WP-Safety

Facturación Electrónica Costa Rica Security & Risk Analysis

wordpress.org/plugins/factura-electronica-cr

Plugin para integrar Facturación Electronica Costa Rica en WooCommerce.

20 active installs v2.0.2 PHP 7.4+ WP 6.7+ Updated Jan 16, 2026
electronicafacturafacturacionfacturas
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Facturación Electrónica Costa Rica Safe to Use in 2026?

Generally Safe

Score 100/100

Facturación Electrónica Costa Rica has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago
Risk Assessment

The plugin "factura-electronica-cr" v2.0.2 presents a concerning security posture primarily due to a significant lack of access control on its exposed entry points. With 3 total entry points (AJAX handlers and REST API routes), all 3 are unprotected, meaning any unauthenticated user could potentially interact with these functionalities. While the static analysis did not reveal dangerous functions, raw SQL queries, or critical taint flows, the absence of nonces and capability checks on these entry points creates a substantial risk for common web vulnerabilities like Cross-Site Request Forgery (CSRF) and unauthorized data manipulation.

The plugin shows some positive signs, such as a reasonable percentage of SQL queries using prepared statements and a majority of output escaping. The absence of known vulnerabilities in its history is a strong positive indicator of past development quality. However, this historical data cannot compensate for the immediate and clear security flaws identified in the current code analysis. The presence of the bundled Select2 library, without version information, also warrants caution, as outdated libraries can harbor known exploits.

In conclusion, while the plugin benefits from a clean vulnerability history and some good coding practices in SQL and output handling, the critical flaw of unprotected AJAX handlers and REST API routes makes it a high-risk candidate. Immediate attention is required to implement proper authentication and authorization checks on all exposed entry points to mitigate significant security threats.

Key Concerns

  • Unprotected AJAX handlers
  • Unprotected REST API routes
  • Missing nonce checks on AJAX
  • Missing capability checks on entry points
  • Bundled libraries (Select2) without version check
Vulnerabilities
None known

Facturación Electrónica Costa Rica Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Facturación Electrónica Costa Rica Code Analysis

Dangerous Functions
0
Raw SQL Queries
4
4 prepared
Unescaped Output
22
49 escaped
Nonce Checks
0
Capability Checks
3
File Operations
1
External Requests
4
Bundled Libraries
1

Bundled Libraries

Select2

SQL Query Safety

50% prepared8 total queries

Output Escaping

69% escaped71 total outputs
Data Flows
All sanitized

Data Flow Analysis

2 flows
<configuration> (admin\configuration.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
3 unprotected

Facturación Electrónica Costa Rica Attack Surface

Entry Points3
Unprotected3

AJAX Handlers 2

authwp_ajax_get_cabyscheckout-classic-initialize.php:468
noprivwp_ajax_get_cabyscheckout-classic-initialize.php:469

REST API Routes 1

GET/wp-json/fvcr-wordpress-data/v2/checkout-data/checkout-blocks-initialize.php:75
WordPress Hooks 17
actionwoocommerce_blocks_loadedcheckout-blocks-initialize.php:7
actionwoocommerce_blocks_checkout_block_registrationcheckout-blocks-initialize.php:11
actionrest_api_initcheckout-blocks-initialize.php:74
actionadmin_enqueue_scriptscheckout-classic-initialize.php:50
actionwp_enqueue_scriptscheckout-classic-initialize.php:64
actionwoocommerce_before_checkout_billing_formcheckout-classic-initialize.php:68
actionwoocommerce_checkout_processcheckout-classic-initialize.php:122
actionwoocommerce_checkout_update_order_metacheckout-classic-initialize.php:159
actionwoocommerce_product_options_general_product_datacheckout-classic-initialize.php:200
actionwoocommerce_process_product_metacheckout-classic-initialize.php:260
actionwoocommerce_admin_order_data_after_billing_addresscheckout-classic-initialize.php:294
actionwoocommerce_after_checkout_formcheckout-classic-initialize.php:405
actionplugins_loadedcheckout-classic-initialize.php:464
actionwoocommerce_store_api_checkout_update_order_from_requestcheckout.php:23
actionadmin_menufunctions.php:14
actionwoocommerce_order_status_processingfunctions.php:227
actionwoocommerce_order_status_completedfunctions.php:236
Maintenance & Trust

Facturación Electrónica Costa Rica Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 16, 2026
PHP min version7.4
Downloads3K

Community Trust

Rating100/100
Number of ratings1
Active installs20
Alternatives

Facturación Electrónica Costa Rica Alternatives

Contabilium Oficial para WooCommerce

Contabilium Oficial para WooCommerce

contabilium-oficial-para-woo

A
100

Contabilium es un sistema de gestión online que te permite administrar todos tus ingresos y gastos de una forma sencilla y rápida en cualquier momento &hellip;

300 No CVEs
APISUNAT Facturación Electrónica para WooCommerce – SUNAT – PERU

APISUNAT Facturación Electrónica para WooCommerce – SUNAT – PERU

apisunat

A
92

Emite tus comprobantes electrónicos para SUNAT - PERU directamente desde tu tienda en WooCommerce.

80 No CVEs
RVCFDI para Woocommerce

RVCFDI para Woocommerce

rvcfdi-para-woocommerce

B
78

El plugin RVCFDI para WooCommerce es una herramienta que se integra con RV Factura Electronica Web y te permite llevar a cabo el proceso facturacion e &hellip;

70 1 unpatched
LFECFDI para Woocommerce

LFECFDI para Woocommerce

lfecfdi-para-woocommerce

A
100

El plugin LFECFDI para WooCommerce es una herramienta que se integra con LasFacturasElectronicas.com y te permite llevar a cabo el proceso facturacion &hellip;

10 No CVEs
MIRATIO – Facturación electrónica Perú

MIRATIO – Facturación electrónica Perú

miratio

A
85

Ahora puedes emitir comprobantes electrónicos como Boletas y Facturas automáticamente con el plugin de MIRATIO para WooCommerce.

10 No CVEs
Developer Profile

Facturación Electrónica Costa Rica Developer Profile

facturadorvirtual

1 plugin · 20 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Facturación Electrónica Costa Rica

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/factura-electronica-cr/assets/select2.css/wp-content/plugins/factura-electronica-cr/assets/select2.js/wp-content/plugins/factura-electronica-cr/assets/styles.css/wp-content/plugins/factura-electronica-cr/assets/code.js/wp-content/plugins/factura-electronica-cr/assets/styles_public.css
Script Paths
/wp-content/plugins/factura-electronica-cr/assets/select2.js/wp-content/plugins/factura-electronica-cr/assets/code.js
Version Parameters
assets/select2.css?ver=1.7assets/select2.js?ver=1.9assets/styles.css?ver=1.7assets/code.js?ver=1.8assets/styles_public.css?ver=1.2

HTML / DOM Fingerprints

CSS Classes
fvcr_hide_elementfvcr_identification_typefvcr_disabled
Data Attributes
data-fvcr-identification-typedata-fvcr-billing-fv-required-fedata-fvcr-billing-fv-identification-typedata-fvcr-billing-fv-identification-number
JS Globals
fvcr_params
REST Endpoints
/wp-json/fvcr/v1/settings
FAQ

Frequently Asked Questions about Facturación Electrónica Costa Rica