WP-Safety

CODShield AI – Cash on Delivery (COD) Fraud Shield Security & Risk Analysis

wordpress.org/plugins/codshield-ai

Prevent fake COD orders with WhatsApp confirmations, fraud checks, and smart automation to reduce RTO and cancellations.

0 active installs v1.1.3 PHP 7.4+ WP 5.8+ Updated Feb 20, 2026
cash-on-deliverycodfraudwhatsappwoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is CODShield AI – Cash on Delivery (COD) Fraud Shield Safe to Use in 2026?

Generally Safe

Score 100/100

CODShield AI – Cash on Delivery (COD) Fraud Shield has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago
Risk Assessment

The "codshield-ai" plugin v1.1.3 exhibits a mixed security posture. On the positive side, it demonstrates good practices by using prepared statements for all SQL queries, having a high percentage of properly escaped output, and implementing nonce and capability checks in several areas. The absence of known CVEs and historically recorded vulnerabilities suggests a generally well-maintained codebase.

However, there are significant concerns stemming from the static analysis. The plugin exposes a total of three AJAX handlers, with two of them lacking any authentication checks. This represents a substantial attack surface that could be exploited by unauthenticated users. Furthermore, the taint analysis revealed four flows with unsanitized paths, indicating potential vulnerabilities related to how data is processed, even though no critical or high severity issues were flagged in this specific analysis.

While the vulnerability history is clean, the presence of unprotected AJAX endpoints and unsanitized data flows are immediate risks that should be addressed. The plugin's strengths lie in its SQL and output handling, but the identified entry points and taint issues necessitate attention to prevent potential security breaches.

Key Concerns

  • Unprotected AJAX handlers
  • Flows with unsanitized paths
Vulnerabilities
None known

CODShield AI – Cash on Delivery (COD) Fraud Shield Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

CODShield AI – Cash on Delivery (COD) Fraud Shield Release Timeline

v1.1.1
v1.1.0
v1.0.0
Code Analysis
Analyzed Mar 17, 2026

CODShield AI – Cash on Delivery (COD) Fraud Shield Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
16
134 escaped
Nonce Checks
5
Capability Checks
4
File Operations
0
External Requests
8
Bundled Libraries
0

Output Escaping

89% escaped150 total outputs
Data Flows · Security
4 unsanitized

Data Flow Analysis

7 flows4 with unsanitized paths
codshield_ai_expected_data_for_order (includes\admin-fraud-widget.php:392)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

CODShield AI – Cash on Delivery (COD) Fraud Shield Attack Surface

Entry Points3
Unprotected2

AJAX Handlers 3

authwp_ajax_codshield_ai_report_fraudincludes\admin-fraud-widget.php:291
authwp_ajax_codshield_save_license_dataincludes\functions.php:2715
authwp_ajax_codshield_deactivate_licenseincludes\functions.php:2790
WordPress Hooks 25
actionwp_enqueue_scriptscodshield-ai.php:44
actionadmin_enqueue_scriptscodshield-ai.php:53
actioninitcodshield-ai.php:120
filterwc_order_statusescodshield-ai.php:130
actionadd_meta_boxesincludes\admin-fraud-widget.php:58
actionwoocommerce_checkout_order_processedincludes\class-codshield-whatsapp-confirmation.php:48
actionwoocommerce_thankyouincludes\class-codshield-whatsapp-confirmation.php:50
actionwoocommerce_checkout_order_processedincludes\class-codshield-whatsapp-confirmation.php:52
actionwoocommerce_new_orderincludes\class-codshield-whatsapp-confirmation.php:54
actioninitincludes\class-codshield-whatsapp-confirmation.php:56
actiontemplate_redirectincludes\class-codshield-whatsapp-confirmation.php:57
filterwc_order_statusesincludes\class-codshield-whatsapp-confirmation.php:59
actioncodshield_setting_shipped_statusincludes\class-codshield-whatsapp-confirmation.php:246
actionadmin_initincludes\custom-api-sync.php:35
actionwoocommerce_thankyouincludes\custom-api-sync.php:165
actionadmin_initincludes\functions.php:27
actionadmin_menuincludes\functions.php:160
actionadmin_enqueue_scriptsincludes\functions.php:186
actionadmin_post_codshield_submit_support_ticketincludes\functions.php:2931
actionwoocommerce_thankyouincludes\order-sync.php:232
actionwoocommerce_checkout_order_processedincludes\order-sync.php:245
actionwoocommerce_order_status_changedincludes\order-sync.php:261
filterwoocommerce_order_actionsincludes\order-sync.php:277
actionwoocommerce_order_action_codshield_ai_send_to_apiincludes\order-sync.php:291
actionadmin_initincludes\settings-order-sync.php:21
Maintenance & Trust

CODShield AI – Cash on Delivery (COD) Fraud Shield Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 20, 2026
PHP min version7.4
Downloads888

Community Trust

Rating100/100
Number of ratings1
Active installs0
Alternatives

CODShield AI – Cash on Delivery (COD) Fraud Shield Alternatives

Smart Cash on Delivery Fraud Blocker & OTP Verification for WooCommerce

Smart Cash on Delivery Fraud Blocker & OTP Verification for WooCommerce

theforge-smart-cod-control-fraud-blocker-for-woocommerce

A
100

Stop fake COD orders before they ship. Smart rules, OTP phone verification, and fraud analytics — all in one plugin.

0 No CVEs
Smart COD for WooCommerce

Smart COD for WooCommerce

wc-smart-cod

A
100

All the COD restrictions and extra fees you'll ever need, in a single plugin.

30K No CVEs
PiWeb Disable payment method / Partial payment for WooCommerce

PiWeb Disable payment method / Partial payment for WooCommerce

disable-payment-method-for-woocommerce

A
100

Disable payment method for WooCommerce, Charge WooCommerce Payment processing FEES, Take Partial payment for Order, Advance COD or Partial payment for …

4K No CVEs
Risk Free Cash On Delivery (COD) – WooCommerce

Risk Free Cash On Delivery (COD) – WooCommerce

risk-free-cash-on-delivery-cod-woocommerce

C
63

This plugin secures your Cash on delivery orders with an advance Payment option, with an additional feature of Extra fees and Restrictions.

500 1 unpatched
Check Pincode For WooCommerce

Check Pincode For WooCommerce

check-pincode-for-woocommerce

A
99

Let WooCommerce shoppers check delivery availability, estimated delivery date, and Cash on Delivery status by entering their pincode / zip code / post …

400 1 CVE
Developer Profile

CODShield AI – Cash on Delivery (COD) Fraud Shield Developer Profile

zipnom

1 plugin · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect CODShield AI – Cash on Delivery (COD) Fraud Shield

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/codshield-ai/assets/css/style.css/wp-content/plugins/codshield-ai/assets/css/admin.css/wp-content/plugins/codshield-ai/assets/js/admin.js
Script Paths
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
Version Parameters
codshield-ai/style.css?ver=codshield-ai/admin.css?ver=codshield-ai/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
codshield-ai-admin-wrap
HTML Comments
CODShield AI Admin SettingsCODShield AI License Settings
Data Attributes
data-codshield-urldata-codshield-nonce
JS Globals
codshield_ajax
REST Endpoints
/wp-json/codshield-ai/v1/order/status/wp-json/codshield-ai/v1/order/sync
FAQ

Frequently Asked Questions about CODShield AI – Cash on Delivery (COD) Fraud Shield