If you’re running a business on WordPress, you are probably using WooCommerce, as it’s the most single popular eCommerce plugin for WordPress – and one of the most popular plugins, period. It swiftly became the default eCommerce option for WordPress websites due to its simplicity and out-of-the-box functionality. Surprisingly, it is the one of the few WordPress plugins that has become so popular that it has prompted many vendors to create specialist products and services designed specifically for it.
Recognizing its importance, web hosting providers have launched dedicated WooCommerce hosting plans, while WordPress maintenance support providers have launched specialist WooCommerce maintenance plans. Now, hosting your website on github is possible. There are numerous third-party plugins available that specialize in modifying WooCommerce checkout, WooCommerce transactional email, and extending product fields with custom field types. For both business owners and product developers and designers, the possibilities are limitless.
The immensity of the WooCommerce ecosystem, which is defined by an array of WooCommerce extensions and themes, makes it a dynamic and versatile platform, should not be underestimated. This thriving ecosystem has catapulted WooCommerce into the forefront as an outstanding enterprise eCommerce solution, earning widespread acclaim.
In this post, we’ll take a closer look at the WooCommerce system by analyzing its GitHub page.
WooCommerce at a glance:
- GitHub Stars – 8,700
- Active installations – 5+ million
- All Time Downloads – 267,043,851
- Translation: 67 languages
The History of WooCommerce
WooThemes was founded by Mark Forrester, Magnus Jepson, and Adii Pienaar with the goal of providing beautiful premium WordPress themes. A while later they wanted to provide an eCommerce solution for WordPress, so they forked JigoShop and created WooCommerce. James Koster and Mike Jolley were hired to work on the WooCommerce development.
WooThemes Origin Comics
The first version of WooCommerce was launched in 2011, nearly 12 years ago. In May 2015, Automattic, the organization behind WordPress, acquired WooCommerce.
Initial version of WooCommerce
The WooCommerce Development Team in 2012
Below is a snapshot of the WooThemes team of 2012. Fast forward to today and most of them have founded or developed additional web or eCommerce related technology companies – just like the well-known PayPal Mafia.
Name | Position |
Adii Pienaar | Founder |
Magnus Jepson | Founder |
Mark Forrester | Founder |
Coen Jacobs | Developer |
Jeff Pearce | Developer |
Hugh Lashbrooke | Developer |
Matty Cohen | Developer |
Mike Jolley | Developer |
Patrick Garman | Developer |
Warren Holmes | Developer |
Cobus Bester | Designer |
James Koster | Designer |
Ryan Ray | Community Manager |
Mike Krapf | Master Support Technician |
Andrew Benbow | Support Technician |
Dan Johnson | Support Technician |
Daniel Dudzic | Support Technician |
Scott Basgaard | Support Technician |
Scott Webb | Support Technician |
Stuart Duff | Support Technician |
Sven Hutchinson | Support Technician |
Tiago Noronha | Support Technician |
Dominique Rossouw | Office Superhero |
Photo credit: Ma.tt – A Celebratory Toast
WooCommerce GitHub Project Overview
After WordPress, WooCommerce may be the only open source WordPress plugin that has so many active contributors. It has over 8700 stars on GitHub. According to the WordPress plugin repository, it has over 5 millions active installs.
Timeline of Events
2007 – Mark Forrester, Magnus Jepson, and Adii Pienaar teamed up
2008 – WooThemes launched
2011 – Hired Mike Jolley and James Koster, to work on a fork of Jigoshop
2011 – WooCommerce launched
2012 – WooCommerce Subscription launched
2013 – Achieved 1 million downloads
2014 – Achieved 4 million downloads
2014 – Held the first WooCommerce Conference WooConf
2015 – Achieved 7 million downloads
2015 – Acquired by Automattic
2015 – Launched first free theme, Storefront
2020 – WooCommerce acquired MailPoet
2020 – WooCommerce is used by around 3.9 million websites.
2020 – Launched Mobile App for iOS and Android.
2021 – 29% of the top 1 million sites uses WooCommerce
Matt Mullenweg announced the acquisition of WooCommerce by Automattic in 2015. According to Re/code, Automattic paid over $30 million to acquire WooCommerce.
WooCommerce GitHub Project Overview
After WordPress, WooCommerce may be the only open source WordPress plugin that has so many active contributors. It has over 8700 stars on GitHub. According to the WordPress plugin repository, it has over 5 millions active installs.
Number of Commits Across Versions
WooCommerce has had 53,327 commits on GitHub. Among all WooCommerce releases, WooCommerce version 6.5 has the most commits. Version 6.5 had over 5,000 commits.The reason for the greatest number of changes in this version is that the WooCommerce Admin featured plugin was incorporated into the core plugin.
The second most commits occurred in version 3.6, with almost 2452 commits. Product Blocks and Performance Enhancements were added in this version.
Evolution of Contributors: Number of Contributors Between Versions
The WooCommerce open source project has 1298 contributors. When compared to other open source WordPress projects, this is enormous. When we look at the WooCommerce releases, we can see that version 7.4 had the most contributions, with almost 63. Version 7.8 has 61 contributors, making it the version with the most contributors.
Files Changed Across Different Versions
Version 4.5 had the most file changes of any WooCommerce release, with 2883 file changes. The onboarding guide and REST API were added in this version.
Security Vulnerabilities
WooCommerce has had only 29 security flaws in 12 years since its inception. And the even better news is that no new security vulnerabilities have emerged since version 6.5.1, which was released on June 20, 2022.
Version | Vulnerabilities | CVSS | Researchers | Date |
2.0.12 | Self-Reflected Cross-Site Scripting | 6.1 | Mirza Burhan Baig | July 18, 2013 |
2.0.17 | Cross-Site Scripting | 6.1 | Gjoko Krstic | October 17, 2013 |
2.2.2 | Cross-Site Scripting via range Parameter | 7.3 | dwxsupport | September 15, 2014 |
2.2.2 | Reflected Cross-Site Scripting | 6.1 | Tom Adams | September 17, 2014 |
2.2.10 | Cross-Site Scripting | 6.1 | January 29, 2015 | |
2.3.5 | Stored Cross-Site Scripting | 7.2 | March 13, 2015 | |
2.3.10 | PHP Object Injection | 7.5 | June 10, 2015 | |
2.4.9 | Cross-site Scripting | 5.5 | Zhouyuan Yang | November 17, 2015 |
2.6.2 | Stored Cross-Site Scripting | 6.4 | Han Sahin | July 19, 2016 |
2.6.3 | Stored Cross-Site Scripting via REST-API | 6.4 | Sipke Mellema | July 26, 2016 |
2.6.8 | Authenticated Stored Cross-Site Scripting | 5.5 | December 7, 2016 | |
3.2.3 | Authenticated PHP Object Injection | 8.8 | November 16, 2017 | |
3.4.4 | Authenticated PHP Object Injection | 6.6 | August 29, 2018 | |
3.4.5 | WooCommerce File Deletion | 7.2 | Simon Scannell, Karim El Ouerghemmi, Slavco Mihajloski | November 6, 2018 |
3.5.1 | Authenticated Stored Cross-Site Scripting | 5.5 | Karim El Ouerghemmi | November 29, 2018 |
3.5.4 | Stored Cross-Site Scripting | 6.1 | Zhouyuan Yang | February 20, 2019 |
3.6.4 | Missing File Type Validation | 7.2 | July 2, 2019 | |
3.6.4 | Cross-Site Request Forgery to Stored Cross-Site Scripting | 8.8 | DENNIS BRINKROLF | July 2, 2019 |
4.7.0 | Insecure Direct Object Reference via order_id Parameter | 5.3 | Ko-kn3t | January 21, 2020 |
4.0.4 | Unauthorized Post Meta Creation/Modification | 8.8 | Slavco Mihajloski | May 5, 2020 |
4.2.0 | Reflected Cross-Site Scripting | 6.1 | June 22, 2020 | |
4.6.1 | Settings Bypass leading to Account Creation | 6.5 | November 5, 2020 | |
5.1.3 | Authenticated (Admin+) Stored Cross-Site Scripting | 4.8 | FearZzZz | April 21, 2021 |
5.5 | Authenticated Blind SQL Injection | 8.8 | Josh (jl-dos) | July 13, 2021 |
6.2.0 | Incorrect Authorization Checks on REST API Endpoints | 5.4 | February 22, 2022 | |
6.2.0 | Path Traversal via Tax Importer | 7.2 | February 22, 2022 | |
6.3.1 | Unauthorized Order Status Change | 4.3 | March 10, 2022 | |
5.7.0 | Information Disclosure | 6.5 | April 10, 2022 | |
6.5.1 | Authenticated (Admin+) HTML Injection | 5.5 | Taurus Omar | June 20, 2022 |
Top Contributors Based on Commits
Over 1,298 people have contributed to the open source project WooCommerce. The top 30 contributors by commit count are listed below.
Contributors by Country
The United States has the most, with 11 out of the top 30 contributors.
Name | Commits | Employer | Country |
Brent Shepherd | 274 | Automattic | Australia |
Claudio Sanches | 3931 | Automattic | Brazil |
Rodrigo Primo | 684 | Automattic | Brazil |
Ron Rennick | 805 | Automattic | Canada |
Barry Hughes | 271 | Automattic | Canada |
Peter Fabian | 746 | Denmark | |
Vedanshu Jain | 781 | Automattic | India |
Gan Eng Chin | 261 | Automattic | Malaysia |
Shiva Poudel | 303 | Genese Solution | Nepal |
Coen Jacobs | 473 | Level Level | Netherlands |
Paul Sealock | 651 | Automattic | New Zealand |
Sam Seay | 225 | Automattic | New Zealand |
Rodel Calasagsag | 296 | Automattic | Philippines |
Gerhard Potgieter | 956 | Automattic | South Africa |
Néstor Soriano | 541 | Automattic | Spain |
Albert Juhé Lluveras | 365 | Automattic | Spain |
Chi-Hsuan Huang | 463 | Automattic | Taiwan |
Mike Jolley | 10266 | Automattic | UK |
James Koster | 689 | Automattic | UK |
Jeff Stieler | 983 | Human Interest | USA |
Joshua T Flowers | 836 | Automattic | USA |
Claudiu Lodromanean | 602 | Automattic | USA |
Justin Shreve | 569 | Automattic | USA |
Roy Ho | 485 | Automattic | USA |
Christopher Allford | 442 | Automattic | USA |
Moon | 425 | Automattic | USA |
Lourens Schep | 385 | Automattic | USA |
Jonathan Sadowski | 244 | Automattic | USA |
Timmy Crawford | 227 | Automattic | USA |
Max Rice | 206 | GoDaddy | USA |
Finally, the evolution of WooCommerce over successive versions, as revealed by GitHub data, demonstrates an incredible journey of growth and innovation. The journey of WooCommerce, as chronicled by GitHub data, shows a stunning transformation from a tiny initiative to a global eCommerce behemoth. Its ongoing development, innovation, and security focus ensure that it remains a top choice for WordPress users looking for a solid and versatile eCommerce solution for their online companies.