Does Kargo Takip have any unpatched vulnerabilities?

No. All known vulnerabilities in Kargo Takip have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Kargo Takip compatible with WordPress 6.8.5?

According to WordPress.org data, Kargo Takip 0.2.4 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Kargo Takip compatible with PHP 7.1+?

Kargo Takip requires PHP 7.1 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Kargo Takip updated?

Kargo Takip was last updated on Feb 1, 2026. Frequent updates are generally a positive security signal.

What is Kargo Takip's security score?

Kargo Takip has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Kargo Takip Security & Risk Analysis

wordpress.org/plugins/kargo-takip-turkiye

WooCommerce siparişlerinize kargo takip bilgisi ekleyin ve müşterilerinize otomatik e-posta/SMS bildirimleri gönderin.

3K active installs v0.2.4 PHP 7.1+ WP 4.9+ Updated Feb 1, 2026

aras-kargokargokargo-takipyurt-ici-kargoyurtici-kargo

A · Safe

CVEs total1

Unpatched0

Last CVEMar 20, 2026

Download

Safety Verdict

Is Kargo Takip Safe to Use in 2026?

Generally Safe

Score 99/100

Kargo Takip has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Mar 20, 2026Updated 2mo ago

Risk Assessment

The "kargo-takip-turkiye" v0.2.4 plugin demonstrates a strong adherence to fundamental WordPress security practices, with a clean slate in terms of known vulnerabilities and CVEs. The static analysis reveals a well-protected attack surface, as all identified entry points (AJAX handlers and REST API routes) appear to have authentication and permission checks. Furthermore, the plugin utilizes prepared statements for all its SQL queries, which is a crucial defense against SQL injection. The presence of nonce checks and capability checks on all entry points further strengthens its security posture. However, a significant concern arises from the taint analysis, which identified three flows with unsanitized paths. While no critical or high-severity taint issues were reported, unsanitized paths can still lead to vulnerabilities if they are exploitable. The lack of vulnerability history is a positive sign, suggesting a history of secure development, but it does not negate the risks identified in the static analysis. Overall, the plugin has a good security foundation, but the unsanitized paths require immediate attention to mitigate potential risks.

Key Concerns

Unsanitized paths in taint analysis
Limited output escaping (84%)

Vulnerabilities

Kargo Takip Security Vulnerabilities

CVEs by Year

1 CVE in 2026

2026

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2026-25365medium · 4.3Missing Authorization

Kargo Takip < 0.2.4 - Missing Authorization

Mar 20, 2026 Patched in 0.2.4 (8d)

Code Analysis

Analyzed Mar 16, 2026

Kargo Takip Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

161 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

84% escaped191 total outputs

Data Flows

3 unsanitized

Data Flow Analysis

7 flows3 with unsanitized paths

kargoTR_ajax_email_preview (kargo-takip-email-settings.php:668)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Kargo Takip Attack Surface

Entry Points13

Unprotected0

AJAX Handlers 12

authwp_ajax_kargotr_add_custom_cargokargo-takip-cargo-settings.php:738

authwp_ajax_kargotr_toggle_cargo_statuskargo-takip-cargo-settings.php:804

authwp_ajax_kargotr_email_previewkargo-takip-email-settings.php:667

authwp_ajax_kargotr_send_test_emailkargo-takip-email-settings.php:696

authwp_ajax_kargotr_send_test_smskargo-takip-sms-settings.php:1031

authwp_ajax_kargotr_toggle_preset_mappingkargo-takip-status-mapping.php:1076

authwp_ajax_kargotr_add_status_mappingkargo-takip-status-mapping.php:1102

authwp_ajax_kargotr_toggle_status_mappingkargo-takip-status-mapping.php:1144

authwp_ajax_kargotr_remove_status_mappingkargo-takip-status-mapping.php:1170

authwp_ajax_kargotr_update_prevent_duplicatekargo-takip-status-mapping.php:1196

authwp_ajax_kargotr_resend_cargo_mailkargo-takip-turkiye.php:1033

authwp_ajax_kargotr_send_whatsappkargo-takip-whatsapp-settings.php:612

REST API Routes 1

post/wp-json/wc/v3/kargo_takipkargo-takip-wc-api-helper.php:9

WordPress Hooks 30

actionwp_enqueue_scriptskargo-takip-checkout-fields.php:11

filterwoocommerce_checkout_fieldskargo-takip-checkout-fields.php:34

filterwoocommerce_get_country_localekargo-takip-checkout-fields.php:116

filterwoocommerce_stateskargo-takip-checkout-fields.php:132

actionwoocommerce_checkout_processkargo-takip-checkout-fields.php:150

actionwoocommerce_admin_order_data_after_billing_addresskargo-takip-checkout-fields.php:176

actionwp_dashboard_setupkargo-takip-dashboard.php:3

filtermanage_edit-shop_order_columnskargo-takip-order-list.php:6

filtermanage_woocommerce_page_wc-orders_columnskargo-takip-order-list.php:8

actionmanage_shop_order_posts_custom_columnkargo-takip-order-list.php:44

actionmanage_woocommerce_page_wc-orders_custom_columnkargo-takip-order-list.php:46

actionquick_edit_custom_boxkargo-takip-order-list.php:94

actionadmin_footerkargo-takip-order-list.php:128

actionwoocommerce_order_status_changedkargo-takip-status-mapping.php:233

actionwoocommerce_order_status_changedkargo-takip-status-mapping.php:274

actionbefore_woocommerce_initkargo-takip-turkiye.php:17

actionadmin_initkargo-takip-turkiye.php:28

actionadmin_menukargo-takip-turkiye.php:79

actionadmin_initkargo-takip-turkiye.php:91

actioninitkargo-takip-turkiye.php:483

filterwc_order_statuseskargo-takip-turkiye.php:489

actionwoocommerce_admin_order_data_after_order_detailskargo-takip-turkiye.php:492

actionwoocommerce_process_shop_order_metakargo-takip-turkiye.php:734

actionadmin_headkargo-takip-turkiye.php:807

actionwoocommerce_after_order_detailskargo-takip-turkiye.php:854

filterwoocommerce_my_account_my_orders_actionskargo-takip-turkiye.php:855

actionorder_ship_mailkargo-takip-turkiye.php:1030

actionrest_api_initkargo-takip-wc-api-helper.php:8

actionorder_send_sms_kobikomkobikom-helper.php:73

actionorder_send_smsnetgsm-helper.php:386

Maintenance & Trust

Kargo Takip Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedFeb 1, 2026

PHP min version7.1

Downloads30K

Community Trust

Rating98/100

Number of ratings37

Active installs3K

Alternatives

Kargo Takip Alternatives

Kargo Takip

kargo-takip

100

Müşterilerinizin kargolarını takip etmesine olanak sağlayan bir kargo takip eklentisidir. Kargo takip eklentisi aras kargo, mng kargo , sürat kargo ve …

50 No CVEs

Kargom Nerede – Markalı Kargo Takip Sayfası, Sms, Mail

kargom-nerede-kargo-takip

Kargom Nerede - Markalı Kargo Takip Sayfası - Sms (Netgsm) - Mail WooCommerce > Siparişleriniz içerisinden "Kargom Nerede" bileşenine ka …

10 No CVEs

Cargo Tracking for WooCommerce

cargo-tracking-for-woocommerce

With the WooCommerce cargo tracking plugin, you can add as many cargo companies as you want, show cargo tracking links on the front and admin side, an …

400 No CVEs

Geliver Akıllı Kargo Pazaryeri

geliver-akilli-kargo-pazaryeri

100

Geliver, tüm kargo süreçlerinizi yöneten, indirimli fiyatlarla çalışan bulut tabanlı bir kargo pazaryeri sistemidir. Kargo firmaları ile anlaşma yapma …

300 No CVEs

shipmendo – Lite

wc-shipmendo-lite

shipmendo - Lite kullanarak siparişlerin kargo adımlarını müşterilerinizle paylaşın. Desteklenen kargo firmaları: - Aras Kargo, - MNG Kargo, - PTT Kar …

20 No CVEs

Developer Profile

Kargo Takip Developer Profile

Özgür KARALAR

1 plugin · 3K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

8 days

View full developer profile

Detection Fingerprints

How We Detect Kargo Takip

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/kargo-takip-turkiye/css/kargo-takip-turkiye.css/wp-content/plugins/kargo-takip-turkiye/js/kargo-takip-turkiye.js/wp-content/plugins/kargo-takip-turkiye/css/bootstrap.min.css/wp-content/plugins/kargo-takip-turkiye/css/kargo-takip-custom.css/wp-content/plugins/kargo-takip-turkiye/js/jquery-3.6.0.min.js/wp-content/plugins/kargo-takip-turkiye/js/bootstrap.min.js/wp-content/plugins/kargo-takip-turkiye/js/script.js

Script Paths

/wp-content/plugins/kargo-takip-turkiye/js/kargo-takip-turkiye.js/wp-content/plugins/kargo-takip-turkiye/js/jquery-3.6.0.min.js/wp-content/plugins/kargo-takip-turkiye/js/bootstrap.min.js/wp-content/plugins/kargo-takip-turkiye/js/script.js

Version Parameters

kargo-takip-turkiye/css/kargo-takip-turkiye.css?ver=kargo-takip-turkiye/js/kargo-takip-turkiye.js?ver=

HTML / DOM Fingerprints

CSS Classes

kargotr-general-settingskargotr-settings-containerkargotr-editor-panelkargotr-general-form

HTML Comments

HPOS (High-Performance Order Storage) Uyumluluk BildirimiOption ismi tutarsızlığını düzeltmek için migrasyonEski 'kargoTR_sms_template' option'ını yeni 'kargoTr_sms_template' option'ına taşırBu düzeltme, NetGSM Hata Kodu 20 (boş mesaj) sorununu çözer+17 more

Data Attributes

id="kargotr-general-form"

JS Globals

kargoTR_setting_pagekargoTR_register_admin_menukargoTR_register_settingskargoTR_setting_page

FAQ