WP-Safety

Fast Courier – Shipping & Freight Security & Risk Analysis

wordpress.org/plugins/fast-courier-shipping-freight

Fast Courier is an Australian Courier & Freight shipping platform. Connect your WooCommerce Store with a network of Courier & Freight Providers.

20 active installs v5.2.2 PHP 7.4+ WP 5.0+ Updated Mar 26, 2026
courierfastcourierfreightshippingwoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Fast Courier – Shipping & Freight Safe to Use in 2026?

Generally Safe

Score 100/100

Fast Courier – Shipping & Freight has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The "fast-courier-shipping-freight" plugin v5.2.3 exhibits a concerning security posture due to a significantly large and unprotected attack surface. With 41 total entry points, including 39 AJAX handlers and 2 REST API routes, none of which have authentication or permission checks, this plugin is highly vulnerable to unauthorized access and manipulation. While the static analysis did not reveal critical or high severity taint flows, the lack of nonces and capability checks on these numerous entry points creates a wide open door for attackers to potentially exploit any vulnerabilities that might exist within the handler code itself, even if not immediately obvious from the static analysis. The plugin also shows a complete absence of recorded vulnerabilities, which can be a positive sign of diligent development, but in combination with the unprotected attack surface, it could also suggest that vulnerabilities have simply not been discovered or reported yet. The plugin's strengths lie in its use of prepared statements for all SQL queries and a generally good rate of output escaping (83%). However, these strengths are overshadowed by the critical weakness of exposed entry points.

Key Concerns

  • AJAX handlers without auth checks
  • REST API routes without permission callbacks
  • No nonce checks
  • No capability checks
  • Large attack surface without auth
  • Flows with unsanitized paths
Vulnerabilities
None known

Fast Courier – Shipping & Freight Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Fast Courier – Shipping & Freight Release Timeline

v5.2.2Current
v5.2.1
v5.2.0
v5.1.9
v5.1.8
v5.1.7
v5.1.6
v5.1.5
v5.1.4
v5.1.3
v5.1.2
v5.1.1
v5.1.0
v5.0.9
v5.0.8
v5.0.7
v5.0.6
v5.0.5
v5.0.4
v5.0.3
Code Analysis
Analyzed Apr 16, 2026

Fast Courier – Shipping & Freight Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
27 prepared
Unescaped Output
249
1175 escaped
Nonce Checks
0
Capability Checks
0
File Operations
13
External Requests
5
Bundled Libraries
1

Bundled Libraries

Select2

SQL Query Safety

100% prepared27 total queries

Output Escaping

83% escaped1424 total outputs
Data Flows · Security
9 unsanitized

Data Flow Analysis

21 flows9 with unsanitized paths
addLocation (views/class-location.php:89)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
41 unprotected

Fast Courier – Shipping & Freight Attack Surface

Entry Points41
Unprotected41

AJAX Handlers 39

authwp_ajax_post_verify_tokenactions.php:4
authwp_ajax_post_activate_mechantactions.php:7
authwp_ajax_post_activate_mechant_paymentactions.php:10
authwp_ajax_post_active_couriersactions.php:13
authwp_ajax_post_delete_packagesactions.php:16
authwp_ajax_post_delete_woo_packagesactions.php:19
noprivwp_ajax_post_updateCartFeeactions.php:26
authwp_ajax_post_map_fc_packagesactions.php:38
authwp_ajax_post_map_existing_to_fc_packagesactions.php:39
authwp_ajax_post_update_weightactions.php:42
authwp_ajax_post_allow_shippingactions.php:45
authwp_ajax_post_bulk_allow_eligible_for_shippingactions.php:47
authwp_ajax_post_allow_free_shippingactions.php:50
authwp_ajax_post_bulk_allow_free_shippingactions.php:52
authwp_ajax_post_bulk_allow_individualactions.php:55
authwp_ajax_sync_merchant_detailsactions.php:58
authwp_ajax_post_process_ordersactions.php:61
authwp_ajax_post_hold_ordersactions.php:64
authwp_ajax_post_download_zipactions.php:67
authwp_ajax_merchant_loginactions.php:81
authwp_ajax_merchant_registeractions.php:82
authwp_ajax_add_payment_methodactions.php:83
authwp_ajax_toggle_test_modeactions.php:84
authwp_ajax_remove_payment_methodactions.php:85
authwp_ajax_forgot_passwordactions.php:86
authwp_ajax_change_passwordactions.php:87
authwp_ajax_auto_process_ordersactions.php:90
authwp_ajax_resync_all_ordersactions.php:91
authwp_ajax_add_locationactions.php:94
authwp_ajax_edit_locationactions.php:95
authwp_ajax_delete_locationactions.php:96
authwp_ajax_process_csvactions.php:97
authwp_ajax_get_edit_locatonactions.php:98
authwp_ajax_post_update_locationactions.php:101
authwp_ajax_post_add_shipping_boxactions.php:104
authwp_ajax_process_dimensions_csvactions.php:107
authwp_ajax_delete_webhook_logsactions.php:110
authwp_ajax_get_client_credentialsactions.php:121
noprivwp_ajax_get_client_credentialsactions.php:122

REST API Routes 2

POST/wp-json/fastcourierorder-status-updateactions.php:71
GET/wp-json/fastcourier/oauth-callbackactions.php:114
WordPress Hooks 45
actionwoocommerce_checkout_update_order_reviewactions.php:23
actionwoocommerce_cart_calculate_feesactions.php:29
actionwoocommerce_product_data_panelsactions.php:32
actionwoocommerce_process_product_metaactions.php:35
actionrest_api_initactions.php:70
actionrest_api_initactions.php:113
actioninitfunctions.php:26
actionadmin_headfunctions.php:34
actionwp_headfunctions.php:40
actioninitfunctions.php:46
actioninitfunctions.php:132
filterwc_order_statusesfunctions.php:142
actionwoocommerce_new_orderfunctions.php:186
filterwoocommerce_product_data_tabsfunctions.php:315
filterwoocommerce_order_data_store_cpt_get_orders_queryfunctions.php:625
filteris_protected_metafunctions.php:680
filterhttp_request_timeoutfunctions.php:688
filterwoocommerce_cart_ready_to_calc_shippingfunctions.php:701
filterwoocommerce_my_account_my_orders_columnsfunctions.php:712
actionwoocommerce_my_account_my_orders_column_fc-statusfunctions.php:716
actionwoocommerce_my_account_my_orders_column_fc-tracking-urlfunctions.php:724
filterwoocommerce_checkout_fieldsfunctions.php:737
filterwoocommerce_cart_totals_fee_htmlfunctions.php:784
filterwoocommerce_billing_fieldsfunctions.php:812
filterwoocommerce_shipping_fieldsfunctions.php:834
actionwoocommerce_review_order_before_paymentfunctions.php:909
actionwp_footerfunctions.php:1364
actionwp_footerfunctions.php:1584
actionwoocommerce_email_order_detailsfunctions.php:1615
actionwoocommerce_cart_calculate_feesfunctions.php:1620
actionwoocommerce_order_status_on-holdfunctions.php:1652
actionadd_meta_boxesfunctions.php:1769
actionwoocommerce_order_status_changedfunctions.php:2006
actionwoocommerce_cart_updatedincludes/class-fast-courier-shipping-method.php:24
filterwoocommerce_shipping_methodsincludes/class-fast-courier-shipping-method.php:267
actionwoocommerce_initsettings.php:78
filterwoocommerce_shipping_methodssettings.php:116
actionplugins_loadedsettings.php:142
actionadmin_enqueue_scriptssettings.php:168
actionwp_enqueue_scriptssettings.php:183
filtercron_schedulessettings.php:257
actionfc_auto_process_cronsettings.php:261
actionactivate_cron_auto_process_ordersettings.php:269
actiondeactivate_cron_auto_process_ordersettings.php:279
actionadmin_menuviews/class-menu.php:27

Scheduled Events 1

fc_auto_process_cron
Maintenance & Trust

Fast Courier – Shipping & Freight Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedMar 26, 2026
PHP min version7.4
Downloads11K

Community Trust

Rating60/100
Number of ratings2
Active installs20
Alternatives

Fast Courier – Shipping & Freight Alternatives

The Courier Guy Shipping for WooCommerce

The Courier Guy Shipping for WooCommerce

the-courier-guy

A
100

This is the official WooCommerce extension to ship products using The Courier Guy.

3K No CVEs
Local Delivery Drivers for WooCommerce

Local Delivery Drivers for WooCommerce

local-delivery-drivers-for-woocommerce

A
99

Improve the way you deliver, manage drivers, assign drivers to orders, send WhatsApp, SMS, and email notifications, route planning, navigation & more!

1K 1 CVE
Bob Go smart shipping solution for WooCommerce

Bob Go smart shipping solution for WooCommerce

uafrica-shipping

A
100

Smart shipping and order management solution in South Africa

1K No CVEs
FlagShip WooCommerce Shipping

FlagShip WooCommerce Shipping

flagship-woocommerce-shipping

A
100

FlagShip WooCommerce Shipping is an e-shipping courier solution that helps you shipping anything from Canada. Beautifully.

400 No CVEs
Freight Shipping Quote – Simplify Shipping Cost Requests

Freight Shipping Quote – Simplify Shipping Cost Requests

freight-shipping-quote

A
100

Freight Shipping Quote allow your customer to request a custom shipping quote before checkout for freight shipping.

200 No CVEs
Developer Profile

Fast Courier – Shipping & Freight Developer Profile

Fast Courier

1 plugin · 20 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Fast Courier – Shipping & Freight

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/fast-courier-shipping-freight/views/styles/bootstrap.min.css/wp-content/plugins/fast-courier-shipping-freight/views/styles/styles.css/wp-content/plugins/fast-courier-shipping-freight/views/libs/select2/css/select2.min.css/wp-content/plugins/fast-courier-shipping-freight/views/libs/fontawesome/css/all.min.css/wp-content/plugins/fast-courier-shipping-freight/views/scripts/script.js/wp-content/plugins/fast-courier-shipping-freight/views/libs/sweetalert/sweetalert2.all.js/wp-content/plugins/fast-courier-shipping-freight/views/libs/select2/js/select2.min.js
Script Paths
/wp-content/plugins/fast-courier-shipping-freight/views/scripts/script.js/wp-content/plugins/fast-courier-shipping-freight/views/libs/sweetalert/sweetalert2.all.js/wp-content/plugins/fast-courier-shipping-freight/views/libs/select2/js/select2.min.js
Version Parameters
fast-courier-shipping-freight/views/styles/bootstrap.min.css?ver=fast-courier-shipping-freight/views/styles/styles.css?ver=fast-courier-shipping-freight/views/libs/select2/css/select2.min.css?ver=fast-courier-shipping-freight/views/libs/fontawesome/css/all.min.css?ver=fast-courier-shipping-freight/views/scripts/script.js?ver=fast-courier-shipping-freight/views/libs/sweetalert/sweetalert2.all.js?ver=fast-courier-shipping-freight/views/libs/select2/js/select2.min.js?ver=

HTML / DOM Fingerprints

CSS Classes
fast-courier-admin
JS Globals
Menufast_courier_hpos_enabledfast_courier_checkout_modefc_is_woocommerce_activefc_check_version_compatibility_init_fast_courier+4 more
FAQ

Frequently Asked Questions about Fast Courier – Shipping & Freight