there are notable concerns. The presence of an unprotected AJAX handler presents a direct entry point for attackers, and the taint analysis reveals a concerning number of flows with unsanitized paths, although thankfully none reached a critical or high severity in this analysis. The plugin's vulnerability history is a significant red flag, with 3 previously disclosed medium-severity vulnerabilities, including Cross-site Scripting and Improper Access Control. The fact that all previously known vulnerabilities are now patched is a positive sign, but the recurring nature of these types of issues suggests potential underlying coding patterns that could lead to future vulnerabilities if not addressed comprehensively.

Overall, while the plugin is moving in the right direction with prepared statements and patching, the unprotected AJAX endpoint and the history of medium-severity vulnerabilities, particularly those related to input sanitization and access control, necessitate careful monitoring. The 3 unsanitized paths in the taint analysis, even without reaching critical levels, warrant attention as they represent potential avenues for exploitation if inputs are not consistently validated and sanitized before use.

Key Concerns

AJAX handler without authentication
Flows with unsanitized paths (3)
3 medium severity CVEs in history
Output escaping 69% (31% not escaped)
Bundled library: Guzzle

Vulnerabilities

WPify Woo Czech Security Vulnerabilities

CVEs by Year

1 CVE in 2022

2022

2 CVEs in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

3 total CVEs

CVE-2024-33946medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

WPify Woo Czech <= 4.0.10 - Reflected Cross-Site Scripting

Apr 30, 2024 Patched in 4.0.11 (8d)

CVE-2024-1492medium · 5.3Improper Access Control

WPify Woo Czech <= 4.0.8 - Missing Authorization

Feb 19, 2024 Patched in 4.0.9 (2d)

WF-a10da173-9b88-4599-928d-71fc42b35c50-wpify-woomedium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

WPify Woo Czech <= 3.5.6 - Reflected Cross-Site Scripting

May 16, 2022 Patched in 3.5.7 (617d)

Code Analysis

Analyzed Mar 16, 2026

WPify Woo Czech Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

136 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Guzzle

Output Escaping

69% escaped197 total outputs

Data Flows

3 unsanitized

Data Flow Analysis

4 flows3 with unsanitized paths

render_admin_notices (src\Modules\HeurekaOverenoZakazniky\HeurekaOverenoZakaznikyModule.php:219)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

WPify Woo Czech Attack Surface

Entry Points7

Unprotected1

AJAX Handlers 1

authwp_ajax_wpify_delivery_dates_dismiss_noticesrc\Modules\DeliveryDates\DeliveryDatesModule.php:43

Shortcodes 6

[wpify_woo_delivery_dates] src\Modules\DeliveryDates\DeliveryDatesModule.php:49

[wpify_woo_free_shipping_notice] src\Modules\FreeShippingNotice\FreeShippingNoticeModule.php:31

[wpify_woo_amount_for_free_shipping] src\Modules\FreeShippingNotice\FreeShippingNoticeModule.php:32

[wpify_woo_heureka_reviews] src\Modules\HeurekaOverenoZakazniky\HeurekaOverenoZakaznikyModule.php:51

[wpify_woo_lowest_price] src\Modules\PricesLog\PricesLogModule.php:35

[wpify_woo_render_qr_code] src\Modules\QRPayment\QRPaymentModule.php:47

WordPress Hooks 124

actionwoocommerce_initsrc\Admin\Settings.php:35

actionadmin_enqueue_scriptssrc\Admin\Settings.php:44

filterwpify_admin_menu_bar_datasrc\Admin\Settings.php:45

actionwpify_dashboard_before_news_postssrc\Admin\Settings.php:46

actionall_admin_noticessrc\Admin\Settings.php:47

actionadmin_initsrc\Admin\Settings.php:48

actionadmin_initsrc\Admin.php:19

actionrest_api_initsrc\Api\FeedApi.php:23

actionrest_api_initsrc\Api\SettingsApi.php:25

filterhttp_request_argssrc\CLI.php:32

actioninitsrc\Managers\ApiManager.php:41

filterwoocommerce_mail_callbacksrc\Modules\AsyncEmails\AsyncEmailsModule.php:23

actionwpify_send_emailsrc\Modules\AsyncEmails\AsyncEmailsModule.php:24

filterwp_mail_fromsrc\Modules\AsyncEmails\AsyncEmailsModule.php:101

filterwp_mail_from_namesrc\Modules\AsyncEmails\AsyncEmailsModule.php:102

actionwoocommerce_review_metasrc\Modules\Comments\CommentsModule.php:26

actioninitsrc\Modules\Comments\CommentsModule.php:27

actionrest_api_initsrc\Modules\DeliveryDates\Api\DeliveryDatesApi.php:22

actioninitsrc\Modules\DeliveryDates\DeliveryDatesModule.php:31

actioninitsrc\Modules\DeliveryDates\DeliveryDatesModule.php:32

actionwp_enqueue_scriptssrc\Modules\DeliveryDates\DeliveryDatesModule.php:33

actionadmin_initsrc\Modules\DeliveryDates\DeliveryDatesModule.php:41

actionadmin_initsrc\Modules\DeliveryDates\DeliveryDatesModule.php:42

actionadmin_enqueue_scriptssrc\Modules\DeliveryDates\DeliveryDatesModule.php:47

actionadmin_noticessrc\Modules\DeliveryDates\DeliveryDatesModule.php:48

filterwoocommerce_email_attachmentssrc\Modules\EmailAttachments\EmailAttachmentsModule.php:29

actioninitsrc\Modules\EmailAttachments\EmailAttachmentsModule.php:30

filterwoocommerce_add_to_cart_fragmentssrc\Modules\FreeShippingNotice\FreeShippingNoticeModule.php:33

filterwoocommerce_update_order_review_fragmentssrc\Modules\FreeShippingNotice\FreeShippingNoticeModule.php:34

filterwpify_woo_free_shipping_is_freesrc\Modules\FreeShippingNotice\FreeShippingNoticeModule.php:37

actionwp_enqueue_scriptssrc\Modules\FreeShippingNotice\FreeShippingNoticeModule.php:40

filterwpify_woo_free_shipping_amount_for_free_shippingsrc\Modules\FreeShippingNotice\FreeShippingNoticeModule.php:469

actionwoocommerce_thankyousrc\Modules\HeurekaMereniKonverzi\HeurekaMereniKonverziModule.php:35

actionwp_footersrc\Modules\HeurekaMereniKonverzi\HeurekaMereniKonverziModule.php:36

actionwoocommerce_initsrc\Modules\HeurekaOverenoZakazniky\BlockSupport.php:16

actionwp_footersrc\Modules\HeurekaOverenoZakazniky\BlockSupport.php:17

actionwoocommerce_store_api_checkout_order_processedsrc\Modules\HeurekaOverenoZakazniky\BlockSupport.php:18

filterwoocommerce_set_additional_field_valuesrc\Modules\HeurekaOverenoZakazniky\BlockSupport.php:19

actionwoocommerce_checkout_order_createdsrc\Modules\HeurekaOverenoZakazniky\HeurekaOverenoZakaznikyModule.php:42

actionwpify_woo_heureka_overeno_zakaznikysrc\Modules\HeurekaOverenoZakazniky\HeurekaOverenoZakaznikyModule.php:43

actionwoocommerce_checkout_after_terms_and_conditionssrc\Modules\HeurekaOverenoZakazniky\HeurekaOverenoZakaznikyModule.php:44

actionwp_headsrc\Modules\HeurekaOverenoZakazniky\HeurekaOverenoZakaznikyModule.php:45

actionadmin_initsrc\Modules\HeurekaOverenoZakazniky\HeurekaOverenoZakaznikyModule.php:46

actioninitsrc\Modules\HeurekaOverenoZakazniky\HeurekaOverenoZakaznikyModule.php:49

actionwpify_woo_import_heureka_reviewssrc\Modules\HeurekaOverenoZakazniky\HeurekaOverenoZakaznikyModule.php:50

actionadmin_noticessrc\Modules\HeurekaOverenoZakazniky\HeurekaOverenoZakaznikyModule.php:52

actionrest_api_initsrc\Modules\IcDic\Api\IcDicApi.php:30

actionwoocommerce_initsrc\Modules\IcDic\BlockSupport.php:20

actionwp_footersrc\Modules\IcDic\BlockSupport.php:21

filterwoocommerce_set_additional_field_valuesrc\Modules\IcDic\BlockSupport.php:23

actionwoocommerce_sanitize_additional_fieldsrc\Modules\IcDic\BlockSupport.php:24

filterwoocommerce_store_api_cart_errorssrc\Modules\IcDic\BlockSupport.php:25

filterwoocommerce_get_default_value_for_wpify/companysrc\Modules\IcDic\BlockSupport.php:27

filterwoocommerce_get_default_value_for_wpify/icsrc\Modules\IcDic\BlockSupport.php:30

filterwoocommerce_get_default_value_for_wpify/dicsrc\Modules\IcDic\BlockSupport.php:33

filterwoocommerce_get_default_value_for_wpify/dic-dphsrc\Modules\IcDic\BlockSupport.php:36

filterwoocommerce_get_default_value_for_wpify/ic_dic_togglesrc\Modules\IcDic\BlockSupport.php:39

actionwoocommerce_validate_additional_fieldsrc\Modules\IcDic\BlockSupport.php:50

actionwoocommerce_store_api_checkout_update_customer_from_requestsrc\Modules\IcDic\BlockSupport.php:52

actionrest_api_initsrc\Modules\IcDic\BlockSupport.php:55

actionwoocommerce_store_api_checkout_update_customer_from_requestsrc\Modules\IcDic\BlockSupport.php:58

actionwoocommerce_store_api_checkout_order_processedsrc\Modules\IcDic\BlockSupport.php:61

actionwoocommerce_edit_account_form_startsrc\Modules\IcDic\BlockSupport.php:64

actionrest_pre_dispatchsrc\Modules\IcDic\BlockSupport.php:369

filterwoocommerce_checkout_fieldssrc\Modules\IcDic\IcDicModule.php:88

actionwp_enqueue_scriptssrc\Modules\IcDic\IcDicModule.php:89

filterwoocommerce_default_address_fieldssrc\Modules\IcDic\IcDicModule.php:90

filterwoocommerce_order_formatted_billing_addresssrc\Modules\IcDic\IcDicModule.php:91

filterwoocommerce_formatted_address_replacementssrc\Modules\IcDic\IcDicModule.php:92

filterwoocommerce_localisation_address_formatssrc\Modules\IcDic\IcDicModule.php:93

actionwoocommerce_after_checkout_validationsrc\Modules\IcDic\IcDicModule.php:98

actionwoocommerce_checkout_order_processedsrc\Modules\IcDic\IcDicModule.php:99

actioninitsrc\Modules\IcDic\IcDicModule.php:100

actionwoocommerce_admin_order_data_after_billing_addresssrc\Modules\IcDic\IcDicModule.php:103

actionwoocommerce_checkout_before_customer_detailssrc\Modules\IcDic\IcDicModule.php:107

filterwoocommerce_form_fieldsrc\Modules\IcDic\IcDicModule.php:109

filterwoocommerce_form_fieldsrc\Modules\IcDic\IcDicModule.php:111

filterwoocommerce_billing_fieldssrc\Modules\IcDic\IcDicModule.php:115

filterwoocommerce_admin_billing_fieldssrc\Modules\IcDic\IcDicModule.php:116

filterwoocommerce_customer_meta_fieldssrc\Modules\IcDic\IcDicModule.php:117

filterwoocommerce_my_account_my_address_formatted_addresssrc\Modules\IcDic\IcDicModule.php:118

actionwpsrc\Modules\IcDic\IcDicModule.php:127

actionwoocommerce_checkout_update_order_reviewsrc\Modules\IcDic\IcDicModule.php:128

filterpost_classsrc\Modules\IcDic\IcDicModule.php:129

filterwoocommerce_ajax_get_customer_detailssrc\Modules\IcDic\IcDicModule.php:130

actionwp_enqueue_scriptssrc\Modules\IcDic\IcDicModule.php:199

actionwp_enqueue_scriptssrc\Modules\Prices\PricesModule.php:27

actioninitsrc\Modules\Prices\PricesModule.php:28

filterwoocommerce_get_price_htmlsrc\Modules\Prices\PricesModule.php:29

filterwoocommerce_locate_templatesrc\Modules\Prices\PricesModule.php:30

actionwoocommerce_single_product_summarysrc\Modules\Prices\PricesModule.php:45

actionwoocommerce_update_productsrc\Modules\PricesLog\PricesLogModule.php:28

actionwoocommerce_new_productsrc\Modules\PricesLog\PricesLogModule.php:29

filterwoocommerce_product_data_tabssrc\Modules\PricesLog\PricesLogModule.php:30

actionwoocommerce_product_data_panelssrc\Modules\PricesLog\PricesLogModule.php:31

actionwoocommerce_product_options_pricingsrc\Modules\PricesLog\PricesLogModule.php:32

actionwoocommerce_variation_options_pricingsrc\Modules\PricesLog\PricesLogModule.php:33

actiontemplate_redirectsrc\Modules\QRPayment\QRPaymentModule.php:45

actionwpify_woo_render_qr_codesrc\Modules\QRPayment\QRPaymentModule.php:46

actionwpo_wcpdf_after_order_detailssrc\Modules\QRPayment\QRPaymentModule.php:52

actionwoocommerce_thankyousrc\Modules\QRPayment\QRPaymentModule.php:69

actionwoocommerce_thankyousrc\Modules\QRPayment\QRPaymentModule.php:71

actionwoocommerce_before_thankyousrc\Modules\QRPayment\QRPaymentModule.php:73

filterwp_footersrc\Modules\SklikRetargeting\SklikRetargetingModule.php:17

filterwoocommerce_order_button_textsrc\Modules\Template\TemplateModule.php:23

filterwoocommerce_order_button_htmlsrc\Modules\Template\TemplateModule.php:24

actionwoocommerce_review_order_before_submitsrc\Modules\Template\TemplateModule.php:25

actioninitsrc\Modules\Template\TemplateModule.php:26

filterwoocommerce_mail_callback_paramssrc\Modules\Vocative\VocativeModule.php:19

actionadmin_initsrc\Modules\XmlFeedHeureka\XmlFeedHeurekaModule.php:29

filterwoocommerce_product_data_tabssrc\Modules\XmlFeedHeureka\XmlFeedHeurekaModule.php:30

actionwoocommerce_product_data_panelssrc\Modules\XmlFeedHeureka\XmlFeedHeurekaModule.php:31

actionwoocommerce_process_product_metasrc\Modules\XmlFeedHeureka\XmlFeedHeurekaModule.php:32

actionwoocommerce_product_after_variable_attributessrc\Modules\XmlFeedHeureka\XmlFeedHeurekaModule.php:33

actionwoocommerce_save_product_variationsrc\Modules\XmlFeedHeureka\XmlFeedHeurekaModule.php:34

actionwoocommerce_thankyousrc\Modules\ZboziConversions\ZboziConversionsModule.php:21

actionadmin_noticessrc\Modules\ZboziConversions\ZboziConversionsModule.php:27

actioninitwpify-woo.php:141

actionadmin_noticeswpify-woo.php:168

actionadmin_noticeswpify-woo.php:170

actionplugins_loadedwpify-woo.php:185

actionadmin_noticeswpify-woo.php:189

actionin_plugin_update_message-wpify-woo/wpify-woo.phpwpify-woo.php:193

actionbefore_woocommerce_initwpify-woo.php:204

Maintenance & Trust

WPify Woo Czech Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 5, 2026

PHP min version8.1

Downloads210K

Community Trust

Rating98/100

Number of ratings48

Active installs5K

Alternatives

WPify Woo Czech Alternatives

České služby pro WordPress

ceske-sluzby

Implementace různých českých služeb do WordPressu (zejména pro WooCommerce)

1K No CVEs

Czech QR Payments for WooCommerce

czech-qr-code-bank-transfer-payment-for-woocommerce

100

Payment method for fast QR code bank transfer payment from Czech banking mobile apps

100 No CVEs

DD QR Payment Gateway Interface

qr-payment-gateway-interface-for-woocommerce

Upgrade your webshop with the QR Instant Payment Method which allows your customers to pay using the m-banking application on their phone - option IPS …

10 No CVEs

Essential Addons for Elementor – Popular Elementor Templates & Widgets

essential-addons-for-elementor-lite

Elementor addon offering 110+ widgets and templates — Elementor Gallery, Slider, Form, Post Grid, Menu, Accordion, WooCommerce & more.

2.0M 56 CVEs

Google for WooCommerce

google-listings-and-ads

Native integration with Google that allows merchants to easily display their products across Google’s network.

900K 1 CVE

Developer Profile

WPify Woo Czech Developer Profile

WPify

2 plugins · 5K total installs

trust score

Avg Security Score

95/100

Avg Patch Time

209 days

View full developer profile

Detection Fingerprints

How We Detect WPify Woo Czech

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wpify-woo/src/Assets/dist/css/admin/settings.css/wp-content/plugins/wpify-woo/src/Assets/dist/css/delivery-dates.css/wp-content/plugins/wpify-woo/src/Assets/dist/js/delivery-dates.js/wp-content/plugins/wpify-woo/src/Assets/dist/js/admin/settings.js/wp-content/plugins/wpify-woo/src/Assets/dist/css/admin/delivery-dates.css/wp-content/plugins/wpify-woo/src/Assets/dist/js/admin/delivery-dates.js/wp-content/plugins/wpify-woo/src/Assets/dist/css/admin/woo-core.css/wp-content/plugins/wpify-woo/src/Assets/dist/js/admin/woo-core.js

Script Paths

/wp-content/plugins/wpify-woo/src/Assets/dist/js/delivery-dates.js/wp-content/plugins/wpify-woo/src/Assets/dist/js/admin/settings.js/wp-content/plugins/wpify-woo/src/Assets/dist/js/admin/delivery-dates.js/wp-content/plugins/wpify-woo/src/Assets/dist/js/admin/woo-core.js

Version Parameters

wpify-woo/src/Assets/dist/css/admin/settings.css?ver=wpify-woo/src/Assets/dist/css/delivery-dates.css?ver=wpify-woo/src/Assets/dist/js/delivery-dates.js?ver=wpify-woo/src/Assets/dist/js/admin/settings.js?ver=wpify-woo/src/Assets/dist/css/admin/delivery-dates.css?ver=wpify-woo/src/Assets/dist/js/admin/delivery-dates.js?ver=wpify-woo/src/Assets/dist/css/admin/woo-core.css?ver=wpify-woo/src/Assets/dist/js/admin/woo-core.js?ver=

HTML / DOM Fingerprints

CSS Classes

wpify-woo-delivery-dates-wrapperwpify-woo-delivery-dates-admin-noticewpify-woo-delivery-dates-settings-wrap

HTML Comments

Data Attributes

data-wpify-woo-delivery-dates

JS Globals

window.wpifyWooDeliveryDates

REST Endpoints

/wp-json/wpify-woo/v1/delivery-dates

Shortcode Output

[wpify_woo_delivery_dates]

FAQ