WP-Safety

[Niewspierana wersja – sprawdź nową] epaka.pl – Integracja z WooCommerce Security & Risk Analysis

wordpress.org/plugins/epaka-pl

Integracja Woocommerce z epaka.pl. Składanie zamówień, generowanie etykiet, tracking przesyłek, mapa puntów odbioru dla klientów sklepu oraz o wiele w …

200 active installs v1.1.7 PHP 5.6+ WP 6.0+ Updated Jun 9, 2025
courierdeliverykurierpaczkishipping
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is [Niewspierana wersja – sprawdź nową] epaka.pl – Integracja z WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

[Niewspierana wersja – sprawdź nową] epaka.pl – Integracja z WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10mo ago
Risk Assessment

The "epaka-pl" plugin v1.1.7 exhibits a mixed security posture. On the positive side, it demonstrates good practices by using prepared statements for all SQL queries and does not appear to have any known vulnerabilities (CVEs) recorded. This suggests a level of diligence in addressing security flaws. However, several concerning aspects emerge from the static analysis. A significant attack surface is exposed through REST API routes, with 7 out of 23 routes lacking permission callbacks, making them potentially accessible without proper authentication. Furthermore, the taint analysis revealed that all 8 analyzed flows involve unsanitized paths, indicating a risk of directory traversal or similar vulnerabilities if these flows are not handled carefully.

The lack of nonce checks and capability checks on the identified entry points, coupled with a low percentage of properly escaped output (56%), raises further concerns. While there are no explicitly flagged dangerous functions or file operations, the presence of unsanitized paths and unprotected REST API routes suggests potential avenues for attackers. The absence of vulnerability history is a positive sign, but it does not negate the risks identified in the current code analysis, particularly the unprotected entry points and unsanitized data flows.

In conclusion, "epaka-pl" v1.1.7 has strengths in its SQL handling and lack of historical vulnerabilities. However, the substantial number of unprotected REST API routes and the critical issue of unsanitized paths across all analyzed flows present significant security risks. The low rate of proper output escaping also contributes to the overall risk. Immediate attention should be given to securing the exposed REST API endpoints and sanitizing the identified data flows to mitigate potential exploitation.

Key Concerns

  • Unprotected REST API routes
  • Unsanitized paths in taint flows
  • Low output escaping percentage
  • No nonce checks
  • Limited capability checks
Vulnerabilities
None known

[Niewspierana wersja – sprawdź nową] epaka.pl – Integracja z WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

[Niewspierana wersja – sprawdź nową] epaka.pl – Integracja z WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
89
114 escaped
Nonce Checks
0
Capability Checks
4
File Operations
0
External Requests
13
Bundled Libraries
0

Output Escaping

56% escaped203 total outputs
Data Flows
8 unsanitized

Data Flow Analysis

8 flows8 with unsanitized paths
getPointsFile (api\class-epaka-api-controller.php:152)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
7 unprotected

[Niewspierana wersja – sprawdź nową] epaka.pl – Integracja z WooCommerce Attack Surface

Entry Points23
Unprotected7

REST API Routes 23

POST/wp-json/epaka-public/mapapi\class-epaka-api.php:75
GET/wp-json/epaka-public/mapapi\class-epaka-api.php:81
GET/wp-json/epaka-public/get-points-files-indexesapi\class-epaka-api.php:87
GET/wp-json/epaka-public/get-nominatim-searchapi\class-epaka-api.php:93
GET/wp-json/epaka-public/get-points-fileapi\class-epaka-api.php:99
POST/wp-json/epaka-public/get-full-points-data-by-lat-lng-proximityapi\class-epaka-api.php:105
GET/wp-json/epaka-public/get-points-autocompleteapi\class-epaka-api.php:111
POST/wp-json/epaka-admin/save-profileapi\class-epaka-api.php:119
POST/wp-json/epaka-admin/set-shipping-courier-mappingapi\class-epaka-api.php:127
POST/wp-json/epaka-admin/get-epaka-order-labelapi\class-epaka-api.php:135
POST/wp-json/epaka-admin/get-epaka-order-protocolapi\class-epaka-api.php:143
POST/wp-json/epaka-admin/get-epaka-order-authorization-documentapi\class-epaka-api.php:150
POST/wp-json/epaka-admin/get-epaka-order-proformaapi\class-epaka-api.php:157
POST/wp-json/epaka-admin/unlink-epaka-order-from-woo-orderapi\class-epaka-api.php:165
POST/wp-json/epaka-admin/link-epaka-order-to-woo-orderapi\class-epaka-api.php:173
POST/wp-json/epaka-admin/cancel-epaka-orderapi\class-epaka-api.php:181
POST/wp-json/epaka-admin/get-epaka-courier-trackingapi\class-epaka-api.php:189
POST/wp-json/epaka-admin/get-epaka-order-label-zebraapi\class-epaka-api.php:197
POST/wp-json/epaka-admin/authorizeapi\class-epaka-api.php:205
GET/wp-json/epaka-admin/get-profileapi\class-epaka-api.php:213
POST/wp-json/epaka-admin/send-orderapi\class-epaka-api.php:221
GET/wp-json/epaka-admin/get-order-iframeapi\class-epaka-api.php:229
GET/wp-json/epaka-admin/logoutapi\class-epaka-api.php:255
WordPress Hooks 34
actionepaka_admin_panel_save_profileadmin\class-epaka-admin.php:182
actionbefore_woocommerce_initepakapl.php:38
actionepaka_update_order_metadataepakapl.php:66
actioninitepakapl.php:67
actionadmin_noticesepakapl.php:175
actionadmin_menuepakapl.php:205
actionadmin_noticesepakapl.php:219
actionadmin_noticesepakapl.php:233
actionplugins_loadedincludes\class-epaka.php:151
actionadmin_menuincludes\class-epaka.php:166
actionadmin_menuincludes\class-epaka.php:167
actionadd_meta_boxesincludes\class-epaka.php:168
actionadmin_enqueue_scriptsincludes\class-epaka.php:170
actionadmin_enqueue_scriptsincludes\class-epaka.php:171
filtermanage_edit-shop_order_columnsincludes\class-epaka.php:173
filtermanage_edit-woocommerce_page_wc-orders_columnsincludes\class-epaka.php:174
filtermanage_woocommerce_page_wc-orders_columnsincludes\class-epaka.php:175
filtermanage_shop_order_posts_custom_columnincludes\class-epaka.php:177
filtermanage_woocommerce_page_wc-orders_custom_columnincludes\class-epaka.php:178
filtermanage_woocommerce_page_wc-orders_posts_custom_columnincludes\class-epaka.php:179
filterwoocommerce_admin_order_data_after_shipping_addressincludes\class-epaka.php:182
actionwp_enqueue_scriptsincludes\class-epaka.php:196
actionwp_enqueue_scriptsincludes\class-epaka.php:197
actionwoocommerce_checkout_update_order_metaincludes\class-epaka.php:198
actionwoocommerce_after_shipping_rateincludes\class-epaka.php:199
actionwoocommerce_before_checkout_formincludes\class-epaka.php:200
filterwoocommerce_order_details_after_order_tableincludes\class-epaka.php:201
actionwoocommerce_after_checkout_validationincludes\class-epaka.php:202
actionwoocommerce_blocks_loadedincludes\class-epaka.php:215
actionrest_api_initincludes\class-epaka.php:217
actionwoocommerce_store_api_checkout_update_order_from_requestincludes\class-epaka.php:219
actionwoocommerce_blocks_loadedincludes\class-epaka.php:230
actionwoocommerce_blocks_checkout_block_registrationincludes\class-epaka.php:232
actionblock_categories_allincludes\class-epaka.php:239
Maintenance & Trust

[Niewspierana wersja – sprawdź nową] epaka.pl – Integracja z WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedJun 9, 2025
PHP min version5.6
Downloads7K

Community Trust

Rating100/100
Number of ratings1
Active installs200
Alternatives

[Niewspierana wersja – sprawdź nową] epaka.pl – Integracja z WooCommerce Alternatives

Furgonetka.pl: Przesyłki & Narzędzia e-commerce

Furgonetka.pl: Przesyłki & Narzędzia e-commerce

furgonetka

A
100

Nadawaj przesyłki, udostępnij mapę punktów odbioru, obsługuj zwroty, wystawiaj faktury KSeF, aktualizuj statusy zamówień.

7K No CVEs
Local Delivery Drivers for WooCommerce

Local Delivery Drivers for WooCommerce

local-delivery-drivers-for-woocommerce

A
99

Improve the way you deliver, manage drivers, assign drivers to orders, send WhatsApp, SMS, and email notifications, route planning, navigation & more!

1K 1 CVE
Delyva

Delyva

delyvax

A
100

The official Delyva plugin helps store owners to integrate WooCommerce store with Delyva delivery management platform for seamless service comparison …

200 No CVEs
Woot

Woot

woot-ro

A
100

Unified shipping solution for WooCommerce. Integrates all popular couriers in Romania with real-time pricing and pickup point selection.

100 No CVEs
Uber Direct Integration

Uber Direct Integration

uber-direct-delivery-integration

A
100

Offer instant or scheduled delivery from your WooCommerce store with real-time quotes and Uber Direct integration

60 No CVEs
Developer Profile

[Niewspierana wersja – sprawdź nową] epaka.pl – Integracja z WooCommerce Developer Profile

Deepak anand

4 plugins · 7K total installs

84
trust score
Avg Security Score
94/100
Avg Patch Time
85 days
View full developer profile
Detection Fingerprints

How We Detect [Niewspierana wersja – sprawdź nową] epaka.pl – Integracja z WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/epaka-pl/admin/css/epaka-admin.min.css

HTML / DOM Fingerprints

CSS Classes
epaka-cardmargin-10px
Data Attributes
name="epaka_credits_agree"id="credits_agree"name="epaka_credits_agree"
FAQ

Frequently Asked Questions about [Niewspierana wersja – sprawdź nową] epaka.pl – Integracja z WooCommerce