Does DDelivery WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in DDelivery WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is DDelivery WooCommerce compatible with WordPress 4.9.29?

According to WordPress.org data, DDelivery WooCommerce 1.0.5 has been tested up to WordPress 4.9.29. Check the plugin's changelog for the latest compatibility information.

How often is DDelivery WooCommerce updated?

DDelivery WooCommerce was last updated on Nov 9, 2018. Frequent updates are generally a positive security signal.

What is DDelivery WooCommerce's security score?

DDelivery WooCommerce has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

DDelivery WooCommerce Security & Risk Analysis

wordpress.org/plugins/ddelivery-woocommerce

Модуль для быстрой интеграции виджета DDelivery в магазин на основе WooCommerce. https://ddelivery.ru/

10 active installs v1.0.5 PHP + WP 4.9+ Updated Nov 9, 2018

ddelivery%d0%b4%d0%be%d1%81%d1%82%d0%b0%d0%b2%d0%ba%d0%b0shippingshopwoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is DDelivery WooCommerce Safe to Use in 2026?

Generally Safe

Score 85/100

DDelivery WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7yr ago

Risk Assessment

The 'ddelivery-woocommerce' v1.0.5 plugin exhibits a generally good security posture regarding its attack surface and database interactions. There are no recorded CVEs or known vulnerabilities, and all SQL queries utilize prepared statements, which is a strong indicator of safe database handling. The absence of a large attack surface via AJAX, REST API, shortcodes, or cron events is also positive. However, the static analysis reveals significant concerns. The output escaping is only 40% proper, meaning a substantial portion of output is potentially vulnerable to cross-site scripting (XSS) attacks. Furthermore, the taint analysis indicates two flows with unsanitized paths, and while reported as critical/high severity 0, this still suggests potential for issues if these paths were to interact with user input. The complete lack of nonce and capability checks on all entry points is a critical oversight, exposing the plugin to potential unauthorized actions and CSRF vulnerabilities if any entry points were to be discovered or added in the future.

Key Concerns

Low percentage of properly escaped output
Taint flows with unsanitized paths
No nonce checks
No capability checks

Vulnerabilities

None known

DDelivery WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

DDelivery WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

2 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

40% escaped5 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

_adminSettingsPage (includes\DDeliveryWooCommerceAdmin.php:61)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

DDelivery WooCommerce Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 17

actionwoocommerce_initincludes\DDeliveryWooCommerce.php:99

actionwoocommerce_checkout_before_customer_detailsincludes\DDeliveryWooCommerce.php:108

filterwoocommerce_checkout_fieldsincludes\DDeliveryWooCommerce.php:113

filterwoocommerce_add_errorincludes\DDeliveryWooCommerce.php:124

actionwoocommerce_checkout_update_order_metaincludes\DDeliveryWooCommerce.php:192

actionadmin_initincludes\DDeliveryWooCommerceAdmin.php:38

actionadd_meta_boxesincludes\DDeliveryWooCommerceAdmin.php:88

actionadmin_menuincludes\DDeliveryWooCommerceAdmin.php:116

actionload-post.phpincludes\DDeliveryWooCommerceAdmin.php:118

filterwoocommerce_payment_gatewaysincludes\DDeliveryWooCommercePaymentMethod.php:73

actionplugins_loadedincludes\DDeliveryWooCommercePaymentMethod.php:74

actionrest_api_initincludes\DDeliveryWooCommerceSdkApi.php:147

actionedit_postincludes\DDeliveryWooCommerceSdkApi.php:169

filterwoocommerce_package_ratesincludes\DDeliveryWooCommerceShippingMethod.php:70

filterwoocommerce_shipping_methodsincludes\DDeliveryWooCommerceShippingMethod.php:84

actionwoocommerce_shipping_initincludes\DDeliveryWooCommerceShippingMethod.php:85

actionrest_api_initincludes\DDeliveryWooCommerceWidgetApi.php:79

Maintenance & Trust

DDelivery WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29

Last updatedNov 9, 2018

PHP min version

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

DDelivery WooCommerce Alternatives

FG PrestaShop to WooCommerce

fg-prestashop-to-woocommerce

A plugin to migrate PrestaShop e-commerce solution to WooCommerce

1K 2 CVEs

Shipping Viet Nam WooCommerce

shipping-viet-nam-woocommerce

Plugin hỗ trợ toàn diện giao vận tại Việt Nam cho WooCommerce. Khách hàng chủ động chọn đơn vị giao vận và các gói giao vận ( Nhanh, Chuẩn, Tiết Kiệm ) tuỳ theo hầu bao của mình, việc này tạo sự tin tưởng cho người mua vì công khai chi phí ship giúp tăng tỉ lệ đặt hàng cho quản trị shop. Quản trị shop dễ dàng đăng vận đơn lên các đơn vị giao vận tuỳ theo lựa chọn của khách hàng khi đặt hàng chỉ với 1 Click, cùng với đó là tra cứu trạng thái vận đơn ngay từ trang quản trị.

200 No CVEs

SafeRoute WooCommerce

saferoute-woocommerce

Плагин для быстрой интеграции виджета доставки SafeRoute в магазины на основе WooCommerce.

60 No CVEs

Kronos Express Shipping for WooCommerce

bse-kronosexpress-shipping-woocommerce

100

Kronos Express Shipping for WooCommerce

10 No CVEs

Freightview for WooCommerce

freightview-for-woocommerce

100

Give your customers real freight quotes from your WooCommerce store with Freightview.

10 No CVEs

Developer Profile

DDelivery WooCommerce Developer Profile

Dmitry

2 plugins · 70 total installs

trust score

Avg Security Score

89/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect DDelivery WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/ddelivery-woocommerce/assets/common.css/wp-content/plugins/ddelivery-woocommerce/assets/dd-widget-init.js

Script Paths

https://ddelivery.ru/front/widget-cart/public/api.js

HTML / DOM Fingerprints

JS Globals

DD_WIDGET

REST Endpoints

/wp-json/ddelivery-api/statuses.json/wp-json/ddelivery-api/payment-methods.json/wp-json/ddelivery-api/traffic-orders.json/wp-json/ddelivery-woocommerce-widget/sdk

FAQ

DDelivery WooCommerce Security & Risk Analysis

Is DDelivery WooCommerce Safe to Use in 2026?

Generally Safe

Key Concerns

DDelivery WooCommerce Security Vulnerabilities

DDelivery WooCommerce Code Analysis

Output Escaping

Data Flow Analysis

DDelivery WooCommerce Attack Surface

DDelivery WooCommerce Maintenance & Trust

Maintenance Signals

Community Trust

DDelivery WooCommerce Alternatives

FG PrestaShop to WooCommerce

Shipping Viet Nam WooCommerce

SafeRoute WooCommerce

Kronos Express Shipping for WooCommerce

Freightview for WooCommerce

DDelivery WooCommerce Developer Profile

How We Detect DDelivery WooCommerce

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about DDelivery WooCommerce