Does Shipi DHL Global Mail Shipping have any unpatched vulnerabilities?

No. All known vulnerabilities in Shipi DHL Global Mail Shipping have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Shipi DHL Global Mail Shipping compatible with WordPress 6.7.5?

According to WordPress.org data, Shipi DHL Global Mail Shipping 2.0.1 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is Shipi DHL Global Mail Shipping compatible with PHP 5.6+?

Shipi DHL Global Mail Shipping requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Shipi DHL Global Mail Shipping updated?

Shipi DHL Global Mail Shipping was last updated on Oct 29, 2024. Frequent updates are generally a positive security signal.

What is Shipi DHL Global Mail Shipping's security score?

Shipi DHL Global Mail Shipping has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Shipi DHL Global Mail Shipping Security & Risk Analysis

wordpress.org/plugins/hitshipo-dhl-global-mail-shipping

Realtime Shipping Rates, Order Creation automation included.

0 active installs v2.0.1 PHP 5.6+ WP 4.0.1+ Updated Oct 29, 2024

dhldhl-globaldhl-parcelglobal-mailparcel-uk

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Shipi DHL Global Mail Shipping Safe to Use in 2026?

Generally Safe

Score 92/100

Shipi DHL Global Mail Shipping has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The "hitshipo-dhl-global-mail-shipping" v2.0.1 plugin exhibits a generally positive security posture due to the absence of known vulnerabilities and the use of prepared statements for all SQL queries. The code analysis indicates no dangerous functions are being used, and all output is properly escaped, which are strong indicators of good development practices in preventing common web vulnerabilities.

However, the static analysis reveals several areas for concern. The presence of 3 "flows with unsanitized paths" is particularly noteworthy, even though they are not classified as critical or high severity. This suggests a potential for path traversal or unintended file access if these flows are improperly handled downstream. Furthermore, the plugin makes 5 external HTTP requests, which can be a vector for vulnerabilities if the target endpoints are compromised or if sensitive data is transmitted insecurely. The complete lack of nonce and capability checks on any entry points, combined with zero protected AJAX handlers and REST API routes, indicates a significant potential attack surface that is entirely unprotected.

Key Concerns

3 flows with unsanitized paths detected
5 external HTTP requests
0 nonce checks
0 capability checks
0 unprotected AJAX handlers
0 unprotected REST API routes

Vulnerabilities

None known

Shipi DHL Global Mail Shipping Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Shipi DHL Global Mail Shipping Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

91 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped91 total outputs

Data Flows

3 unsanitized

Data Flow Analysis

3 flows3 with unsanitized paths

hit_order_status_update (hitshipo_dhl_gm_basic.php:725)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Shipi DHL Global Mail Shipping Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 20

actionactivated_pluginhitshipo_dhl_gm_basic.php:37

actionwoocommerce_shipping_inithitshipo_dhl_gm_basic.php:47

actioninithitshipo_dhl_gm_basic.php:48

filterwoocommerce_shipping_methodshitshipo_dhl_gm_basic.php:49

actionadd_meta_boxeshitshipo_dhl_gm_basic.php:51

actionsave_posthitshipo_dhl_gm_basic.php:52

actionsave_posthitshipo_dhl_gm_basic.php:53

filterhandle_bulk_actions-edit-shop_orderhitshipo_dhl_gm_basic.php:55

actionadmin_noticeshitshipo_dhl_gm_basic.php:56

filterwoocommerce_product_data_tabshitshipo_dhl_gm_basic.php:57

actionwoocommerce_process_product_metahitshipo_dhl_gm_basic.php:58

filterwoocommerce_product_data_panelshitshipo_dhl_gm_basic.php:59

actionadmin_menuhitshipo_dhl_gm_basic.php:60

actionwoocommerce_order_status_processinghitshipo_dhl_gm_basic.php:64

actionwoocommerce_order_details_after_order_tablehitshipo_dhl_gm_basic.php:65

actionadmin_print_styleshitshipo_dhl_gm_basic.php:67

actionwoocommerce_product_options_shippinghitshipo_dhl_gm_basic.php:73

actionwoocommerce_process_product_metahitshipo_dhl_gm_basic.php:74

actionedit_user_profilehitshipo_dhl_gm_basic.php:77

actionedit_user_profile_updatehitshipo_dhl_gm_basic.php:78

Maintenance & Trust

Shipi DHL Global Mail Shipping Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedOct 29, 2024

PHP min version5.6

Downloads870

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Shipi DHL Global Mail Shipping Alternatives

WooCommerce Shipping

woocommerce-shipping

100

A free shipping plugin for US merchants to print discounted shipping labels and compare live label rates directly from your WooCommerce dashboard.

60K No CVEs

Apaczka: integracja z WooCommerce

apaczka-pl

100

Zarządzaj wysyłkami różnych kurierów w jednym miejscu

4K No CVEs

DHL Shipping Germany for WooCommerce

dhl-for-woocommerce

100

Automate e-commerce orders with Official DHL for WooCommerce. Covers DHL Paket and Deutsche Post International.

4K No CVEs

DHL eCommerce (Benelux) for WooCommerce

dhlpwc

100

DHL eCommerce (Benelux) presents: The official DHL eCommerce for WooCommerce plugin to automate your e-commerce shipping process.

2K No CVEs

Shipping Live Rates for DHL Express for WooCommerce

flexible-shipping-dhl-express

100

Display real-time DHL Express shipping live rates in your WooCommerce store. Connect with DHL Express API for accurate shipping costs.

600 No CVEs

Developer Profile

Shipi DHL Global Mail Shipping Developer Profile

Aarsiv Groups

10 plugins · 610 total installs

trust score

Avg Security Score

98/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Shipi DHL Global Mail Shipping

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/hitshipo-dhl-global-mail-shipping/controllors/views/dhl_gm_settings_view.php

HTML / DOM Fingerprints

CSS Classes

show_if_simpleshow_if_variable

HTML Comments

+1 more

Data Attributes

data-tip="Enter commodity code for product (20 charcters max)."data-tip="Enter HS code for product (20 charcters max)."data-tip="Enter reason for export."

JS Globals

wc_enhanced_selectchosen

Shortcode Output

<label for="hits_dhl_gm_cc">Enter Commodity code</label><span class='woocommerce-help-tip' data-tip="Enter commodity code for product (20 charcters max)."></span><input type='text' id='hits_dhl_gm_cc' name='hits_dhl_gm_cc' maxlength="20" <label for="hits_dhl_gm_hs_code">Enter HS Code</label>

FAQ