Does Delivery Drivers Manager have any unpatched vulnerabilities?

No. All known vulnerabilities in Delivery Drivers Manager have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Delivery Drivers Manager compatible with WordPress 6.8.5?

According to WordPress.org data, Delivery Drivers Manager 1.2.4 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Delivery Drivers Manager compatible with PHP 5.6+?

Delivery Drivers Manager requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Delivery Drivers Manager updated?

Delivery Drivers Manager was last updated on May 17, 2025. Frequent updates are generally a positive security signal.

What is Delivery Drivers Manager's security score?

Delivery Drivers Manager has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Delivery Drivers Manager Security & Risk Analysis

wordpress.org/plugins/delivery-drivers-manager

Let your staff or third-party logistics companies manage your delivery drivers with a front-hand mobile-friendly dashboard.

30 active installs v1.2.4 PHP 5.6+ WP 4.5+ Updated May 17, 2025

deliverydelivery-managerdriversshippingwoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Delivery Drivers Manager Safe to Use in 2026?

Generally Safe

Score 100/100

Delivery Drivers Manager has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10mo ago

Risk Assessment

The "delivery-drivers-manager" v1.2.4 plugin exhibits a mixed security posture. On the positive side, the plugin demonstrates strong practices in database interaction, utilizing prepared statements for all SQL queries, and a high percentage of outputs are properly escaped, significantly reducing the risk of common cross-site scripting vulnerabilities. The absence of known CVEs and a clean vulnerability history further suggest a generally well-maintained codebase. However, a significant concern arises from the static analysis results, which reveal two AJAX handlers that lack authentication checks. This presents a direct attack vector, as any unauthenticated user could potentially trigger these functions, leading to unintended actions or information disclosure.

The taint analysis, while not revealing critical or high severity issues, did identify two flows with unsanitized paths. Although not explicitly flagged as vulnerabilities in this analysis, this warrants attention as unsanitized paths can sometimes be leveraged in more complex attack chains. The presence of bundled libraries, specifically Freemius v1.0, while not inherently a security risk, suggests a potential for outdated components if not regularly updated by the plugin developers.

In conclusion, while the plugin scores well on database security and output sanitization, the unprotected AJAX endpoints are a substantial weakness that requires immediate attention. The limited number of identified unsanitized paths and the clean vulnerability history are positive indicators, but the two unprotected AJAX entry points create a clear and present risk that overshadows these strengths.

Key Concerns

Unprotected AJAX handlers
Flows with unsanitized paths
Bundled outdated library (Freemius v1.0)

Vulnerabilities

None known

Delivery Drivers Manager Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Delivery Drivers Manager Code Analysis

Dangerous Functions

Raw SQL Queries

52 prepared

Unescaped Output

558 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Freemius1.0

SQL Query Safety

100% prepared52 total queries

Output Escaping

93% escaped600 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

6 flows2 with unsanitized paths

pwddm_edit_driver_service (includes\class-pwddm-driver.php:446)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

Delivery Drivers Manager Attack Surface

Entry Points2

Unprotected2

AJAX Handlers 2

authwp_ajax_pwddm_ajaxincludes\class-pwddm.php:198

noprivwp_ajax_pwddm_ajaxincludes\class-pwddm.php:199

WordPress Hooks 24

actionadmin_noticesadmin\class-pwddm-admin.php:304

actionbefore_woocommerce_initdelivery-drivers-manager.php:33

actionplugins_loadeddelivery-drivers-manager.php:397

filterquery_varsdelivery-drivers-manager.php:410

actionadmin_noticesdelivery-drivers-manager.php:435

actionlddfw_fs_loadeddelivery-drivers-manager.php:444

actionplugins_loadeddelivery-drivers-manager.php:452

actionadmin_enqueue_scriptsincludes\class-pwddm.php:182

actionadmin_enqueue_scriptsincludes\class-pwddm.php:183

filtermanage_users_columnsincludes\class-pwddm.php:187

filtermanage_users_custom_columnincludes\class-pwddm.php:188

actionadmin_initincludes\class-pwddm.php:203

actionshow_user_profileincludes\class-pwddm.php:207

actionedit_user_profileincludes\class-pwddm.php:208

actionpersonal_options_updateincludes\class-pwddm.php:209

actionedit_user_profile_updateincludes\class-pwddm.php:210

actionlddfw_driver_fieldsincludes\class-pwddm.php:211

filterlddfw_set_order_commissionincludes\class-pwddm.php:221

filterlddfw_get_driver_sellerincludes\class-pwddm.php:231

filterlddfw_assign_driver_permissionincludes\class-pwddm.php:238

actionadmin_menuincludes\class-pwddm.php:248

actiontemplate_redirectincludes\class-pwddm.php:266

actionwp_enqueue_scriptsincludes\class-pwddm.php:274

actionwp_enqueue_scriptsincludes\class-pwddm.php:275

Maintenance & Trust

Delivery Drivers Manager Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedMay 17, 2025

PHP min version5.6

Downloads4K

Community Trust

Rating0/100

Number of ratings0

Active installs30

Alternatives

Delivery Drivers Manager Alternatives

Local Delivery Drivers for WooCommerce

local-delivery-drivers-for-woocommerce

Improve the way you deliver, manage drivers, assign drivers to orders, send WhatsApp, SMS, and email notifications, route planning, navigation & more!

1K 1 CVE

Claudio Sanches – Correios for WooCommerce

woocommerce-correios

Integration between the Correios and WooCommerce

30K No CVEs

Shiprocket

shiprocket

Auto Sync your Woocommerce store orders & ship them at lowest shipping rates. Automate your shipping, save time & money.

10K 1 unpatched

MyParcel

woocommerce-myparcel

Export your WooCommerce orders to MyParcel (www.myparcel.nl) and print labels directly from the WooCommerce admin

9K 1 CVE

YITH WooCommerce Order & Shipment Tracking

yith-woocommerce-order-tracking

Add an easy tool to manage order shipping information of your shop and to notified your customers about the shipping.

7K 1 CVE

Developer Profile

Delivery Drivers Manager Developer Profile

powerfulwp

8 plugins · 3K total installs

trust score

Avg Security Score

100/100

Avg Patch Time

17 days

View full developer profile

Detection Fingerprints

How We Detect Delivery Drivers Manager

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/delivery-drivers-manager/assets/css/pwddm-admin.css/wp-content/plugins/delivery-drivers-manager/assets/css/pwddm-frontend.css/wp-content/plugins/delivery-drivers-manager/assets/js/pwddm-admin.js/wp-content/plugins/delivery-drivers-manager/assets/js/pwddm-frontend.js

Version Parameters

delivery-drivers-manager/assets/css/pwddm-admin.css?ver=delivery-drivers-manager/assets/css/pwddm-frontend.css?ver=delivery-drivers-manager/assets/js/pwddm-admin.js?ver=delivery-drivers-manager/assets/js/pwddm-frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes

pwddm_premium_icon

JS Globals

pwddm_fs

FAQ