WP-Safety

CereTax Security & Risk Analysis

wordpress.org/plugins/ceretax

Simplify sales tax complexity with CereTax for WooCommerce.

30 active installs v1.4.7 PHP 7.4+ WP 4.0.1+ Updated Feb 10, 2026
sales-taxsales-tax-compliancetaxtax-calculationtaxes
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is CereTax Safe to Use in 2026?

Generally Safe

Score 100/100

CereTax has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The "ceretax" plugin v1.4.8 exhibits a generally strong security posture based on the static analysis. The absence of direct SQL injection vulnerabilities due to 100% prepared statements, the very high percentage of properly escaped output, and the lack of file operations are all positive indicators. Furthermore, the plugin has no recorded vulnerability history, suggesting a commitment to security or a lack of past exploitable flaws. However, a significant concern lies in the complete absence of capability checks for its AJAX handlers. While there are only 4 AJAX entry points, the lack of proper authorization checks means any authenticated user could potentially interact with these handlers, which could be a vector for issues if not properly secured internally. The presence of 11 external HTTP requests also warrants cautious review to ensure these are handled securely and do not introduce vulnerabilities through the third-party services they interact with.

Key Concerns

  • Missing capability checks on AJAX handlers
Vulnerabilities
None known

CereTax Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

CereTax Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
3
130 escaped
Nonce Checks
2
Capability Checks
0
File Operations
0
External Requests
11
Bundled Libraries
0

Output Escaping

98% escaped133 total outputs
Attack Surface

CereTax Attack Surface

Entry Points4
Unprotected0

AJAX Handlers 4

authwp_ajax_update_tax_rateinc\class-cwafc.php:72
noprivwp_ajax_update_tax_rateinc\class-cwafc.php:73
authwp_ajax_validate_addressinc\class-cwafc.php:76
noprivwp_ajax_validate_addressinc\class-cwafc.php:77
WordPress Hooks 48
actionadmin_enqueue_scriptsinc\admin\class-cwafc-admin-action.php:29
actionwoocommerce_settings_tabs_cwafc_ceretaxinc\admin\class-cwafc-admin-action.php:31
actionwoocommerce_update_options_cwafc_ceretaxinc\admin\class-cwafc-admin-action.php:33
actionwoocommerce_product_options_general_product_datainc\admin\class-cwafc-admin-action.php:35
actionwoocommerce_process_product_metainc\admin\class-cwafc-admin-action.php:37
actionproduct_cat_add_form_fieldsinc\admin\class-cwafc-admin-action.php:39
actionproduct_cat_edit_form_fieldsinc\admin\class-cwafc-admin-action.php:40
actioncreated_product_catinc\admin\class-cwafc-admin-action.php:42
actionedited_product_catinc\admin\class-cwafc-admin-action.php:43
actionwoocommerce_admin_order_item_headersinc\admin\class-cwafc-admin-action.php:45
actionwoocommerce_admin_order_item_valuesinc\admin\class-cwafc-admin-action.php:47
actionadmin_footerinc\admin\class-cwafc-admin-action.php:49
filterwoocommerce_general_settingsinc\admin\class-cwafc-admin-action.php:51
actionwoocommerce_admin_field_validate_store_address_buttoninc\admin\class-cwafc-admin-action.php:53
actionwoocommerce_update_options_generalinc\admin\class-cwafc-admin-action.php:55
actionwoocommerce_admin_order_totals_after_totalinc\admin\class-cwafc-admin-action.php:57
actionplugins_loadedinc\admin\class-cwafc-admin-action.php:1143
filterwoocommerce_settings_tabs_arrayinc\admin\class-cwafc-admin-filter.php:32
actionplugins_loadedinc\admin\class-cwafc-admin-filter.php:59
actionplugins_loadedinc\admin\class-cwafc-admin.php:45
actionplugins_loadedinc\class-cwafc.php:65
actionbefore_woocommerce_initinc\class-cwafc.php:69
actionwoocommerce_cart_totals_before_order_totalinc\class-cwafc.php:79
actionwoocommerce_cart_calculate_feesinc\class-cwafc.php:81
actionwoocommerce_admin_order_totals_after_taxinc\class-cwafc.php:82
actionwoocommerce_before_order_notesinc\class-cwafc.php:84
filterwoocommerce_locate_templateinc\class-cwafc.php:86
actionadd_meta_boxesinc\class-cwafc.php:88
actionwoocommerce_new_orderinc\class-cwafc.php:90
actionwoocommerce_order_status_processinginc\class-cwafc.php:92
actionwoocommerce_order_status_completedinc\class-cwafc.php:93
actionwoocommerce_order_status_cancelledinc\class-cwafc.php:95
filterwcs_renewal_order_createdinc\class-cwafc.php:97
actionwoocommerce_thankyouinc\class-cwafc.php:99
actionwoocommerce_order_after_calculate_totalsinc\class-cwafc.php:101
actionwoocommerce_order_refundedinc\class-cwafc.php:103
filterwoocommerce_subscriptions_is_recurring_feeinc\class-cwafc.php:105
filterwoocommerce_cart_totals_taxes_total_htmlinc\class-cwafc.php:107
filterwoocommerce_get_order_item_totalsinc\class-cwafc.php:108
filterwoocommerce_order_get_itemsinc\class-cwafc.php:110
actionwoocommerce_checkout_create_subscriptioninc\class-cwafc.php:112
filterwcs_new_order_createdinc\class-cwafc.php:114
filterwoocommerce_get_order_item_totals_excl_free_feesinc\class-cwafc.php:116
actionwp_enqueue_scriptsinc\front\class-cwafc-front-action.php:28
actionwp_footerinc\front\class-cwafc-front-action.php:29
actionplugins_loadedinc\front\class-cwafc-front-action.php:98
actionplugins_loadedinc\front\class-cwafc-front-filter.php:31
actionplugins_loadedinc\front\class-cwafc-front.php:45
Maintenance & Trust

CereTax Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedFeb 10, 2026
PHP min version7.4
Downloads3K

Community Trust

Rating0/100
Number of ratings0
Active installs30
Alternatives

CereTax Alternatives

ZipTax – Sales Tax for WooCommerce

ZipTax – Sales Tax for WooCommerce

ziptax-sales-tax-for-woocommerce

A
85

ZipTax offers an automated sales tax service for Wordpress WooCommerce. Simply install the plugin and configure your API key and we can determine the …

10 No CVEs
TaxJar – Sales Tax Automation for WooCommerce

TaxJar – Sales Tax Automation for WooCommerce

taxjar-simplified-taxes-for-woocommerce

A
100

Trusted by more than 20,000 businesses, TaxJar’s award-winning solution makes it easy to automate sales tax reporting and filing, and determine econom …

6K No CVEs
SutTax

SutTax

avior-sales-tax-automation-for-woocommerce

A
85

Avior SutTax offers sales tax determination web service to retailers. With SutTax WooCommerce Plugin, retailers are able to add accurate sales tax to …

0 No CVEs
TaxDo

TaxDo

taxdo

A
100

A unique solution for managing sales tax calculation & tax exemption certificates.

0 No CVEs
Sales Tax Reports For WooCommerce

Sales Tax Reports For WooCommerce

sales-tax-reports-for-woocommerce

A
100

The Sales Tax Reports For WooCommerce Plugin

800 No CVEs
Developer Profile

CereTax Developer Profile

CereTax

1 plugin · 30 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect CereTax

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/ceretax/assets/css/admin.css/wp-content/plugins/ceretax/assets/js/admin.js
Script Paths
/wp-content/plugins/ceretax/assets/js/admin.js
Version Parameters
ceretax/assets/css/admin.css?ver=ceretax/assets/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
cwafc-ceretax-setting-tab
HTML Comments
<!-- ADDED BY CWAFC --><!-- Custom field for product --><!-- Custom field for product category --><!-- Add admin order line item column -->+6 more
Data Attributes
data-field_type="validate_store_address_button"data-plugin-name="ceretax"data-plugin-version="1.4.8"
JS Globals
cwafc_admin_params
FAQ

Frequently Asked Questions about CereTax