WP-Safety

WPMozo Wishlist Lite for WooCommerce Security & Risk Analysis

wordpress.org/plugins/wpmozo-wishlist-lite-for-woocommerce

WPMozo Wishlist Lite for WooCommerce adds a wishlist feature to your WooCommerce store, allowing customers to save their favorite products for future …

10 active installs v1.0.1 PHP 7.0+ WP 6.4+ Updated Aug 6, 2025
ecommerceproduct-wishlistsave-for-laterwishlistwoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is WPMozo Wishlist Lite for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

WPMozo Wishlist Lite for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8mo ago
Risk Assessment

The plugin "wpmozo-wishlist-lite-for-woocommerce" v1.0.1 exhibits a mixed security posture. On the positive side, it demonstrates strong adherence to secure coding practices by utilizing prepared statements for all SQL queries and performing proper output escaping on almost all outputs. The absence of file operations and external HTTP requests also reduces the potential attack vectors. Furthermore, its vulnerability history is clean, with no recorded CVEs, suggesting a generally stable codebase in the past.

However, significant concerns arise from its attack surface and taint analysis. The plugin exposes a considerable number of AJAX handlers (13) without any authentication or capability checks, presenting a high risk of unauthorized actions if these handlers are exploitable. The taint analysis revealing three high-severity flows with unsanitized paths further exacerbates this risk, indicating that user-supplied input might be used in a dangerous way within these unprotected AJAX endpoints, potentially leading to serious vulnerabilities.

While the lack of known CVEs is encouraging, the high number of unprotected AJAX endpoints combined with critical taint flows points to a significant potential for newly discovered vulnerabilities. The plugin's strengths lie in its SQL and output handling, but its weaknesses in authentication and input sanitization for its extensive AJAX interface are serious security flaws.

Key Concerns

  • Unprotected AJAX handlers
  • High severity unsanitized taint flows
  • Missing capability checks on AJAX
Vulnerabilities
None known

WPMozo Wishlist Lite for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

WPMozo Wishlist Lite for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
80 prepared
Unescaped Output
5
372 escaped
Nonce Checks
7
Capability Checks
1
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared80 total queries

Output Escaping

99% escaped377 total outputs
Data Flows
3 unsanitized

Data Flow Analysis

4 flows3 with unsanitized paths
cookies_products_action (public\class-wpmozo-wishlist-lite-public.php:1681)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
13 unprotected

WPMozo Wishlist Lite for WooCommerce Attack Surface

Entry Points15
Unprotected13

AJAX Handlers 13

authwp_ajax_wpmozo_wishlist_panel_save_settingsincludes\class-wpmozo-wishlist-lite.php:231
authwp_ajax_wpmozo_wishlist_panel_activate_licenseincludes\class-wpmozo-wishlist-lite.php:232
authwp_ajax_wpmozo_wishlist_panel_deactivate_licenseincludes\class-wpmozo-wishlist-lite.php:233
authwp_ajax_wpmozo_get_popular_productsincludes\class-wpmozo-wishlist-lite.php:236
authwp_ajax_wpmozo_add_product_to_wishlistincludes\class-wpmozo-wishlist-lite.php:264
noprivwp_ajax_wpmozo_add_product_to_wishlistincludes\class-wpmozo-wishlist-lite.php:265
authwp_ajax_wpmozo_remove_wishlisted_productsincludes\class-wpmozo-wishlist-lite.php:266
noprivwp_ajax_wpmozo_remove_wishlisted_productsincludes\class-wpmozo-wishlist-lite.php:267
authwp_ajax_wpmozo_get_wishlisted_productsincludes\class-wpmozo-wishlist-lite.php:268
noprivwp_ajax_wpmozo_get_wishlisted_productsincludes\class-wpmozo-wishlist-lite.php:269
authwp_ajax_wpmozo_get_wishlisted_products_total_pagesincludes\class-wpmozo-wishlist-lite.php:270
noprivwp_ajax_wpmozo_get_wishlisted_products_total_pagesincludes\class-wpmozo-wishlist-lite.php:271
authwp_ajax_wpmozo_cookies_products_actionincludes\class-wpmozo-wishlist-lite.php:275

Shortcodes 2

[wpmozo_add_to_wishlist_button] includes\class-wpmozo-wishlist-lite.php:278
[wpmozo_wishlists] includes\class-wpmozo-wishlist-lite.php:279
WordPress Hooks 57
actionwp_loadedincludes\class-wpmozo-wishlist-lite.php:227
actionadmin_menuincludes\class-wpmozo-wishlist-lite.php:228
actionadmin_enqueue_scriptsincludes\class-wpmozo-wishlist-lite.php:229
actionadmin_enqueue_scriptsincludes\class-wpmozo-wishlist-lite.php:230
filterplugin_row_metaincludes\class-wpmozo-wishlist-lite.php:235
actionwpincludes\class-wpmozo-wishlist-lite.php:257
filterwp_robotsincludes\class-wpmozo-wishlist-lite.php:258
actiontemplate_redirectincludes\class-wpmozo-wishlist-lite.php:259
actionwpincludes\class-wpmozo-wishlist-lite.php:260
actionwp_enqueue_scriptsincludes\class-wpmozo-wishlist-lite.php:261
actionwp_enqueue_scriptsincludes\class-wpmozo-wishlist-lite.php:262
actionwp_enqueue_scriptsincludes\class-wpmozo-wishlist-lite.php:263
actionwp_loginincludes\class-wpmozo-wishlist-lite.php:272
actionuser_registerincludes\class-wpmozo-wishlist-lite.php:273
actionwp_footerincludes\class-wpmozo-wishlist-lite.php:274
filterbody_classincludes\class-wpmozo-wishlist-lite.php:276
filterwoocommerce_cart_item_remove_linkincludes\class-wpmozo-wishlist-lite.php:277
actionwpincludes\class-wpmozo-wishlist-lite.php:282
actionwoocommerce_before_add_to_cart_buttonpublic\class-wpmozo-wishlist-lite-public.php:426
filterrender_block_woocommerce/add-to-cart-formpublic\class-wpmozo-wishlist-lite-public.php:429
actionwoocommerce_single_product_summarypublic\class-wpmozo-wishlist-lite-public.php:431
actionwoocommerce_after_add_to_cart_buttonpublic\class-wpmozo-wishlist-lite-public.php:438
filterrender_block_woocommerce/add-to-cart-formpublic\class-wpmozo-wishlist-lite-public.php:441
actionwoocommerce_single_product_summarypublic\class-wpmozo-wishlist-lite-public.php:443
filterrender_block_woocommerce/product-imagepublic\class-wpmozo-wishlist-lite-public.php:469
actionwoocommerce_before_shop_loop_itempublic\class-wpmozo-wishlist-lite-public.php:471
filterrender_block_woocommerce/product-buttonpublic\class-wpmozo-wishlist-lite-public.php:477
actionwoocommerce_after_shop_loop_itempublic\class-wpmozo-wishlist-lite-public.php:479
filterrender_block_woocommerce/product-buttonpublic\class-wpmozo-wishlist-lite-public.php:485
actionwoocommerce_after_shop_loop_itempublic\class-wpmozo-wishlist-lite-public.php:487
actionastra_woo_shop_add_to_cart_beforepublic\compatibility\themes\astra.php:53
actionastra_woo_shop_add_to_cart_afterpublic\compatibility\themes\astra.php:58
actiontemplate_redirectpublic\compatibility\themes\astra.php:66
actionwoocommerce_before_add_to_cart_buttonpublic\compatibility\themes\astra.php:92
filterrender_block_woocommerce/add-to-cart-formpublic\compatibility\themes\astra.php:95
actionastra_woo_single_add_to_cart_beforepublic\compatibility\themes\astra.php:97
actionwoocommerce_after_add_to_cart_buttonpublic\compatibility\themes\astra.php:104
filterrender_block_woocommerce/add-to-cart-formpublic\compatibility\themes\astra.php:107
actionastra_woo_single_add_to_cart_afterpublic\compatibility\themes\astra.php:109
actionblocksy:woocommerce:product-card:actions:beforepublic\compatibility\themes\blocksy.php:53
actionblocksy:woocommerce:product-card:actions:afterpublic\compatibility\themes\blocksy.php:58
actiontemplate_redirectpublic\compatibility\themes\blocksy.php:66
filterrender_block_woocommerce/add-to-cart-formpublic\compatibility\themes\blocksy.php:92
actionblocksy:woocommerce:product-single:add_to_cart:beforepublic\compatibility\themes\blocksy.php:94
filterrender_block_woocommerce/add-to-cart-formpublic\compatibility\themes\blocksy.php:100
actionblocksy:woocommerce:product-single:add_to_cart:afterpublic\compatibility\themes\blocksy.php:102
actionocean_before_archive_product_add_to_cart_innerpublic\compatibility\themes\oceanwp.php:53
actionocean_after_archive_product_add_to_cart_innerpublic\compatibility\themes\oceanwp.php:58
actiontemplate_redirectpublic\compatibility\themes\oceanwp.php:67
actionwoocommerce_before_add_to_cart_buttonpublic\compatibility\themes\oceanwp.php:105
filterrender_block_woocommerce/add-to-cart-formpublic\compatibility\themes\oceanwp.php:108
actionocean_before_single_product_quantity-buttonpublic\compatibility\themes\oceanwp.php:110
actionwoocommerce_after_add_to_cart_buttonpublic\compatibility\themes\oceanwp.php:117
filterrender_block_woocommerce/add-to-cart-formpublic\compatibility\themes\oceanwp.php:120
actionocean_after_single_product_quantity-buttonpublic\compatibility\themes\oceanwp.php:122
actionbefore_woocommerce_initwpmozo-wishlist-lite-for-woocommerce.php:54
actioninitwpmozo-wishlist-lite-for-woocommerce.php:96
Maintenance & Trust

WPMozo Wishlist Lite for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedAug 6, 2025
PHP min version7.0
Downloads375

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

WPMozo Wishlist Lite for WooCommerce Alternatives

Addonify – WooCommerce Wishlist

Addonify – WooCommerce Wishlist

addonify-wishlist

A
99

Addonify WooCommerce Wishlist is a light-weight yet powerful tool that adds a wishlist functionality to your e-commerce shop.

1K 1 CVE
Flexible Wishlist for WooCommerce – Ecommerce Wishlist & Save for later

Flexible Wishlist for WooCommerce – Ecommerce Wishlist & Save for later

flexible-wishlist

A
98

Lightweight and simple WooCommerce wishlist. Increases sales. Fits any theme. Customizes texts and icons. Add to ecommerce wishlist with just 1 click.

900 2 CVEs
Premmerce Wishlist for WooCommerce

Premmerce Wishlist for WooCommerce

premmerce-woocommerce-wishlist

A
93

This plugin provides the possibility for your customers to create wishlists with the further possibility to share them with friends.

200 3 CVEs
Bizzwishlist

Bizzwishlist

bizzwishlist

A
100

A lightweight and powerful WooCommerce Wishlist addon. Allow customers to save their favorite products and purchase them later.

0 No CVEs
Velocity Wishlist – WooCommerce Wishlist Plugin

Velocity Wishlist – WooCommerce Wishlist Plugin

velocity-wishlist

A
100

Powerful, lightweight wishlist functionality for WooCommerce. Supports guest users, product variations, social sharing, and fully customizable buttons …

0 No CVEs
Developer Profile

WPMozo Wishlist Lite for WooCommerce Developer Profile

Elicus

5 plugins · 410 total installs

91
trust score
Avg Security Score
96/100
Avg Patch Time
14 days
View full developer profile
Detection Fingerprints

How We Detect WPMozo Wishlist Lite for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wpmozo-wishlist-lite-for-woocommerce/admin/js/settings.js/wp-content/plugins/wpmozo-wishlist-lite-for-woocommerce/admin/css/settings.css/wp-content/plugins/wpmozo-wishlist-lite-for-woocommerce/public/css/frontend.css/wp-content/plugins/wpmozo-wishlist-lite-for-woocommerce/public/js/frontend.js
Script Paths
/wp-content/plugins/wpmozo-wishlist-lite-for-woocommerce/admin/js/settings.js/wp-content/plugins/wpmozo-wishlist-lite-for-woocommerce/public/js/frontend.js
Version Parameters
wpmozo-wishlist-lite-for-woocommerce/admin/js/settings.js?ver=wpmozo-wishlist-lite-for-woocommerce/admin/css/settings.css?ver=wpmozo-wishlist-lite-for-woocommerce/public/css/frontend.css?ver=wpmozo-wishlist-lite-for-woocommerce/public/js/frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
wpmozo-wishlist-lite-settings-wrapwpmozo-wishlist-lite-settings-fieldswpmozo-wishlist-lite-form-groupwpmozo-wishlist-lite-button
HTML Comments
<!-- WPMozo Wishlist Lite Settings --><!-- Start: Settings Section --><!-- End: Settings Section -->
Data Attributes
data-plugin-name="wpmozo-wishlist-lite-for-woocommerce"
JS Globals
wpmozo_wishlist_lite_params
FAQ

Frequently Asked Questions about WPMozo Wishlist Lite for WooCommerce