WP-Safety

Balidrop Security & Risk Analysis

wordpress.org/plugins/balidrop

Balidrop allows you to easily import selected AliExpress products to your WordPress store.

0 active installs v1.0.1 PHP 5.6+ WP 4.7+ Updated Mar 16, 2021
aliexpressaliexpress-dropshippingdropshippingecommercewoocommerce
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Balidrop Safe to Use in 2026?

Generally Safe

Score 85/100

Balidrop has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago
Risk Assessment

The balidrop v1.0.1 plugin exhibits a mixed security posture, with some strong coding practices but significant concerns regarding its attack surface and access control.

On the positive side, the plugin demonstrates good practices by using prepared statements for all SQL queries and properly escaping all output. The absence of known vulnerabilities and critical taint analysis findings also suggests a lack of historically exploited weaknesses or complex injection flaws.

However, the most significant security concern is the presence of 5 AJAX handlers, all of which are completely unprotected by authentication or capability checks. This represents a substantial attack surface where any user, even unauthenticated ones, could potentially trigger arbitrary actions within the plugin. The lack of nonce checks and capability checks directly contributes to this high-risk exposure, as it bypasses WordPress's built-in security mechanisms for handling AJAX requests. The plugin also performs file operations and makes external HTTP requests, which could become vectors for attacks if not carefully handled in conjunction with proper authorization.

Key Concerns

  • Unprotected AJAX handlers
  • Missing nonce checks on AJAX
  • Missing capability checks
Vulnerabilities
None known

Balidrop Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Balidrop Release Timeline

v1.0.1Current
v1.0.0
Code Analysis
Analyzed Apr 16, 2026

Balidrop Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
2 prepared
Unescaped Output
0
2 escaped
Nonce Checks
0
Capability Checks
0
File Operations
4
External Requests
5
Bundled Libraries
0

SQL Query Safety

100% prepared2 total queries

Output Escaping

100% escaped2 total outputs
Attack Surface
5 unprotected

Balidrop Attack Surface

Entry Points5
Unprotected5

AJAX Handlers 5

authwp_ajax_woo_product_categoriesincludes/api/balidrop_api.php:17
authwp_ajax_woo_create_productincludes/api/balidrop_api.php:19
authwp_ajax_balidrop_product_categoriesincludes/api/balidrop_api.php:21
authwp_ajax_balidrop_product_categories_detailincludes/api/balidrop_api.php:23
authwp_ajax_balidrop_product_soupinincludes/api/balidrop_api.php:25
WordPress Hooks 4
actionadmin_noticesbalidrop.php:71
actionadmin_menuincludes/core/core.php:30
actionadmin_initincludes/core/core.php:89
actionadmin_print_scriptsincludes/core/core.php:131
Maintenance & Trust

Balidrop Maintenance & Trust

Maintenance Signals

WordPress version tested5.6.17
Last updatedMar 16, 2021
PHP min version5.6
Downloads1K

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Balidrop Alternatives

Dropship Express

Dropship Express

automated-dropshipping-for-woocommerce

A
85

Import, publish, sell and ship products from retailers to your WordPress store, automatically.

10 No CVEs
AliExpress Dropshipping Plugin for WooCommerce & WordPress

AliExpress Dropshipping Plugin for WooCommerce & WordPress

ali2woo-lite

A
91

Use the WooCommerce Dropshipping Plugin for AliExpress to import products, reviews, set flexible pricing rules, and automate order fulfillment.

4K 7 CVEs
Taxnalogy Aliexpress Product Importer

Taxnalogy Aliexpress Product Importer

taxnalogy-aliexpress-product-importer

A
85

Taknalogy Aliexpress Product Importer plugin makes product import from Aliexpress to WooCommerce a trivial task. It performs simple and variable produ …

10 No CVEs
ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce

ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce

woo-alidropship

A
99

Transfer data from AliExpress products to WooCommerce effortlessly and fulfill WooCommerce orders to AliExpress automatically.

10K 2 CVEs
AppScenic – Smart AI Dropshipping

AppScenic – Smart AI Dropshipping

appscenic

A
92

Expand your store catalogue with no upfront inventory cost. Source high-quality products from verified domestic suppliers and use AI in the process.

2K No CVEs
Developer Profile

Balidrop Developer Profile

17feia

1 plugin · 0 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Balidrop

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/balidrop/src/css/bootstrap.min.css/wp-content/plugins/balidrop/src/css/bootstrap-table.min.css/wp-content/plugins/balidrop/src/css/style.css/wp-content/plugins/balidrop/src/js/bootstrap.min.js/wp-content/plugins/balidrop/src/js/bootstrap-table.min.js/wp-content/plugins/balidrop/pages/home/home.js/wp-content/plugins/balidrop/pages/product/product.js
Version Parameters
balidrop/style.css?ver=balidrop/script.js?ver=balidrop/bootstrap.min.css?ver=balidrop/bootstrap-table.min.css?ver=balidrop/style.css?ver=balidrop/bootstrap.min.js?ver=balidrop/bootstrap-table.min.js?ver=balidrop/home.js?ver=balidrop/product.js?ver=

HTML / DOM Fingerprints

CSS Classes
balidrop-admin-notice-errorbalidrop-home-pagebalidrop-product-page
Data Attributes
data-balidrop-ajaxurl
JS Globals
product_scriptbalidrop_product_params
FAQ

Frequently Asked Questions about Balidrop