Does JD Web & Ship have any unpatched vulnerabilities?

No. All known vulnerabilities in JD Web & Ship have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is JD Web & Ship compatible with WordPress 6.9.4?

According to WordPress.org data, JD Web & Ship 1.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is JD Web & Ship compatible with PHP 7.4+?

JD Web & Ship requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is JD Web & Ship updated?

JD Web & Ship was last updated on Feb 17, 2026. Frequent updates are generally a positive security signal.

What is JD Web & Ship's security score?

JD Web & Ship has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

JD Web & Ship Security & Risk Analysis

wordpress.org/plugins/jd-web-and-ship

Seamlessly integrate JD Web & Ship logistics with WooCommerce for automated order processing and shipment tracking in India.

10 active installs v1.0 PHP 7.4+ WP 5.8+ Updated Feb 17, 2026

india-shippinglogisticsorder-fulfillmentshippingwoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is JD Web & Ship Safe to Use in 2026?

Generally Safe

Score 100/100

JD Web & Ship has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The 'jd-web-and-ship' plugin v1.0 demonstrates a generally strong security posture. The static analysis reveals a low attack surface with no unprotected entry points, indicating good practices in handling AJAX and REST API requests. The plugin also excels in code safety, with a high percentage of SQL queries using prepared statements and almost all output being properly escaped. The absence of file operations and the presence of nonce and capability checks further bolster its defenses. Furthermore, the lack of any recorded vulnerabilities in its history suggests a well-maintained and secure codebase.

While the static analysis did not reveal any critical or high severity taint flows, and the plugin has no known CVEs, it's important to note the presence of external HTTP requests. Although not inherently a vulnerability, these requests can sometimes be a vector for supply chain attacks or credential exposure if not handled with extreme care. The limited data on taint flows (3 analyzed) means it's possible for undetected issues to exist.

Overall, 'jd-web-and-ship' v1.0 appears to be a secure plugin with robust security implementation. The key strengths lie in its protected entry points, secure database interactions, and proper output handling. The lack of historical vulnerabilities further reinforces this positive assessment. The minor concern regarding external HTTP requests should be monitored, but given the overall strong implementation, the risk is currently assessed as low.

Vulnerabilities

None known

JD Web & Ship Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

JD Web & Ship Code Analysis

Dangerous Functions

Raw SQL Queries

8 prepared

Unescaped Output

101 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

89% prepared9 total queries

Output Escaping

99% escaped102 total outputs

Data Flows

All sanitized

Data Flow Analysis

3 flows

jdws_handle_bulk_send (admin\class-jdws-admin-order.php:352)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

JD Web & Ship Attack Surface

Entry Points3

Unprotected0

AJAX Handlers 2

authwp_ajax_jdws_start_order_sendincludes\class-jdws-order-sync.php:10

authwp_ajax_jdws_start_selected_sendincludes\class-jdws-order-sync.php:11

REST API Routes 1

POST/wp-json/jd/v1/order-status-update-jdincludes\class-jdws-order-webhook.php:13

WordPress Hooks 31

actionadmin_menuadmin\class-jdws-admin-menu.php:9

actionadmin_post_jdws_order_manual_syncadmin\class-jdws-admin-order.php:10

actionadmin_post_jdws_order_retryadmin\class-jdws-admin-order.php:11

actionadmin_post_jdws_bulk_send_ordersadmin\class-jdws-admin-order.php:12

filtermanage_woocommerce_page_wc-orders_columnsadmin\class-jdws-admin-order.php:14

actionmanage_woocommerce_page_wc-orders_custom_columnadmin\class-jdws-admin-order.php:15

actionadmin_post_jdws_order_send_singleadmin\class-jdws-admin-order.php:16

actionadmin_noticesadmin\class-jdws-admin-order.php:17

actionadmin_post_jdws_reset_authadmin\class-jdws-admin-settings.php:10

actioninitincludes\class-jdws-logger.php:141

actioninitincludes\class-jdws-logger.php:150

actionjdws_cleanup_sync_logs_dailyincludes\class-jdws-logger.php:158

actionwoocommerce_order_details_after_order_tableincludes\class-jdws-myaccount.php:8

actionwoocommerce_order_status_processingincludes\class-jdws-order-sync.php:13

actionjdws_send_pending_ordersincludes\class-jdws-order-sync.php:15

actionwoocommerce_order_status_cancelledincludes\class-jdws-order-sync.php:17

actionrest_api_initincludes\class-jdws-order-webhook.php:8

actionadmin_noticesincludes\class-jdws-settings.php:36

actionadmin_noticesincludes\class-jdws-settings.php:69

actionadmin_noticesincludes\class-jdws-settings.php:119

actionadmin_noticesincludes\class-jdws-settings.php:154

actionadmin_noticesincludes\class-jdws-settings.php:189

actionbefore_woocommerce_initjd-web-and-ship.php:51

actiondeactivated_pluginjd-web-and-ship.php:63

actionadmin_noticesjd-web-and-ship.php:70

actionplugins_loadedjd-web-and-ship.php:76

actionadmin_noticesjd-web-and-ship.php:80

actioninitjd-web-and-ship.php:112

actionwoocommerce_initjd-web-and-ship.php:136

actionadmin_enqueue_scriptsjd-web-and-ship.php:145

filterwoocommerce_checkout_fieldsjd-web-and-ship.php:172

Scheduled Events 2

jdws_cleanup_sync_logs_daily

jdws_send_pending_orders

Maintenance & Trust

JD Web & Ship Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 17, 2026

PHP min version7.4

Downloads147

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

JD Web & Ship Alternatives

Shiprocket

shiprocket

Auto Sync your Woocommerce store orders & ship them at lowest shipping rates. Automate your shipping, save time & money.

10K 1 unpatched

Redx for WooCommerce

redx-for-woocommerce

The "Redx for WooCommerce" plugin integrates Redx logistics services into your WooCommerce store. Seamlessly track your orders, manage shipm …

100 No CVEs

OTO – Shipping Gateway

oto-shipping-gateway

100

Ship, manage, track, and return your orders with trusted shipping carriers across MENA and Turkey! Privacy Policy: https://tryoto.com/privacy-policy/

80 No CVEs

Aramex Logistics

aramex-logistics

100

Seamlessly integrate Aramex Logistics with your WooCommerce store for efficient order management, inventory tracking, and shipping operations.

50 No CVEs

EnviFast Shipping

envifast-shipping

Este plugin te ayudará con la gestión de envíos en tu tienda en linea

10 No CVEs

Developer Profile

JD Web & Ship Developer Profile

coderkube

1 plugin · 10 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect JD Web & Ship

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/jd-web-and-ship/admin/js/order-sync.js

Script Paths

wp-content/plugins/jd-web-and-ship/admin/js/order-sync.js

Version Parameters

jd-web-and-ship/admin/js/order-sync.js?ver=

HTML / DOM Fingerprints

Data Attributes

nonce="jdws_order_sync_nonce"id="jdws-order-sync"

JS Globals

jdwsOrderSync

REST Endpoints

/wp-json/jd/v1/order-status-update-jd

FAQ