WP-Safety

Cargo Tracking for WooCommerce Security & Risk Analysis

wordpress.org/plugins/cargo-tracking-for-woocommerce

With the WooCommerce cargo tracking plugin, you can add as many cargo companies as you want, show cargo tracking links on the front and admin side, an …

400 active installs v1.0.5 PHP 7.0+ WP 5.1+ Updated Nov 9, 2022
cargocargo-trackingkargokargo-takipwoocommerce-kargo-takip
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Cargo Tracking for WooCommerce Safe to Use in 2026?

Generally Safe

Score 85/100

Cargo Tracking for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago
Risk Assessment

The static analysis of 'cargo-tracking-for-woocommerce' version 1.0.5 reveals a generally good security posture with no known vulnerabilities or CVEs. The plugin demonstrates strong adherence to secure coding practices by exclusively using prepared statements for SQL queries and properly escaping a high percentage of its outputs. Furthermore, the absence of shortcodes, cron events, and exposed AJAX/REST API endpoints significantly limits its attack surface, a commendable achievement. However, the presence of two instances of the `unserialize` function is a notable concern. While taint analysis shows no critical or high severity unsanitized paths, the potential for unserialize vulnerabilities, especially in less thoroughly sanitized contexts, cannot be ignored. The lack of capability and nonce checks, while not directly leading to exploitable issues in this analysis, represents a missed opportunity to harden security further, particularly if any new entry points were to be introduced in future versions.

Key Concerns

  • Dangerous function: unserialize used
  • No nonce checks implemented
  • No capability checks implemented
Vulnerabilities
None known

Cargo Tracking for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Cargo Tracking for WooCommerce Code Analysis

Dangerous Functions
2
Raw SQL Queries
0
0 prepared
Unescaped Output
2
39 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Dangerous Functions Found

unserialize$data = isset($dataPost['cargo_tracking_for_woocommerce-data'][0]) ? unserialize($dataPost['cargo_trapp\Base\MetaBox.php:24
unserialize$data = isset($dataPost['cargo_tracking_for_woocommerce-data'][0]) ? unserialize($dataPost['cargo_trapp\Woocommerce\Email.php:40

Output Escaping

95% escaped41 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths
get_table (app\Table\TableFunctions.php:9)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Cargo Tracking for WooCommerce Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 18
actionadmin_enqueue_scriptsapp\Base\Assets.php:9
actionwp_enqueue_scriptsapp\Base\Assets.php:10
filterplugin_action_links_cargo-tracking-for-woocommerce/CargoTrackingForWooCommerce.phpapp\Base\Assets.php:11
actionadd_meta_boxesapp\Base\MetaBox.php:11
actionwoocommerce_process_shop_order_metaapp\Base\MetaBox.php:12
actionmanage_shop_order_posts_custom_columnapp\Woocommerce\BackEndTable.php:11
filtermanage_edit-shop_order_columnsapp\Woocommerce\BackEndTable.php:12
actionwoocommerce_email_before_order_tableapp\Woocommerce\Email.php:12
filterwoocommerce_email_actionsapp\Woocommerce\Email.php:13
actionwoocommerce_order_status_cargo_shippingapp\Woocommerce\Email.php:14
actionwoocommerce_order_details_after_order_table_itemsapp\Woocommerce\FrontEndTable.php:11
actionwoocommerce_my_account_my_orders_columnsapp\Woocommerce\FrontEndTable.php:12
actionwoocommerce_my_account_my_orders_column_cargo_tracking_for_woocommerceapp\Woocommerce\FrontEndTable.php:13
actionwoocommerce_admin_field_imgapp\Woocommerce\SettingsField.php:9
actioninitapp\Woocommerce\Status.php:9
filterwc_order_statusesapp\Woocommerce\Status.php:10
filterwoocommerce_settings_tabs_arrayapp\Woocommerce\WCSettings.php:14
filterwoocommerce_get_settings_pagesapp\Woocommerce\WoocommerceInit.php:21
Maintenance & Trust

Cargo Tracking for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.1.10
Last updatedNov 9, 2022
PHP min version7.0
Downloads6K

Community Trust

Rating100/100
Number of ratings3
Active installs400
Alternatives

Cargo Tracking for WooCommerce Alternatives

Kargo Takip

Kargo Takip

kargo-takip-turkiye

A
99

WooCommerce siparişlerinize kargo takip bilgisi ekleyin ve müşterilerinize otomatik e-posta/SMS bildirimleri gönderin.

3K 1 CVE
Geliver Akıllı Kargo Pazaryeri

Geliver Akıllı Kargo Pazaryeri

geliver-akilli-kargo-pazaryeri

A
100

Geliver, tüm kargo süreçlerinizi yöneten, indirimli fiyatlarla çalışan bulut tabanlı bir kargo pazaryeri sistemidir. Kargo firmaları ile anlaşma yapma …

300 No CVEs
Kargo Takip

Kargo Takip

kargo-takip

A
100

Müşterilerinizin kargolarını takip etmesine olanak sağlayan bir kargo takip eklentisidir. Kargo takip eklentisi aras kargo, mng kargo , sürat kargo ve …

50 No CVEs
shipmendo – Lite

shipmendo – Lite

wc-shipmendo-lite

A
85

shipmendo - Lite kullanarak siparişlerin kargo adımlarını müşterilerinizle paylaşın. Desteklenen kargo firmaları: - Aras Kargo, - MNG Kargo, - PTT Kar …

20 No CVEs
Kargom Nerede – Markalı Kargo Takip Sayfası, Sms, Mail

Kargom Nerede – Markalı Kargo Takip Sayfası, Sms, Mail

kargom-nerede-kargo-takip

A
85

Kargom Nerede - Markalı Kargo Takip Sayfası - Sms (Netgsm) - Mail WooCommerce > Siparişleriniz içerisinden "Kargom Nerede" bileşenine ka …

10 No CVEs
Developer Profile

Cargo Tracking for WooCommerce Developer Profile

ilhanaydinli

1 plugin · 400 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Cargo Tracking for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/cargo-tracking-for-woocommerce/assets/css/style.css/wp-content/plugins/cargo-tracking-for-woocommerce/assets/js/admin.js
Script Paths
/wp-content/plugins/cargo-tracking-for-woocommerce/assets/js/admin.js

HTML / DOM Fingerprints

Data Attributes
admin.php?page=wc-settings&tab=cargo_tracking_for_woocommerce
JS Globals
cargo_tracking_for_woocommerce
FAQ

Frequently Asked Questions about Cargo Tracking for WooCommerce