WP-Safety

LTL Freight Quotes – Daylight Edition Security & Risk Analysis

wordpress.org/plugins/ltl-freight-quotes-daylight-edition

Real-time LTL freight quotes from Daylight. Fifteen day free trial.

0 active installs v2.2.10 PHP + WP 6.4+ Updated Jan 13, 2026
daylightenitureltl-freight-quotesltl-freight-ratesshipping-estimates
97
A · Safe
CVEs total2
Unpatched0
Last CVESep 3, 2025
Plugin page Download
Safety Verdict

Is LTL Freight Quotes – Daylight Edition Safe to Use in 2026?

Generally Safe

Score 97/100

LTL Freight Quotes – Daylight Edition has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Sep 3, 2025Updated 2mo ago
Risk Assessment

The "ltl-freight-quotes-daylight-edition" v2.2.10 plugin exhibits a mixed security posture. While it demonstrates good practices in avoiding dangerous functions and file operations, and generally utilizes prepared statements for SQL and proper output escaping, there are significant areas of concern.

The static analysis reveals a notable attack surface with 12 entry points, three of which lack proper authentication or permission checks. This is particularly worrying given the taint analysis identified one high-severity flow with unsanitized paths, suggesting a potential for vulnerabilities. The presence of external HTTP requests also warrants careful review to ensure they are not exposed to manipulation.

The vulnerability history indicates a past susceptibility to critical issues like Deserialization of Untrusted Data and Cross-site Scripting. Although no currently unpatched CVEs are listed, the pattern of past high-severity vulnerabilities suggests a history of exploitable flaws. The plugin's strengths lie in its avoidance of dangerous functions and a decent percentage of properly escaped outputs and prepared SQL statements, but these are overshadowed by the lack of robust protection on several entry points and the historical vulnerability profile.

Key Concerns

  • AJAX handlers without auth checks
  • REST API routes without permission callbacks
  • High severity taint flow with unsanitized paths
  • SQL queries with prepared statements at 55%
  • Output escaping properly at 56%
  • Known past high severity vulnerability
  • Known past medium severity vulnerability
Vulnerabilities
2

LTL Freight Quotes – Daylight Edition Security Vulnerabilities

CVEs by Year

2 CVEs in 2025
2025
Patched Has unpatched

Severity Breakdown

High
1
Medium
1

2 total CVEs

CVE-2025-58643medium · 6.6Deserialization of Untrusted Data

LTL Freight Quotes – Daylight Edition <= 2.2.7 - Authenticated (Administrator+) PHP Object Injection

Sep 3, 2025 Patched in 2.2.8 (9d)
CVE-2025-5303high · 7.2Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

LTL Freight Quotes – Freightview Edition <= 1.0.11, LTL Freight Quotes – Daylight Edition <=2.2.6 and LTL Freight Quotes – Day & Ross Edition <= 2.1.10 - Unauthenticated Stored Cross-Site Scripting via `expiry_date` Parameter

Jun 6, 2025 Patched in 2.2.7 (1d)
Code Analysis
Analyzed Mar 17, 2026

LTL Freight Quotes – Daylight Edition Code Analysis

Dangerous Functions
0
Raw SQL Queries
10
12 prepared
Unescaped Output
63
81 escaped
Nonce Checks
6
Capability Checks
14
File Operations
0
External Requests
2
Bundled Libraries
0

SQL Query Safety

55% prepared22 total queries

Output Escaping

56% escaped144 total outputs
Data Flows
3 unsanitized

Data Flow Analysis

4 flows3 with unsanitized paths
save (admin\tab\en-tab.php:154)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
3 unprotected

LTL Freight Quotes – Daylight Edition Attack Surface

Entry Points12
Unprotected3

AJAX Handlers 11

noprivwp_ajax_en_daylight_admin_order_quotesadmin\order\en-order-rates.php:25
authwp_ajax_en_daylight_admin_order_quotesadmin\order\en-order-rates.php:26
noprivwp_ajax_en_daylight_test_connectionadmin\tab\connection-settings\en-connection-ajax.php:26
authwp_ajax_en_daylight_test_connectionadmin\tab\connection-settings\en-connection-ajax.php:27
authwp_ajax_en_daylight_location_save_form_dataadmin\tab\location\includes\en-location-ajax.php:17
authwp_ajax_en_daylight_get_locationadmin\tab\location\includes\en-location-ajax.php:18
authwp_ajax_en_daylight_location_delete_rowadmin\tab\location\includes\en-location-ajax.php:19
authwp_ajax_en_daylight_wd_bulk_delete_locationsadmin\tab\location\includes\en-location-ajax.php:20
authwp_ajax_en_daylight_get_current_plancommon\en-plans.php:30
noprivwp_ajax_daylight_fden-install.php:582
authwp_ajax_daylight_fden-install.php:583

REST API Routes 1

POST/wp-json/fdo-company-id/update-statusen-install.php:630
WordPress Hooks 55
actionadmin_print_scriptsadmin\order\en-order-script.php:24
actionwoocommerce_order_actionsadmin\order\en-order-widget.php:25
actionwoocommerce_product_options_shippingadmin\product\en-product-detail.php:33
actionwoocommerce_process_product_metaadmin\product\en-product-detail.php:34
actionwoocommerce_product_after_variable_attributesadmin\product\en-product-detail.php:37
actionwoocommerce_save_product_variationadmin\product\en-product-detail.php:38
filterEn_Plugins_dropship_filteradmin\product\en-product-detail.php:41
filterEn_Plugins_variable_freight_classification_filteradmin\product\en-product-detail.php:42
filteren_daylight_reason_quotes_not_returnedadmin\tab\connection-settings\en-connection-settings.php:67
filterwoocommerce_settings_tabs_arrayadmin\tab\en-tab.php:21
filterwoocommerce_product_export_product_column_en_nicknamecommon\en-csv.php:11
filterwoocommerce_product_export_product_column_en_citycommon\en-csv.php:12
filterwoocommerce_product_export_product_column_en_statecommon\en-csv.php:13
filterwoocommerce_product_export_product_column_en_zipcommon\en-csv.php:14
filterwoocommerce_product_export_product_column_en_countrycommon\en-csv.php:15
filterwoocommerce_product_export_product_column_en_product_freight_classcommon\en-csv.php:18
filterwoocommerce_product_export_product_column_en_product_freight_class_variationcommon\en-csv.php:19
filterwoocommerce_product_export_column_namescommon\en-csv.php:22
filterwoocommerce_product_export_product_default_columnscommon\en-csv.php:23
actionadmin_noticescommon\en-guard.php:42
actionwoocommerce_loadedcommon\en-guard.php:111
filteren_register_activation_hookcommon\en-plans.php:25
filterdaylight_plans_notification_linkcommon\en-plans.php:27
filterdaylight_plans_suscription_and_featurescommon\en-plans.php:28
filteren_register_activation_hookdb\en-warehouse.php:25
actioniniten-install.php:31
actionadmin_enqueue_scriptsen-install.php:93
actionwp_enqueue_scriptsen-install.php:109
filterwoocommerce_get_settings_pagesen-install.php:128
filterplugin_action_linksen-install.php:156
actionadmin_print_scriptsen-install.php:174
filterwoocommerce_shipping_methodsen-install.php:216
filterwoocommerce_cart_no_shipping_available_htmlen-install.php:232
filteren_app_common_plan_statusen-install.php:259
filterwoocommerce_package_ratesen-install.php:332
filteren_shipping_applicationsen-install.php:347
filteradmin_noticesen-install.php:368
actionwoocommerce_proceed_to_checkouten-install.php:392
filterwoocommerce_cart_no_shipping_available_htmlen-install.php:405
filterwoocommerce_product_importer_parsed_dataen-install.php:502
filteren_pluginsen-install.php:564
actionrest_api_initen-install.php:627
actionbefore_woocommerce_initltl-freight-quotes-daylight-edition.php:21
actionadmin_initltl-freight-quotes-daylight-edition.php:45
filteren_suppress_parcel_rates_hookltl-freight-quotes-daylight-edition.php:48
filteren_register_activation_hookserver\common\en-create-ltl-class.php:25
actionwoocommerce_thankyouserver\common\en-order-export.php:22
actioninitserver\common\en-order-export.php:23
actionen_async_orders_exporting_processserver\common\en-order-export.php:24
filtercron_schedulesserver\common\en-order-export.php:25
actionwoocommerce_shipping_initserver\en-shipping-rates.php:21
filteren_package_converterserver\en-shipping-rates.php:113
filteren_eniture_shipmentserver\en-shipping-rates.php:144
filteren_daylight_reason_quotes_not_returnedserver\package\en-package.php:259
filteren_fdo_image_urls_mergeserver\package\en-package.php:313

Scheduled Events 1

en_async_orders_exporting_process
Maintenance & Trust

LTL Freight Quotes – Daylight Edition Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 13, 2026
PHP min version
Downloads2K

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

LTL Freight Quotes – Daylight Edition Alternatives

LTL Freight Quotes – FreightQuote Edition

LTL Freight Quotes – FreightQuote Edition

ltl-freight-quotes-freightquote-edition

A
98

Real-time LTL freight quotes from FreightQuote. Fifteen day free trial.

70 2 CVEs
LTL Freight Quotes – XPO Edition

LTL Freight Quotes – XPO Edition

ltl-freight-quotes-xpo-edition

A
98

Real-time LTL freight quotes from XPO Logistics. Fifteen day free trial.

60 1 CVE
LTL Freight Quotes – Unishippers Edition

LTL Freight Quotes – Unishippers Edition

ltl-freight-quotes-unishippers-edition

A
97

Real-time Unishippers freight quotes from Unishippers. Fifteen day free trial.

50 3 CVEs
LTL Freight Quotes – Estes Edition

LTL Freight Quotes – Estes Edition

ltl-freight-quotes-estes-edition

A
98

Real-time LTL freight quotes from Estes. Fifteen day free trial.

30 1 CVE
LTL Freight Quotes – GlobalTranz Edition

LTL Freight Quotes – GlobalTranz Edition

ltl-freight-quotes-globaltranz-edition

A
98

Real-time LTL freight quotes from GlobalTranz. Fifteen day free trial.

30 2 CVEs
Developer Profile

LTL Freight Quotes – Daylight Edition Developer Profile

enituretechnology

29 plugins · 1K total installs

93
trust score
Avg Security Score
98/100
Avg Patch Time
11 days
View full developer profile
Detection Fingerprints

How We Detect LTL Freight Quotes – Daylight Edition

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/ltl-freight-quotes-daylight-edition/admin/tab/logs/en-json-tree-view/en-jtv-style.css/wp-content/plugins/ltl-freight-quotes-daylight-edition/admin/tab/logs/en-json-tree-view/en-jtv-script.js/wp-content/plugins/ltl-freight-quotes-daylight-edition/admin/tab/location/assets/js/en-daylight-tagging.js/wp-content/plugins/ltl-freight-quotes-daylight-edition/admin/assets/en-daylight-admin.js/wp-content/plugins/ltl-freight-quotes-daylight-edition/admin/tab/location/assets/js/en-daylight-location.js/wp-content/plugins/ltl-freight-quotes-daylight-edition/admin/tab/location/assets/css/en-daylight-location.css/wp-content/plugins/ltl-freight-quotes-daylight-edition/admin/assets/en-daylight-admin.css/wp-content/plugins/ltl-freight-quotes-daylight-edition/admin/assets/wickedpicker.min.css+2 more
Version Parameters
/wp-content/plugins/ltl-freight-quotes-daylight-edition/admin/tab/logs/en-json-tree-view/en-jtv-script.js?ver=1.0.0/wp-content/plugins/ltl-freight-quotes-daylight-edition/admin/tab/location/assets/js/en-daylight-tagging.js?ver=1.0.1/wp-content/plugins/ltl-freight-quotes-daylight-edition/admin/assets/en-daylight-admin.js?ver=1.0.8/wp-content/plugins/ltl-freight-quotes-daylight-edition/admin/tab/location/assets/js/en-daylight-location.js?ver=1.0.4/wp-content/plugins/ltl-freight-quotes-daylight-edition/admin/assets/wickedpicker.js?ver=1.0.0

HTML / DOM Fingerprints

Data Attributes
en_daylight_admin_scripten_daylight_location_script
JS Globals
scripten_daylight_admin_scripten_daylight_location_script
FAQ

Frequently Asked Questions about LTL Freight Quotes – Daylight Edition