WP-Safety

Estimated Delivery for WooCommerce Security & Risk Analysis

wordpress.org/plugins/estimated-delivery-for-woocommerce

Show estimated / guaranteed delivery, simple and easy

1K active installs v2.0.0 PHP 5.0+ WP 4.3+ Updated Mar 14, 2026
delivery-woocommerceestimated-deliveryshipping-date
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Estimated Delivery for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Estimated Delivery for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 21d ago
Risk Assessment

The "estimated-delivery-for-woocommerce" plugin version 2.0.0 exhibits a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all SQL queries and performing nonce and capability checks on all identified entry points. The absence of known CVEs and a clean vulnerability history further suggest a generally secure development approach.

However, there are notable areas of concern. The plugin exposes two AJAX handlers without authentication checks, creating a significant attack surface. While no critical or high severity taint flows were identified, the presence of a flow with unsanitized paths is a potential risk. Additionally, the plugin has a moderate issue with output escaping, with only 50% of outputs being properly escaped, which could lead to cross-site scripting (XSS) vulnerabilities if malicious input is processed.

In conclusion, the plugin has a solid foundation in terms of SQL security and access control. The primary risks stem from the unprotected AJAX endpoints and the moderate risk of XSS due to insufficient output escaping. The lack of past vulnerabilities is a positive indicator, but the identified code signals necessitate caution and potential remediation.

Key Concerns

  • Unprotected AJAX handlers
  • Half of outputs unescaped
  • Flows with unsanitized paths
Vulnerabilities
None known

Estimated Delivery for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Estimated Delivery for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
124
125 escaped
Nonce Checks
2
Capability Checks
2
File Operations
0
External Requests
1
Bundled Libraries
0

Output Escaping

50% escaped249 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

3 flows1 with unsanitized paths
<estimated-delivery-woocommerce> (estimated-delivery-woocommerce.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

Estimated Delivery for WooCommerce Attack Surface

Entry Points3
Unprotected2

AJAX Handlers 2

noprivwp_ajax_edw_get_estimate_datesclass.api.php:6
authwp_ajax_edw_get_estimate_datesclass.api.php:7

Shortcodes 1

[estimate_delivery] estimated-delivery-woocommerce.php:204
WordPress Hooks 22
actionadmin_menuestimated-delivery-woocommerce.php:45
actionadmin_initestimated-delivery-woocommerce.php:46
actionadmin_enqueue_scriptsestimated-delivery-woocommerce.php:47
actionplugins_loadedestimated-delivery-woocommerce.php:48
actionwp_footerestimated-delivery-woocommerce.php:53
actionwp_enqueue_scriptsestimated-delivery-woocommerce.php:55
actionsave_post_productestimated-delivery-woocommerce.php:56
actionadd_meta_boxesestimated-delivery-woocommerce.php:57
actioninitestimated-delivery-woocommerce.php:58
actiondokan_new_product_formestimated-delivery-woocommerce.php:61
actiondokan_new_product_after_product_tagsestimated-delivery-woocommerce.php:62
actiondokan_product_edit_after_product_tagsestimated-delivery-woocommerce.php:63
actionend_wcfm_products_manageestimated-delivery-woocommerce.php:67
actionafter_wcfm_products_manage_meta_saveestimated-delivery-woocommerce.php:68
actionwp_enqueue_scriptsestimated-delivery-woocommerce.php:71
filterwcmp_product_data_tabsestimated-delivery-woocommerce.php:75
actionwcmp_product_tabs_contentestimated-delivery-woocommerce.php:76
actionwcmp_process_product_objectestimated-delivery-woocommerce.php:77
filterwoocommerce_get_item_dataestimated-delivery-woocommerce.php:78
actionwoocommerce_checkout_create_order_line_itemestimated-delivery-woocommerce.php:79
actionwoocommerce_after_shop_loop_item_titleestimated-delivery-woocommerce.php:80
actionbefore_woocommerce_initestimated-delivery-woocommerce.php:82
Maintenance & Trust

Estimated Delivery for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 14, 2026
PHP min version5.0
Downloads40K

Community Trust

Rating100/100
Number of ratings13
Active installs1K
Alternatives

Estimated Delivery for WooCommerce Alternatives

Estimated delivery date per product for WooCommerce

Estimated delivery date per product for WooCommerce

estimate-delivery-date-for-woocommerce

A
100

Estimated delivery date per product for WooCommerce

400 No CVEs
Estimated Delivery Date Per Product For Woocommerce

Estimated Delivery Date Per Product For Woocommerce

estimated-delivery-date-per-product-for-woocommerce

A
100

Estimated Shipping Date Per Product For WoocommerceThis Plugin allow you to Display Estimated Delivery Date or Shipping Date Per Product.

200 No CVEs
Estimate delivery per Product for Woocommerce

Estimate delivery per Product for Woocommerce

estimate-delivery-per-product-for-woocommerce

A
85

HELP YOUR CUSTOMERS TO DECIDE IF THEY WILL BUY YOUR PRODUCTS!

70 No CVEs
AnCode — Estimated Delivery Date for WooCommerce

AnCode — Estimated Delivery Date for WooCommerce

ancode-estimated-delivery-date-for-woocommerce

A
100

Display estimated delivery dates automatically on WooCommerce product pages and emails — supports weekends, holidays, and full customization.

0 No CVEs
EDDV Notices for WooCommerce

EDDV Notices for WooCommerce

eddv-notices

A
100

Display Estimated Delivery Date ranges or a Vacation Notice across WooCommerce pages and emails with flexible templates and automatic mode switching.

0 No CVEs
Developer Profile

Estimated Delivery for WooCommerce Developer Profile

DanielRiera

6 plugins · 2K total installs

76
trust score
Avg Security Score
95/100
Avg Patch Time
113 days
View full developer profile
Detection Fingerprints

How We Detect Estimated Delivery for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/estimated-delivery-for-woocommerce/css/admin-settings.css/wp-content/plugins/estimated-delivery-for-woocommerce/css/frontend.css/wp-content/plugins/estimated-delivery-for-woocommerce/js/frontend.js/wp-content/plugins/estimated-delivery-for-woocommerce/views/wcfm-metabox.php/wp-content/plugins/estimated-delivery-for-woocommerce/views/wcmp-metabox.php/wp-content/plugins/estimated-delivery-for-woocommerce/views/dokan-metabox.php
Script Paths
/wp-content/plugins/estimated-delivery-for-woocommerce/js/frontend.js
Version Parameters
estimated-delivery-for-woocommerce/css/admin-settings.css?ver=estimated-delivery-for-woocommerce/css/frontend.css?ver=estimated-delivery-for-woocommerce/js/frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
edw-delivery-info
HTML Comments
<!-- EDW: START REPEATER --><!-- EDW: END REPEATER --><!-- EDW_WCFM_METABOX_START --><!-- EDW_WCFM_METABOX_END -->+4 more
Data Attributes
data-edw-max-daysdata-edw-daysdata-edw-days-outstockdata-edw-max-days-outstockdata-edw-modedata-edw-days-backorders+3 more
JS Globals
window.EDW_USE_JSwindow.EDW_Fontawesome
FAQ

Frequently Asked Questions about Estimated Delivery for WooCommerce