Does X-tra Ordinary WooCommerce Product Carousel and Slider have any unpatched vulnerabilities?

No. All known vulnerabilities in X-tra Ordinary WooCommerce Product Carousel and Slider have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is X-tra Ordinary WooCommerce Product Carousel and Slider compatible with WordPress 4.8.28?

According to WordPress.org data, X-tra Ordinary WooCommerce Product Carousel and Slider 3.1.1 has been tested up to WordPress 4.8.28. Check the plugin's changelog for the latest compatibility information.

X-tra Ordinary WooCommerce Product Carousel and Slider Security & Risk Analysis

wordpress.org/plugins/xox-woocommerce-slidercarousel

XoX Woocommerce Slider/Carousel is useful plugin for displaying sliders consists of Products and Product Category.

20 active installs v3.1.1 PHP + WP 4.0+ Updated Unknown

carouselproductproductssliderswoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is X-tra Ordinary WooCommerce Product Carousel and Slider Safe to Use in 2026?

Generally Safe

Score 100/100

X-tra Ordinary WooCommerce Product Carousel and Slider has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The 'xox-woocommerce-slidercarousel' plugin v3.1.1 exhibits a generally positive security posture, with no recorded historical vulnerabilities or critical findings in taint analysis. The static analysis reveals a small attack surface with all identified entry points (AJAX handlers and shortcodes) appearing to have some form of authorization checks, which is a good practice. SQL queries are exclusively prepared, and there are no external HTTP requests, further reducing potential attack vectors. The presence of nonce and capability checks on some entry points is also encouraging.

However, a significant concern lies in the output escaping, where only 54% of outputs are properly escaped. This indicates a potential for Cross-Site Scripting (XSS) vulnerabilities, especially if user-supplied data is not consistently handled before being rendered in the browser. While no critical taint flows were found, a large percentage of unescaped output can still lead to medium or low severity vulnerabilities that could be exploited. The plugin's history of zero vulnerabilities is a positive sign, suggesting a history of responsible development, but it does not negate the risks identified in the current code analysis.

In conclusion, while the plugin has several security strengths, the substantial proportion of unescaped output presents a tangible risk. The plugin would benefit from a thorough review and remediation of all output rendering to ensure proper sanitization and escaping, thereby mitigating potential XSS risks. Addressing this weakness would significantly improve the plugin's overall security.

Key Concerns

High percentage of improperly escaped output

Vulnerabilities

None known

X-tra Ordinary WooCommerce Product Carousel and Slider Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

X-tra Ordinary WooCommerce Product Carousel and Slider Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

104 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

54% escaped191 total outputs

Data Flows

All sanitized

Data Flow Analysis

4 flows

xox_carousel_slider_edit_theme (includes\theme-editor.php:43)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

X-tra Ordinary WooCommerce Product Carousel and Slider Attack Surface

Entry Points3

Unprotected0

AJAX Handlers 2

authwp_ajax_cmb2_oembed_handlerincludes\cmb2\includes\CMB2_Ajax.php:48

noprivwp_ajax_cmb2_oembed_handlerincludes\cmb2\includes\CMB2_Ajax.php:49

Shortcodes 1

[xoxslider] public\class-xox-woo-carousel-public.php:561

WordPress Hooks 65

actionadmin_initadmin\class-xox-woo-carousel-mce.php:8

actionadmin_footeradmin\class-xox-woo-carousel-mce.php:9

filtermce_external_pluginsadmin\class-xox-woo-carousel-mce.php:18

filtermce_buttonsadmin\class-xox-woo-carousel-mce.php:19

actionwidgets_initadmin\class-xox-woo-carousel-widget.php:87

actioninitincludes\class-xox-woo-carousel-custom-meta-box.php:32

actionadmin_enqueue_scriptsincludes\class-xox-woo-carousel-custom-meta-box.php:39

actioncmb2_initincludes\class-xox-woo-carousel-custom-meta-box.php:51

actioncmb2_initincludes\class-xox-woo-carousel-custom-meta-box.php:89

actioncmb2_initincludes\class-xox-woo-carousel-custom-meta-box.php:193

actionplugins_loadedincludes\class-xox-woo-carousel.php:151

actionadmin_enqueue_scriptsincludes\class-xox-woo-carousel.php:166

actionadmin_enqueue_scriptsincludes\class-xox-woo-carousel.php:167

actionwp_enqueue_scriptsincludes\class-xox-woo-carousel.php:182

actionwp_enqueue_scriptsincludes\class-xox-woo-carousel.php:183

actioncmb2_initincludes\cmb2\cmb-carousel-options.php:13

actioncmb2_initincludes\cmb2\cmb-slider-options.php:13

filterwp_prepare_attachment_for_jsincludes\cmb2\includes\CMB2.php:1130

actioncmb2_save_options-page_fieldsincludes\cmb2\includes\CMB2_Ajax.php:51

filterget_post_metadataincludes\cmb2\includes\CMB2_Ajax.php:140

filterupdate_post_metadataincludes\cmb2\includes\CMB2_Ajax.php:143

filtercmb2_show_onincludes\cmb2\includes\CMB2_hookup.php:56

actionedit_form_topincludes\cmb2\includes\CMB2_hookup.php:88

actionedit_form_before_permalinkincludes\cmb2\includes\CMB2_hookup.php:92

actionedit_form_after_titleincludes\cmb2\includes\CMB2_hookup.php:96

actionedit_form_after_editorincludes\cmb2\includes\CMB2_hookup.php:100

actionadd_meta_boxesincludes\cmb2\includes\CMB2_hookup.php:104

actionadd_attachmentincludes\cmb2\includes\CMB2_hookup.php:107

actionedit_attachmentincludes\cmb2\includes\CMB2_hookup.php:108

actionsave_postincludes\cmb2\includes\CMB2_hookup.php:109

actionadd_meta_boxes_commentincludes\cmb2\includes\CMB2_hookup.php:120

actionedit_commentincludes\cmb2\includes\CMB2_hookup.php:121

filtermanage_edit-comments_columnsincludes\cmb2\includes\CMB2_hookup.php:124

actionmanage_comments_custom_columnincludes\cmb2\includes\CMB2_hookup.php:125

actionshow_user_profileincludes\cmb2\includes\CMB2_hookup.php:132

actionedit_user_profileincludes\cmb2\includes\CMB2_hookup.php:133

actionuser_new_formincludes\cmb2\includes\CMB2_hookup.php:134

actionpersonal_options_updateincludes\cmb2\includes\CMB2_hookup.php:136

actionedit_user_profile_updateincludes\cmb2\includes\CMB2_hookup.php:137

actionuser_registerincludes\cmb2\includes\CMB2_hookup.php:138

filtermanage_users_columnsincludes\cmb2\includes\CMB2_hookup.php:141

filtermanage_users_custom_columnincludes\cmb2\includes\CMB2_hookup.php:142

actioncreated_termincludes\cmb2\includes\CMB2_hookup.php:180

actionedited_termsincludes\cmb2\includes\CMB2_hookup.php:181

actiondelete_termincludes\cmb2\includes\CMB2_hookup.php:182

actioncmb2_do_oembedincludes\cmb2\includes\helper-functions.php:120

filteris_protected_metaincludes\cmb2\includes\rest-api\CMB2_REST.php:118

actioninitincludes\cmb2\init.php:120

actioncmb2_render_switchincludes\cmb2\switch_metafield.php:18

actioncmb2_attached_posts_field_loadincludes\cmb2-attached-posts\cmb2-attached-posts-field.php:106

actionafter_setup_themeincludes\cmb2-attached-posts\cmb2-attached-posts-field.php:109

actioncmb2_render_custom_attached_postsincludes\cmb2-attached-posts\init.php:49

actioncmb2_sanitize_custom_attached_postsincludes\cmb2-attached-posts\init.php:50

actioncmb2_attached_posts_field_add_find_posts_divincludes\cmb2-attached-posts\init.php:51

actioncmb2_after_initincludes\cmb2-attached-posts\init.php:52

actionadmin_footerincludes\cmb2-attached-posts\init.php:71

actionwp_footerincludes\cmb2-attached-posts\init.php:500

actionpre_get_usersincludes\cmb2-attached-posts\init.php:540

actionpre_get_postsincludes\cmb2-attached-posts\init.php:542

actioninitxox-woo-carousel.php:118

actionadd_meta_boxesxox-woo-carousel.php:153

filterwidget_textxox-woo-carousel.php:156

actionadd_meta_boxesxox-woo-carousel.php:170

actionadmin_menuxox-woo-carousel.php:182

actionadmin_menuxox-woo-carousel.php:187

Maintenance & Trust

X-tra Ordinary WooCommerce Product Carousel and Slider Maintenance & Trust

Maintenance Signals

WordPress version tested4.8.28

Last updatedUnknown

PHP min version

Downloads9K

Community Trust

Rating74/100

Number of ratings3

Active installs20

Alternatives

X-tra Ordinary WooCommerce Product Carousel and Slider Alternatives

Widgets for WooCommerce Products on Elementor

woo-products-widgets-for-elementor

Woo Products widget is a plugin that allows adding WooCommerce Products and Categories into stylish grid and listing layouts to the pages built with E …

3K 1 unpatched

Featured Products Carousel by Tag

featured-products-carousel-tag

100

Muestra productos de WooCommerce por etiqueta en un carrusel con OwlCarousel2.

0 No CVEs

Product Carousel Slider for WooCommerce

product-carousel-slider-biddut-block

100

Beautiful, Responsive Product Carousel Slider Block with responsive columns, hover effects, gallery navigation, and add to cart functionality.

0 No CVEs

Specific Product Slider for WooCommerce

specific-product-slider-for-woocommerce

100

A Gutenberg block for WooCommerce that lets you select and display specific products in a customizable slider.

0 No CVEs

YITH WooCommerce Compare

yith-woocommerce-compare

YITH WooCommerce Compare allows you to compare more products of your shop in one complete table. WooCommerce Compatible up to 10.6

100K 3 CVEs

Developer Profile

X-tra Ordinary WooCommerce Product Carousel and Slider Developer Profile

Xolluteon

2 plugins · 30 total installs

trust score

Avg Security Score

80/100

Avg Patch Time

1680 days

View full developer profile

Detection Fingerprints

How We Detect X-tra Ordinary WooCommerce Product Carousel and Slider

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/xox-woocommerce-slidercarousel/assets/css/owl.carousel.css/wp-content/plugins/xox-woocommerce-slidercarousel/assets/css/owl.theme.css/wp-content/plugins/xox-woocommerce-slidercarousel/assets/css/style.css/wp-content/plugins/xox-woocommerce-slidercarousel/assets/js/owl.carousel.js/wp-content/plugins/xox-woocommerce-slidercarousel/assets/js/script.js

Script Paths

/wp-content/plugins/xox-woocommerce-slidercarousel/assets/js/owl.carousel.js/wp-content/plugins/xox-woocommerce-slidercarousel/assets/js/script.js

Version Parameters

xox-woocommerce-slidercarousel/assets/css/owl.carousel.css?ver=xox-woocommerce-slidercarousel/assets/css/owl.theme.css?ver=xox-woocommerce-slidercarousel/assets/css/style.css?ver=xox-woocommerce-slidercarousel/assets/js/owl.carousel.js?ver=xox-woocommerce-slidercarousel/assets/js/script.js?ver=

HTML / DOM Fingerprints

CSS Classes

xox_slider_carousel

Data Attributes

data-xox-slider-carousel

JS Globals

xoxSliderCarousel

Shortcode Output

[xox_slider_carousel]

FAQ

X-tra Ordinary WooCommerce Product Carousel and Slider Security & Risk Analysis

Is X-tra Ordinary WooCommerce Product Carousel and Slider Safe to Use in 2026?

Generally Safe

Key Concerns

X-tra Ordinary WooCommerce Product Carousel and Slider Security Vulnerabilities

X-tra Ordinary WooCommerce Product Carousel and Slider Code Analysis

Output Escaping

Data Flow Analysis

X-tra Ordinary WooCommerce Product Carousel and Slider Attack Surface

AJAX Handlers 2

Shortcodes 1

X-tra Ordinary WooCommerce Product Carousel and Slider Maintenance & Trust

Maintenance Signals

Community Trust

X-tra Ordinary WooCommerce Product Carousel and Slider Alternatives

Widgets for WooCommerce Products on Elementor

Featured Products Carousel by Tag

Product Carousel Slider for WooCommerce

Specific Product Slider for WooCommerce

YITH WooCommerce Compare

X-tra Ordinary WooCommerce Product Carousel and Slider Developer Profile

How We Detect X-tra Ordinary WooCommerce Product Carousel and Slider

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about X-tra Ordinary WooCommerce Product Carousel and Slider