WP-Safety

Kargom Nerede – Markalı Kargo Takip Sayfası, Sms, Mail Security & Risk Analysis

wordpress.org/plugins/kargom-nerede-kargo-takip

Kargom Nerede - Markalı Kargo Takip Sayfası - Sms (Netgsm) - Mail WooCommerce > Siparişleriniz içerisinden "Kargom Nerede" bileşenine ka …

10 active installs v1.0.0 PHP 7.1+ WP 4.9+ Updated Nov 25, 2022
aras-kargokargokargo-takipkargom-neredeyurtici-kargo
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Kargom Nerede – Markalı Kargo Takip Sayfası, Sms, Mail Safe to Use in 2026?

Generally Safe

Score 85/100

Kargom Nerede – Markalı Kargo Takip Sayfası, Sms, Mail has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago
Risk Assessment

The 'kargom-nerede-kargo-takip' plugin v1.0.0 exhibits a generally good security posture, with no known historical vulnerabilities or critical findings in the static analysis. The plugin demonstrates adherence to good practices by utilizing prepared statements for all SQL queries and properly escaping the vast majority of its output. The absence of critical or high severity taint flows is also a positive indicator. The plugin utilizes nonce checks for its AJAX handlers, which is a fundamental security control. However, a notable concern is the presence of two 'flows with unsanitized paths' identified in the taint analysis, even though they were not classified as critical or high severity. These represent potential pathways for unexpected data manipulation or injection if not handled carefully by the application logic. Additionally, the plugin relies on the bundled Select2 library, and while not flagged as an issue in this analysis, the security of bundled libraries can change over time, and they may become outdated if not actively maintained.

Key Concerns

  • Unsanitized paths in taint analysis (2 flows)
  • Bundled library (Select2)
Vulnerabilities
None known

Kargom Nerede – Markalı Kargo Takip Sayfası, Sms, Mail Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Kargom Nerede – Markalı Kargo Takip Sayfası, Sms, Mail Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
5
113 escaped
Nonce Checks
4
Capability Checks
0
File Operations
0
External Requests
5
Bundled Libraries
1

Bundled Libraries

Select2

Output Escaping

96% escaped118 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

4 flows2 with unsanitized paths
wck_ajax_save_meta_box (class-wc-kargomnerede.php:702)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Kargom Nerede – Markalı Kargo Takip Sayfası, Sms, Mail Attack Surface

Entry Points5
Unprotected0

AJAX Handlers 4

authwp_ajax_wck_tracking_save_formclass-wc-kargomnerede.php:189
authwp_ajax_wck_tracking_delete_itemclass-wc-kargomnerede.php:191
authwp_ajax_wck_ajax_reqclass-wc-kargomnerede.php:193
noprivwp_ajax_wck_ajax_reqclass-wc-kargomnerede.php:195

Shortcodes 1

[kargomNerede_tracking] class-wc-kargomnerede.php:185
WordPress Hooks 13
actionwp_enqueue_scriptsclass-wc-kargomnerede.php:181
actionadmin_print_scriptsclass-wc-kargomnerede.php:183
actionadd_meta_boxesclass-wc-kargomnerede.php:187
filtersanitize_post_meta_tracking_numberclass-wc-kargomnerede.php:197
filtersanitize_post_meta_order_idclass-wc-kargomnerede.php:199
filtersanitize_post_meta_ajax_handlerclass-wc-kargomnerede.php:201
filtersanitize_post_meta_tracking_providerclass-wc-kargomnerede.php:203
filtersanitize_post_meta_tracking_provider_nameclass-wc-kargomnerede.php:205
filtersanitize_post_meta_OrderNumberclass-wc-kargomnerede.php:207
actionadmin_noticesclass-wc-kargomnerede.php:1190
actionplugins_loadedclass-wc-kargomnerede.php:1203
actionadmin_enqueue_scriptsincludes\class-kargomneredekargotakipadminmenu.php:33
actionadmin_menuincludes\class-kargomneredekargotakipadminmenu.php:36
Maintenance & Trust

Kargom Nerede – Markalı Kargo Takip Sayfası, Sms, Mail Maintenance & Trust

Maintenance Signals

WordPress version tested6.0.11
Last updatedNov 25, 2022
PHP min version7.1
Downloads1K

Community Trust

Rating100/100
Number of ratings1
Active installs10
Alternatives

Kargom Nerede – Markalı Kargo Takip Sayfası, Sms, Mail Alternatives

Kargo Takip

Kargo Takip

kargo-takip-turkiye

A
99

WooCommerce siparişlerinize kargo takip bilgisi ekleyin ve müşterilerinize otomatik e-posta/SMS bildirimleri gönderin.

3K 1 CVE
Kargo Takip

Kargo Takip

kargo-takip

A
100

Müşterilerinizin kargolarını takip etmesine olanak sağlayan bir kargo takip eklentisidir. Kargo takip eklentisi aras kargo, mng kargo , sürat kargo ve …

50 No CVEs
Cargo Tracking for WooCommerce

Cargo Tracking for WooCommerce

cargo-tracking-for-woocommerce

A
85

With the WooCommerce cargo tracking plugin, you can add as many cargo companies as you want, show cargo tracking links on the front and admin side, an …

400 No CVEs
Geliver Akıllı Kargo Pazaryeri

Geliver Akıllı Kargo Pazaryeri

geliver-akilli-kargo-pazaryeri

A
100

Geliver, tüm kargo süreçlerinizi yöneten, indirimli fiyatlarla çalışan bulut tabanlı bir kargo pazaryeri sistemidir. Kargo firmaları ile anlaşma yapma …

300 No CVEs
shipmendo – Lite

shipmendo – Lite

wc-shipmendo-lite

A
85

shipmendo - Lite kullanarak siparişlerin kargo adımlarını müşterilerinizle paylaşın. Desteklenen kargo firmaları: - Aras Kargo, - MNG Kargo, - PTT Kar …

20 No CVEs
Developer Profile

Kargom Nerede – Markalı Kargo Takip Sayfası, Sms, Mail Developer Profile

kodmaden

1 plugin · 10 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Kargom Nerede – Markalı Kargo Takip Sayfası, Sms, Mail

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/kargom-nerede-kargo-takip/assets/css/kargomnerede.css/wp-content/plugins/kargom-nerede-kargo-takip/assets/js/kargomnerede.js/wp-content/plugins/kargom-nerede-kargo-takip/assets/css/tracking-style.css/wp-content/plugins/kargom-nerede-kargo-takip/assets/js/tracking-script.js/wp-content/plugins/kargom-nerede-kargo-takip/assets/js/admin.js
Script Paths
/wp-content/plugins/kargom-nerede-kargo-takip/assets/js/kargomnerede.js/wp-content/plugins/kargom-nerede-kargo-takip/assets/js/tracking-script.js/wp-content/plugins/kargom-nerede-kargo-takip/assets/js/admin.js
Version Parameters
kargom-nerede-kargo-takip/assets/css/kargomnerede.css?ver=kargom-nerede-kargo-takip/assets/js/kargomnerede.js?ver=kargom-nerede-kargo-takip/assets/css/tracking-style.css?ver=kargom-nerede-kargo-takip/assets/js/tracking-script.js?ver=kargom-nerede-kargo-takip/assets/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
wck-tracking-formwck-tracking-resultwck-tracking-infowck-admin-section
HTML Comments
<!-- KargomNerede Tracking Form Start --><!-- KargomNerede Tracking Form End --><!-- KargomNerede Tracking Result Start --><!-- KargomNerede Tracking Result End -->+2 more
Data Attributes
data-tracking-noncedata-ajax-handlerdata-wck-ajax-req
JS Globals
WCK_AJAX_URLwck_admin_obj
REST Endpoints
/wp-json/wck/v1/tracking
Shortcode Output
[kargomNerede_tracking]
FAQ

Frequently Asked Questions about Kargom Nerede – Markalı Kargo Takip Sayfası, Sms, Mail