Combidesk – QuickBooks for WooCommerce Security & Risk Analysis

wordpress.org/plugins/combidesk-quickbooks

This integration automatically exchanges important data between WooCommerce and QuickBooks. This saves time, you never have to do duplicate work again …

0 active installs v1.29 PHP 5.2.4+ WP 4.9+ Updated Jan 21, 2026
quickbookswoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Combidesk – QuickBooks for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Combidesk – QuickBooks for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5mo ago
Risk Assessment

Based on the provided static analysis and vulnerability history, the "combidesk-quickbooks" plugin version 1.29 presents a generally strong security posture. The lack of any identified entry points such as AJAX handlers, REST API routes, shortcodes, or cron events significantly reduces the potential attack surface. Furthermore, the absence of dangerous functions, file operations, and external HTTP requests contributes to a secure codebase. The fact that all SQL queries are prepared and a high percentage of outputs are properly escaped are also positive indicators of good security practices.

However, the analysis does reveal some areas for concern. The complete absence of nonce checks and capability checks on the identified entry points (even though there are zero), combined with the lack of taint analysis data, suggests that while the attack surface is currently minimal, any future expansion or modification without implementing these fundamental security measures could introduce vulnerabilities. The vulnerability history being completely clean is a positive sign, but it doesn't guarantee future security, especially if the plugin's development practices lack robust security checks.

In conclusion, the "combidesk-quickbooks" plugin v1.29 appears to be a secure plugin at this version, largely due to its limited attack surface and adherence to basic secure coding practices for the components that do exist. The primary weakness lies in the potential for future vulnerabilities if new entry points are introduced without proper authentication and authorization checks. The plugin's clean vulnerability history is a strength, but the lack of detailed taint analysis and the absence of critical security checks like nonces and capabilities on its zero entry points warrant a cautious approach to future development.

Key Concerns

  • No nonce checks identified
  • No capability checks identified
  • No taint analysis data provided
  • Some output escaping is not proper
Vulnerabilities
None known

Combidesk – QuickBooks for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Combidesk – QuickBooks for WooCommerce Release Timeline

v1.29Current
v1.28
v1.26
v1.25
v1.23
v1.22
v1.21
v1.20
v1.19
v1.18
v1.17
v1.16
Code Analysis
Analyzed Apr 16, 2026

Combidesk – QuickBooks for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
1
3 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

75% escaped4 total outputs
Attack Surface

Combidesk – QuickBooks for WooCommerce Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 4
actionadmin_menuclasses/class-application.php:16
actionadmin_enqueue_scriptsclasses/class-application.php:17
actioninitclasses/class-application.php:18
actionbefore_woocommerce_initclasses/class-application.php:19
Maintenance & Trust

Combidesk – QuickBooks for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 21, 2026
PHP min version5.2.4
Downloads3K

Community Trust

Rating0/100
Number of ratings0
Active installs0
Developer Profile

Combidesk – QuickBooks for WooCommerce Developer Profile

combidesk

9 plugins · 270 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Combidesk – QuickBooks for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/combidesk-quickbooks/assets/scss/combidesk.min.scss

HTML / DOM Fingerprints

CSS Classes
combidesk__cta-form
JS Globals
window.intercomSettings
FAQ

Frequently Asked Questions about Combidesk – QuickBooks for WooCommerce