WP-Safety

ChinaDS – Tmall-Taobao Dropshipping for WooCommerce Security & Risk Analysis

wordpress.org/plugins/chinads-dropshipping-taobao-woocommerce

Transfer data from Taobao products to WooCommerce effortlessly.

100 active installs v2.1.0 PHP 7.0+ WP 5.0+ Updated Nov 15, 2025
dropshiptaobaotaobao-dropshipingtaobaodropshipwoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is ChinaDS – Tmall-Taobao Dropshipping for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

ChinaDS – Tmall-Taobao Dropshipping for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago
Risk Assessment

The "chinads-dropshipping-taobao-woocommerce" plugin v2.1.0 exhibits a generally strong security posture based on the provided static analysis. The plugin demonstrates good practices by utilizing prepared statements for the vast majority of its SQL queries and ensuring proper output escaping for almost all outputs. The absence of direct file operations and a commendable number of nonce and capability checks further contribute to a secure foundation. The plugin also boasts a clean vulnerability history with no known CVEs, suggesting a history of security awareness and diligent patching if any issues have arisen.

However, the static analysis did reveal two critical taint flows. While the specific nature of these flows isn't detailed, their critical severity indicates potential for significant security risks if exploited. The presence of unsanitized paths in five flows also warrants attention, as these could be leveraged in path traversal or file inclusion vulnerabilities, especially if they interact with user-supplied input. The 18 AJAX handlers, although protected by authentication checks, represent a considerable attack surface, and any misconfigurations or overlooked vulnerabilities within them could still pose a risk. The inclusion of the Select2 library, while common, could also be a potential risk if it's an outdated version, though this isn't explicitly stated.

In conclusion, the plugin is well-developed from a security perspective, with a focus on preventing common vulnerabilities like raw SQL and unescaped output. The lack of a known CVE history is a significant positive. Nevertheless, the identified critical taint flows and unsanitized paths are significant concerns that must be thoroughly investigated and remediated to ensure the plugin's continued security.

Key Concerns

  • Critical severity taint flows found
  • Unsanitized paths in taint flows
  • Bundled library (Select2) potentially outdated
Vulnerabilities
None known

ChinaDS – Tmall-Taobao Dropshipping for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

ChinaDS – Tmall-Taobao Dropshipping for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
7
72 prepared
Unescaped Output
6
1082 escaped
Nonce Checks
33
Capability Checks
17
File Operations
0
External Requests
6
Bundled Libraries
1

Bundled Libraries

Select2

SQL Query Safety

91% prepared79 total queries

Output Escaping

99% escaped1088 total outputs
Data Flows
5 unsanitized

Data Flow Analysis

11 flows5 with unsanitized paths
load_variations_table (admin\import-list.php:326)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

ChinaDS – Tmall-Taobao Dropshipping for WooCommerce Attack Surface

Entry Points18
Unprotected0

AJAX Handlers 18

authwp_ajax_tbds_download_error_product_imagesadmin\error-images.php:17
authwp_ajax_tbds_delete_error_product_imagesadmin\error-images.php:18
authwp_ajax_tbds_load_variations_tableadmin\import-list.php:21
authwp_ajax_tbds_importadmin\import-list.php:22
authwp_ajax_tbds_removeadmin\import-list.php:23
authwp_ajax_tbds_overrideadmin\import-list.php:24
authwp_ajax_tbds_search_productadmin\import-list.php:25
authwp_ajax_tbds_save_attributesadmin\import-list.php:26
authwp_ajax_tbds_remove_attributeadmin\import-list.php:27
authwp_ajax_tbds_delete_productadmin\imported.php:19
authwp_ajax_tbds_trash_productadmin\imported.php:20
authwp_ajax_tbds_override_productadmin\imported.php:21
authwp_ajax_tbds_search_cateadmin\settings.php:26
authwp_ajax_tbds_search_tagsadmin\settings.php:27
authwp_ajax_vichinads_migrate_to_new_tableadmin\settings.php:28
authwp_ajax_vichinads_migrate_remove_old_dataadmin\settings.php:29
authwp_ajax_tbds_setup_install_pluginsinc\setup-wizard.php:19
authwp_ajax_tbds_setup_activate_pluginsinc\setup-wizard.php:20
WordPress Hooks 49
actionadmin_menuadmin\admin.php:11
actionadmin_noticesadmin\admin.php:12
filterset-screen-optionadmin\admin.php:13
actionrest_api_initadmin\api.php:18
filterwoocommerce_rest_is_request_to_rest_apiadmin\api.php:19
actionadmin_menuadmin\auth.php:11
filterwoocommerce_locate_templateadmin\auth.php:12
actionadmin_enqueue_scriptsadmin\auth.php:13
filtercron_schedulesadmin\background-process\wp-background-process.php:67
actioninitadmin\draft-product.php:11
actionadmin_initadmin\error-images.php:19
actioninitadmin\import-list.php:29
actionadmin_initadmin\import-list.php:30
actionadmin_headadmin\import-list.php:31
actionadmin_headadmin\imported.php:18
actiontransition_post_statusadmin\product.php:19
actiondeleted_postadmin\product.php:20
filterpost_row_actionsadmin\product.php:21
actionwoocommerce_product_after_variable_attributesadmin\product.php:22
actionwoocommerce_save_product_variationadmin\product.php:23
actionwoocommerce_product_options_pricingadmin\product.php:25
actionwoocommerce_process_product_meta_simpleadmin\product.php:26
actionadd_meta_boxesadmin\product.php:27
actionadmin_headadmin\recommend.php:18
actionadmin_noticesadmin\recommend.php:36
actioninitadmin\settings.php:20
actioninitadmin\settings.php:21
actiontbds_price_ruleadmin\settings.php:22
actiontbds_admin_field_video_guideadmin\settings.php:23
filtertbds_merge_external_options_before_saveadmin\settings.php:25
actionbefore_woocommerce_initchinads-taobao-dropshipping-for-woocommerce.php:58
actionplugins_loadedchinads-taobao-dropshipping-for-woocommerce.php:62
actioninitchinads-taobao-dropshipping-for-woocommerce.php:63
actionactivated_pluginchinads-taobao-dropshipping-for-woocommerce.php:167
actionadmin_enqueue_scriptsinc\enqueue.php:13
actionadmin_headinc\setup-wizard.php:18
filterbig_image_size_thresholdinc\utils.php:212
actionadmin_enqueue_scriptssupport\support.php:33
actionadmin_noticessupport\support.php:34
actionadmin_initsupport\support.php:35
actionadmin_menusupport\support.php:36
filterplugin_row_metasupport\support.php:38
actionadmin_initsupport\support.php:40
actionadmin_bar_menusupport\support.php:42
actionadmin_noticessupport\support.php:55
actionwp_dashboard_setupsupport\support.php:57
actionadmin_footersupport\support.php:697
actionadmin_bar_menusupport\support.php:831
actionadmin_noticessupport\support.php:978
Maintenance & Trust

ChinaDS – Tmall-Taobao Dropshipping for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedNov 15, 2025
PHP min version7.0
Downloads8K

Community Trust

Rating60/100
Number of ratings1
Active installs100
Alternatives

ChinaDS – Tmall-Taobao Dropshipping for WooCommerce Alternatives

AppScenic – Smart AI Dropshipping

AppScenic – Smart AI Dropshipping

appscenic

A
92

Expand your store catalogue with no upfront inventory cost. Source high-quality products from verified domestic suppliers and use AI in the process.

2K No CVEs
Ryviu – Product Reviews for WooCommerce

Ryviu – Product Reviews for WooCommerce

ryviu

B
78

Install Ryviu quickly and easily into your WordPress site. Boost eco-friendly eCommerce with trusted reviews and increased sales growth.

2K 1 unpatched
Dropify

Dropify

wc-dropi-integration

B
78

This plugin enables the import of products from the dropi platform to woocomerce

2K 1 unpatched
EPROLO-Dropshipping

EPROLO-Dropshipping

eprolo-dropshipping

A
98

EPROLO dropshipping allows to import products from Aliexpress or EPROLO to wordpress, woocommerce in one click.

1K 2 CVEs
FG PrestaShop to WooCommerce

FG PrestaShop to WooCommerce

fg-prestashop-to-woocommerce

A
99

A plugin to migrate PrestaShop e-commerce solution to WooCommerce

1K 2 CVEs
Developer Profile

ChinaDS – Tmall-Taobao Dropshipping for WooCommerce Developer Profile

VillaTheme

58 plugins · 167K total installs

78
trust score
Avg Security Score
99/100
Avg Patch Time
214 days
View full developer profile
Detection Fingerprints

How We Detect ChinaDS – Tmall-Taobao Dropshipping for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/chinads-dropshipping-taobao-woocommerce/assets/css/tbds-backend.css/wp-content/plugins/chinads-dropshipping-taobao-woocommerce/assets/js/tbds-backend.js/wp-content/plugins/chinads-dropshipping-taobao-woocommerce/assets/js/tbds-frontend.js
Script Paths
/wp-content/plugins/chinads-dropshipping-taobao-woocommerce/assets/js/tbds-backend.js/wp-content/plugins/chinads-dropshipping-taobao-woocommerce/assets/js/tbds-frontend.js
Version Parameters
chinads-dropshipping-taobao-woocommerce/assets/css/tbds-backend.css?ver=chinads-dropshipping-taobao-woocommerce/assets/js/tbds-backend.js?ver=chinads-dropshipping-taobao-woocommerce/assets/js/tbds-frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
tbds-auth-form
Data Attributes
tbds_consumer_keytbds_consumer_secret
FAQ

Frequently Asked Questions about ChinaDS – Tmall-Taobao Dropshipping for WooCommerce