WP-Safety

Factpro for WooCommerce Security & Risk Analysis

wordpress.org/plugins/factpro-for-woocommerce

Electronic invoicing for Peru with Factpro.pe integration

0 active installs v4.0.0 PHP 7.4+ WP 6.0+ Updated Feb 15, 2026
woocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Factpro for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Factpro for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The "factpro-for-woocommerce" v4.0.0 plugin exhibits a generally strong security posture based on the provided static analysis and vulnerability history. The absence of identified dangerous functions, raw SQL queries, and taint analysis findings suggests careful development practices regarding code execution and data manipulation. The plugin also demonstrates good output escaping, with 88% of outputs being properly escaped, minimizing the risk of cross-site scripting vulnerabilities.

However, there are a few areas that warrant attention. The plugin makes 7 external HTTP requests, which, while not inherently insecure, can become a vector for attacks if the target servers are compromised or if the plugin doesn't validate responses properly. The presence of only 1 nonce check and 0 capability checks on its entry points (2 REST API routes) is a significant concern. This indicates that these entry points may be vulnerable to unauthorized access and manipulation, especially if they handle sensitive data or perform critical actions.

Given the complete lack of recorded vulnerabilities (CVEs) and the robust code signals in other areas, the plugin appears well-maintained and has historically been secure. However, the identified weaknesses in authentication and authorization for its REST API routes, combined with external HTTP requests, present a potential attack surface that needs to be addressed to maintain its good security standing.

Key Concerns

  • No capability checks on entry points
  • Only 1 nonce check for 2 entry points
  • 7 external HTTP requests
Vulnerabilities
None known

Factpro for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Factpro for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
6
45 escaped
Nonce Checks
1
Capability Checks
0
File Operations
0
External Requests
7
Bundled Libraries
0

Output Escaping

88% escaped51 total outputs
Attack Surface

Factpro for WooCommerce Attack Surface

Entry Points2
Unprotected0

REST API Routes 2

GET/wp-json/factpro-for-woocommerce/v1/dni/(?P<dni>\d+)src\WP\RestApiHooks.php:15
GET/wp-json/factpro-for-woocommerce/v1/ruc/(?P<ruc>\d+)src\WP\RestApiHooks.php:26
WordPress Hooks 30
actionadd_meta_boxessrc\WP\Admin\WoocommerceEditOrder.php:15
actionadmin_menusrc\WP\AdminHooks.php:14
filterwoocommerce_settings_tabs_arraysrc\WP\AdminHooks.php:33
actionwoocommerce_settings_tabs_factpro_fowo_settingssrc\WP\AdminHooks.php:39
actionwoocommerce_update_options_factpro_fowo_settingssrc\WP\AdminHooks.php:43
actionrest_api_initsrc\WP\RestApiHooks.php:14
actionwoocommerce_process_shop_order_metasrc\WP\WoocommerceAdminHooks.php:22
filterwoocommerce_order_actionssrc\WP\WoocommerceAdminHooks.php:68
actionwoocommerce_order_action_factpro_invoice_createsrc\WP\WoocommerceAdminHooks.php:81
actionwoocommerce_order_action_factpro_invoice_previewsrc\WP\WoocommerceAdminHooks.php:82
actionwoocommerce_order_action_factpro_invoice_statussrc\WP\WoocommerceAdminHooks.php:83
actionwoocommerce_order_action_factpro_invoice_cancelsrc\WP\WoocommerceAdminHooks.php:84
actionadmin_post_factpro_download_invoicesrc\WP\WoocommerceAdminHooks.php:86
actionadmin_post_nopriv_factpro_download_invoicesrc\WP\WoocommerceAdminHooks.php:97
filtermanage_edit-shop_order_columnssrc\WP\WoocommerceAdminHooks.php:111
filtermanage_woocommerce_page_wc-orders_columnssrc\WP\WoocommerceAdminHooks.php:116
actionmanage_shop_order_posts_custom_columnsrc\WP\WoocommerceAdminHooks.php:118
actionmanage_woocommerce_page_wc-orders_custom_columnsrc\WP\WoocommerceAdminHooks.php:119
actionwoocommerce_admin_order_data_after_billing_addresssrc\WP\WoocommerceAdminHooks.php:124
actionadmin_enqueue_scriptssrc\WP\WoocommerceAdminHooks.php:160
actionwoocommerce_initsrc\WP\WoocommerceBlockHooks.php:17
actionwoocommerce_sanitize_additional_fieldsrc\WP\WoocommerceBlockHooks.php:280
actionwoocommerce_validate_additional_fieldsrc\WP\WoocommerceBlockHooks.php:288
actionwoocommerce_email_after_order_tablesrc\WP\WoocommerceEmailHooks.php:13
filterwoocommerce_my_account_my_orders_actionssrc\WP\WoocommerceHooks.php:17
actionwoocommerce_checkout_processsrc\WP\WoocommerceHooks.php:29
actionwoocommerce_checkout_update_order_metasrc\WP\WoocommerceHooks.php:69
actionwoocommerce_order_status_completedsrc\WP\WoocommerceHooks.php:111
actionwoocommerce_after_checkout_billing_formsrc\WP\WoocommerceHooks.php:119
actionwp_enqueue_scriptssrc\WP\WoocommerceHooks.php:159
Maintenance & Trust

Factpro for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 15, 2026
PHP min version7.4
Downloads172

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Factpro for WooCommerce Alternatives

Essential Addons for Elementor – Popular Elementor Templates & Widgets

Essential Addons for Elementor – Popular Elementor Templates & Widgets

essential-addons-for-elementor-lite

B
76

Elementor addon offering 110+ widgets and templates — Elementor Gallery, Slider, Form, Post Grid, Menu, Accordion, WooCommerce & more.

2.0M 56 CVEs
Google for WooCommerce

Google for WooCommerce

google-listings-and-ads

A
99

Native integration with Google that allows merchants to easily display their products across Google’s network.

900K 1 CVE
WooPayments: Integrated WooCommerce Payments

WooPayments: Integrated WooCommerce Payments

woocommerce-payments

A
97

Securely accept credit and debit cards on your WooCommerce store. Manage payments without leaving your WordPress dashboard. Only with WooPayments.

900K 6 CVEs
WooCommerce PayPal Payments

WooCommerce PayPal Payments

woocommerce-paypal-payments

A
100

PayPal's latest payment processing solution. Accept PayPal, Pay Later, credit/debit cards, alternative digital wallets and bank accounts.

800K 1 CVE
Click to Chat – HoliThemes

Click to Chat – HoliThemes

click-to-chat-for-whatsapp

A
96

WhatsApp Chat🔥. Let's make your Web page visitors contact you through 'WhatsApp', 'WhatsApp Business'. Add matching Widget✅

700K 3 CVEs
Developer Profile

Factpro for WooCommerce Developer Profile

factpro

1 plugin · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Factpro for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/factpro-for-woocommerce/public/js/factpro_fowo_order.js/wp-content/plugins/factpro-for-woocommerce/public/css/factpro_fowo_order.css
Script Paths
public/js/factpro_fowo_order.jspublic/css/factpro_fowo_order.css

HTML / DOM Fingerprints

CSS Classes
factpro-invoice-pdf-link
Data Attributes
id="factpro_customer_document_type"name="factpro_customer_document_type"id="factpro_customer_document_number"name="factpro_customer_document_number"id="factpro_company_name"name="factpro_company_name"+6 more
JS Globals
window.factpro_fowo_ajax_object
FAQ

Frequently Asked Questions about Factpro for WooCommerce