Does YITH Pre-Order for WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in YITH Pre-Order for WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is YITH Pre-Order for WooCommerce compatible with WordPress 6.9.4?

According to WordPress.org data, YITH Pre-Order for WooCommerce 3.14.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is YITH Pre-Order for WooCommerce compatible with PHP 7.4+?

YITH Pre-Order for WooCommerce requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is YITH Pre-Order for WooCommerce updated?

YITH Pre-Order for WooCommerce was last updated on Mar 2, 2026. Frequent updates are generally a positive security signal.

What is YITH Pre-Order for WooCommerce's security score?

YITH Pre-Order for WooCommerce has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

YITH Pre-Order for WooCommerce Security & Risk Analysis

wordpress.org/plugins/yith-pre-order-for-woocommerce

Let your customers buy products before they are released and generate cash flow in advance to cover costs.

6K active installs v3.14.0 PHP 7.4+ WP 6.7+ Updated Mar 2, 2026

pre-orderpreorderwoocommerceyith

A · Safe

CVEs total1

Unpatched0

Last CVENov 11, 2022

Plugin page Download

Safety Verdict

Is YITH Pre-Order for WooCommerce Safe to Use in 2026?

Generally Safe

Score 99/100

YITH Pre-Order for WooCommerce has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Nov 11, 2022Updated 1mo ago

Risk Assessment

The 'yith-pre-order-for-woocommerce' plugin version 3.14.0 exhibits a generally good security posture, with a strong emphasis on secure coding practices. The static analysis shows a high percentage of properly escaped outputs and 100% usage of prepared statements for SQL queries, indicating a proactive approach to preventing common web vulnerabilities. The absence of critical or high severity taint analysis findings further reinforces this positive outlook, suggesting that user-supplied data is largely handled safely.

However, a significant concern arises from the presence of one AJAX handler without authentication checks. This creates a potential entry point for unauthenticated attackers to interact with plugin functionality, which could lead to unintended consequences or further exploitation if the handler performs sensitive actions. While the plugin has a history of one high severity vulnerability, it is currently unpatched, meaning there's no readily available fix for that specific issue, though the current version analyzed might not be affected. The plugin also bundles the Select2 library, which could introduce risks if it's outdated or contains known vulnerabilities, though this is not explicitly detailed in the provided data.

In conclusion, the plugin demonstrates strong foundational security practices. The main area for improvement is securing all AJAX endpoints to prevent unauthorized access. The presence of a previously high severity vulnerability, even if currently patched in later versions (or not present in this analyzed version), warrants attention. Overall, the plugin is relatively secure but requires careful consideration of the unprotected AJAX endpoint and awareness of its past vulnerability.

Key Concerns

Unprotected AJAX handler
Bundled library (Select2)

Vulnerabilities

YITH Pre-Order for WooCommerce Security Vulnerabilities

CVEs by Year

1 CVE in 2022

2022

Patched Has unpatched

Severity Breakdown

High

1 total CVE

WF-b948574a-0aab-4596-83e6-04be21f78bc1-yith-pre-order-for-woocommercehigh · 7.1Missing Authorization

YITH plugins by YITHEMES <= (Various Versions) - Missing Authorization

Nov 11, 2022 Patched in 2.6.0 (438d)

Code Analysis

Analyzed Mar 16, 2026

YITH Pre-Order for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

5 prepared

Unescaped Output

1584 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Select2

SQL Query Safety

100% prepared5 total queries

Output Escaping

94% escaped1680 total outputs

Data Flows

All sanitized

Data Flow Analysis

13 flows

do_shortcode (plugin-fw\includes\builders\gutenberg\class-yith-gutenberg.php:279)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

YITH Pre-Order for WooCommerce Attack Surface

Entry Points5

Unprotected1

AJAX Handlers 5

authwp_ajax_yith_plugin_fw_gutenberg_do_shortcodeplugin-fw\includes\builders\gutenberg\class-yith-gutenberg.php:63

authwp_ajax_yith_plugin_fw_save_toggle_element_metaboxplugin-fw\includes\class-yit-metabox.php:86

authwp_ajax_yith_plugin_fw_save_toggle_elementplugin-fw\includes\class-yit-plugin-panel.php:138

authwp_ajax_yith_bh_onboardingplugin-fw\includes\class-yith-bh-onboarding.php:37

authwp_ajax_yith_create_log_fileplugin-fw\includes\class-yith-system-status.php:101

WordPress Hooks 149

actionadmin_menuincludes\class-yith-pre-order-admin.php:104

actionyith_ywpo_pre_order_premium_tabincludes\class-yith-pre-order-admin.php:106

filteryith_show_plugin_row_metaincludes\class-yith-pre-order-admin.php:110

filterwoocommerce_locate_core_templateincludes\class-yith-pre-order-admin.php:111

filterwoocommerce_get_item_downloadsincludes\class-yith-pre-order-download-links.php:52

filterwoocommerce_customer_get_downloadable_productsincludes\class-yith-pre-order-download-links.php:53

actionadmin_enqueue_scriptsincludes\class-yith-pre-order-edit-product-page.php:51

filterwoocommerce_product_data_tabsincludes\class-yith-pre-order-edit-product-page.php:52

actionwoocommerce_product_data_panelsincludes\class-yith-pre-order-edit-product-page.php:53

actionwoocommerce_product_after_variable_attributesincludes\class-yith-pre-order-edit-product-page.php:54

actionwoocommerce_process_product_metaincludes\class-yith-pre-order-edit-product-page.php:55

actionwoocommerce_save_product_variationincludes\class-yith-pre-order-edit-product-page.php:56

filterwoocommerce_order_item_get_formatted_meta_dataincludes\class-yith-pre-order-edit-product-page.php:57

filterwoocommerce_hidden_order_itemmetaincludes\class-yith-pre-order-edit-product-page.php:58

actionwp_enqueue_scriptsincludes\class-yith-pre-order-frontend.php:77

filterwoocommerce_get_availabilityincludes\class-yith-pre-order-frontend.php:79

filterwoocommerce_post_classincludes\class-yith-pre-order-frontend.php:80

filterwoocommerce_product_single_add_to_cart_textincludes\class-yith-pre-order-frontend.php:82

filterwoocommerce_product_add_to_cart_textincludes\class-yith-pre-order-frontend.php:83

actionwoocommerce_after_cart_item_nameincludes\class-yith-pre-order-frontend.php:84

filterwoocommerce_available_variationincludes\class-yith-pre-order-frontend.php:85

filterwoocommerce_get_stock_htmlincludes\class-yith-pre-order-frontend.php:87

actionwoocommerce_shop_loop_item_titleincludes\class-yith-pre-order-frontend.php:88

actionwoocommerce_new_order_itemincludes\class-yith-pre-order-frontend.php:90

filterwoocommerce_product_get_priceincludes\class-yith-pre-order-frontend.php:92

filterwoocommerce_product_variation_get_priceincludes\class-yith-pre-order-frontend.php:93

filterwoocommerce_show_variation_priceincludes\class-yith-pre-order-frontend.php:94

filterwoocommerce_variation_prices_priceincludes\class-yith-pre-order-frontend.php:95

filterwoocommerce_product_is_on_saleincludes\class-yith-pre-order-frontend.php:96

actionwoocommerce_my_account_my_orders_column_order-statusincludes\class-yith-pre-order-my-account.php:48

actionwoocommerce_order_item_meta_startincludes\class-yith-pre-order-my-account.php:49

filterwoocommerce_account_menu_itemsincludes\class-yith-pre-order-my-account.php:50

actionwoocommerce_account_my-pre-orders_endpointincludes\class-yith-pre-order-my-account.php:51

filterthe_titleincludes\class-yith-pre-order-my-account.php:52

actioninitincludes\class-yith-pre-order.php:97

actioninitincludes\class-yith-pre-order.php:98

filterwoocommerce_email_classesincludes\class-yith-pre-order.php:100

filterwoocommerce_order_data_store_cpt_get_orders_queryincludes\class-yith-pre-order.php:101

actioninitincludes\class-yith-pre-order.php:102

actionwoocommerce_order_status_pending_to_on-hold_notificationincludes\class-yith-pre-order.php:215

actionwoocommerce_order_status_failed_to_on-hold_notificationincludes\class-yith-pre-order.php:216

actionwoocommerce_order_status_cancelled_to_on-hold_notificationincludes\class-yith-pre-order.php:217

actionwoocommerce_order_status_pending_to_processing_notificationincludes\class-yith-pre-order.php:218

actionwoocommerce_order_status_failed_to_processing_notificationincludes\class-yith-pre-order.php:219

actionwoocommerce_order_status_cancelled_to_processing_notificationincludes\class-yith-pre-order.php:220

actionwoocommerce_order_status_on-hold_to_processing_notificationincludes\class-yith-pre-order.php:221

actionwoocommerce_order_status_completed_notificationincludes\class-yith-pre-order.php:222

actionywpo_confirmed_emailincludes\emails\class-yith-pre-order-confirmed-email.php:48

actionywpo_new_pre_order_emailincludes\emails\class-yith-pre-order-new-pre-order-email.php:47

actionbefore_woocommerce_initinit.php:62

actionadmin_noticesinit.php:91

actionbefore_woocommerce_initinit.php:93

actionplugins_loadedinit.php:97

actionyith_ywpo_initinit.php:113

actionelementor/elements/categories_registeredplugin-fw\includes\builders\elementor\class-yith-elementor.php:50

actionelementor/editor/after_enqueue_stylesplugin-fw\includes\builders\elementor\class-yith-elementor.php:52

actionelementor/frontend/after_enqueue_stylesplugin-fw\includes\builders\elementor\class-yith-elementor.php:53

actioninitplugin-fw\includes\builders\gutenberg\class-yith-gutenberg.php:60

actioninitplugin-fw\includes\builders\gutenberg\class-yith-gutenberg.php:61

actioninitplugin-fw\includes\builders\gutenberg\class-yith-gutenberg.php:62

actionwc_ajax_yith_plugin_fw_gutenberg_do_shortcodeplugin-fw\includes\builders\gutenberg\class-yith-gutenberg.php:64

actioninitplugin-fw\includes\class-yit-assets.php:47

actionelementor/editor/before_enqueue_stylesplugin-fw\includes\class-yit-assets.php:48

actionadmin_enqueue_scriptsplugin-fw\includes\class-yit-assets.php:50

actioninitplugin-fw\includes\class-yit-assets.php:52

actionshould_load_block_editor_scripts_and_stylesplugin-fw\includes\class-yit-assets.php:53

actionadmin_enqueue_scriptsplugin-fw\includes\class-yit-icons.php:970

actionwp_enqueue_scriptsplugin-fw\includes\class-yit-icons.php:971

actionadd_meta_boxesplugin-fw\includes\class-yit-metabox.php:80

actionsave_postplugin-fw\includes\class-yit-metabox.php:81

actionadmin_enqueue_scriptsplugin-fw\includes\class-yit-metabox.php:82

filteryit_icons_screen_idsplugin-fw\includes\class-yit-metabox.php:84

filteradmin_body_classplugin-fw\includes\class-yit-plugin-panel-woocommerce.php:93

actionadmin_initplugin-fw\includes\class-yit-plugin-panel-woocommerce.php:94

actionadmin_menuplugin-fw\includes\class-yit-plugin-panel-woocommerce.php:95

actionadmin_menuplugin-fw\includes\class-yit-plugin-panel-woocommerce.php:96

actionadmin_bar_menuplugin-fw\includes\class-yit-plugin-panel-woocommerce.php:97

actionadmin_enqueue_scriptsplugin-fw\includes\class-yit-plugin-panel-woocommerce.php:98

actionadmin_initplugin-fw\includes\class-yit-plugin-panel-woocommerce.php:99

filterwoocommerce_screen_idsplugin-fw\includes\class-yit-plugin-panel-woocommerce.php:100

filterwoocommerce_admin_settings_sanitize_optionplugin-fw\includes\class-yit-plugin-panel-woocommerce.php:102

actionyith_plugin_fw_get_field_afterplugin-fw\includes\class-yit-plugin-panel-woocommerce.php:104

actionadmin_action_yith_plugin_fw_save_toggle_elementplugin-fw\includes\class-yit-plugin-panel-woocommerce.php:105

filterwoocommerce_admin_settings_sanitize_optionplugin-fw\includes\class-yit-plugin-panel-woocommerce.php:106

actionadmin_enqueue_scriptsplugin-fw\includes\class-yit-plugin-panel-woocommerce.php:108

actionadmin_initplugin-fw\includes\class-yit-plugin-panel-woocommerce.php:109

filteryith_plugin_fw_premium_landing_uriplugin-fw\includes\class-yit-plugin-panel-woocommerce.php:112

actionwoocommerce_admin_field_boxinfoplugin-fw\includes\class-yit-plugin-panel-woocommerce.php:126

actionwoocommerce_admin_field_yith-fieldplugin-fw\includes\class-yit-plugin-panel-woocommerce.php:127

filterwoocommerce_admin_settings_sanitize_optionplugin-fw\includes\class-yit-plugin-panel-woocommerce.php:129

actionadmin_menuplugin-fw\includes\class-yit-plugin-panel-woocommerce.php:132

filteradd_menu_classesplugin-fw\includes\class-yit-plugin-panel-woocommerce.php:134

filteradmin_body_classplugin-fw\includes\class-yit-plugin-panel.php:121

actionadmin_initplugin-fw\includes\class-yit-plugin-panel.php:122

actionadmin_menuplugin-fw\includes\class-yit-plugin-panel.php:123

actionadmin_menuplugin-fw\includes\class-yit-plugin-panel.php:124

actionadmin_bar_menuplugin-fw\includes\class-yit-plugin-panel.php:125

actionadmin_initplugin-fw\includes\class-yit-plugin-panel.php:126

actionadmin_enqueue_scriptsplugin-fw\includes\class-yit-plugin-panel.php:128

actionadmin_initplugin-fw\includes\class-yit-plugin-panel.php:129

filteryith_plugin_fw_premium_landing_uriplugin-fw\includes\class-yit-plugin-panel.php:132

actionadmin_enqueue_scriptsplugin-fw\includes\class-yit-plugin-panel.php:137

actionall_admin_noticesplugin-fw\includes\class-yit-plugin-panel.php:242

actionadmin_footerplugin-fw\includes\class-yit-plugin-panel.php:243

filterparent_fileplugin-fw\includes\class-yit-plugin-panel.php:245

filtersubmenu_fileplugin-fw\includes\class-yit-plugin-panel.php:246

actionadmin_menuplugin-fw\includes\class-yit-plugin-panel.php:259

filteradd_menu_classesplugin-fw\includes\class-yit-plugin-panel.php:260

filterremovable_query_argsplugin-fw\includes\class-yit-plugin-panel.php:261

actionadmin_enqueue_scriptsplugin-fw\includes\class-yit-plugin-panel.php:1081

actionadmin_initplugin-fw\includes\class-yit-plugin-panel.php:1082

actionadmin_footerplugin-fw\includes\class-yit-plugin-panel.php:1213

actionadmin_initplugin-fw\includes\class-yit-plugin-subpanel.php:44

actionadmin_menuplugin-fw\includes\class-yit-plugin-subpanel.php:45

actionadmin_bar_menuplugin-fw\includes\class-yit-plugin-subpanel.php:46

actionadmin_initplugin-fw\includes\class-yit-plugin-subpanel.php:47

actionadmin_enqueue_scriptsplugin-fw\includes\class-yit-plugin-subpanel.php:48

actionadmin_enqueue_scriptsplugin-fw\includes\class-yit-pointers.php:118

actionadmin_initplugin-fw\includes\class-yit-pointers.php:119

actionyith_bh_onboardingplugin-fw\includes\class-yith-bh-onboarding.php:36

actionwp_dashboard_setupplugin-fw\includes\class-yith-dashboard.php:146

actionadmin_enqueue_scriptsplugin-fw\includes\class-yith-dashboard.php:147

actionadmin_initplugin-fw\includes\class-yith-post-type-admin.php:65

actioncurrent_screenplugin-fw\includes\class-yith-post-type-admin.php:67

actionedit_form_topplugin-fw\includes\class-yith-post-type-admin.php:70

actionmanage_posts_extra_tablenavplugin-fw\includes\class-yith-post-type-admin.php:119

actionmanage_posts_extra_tablenavplugin-fw\includes\class-yith-post-type-admin.php:120

actionrestrict_manage_postsplugin-fw\includes\class-yith-post-type-admin.php:122

filterrequestplugin-fw\includes\class-yith-post-type-admin.php:123

filterlist_table_primary_columnplugin-fw\includes\class-yith-post-type-admin.php:125

filterpost_row_actionsplugin-fw\includes\class-yith-post-type-admin.php:126

filterpage_row_actionsplugin-fw\includes\class-yith-post-type-admin.php:127

filterdefault_hidden_columnsplugin-fw\includes\class-yith-post-type-admin.php:129

actiondisable_months_dropdownplugin-fw\includes\class-yith-post-type-admin.php:137

filteradmin_body_classplugin-fw\includes\class-yith-system-status.php:95

actionadmin_menuplugin-fw\includes\class-yith-system-status.php:96

actionadmin_initplugin-fw\includes\class-yith-system-status.php:97

actionadmin_noticesplugin-fw\includes\class-yith-system-status.php:98

actionadmin_enqueue_scriptsplugin-fw\includes\class-yith-system-status.php:99

actioninitplugin-fw\includes\class-yith-system-status.php:100

filteryith_plugin_fw_privacy_guide_contentplugin-fw\includes\privacy\class-yith-privacy-plugin-abstract.php:39

actionadmin_initplugin-fw\includes\privacy\class-yith-privacy.php:50

actionplugins_loadedplugin-fw\init.php:94

filterextra_theme_headersplugin-fw\yit-functions.php:602

filteryit_title_special_charactersplugin-fw\yit-functions.php:726

filterplugin_row_metaplugin-fw\yit-plugin.php:56

actionadmin_noticesplugin-fw\yit-plugin.php:298

actionplugins_loadedplugin-fw\yit-plugin.php:300

actionshutdownplugin-fw\yit-woocommerce-compatibility.php:765

Maintenance & Trust

YITH Pre-Order for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 2, 2026

PHP min version7.4

Downloads397K

Community Trust

Rating62/100

Number of ratings16

Active installs6K

Alternatives

YITH Pre-Order for WooCommerce Alternatives

Pre-Orders for WooCommerce – PreCart

precart

100

Easily enable preorders for your WooCommerce store. Allow customers to pre-order products, set release dates, accept payments, and manage everything f …

10 No CVEs

Bizzorder – Pre Order for WooCommerce

bizzorder

100

Simple and lightweight Pre-Order plugin for WooCommerce. Allow customers to pre-order products before they are available.

0 No CVEs

Pre-Order Timer

preorder-timer

100

Add pre-order functionality to WooCommerce with customizable countdown timers and display options.

0 No CVEs

PreOrders for WooCommerce

softtent-preorders

100

Accept WooCommerce preorders with partial payment, release dates, and stock automation.

0 No CVEs

YITH WooCommerce Wishlist

yith-woocommerce-wishlist

YITH WooCommerce Wishlist add all Wishlist features to your website. Needs WooCommerce to work. WooCommerce 10.6.x compatible.

500K 6 CVEs

Developer Profile

YITH Pre-Order for WooCommerce Developer Profile

YITHEMES

33 plugins · 1.1M total installs

trust score

Avg Security Score

97/100

Avg Patch Time

411 days

View full developer profile

Detection Fingerprints

How We Detect YITH Pre-Order for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/yith-pre-order-for-woocommerce/assets/css/ywpo-edit-product.css/wp-content/plugins/yith-pre-order-for-woocommerce/assets/js/edit-product-page.js/wp-content/plugins/yith-pre-order-for-woocommerce/assets/js/timepicker.js/wp-content/plugins/yith-pre-order-for-woocommerce/assets/css/timepicker.css

Script Paths

yith-plugin-fw-fieldsyith-wcpo-edit-product-pagejquery-ui-datetimepicker

Version Parameters

yith-pre-order-for-woocommerce/assets/css/ywpo-edit-product.css?ver=yith-pre-order-for-woocommerce/assets/js/edit-product-page.js?ver=yith-pre-order-for-woocommerce/assets/js/timepicker.js?ver=yith-pre-order-for-woocommerce/assets/css/timepicker.css?ver=

HTML / DOM Fingerprints

CSS Classes

yith-wcpo-product-data-panelyith-wcpo-variation-data-panel

HTML Comments

+2 more

Data Attributes

data-yith-wcpo-datedata-yith-wcpo-time

JS Globals

yith_wcpo_edit_product_params

FAQ

YITH Pre-Order for WooCommerce Security & Risk Analysis

Is YITH Pre-Order for WooCommerce Safe to Use in 2026?

Generally Safe

Key Concerns

YITH Pre-Order for WooCommerce Security Vulnerabilities

CVEs by Year

Severity Breakdown

YITH Pre-Order for WooCommerce Code Analysis

Bundled Libraries

SQL Query Safety

Output Escaping

Data Flow Analysis

YITH Pre-Order for WooCommerce Attack Surface

AJAX Handlers 5

YITH Pre-Order for WooCommerce Maintenance & Trust

Maintenance Signals

Community Trust

YITH Pre-Order for WooCommerce Alternatives

Pre-Orders for WooCommerce – PreCart

Bizzorder – Pre Order for WooCommerce

Pre-Order Timer

PreOrders for WooCommerce

YITH WooCommerce Wishlist

YITH Pre-Order for WooCommerce Developer Profile

How We Detect YITH Pre-Order for WooCommerce

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about YITH Pre-Order for WooCommerce