WP-Safety

JNE Indo Shipping Security & Risk Analysis

wordpress.org/plugins/indo-shipping

Plugin shipping Indonesia yang khusus untuk diintegrasikan dengan plugin WP-Ecommerce.

10 active installs v1.4 PHP + WP 3.0+ Updated Feb 12, 2013
indonesian-shipping-pluginjne-shippingshipping-plugintiki-shippingwp-e-commerce
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is JNE Indo Shipping Safe to Use in 2026?

Generally Safe

Score 85/100

JNE Indo Shipping has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 13yr ago
Risk Assessment

The "indo-shipping" v1.4 plugin exhibits a concerning security posture primarily due to its unprotected entry points. The analysis reveals 6 AJAX handlers, all of which lack authentication checks. This represents a significant attack surface where unauthenticated users could potentially trigger malicious actions. Furthermore, the presence of the `unserialize` function, especially without proper sanitization or authentication, poses a critical risk for arbitrary object injection if attacker-controlled data can influence the serialized string. While the plugin demonstrates good practices in using prepared statements for SQL queries and proper output escaping, these strengths are overshadowed by the critical security gaps in its entry point handling and the potential for unserialize vulnerabilities.

Key Concerns

  • AJAX handlers without authentication
  • Presence of unserialize function
  • Flows with unsanitized paths
  • Bundled outdated jQuery library
Vulnerabilities
None known

JNE Indo Shipping Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

JNE Indo Shipping Release Timeline

v1.4Current
v1.3
v1.2
v1.1
v1.0
Code Analysis
Analyzed Apr 16, 2026

JNE Indo Shipping Code Analysis

Dangerous Functions
1
Raw SQL Queries
0
0 prepared
Unescaped Output
0
0 escaped
Nonce Checks
0
Capability Checks
0
File Operations
2
External Requests
0
Bundled Libraries
1

Dangerous Functions Found

unserialize$data = unserialize($_SESSION['wpe_isship_tarif_data']);wpe-ishipping.php:140

Bundled Libraries

jQuery1.4.4
Data Flows · Security
2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths
<wpe-ishipping> (wpe-ishipping.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
6 unprotected

JNE Indo Shipping Attack Surface

Entry Points6
Unprotected6

AJAX Handlers 6

authwp_ajax_GETCITYwpe-ishipping.php:208
noprivwp_ajax_GETCITYwpe-ishipping.php:209
authwp_ajax_DESTLOCFORMwpe-ishipping.php:210
noprivwp_ajax_DESTLOCFORMwpe-ishipping.php:211
authwp_ajax_GETTARIFwpe-ishipping.php:212
noprivwp_ajax_GETTARIFwpe-ishipping.php:213
WordPress Hooks 1
actionadmin_noticeswpe-ishipping.php:215
Maintenance & Trust

JNE Indo Shipping Maintenance & Trust

Maintenance Signals

WordPress version tested3.5.2
Last updatedFeb 12, 2013
PHP min version
Downloads8K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

JNE Indo Shipping Alternatives

JNE Shipping

JNE Shipping

jne-shipping

A
85

Plugin JNE Shipping Indonesia yang khusus untuk diintegrasikan dengan plugin WP-Ecommerce.

10 No CVEs
ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce

ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce

woo-alidropship

A
99

Transfer data from AliExpress products to WooCommerce effortlessly and fulfill WooCommerce orders to AliExpress automatically.

10K 2 CVEs
AliExpress Dropshipping Plugin for WooCommerce & WordPress

AliExpress Dropshipping Plugin for WooCommerce & WordPress

ali2woo-lite

A
91

Use the WooCommerce Dropshipping Plugin for AliExpress to import products, reviews, set flexible pricing rules, and automate order fulfillment.

4K 7 CVEs
PiWeb Flat rate / Conditional shipping for WooCommerce

PiWeb Flat rate / Conditional shipping for WooCommerce

advanced-free-flat-shipping-woocommerce

A
100

WooCommerce conditional shipping & WooCommerce Advanced Flat rate shipping rates plugin to Create Advanced Flat rate shipping or Free shipping met &hellip;

2K 1 CVE
TMDS – Dropshipping for TEMU and Woo

TMDS – Dropshipping for TEMU and Woo

tmds-dropshipping-for-temu-and-woo

A
100

Transfer data from Temu products to WooCommerce effortlessly.

600 No CVEs
Developer Profile

JNE Indo Shipping Developer Profile

Agung Nugroho

3 plugins · 30 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect JNE Indo Shipping

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/indo-shipping/js-css/jquery.autocomplete.css/wp-content/plugins/indo-shipping/js-css/style.css/wp-content/plugins/indo-shipping/js-css/jquery.autocomplete.js/wp-content/plugins/indo-shipping/js-css/tarif.js
Script Paths
js-css/jquery.autocomplete.jsjs-css/tarif.js
Version Parameters
indo-shipping/js-css/jquery.autocomplete.css?ver=indo-shipping/js-css/style.css?ver=indo-shipping/js-css/jquery.autocomplete.js?ver=indo-shipping/js-css/tarif.js?ver=

HTML / DOM Fingerprints

CSS Classes
wpsc_shipping_quote_namewpsc_shipping_quote_pricewpsc_shipping_quote_radiotrfC
Data Attributes
id="base_location"name="base_location"id="base_location_code"name="base_location_code"id="act"name="act"+7 more
JS Globals
ishippbaseLocationFormswitchmethod
Shortcode Output
<strong>Indo Shipping [JNE]</strong>
FAQ

Frequently Asked Questions about JNE Indo Shipping