convesio logo

GitHub Insights: Tracking WooCommerce’s Evolution Over Different Versions

GitHub Insights: Tracking WooCommerce's Evolution Over Different Versions

In this Article

If you’re running a business on WordPress, you are probably using WooCommerce, as it’s the most single popular eCommerce plugin for WordPress – and one of the most popular plugins, period. It swiftly became the default eCommerce option for WordPress websites due to its simplicity and out-of-the-box functionality. Surprisingly, it is the one of the few WordPress plugins that has become so popular that it has prompted many vendors to create specialist products and services designed specifically for it.

Recognizing its importance, web hosting providers have launched dedicated WooCommerce hosting plans, while WordPress maintenance support providers have launched specialist WooCommerce maintenance plans. There are numerous third-party plugins available that specialize in modifying WooCommerce checkout, WooCommerce transactional email, and extending product fields with custom field types. For both business owners and product developers and designers, the possibilities are limitless.

The immensity of the WooCommerce ecosystem, which is defined by an array of WooCommerce extensions and themes, makes it a dynamic and versatile platform, should not be underestimated. This thriving ecosystem has catapulted WooCommerce into the forefront as an outstanding enterprise eCommerce solution, earning widespread acclaim.

In this post, we’ll take a closer look at the WooCommerce system by analyzing its GitHub page.

WooCommerce at a glance:

  • GitHub Stars – 8,700
  • Active installations – 5+ million
  • All Time Downloads – 267,043,851
  • Translation: 67 languages

The History of WooCommerce

WooThemes was founded by Mark Forrester, Magnus Jepson, and Adii Pienaar with the goal of providing beautiful premium WordPress themes. A while later they wanted to provide an eCommerce solution for WordPress, so they forked JigoShop and created WooCommerce. James Koster and Mike Jolley were hired to work on the WooCommerce development.

Comic

WooThemes Origin Comics

The first version of WooCommerce was launched in 2011, nearly 12 years ago. In May 2015, Automattic, the organization behind WordPress, acquired WooCommerce.

Plugin Directory

 

Initial version of WooCommerce

The WooCommerce Development Team in 2012

Below is a snapshot of the WooThemes team of 2012. Fast forward to today and most of them have founded or developed additional web or eCommerce related technology companies – just like the well-known PayPal Mafia.

Name Position
Adii Pienaar Founder
Magnus Jepson Founder
Mark Forrester Founder
Coen Jacobs Developer
Jeff Pearce Developer
Hugh Lashbrooke Developer
Matty Cohen Developer
Mike Jolley Developer
Patrick Garman Developer
Warren Holmes Developer
Cobus Bester Designer
James Koster Designer
Ryan Ray Community Manager
Mike Krapf Master Support Technician
Andrew Benbow Support Technician
Dan Johnson Support Technician
Daniel Dudzic Support Technician
Scott Basgaard Support Technician
Scott Webb Support Technician
Stuart Duff Support Technician
Sven Hutchinson Support Technician
Tiago Noronha Support Technician
Dominique Rossouw Office Superhero

 

photo credit: Ma.tt – A Celebratory Toast

Photo credit: Ma.tt – A Celebratory Toast

WooCommerce GitHub Project Overview

After WordPress, WooCommerce may be the only open source WordPress plugin that has so many active contributors. It has over 8700 stars on GitHub. According to the WordPress plugin repository, it has over 5 millions active installs. 

Timeline of Events

2007 – Mark Forrester, Magnus Jepson, and Adii Pienaar teamed up

2008 – WooThemes launched

2011 – Hired Mike Jolley and James Koster, to work on a fork of Jigoshop

2011 – WooCommerce launched

2012 – WooCommerce Subscription launched

2013 – Achieved 1 million downloads

2014 – Achieved 4 million downloads

2014 – Held the first WooCommerce Conference WooConf 

2015 – Achieved 7 million downloads

2015 – Acquired by Automattic

2015 – Launched first free theme, Storefront

2020 – WooCommerce acquired MailPoet

2020 – WooCommerce is used by around 3.9 million websites.

2020 – Launched Mobile App for iOS and Android.

2021 – 29% of the top 1 million sites uses WooCommerce

Matt Mullenweg announced the acquisition of WooCommerce by Automattic in 2015. According to Re/code, Automattic paid over $30 million to acquire WooCommerce.

WooCommerce GitHub Project Overview

After WordPress, WooCommerce may be the only open source WordPress plugin that has so many active contributors. It has over 8700 stars on GitHub. According to the WordPress plugin repository, it has over 5 millions active installs. 

WooCommerce Github

Number of Commits Across Versions

WooCommerce has had 53,327 commits on GitHub. Among all WooCommerce releases, WooCommerce version 6.5 has the most commits. Version 6.5 had over 5,000 commits.The reason for the greatest number of changes in this version is that the WooCommerce Admin featured plugin was incorporated into the core plugin.

The second most commits occurred in version 3.6, with almost 2452 commits. Product Blocks and Performance Enhancements were added in this version.

Commits

 

Evolution of Contributors: Number of Contributors Between Versions

The WooCommerce open source project has 1298 contributors. When compared to other open source WordPress projects, this is enormous. When we look at the WooCommerce releases, we can see that version 7.4 had the most contributions, with almost 63. Version 7.8 has 61 contributors, making it the version with the most contributors.

Contributors

Files Changed Across Different Versions

Version 4.5 had the most file changes of any WooCommerce release, with 2883 file changes. The onboarding guide and REST API were added in this version.

Files Changed

 

Security Vulnerabilities

WooCommerce has had only 29 security flaws in 12 years since its inception. And the even better news is that no new security vulnerabilities have emerged since version 6.5.1, which was released on June 20, 2022.

Version Vulnerabilities CVSS Researchers Date
2.0.12 Self-Reflected Cross-Site Scripting 6.1 Mirza Burhan Baig July 18, 2013
2.0.17 Cross-Site Scripting 6.1 Gjoko Krstic October 17, 2013
2.2.2 Cross-Site Scripting via range Parameter 7.3 dwxsupport September 15, 2014
2.2.2 Reflected Cross-Site Scripting 6.1 Tom Adams September 17, 2014
2.2.10 Cross-Site Scripting 6.1 January 29, 2015
2.3.5 Stored Cross-Site Scripting 7.2 March 13, 2015
2.3.10 PHP Object Injection 7.5 June 10, 2015
2.4.9 Cross-site Scripting 5.5 Zhouyuan Yang November 17, 2015
2.6.2 Stored Cross-Site Scripting 6.4 Han Sahin July 19, 2016
2.6.3 Stored Cross-Site Scripting via REST-API 6.4 Sipke Mellema July 26, 2016
2.6.8 Authenticated Stored Cross-Site Scripting 5.5 December 7, 2016
3.2.3 Authenticated PHP Object Injection 8.8 November 16, 2017
3.4.4 Authenticated PHP Object Injection 6.6 August 29, 2018
3.4.5 WooCommerce File Deletion 7.2 Simon Scannell, Karim El Ouerghemmi, Slavco Mihajloski November 6, 2018
3.5.1 Authenticated Stored Cross-Site Scripting 5.5 Karim El Ouerghemmi November 29, 2018
3.5.4 Stored Cross-Site Scripting 6.1 Zhouyuan Yang February 20, 2019
3.6.4 Missing File Type Validation 7.2 July 2, 2019
3.6.4 Cross-Site Request Forgery to Stored Cross-Site Scripting 8.8 DENNIS BRINKROLF July 2, 2019
4.7.0 Insecure Direct Object Reference via order_id Parameter 5.3 Ko-kn3t January 21, 2020
4.0.4 Unauthorized Post Meta Creation/Modification 8.8 Slavco Mihajloski May 5, 2020
4.2.0 Reflected Cross-Site Scripting 6.1 June 22, 2020
4.6.1 Settings Bypass leading to Account Creation 6.5 November 5, 2020
5.1.3 Authenticated (Admin+) Stored Cross-Site Scripting 4.8 FearZzZz April 21, 2021
5.5 Authenticated Blind SQL Injection 8.8 Josh (jl-dos) July 13, 2021
6.2.0 Incorrect Authorization Checks on REST API Endpoints 5.4 February 22, 2022
6.2.0 Path Traversal via Tax Importer 7.2 February 22, 2022
6.3.1 Unauthorized Order Status Change 4.3 March 10, 2022
5.7.0 Information Disclosure 6.5 April 10, 2022
6.5.1 Authenticated (Admin+) HTML Injection 5.5 Taurus Omar June 20, 2022

 

Top Contributors Based on Commits

Over 1,298 people have contributed to the open source project WooCommerce. The top 30 contributors by commit count are listed below.

Contributors by Country

The United States has the most, with 11 out of the top 30 contributors.

By Country

 

Name Commits Employer Country
Brent Shepherd 274 Automattic Australia
Claudio Sanches 3931 Automattic Brazil
Rodrigo Primo 684 Automattic Brazil
Ron Rennick 805 Automattic Canada
Barry Hughes 271 Automattic Canada
Peter Fabian 746 Denmark
Vedanshu Jain 781 Automattic India
Gan Eng Chin 261 Automattic Malaysia
Shiva Poudel 303 Genese Solution Nepal
Coen Jacobs 473 Level Level Netherlands
Paul Sealock 651 Automattic New Zealand
Sam Seay 225 Automattic New Zealand
Rodel Calasagsag 296 Automattic Philippines
Gerhard Potgieter 956 Automattic South Africa
Néstor Soriano 541 Automattic Spain
Albert Juhé Lluveras 365 Automattic Spain
Chi-Hsuan Huang 463 Automattic Taiwan
Mike Jolley 10266 Automattic UK
James Koster 689 Automattic UK
Jeff Stieler 983 Human Interest USA
Joshua T Flowers 836 Automattic USA
Claudiu Lodromanean 602 Automattic USA
Justin Shreve 569 Automattic USA
Roy Ho 485 Automattic USA
Christopher Allford 442 Automattic USA
Moon 425 Automattic USA
Lourens Schep 385 Automattic USA
Jonathan Sadowski 244 Automattic USA
Timmy Crawford 227 Automattic USA
Max Rice 206 GoDaddy USA

Finally, the evolution of WooCommerce over successive versions, as revealed by GitHub data, demonstrates an incredible journey of growth and innovation. The journey of WooCommerce, as chronicled by GitHub data, shows a stunning transformation from a tiny initiative to a global eCommerce behemoth. Its ongoing development, innovation, and security focus ensure that it remains a top choice for WordPress users looking for a solid and versatile eCommerce solution for their online companies.

 

In this Article

Convesio Website Load Test Process
Related Article
Get WordPress Performance Tips
Subscribe to our monthly newsletter covering performance, innovation & running WordPress at scale.