WP-Safety

All In One For Woocommerce Security & Risk Analysis

wordpress.org/plugins/all-in-one-wc

Enhance your WooCommerce store with custom button labels, PDF invoicing, advanced shipping options, and much more.

10 active installs v1.2 PHP + WP 4.5+ Updated Aug 31, 2025
custom-button-labelscustom-shippingorder-managementpdf-invoicingwoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is All In One For Woocommerce Safe to Use in 2026?

Generally Safe

Score 100/100

All In One For Woocommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7mo ago
Risk Assessment

The 'all-in-one-wc' plugin version 1.2 presents a mixed security posture. On the positive side, the plugin demonstrates good practices by having no recorded vulnerabilities (CVEs) and implementing nonce and capability checks, indicating an awareness of basic WordPress security principles. The static analysis shows a controlled attack surface with no direct AJAX handlers, REST API routes, or shortcodes exposed without authentication or permission callbacks. However, several concerns warrant attention.

The presence of the `unserialize` function, coupled with 7 out of 9 analyzed taint flows having unsanitized paths, is a significant risk. While no critical or high severity taint flows were identified, the potential for deserialization vulnerabilities exists if these unsanitized paths interact with user-controlled input passed to `unserialize`. Furthermore, only 63% of output escaping is properly done, meaning there's a possibility of cross-site scripting (XSS) vulnerabilities in a notable portion of the plugin's output handling. The bundled TCPDF v1.0.004 library is also outdated, which could be a vector for exploits if known vulnerabilities exist in that specific version.

Overall, while the plugin has a clean vulnerability history and a limited direct attack surface, the static analysis reveals potential weaknesses. The combination of `unserialize` with unsanitized flows and incomplete output escaping creates a notable risk of deserialization and XSS vulnerabilities. Addressing these code-level concerns should be a priority to improve the plugin's security.

Key Concerns

  • Use of unserialize with unsanitized paths
  • Low percentage of properly escaped output
  • Bundled outdated library (TCPDF v1.0.004)
Vulnerabilities
None known

All In One For Woocommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

All In One For Woocommerce Code Analysis

Dangerous Functions
1
Raw SQL Queries
1
5 prepared
Unescaped Output
91
152 escaped
Nonce Checks
1
Capability Checks
1
File Operations
8
External Requests
0
Bundled Libraries
1

Dangerous Functions Found

unserialize$params = $pdf->serializeTCPDFtagParameters( unserialize( substr( $html, $params_start, $paraincludes\Modules\Invoice\Generate\PDF.php:173

Bundled Libraries

TCPDF1.0.004

SQL Query Safety

83% prepared6 total queries

Output Escaping

63% escaped243 total outputs
Data Flows
7 unsanitized

Data Flow Analysis

9 flows7 with unsanitized paths
output (admin\Settings\Settings_Panel.php:254)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

All In One For Woocommerce Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 194
filteraiow_messageadmin\Admin.php:20
filterwoocommerce_get_settings_pagesadmin\Admin.php:23
actionadmin_menuadmin\Admin.php:25
filteradmin_footer_textadmin\Admin.php:26
filteraiow_optionadmin\Admin.php:29
actionadmin_enqueue_scriptsadmin\Admin.php:30
actionwoocommerce_admin_field_aiow_save_settings_buttonadmin\Settings\Custom_Fields.php:22
actionwoocommerce_admin_field_aiow_number_plus_checkbox_startadmin\Settings\Custom_Fields.php:23
actionwoocommerce_admin_field_aiow_number_plus_checkbox_endadmin\Settings\Custom_Fields.php:24
filterwoocommerce_admin_settings_sanitize_optionadmin\Settings\Custom_Fields.php:25
actionwoocommerce_admin_field_custom_textareaadmin\Settings\Custom_Fields.php:26
filterwoocommerce_admin_settings_sanitize_optionadmin\Settings\Custom_Fields.php:27
actionwoocommerce_admin_field_aiow_custom_numberadmin\Settings\Custom_Fields.php:28
actionwoocommerce_admin_field_aiow_custom_linkadmin\Settings\Custom_Fields.php:29
actionwoocommerce_admin_field_module_toolsadmin\Settings\Custom_Fields.php:30
filterwoocommerce_admin_settings_sanitize_optionadmin\Settings\Custom_Fields.php:31
actionwoocommerce_admin_field_exchange_rateadmin\Settings\Custom_Fields.php:32
filterwoocommerce_settings_tabs_arrayadmin\Settings\Settings_Panel.php:29
actionadmin_noticesadmin\Settings\Settings_Panel.php:525
actionplugins_loadedall-in-one-woocommerce.php:92
actionplugins_loadedall-in-one-woocommerce.php:134
actionwcj_loadedincludes\Main.php:47
filterwoocommerce_product_single_add_to_cart_textincludes\Modules\AddToCart\Category\Category.php:20
filterwoocommerce_product_add_to_cart_textincludes\Modules\AddToCart\Category\Category.php:21
filterwoocommerce_product_single_add_to_cart_textincludes\Modules\AddToCart\Product\Product.php:19
filterwoocommerce_product_add_to_cart_textincludes\Modules\AddToCart\Product\Product.php:20
actionadd_meta_boxesincludes\Modules\AddToCart\Product\Product.php:21
actionsave_post_productincludes\Modules\AddToCart\Product\Product.php:22
filterwoocommerce_product_single_add_to_cart_textincludes\Modules\AddToCart\Product\Product_Type.php:20
filterwoocommerce_product_add_to_cart_textincludes\Modules\AddToCart\Product\Product_Type.php:21
filterwoocommerce_order_button_textincludes\Modules\Button\More_Button_Labels.php:27
actioninitincludes\Modules\Button\More_Button_Labels.php:29
actioninitincludes\Modules\Invoice\PDF_Invoice.php:47
actioninitincludes\Modules\Invoice\PDF_Invoice.php:48
actionadmin_noticesincludes\Modules\Invoice\PDF_Invoice.php:54
actionwoocommerce_api_create_orderincludes\Modules\Invoice\PDF_Invoice.php:63
actionwoocommerce_cli_create_orderincludes\Modules\Invoice\PDF_Invoice.php:64
actionkco_before_confirm_orderincludes\Modules\Invoice\PDF_Invoice.php:65
actionwoocommerce_checkout_order_processedincludes\Modules\Invoice\PDF_Invoice.php:66
actionsave_post_shop_orderincludes\Modules\Invoice\PDF_Invoice.php:74
actionadmin_noticesincludes\Modules\Invoice\PDF_Invoice.php:388
filtermanage_edit-shop_order_columnsincludes\Modules\Invoice\Sub_Modules\Display.php:30
actionmanage_shop_order_posts_custom_columnincludes\Modules\Invoice\Sub_Modules\Display.php:31
filterwoocommerce_my_account_my_orders_actionsincludes\Modules\Invoice\Sub_Modules\Display.php:33
actionwoocommerce_thankyouincludes\Modules\Invoice\Sub_Modules\Display.php:35
filterwoocommerce_admin_order_actionsincludes\Modules\Invoice\Sub_Modules\Display.php:37
filteradmin_headincludes\Modules\Invoice\Sub_Modules\Display.php:38
actionadmin_enqueue_scriptsincludes\Modules\Invoice\Sub_Modules\Display.php:39
filtermanage_edit-shop_order_sortable_columnsincludes\Modules\Invoice\Sub_Modules\Display.php:41
actionpre_get_postsincludes\Modules\Invoice\Sub_Modules\Display.php:42
actionadd_meta_boxesincludes\Modules\Invoice\Sub_Modules\Display.php:44
filterwoocommerce_email_attachmentsincludes\Modules\Invoice\Sub_Modules\Emails.php:31
actionpre_get_postsincludes\Modules\Invoice\Sub_Modules\Numbering.php:28
actioninitincludes\Modules\Invoice\Sub_Modules\Styling.php:27
actioninitincludes\Modules\Invoice\Sub_Modules\Styling.php:28
actionadmin_initincludes\Modules\Invoice\Sub_Modules\Styling.php:29
actionaiow_download_tcpdf_fonts_hookincludes\Modules\Invoice\Sub_Modules\Styling.php:30
filterwoocommerce_get_variation_prices_hashincludes\Modules\Price\Call_For_Price.php:31
actioninitincludes\Modules\Price\Call_For_Price.php:32
filterwoocommerce_sale_flashincludes\Modules\Price\Call_For_Price.php:33
actionadmin_headincludes\Modules\Price\Call_For_Price.php:34
filterwoocommerce_variation_is_visibleincludes\Modules\Price\Call_For_Price.php:35
actionwp_headincludes\Modules\Price\Call_For_Price.php:36
filterwoocommerce_variation_prices_priceincludes\Modules\Price\Call_For_Price.php:39
filterwoocommerce_product_variation_get_priceincludes\Modules\Price\Call_For_Price.php:41
filterwoocommerce_empty_price_htmlincludes\Modules\Price\Call_For_Price.php:124
filterwoocommerce_variable_empty_price_htmlincludes\Modules\Price\Call_For_Price.php:125
filterwoocommerce_grouped_empty_price_htmlincludes\Modules\Price\Call_For_Price.php:126
filterwoocommerce_variation_empty_price_htmlincludes\Modules\Price\Call_For_Price.php:127
filterwoocommerce_free_price_htmlincludes\Modules\Price\Free_Price.php:32
filterwoocommerce_grouped_free_price_htmlincludes\Modules\Price\Free_Price.php:33
filterwoocommerce_variable_free_price_htmlincludes\Modules\Price\Free_Price.php:34
filterwoocommerce_variation_free_price_htmlincludes\Modules\Price\Free_Price.php:35
filterwoocommerce_get_price_htmlincludes\Modules\Price\Free_Price.php:37
actionadd_meta_boxesincludes\Modules\Price\Price_Labels.php:56
actionsave_post_productincludes\Modules\Price\Price_Labels.php:57
filteraiow_settings_sectionsincludes\Modules\Register_Modules.php:98
actioninitincludes\Modules\Register_Modules.php:106
actioninitincludes\Modules\Register_Modules.php:107
actionaiow_before_get_termsincludes\Modules\Register_Modules.php:117
actionaiow_after_get_termsincludes\Modules\Register_Modules.php:118
actionaiow_before_get_productsincludes\Modules\Register_Modules.php:119
actionaiow_after_get_productsincludes\Modules\Register_Modules.php:120
actionadmin_initincludes\Modules\Register_Modules.php:121
filterwc_priceincludes\Modules\Register_Modules.php:125
actionpre_get_postsincludes\Modules\Register_Modules.php:182
filterredirect_post_locationincludes\Modules\Register_Modules.php:306
filterredirect_post_locationincludes\Modules\Register_Modules.php:415
filteraiow_tools_tabsincludes\Modules\Register_Modules.php:765
actionaiow_tools_dashboardincludes\Modules\Register_Modules.php:770
filterwoocommerce_localisation_address_formatsincludes\Modules\Shipping\Address_Formats.php:30
filterwoocommerce_formatted_address_force_country_displayincludes\Modules\Shipping\Address_Formats.php:31
filterwoocommerce_shipping_calculator_enable_cityincludes\Modules\Shipping\Calculator.php:31
filterwoocommerce_shipping_calculator_enable_postcodeincludes\Modules\Shipping\Calculator.php:32
actionwp_headincludes\Modules\Shipping\Calculator.php:33
actionwp_enqueue_scriptsincludes\Modules\Shipping\Calculator.php:35
filterwoocommerce_package_ratesincludes\Modules\Shipping\Condition.php:27
filterwc_order_statusesincludes\Modules\Shipping\Custom_Order_Statuses.php:39
actioninitincludes\Modules\Shipping\Custom_Order_Statuses.php:41
actionadmin_headincludes\Modules\Shipping\Custom_Order_Statuses.php:47
actionadmin_headincludes\Modules\Shipping\Custom_Order_Statuses.php:49
filterwoocommerce_default_order_statusincludes\Modules\Shipping\Custom_Order_Statuses.php:53
filterwoocommerce_reports_order_statusesincludes\Modules\Shipping\Custom_Order_Statuses.php:57
actionadmin_footerincludes\Modules\Shipping\Custom_Order_Statuses.php:62
filterwoocommerce_admin_order_actionsincludes\Modules\Shipping\Custom_Order_Statuses.php:67
actionadmin_headincludes\Modules\Shipping\Custom_Order_Statuses.php:68
filterwoocommerce_admin_order_preview_actionsincludes\Modules\Shipping\Custom_Order_Statuses.php:73
filterwoocommerce_admin_order_actionsincludes\Modules\Shipping\Custom_Order_Statuses.php:78
filterwc_order_is_editableincludes\Modules\Shipping\Custom_Order_Statuses.php:83
actionwoocommerce_thankyouincludes\Modules\Shipping\Custom_Order_Statuses.php:88
filterwoocommerce_cart_shipping_method_full_labelincludes\Modules\Shipping\Description.php:31
filterwoocommerce_cart_shipping_method_full_labelincludes\Modules\Shipping\Icons.php:29
actionwoocommerce_checkout_processincludes\Modules\Shipping\Max_Products_Per_User.php:33
actionwoocommerce_before_cartincludes\Modules\Shipping\Max_Products_Per_User.php:34
filterwoocommerce_add_to_cart_validationincludes\Modules\Shipping\Max_Products_Per_User.php:36
actionwpincludes\Modules\Shipping\Max_Products_Per_User.php:39
actionadd_meta_boxesincludes\Modules\Shipping\Max_Products_Per_User.php:42
actionsave_post_productincludes\Modules\Shipping\Max_Products_Per_User.php:43
actionadd_meta_boxesincludes\Modules\Shipping\Max_Products_Per_User.php:54
actionadmin_initincludes\Modules\Shipping\Max_Products_Per_User.php:55
actionadmin_noticesincludes\Modules\Shipping\Max_Products_Per_User.php:56
filterwoocommerce_package_ratesincludes\Modules\Shipping\Options.php:37
filterwoocommerce_shipping_settingsincludes\Modules\Shipping\Options.php:40
filterwoocommerce_shipping_free_shipping_is_availableincludes\Modules\Shipping\Options.php:43
actionwoocommerce_package_ratesincludes\Modules\Shipping\Options.php:46
actionwoocommerce_thankyouincludes\Modules\Shipping\Orders.php:33
actionwoocommerce_payment_completeincludes\Modules\Shipping\Orders.php:34
actionadd_meta_boxesincludes\Modules\Shipping\Orders.php:39
actionsave_post_shop_orderincludes\Modules\Shipping\Orders.php:40
filterbulk_actions-edit-shop_orderincludes\Modules\Shipping\Orders.php:51
filterhandle_bulk_actions-edit-shop_orderincludes\Modules\Shipping\Orders.php:52
actionwoojetpack_after_settings_saveincludes\Modules\Shipping\Orders.php:55
filteradmin_noticesincludes\Modules\Shipping\Orders.php:57
actioninitincludes\Modules\Shipping\Orders.php:60
actionadmin_initincludes\Modules\Shipping\Orders.php:61
filtercron_schedulesincludes\Modules\Shipping\Orders.php:62
actionaiow_bulk_regenerate_download_permissions_all_orders_cronincludes\Modules\Shipping\Orders.php:63
actionadd_meta_boxesincludes\Modules\Shipping\Orders.php:69
actionadd_meta_boxesincludes\Modules\Shipping\Orders.php:74
actionadmin_initincludes\Modules\Shipping\Orders.php:75
filterwc_order_is_editableincludes\Modules\Shipping\Orders.php:80
filtermanage_edit-shop_order_columnsincludes\Modules\Shipping\Orders_List.php:32
actionmanage_shop_order_posts_custom_columnincludes\Modules\Shipping\Orders_List.php:33
actionrestrict_manage_postsincludes\Modules\Shipping\Orders_List.php:36
filterparse_queryincludes\Modules\Shipping\Orders_List.php:37
filtermanage_edit-shop_order_sortable_columnsincludes\Modules\Shipping\Orders_List.php:40
actionpre_get_postsincludes\Modules\Shipping\Orders_List.php:41
filterviews_edit-shop_orderincludes\Modules\Shipping\Orders_List.php:47
actionpre_get_postsincludes\Modules\Shipping\Orders_List.php:48
actionrestrict_manage_postsincludes\Modules\Shipping\Orders_List.php:51
actionpre_get_postsincludes\Modules\Shipping\Orders_List.php:52
actionadmin_headincludes\Modules\Shipping\Orders_List.php:55
actionadmin_menuincludes\Modules\Shipping\Orders_List.php:58
filtermanage_edit-shop_order_columnsincludes\Modules\Shipping\Orders_List.php:64
filterwoocommerce_package_ratesincludes\Modules\Shipping\Order_Amount.php:31
actioninitincludes\Modules\Shipping\Order_Min_Amount.php:36
actionwoocommerce_checkout_processincludes\Modules\Shipping\Order_Min_Amount.php:56
actionwoocommerce_before_cartincludes\Modules\Shipping\Order_Min_Amount.php:57
actionwpincludes\Modules\Shipping\Order_Min_Amount.php:59
actionyith_ywgc_apply_gift_card_discount_after_cart_totalincludes\Modules\Shipping\Order_Min_Amount.php:62
actionwp_insert_postincludes\Modules\Shipping\Order_Numbers.php:31
filterwoocommerce_order_numberincludes\Modules\Shipping\Order_Numbers.php:32
filterwoocommerce_shortcode_order_tracking_order_idincludes\Modules\Shipping\Order_Numbers.php:35
actioninitincludes\Modules\Shipping\Order_Numbers.php:36
actionpre_get_postsincludes\Modules\Shipping\Order_Numbers.php:40
actionadd_meta_boxesincludes\Modules\Shipping\Order_Numbers.php:52
actionsave_post_shop_orderincludes\Modules\Shipping\Order_Numbers.php:53
actionadmin_initincludes\Modules\Shipping\Order_Numbers.php:57
filterwpnotif_filter_messageincludes\Modules\Shipping\Order_Numbers.php:60
filterwoocommerce_package_ratesincludes\Modules\Shipping\Order_Qty.php:39
actionwoocommerce_checkout_processincludes\Modules\Shipping\Order_Quantities.php:33
actionwoocommerce_before_cartincludes\Modules\Shipping\Order_Quantities.php:34
actionwpincludes\Modules\Shipping\Order_Quantities.php:36
filterwoocommerce_available_variationincludes\Modules\Shipping\Order_Quantities.php:41
filterwoocommerce_quantity_input_minincludes\Modules\Shipping\Order_Quantities.php:43
filterwoocommerce_quantity_input_maxincludes\Modules\Shipping\Order_Quantities.php:46
actionwp_enqueue_scriptsincludes\Modules\Shipping\Order_Quantities.php:48
filterwoocommerce_quantity_input_stepincludes\Modules\Shipping\Order_Quantities.php:52
actionadd_meta_boxesincludes\Modules\Shipping\Order_Quantities.php:62
actionsave_post_productincludes\Modules\Shipping\Order_Quantities.php:63
filterwoocommerce_add_to_cart_validationincludes\Modules\Shipping\Order_Quantities.php:67
filterwoocommerce_quantity_input_argsincludes\Modules\Shipping\Order_Quantities.php:70
filterwoocommerce_loop_add_to_cart_argsincludes\Modules\Shipping\Order_Quantities.php:72
actionwp_footerincludes\Modules\Shipping\Order_Quantities.php:73
filterwoocommerce_loop_add_to_cart_linkincludes\Modules\Shipping\Order_Quantities.php:74
actioninitincludes\Modules\Shipping\Order_Quantities.php:77
actionwoocommerce_quantity_input_patternincludes\Modules\Shipping\Order_Quantities.php:78
actionwoocommerce_update_productincludes\Modules\Shipping\Order_Quantities.php:81
filterwoocommerce_stock_amountincludes\Modules\Shipping\Order_Quantities.php:116
filterwoocommerce_shipping_methodsincludes\Modules\Shipping\Shipping.php:29
filterwoocommerce_shipping_methodsincludes\Modules\Shipping\Shipping.php:32
filtercomments_clausesincludes\Shortcodes\Orders.php:781
filteraiow_shortcodes_listincludes\Shortcodes\Shortcodes.php:21
filteraiow_shortcode_resultincludes\Shortcodes\Shortcodes.php:22

Scheduled Events 1

aiow_version_updated
Maintenance & Trust

All In One For Woocommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedAug 31, 2025
PHP min version
Downloads2K

Community Trust

Rating100/100
Number of ratings4
Active installs10
Alternatives

All In One For Woocommerce Alternatives

Smart Manager – Advanced WooCommerce Bulk Edit & Inventory Management

Smart Manager – Advanced WooCommerce Bulk Edit & Inventory Management

smart-manager-for-wp-e-commerce

A
94

WooCommerce Advanced Bulk Edit products, orders, & posts in an Excel-like sheet editor. Get advanced WooCommerce stock, pricing, & order management.

10K 4 CVEs
Custom Shipping Methods for WooCommerce – Create Weight based Shipping, Conditional Shipping, Table Rate Shipping and much more

Custom Shipping Methods for WooCommerce – Create Weight based Shipping, Conditional Shipping, Table Rate Shipping and much more

custom-shipping-methods-for-woocommerce

A
100

Configure advanced shipping options for your WooCommerce store with custom shipping methods. Be it weight based shipping or volume based shipping or q …

3K No CVEs
Flexible Refund and Return Order for WooCommerce

Flexible Refund and Return Order for WooCommerce

flexible-refund-and-return-order-for-woocommerce

A
98

WooCommerce refund and returns process made simple. Let your customers request a refund and return products directly from the My Account page.

1K 2 CVEs
Shipping Rate By Cities

Shipping Rate By Cities

shipping-rate-by-cities

A
97

Set Custom Shipping Rates For Different Cities On Woocommerce.

700 1 CVE
Veeqo for WooCommerce

Veeqo for WooCommerce

veeqo-for-woocommerce

A
85

Veeqo integrates with your WooCommerce stock with other online marketplaces and allows you to print shipping labels in one click.

700 No CVEs
Developer Profile

All In One For Woocommerce Developer Profile

Dipika Parmar

1 plugin · 10 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect All In One For Woocommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/all-in-one-wc/assets/css/setting-page.css
Version Parameters
all-in-one-wc/assets/css/setting-page.css?ver=

HTML / DOM Fingerprints

Data Attributes
data-aiow-active-moduledata-aiow-module-name
FAQ

Frequently Asked Questions about All In One For Woocommerce