Does EnvíoPack (Chile) have any unpatched vulnerabilities?

No. All known vulnerabilities in EnvíoPack (Chile) have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is EnvíoPack (Chile) compatible with WordPress 6.6.5?

According to WordPress.org data, EnvíoPack (Chile) 1.0.16 has been tested up to WordPress 6.6.5. Check the plugin's changelog for the latest compatibility information.

Is EnvíoPack (Chile) compatible with PHP 7.0+?

EnvíoPack (Chile) requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is EnvíoPack (Chile) updated?

EnvíoPack (Chile) was last updated on Unknown. Frequent updates are generally a positive security signal.

What is EnvíoPack (Chile)'s security score?

EnvíoPack (Chile) has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

EnvíoPack (Chile) Security & Risk Analysis

wordpress.org/plugins/enviopack

Logística de alto desempeño para empresas que no pueden fallar.

0 active installs v1.0.16 PHP 7.0+ WP 5.4+ Updated Unknown

downloadableecommercelogisticsstorewoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is EnvíoPack (Chile) Safe to Use in 2026?

Generally Safe

Score 100/100

EnvíoPack (Chile) has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The "enviopack" v1.0.16 plugin exhibits a concerning security posture primarily due to a significant number of unprotected entry points. While the plugin utilizes prepared statements for all SQL queries and a high percentage of its output is properly escaped, the presence of 6 AJAX handlers without authentication checks presents a substantial attack surface. This means that any unauthenticated user could potentially interact with these handlers, leading to unintended consequences if they can be manipulated. The code analysis also identified the use of the `unserialize` function, which, when combined with unprotected entry points, could lead to Remote Code Execution vulnerabilities if an attacker can control the serialized data passed to it. The absence of any recorded vulnerabilities in its history might suggest either a lack of past auditing or a fortunate track record, but it does not negate the risks identified in the current static analysis. The plugin's strengths lie in its database query security and output escaping, but these are overshadowed by the critical exposure of its AJAX endpoints. Therefore, immediate attention is required to secure these entry points.

Key Concerns

Unprotected AJAX handlers
Dangerous function 'unserialize' used
Lack of nonce checks on AJAX handlers
Limited capability checks

Vulnerabilities

None known

EnvíoPack (Chile) Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

EnvíoPack (Chile) Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

69 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$shipment = unserialize($order->get_meta('enviopack_shipment', true));enviopack.php:173

unserialize$shipment_info = unserialize($order->get_meta('enviopack_shipping_info', true));enviopack.php:175

unserialize$shipment_info = unserialize($order->get_meta('enviopack_confirmed_shipment', true));enviopack.php:643

unserialize$shipping_method = unserialize($order->get_meta('enviopack_shipping_info', true));utils.php:227

unserialize$shipping_method = unserialize($order->get_meta('enviopack_shipping_info', true));utils.php:328

unserializeif (!empty($order->get_meta('enviopack_confirmed_shipment', true)) && unserialize($order->get_meta('utils.php:359

Output Escaping

92% escaped75 total outputs

Data Flows

1 unsanitized

Data Flow Analysis

4 flows1 with unsanitized paths

enviopack_notices (utils.php:710)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

6 unprotected

EnvíoPack (Chile) Attack Surface

Entry Points7

Unprotected6

AJAX Handlers 6

authwp_ajax_get_officeshooks.php:21

noprivwp_ajax_get_officeshooks.php:22

authwp_ajax_set_officehooks.php:23

authwp_ajax_get_comunashooks.php:24

noprivwp_ajax_get_comunashooks.php:25

noprivwp_ajax_set_officehooks.php:26

Shortcodes 1

[enviopack_tracking] hooks.php:56

WordPress Hooks 29

actionwoocommerce_update_options_shipping_enviopackenviopack-method.php:32

actionadmin_inithooks.php:8

actionadmin_menuhooks.php:9

actionadmin_enqueue_scriptshooks.php:10

actionwoocommerce_shipping_inithooks.php:13

filterwoocommerce_shipping_methodshooks.php:14

actionwoocommerce_review_order_before_submithooks.php:17

actionwoocommerce_after_checkout_billing_formhooks.php:18

actionwoocommerce_checkout_processhooks.php:19

actionwoocommerce_checkout_update_order_metahooks.php:20

filterwoocommerce_cart_shipping_method_full_labelhooks.php:27

filterwoocommerce_checkout_update_order_reviewhooks.php:28

filterwoocommerce_stateshooks.php:30

filterwoocommerce_default_address_fieldshooks.php:32

filterdefault_checkout_billing_countryhooks.php:33

actionwoocommerce_order_status_changedhooks.php:37

actionadd_meta_boxeshooks.php:39

actionwoocommerce_process_shop_order_metahooks.php:40

filterwoocommerce_admin_order_actionshooks.php:41

actionadmin_enqueue_scriptshooks.php:42

filterwoocommerce_order_actionshooks.php:43

filterwoocommerce_order_action_ep_process_orderhooks.php:44

actionsave_posthooks.php:49

filterbulk_actions-edit-producthooks.php:50

filterhandle_bulk_actions-edit-producthooks.php:51

actionwoocommerce_show_admin_noticehooks.php:52

actionwoocommerce_api_ecom-enviopackhooks.php:59

filtergettextwoocommerce-enviopack.php:35

filterngettextwoocommerce-enviopack.php:36

Maintenance & Trust

EnvíoPack (Chile) Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5

Last updatedUnknown

PHP min version7.0

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

EnvíoPack (Chile) Alternatives

Envíopack (Argentina)

enviopack-argentina

100

Logística de alto desempeño para empresas que no pueden fallar.

90 No CVEs

StoreCustomizer – A plugin to Customize all WooCommerce Pages

woocustomizer

A store editor plugin for editing all WooCommerce store and product pages, cart, checkout and user account pages, all within the WordPress Customizer

20K 1 unpatched

Storefront Product Sharing

storefront-product-sharing

Add attractive social sharing icons for Facebook, Twitter, Pinterest and Email to your product pages.

5K No CVEs

Storefront Footer Bar

storefront-footer-bar

Add a full width widgetised region above the default Storefront footer widget area.

3K No CVEs

Storefront Hamburger Menu

storefront-hamburger-menu

Storefront Hamburger Menu turns the default handheld navigation into an off-screen sidebar menu with a "hamburger" toggle.

2K No CVEs

Developer Profile

EnvíoPack (Chile) Developer Profile

Enviopack

2 plugins · 90 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect EnvíoPack (Chile)

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/enviopack/assets/css/enviopack-admin.css/wp-content/plugins/enviopack/assets/js/enviopack-admin.js

Version Parameters

enviopack/assets/css/enviopack-admin.css?ver=enviopack/assets/js/enviopack-admin.js?ver=

HTML / DOM Fingerprints

JS Globals

enviopack_data

REST Endpoints

/wp-json/enviopack/

FAQ