Checked on February 12, 2025

Possible Issues Detected:

• The PHP function filter_input() is used without a filter, so it doesn't do any filtering.


• The plugin registers one or more AJAX actions to be accessible whether the requester is logged in to WordPress or not. Those registrations should be checked to make sure that they are intended to be accessed by those not logged in.

Subscribers of our service are able to see the details of the possible issues identified above. Alongside that, any issues that we have already checked on will be noted. You can sign up for the service for free here. For existing subscribers, once you are logged in to your account, return to this page to access that functionality.

You should not be contacting the developer of the plugin with these results as they only indicate a possible issues. Instead, someone with the proper expertise should review the plugin to determine if there is in fact an issue before contacting the developer about a confirmed issue, so their time is not taken up unnecessarily.

Plugin Information

• Slug: wc-frontend-manager
• Version: 6.7.15

Get a Professional Security Review

Once you become a paying subscriber of our service you can suggest/vote for the WCFM to receive a review from us.

If you want to get a review done right away, our price to do that for version 6.7.15 of WCFM is $2200 USD.

---

Check Plugin in WordPress Plugin Directory

Choose WordPress plugin available in the Plugin Directory to check by searching on its name or slug:

Check Plugin in ClassicPress Plugin Directory

Choose ClassicPress plugin available in the Plugin Directory to check by searching on its name or slug:

Check Other Plugin

Subscribers of our service can submit ZIP files of other plugins to have them checked. You can sign up for a free trial of the service here. For existing subscribers, once you are logged in to your account, return to this page to access that functionality.

The results of these scans will not be logged.