Does AWSA Shipping – Advanced Shipping for Woocommerce and Dokan have any unpatched vulnerabilities?

Yes — AWSA Shipping – Advanced Shipping for Woocommerce and Dokan currently has 1 unpatched vulnerability. We recommend switching to an alternative or applying any available workarounds.

Is AWSA Shipping – Advanced Shipping for Woocommerce and Dokan compatible with WordPress 6.0.11?

According to WordPress.org data, AWSA Shipping – Advanced Shipping for Woocommerce and Dokan 1.3.0 has been tested up to WordPress 6.0.11. Check the plugin's changelog for the latest compatibility information.

Is AWSA Shipping – Advanced Shipping for Woocommerce and Dokan compatible with PHP 7.2+?

AWSA Shipping – Advanced Shipping for Woocommerce and Dokan requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

AWSA Shipping – Advanced Shipping for Woocommerce and Dokan Security & Risk Analysis

wordpress.org/plugins/awsa-shipping

روش های حمل و نقل با تنظیمات پیشرفته

90 active installs v1.3.0 PHP 7.2+ WP 5.3.0+ Updated Jun 4, 2022

%d9%85%d8%ad%d8%a7%d8%b3%d8%a8%d9%87-%d9%87%d8%b2%db%8c%d9%86%d9%87-%d9%be%d8%b3%d8%aa%d9%be%db%8c%d8%b4%d8%aa%d8%a7%d8%b2%d8%ad%d9%85%d9%84-%d9%88-%d9%86%d9%82%d9%84-%d9%88%d9%88%da%a9%d8%a7%d9%85%d8%b1%d8%b3%d8%ad%d9%85%d9%84-%d9%88-%d9%86%d9%82%d9%84-%d8%a7%db%8c%d8%b1%d8%a7%d9%86%d8%ad%d9%85%d9%84-%d9%88-%d9%86%d9%82%d9%84-%d8%af%da%a9%d8%a7%d9%86

C · Use Caution

CVEs total1

Unpatched1

Last CVEApr 10, 2025

Plugin page Download

Safety Verdict

Is AWSA Shipping – Advanced Shipping for Woocommerce and Dokan Safe to Use in 2026?

Use With Caution

Score 63/100

AWSA Shipping – Advanced Shipping for Woocommerce and Dokan has 1 unpatched vulnerability. Evaluate alternatives or apply available mitigations.

1 known CVE 1 unpatched Last CVE: Apr 10, 2025Updated 3yr ago

Risk Assessment

The awsa-shipping v1.3.0 plugin demonstrates a generally strong security posture, with a notable absence of dangerous functions and SQL injection vulnerabilities due to prepared statements. The plugin also implements a good number of nonce checks. However, the presence of unsanitized paths in the taint analysis indicates potential security weaknesses that could be exploited if they lead to exploitable vulnerabilities. The historically documented Cross-site Scripting (XSS) vulnerability, even if it is in the past, raises concerns about the plugin's historical ability to properly neutralize user-provided input, and the fact that there is still an unpatched vulnerability is a significant risk.

While the static analysis shows a small attack surface and no immediate critical or high severity issues in the current version's code, the existence of an unpatched medium severity vulnerability from the past, coupled with the taint analysis findings, suggests that careful attention is still required. The plugin has strengths in its handling of SQL and the number of nonce checks, but the historical XSS and the taint findings highlight areas where input sanitization and output escaping might still need further review to ensure complete security.

Key Concerns

Unpatched CVE present
Flows with unsanitized paths found
Output escaping not fully implemented
Capability checks missing on entry points

Vulnerabilities

AWSA Shipping – Advanced Shipping for Woocommerce and Dokan Security Vulnerabilities

CVEs by Year

1 CVE in 2025 · unpatched

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-32604medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

AWSA Shipping <= 1.3.0 - Reflected Cross-Site Scripting

Apr 10, 2025Unpatched

Code Analysis

Analyzed Mar 16, 2026

AWSA Shipping – Advanced Shipping for Woocommerce and Dokan Code Analysis

Dangerous Functions

Raw SQL Queries

1 prepared

Unescaped Output

117 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Select2

SQL Query Safety

100% prepared1 total queries

Output Escaping

78% escaped150 total outputs

Data Flows

3 unsanitized

Data Flow Analysis

7 flows3 with unsanitized paths

bulk_actions_process (includes\class-order-bulk-actions.php:61)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

AWSA Shipping – Advanced Shipping for Woocommerce and Dokan Attack Surface

Entry Points2

Unprotected0

AJAX Handlers 2

authwp_ajax_aw-admin-actions-ajax-processincludes\class-post-actions.php:82

authwp_ajax_aw-admin-actions-ajax-processincludes\core\post-actions\class-post-actions.php:111

WordPress Hooks 49

actionadmin_enqueue_scriptsincludes\class-admin-shipping.php:67

actionadmin_initincludes\class-admin-shipping.php:76

actionadmin_post_awsa_shipping_settingsincludes\class-admin-shipping.php:77

actionadmin_menuincludes\class-admin-shipping.php:78

actionadd_meta_boxesincludes\class-admin-shipping.php:79

actionawsa_shop_order_actions_meta_box_child_infoincludes\class-admin-shipping.php:104

filterawsa_post_actions_modules_shop_orderincludes\class-admin-shipping.php:107

filtermanage_edit-shop_order_columnsincludes\class-admin-shipping.php:110

actionmanage_shop_order_posts_custom_columnincludes\class-admin-shipping.php:111

actionadmin_enqueue_scriptsincludes\class-admin.php:79

actionadmin_initincludes\class-admin.php:89

actionawsa_update_settings_page-awsa-shippingincludes\class-admin.php:90

actionadmin_menuincludes\class-admin.php:91

actionadd_meta_boxesincludes\class-admin.php:92

actionawsa_shop_order_actions_meta_box_child_infoincludes\class-admin.php:122

filterawsa_post_actions_modules_shop_orderincludes\class-admin.php:125

filtermanage_edit-shop_order_columnsincludes\class-admin.php:128

actionmanage_shop_order_posts_custom_columnincludes\class-admin.php:129

filterawsa_settings_page_awsa-shipping_addonsincludes\class-admin.php:138

actionwoocommerce_checkout_processincludes\class-checkout.php:26

actionwoocommerce_checkout_processincludes\class-checkout.php:30

filterbulk_actions-edit-shop_orderincludes\class-order-bulk-actions.php:26

actioninitincludes\class-order-statuses.php:26

filterwc_order_statusesincludes\class-order-statuses.php:27

filterbulk_actions-edit-shop_orderincludes\class-order-statuses.php:28

actionadd_meta_boxesincludes\class-post-actions.php:81

actionwp_enqueue_scriptsincludes\class-shipping.php:199

actioninitincludes\class-shipping.php:209

filterwoocommerce_cart_shipping_method_full_labelincludes\class-shipping.php:216

filterwoocommerce_shipping_methodsincludes\class-shipping.php:228

filterawsa_package_info_get_weightincludes\class-shipping.php:231

actionwoocommerce_order_details_before_order_tableincludes\class-shipping.php:233

filterwoe_fetch_order_dataincludes\class-shipping.php:236

actionadmin_enqueue_scriptsincludes\class-wc-city-input-admin.php:26

filterwoocommerce_get_settings_generalincludes\class-wc-city-input-admin.php:30

actionwoocommerce_admin_field_awsa-city-selectorincludes\class-wc-city-input-admin.php:31

filterwoocommerce_statesincludes\class-wc-states-cities.php:29

filterwoocommerce_checkout_fieldsincludes\class-wc-states-cities.php:34

filterwoocommerce_form_field_cityincludes\class-wc-states-cities.php:39

filterwoocommerce_formatted_address_replacementsincludes\class-wc-states-cities.php:44

actionwoocommerce_checkout_update_order_reviewincludes\class-wc-states-cities.php:49

actionwoocommerce_review_order_before_paymentincludes\class-wc-states-cities.php:50

actionwp_enqueue_scriptsincludes\class-wc-states-cities.php:55

actionadmin_menuincludes\core\admin-menus\class-admin-menus.php:62

actionadmin_post_awsa_settings_pageincludes\core\apis\settings\class-settings-page.php:29

actionawsa_settings_page_enqueueincludes\core\apis\settings\page\class-display-page.php:166

actionawsa_settings_topmenuincludes\core\apis\settings\page\class-display-page.php:167

actionawsa_display_page_settingsincludes\core\apis\settings\page\class-display-page.php:168

actionadd_meta_boxesincludes\core\post-actions\class-post-actions.php:110

Maintenance & Trust

AWSA Shipping – Advanced Shipping for Woocommerce and Dokan Maintenance & Trust

Maintenance Signals

WordPress version tested6.0.11

Last updatedJun 4, 2022

PHP min version7.2

Downloads9K

Community Trust

Rating88/100

Number of ratings7

Active installs90

Alternatives

AWSA Shipping – Advanced Shipping for Woocommerce and Dokan Alternatives

No alternatives data available yet.

Developer Profile

AWSA Shipping – Advanced Shipping for Woocommerce and Dokan Developer Profile

Sajjad Aslani

1 plugin · 90 total installs

trust score

Avg Security Score

63/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect AWSA Shipping – Advanced Shipping for Woocommerce and Dokan

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/awsa-shipping/assets/css/admin-styles.css/wp-content/plugins/awsa-shipping/assets/js/admin-scripts.js/wp-content/plugins/awsa-shipping/assets/js/awsa-form.js/wp-content/plugins/awsa-shipping/assets/js/awsa-post-actions.js/wp-content/plugins/awsa-shipping/assets/css/fontawesome.min.css/wp-content/plugins/awsa-shipping/assets/js/scripts.js

Script Paths

admin-scripts.jsawsa-form.jsawsa-post-actions.jsscripts.js

Version Parameters

awsa-shipping-admin-style?ver=awsa-shipping-admin-script?ver=awsa-form-script?ver=awsa-post-actions-script?ver=awsa-fontawesome?ver=awsa-shipping-script?ver=

HTML / DOM Fingerprints

CSS Classes

awsa-shipping-admin-styleawsa-shipping-admin-scriptawsa-form-scriptawsa-post-actions-scriptawsa-shipping-script

JS Globals

awsa_shipping_admin_dataawsa_script_dataawsa_shipping_data

FAQ