Does Delivery Drivers for Vendors have any unpatched vulnerabilities?

No. All known vulnerabilities in Delivery Drivers for Vendors have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Delivery Drivers for Vendors compatible with WordPress 6.8.5?

According to WordPress.org data, Delivery Drivers for Vendors 1.1.4 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Delivery Drivers for Vendors compatible with PHP 5.6+?

Delivery Drivers for Vendors requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Delivery Drivers for Vendors updated?

Delivery Drivers for Vendors was last updated on May 17, 2025. Frequent updates are generally a positive security signal.

What is Delivery Drivers for Vendors's security score?

Delivery Drivers for Vendors has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Delivery Drivers for Vendors Security & Risk Analysis

wordpress.org/plugins/delivery-drivers-for-vendors

Let your WooCommerce marketplace vendors manage their drivers, assign drivers to orders, routes, reports, commission, and more!

30 active installs v1.1.4 PHP 5.6+ WP 4.5+ Updated May 17, 2025

courierdeliverydelivery-managervendorswoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Delivery Drivers for Vendors Safe to Use in 2026?

Generally Safe

Score 100/100

Delivery Drivers for Vendors has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10mo ago

Risk Assessment

The "delivery-drivers-for-vendors" plugin v1.1.4 exhibits a mixed security posture. On the positive side, it demonstrates strong practices in SQL query handling, utilizing prepared statements exclusively, and has a high percentage of properly escaped output, significantly reducing the risk of SQL injection and XSS vulnerabilities. The presence of numerous nonce and capability checks, alongside the absence of known historical vulnerabilities, suggests a developer conscious of security. However, a notable concern lies in the attack surface. Two AJAX handlers are present, and critically, both lack authentication checks. This creates direct entry points for unauthenticated users to interact with potentially sensitive plugin functionality, which could be exploited if these handlers are not robustly sanitized internally. The taint analysis also revealed four flows with unsanitized paths, although these were not classified as critical or high severity. This indicates a potential for subtle vulnerabilities that might not be immediately apparent. In conclusion, while the plugin has strong fundamentals in data handling and a clean vulnerability history, the unauthenticated AJAX endpoints represent a significant weakness that requires immediate attention to prevent potential exploits.

Key Concerns

AJAX handlers without authentication checks
Flows with unsanitized paths (4)

Vulnerabilities

None known

Delivery Drivers for Vendors Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Delivery Drivers for Vendors Code Analysis

Dangerous Functions

Raw SQL Queries

44 prepared

Unescaped Output

588 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Freemius1.0

SQL Query Safety

100% prepared44 total queries

Output Escaping

95% escaped617 total outputs

Data Flows

4 unsanitized

Data Flow Analysis

7 flows4 with unsanitized paths

ddfwm_ajax (admin\class-ddfwm-admin.php:118)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

Delivery Drivers for Vendors Attack Surface

Entry Points2

Unprotected2

AJAX Handlers 2

authwp_ajax_ddfwm_ajaxincludes\class-ddfwm.php:200

noprivwp_ajax_ddfwm_ajaxincludes\class-ddfwm.php:201

WordPress Hooks 24

actionadmin_noticesadmin\class-ddfwm-admin.php:312

actionbefore_woocommerce_initdelivery-drivers-for-vendors.php:32

actionplugins_loadeddelivery-drivers-for-vendors.php:436

filterquery_varsdelivery-drivers-for-vendors.php:494

actionadmin_noticesdelivery-drivers-for-vendors.php:504

actionadmin_noticesdelivery-drivers-for-vendors.php:519

actionlddfw_fs_loadeddelivery-drivers-for-vendors.php:532

actionplugins_loadeddelivery-drivers-for-vendors.php:540

actionadmin_enqueue_scriptsincludes\class-ddfwm.php:184

actionadmin_enqueue_scriptsincludes\class-ddfwm.php:185

filtermanage_users_columnsincludes\class-ddfwm.php:189

filtermanage_users_custom_columnincludes\class-ddfwm.php:190

actionadmin_initincludes\class-ddfwm.php:205

actionshow_user_profileincludes\class-ddfwm.php:209

actionedit_user_profileincludes\class-ddfwm.php:210

actionpersonal_options_updateincludes\class-ddfwm.php:211

actionedit_user_profile_updateincludes\class-ddfwm.php:212

filterlddfw_set_order_commissionincludes\class-ddfwm.php:216

filterlddfw_get_driver_sellerincludes\class-ddfwm.php:226

filterlddfw_assign_driver_permissionincludes\class-ddfwm.php:233

actionadmin_menuincludes\class-ddfwm.php:243

actiontemplate_redirectincludes\class-ddfwm.php:261

actionwp_enqueue_scriptsincludes\class-ddfwm.php:269

actionwp_enqueue_scriptsincludes\class-ddfwm.php:270

Maintenance & Trust

Delivery Drivers for Vendors Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedMay 17, 2025

PHP min version5.6

Downloads5K

Community Trust

Rating0/100

Number of ratings0

Active installs30

Alternatives

Delivery Drivers for Vendors Alternatives

Local Delivery Drivers for WooCommerce

local-delivery-drivers-for-woocommerce

Improve the way you deliver, manage drivers, assign drivers to orders, send WhatsApp, SMS, and email notifications, route planning, navigation & more!

1K 1 CVE

Woot

woot-ro

100

Unified shipping solution for WooCommerce. Integrates all popular couriers in Romania with real-time pricing and pickup point selection.

100 No CVEs

Uber Direct Integration

uber-direct-delivery-integration

100

Offer instant or scheduled delivery from your WooCommerce store with real-time quotes and Uber Direct integration

60 No CVEs

UDW Delivery – Uber Direct for WooCommerce

udwdelivery

Delivery service for WooCommerce integrating with Uber Direct API.

40 No CVEs

Delivery Drivers Manager

delivery-drivers-manager

100

Let your staff or third-party logistics companies manage your delivery drivers with a front-hand mobile-friendly dashboard.

30 No CVEs

Developer Profile

Delivery Drivers for Vendors Developer Profile

powerfulwp

8 plugins · 3K total installs

trust score

Avg Security Score

100/100

Avg Patch Time

17 days

View full developer profile

Detection Fingerprints

How We Detect Delivery Drivers for Vendors

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/delivery-drivers-for-vendors/assets/css/bootstrap.min.css/wp-content/plugins/delivery-drivers-for-vendors/assets/css/ddfwm-admin-style.css/wp-content/plugins/delivery-drivers-for-vendors/assets/css/ddfwm-frontend.css/wp-content/plugins/delivery-drivers-for-vendors/assets/css/ddfwm-vendors-style.css/wp-content/plugins/delivery-drivers-for-vendors/assets/js/admin.js/wp-content/plugins/delivery-drivers-for-vendors/assets/js/bootstrap.min.js/wp-content/plugins/delivery-drivers-for-vendors/assets/js/ddfwm-frontend.js/wp-content/plugins/delivery-drivers-for-vendors/assets/js/ddfwm-vendors.js+1 more

Script Paths

/wp-content/plugins/delivery-drivers-for-vendors/assets/js/bootstrap.min.js/wp-content/plugins/delivery-drivers-for-vendors/assets/js/ddfwm-frontend.js/wp-content/plugins/delivery-drivers-for-vendors/assets/js/vendor/jquery-3.4.1.min.js

Version Parameters

delivery-drivers-for-vendors/assets/css/bootstrap.min.css?ver=delivery-drivers-for-vendors/assets/css/ddfwm-admin-style.css?ver=delivery-drivers-for-vendors/assets/css/ddfwm-frontend.css?ver=delivery-drivers-for-vendors/assets/css/ddfwm-vendors-style.css?ver=delivery-drivers-for-vendors/assets/js/admin.js?ver=delivery-drivers-for-vendors/assets/js/bootstrap.min.js?ver=delivery-drivers-for-vendors/assets/js/ddfwm-frontend.js?ver=delivery-drivers-for-vendors/assets/js/ddfwm-vendors.js?ver=delivery-drivers-for-vendors/assets/js/vendor/jquery-3.4.1.min.js?ver=

HTML / DOM Fingerprints

CSS Classes

ddfwm_premium_featureddfwm_premium_iconlddfw_premium-featurelddfw_lightboxlddfw_lightbox_wraplddfw_lightbox_closeddfwm_star_button

HTML Comments

Currently plugin version.Start at version 1.0.0 and use SemVer - https://semver.orgDefine delivery driver page id.Define plugin folder name.+10 more

Data Attributes

data-prefixdata-icon

JS Globals

ddfwm_fsddfwm_plugin_basenameddfwm_plugin_basename_arrayddfwm_plugin_folderddfwm_vendors_pageDDFWM_VERSION+2 more

FAQ