WP Clinic
Log in Sign up

PLUGIN SECURITY

Is eCommerce Product Catalog for WordPress safe?

Known vulnerabilities, PHP compatibility and safer alternatives for the eCommerce Product Catalog for WordPress WordPress plugin — checked against WP Clinic's local security database.

Plugin details

  • Slug: ecommerce-product-catalog
  • Requires PHP: 5.6+
  • Max supported PHP (analyzed): 8.4

Known vulnerabilities

  • CVE-2021-24875 — eCommerce Product Catalog Plugin for WordPress [ecommerce-product-catalog] < 3.0.39 (XSS) · Medium
  • eCommerce Product Catalog Plugin for WordPress [ecommerce-product-catalog] < 3.0.18
  • eCommerce Product Catalog Plugin for WordPress [ecommerce-product-catalog] < 2.9.44
  • eCommerce Product Catalog Plugin for WordPress [ecommerce-product-catalog] < 2.9.44
  • eCommerce Product Catalog Plugin for WordPress [ecommerce-product-catalog] < 3.0.71
+ 26 more known vulnerabilities
  • eCommerce Product Catalog Plugin for WordPress [ecommerce-product-catalog] < 3.0.72
  • eCommerce Product Catalog Plugin for WordPress [ecommerce-product-catalog] < 3.0.72
  • eCommerce Product Catalog Plugin for WordPress [ecommerce-product-catalog] < 3.0.70
  • eCommerce Product Catalog Plugin for WordPress [ecommerce-product-catalog] < 3.0.71
  • eCommerce Product Catalog Plugin for WordPress [ecommerce-product-catalog] < 2.9.44
  • eCommerce Product Catalog Plugin for WordPress [ecommerce-product-catalog] < 3.0.18
  • CVE-2023-25049 — eCommerce Product Catalog Plugin for WordPress [ecommerce-product-catalog] < 3.3.5 (XSS) · Medium
  • CVE-2023-1470 — eCommerce Product Catalog Plugin for WordPress [ecommerce-product-catalog] < 3.3.9 (XSS) · Medium
  • CVE-2021-4342 — eCommerce Product Catalog Plugin for WordPress [ecommerce-product-catalog] < 2.9.44
  • CVE-2021-4393 — eCommerce Product Catalog Plugin for WordPress [ecommerce-product-catalog] < 3.0.18 (CSRF) · Medium
  • CVE-2021-4392 — eCommerce Product Catalog Plugin for WordPress [ecommerce-product-catalog] < 2.9.44 (CSRF) · Medium
  • eCommerce Product Catalog Plugin for WordPress [ecommerce-product-catalog] < 3.0.72
  • eCommerce Product Catalog Plugin for WordPress [ecommerce-product-catalog] < 3.0.72
  • eCommerce Product Catalog Plugin for WordPress [ecommerce-product-catalog] < 3.0.71
  • eCommerce Product Catalog Plugin for WordPress [ecommerce-product-catalog] < 3.3.26
  • eCommerce Product Catalog Plugin for WordPress [ecommerce-product-catalog] < 3.3.27
  • eCommerce Product Catalog Plugin for WordPress [ecommerce-product-catalog] < 3.3.26
  • CVE-2023-47839 — eCommerce Product Catalog Plugin for WordPress [ecommerce-product-catalog] < 3.3.27 (XSS) · Medium
  • CVE-2023-5979 — eCommerce Product Catalog Plugin for WordPress [ecommerce-product-catalog] < 3.3.26 (CSRF) · Medium
  • CVE-2023-51688 — eCommerce Product Catalog Plugin for WordPress [ecommerce-product-catalog] < 3.3.27 (CWE-200) · Medium
  • CVE-2024-32437 — eCommerce Product Catalog Plugin for WordPress [ecommerce-product-catalog] < 3.3.29 (CSRF) · Medium
  • CVE-2024-32558 — eCommerce Product Catalog Plugin for WordPress [ecommerce-product-catalog] < 3.3.33 (XSS) · High
  • CVE-2024-12771 — eCommerce Product Catalog Plugin for WordPress [ecommerce-product-catalog] < 3.3.44 (CSRF) · High
  • CVE-2025-49331 — eCommerce Product Catalog Plugin for WordPress [ecommerce-product-catalog] < 3.4.4 (Insecure Deserialization) · High
  • CVE-2026-52693 — eCommerce Product Catalog Plugin for WordPress [ecommerce-product-catalog] < 3.5.6 (SQL Injection) · Critical
  • CVE-2026-57360 — eCommerce Product Catalog Plugin for WordPress [ecommerce-product-catalog] < 3.5.5 (XSS) · High

Vulnerabilities are matched against the exact installed version when it's known. Always keep the plugin updated to the latest release.

Safer / more established alternatives

Check your own WordPress site

Run a free passive scan now, or create a free account and install the WP Clinic plugin for a deep scan of your whole hosting account and AI-assisted repair.