Hi there!
Thank you for sharing the plugin score link.
The results you’re seeing come from a third-party automated scanning tool, and the large number of “errors” or “warnings” it reports can be misleading. These tools often flag patterns in the codebase that are not actual issues and don’t reflect the real-world security, stability, or reliability of WooCommerce.
WooCommerce is actively maintained, regularly audited, and used by millions of stores worldwide, so if there were genuine security vulnerabilities of this scale, they would be addressed immediately by the core development team.
Many of the items shown in the report, such as escaping, naming conventions, or global variable usage, are part of older code structures or internal APIs that are technically safe and intentional but get flagged by automated scanners because they don’t interpret context correctly.
In short, this scan does not indicate that WooCommerce is insecure or unreliable. It simply shows that the plugin contains a large and complex codebase that automated tools may not evaluate accurately.
If you are facing a specific issue on your site, feel free to share more details, and we’ll be happy to help!
At least you are aware of it.
Thank you for getting back @presskopp,
I can see the thread has been marked as resolved. If you run into any other WooCommerce issues, feel free to reach out and we’ll be happy to help.
In the meantime, if you’re pleased with how quickly your question was handled in the forum, we’d appreciate a review here: https://ww.wp.xz.cn/support/plugin/woocommerce/reviews/#new-post
