Does InPost PL have any unpatched vulnerabilities?

No. All known vulnerabilities in InPost PL have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is InPost PL compatible with WordPress 6.9.4?

According to WordPress.org data, InPost PL 1.8.4 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is InPost PL compatible with PHP 7.2+?

InPost PL requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is InPost PL updated?

InPost PL was last updated on Feb 23, 2026. Frequent updates are generally a positive security signal.

What is InPost PL's security score?

InPost PL has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

InPost PL Security & Risk Analysis

wordpress.org/plugins/inpost-for-woocommerce

InPost PL dla WooCommerce to dedykowana wtyczka do integracji, stworzona z myślą o małych i średnich firmach, które chcą w szybki i wygodny sposób zin …

10K active installs v1.8.4 PHP 7.2+ WP 5.3+ Updated Feb 23, 2026

etykietyinpostpaczkomatyprzesylki

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is InPost PL Safe to Use in 2026?

Generally Safe

Score 100/100

InPost PL has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The "inpost-for-woocommerce" plugin v1.8.4 exhibits a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all SQL queries and a high percentage of properly escaped output. The absence of known CVEs and consistently low or non-existent recorded vulnerabilities in its history suggest a generally well-maintained codebase. However, there are areas of concern that warrant attention. The presence of two AJAX handlers without authentication checks presents a potential attack vector. While the taint analysis did not reveal critical or high-severity issues, the existence of a flow with an unsanitized path, even if not classified as critical, indicates a potential for subtle vulnerabilities. The function `unserialize` is also flagged as a dangerous function, and while its usage isn't explicitly detailed as a vulnerability here, it's a function that historically has been associated with security risks if not handled with extreme care. Overall, the plugin is reasonably secure due to its good database practices and lack of historical exploits, but the unprotected AJAX endpoints and the identified unsanitized path flow represent immediate risks that should be addressed.

Key Concerns

AJAX handlers without authentication checks
Flows with unsanitized paths
Presence of dangerous function: unserialize

Vulnerabilities

None known

InPost PL Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

InPost PL Code Analysis

Dangerous Functions

Raw SQL Queries

4 prepared

Unescaped Output

1198 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$shipment = unserialize( $from_order_meta_raw );src\InspireLabs\WoocommerceInpost\EasyPackBulkOrders.php:177

unserializereturn is_array( unserialize( $additional_packages ) ) ? unserialize( $additional_packages ) : arraysrc\InspireLabs\WoocommerceInpost\EasyPack_Helper.php:943

unserialize$shipment = unserialize( $from_order_meta_raw );src\InspireLabs\WoocommerceInpost\EasyPack_Helper.php:1038

unserialize$shipment = unserialize( $from_order_meta_raw );src\InspireLabs\WoocommerceInpost\EasyPack_Helper.php:1279

unserialize$from_order_meta = unserialize( $from_order_meta_raw );src\InspireLabs\WoocommerceInpost\shipx\services\shipment\ShipX_Shipment_Service.php:78

SQL Query Safety

100% prepared4 total queries

Output Escaping

94% escaped1279 total outputs

Data Flows

1 unsanitized

Data Flow Analysis

7 flows1 with unsanitized paths

dispatch_point (src\InspireLabs\WoocommerceInpost\EasyPack_AJAX.php:208)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

InPost PL Attack Surface

Entry Points10

Unprotected2

AJAX Handlers 8

authwp_ajax_inpost_product_tablesrc\InspireLabs\WoocommerceInpost\EasyPack.php:192

authwp_ajax_easypack_bulk_create_shipmentssrc\InspireLabs\WoocommerceInpost\EasyPackBulkOrders.php:60

authwp_ajax_easypacksrc\InspireLabs\WoocommerceInpost\EasyPack_AJAX.php:45

authwp_ajax_inpost_save_to_wc_sessionsrc\InspireLabs\WoocommerceInpost\EasyPack_AJAX.php:47

noprivwp_ajax_inpost_save_to_wc_sessionsrc\InspireLabs\WoocommerceInpost\EasyPack_AJAX.php:48

authwp_ajax_posting_confirmation_requestsrc\InspireLabs\WoocommerceInpost\EasyPack_AJAX.php:49

authwp_ajax_update_locker_from_typ_pagesrc\InspireLabs\WoocommerceInpost\EasyPack_AJAX.php:50

noprivwp_ajax_update_locker_from_typ_pagesrc\InspireLabs\WoocommerceInpost\EasyPack_AJAX.php:51

REST API Routes 1

GET/wp-json/inpost_pl/v1/order/updatesrc\InspireLabs\WoocommerceInpost\EasyPack_Webhook.php:46

Shortcodes 1

[fee] src\InspireLabs\WoocommerceInpost\shipping\EasyPack_Shippng_Parcel_Machines.php:1531

WordPress Hooks 81

actionwoocommerce_review_order_before_submitresources\templates\checkout\easypack-review-order-after-shipping.php:21

actionadmin_noticessrc\InspireLabs\WoocommerceInpost\admin\Alerts.php:84

filterwoocommerce_product_data_tabssrc\InspireLabs\WoocommerceInpost\admin\EasyPack_Product_Shipping_Method_Selector.php:43

actionwoocommerce_product_data_panelssrc\InspireLabs\WoocommerceInpost\admin\EasyPack_Product_Shipping_Method_Selector.php:44

actionwoocommerce_admin_process_product_objectsrc\InspireLabs\WoocommerceInpost\admin\EasyPack_Product_Shipping_Method_Selector.php:45

actionwoocommerce_product_options_shippingsrc\InspireLabs\WoocommerceInpost\admin\EasyPack_Product_Shipping_Method_Selector.php:46

filterwoocommerce_settings_tabs_arraysrc\InspireLabs\WoocommerceInpost\admin\EasyPack_Settings_General.php:41

actionwoocommerce_admin_field_manage_dispath_points_modulesrc\InspireLabs\WoocommerceInpost\admin\EasyPack_Settings_General.php:785

actionwoocommerce_admin_field_manage_inpost_pl_courier_templates_modulesrc\InspireLabs\WoocommerceInpost\admin\EasyPack_Settings_General.php:980

actionadmin_menusrc\InspireLabs\WoocommerceInpost\admin\EasyPack_Shipment_Manager.php:31

actioninitsrc\InspireLabs\WoocommerceInpost\admin\EasyPack_Shipment_Manager.php:32

actionplugins_loadedsrc\InspireLabs\WoocommerceInpost\EasyPack.php:114

actionbefore_woocommerce_initsrc\InspireLabs\WoocommerceInpost\EasyPack.php:115

actioninitsrc\InspireLabs\WoocommerceInpost\EasyPack.php:116

filterwoocommerce_package_ratessrc\InspireLabs\WoocommerceInpost\EasyPack.php:117

actionafter_setup_themesrc\InspireLabs\WoocommerceInpost\EasyPack.php:119

actionsend_tracking_numbers_emailsrc\InspireLabs\WoocommerceInpost\EasyPack.php:132

actionwoocommerce_checkout_processsrc\InspireLabs\WoocommerceInpost\EasyPack.php:134

actionwoocommerce_checkout_update_order_metasrc\InspireLabs\WoocommerceInpost\EasyPack.php:136

actionsend_shipment_automaticallysrc\InspireLabs\WoocommerceInpost\EasyPack.php:138

actionwoocommerce_payment_completesrc\InspireLabs\WoocommerceInpost\EasyPack.php:139

actionwoocommerce_order_status_changedsrc\InspireLabs\WoocommerceInpost\EasyPack.php:140

filterwoocommerce_order_item_get_formatted_meta_datasrc\InspireLabs\WoocommerceInpost\EasyPack.php:142

filterwoocommerce_get_settings_pagessrc\InspireLabs\WoocommerceInpost\EasyPack.php:178

actionadmin_enqueue_scriptssrc\InspireLabs\WoocommerceInpost\EasyPack.php:179

filterwoocommerce_order_item_display_meta_valuesrc\InspireLabs\WoocommerceInpost\EasyPack.php:181

actionwoocommerce_cart_item_removedsrc\InspireLabs\WoocommerceInpost\EasyPack.php:182

actionwoocommerce_add_to_cartsrc\InspireLabs\WoocommerceInpost\EasyPack.php:183

actionwoocommerce_after_cart_item_quantity_updatesrc\InspireLabs\WoocommerceInpost\EasyPack.php:184

actionwoocommerce_before_checkout_formsrc\InspireLabs\WoocommerceInpost\EasyPack.php:185

filterwoocommerce_locate_templatesrc\InspireLabs\WoocommerceInpost\EasyPack.php:186

actionwoocommerce_before_thankyousrc\InspireLabs\WoocommerceInpost\EasyPack.php:188

actionadmin_enqueue_scriptssrc\InspireLabs\WoocommerceInpost\EasyPack.php:191

actionadmin_menusrc\InspireLabs\WoocommerceInpost\EasyPack.php:194

actionwoocommerce_blocks_checkout_block_registrationsrc\InspireLabs\WoocommerceInpost\EasyPack.php:219

actionwp_enqueue_scriptssrc\InspireLabs\WoocommerceInpost\EasyPack.php:226

actionwoocommerce_store_api_checkout_update_order_from_requestsrc\InspireLabs\WoocommerceInpost\EasyPack.php:228

actionwp_enqueue_scriptssrc\InspireLabs\WoocommerceInpost\EasyPack.php:231

filterwoocommerce_shipping_methodssrc\InspireLabs\WoocommerceInpost\EasyPack.php:232

filterwoocommerce_shipping_packagessrc\InspireLabs\WoocommerceInpost\EasyPack.php:234

filterwoocommerce_package_ratessrc\InspireLabs\WoocommerceInpost\EasyPack.php:235

filterwoocommerce_get_order_item_totalssrc\InspireLabs\WoocommerceInpost\EasyPack.php:236

filterbulk_actions-edit-shop_ordersrc\InspireLabs\WoocommerceInpost\EasyPackBulkOrders.php:54

filterbulk_actions-woocommerce_page_wc-orderssrc\InspireLabs\WoocommerceInpost\EasyPackBulkOrders.php:55

actionadmin_enqueue_scriptssrc\InspireLabs\WoocommerceInpost\EasyPackBulkOrders.php:56

filtermanage_woocommerce_page_wc-orders_columnssrc\InspireLabs\WoocommerceInpost\EasyPackBulkOrders.php:57

filtermanage_edit-shop_order_columnssrc\InspireLabs\WoocommerceInpost\EasyPackBulkOrders.php:58

actionmanage_shop_order_posts_custom_columnsrc\InspireLabs\WoocommerceInpost\EasyPackBulkOrders.php:62

actionmanage_woocommerce_page_wc-orders_custom_columnsrc\InspireLabs\WoocommerceInpost\EasyPackBulkOrders.php:63

filterwoocommerce_coupon_discount_typessrc\InspireLabs\WoocommerceInpost\EasyPackCoupons.php:46

actionwoocommerce_coupon_options_savesrc\InspireLabs\WoocommerceInpost\EasyPackCoupons.php:48

actionwoocommerce_coupon_optionssrc\InspireLabs\WoocommerceInpost\EasyPackCoupons.php:49

actionadmin_enqueue_scriptssrc\InspireLabs\WoocommerceInpost\EasyPackCoupons.php:51

filterwoocommerce_package_ratessrc\InspireLabs\WoocommerceInpost\EasyPackCoupons.php:53

filterwoocommerce_coupon_discount_amount_htmlsrc\InspireLabs\WoocommerceInpost\EasyPackCoupons.php:55

actionadmin_headsrc\InspireLabs\WoocommerceInpost\EasyPack_AJAX.php:46

filterquery_varssrc\InspireLabs\WoocommerceInpost\EasyPack_Helper.php:33

actionwoocommerce_before_my_accountsrc\InspireLabs\WoocommerceInpost\EasyPack_Helper.php:35

filterwoocommerce_screen_idssrc\InspireLabs\WoocommerceInpost\EasyPack_Helper.php:36

actionwoocommerce_shipping_zone_method_addedsrc\InspireLabs\WoocommerceInpost\EasyPack_Helper.php:38

actionwoocommerce_shipping_zone_method_deletedsrc\InspireLabs\WoocommerceInpost\EasyPack_Helper.php:39

actionwoocommerce_shipping_zone_method_status_toggledsrc\InspireLabs\WoocommerceInpost\EasyPack_Helper.php:40

actionwp_headsrc\InspireLabs\WoocommerceInpost\EasyPack_Helper.php:567

actionrest_api_initsrc\InspireLabs\WoocommerceInpost\EasyPack_Webhook.php:33

actionwoocommerce_email_order_metasrc\InspireLabs\WoocommerceInpost\EmailFilters\NewOrderEmail.php:15

actionadmin_enqueue_scriptssrc\InspireLabs\WoocommerceInpost\Geowidget_v5.php:50

actionwp_enqueue_scriptssrc\InspireLabs\WoocommerceInpost\Geowidget_v5.php:51

actionadmin_footersrc\InspireLabs\WoocommerceInpost\Geowidget_v5.php:137

actionwoocommerce_after_checkout_validationsrc\InspireLabs\WoocommerceInpost\shipping\Easypack_checkout_validator.php:21

actionwoocommerce_checkout_initsrc\InspireLabs\WoocommerceInpost\shipping\Easypack_checkout_validator.php:22

actionwoocommerce_checkout_order_processedsrc\InspireLabs\WoocommerceInpost\shipping\Easypack_checkout_validator.php:23

actionwoocommerce_after_shipping_ratesrc\InspireLabs\WoocommerceInpost\shipping\Easypack_Shipping_Rates.php:18

actionwoocommerce_after_checkout_validationsrc\InspireLabs\WoocommerceInpost\shipping\EasyPack_Shippng_Parcel_Machines.php:129

actionadd_meta_boxessrc\InspireLabs\WoocommerceInpost\shipping\EasyPack_Shippng_Parcel_Machines.php:131

filterwoocommerce_cart_shipping_method_full_labelsrc\InspireLabs\WoocommerceInpost\shipping\EasyPack_Shippng_Parcel_Machines.php:133

filterwoocommerce_order_shipping_to_display_shipped_viasrc\InspireLabs\WoocommerceInpost\shipping\EasyPack_Shippng_Parcel_Machines.php:140

filterwoocommerce_my_account_my_orders_actionssrc\InspireLabs\WoocommerceInpost\shipping\EasyPack_Shippng_Parcel_Machines.php:147

filterwoocommerce_order_shipping_to_displaysrc\InspireLabs\WoocommerceInpost\shipping\EasyPack_Shippng_Parcel_Machines.php:154

actionwp_headsrc\InspireLabs\WoocommerceInpost\shipping\EasyPack_Shippng_Parcel_Machines.php:161

actionplugins_loadedwoocommerce-inpost.php:68

actionbefore_woocommerce_initwoocommerce-inpost.php:78

Scheduled Events 21

send_shipment_automatically

send_tracking_numbers_email

Maintenance & Trust

InPost PL Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 23, 2026

PHP min version7.2

Downloads281K

Community Trust

Rating76/100

Number of ratings12

Active installs10K

Alternatives

InPost PL Alternatives

Inpost International

inpost-international

100

InPost International is the official free InPost app for international delivery services.

100 No CVEs

Inpost Paczkomaty

inpost-paczkomaty

Umożliwia dodanie Paczkomaty Inpost jako forma dostawy produktów. Zawiera mapkę gdzie można wybrać paczkomat w którym chce się odebrać przesyłkę.

8K No CVEs

Apaczka: integracja z WooCommerce

apaczka-pl

100

Zarządzaj wysyłkami różnych kurierów w jednym miejscu

4K No CVEs

MultiParcels Shipping For WooCommerce

multiparcels-shipping-for-woocommerce

Easiest, fastest and the cheapest way to integrate couriers with all deliveries methods to send parcels with just a few button clicks.

4K 8 CVEs

BLPaczka

blpaczka

100

English below. BLPaczka to wtyczka WooCommerce integrująca z BLPaczka, oferująca szeroki wybór przewoźników i punktów nadawczych dla łatwego zarządzan …

400 No CVEs

Developer Profile

InPost PL Developer Profile

ilabs

7 plugins · 17K total installs

trust score

Avg Security Score

96/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect InPost PL

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/inpost-for-woocommerce/assets/css/easypack-admin.css/wp-content/plugins/inpost-for-woocommerce/assets/css/easypack-frontend.css/wp-content/plugins/inpost-for-woocommerce/assets/js/easypack-admin.js/wp-content/plugins/inpost-for-woocommerce/assets/js/easypack-checkout.js/wp-content/plugins/inpost-for-woocommerce/assets/js/easypack-frontend.js

Version Parameters

inpost-for-woocommerce/assets/css/easypack-admin.css?ver=inpost-for-woocommerce/assets/css/easypack-frontend.css?ver=inpost-for-woocommerce/assets/js/easypack-admin.js?ver=inpost-for-woocommerce/assets/js/easypack-checkout.js?ver=inpost-for-woocommerce/assets/js/easypack-frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes

easypack-checkout-wrapeasypack-shipping-locationseasypack-map-containereasypack-parcel-machine-listeasypack-parcel-machine-itemeasypack-shipping-method-optionseasypack-admin-settings-wrapeasypack-order-meta-box+5 more

HTML Comments

Data Attributes

data-easypack-map-optionsdata-easypack-selected-locationdata-inpost-api-keydata-order-iddata-shipment-id

JS Globals

easypack_varsEasyPackCheckout

REST Endpoints

/wp-json/easypack/v1/get-parcel-machines/wp-json/easypack/v1/create-shipment/wp-json/easypack/v1/get-shipment-status

Shortcode Output

[easypack_shipping_calculator][easypack_tracking_widget]

FAQ