WP-Safety

Amadast Shipping افزونه حمل و نقل |ماشین حساب ارسال پست و تیپاکس و چاپار | پس کرایه |تنظیمات ارسال رایگان Security & Risk Analysis

wordpress.org/plugins/amadast-shipping-wp

A plugin that calculates shipping prices online with various sending methods.

500 active installs v3.0.4 PHP 8.0+ WP 5.8.0+ Updated Jan 4, 2026
deliveryecommerceonline-storeonline-shipping-calculationshipping
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Amadast Shipping افزونه حمل و نقل |ماشین حساب ارسال پست و تیپاکس و چاپار | پس کرایه |تنظیمات ارسال رایگان Safe to Use in 2026?

Generally Safe

Score 100/100

Amadast Shipping افزونه حمل و نقل |ماشین حساب ارسال پست و تیپاکس و چاپار | پس کرایه |تنظیمات ارسال رایگان has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago
Risk Assessment

The 'amadast-shipping-wp' plugin exhibits a mixed security posture. On the positive side, it has a clean vulnerability history with no known CVEs, and its code generally employs good practices like using prepared statements for SQL queries and performing nonce and capability checks on most entry points. The absence of dangerous functions and direct file operations without apparent sanitization is also encouraging.

However, there are notable concerns stemming from the static analysis. The plugin exposes 16 AJAX handlers, with a significant portion (4) lacking proper authentication checks. This represents a direct attack vector where unauthenticated users could potentially trigger unintended actions. Furthermore, the taint analysis revealed two flows with unsanitized paths, suggesting potential vulnerabilities related to path traversal or insecure file handling, even though they are not classified as critical or high severity. The presence of bundled libraries like Select2, if not kept up-to-date, could also introduce vulnerabilities.

In conclusion, while the plugin benefits from a strong track record and generally sound coding practices for SQL and output escaping, the unprotected AJAX endpoints and unsanitized path flows are critical areas for immediate attention. Addressing these weaknesses will significantly improve the plugin's overall security. The absence of past vulnerabilities is positive but does not negate the risks identified in the current static analysis.

Key Concerns

  • AJAX handlers without auth checks
  • Taint flows with unsanitized paths
  • Bundled library (Select2) potential risk
Vulnerabilities
None known

Amadast Shipping افزونه حمل و نقل |ماشین حساب ارسال پست و تیپاکس و چاپار | پس کرایه |تنظیمات ارسال رایگان Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Amadast Shipping افزونه حمل و نقل |ماشین حساب ارسال پست و تیپاکس و چاپار | پس کرایه |تنظیمات ارسال رایگان Code Analysis

Dangerous Functions
0
Raw SQL Queries
2
16 prepared
Unescaped Output
105
302 escaped
Nonce Checks
16
Capability Checks
16
File Operations
16
External Requests
4
Bundled Libraries
1

Bundled Libraries

Select2

SQL Query Safety

89% prepared18 total queries

Output Escaping

74% escaped407 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

5 flows2 with unsanitized paths
ajax_auto_fix_settings (classes\AMDSP_Admin.php:861)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
4 unprotected

Amadast Shipping افزونه حمل و نقل |ماشین حساب ارسال پست و تیپاکس و چاپار | پس کرایه |تنظیمات ارسال رایگان Attack Surface

Entry Points16
Unprotected4

AJAX Handlers 16

authwp_ajax_amdsp_force_create_shipping_methodclasses\AMDSP_Admin.php:37
authwp_ajax_amdsp_auto_fix_settingsclasses\AMDSP_Admin.php:40
authwp_ajax_amdsp_restore_settingsclasses\AMDSP_Admin.php:41
authwp_ajax_amdsp_check_fix_statusclasses\AMDSP_Admin.php:42
authwp_ajax_amdsp_send_otpclasses\AMDSP_Auth.php:18
authwp_ajax_amdsp_verify_otpclasses\AMDSP_Auth.php:19
authwp_ajax_amdsp_logoutclasses\AMDSP_Auth.php:20
authwp_ajax_amdsp_checkout_load_citiesclasses\AMDSP_Core.php:48
noprivwp_ajax_amdsp_checkout_load_citiesclasses\AMDSP_Core.php:49
authwp_ajax_amdsp_get_all_cities_dataclasses\AMDSP_Core.php:50
noprivwp_ajax_amdsp_get_all_cities_dataclasses\AMDSP_Core.php:51
authwp_ajax_amdsp_checkout_load_citiesclasses\AMDSP_My_Account.php:9
noprivwp_ajax_amdsp_checkout_load_citiesclasses\AMDSP_My_Account.php:10
authwp_ajax_amdsp_wizard_save_stepclasses\AMDSP_Wizard.php:14
authwp_ajax_amdsp_wizard_completeclasses\AMDSP_Wizard.php:15
authwp_ajax_amdsp_wizard_get_wc_weight_unitclasses\AMDSP_Wizard.php:16
WordPress Hooks 67
actionplugins_loadedamadast-shipping-wp.php:52
actionwoocommerce_loadedamadast-shipping-wp.php:71
actionbefore_woocommerce_initamadast-shipping-wp.php:84
actionadmin_initclasses\AMDSP_Admin.php:30
actionadmin_menuclasses\AMDSP_Admin.php:31
filterwoocommerce_formatted_address_replacementsclasses\AMDSP_Admin.php:34
actionamdsp_form_top_amdsp_logsclasses\AMDSP_Admin.php:57
actionadmin_post_amdsp_download_logsclasses\AMDSP_Admin.php:58
actionadmin_post_amdsp_download_settingsclasses\AMDSP_Admin.php:59
actionadmin_post_amdsp_import_settingsclasses\AMDSP_Admin.php:60
filterwoocommerce_rest_prepare_shop_order_objectclasses\AMDSP_Api.php:11
filterwoocommerce_formatted_address_replacementsclasses\AMDSP_Cart.php:9
actionplugins_loadedclasses\AMDSP_Core.php:40
actionplugins_loadedclasses\AMDSP_Core.php:43
actionwp_footerclasses\AMDSP_Core.php:46
actionwoocommerce_shipping_initclasses\AMDSP_Core.php:52
actionwp_enqueue_scriptsclasses\AMDSP_Core.php:53
actionwp_enqueue_scriptsclasses\AMDSP_Core.php:54
actionwp_enqueue_scriptsclasses\AMDSP_Core.php:57
filterwoocommerce_shipping_methodsclasses\AMDSP_Core.php:59
filterwoocommerce_statesclasses\AMDSP_Core.php:60
filterwoocommerce_checkout_fieldsclasses\AMDSP_Core.php:64
filterwoocommerce_checkout_fieldsclasses\AMDSP_Core.php:65
filterwoocommerce_checkout_fieldsclasses\AMDSP_Core.php:72
actionwoocommerce_before_checkout_formclasses\AMDSP_Core.php:73
actionwp_footerclasses\AMDSP_Core.php:74
filterwoocommerce_form_field_billing_cityclasses\AMDSP_Core.php:77
filterwoocommerce_form_field_shipping_cityclasses\AMDSP_Core.php:78
filterwoocommerce_form_field_cityclasses\AMDSP_Core.php:80
filterwoocommerce_checkout_fieldsclasses\AMDSP_Core.php:83
filterwoocommerce_checkout_update_order_metaclasses\AMDSP_Core.php:84
filterwoocommerce_checkout_processclasses\AMDSP_Core.php:85
filterwoocommerce_checkout_create_orderclasses\AMDSP_Core.php:86
filterwoocommerce_package_ratesclasses\AMDSP_Core.php:87
filterwoocommerce_checkout_get_valueclasses\AMDSP_Core.php:88
filterwoocommerce_cart_shipping_packagesclasses\AMDSP_Core.php:89
filterwoocommerce_cart_shipping_packagesclasses\AMDSP_Core.php:92
filterwoocommerce_package_ratesclasses\AMDSP_Core.php:95
filterwoocommerce_package_ratesclasses\AMDSP_Core.php:98
actionwoocommerce_checkout_order_processedclasses\AMDSP_Core.php:101
filtermanage_edit-shop_order_columnsclasses\AMDSP_Core.php:102
actionmanage_shop_order_posts_custom_columnclasses\AMDSP_Core.php:103
filtermanage_woocommerce_page_wc-orders_columnsclasses\AMDSP_Core.php:104
actionmanage_woocommerce_page_wc-orders_custom_columnclasses\AMDSP_Core.php:105
actionwoocommerce_admin_order_data_after_order_detailsclasses\AMDSP_Core.php:106
actionbefore_woocommerce_initclasses\AMDSP_Core.php:125
filterwoocommerce_billing_fieldsclasses\AMDSP_Core.php:128
filterwoocommerce_shipping_fieldsclasses\AMDSP_Core.php:129
actioninitclasses\AMDSP_Core.php:132
actionwp_enqueue_scriptsclasses\AMDSP_Core.php:135
filterwoocommerce_checkout_fieldsclasses\AMDSP_Core.php:160
filterwoocommerce_billing_fieldsclasses\AMDSP_Core.php:161
filterwoocommerce_shipping_fieldsclasses\AMDSP_Core.php:162
filterwoocommerce_statesclasses\AMDSP_Core.php:166
actioninitclasses\AMDSP_Core.php:169
actionwp_enqueue_scriptsclasses\AMDSP_Core.php:172
actionwp_footerclasses\AMDSP_Core.php:175
actionwp_footerclasses\AMDSP_Core.php:311
actionadmin_initclasses\AMDSP_Install.php:8
actionadmin_initclasses\AMDSP_Install.php:9
filterwoocommerce_my_account_my_address_formatted_addressclasses\AMDSP_My_Account.php:11
actionwp_enqueue_scriptsclasses\AMDSP_My_Account.php:12
actionadmin_noticesclasses\AMDSP_Notice.php:10
actionadmin_enqueue_scriptsclasses\AMDSP_Settings.php:91
actionadmin_initclasses\AMDSP_Version.php:8
actionadmin_menuclasses\AMDSP_Wizard.php:12
actionadmin_initclasses\AMDSP_Wizard.php:13
Maintenance & Trust

Amadast Shipping افزونه حمل و نقل |ماشین حساب ارسال پست و تیپاکس و چاپار | پس کرایه |تنظیمات ارسال رایگان Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedJan 4, 2026
PHP min version8.0
Downloads5K

Community Trust

Rating100/100
Number of ratings1
Active installs500
Alternatives

Amadast Shipping افزونه حمل و نقل |ماشین حساب ارسال پست و تیپاکس و چاپار | پس کرایه |تنظیمات ارسال رایگان Alternatives

CDEKDelivery

CDEKDelivery

cdekdelivery

A
100

Integration with CDEK delivery for your WooCommerce store.

2K No CVEs
Flat Rate per State/Country/Region for WooCommerce

Flat Rate per State/Country/Region for WooCommerce

flat-rate-per-countryregion-for-woocommerce

A
100

This plugin allows you to set a flat delivery rate per States, Countries or World Regions on WooCommerce.

1K No CVEs
Shipping Additional Days for WooCommerce

Shipping Additional Days for WooCommerce

woo-shipping-additional-days

A
85

Allows you to set additional days to your delivery date into Products and Shipping Classes.

200 No CVEs
Kwik Delivery for Woocommerce

Kwik Delivery for Woocommerce

kwik-delivery-for-wcommerce

A
100

A Kwik Delivery integration for Woocommerce, including real time shipping rates, order scheduling and tracking updates.

30 No CVEs
Portugal VASP Expresso Kios network for WooCommerce

Portugal VASP Expresso Kios network for WooCommerce

portugal-vasp-kios-woocommerce

A
100

Lets you deliver on the VASP Expresso Kios network of partners in Portugal. This is not a shipping method. This is an add-on for any WooCommerce shipp …

20 No CVEs
Developer Profile

Amadast Shipping افزونه حمل و نقل |ماشین حساب ارسال پست و تیپاکس و چاپار | پس کرایه |تنظیمات ارسال رایگان Developer Profile

Amadast

1 plugin · 500 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Amadast Shipping افزونه حمل و نقل |ماشین حساب ارسال پست و تیپاکس و چاپار | پس کرایه |تنظیمات ارسال رایگان

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/amadast-shipping-wp/assets/css/amdsp-checkout-style.css/wp-content/plugins/amadast-shipping-wp/assets/js/amdsp-checkout.js/wp-content/plugins/amadast-shipping-wp/assets/js/amdsp-shipping-methods.js/wp-content/plugins/amadast-shipping-wp/assets/css/amdsp-admin-style.css/wp-content/plugins/amadast-shipping-wp/assets/js/amdsp-admin-script.js/wp-content/plugins/amadast-shipping-wp/assets/js/amdsp-frontend.js/wp-content/plugins/amadast-shipping-wp/assets/js/amdsp-frontend-init.js
Script Paths
/wp-content/plugins/amadast-shipping-wp/assets/js/amdsp-checkout.js/wp-content/plugins/amadast-shipping-wp/assets/js/amdsp-shipping-methods.js/wp-content/plugins/amadast-shipping-wp/assets/js/amdsp-admin-script.js/wp-content/plugins/amadast-shipping-wp/assets/js/amdsp-frontend.js/wp-content/plugins/amadast-shipping-wp/assets/js/amdsp-frontend-init.js
Version Parameters
/wp-content/plugins/amadast-shipping-wp/assets/css/amdsp-checkout-style.css?ver=/wp-content/plugins/amadast-shipping-wp/assets/js/amdsp-checkout.js?ver=/wp-content/plugins/amadast-shipping-wp/assets/js/amdsp-shipping-methods.js?ver=/wp-content/plugins/amadast-shipping-wp/assets/css/amdsp-admin-style.css?ver=/wp-content/plugins/amadast-shipping-wp/assets/js/amdsp-admin-script.js?ver=/wp-content/plugins/amadast-shipping-wp/assets/js/amdsp-frontend.js?ver=/wp-content/plugins/amadast-shipping-wp/assets/js/amdsp-frontend-init.js?ver=

HTML / DOM Fingerprints

CSS Classes
amdsp-checkout-cityamdsp-unified-province-city-fieldamdsp-unified-province-city-modalamdsp-unified-province-city-selectamdsp-checkout-shipping-method-wrapper
HTML Comments
<!-- Amadast Shipping WP: Unified Province/City Field Modal -->
Data Attributes
data-amdsp-field-typedata-amdsp-field-namedata-amdsp-province-iddata-amdsp-city-id
JS Globals
amdsp_checkout_paramsamdsp_admin_paramsamdsp_frontend_paramsAMDSP_Province_CityAMDSP_Auth
REST Endpoints
/wp-json/amdsp/v1/cities/wp-json/amdsp/v1/provinces
FAQ

Frequently Asked Questions about Amadast Shipping افزونه حمل و نقل |ماشین حساب ارسال پست و تیپاکس و چاپار | پس کرایه |تنظیمات ارسال رایگان