Ecommerce WordPress Plugins That Need Review
152 indexed plugins
Plugins
152
Active Installs
11m+
Average Score
52
Audited
152
Needs Review
| Rank | Plugin | Score | Errors | Warnings | Installs | Added | Updated | Top Issue |
|---|---|---|---|---|---|---|---|---|
| #51 | Dintero Checkout for WooCommerce Payment Methods | 35 | 58 | 48 | 600 | Text Domain Mismatch | ||
| #52 | Kustom Checkout for WooCommerce | 35 | 101 | 505 | 10k+ | Dynamic hook name | ||
| #53 | MONEI Payments for WooCommerce | 35 | 15 | 65 | 500 | Non-prefixed hook name | ||
| #54 | Search Attributes for WooCommerce | 35 | 26 | 3 | 600 | Text Domain Mismatch | ||
| #55 | SumUp Payment Gateway For WooCommerce | 35 | 29 | 59 | 10k+ | Nonce verification recommended | ||
| #56 | The Courier Guy Shipping for WooCommerce | 35 | 57 | 107 | 3k+ | Missing nonce verification | ||
| #57 | WP Courseware for WooCommerce | 35 | 55 | 49 | 1k+ | Text Domain Mismatch | ||
| #58 | Data Exchange for WooCommerce and 1C:Enterprise/1С:Предприятие | 35 | 1 | 2 | 1k+ | Hidden files included | ||
| #59 | Conversion Tracking for WooCommerce | 35 | 74 | 61 | 20k+ | Output is not escaped | ||
| #60 | Japanized for WooCommerce | 35 | 6 | 68 | 10k+ | Non-prefixed class | ||
| #61 | 2C2P Redirect API for WooCommerce | 36 | 136 | 62 | 900 | wp function not compatible with requires wp | ||
| #62 | ColorMeShop WordPress Plugin | 36 | 392 | 37 | 600 | Exception output is not escaped | ||
| #63 | SureContact – Newsletters, Email Marketing, Automation, Revenue Tracking & CRM | 36 | 314 | 132 | 5k+ | Text Domain Mismatch | ||
| #64 | FOMO & Social Proof Notifications by TrustPulse – Best WordPress FOMO Plugin | 36 | 104 | 39 | 10k+ | Output is not escaped | ||
| #65 | WC Pickup Store | 36 | 245 | 52 | 2k+ | Output is not escaped | ||
| #66 | Payment Button for PayPal | 36 | 155 | 86 | 4k+ | Unsafe printing function | ||
| #67 | WP Stripe Checkout | 36 | 198 | 118 | 1k+ | Unsafe printing function | ||
| #68 | Catalog Booster & Product Catalog Mode for WooCommerce | 37 | 106 | 168 | 1k+ | Non-prefixed function | ||
| #69 | Image Widget Deluxe | 37 | 190 | 1 | 1k+ | Output is not escaped | ||
| #70 | Website Pop-up Builder by BDOW! (formerly Sumo): Pop-ups + forms for email opt-ins and lead generation | 37 | 42 | 33 | 10k+ | Output is not escaped | ||
| #71 | Tilopay | 37 | 35 | 130 | 1k+ | Nonce verification recommended | ||
| #72 | Piraeus Bank WooCommerce Payment Gateway | 37 | 146 | 104 | 3k+ | Non Singular String Literal Domain | ||
| #73 | Skroutz & Bestprice XML feed for WooCommerce | 37 | 161 | 41 | 1k+ | Text Domain Mismatch | ||
| #74 | WP WooCommerce Mailchimp | 37 | 62 | 85 | 6k+ | Non-prefixed hook name | ||
| #75 | WooCommerce PayPal Payments | 37 | 194 | 110 | 800k+ | Exception output is not escaped | ||
| #76 | Aplazame | 38 | 34 | 39 | 600 | Non-prefixed global variable | ||
| #77 | Social Shop for WooCommerce | 38 | 51 | 24 | 800 | Output is not escaped | ||
| #78 | GoDaddy Payments for WooCommerce | 38 | 58 | 65 | 2k+ | Output is not escaped | ||
| #79 | External Store for Shopify | 38 | 97 | 33 | 2k+ | Output is not escaped | ||
| #80 | Easy PayPal Events & Tickets | 39 | 28 | 550 | 1k+ | Request data is not unslashed | ||
| #81 | payever – WooCommerce Gateway | 39 | 263 | 131 | 700 | Text Domain Mismatch | ||
| #82 | CURCY – Multi Currency for WooCommerce – Smoothly on WooCommerce 9.x | 39 | 7 | 222 | 20k+ | Non-prefixed hook name | ||
| #83 | Eurobank WooCommerce Payment Gateway | 39 | 62 | 63 | 2k+ | Non Singular String Literal Domain | ||
| #84 | Payment Gateway – nexi Alpha Bank for WooCommerce | 40 | 28 | 45 | 1k+ | Missing nonce verification | ||
| #85 | Easy PayPal & Stripe Buy Now Button | 40 | 388 | 96 | 10k+ | Unsafe printing function | ||
| #86 | Alma – Pay in installments or later for WooCommerce | 41 | 116 | 68 | 1k+ | Exception output is not escaped | ||
| #87 | Pay for Payment for WooCommerce | 41 | 29 | 67 | 10k+ | Missing nonce verification | ||
| #88 | iyzico for WooCommerce | 42 | 34 | 54 | 10k+ | Unsafe printing function | ||
| #89 | Sovrn | 43 | 9 | 29 | 1k+ | Input is not sanitized | ||
| #90 | Razorpay Subscriptions for WooCommerce | 44 | 28 | 35 | 600 | Exception output is not escaped | ||
| #91 | TriPay Payment Gateway | 45 | 478 | 44 | 1k+ | Text Domain Mismatch | ||
| #92 | CDEKDelivery | 46 | 75 | 2k+ | Nonce verification recommended | |||
| #93 | Pago por Redsys | 50 | 44 | 59 | 700 | Text Domain Mismatch | ||
| #94 | Mailster for WooCommerce | 55 | 23 | 32 | 1k+ | Non-prefixed global variable | ||
| #95 | Refer A Friend for WooCommerce by WPGens | 55 | 77 | 21 | 1k+ | Text Domain Mismatch | ||
| #96 | iConvert Promoter | 57 | 98 | 217 | 1k+ | Non-prefixed global variable | ||
| #97 | Flat Rate per State/Country/Region for WooCommerce | 60 | 27 | 4 | 1k+ | Output is not escaped | ||
| #98 | Documents for WooCommerce | 61 | 16 | 13 | 500 | Output is not escaped | ||
| #99 | Channel.io | 64 | 14 | 3 | 1k+ | Output is not escaped | ||
| #100 | Moosend Website Connector | 64 | 15 | 12 | 1k+ | Non Singular String Literal Domain |