The My wpdb WordPress plugin before 2.5 is missing CSRF check when running SQL queries, which could allow attacker to make a logged in admin run arbitrary SQL query via a CSRF attack

CVE-2022-1578

The Five Star Restaurant Reservations WordPress plugin before 2.4.12 does not have authorisation when changing whether a payment was successful or failed, allowing unauthenticated users to change the payment status of arbitrary bookings. Furthermore, due to the lack of sanitisation and escaping, attackers could perform Cross-Site Scripting attacks against a logged in admin viewing the failed payments

CVE-2022-0421

The WP User Frontend WordPress plugin before 3.5.29 uses a user supplied argument called urhidden in its registration form, which contains the role for the account to be created with, encrypted via wpuf_encryption(). This could allow an attacker having access to the AUTH_KEY and AUTH_SALT constant (via an arbitrary file access issue for example, or if the blog is using the default keys) to create an account with any role they want, such as admin

CVE-2021-24649

Auth. (subscriber+) Server-Side Request Forgery (SSRF) vulnerability in Better Messages plugin 1.9.10.68 on WordPress.

 Verified

 Fixed

**6.4**

CVSS 3.1 score Medium severity

Report  

Monitoring Not reported to be exploited

Vulnerable versions

<= 1.9.10.68

PSID 

c9e94d9d83d9

Classification 

Server Side Request Forgery (SSRF)

OWASP Top 10 

A6: Security Misconfiguration

Required privilege 

Requires subscriber or higher role user authentication.

Publicly disclosed

2022-10-21

**Details**

Server-Side Request Forgery (SSRF) vulnerability discovered by Dhakal Ananda (Patchstack Alliance) in WordPress Better Messages plugin (versions <= 1.9.10.68).

**Solution**

Update the WordPress BP Better Messages plugin to the latest available version (at least 1.9.10.69).

**References**

CVE-2022-41609: WordPress Better Messages plugin <= 1.9.10.68 - Server-Side Request Forgery (SSRF) vulnerability - Patchstack

Block BYPASS vulnerability in iQ Block Country plugin <= 1.2.18 on WordPress.

CVE-2022-41155: iQ Block Country

Auth. (subscriber+) Broken Access Control vulnerability in Plugin for Google Reviews plugin <= 2.2.2 on WordPress.

 Verified

 Fixed

**4.3**

CVSS 3.1 score Medium severity

Report  

Monitoring Not reported to be exploited

Vulnerable versions

<= 2.2.2

PSID 

6cdbd5d983bf

Classification 

Other Vulnerability Type

OWASP Top 10 

A5: Broken Access Control

Required privilege 

Requires subscriber or higher role user authentication.

Publicly disclosed

2022-11-18

**Details**

Auth. Broken Access Control vulnerability leading to arbitrary feed creation discovered by Tien Nguyen Anh (Patchstack Alliance) in the WordPress Plugin for Google Reviews plugin (versions <= 2.2.2).

**Solution**

Update the WordPress Plugin for Google Reviews plugin to the latest available version (at least 2.2.3).

**References**

CVE-2022-45369: WordPress Plugin for Google Reviews plugin <= 2.2.2 - Auth. Broken Access Control vulnerability - Patchstack

Auth. (subscriber+) Insecure Direct Object References (IDOR) vulnerability in Comments – wpDiscuz plugin 7.4.2 on WordPress.

CVE-2022-43492: Comments – wpDiscuz

Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Creative Mail plugin <= 1.5.4 on WordPress.

*   Details
*   Reviews
*   Installation
*   Support
*   Development

Creative Mail was designed specifically for WordPress and WooCommerce.

Our intelligent (and super fun) email editor simplifies email marketing campaign creation and pulls your WordPress blog posts, website images and WooCommerce products right into your email content. Leads from your WordPress website, ecommerce store and contact forms are automatically captured and routed into our included Contacts CRM and synced with your email marketing lists.

It’s perfect for automatic blog post syndication, newsletters and announcements, event promotion, WooCommerce product specials, retargeting ecommerce shoppers, sending postcards, providing updates and more.

Create awesome email marketing campaigns right from your WordPress Admin Dashboard that are all powered by the award-winning & rock-solid reliability of Constant Contact.

**CREATIVE MAIL IS:**

1.  Incredibly easy WordPress email marketing
2.  Deeply connected to your website & WooCommerce store
3.  Accessed from within your WP Admin Dashboard
4.  Automatically syncing your contacts and building your marketing lists
5.  Powered by the reliability superior deliverability of Constant Contact
6.  Fun, which makes life way better

**VIEW OUR DETAILED FEATURES****WOOCOMMERCE & WORDPRESS INTEGRATION:**

Turn your WooCommerce store and your WordPress site into efficient marketing engines. All ecommerce contacts and form entries are all captured in our included CRM and synced automatically with Creative Mail.

*   **Enhanced Ecommerce:** WooCommerce store customers and ecommerce interactions are all captured automatically within your email marketing list. Retarget and re-engage your customers. Sell more stuff.
*   **Beautiful Transactional Emails:** Standard WooCommerce triggered emails can be replaced to match your branding and style. Build one, and then all your other WooCommerce emails managed by Creative will inherit the same branded look. Hey, style matters.
*   **Jetpack Forms Integration:** Collect, sync, and manage opt-in subscribers directly from Jetpack forms into Creative Mail.
*   **Build Better Branding:** Creative Mail includes our free LogoBuilder and image editing suite to enhance your brand.
*   **Amazing Stock Images:** You get free access to the completely integrated photo library (in addition to your own WordPress media library) to make amazing email marketing campaigns with award-winning images.
*   **Get Better Deliverability:** Other email marketing solutions require complex SMTP solutions, external gateways or have you sending from their less than stellar IPs. As a result, your emails can get bounced or never delivered. Creative Mail is an all-in-one solution that uses Constant Contact’s rock solid infrastructure, for superior deliverability. Boom! ‘nuff said.
*   **Live Support:** With our paid plans (Awesome & Ultimate) you get access to phone and chat support to help you get answers from real live, helpful humans. Imagine that!

**OPT-IN EMAIL FORMS:**

*   **Jetpack Newsletter Form:** Jetpack has a JMML (join my mailing list) Newsletter Signup form. When activated, contacts who sign up for your Newsletter through the Jetpack form are brought right into your Newsletter email marketing list. Easy-peasy.
*   **Other WordPress Website Forms:** Creative Mail detects the current website forms used on your site, and automatically adds contacts to your email marketing lists. Automagically awesome!
*   **Creative Mail Form:** If you are not using a form on your site, you can easily add your Creative Mail Gutenberg form to start collecting email addresses of your site visitors

**EMAIL AUTOMATIONS:**

*   **Scheduled Sends:** Schedule the time and date of outgoing email marketing campaigns based on your business or organization’s preferences.
*   **Single-Step Triggered Emails:** Replace your non-branded WooCommerce order notification triggered emails with on-brand Creative Mail emails for deeper customer engagement.
*   **Abandoned Cart:** With Creative Mail and a WooCommerce store you can send emails to customers who abandon their WooCommerce shopping cart. They’ll get an email that reminds them of the items they were considering before they left.
*   **Multi-Step Marketing Journeys:** Develop sophisticated CLM (that’s marketing speak for – customer lifecycle marketing) campaigns by leveraging our “if this, then that” campaign automation engine that responds to a customer’s actions, birthdays or purchases. Welcome your customers with email automation.

**ANALYTICS & INSIGHTS:**

*   **Realtime Email Marketing Statistics:** Bounces, opens, clicks, forwards, complaints, unsubscribes and more are easily tracked and managed. Be a control freak, it’s OK.
*   **Marketing Campaign Mapview:** With our mapview you can see who’s opening your emails on what devices on an awesome, interactive visual map.

**CONTACTS CRM:**

*   **Contact Lists:** Within the Creative Mail Contacts CRM you can quickly and easily manage all your Contacts, Subscribers and Unsubscribes.
*   **Contact Activity:** Drill into the purchases and behaviors of your contacts.
*   **List Sources:** You’ll know where your contacts come from whether it’s a manual entry, your Jetpack forms, WooCommerce Store, or another defined source.
*   **Custom Labels:** Further refine your marketing by adding custom labels to subscribers or customers (ex. Truck Buyers, Concert Attendee, Dog Owners, etc.).

**IMPORT & EXPORT:**

*   **Contacts Sync & Import:** No need anymore for complex integrations between your WordPress site and your email marketing provider. With Creative Mail it all simply works with WordPress out of the box. We do the heavy lifting to sync and import your Jetpack, WordPress, WooCommerce and most used Contact form plugins contacts automatically.
*   **Import & Export Via CSV:** Import bulk email marketing lists (limits may apply), add subscribers one by one, or export your contacts into a CSV file.

**CAMPAIGNS:**

*   **AI Emails:** Forget templates, let our A.I. build your email marketing campaigns for you. Pull in WordPress posts or WooCommerce products for sale, and you’re good to go. Let our robots do your bidding!
*   **Email Campaign Creation:** Build your email marketing campaigns in seconds from your WordPress admin dashboard.
*   **Awesome Deliverability:** All email marketing campaigns are sent and delivered by the award-winning power of Constant Contact technology. We got you.
*   **Automated Email Marketing:** Send multistep email campaigns automatically, with triggers you define, whether that’s based on time, a customer birthday or behavioral actions. Create a flow to welcome your customers and send a special discount and reminder on their birthday.

**EMAIL LIST MANAGEMENT:**

*   **Contact List Growth:** Creative Mail collects leads from Jetpack forms or the top WordPress lead capture forms and adds them directly to your email lists.
*   **Automate Emails:** With our “Welcome” email trigger you can send a Creative Mail welcome email series to new subscribers and blog readers.
*   **Auto List Updater:** Creative Mail automatically updates your contact lists for unsubscribes.

**ADD ONS**

*   **Social Campaigns:** Connect your social media accounts with your Creative Mail account to share your newsletters with your followers on social.
*   **Marketing Calendar:** With your socials connected we give you an overview of all the newsletters and posts that you’ve sent and scheduled. An easy overview to engage with your audience.
*   **Booking:** Set up Bookings for your business with the Bookings tool. Give clients and customers an easy, quick way to set up appointments with you.
*   **LogoBuilder:** Create an amazing logo for your business or social with LogoBuilder and add it to your email campaigns.

**TERMS OF SERVICE & PRIVACY NOTICE**

On behalf of our lawyers (seriously, they’re nice people), please feel free to review our:

Creative Mail by Constant Contact Terms of Service  
Creative Mail by Constant Contact Privacy Notice

This plugin provides 1 block.

*   Creative Mail Let your contact subscribe to a mailing list for creative mail.

*   Go to your admin dashboard
*   Click the “Plugins” menu on the left side navigation bar
*   Click on “Add New”
*   Search for “Creative”
*   Click “Install Now”
*   Click “Activate”
*   You will be redirected to Creative Mail where you can set up your account

**Requirements**

*   Your website or blog must be using WordPress.org version 4.6 or higher on your server.
*   The plugin can be installed on regular WordPress environments and also on WordPress.com sites.

**What does the Creative Mail plugin do?**

The Creative mail plugin allows you to create awesome email marketing campaigns right from your WordPress Admin Dashboard that are all powered by the award-winning & rock-solid reliability of Constant Contact.  
Our intelligent (and super fun) email editor simplifies email marketing campaign creation and pulls your WordPress blog posts, website images and WooCommerce products right into your email content. Leads from your WordPress website, ecommerce store and contact forms are automatically captured and routed into our included Contacts CRM and synced with your email marketing lists.  
It’s perfect for automatic blog post syndication, newsletters and announcements, event promotion, WooCommerce product specials, retargeting ecommerce shoppers, sending postcards, providing updates and more.

**Are coding skills needed to use Creative Mail?**

Creative Mail is built for non-developers, you don’t even need to fill in API keys. If you know how to install a plugin on your website, you are good to go! You will have your images, blog posts and products from your WordPress site available to make campaigns without having to lift a finger.

**What is available for free with CreativeMail?**

With Creative Mail you can send campaigns to your contacts for free. Promote your blog articles, WooCommerce products, events and much more with your followers. Advanced functionality like sending Welcome series Automations and WooCommerce order notifications are part of a paid plan.  
You can see the overview of all the features per plan on our plans page.

**What forms can I use in combination with Creative mail?**

You can add the Creative Mail Form to your site to gather contacts and add contacts automatically to a specific list.  
Creative Mail also integrated with one of the form builders below. For those you can easily activate Contact Synchronization:  
– Jetpack forms  
– Contact form 7  
– WPForms lite and WPForms  
– Newsletter  
– Gravity forms  
– Elementor  
– Ninja forms  
– Caldera Forms  
– Formidable

**Does Creative Mail support ecommerce stores?**

Creative mail is fully integrated with WooCommerce, which enables you to share your WooCommerce products via email campaigns. You can also replace your non-branded WooCommerce order notification triggered emails with on-brand Creative Mail emails for deeper customer engagement. Build one, and then all your other WooCommerce emails managed by Creative Mail will inherit the same branded look. Hey, style matters.

I built a new website on WordPress for a new business. I'm starting with free plugins until I get the ball rolling. Creative Mail by Constant Contact was already in my dashboard with a free subscription option. It is the only newsletter email option available if you use the included WPForms contact forms (also included in initial install). Unlike any other plugin I've used, Creative Mail functions outside your dashboard. It doesn't link to WPForms even after telling it that's what you're using. In addition to creating a Constant Contact account & adding WP Forms to your settings, you have to go back to your dashboard & click a button in WP Forms that then asks you to log in to Creative Mail to give it permission to connect with WP Forms. This permission doesn't exist on the Creative Mail account. I couldn't get past this, because I couldn't log in (even though I was already logged in having just signed up). When signing up, it wanted my name, address, email address, & then to create a password (no user name selection). I tried every variation of my name or email address with my password (I have a generator & only have to copy the password, so no typos). It couldn't find me. I clicked that I forgot my username & got an email saying my user name was... ce- & a string of 26 alpha-numeric characters. That also didn't work. Their support page offers number for 2 issues: account suspension & enabling debugging. I got a support number from the chat bot. When you call, they want your phone number associated with the account. That was never included, so it didn't find me but put me on hold for the "next available" agent. After 15 minutes, it hung up on me. I waited a while & tried again. This time, I waited on hold for over 40 minutes before hanging up. WordPress should remove this from the plugins. WP Forms should allow you to use some other plugin (there's a long list available with paid subscriptions). This is a most disreputable business practice & has all the ear-markings of a scam. Don't take just my word for it. Read some of the other 1 star reviews.

Excellent produit, avec un système très simple à comprendre.

I love it.its very easy to use.that helps a lot.thsnk u

It is a very good program

This is an awesome plugin!

Haven't had a chance to use it

Read all 315 reviews

“Creative Mail – Easier WordPress & WooCommerce Email Marketing” is open source software. The following people have contributed to this plugin.

Contributors

*    Constant Contact

*   1.6.3 – Hotfix: Fixed a bug where the plugin was not working on some servers.
*   1.6.2 – Security updates and removal of Unsupported Plugin (Caldera Forms)
*   1.6.1 – Security update
*   1.6.0 – Security update, Bug fixes and Support to sync Address Fields for Contact Form 7
*   1.5.4 – Migration to WordPress version 6.0.2 and Checkout mail templates update
*   1.5.3 – README update
*   1.5.2 – Small bug fix for PHP versions previous to 7.1
*   1.5.1 – Fix outdated PHP classes
*   1.5.0 – Fix WooCommerce product lists, improved WooCommerce order workflows and improved contact management.
*   1.4.9 – Fixes regarding WooCommerce and Contact Sync Updates.
*   1.4.8 – Redirect to main CreativEmail templates page when user has abandoned cart template deactivated. Fix sync error with contact form 7. Added automation trigger for customer buying products.
*   1.4.7 – Fix currency type being shown in “Abandoned Cart” emails for WooCommerce.
*   1.4.6 – Add phone number handling for Jetpack Forms. Bug fixes.
*   1.4.5 – This version contains a fix for Creative mail customers who also use the Bluehost WebsiteBuilder functionality to build their WordPress site.
*   1.4.4 – Add support for ‘return to shop’ urls
*   1.4.3 – Updated brand name.
*   1.4.2 – Fixed a crash that could occur when using the elementor contact sync.
*   1.4.1 – Fixed several bugs
*   1.4.0 – Added gutenberg contact form block CreativeMail
*   1.3.9 – Include notice when you have enabled a password protection plugin.
*   1.3.8 – Fixes an issue with WooCommerce recommendations.
*   1.3.7 – Fixes an issue specific to PHP 7.4
*   1.3.6 – Improved integrations with WooCommerce to support features like Abandoned Cart emails.
*   1.3.5 – Addresses two small issues where some relative URLs would not work for WP installs in subdirectories.
*   1.3.4 – Improved initial contact sync: we can now import all your contacts without any limits!
*   1.3.3 – Direct access to Creative Mail features from the left side nav in WP Admin.
*   1.3.2 – Fixes an issue where the contact sync might cause a critical error.
*   1.3.1 – Add the ability to show the amount of recovered revenue via abandoned carts.
*   1.3.0 – Support for abandoned cart emails
*   1.2.4 – Introduces a ‘Reset’ button on the settings page for accounts that are stuck.
*   1.2.3 – Fixes an issue where the banner would show up again after being dismissed.
*   1.2.2 – Introduction of multistep automations and fixes a couple of small issues in the CreativeMail widgets
*   1.2.1 – Fixes an issue where some users would experience an issue where our UI was blocked by pop-up blockers.
*   1.2.0 – Context aware notifications, add support for Ninja forms, add support for Caldera forms

CVE-2022-44740: Creative Mail – Easier WordPress & WooCommerce Email Marketing

Auth. (admin+) Arbitrary File Read vulnerability in S2W – Import Shopify to WooCommerce plugin <= 1.1.12 on WordPress.

*   Details
*   Reviews
*   Installation
*   Support
*   Development

S2W – Import Shopify to WooCommerce helps you migrate data from Shopify to WooCommerce easily. With only 2 steps your Shopify products(including images) and categories will be migrated. The plugin uses Shopify API key to transfer data from Shopify to WooCommerce store directly, your data is kept private. With the premium version, you can also migrate store settings, shipping zones, taxes, pages, blogs, coupons, customers and orders.

Documents| Premium version | Facebook group

Learn how to get shopify API key and password to use with S2W – Import Shopify to WooCommerce  

Preview S2W – Import Shopify to WooCommerce  

**IMPORTANT NOTICE:**

*   The plugin works based on WooCommerce plugin.
    
*   It is released on WordPress.org and you can use the plugin as free to build themes for sale.
    

**FEATURES:**

*   **Products per ajax request**: Change this option to avoid bad request error, default is 5
    
*   **Import Products sequence**: Change the order to import products by Title, Created date or Updated date
    
*   **Import products**: Import unlimited products from your Shopify store to WooCommerce
    
*   **Product variations**: All product variations will be imported with your current stock, price… in your Shopify store
    
*   **Status of products**: Can set status of imported products to publish, pending or draft
    
*   **Product categories**: Product categories will be remained, can choose to add all products to specific categories
    
*   **Migrate images**: Product images, gallery and variations images will be queued to import to avoid overload of your server
    
*   **Logs**: You can review the migration process in log files
    

**PRO VERSION:**

► **All features from free version.**

► **WEBHOOKS**: You can use webhooks to automatically import/update new data for Products/Orders/Customers.

► **IMPORT PRODUCTS from CSV**: In case you don’t use API, this is what you need to migrate your products

► **IMPORT PRODUCT BY ID**: You can choose specific products to import by entering product ids

► **IMPORT PRODUCT OPTIONS**: Besides some options like the free version, you can do more with the pro version:

*   **Metafields**: You can import metafields of products such as SEO title, SEO description…
    
*   **Migrate description images**: Images in the product description can be easily migrated to the WordPress site and images sources(URLs) will be replaced correctly after that
    
*   **Products filters**: If you don’t want to import all products, there are some filters available such as product type, collection ID, published before date, published after date. And you can also select the sequence products are imported
    

► **CRON UPDATE PRODUCT**: Schedule to update product price or quantity automatically

► **UPDATE PRODUCT OPTIONS**: Able to update product images, title, inventory, description, price, SKU, attributes, slug after products are imported to WooCommerce store

► **ORDERS**: Payment method, shipping method, first name, last name, company, country, address, zip, city, province, phone, total, subtotal, tax, discount, shipping cost, currency, date create, browser IP, customer user agent, line items, discount code, order number, order fulfillment.

► **IMPORT ORDER OPTIONS**: Orders per ajax request, Import orders created/imported at or before/after date, Import Orders sequence

► **UPDATE ORDER OPTIONS**: Able to update order status, order date, order fulfillments

► **CRON UPDATE ORDER**: Schedule to update orders automatically

► **STORE SETTINGS**: Site title, admin email, store address, city, country, state, postcode, timezone, weight unit, currency code, currency format.

► **SHIPPING ZONES**: shipping zones and shipping methods.

► **TAXES**: Tax name, tax rate, country, province, zip, shipping.

► **PAGES**: Title, content.

► **BLOGS**: Blog title, blog content, categories, tags, featured image.

► **COUPONS**: Coupon types that WooCommerce support, coupon amount, usage limit, expiry date, minimum amount.

► **CUSTOMERS**: Import customers per ajax request, first name, last name, phone, company, address, city, province, zip, country.

► **PREMIUM SUPPORT**

Go Pro

**Plugin Links**

*   Project Page
*   Documentation
*   Report Bugs/Issues

**MAY BE YOU NEED**

FEWC – WooCommerce Extra Checkout Fields: Manage checkout fields using WordPress Customizer

EPOW – Custom Product Options for WooCommerce: Add extra options for products using frontend form builder

ChinaDS – Taobao Dropshipping for WooCommerce: Another Taobao dropshipping solution for WooCommerce stores

9MAIL – WordPress Email Templates Designer: Replace plaintext WordPress emails with more beautiful and professional templates

EPOI – WP Points and Rewards: Points and Rewards system for a WordPress website

WebPOS – Point of Sale for WooCommerce: Point of Sale solution for WooCommerce stores

Jagif – WooCommerce Free Gift: Giving gifts to your customers can never be more easier

COREEM – Coupon Reminder for WooCommerce: Send emails to customers to remind them of their coupons, especially ones which are about to expire

COMPE – WooCommerce Compare Products: Help your customers compare two or more products to find out the right one they need

W2S – Migrate WooCommerce to Shopify: Migrate WooCommerce products to Shopify easily via the official Shopify REST Admin API

REDIS – WooCommerce Dynamic Pricing and Discounts: Create flexible pricing rules for products

EXMAGE – WordPress Image Links: Save storage by using external image URLs

Pofily – WooCommerce Product Filters: Advanced filters for WooCommerce

Bopo – Woo Product Bundle Builder: Let the plugin provide your customers with a very flexible and convenient way to purchase bundles

WPBulky – WordPress Bulk Edit Post Types: Save time editing posts/pages/attachment… and other custom post types except for ones created by WooCommerce(product, shop\_order and shop\_coupon)

Bulky – Bulk Edit Products for WooCommerce: Quickly and easily edit your products in bulk. This plugin will save you tons of time editing products.

Product Size Chart For WooCommerce: A simple but flexible solution to create size chart for your products

Checkout Upsell Funnel for WooCommerce: Offer product suggestions and smart order bumps on checkout page

Cart All In One For WooCommerce: All cart features you need in one simple plugin

Email Template Customizer for WooCommerce: Customize WooCommerce emails to make them more beautiful and professional after only several mouse clicks

Product Variations Swatches for WooCommerce: Professional and beautiful colors, buttons, images, variation images and radio variations swatches

Dropshipping and Fulfillment for AliExpress and WooCommerce: Free dropshipping solution – Transfer data from AliExpress products to WooCommerce effortlessly and fulfill AliExpress orders automatically

Abandoned Cart Recovery For WooCommerce: Capture abandoned carts & send reminder emails to customers.

Orders Tracking for WooCommerce: Import orders tracking number and send tracking info to customers

Customer Coupons for WooCommerce: Display coupons on your website

Virtual Reviews for WooCommerce: Virtual Reviews for WooCommerce helps generate virtual reviews, display canned reviews for newly created store

Thank You Page Customizer for WooCommerce: Customize your “Thank You” page and give coupons to customers after a successful order

Sales Countdown Timer: Create a sense of urgency with a countdown to the beginning or end of sales, store launch or other events

EU Cookies Bar: A very simple plugin which helps your website comply with Cookie Law

Lucky Wheel for WooCommerce: Offer customers to spin for coupons by entering their emails.

WordPress Lucky Wheel: WordPress Lucky Wheel gives you the best solution to get emails address from visitors of your WordPress website

Advanced Product Information for WooCommerce: Display more intuitive information of products such as sale countdown, sale badges, who recently bought products, rank of products in their categories, available payment methods…

LookBook for WooCommerce: Create beautiful Lookbooks, Shoppable with Product Tags

Photo Reviews for WooCommerce: Allow posting reviews include product pictures, review reminder, review for coupons.

Product Builder for WooCommerce: Allows your customers to build a full product set from small parts step by step. The plugin works base on WooCommerce with many useful features like compatible, email completed product, attributes filters.

Boost Sales for WooCommerce: Increase profit on every single order with Up-selling and Cross-selling

Free Shipping Bar for WooCommerce: Use free shipping as a marketing tool, encourage customers to pay more for free shipping.

Notification for WooCommerce: Social Proof Marketing plugin. Live recent order on the front-end of your site.

Multi Currency for WooCommerce: Switches to different currencies easily and accepts payment with only one currency or all currencies.

Coupon Box for WooCommerce: Subscribe emails for discount coupons

**Plugin Links**

*   Report Bugs/Issues

1.  Unzip the download package
2.  Upload s2w-import-shopify-to-woo to the /wp-content/plugins/ directory
3.  Activate the plugin through the ‘Plugins’ menu in WordPress

Unable to sync product images!

I was skeptical at first about this plugin, as with any "migrate your store" plugin. However, all I did was put in the Shopify API information and the plugin crunched the numbers and pulled everything over. These are some complex products as well, with several images, many attributes, and variation types, and it handled them all with minimal errors. The only thing is that images are a little slow to move over, and every once in a while I have to go back and click "Download All" again. But, other than that small issue, this plugin is perfect!

Thank you your app helps lot

This plugin does exactly what I was looking for

Hello, I would like to ask, the product was successfully imported from shopify, but why the downloading of pictures is very slow?

Read all 28 reviews

“S2W – Import Shopify to WooCommerce” is open source software. The following people have contributed to this plugin.

Contributors

/**1.1.13 – 2022.11.05**/  
– Fixed: Security dispatch

/**1.1.12 – 2022.11.02**/  
– Updated: Compatibility check with WP 6.1 and WC 7

/**1.1.11 – 2022.08.04**/  
– Updated: Support importing HEIC image type

/**1.1.10 – 2022.07.22**/  
– Updated: VillaTheme\_Support  
– Updated: Data sanitization/escaping check  
– Updated: Shopify API version 2022-04  
– Updated: Support importing WEBP image type

/**1.1.9 – 2022.05.30**/  
– Updated: VillaTheme\_Support  
– Updated: Compatible with WP6.0

/**1.1.8 – 2022.04.20**/  
– Updated: VillaTheme\_Support

/**1.1.7 – 2022.03.29**/  
– Updated: VillaTheme\_Support

/**1.1.6 – 2022.03.21**/  
– Updated: VillaTheme\_Support

/**1.1.5 – 2022.02.12**/  
– Updated: Support Shopify custom apps as Private apps are deprecated and can’t be created as of January 2022

/**1.1.4 – 2022.01.11**/  
– Updated: VillaTheme\_Support  
– Updated: Support latest Shopify API version 2022-01  
– Added: Option to disable background processing

/**1.1.3.7 – 2021.07.31**/  
– Updated: Compatible with WP5.8 and WC5.5  
– Updated: Class support

/**1.1.3.6 – 2021.06.16**/  
– Fixed: Variation attributes are not set correctly if attributes name and terms contain non-latin characters

/**1.1.3.5 – 2021.05.04**/  
– Fixed: Can not set product type as variable in some cases

/**1.1.3.4 – 2021.03.06**/  
– Updated: Support latest Shopify API version 2021-01  
– Updated: Compatible with WP5.7 and WC5.0

/**1.1.3.3 – 2020.10.31**/  
– Fixed: Out-of-stock product affects product page query

/**1.1.3.2 – 2020.08.14**/  
– Updated: Compatible with WP5.5 and WC4.3

/**1.1.3.1 – 2020.04.23**/  
– Fixed: Conflict with other plugins using jquery accordion  
– Updated: Class support

/**1.1.3 – 2020.04.06**/  
– Updated: Support latest Shopify API version 2020-04  
– Optimized: Download images in the background

/**1.1.2 – 2020.03.24**/  
– Fixed: Download duplicated images  
– Fixed: Conflict usage of accordion  
– Updated: Compatible with WP5.4 and WC4.0  
– Updated: Class support  
– Updated: Support latest Shopify API version 2020-01  
– Improved: Import speed

/**1.1.1 – 2019.11.17**/  
– Removed: App data  
– Changed: Banner and logo

/**1.1.0 – 2019.11.13**/  
– Added: Shortcut to import products options  
– Added: Support WooCommerce 3.8

/**1.0.9.2 – 2019.10.24**/  
– Added: Function to download error images

/**1.0.9.1 – 2019.10.07**/  
– Updated: Premium URL

/**1.0.9 – 2019.09.27**/  
– Fixed: Reduce bad request rate  
– Fixed: Reduce error images rate  
– Updated: Able to view error images list  
– Optimized: Import speed

/**1.0.8 – 2019.08.07**/  
– Fixed: Conflict usage of accordion with other plugins or theme  
– Fixed: Error matching variation attributes when attribute name is not in English alphabet

/**1.0.7 – 2019.06.14**/  
– Added: Set request timeout  
– Added: Able to change the number of products per ajax request  
– Added: Import Products sequence

/**1.0.6 – 2019.05.15**/  
– Fixed: Some sites can not send API correctly

/**1.0.5 – 2019.05.08**/  
– Optimized: UX, UI  
– Optimized: Download product images

/**1.0.4 – 2019.04.18**/  
– Fixed: Problem downloading product images in the background

/**1.0.3 – 2019.04.10**/  
– Fixed: Error activating plugin

/**1.0.2 – 2019.04.05**/  
– Updated: Add usage guide video

/**1.0.1 – 2019.04.04**/  
– Updated: Make admin notices dismissible  
– Updated: Optimize UX

CVE-2022-44634: S2W – Import Shopify to WooCommerce

Unauth. Arbitrary File Download vulnerability in WatchTowerHQ plugin <= 3.6.15 on WordPress.

*   Details
*   Reviews
*   Installation
*   Support
*   Development

WatchTowerHQ Website Monitoring: Done Right  
Fed up with using tools that get sold to GoDaddy, lose their founding team, and slowly die?  
Tired of half-assed customer service that takes 72-144 hours to get a response?  
Looking for one solution to cut the costs of many tools?  
Our founding team is intact and not only focused on a world-class customer service experience, we’re focused on making WatchTowerHQ the best tool agencies and companies turn to when managing multiple websites.

**Automated Updates**

Set it and forget it by scheduling WordPress theme and plugin updates in advance. Every Tuesday at 7am? Not a problem with WatchTowerHQ

**Performance Insights**

Wondering why no one stays on your website? It’s probably because it’s slow…like Ford Fiesta slow. Figure out what you need to do to transform it into the Porsche it deserves to be.

**Daily Backups**

Take them daily, store them for a year. Don’t be at the mercy of the intern who accidentally deleted all of your blog posts from the last 6 years. Restore them quickly from one of your backups. Automate these as you would like, or take them manually.

**Historical Data Tracking**

A snapshot in time is great for some. You’re not some. Most are like you, they want to see how data looks over time. Screen shots from last May? Easy peasy. Site speed today relative to 2 months ago? One click.

**Notifications?**

We’ve got you covered. You control who gets alerts, which alerts they get, and when. All for you to control within your account.

**Domain and SSL Registration Monitoring**

The dreaded call from a client at 12:47am when they realize their domain has expired and a 12 year old North Korean is holding it hostage for 72 BTC. Don’t let that happen to you or your clients. Always know when your domain or SSL certificate are about to expire so you can proactively renew.

**Real-time Uptime Monitoring**

Kiss false positives good-bye. Set your limits, get updated when they’re triggered.

**One-Click Access**

Access your WordPress site or staging environment with one click right from the website dashboard.  
WatchTowerHQ is the most robust website monitoring and management tool. Increase operational efficiency by eliminating wasted time, improving your security, and taking preventive action.

**Custom User Roles**

Select from one of WatchTowerHQ’s user roles with granular permissions selection or create custom roles to fit your organizational needs.

Please note that WatchTowerHQ tracks information about your site including:  
\* Domain information (Registrar, DNS, SSL, Blacklist Status, Site & Proxy IP addresses)  
\* WordPress plugins, themes, and core  
\* Google Lighthouse & Google Analytics data  
\* Screen captures  
\* CSS & JavaScript code

After installing the WatchTowerHQ plugin you will need to do a few things to start monitoring your site.  
1\. Activate the WatchTowerHQ plugin.  
2\. Copy the access token found in the WatchTowerHQ Settings (you will need this in a future step).  
3\. Go to WatchTowerHQ to sign up for an account.  
4\. Fill in information about your websites – including the access token that you’d copied earlier.  
5\. Save the website’s information once complete. Happy monitoring!

If you’ve already signed up on WatchTowerHQ, you can also follow the alternative installation:  
1\. Download the WatchTowerHQ client from the Settings dropdown menu  
2\. Go to the Plugins tab in WordPress and select “Add New Plugin”.  
3\. Click the “Upload Plugin” button and upload the zip file you downloaded from WatchTowerHQ.  
4\. Click to activate the client and copy the access token from the WatchTowerHQ settings.  
5\. Go to the “Add new website” form found on the Websites page of your WatchTowerHQ dashboard.  
6\. Select WordPress as your CMS and paste the access token in the space.

**Can I have multiple environments on WatchTowerHQ?**

Yes, you can include your development and other environments to your WatchTowerHQ account for convenient one-click access.

**What does WatchTowerHQ do with my site’s information?**

The information tracked by WatchTowerHQ is used to provide real-time analytics and alerts on your site’s status including vulnerabilities, site downtime, and performance. As well as to notify you about WordPress-specific issues such as abandoned plugins.

**How much is WatchTowerHQ?**

To view our plans and get started with WatchTowerHQ check out our website.

**Can I limit access to other users?**

We have a number of standard roles, that many users requested, along with that we’ve created custom user roles. With custom user roles the options are endless to the access that you can give any one user. Custom User roles are included in all plans at no additional cost.

It's packed with features. One of the best tools available to manage my websites.

Read all 1 review

“WatchTowerHQ” is open source software. The following people have contributed to this plugin.

Contributors

*    watchtowerhq

**3.6.20**

*   remove unused code

**3.6.19**

*   db backup fix

**3.6.18**

*   WordPress 6.1.x compatibility declaration update

**3.6.17**

*   Fix security issue

**3.6.16**

*   Fix security issue

**3.6.15**

*   Fix theme updates info

**3.6.13**

*   Fix plugin updates info

**3.6.12**

*   Fix plugin slug

**3.6.11**

*   Fix plugin slug

**3.6.10**

*   WP 6.x compatibility declaration

**3.6.7**

*   WP 5.9.x compatibility declaration

**3.6.6**

*   fix open basedir warnings

**3.6.1**

*   Add endpoint for removing database backup file

**3.6.0**

*   updated action scheduler

**3.5.69**

*   WP Engine – exception

**3.5.67**

*   code improvements

**3.5.65**

*   code improvements
*   fetch info about debug log

**3.5.1**

*   update action scheduler

**3.5.0**

*   new backup system

**3.4.16**

*   WordPress 5.8 compatibility

**3.4.15**

*   fix UI issue

**3.4.13**

*   better settings UI

**3.4.12**

*   allow resume downloading backup
*   include backup integrity checksum to confirm error free transfer

**3.4.10**

*   code refactoring

**3.4.9**

*   update composer properties

**3.4.8**

*   WordPress 5.7 compatibility

**3.4.4**

*   new backup queue file limits

**3.4.2**

*   increase timeout

**3.4.0**

*   added ZipArchive fallback

**3.3.10**

*   fix curl timeout

**3.3.7**

*   minimum PHP version: 7.1

**3.3.6**

*   readme improvements

**3.3.0**

*   WordPress.org first release.
*   removed custom updates library

Tag

#wordpress