Does Jeebly Shipment Delivery have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Jeebly Shipment Delivery compatible with WordPress 5.8.13?

According to WordPress.org data, Jeebly Shipment Delivery 1.0.3 has been tested up to WordPress 5.8.13. Check the plugin's changelog for the latest compatibility information.

Is Jeebly Shipment Delivery compatible with PHP 7.4+?

Jeebly Shipment Delivery requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Jeebly Shipment Delivery updated?

Jeebly Shipment Delivery was last updated on Aug 10, 2022. Frequent updates are generally a positive security signal.

What is Jeebly Shipment Delivery's security score?

Jeebly Shipment Delivery has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Jeebly Shipment Delivery Security & Risk Analysis

wordpress.org/plugins/jeebly-shipping

About Jeebly

20 active installs v1.0.3 PHP 7.4+ WP 4.7+ Updated Aug 10, 2022

ecommercejeeblyshipsy

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Jeebly Shipment Delivery Safe to Use in 2026?

Generally Safe

Score 85/100

Jeebly Shipment Delivery has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago

Risk Assessment

The "jeebly-shipping" v1.0.3 plugin exhibits a concerning security posture primarily due to its unprotected AJAX endpoints. While the plugin demonstrates strong practices in SQL query handling and output escaping, the presence of six AJAX handlers without any authentication or capability checks represents a significant attack surface. This means that any unauthenticated user could potentially interact with these endpoints, leading to unintended actions or information disclosure if vulnerabilities exist within these handlers. The taint analysis, while not revealing critical or high severity issues, did identify two flows with unsanitized paths, which, in conjunction with the unprotected AJAX endpoints, could form a basis for certain types of attacks.

The plugin's vulnerability history is clean, with no known CVEs. This is a positive indicator, suggesting that developers may be attentive to security or that the plugin has not been a target for widespread exploitation. However, the lack of historical vulnerabilities does not negate the immediate risks presented by the current code analysis. The absence of nonce checks on the AJAX handlers is a significant oversight that increases the likelihood of Cross-Site Request Forgery (CSRF) attacks. The use of bundled libraries like DataTables, while not inherently a risk, could become one if that library is outdated and contains known vulnerabilities, though no specific information is provided to confirm this.

In conclusion, "jeebly-shipping" v1.0.3 has commendable aspects like secure SQL usage and output sanitization. However, the numerous unprotected AJAX endpoints and lack of nonce checks are critical security weaknesses that require immediate attention. These vulnerabilities expose the plugin to potential unauthorized access and manipulation. While the clean vulnerability history is encouraging, it should not breed complacency, as the current code analysis reveals significant areas of concern that could be exploited.

Key Concerns

AJAX handlers without auth checks
Missing nonce checks on AJAX
Flows with unsanitized paths
Bundled library (potential risk)

Vulnerabilities

None known

Jeebly Shipment Delivery Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Jeebly Shipment Delivery Release Timeline

v1.0.3Current

v1.0.1

v1.0.0

Code Analysis

Analyzed Apr 16, 2026

Jeebly Shipment Delivery Code Analysis

Dangerous Functions

Raw SQL Queries

18 prepared

Unescaped Output

303 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

DataTables

SQL Query Safety

100% prepared18 total queries

Output Escaping

100% escaped303 total outputs

Data Flows · Security

2 unsanitized

Data Flow Analysis

5 flows2 with unsanitized paths

shipsy_config_submit (admin/class-shipsy-econnect-admin.php:233)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

6 unprotected

Jeebly Shipment Delivery Attack Surface

Entry Points6

Unprotected6

AJAX Handlers 6

authwp_ajax_shipsy_get_endpoint_urlincludes/class-shipsy-econnect.php:162

authwp_ajax_shipsy_get_all_addressesincludes/class-shipsy-econnect.php:163

authwp_ajax_shipsy_get_shipping_addressincludes/class-shipsy-econnect.php:164

authwp_ajax_on_sync_submitincludes/class-shipsy-econnect.php:165

authwp_ajax_sync_resultincludes/class-shipsy-econnect.php:166

authwp_ajax_shipsy_download_labelincludes/class-shipsy-econnect.php:167

WordPress Hooks 16

actionplugins_loadedincludes/class-shipsy-econnect.php:141

actionadmin_enqueue_scriptsincludes/class-shipsy-econnect.php:156

actionadmin_enqueue_scriptsincludes/class-shipsy-econnect.php:157

actionadmin_menuincludes/class-shipsy-econnect.php:159

actionadmin_post_on_config_submitincludes/class-shipsy-econnect.php:169

actionadmin_post_on_setup_submitincludes/class-shipsy-econnect.php:170

actionadmin_headincludes/class-shipsy-econnect.php:172

filterwoocommerce_admin_order_actionsincludes/class-shipsy-econnect.php:173

filterbulk_actions-edit-shop_orderincludes/class-shipsy-econnect.php:175

filterhandle_bulk_actions-edit-shop_orderincludes/class-shipsy-econnect.php:176

filtermanage_edit-shop_order_columnsincludes/class-shipsy-econnect.php:177

actionmanage_shop_order_posts_custom_columnincludes/class-shipsy-econnect.php:178

actionadmin_noticesincludes/class-shipsy-econnect.php:179

actionwp_enqueue_scriptsincludes/class-shipsy-econnect.php:194

actionwp_enqueue_scriptsincludes/class-shipsy-econnect.php:195

actionwoocommerce_view_orderincludes/class-shipsy-econnect.php:196

Maintenance & Trust

Jeebly Shipment Delivery Maintenance & Trust

Maintenance Signals

WordPress version tested5.8.13

Last updatedAug 10, 2022

PHP min version7.4

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs20

Alternatives

Jeebly Shipment Delivery Alternatives

DTDC Econnect Plugin

dtdc-econnect

\"Bigger, Better, & Brighter Range of DTDC Express and E-commerce Based Business for your wider range of shipment.

300 No CVEs

Zajel Shipment Delivery

zajel-shipment-delivery

Zajel connects your store to help you with, syncing orders to Zajel application, print AWB labels and track your packages.

10 No CVEs

WooCommerce

woocommerce

Everything you need to launch an online store in days and keep it growing for years. From your first sale to millions in revenue, Woo is with you.

7.0M 43 CVEs

Popup Builder & Popup Maker for WordPress – OptinMonster Email Marketing and Lead Generation

optinmonster

🤩 Make popups & optin forms to get more email newsletter subscribers, leads, and sales - #1 most popular popup builder plugin! 🚀

1.0M 6 CVEs

WooCommerce PayPal Payments

woocommerce-paypal-payments

100

PayPal's latest payment processing solution. Accept PayPal, Pay Later, credit/debit cards, alternative digital wallets and bank accounts.

800K 1 CVE

Developer Profile

Jeebly Shipment Delivery Developer Profile

jeeblyllc

2 plugins · 60 total installs

trust score

Avg Security Score

93/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Jeebly Shipment Delivery

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/jeebly-shipping/assets/css/bootstrap.min.css/wp-content/plugins/jeebly-shipping/assets/css/jquery.dataTables.min.css/wp-content/plugins/jeebly-shipping/assets/css/sweetalert.css/wp-content/plugins/jeebly-shipping/admin/css/ec-ui-style.css/wp-content/plugins/jeebly-shipping/admin/css/ec-overlay-style.css/wp-content/plugins/jeebly-shipping/admin/css/ec-config-style.css/wp-content/plugins/jeebly-shipping/assets/js/bootstrap.min.js/wp-content/plugins/jeebly-shipping/assets/js/jquery.dataTables.min.js+4 more

Script Paths

assets/js/bootstrap.min.jsassets/js/jquery.dataTables.min.jsassets/js/jquery.validate.min.jsassets/js/sweetalert.jsassets/js/libphonenumber-js.max.jsadmin/js/shipsy-econnect-admin.js

Version Parameters

jeebly-shipping/assets/css/bootstrap.min.css?ver=jeebly-shipping/assets/css/jquery.dataTables.min.css?ver=jeebly-shipping/assets/css/sweetalert.css?ver=jeebly-shipping/admin/css/ec-ui-style.css?ver=jeebly-shipping/admin/css/ec-overlay-style.css?ver=jeebly-shipping/admin/css/ec-config-style.css?ver=jeebly-shipping/assets/js/bootstrap.min.js?ver=jeebly-shipping/assets/js/jquery.dataTables.min.js?ver=jeebly-shipping/assets/js/jquery.validate.min.js?ver=jeebly-shipping/assets/js/sweetalert.js?ver=jeebly-shipping/assets/js/libphonenumber-js.max.js?ver=jeebly-shipping/admin/js/shipsy-econnect-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

shipsy-configurationshipsy-setupshipsy-vseriessync-formmanage-formshipsy-sync-resultec-bootstrapec-datatable+4 more

Data Attributes

data-nonce

JS Globals

localized_data

FAQ