WP-Safety

Automated FedEx live/manual rates with shipping labels – HPOS supported Security & Risk Analysis

wordpress.org/plugins/a2z-fedex-shipping

Integrate the FedEx for Domestic and international Shipping. Shipping rates, label, tracking.

200 active installs v5.1.8 PHP 5.6+ WP 4.6.1+ Updated Feb 10, 2026
automatefedexfedex-shippingshippingwoocommerce-fedex
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Automated FedEx live/manual rates with shipping labels – HPOS supported Safe to Use in 2026?

Generally Safe

Score 100/100

Automated FedEx live/manual rates with shipping labels – HPOS supported has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The "a2z-fedex-shipping" v5.1.8 plugin presents a concerning security posture primarily due to significant vulnerabilities in its attack surface and data handling. While the plugin shows some positive signs like a lack of known CVEs and a moderate use of prepared statements, these are overshadowed by critical security flaws identified in static analysis. The presence of an unprotected REST API endpoint is a major concern, as it represents a direct entry point for attackers. Furthermore, the taint analysis reveals two flows with unsanitized paths, indicating potential for severe security issues if these paths are exposed to user-controlled input. The complete absence of nonce and capability checks for any entry points amplifies these risks, leaving the plugin highly susceptible to unauthorized actions and privilege escalation.

Key Concerns

  • Unprotected REST API route
  • Unsanitized taint flows (high severity)
  • No nonce checks
  • No capability checks
  • Low output escaping percentage
Vulnerabilities
None known

Automated FedEx live/manual rates with shipping labels – HPOS supported Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Automated FedEx live/manual rates with shipping labels – HPOS supported Code Analysis

Dangerous Functions
0
Raw SQL Queries
2
4 prepared
Unescaped Output
107
118 escaped
Nonce Checks
0
Capability Checks
0
File Operations
2
External Requests
11
Bundled Libraries
0

SQL Query Safety

67% prepared6 total queries

Output Escaping

52% escaped225 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths
hitshippo_fedex_order_status_update (a2zfedex_basic.php:1298)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

Automated FedEx live/manual rates with shipping labels – HPOS supported Attack Surface

Entry Points1
Unprotected1

REST API Routes 1

GET/wp-json/shipi/v1/connect/fedex/a2zfedex_basic.php:241
WordPress Hooks 23
actionbefore_woocommerce_inita2zfedex_basic.php:28
actionrest_api_inita2zfedex_basic.php:98
actionplugin_loadeda2zfedex_basic.php:99
actionwoocommerce_shipping_inita2zfedex_basic.php:107
actioninita2zfedex_basic.php:108
filterwoocommerce_shipping_methodsa2zfedex_basic.php:109
actionadd_meta_boxesa2zfedex_basic.php:111
actionwoocommerce_process_shop_order_metaa2zfedex_basic.php:113
actionwoocommerce_process_shop_order_metaa2zfedex_basic.php:114
actionsave_posta2zfedex_basic.php:116
actionsave_posta2zfedex_basic.php:117
actionadmin_menua2zfedex_basic.php:119
filterwoocommerce_product_data_tabsa2zfedex_basic.php:120
actionwoocommerce_process_product_metaa2zfedex_basic.php:121
filterwoocommerce_product_data_panelsa2zfedex_basic.php:122
actionwoocommerce_order_status_processinga2zfedex_basic.php:123
actionwoocommerce_product_options_shippinga2zfedex_basic.php:130
actionwoocommerce_process_product_metaa2zfedex_basic.php:131
actionedit_user_profilea2zfedex_basic.php:134
actionedit_user_profile_updatea2zfedex_basic.php:135
actionwoocommerce_view_ordera2zfedex_basic.php:138
actionadmin_inita2zfedex_basic.php:139
filterwoocommerce_shipping_methodscontrollors\hitshippo_fedex_init.php:1446
Maintenance & Trust

Automated FedEx live/manual rates with shipping labels – HPOS supported Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedFeb 10, 2026
PHP min version5.6
Downloads62K

Community Trust

Rating98/100
Number of ratings12
Active installs200
Alternatives

Automated FedEx live/manual rates with shipping labels – HPOS supported Alternatives

Shipping Live Rates for FedEx for WooCommerce

Shipping Live Rates for FedEx for WooCommerce

flexible-shipping-fedex

A
100

Offer FedEx shipping for WooCommerce with real-time rates via FedEx API. Show live rates at checkout based on weight and addresses.

2K No CVEs
Webshipper – Automated Shipping

Webshipper – Automated Shipping

webshipper-automated-shipping

A
100

Automated shipping for WooCommerce.

400 No CVEs
BLAZING Shipment Tracking

BLAZING Shipment Tracking

blazing-woocommerce-shipment-tracking

A
85

This plugin adds courier and tracking number to the woocommerce order, and a dedicated email to send shipment tracking info to the customer.

300 No CVEs
bpost-shipping-platform

bpost-shipping-platform

bpost-shipping-platform

A
100

Bpost for WooCommerce is a Digital Delivery Management Solution for online stores that helps you save time and money with your shipping.

300 No CVEs
BuckyDrop – Branded Dropshipping for WooCommerce

BuckyDrop – Branded Dropshipping for WooCommerce

buckydrop-dropshipping-for-woocommerce

A
100

Find dropshipping products from Alibaba/1688/Taobao/Weidian/Yupoo/Poizon, import them to your WooCommerce store, and automate your order processes.

300 No CVEs
Developer Profile

Automated FedEx live/manual rates with shipping labels – HPOS supported Developer Profile

Aarsiv Groups

10 plugins · 610 total installs

93
trust score
Avg Security Score
98/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Automated FedEx live/manual rates with shipping labels – HPOS supported

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/a2z-fedex-shipping/assets/css/a2z-fedex-shipping.css/wp-content/plugins/a2z-fedex-shipping/assets/js/a2z-fedex-shipping.js/wp-content/plugins/a2z-fedex-shipping/assets/js/admin.js/wp-content/plugins/a2z-fedex-shipping/assets/js/frontend.js/wp-content/plugins/a2z-fedex-shipping/assets/css/admin.css
Script Paths
/wp-content/plugins/a2z-fedex-shipping/assets/js/a2z-fedex-shipping.js/wp-content/plugins/a2z-fedex-shipping/assets/js/admin.js/wp-content/plugins/a2z-fedex-shipping/assets/js/frontend.js
Version Parameters
a2z-fedex-shipping/assets/css/a2z-fedex-shipping.css?ver=a2z-fedex-shipping/assets/js/a2z-fedex-shipping.js?ver=a2z-fedex-shipping/assets/js/admin.js?ver=a2z-fedex-shipping/assets/js/frontend.js?ver=a2z-fedex-shipping/assets/css/admin.css?ver=

HTML / DOM Fingerprints

CSS Classes
a2z_fedex_shipping_optionsa2z_fedex_shipping_rate_optionsa2z_fedex_shipping_label_optionsa2z_fedex_shipping_settingsa2z_fedex_shipping_admin_settings
HTML Comments
<!-- FedEx Shipping Meta Box Start --><!-- FedEx Shipping Meta Box End --><!-- FedEx Shipping Settings Start --><!-- FedEx Shipping Settings End -->+2 more
Data Attributes
data-fedex-rate-optionsdata-fedex-label-optionsdata-fedex-settingsdata-fedex-admin-settings
JS Globals
a2z_fedex_shipping_paramsa2z_fedex_admin_paramsa2z_fedex_frontend_params
REST Endpoints
/wp-json/a2z-fedex-shipping/v1/rates/wp-json/a2z-fedex-shipping/v1/labels
Shortcode Output
[a2z_fedex_shipping_calculator][a2z_fedex_shipping_rates][a2z_fedex_shipping_labels]
FAQ

Frequently Asked Questions about Automated FedEx live/manual rates with shipping labels – HPOS supported