Does Ade Custom Shipping have any unpatched vulnerabilities?

No. All known vulnerabilities in Ade Custom Shipping have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Ade Custom Shipping compatible with WordPress 6.8.5?

According to WordPress.org data, Ade Custom Shipping 4.2.1 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Ade Custom Shipping compatible with PHP 7.0+?

Ade Custom Shipping requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Ade Custom Shipping updated?

Ade Custom Shipping was last updated on Jun 13, 2025. Frequent updates are generally a positive security signal.

What is Ade Custom Shipping's security score?

Ade Custom Shipping has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Ade Custom Shipping Security & Risk Analysis

wordpress.org/plugins/ade-custom-shipping

Integrate Ade Custom Shipping to your WooCommerce website and take control of your shipping options.

200 active installs v4.2.1 PHP 7.0+ WP 3.6.0+ Updated Jun 13, 2025

ade-custom-shippingade-woocommercecustom-shippingwoocommercewoocommerce-shipping

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Ade Custom Shipping Safe to Use in 2026?

Generally Safe

Score 100/100

Ade Custom Shipping has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9mo ago

Risk Assessment

The "ade-custom-shipping" v4.2.1 plugin presents a mixed security posture. While it exhibits good practices like using prepared statements for all SQL queries and no recorded historical vulnerabilities, several significant concerns arise from the static analysis. The presence of two AJAX handlers without authentication checks represents a considerable attack surface, opening potential avenues for unauthorized actions if these handlers can be triggered externally.

The code analysis also flags the use of the `unserialize` function, which is inherently risky if the input it processes is not strictly controlled and validated. Coupled with a relatively low percentage (63%) of properly escaped outputs, there's a potential for cross-site scripting (XSS) vulnerabilities. The absence of nonce checks on the AJAX handlers further exacerbates the risk, as it implies a lack of protection against Cross-Site Request Forgery (CSRF) attacks.

Overall, the plugin's strengths lie in its SQL query handling and clean vulnerability history. However, the identified unprotected entry points, the use of a dangerous function without clear context, and inadequate output escaping are critical weaknesses that demand immediate attention. Despite the lack of past vulnerabilities, these static analysis findings suggest a heightened risk profile that should not be overlooked.

Key Concerns

Unprotected AJAX handlers
Dangerous function: unserialize
Insufficient output escaping
Missing nonce checks on AJAX

Vulnerabilities

None known

Ade Custom Shipping Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Ade Custom Shipping Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

10 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserializeself::$json = unserialize(get_option("ade_custom_ng"));inc\core.php:12

unserializeself::$json_gh = unserialize(get_option("ade_custom_gh"));inc\core.php:13

unserialize$ade_state_reference = unserialize($ade_state_reference);inc\core.php:59

unserialize$ade_custom_shipping_general = unserialize($ade_custom_shipping_general);inc\core.php:125

Output Escaping

63% escaped16 total outputs

Attack Surface

2 unprotected

Ade Custom Shipping Attack Surface

Entry Points2

Unprotected2

AJAX Handlers 2

noprivwp_ajax_maybe_laterinc\auth\ajax.php:5

authwp_ajax_maybe_laterinc\auth\ajax.php:6

WordPress Hooks 13

actionadmin_noticesade-custom-shipping.php:33

actionadmin_enqueue_scriptsade-custom-shipping.php:83

actionwp_enqueue_scriptsade-custom-shipping.php:85

actionadmin_noticesade-custom-shipping.php:120

actionadmin_noticesade-custom-shipping.php:125

actionplugins_loadedade-custom-shipping.php:128

actionwp_headade-custom-shipping.php:138

actionadmin_enqueue_scriptsinc\AdeCustomClass.php:25

filterwoocommerce_statesinc\core.php:14

filterwoocommerce_statesinc\core.php:15

filterwoocommerce_statesinc\core.php:16

filterwoocommerce_general_settingsinc\core.php:18

actionadmin_menuinc\pro\loader.php:19

Maintenance & Trust

Ade Custom Shipping Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedJun 13, 2025

PHP min version7.0

Downloads7K

Community Trust

Rating96/100

Number of ratings35

Active installs200

Alternatives

Ade Custom Shipping Alternatives

Ade Cart Manager

ade-cart-manager

100

A powerful plugin that enables you to track and recover abandoned cart items, turning lost sales into successful transactions.

0 No CVEs

Shipping Rate By Cities

shipping-rate-by-cities

Set Custom Shipping Rates For Different Cities On Woocommerce.

700 1 CVE

Nigeria Cities for WooCommerce

nigeria-cities-for-woocommerce

The plugin adds Nigerian states and their LGAs as shipping zones to WooCommerce for simplified configuration.

40 No CVEs

Weight Based Shipping Table Rate for WooCommerce – Flexible Shipping

flexible-shipping

Weight based shipping methods for WooCommerce. Flexible shipping with table rate rules by cart weight and order value. Accurate rates at checkout.

100K 2 CVEs

Weight Based Shipping for WooCommerce

weight-based-shipping-for-woocommerce

100

Weight Based Shipping is a flexible and widely-used solution to calculate shipping costs based on the total cart weight and value.

60K 1 CVE

Developer Profile

Ade Custom Shipping Developer Profile

adeleyeayodeji

5 plugins · 1K total installs

trust score

Avg Security Score

95/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Ade Custom Shipping

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/ade-custom-shipping/assets/css/style.css/wp-content/plugins/ade-custom-shipping/assets/js/ade-custom-js.js/wp-content/plugins/ade-custom-shipping/assets/js/wc-custom-cart.js/wp-content/plugins/ade-custom-shipping/assets/js/wc-custom-checkout.js

Script Paths

assets/js/ade-custom-js.jsassets/js/wc-custom-cart.jsassets/js/wc-custom-checkout.js

Version Parameters

ver=ADE_CUSTOM_SHIPPING_VERSION

HTML / DOM Fingerprints

HTML Comments

Proudly made with LOVE by Adeleye Ayodeji => adeleyeayodeji.com

Data Attributes

data-nonce_urldata-ajax_url

JS Globals

ade_custom_paramsade_billing_stateade_billing_city

FAQ