WP-Safety

LTL Freight Quotes – XPO Edition Security & Risk Analysis

wordpress.org/plugins/ltl-freight-quotes-xpo-edition

Real-time LTL freight quotes from XPO Logistics. Fifteen day free trial.

60 active installs v4.3.15 PHP + WP 6.4+ Updated Jan 7, 2026
enitureltl-freight-quotesltl-freight-ratesshipping-estimatesxpo
98
A · Safe
CVEs total1
Unpatched0
Last CVEFeb 11, 2025
Plugin page Download
Safety Verdict

Is LTL Freight Quotes – XPO Edition Safe to Use in 2026?

Generally Safe

Score 98/100

LTL Freight Quotes – XPO Edition has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Feb 11, 2025Updated 2mo ago
Risk Assessment

The ltl-freight-quotes-xpo-edition plugin version 4.3.15 presents a mixed security posture. While it demonstrates good practices like a reasonable number of nonce checks and capability checks relative to its entry points, significant concerns arise from its attack surface. A notable 17 out of 45 total entry points lack authentication checks, including 16 AJAX handlers and 1 REST API route without permission callbacks, creating a broad potential attack vector. Furthermore, the taint analysis indicates a high severity flow with unsanitized input, which, combined with a history of SQL injection vulnerabilities, suggests a persistent risk of data compromise. Although there are no currently unpatched CVEs, the past occurrence of a high-severity SQL injection vulnerability points to potential weaknesses in input validation and sanitization, which may be exacerbated by the large number of SQL queries in the code, nearly half of which do not use prepared statements. The plugin has strengths in its lack of dangerous functions and file operations, but the unprotected entry points and potential for injection vulnerabilities warrant careful consideration and monitoring.

Key Concerns

  • Unprotected AJAX handlers
  • Unprotected REST API route
  • High severity taint flow
  • SQL queries without prepared statements
  • Previous high severity SQL injection vulnerability
  • Outputs not properly escaped
Vulnerabilities
1

LTL Freight Quotes – XPO Edition Security Vulnerabilities

CVEs by Year

1 CVE in 2025
2025
Patched Has unpatched

Severity Breakdown

High
1

1 total CVE

CVE-2024-13490high · 7.5Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

LTL Freight Quotes – XPO Edition <= 4.3.7 - Unauthenticated SQL Injection

Feb 11, 2025 Patched in 4.3.8 (1d)
Code Analysis
Analyzed Mar 16, 2026

LTL Freight Quotes – XPO Edition Code Analysis

Dangerous Functions
0
Raw SQL Queries
35
27 prepared
Unescaped Output
165
188 escaped
Nonce Checks
13
Capability Checks
28
File Operations
0
External Requests
4
Bundled Libraries
0

SQL Query Safety

44% prepared62 total queries

Output Escaping

53% escaped353 total outputs
Data Flows
15 unsanitized

Data Flow Analysis

23 flows15 with unsanitized paths
warehouse_template (warehouse-dropship\wild-delivery.php:41)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
17 unprotected

LTL Freight Quotes – XPO Edition Attack Surface

Entry Points45
Unprotected17

AJAX Handlers 44

noprivwp_ajax_xpo_fdltl-freight-quotes-xpo-edition.php:550
authwp_ajax_xpo_fdltl-freight-quotes-xpo-edition.php:551
noprivwp_ajax_en_xpo_save_shipping_ruleshipping-rules\shipping-rules-save.php:23
authwp_ajax_en_xpo_save_shipping_ruleshipping-rules\shipping-rules-save.php:24
noprivwp_ajax_en_xpo_edit_shipping_ruleshipping-rules\shipping-rules-save.php:26
authwp_ajax_en_xpo_edit_shipping_ruleshipping-rules\shipping-rules-save.php:27
noprivwp_ajax_en_xpo_delete_shipping_ruleshipping-rules\shipping-rules-save.php:29
authwp_ajax_en_xpo_delete_shipping_ruleshipping-rules\shipping-rules-save.php:30
noprivwp_ajax_en_xpo_update_shipping_rule_statusshipping-rules\shipping-rules-save.php:32
authwp_ajax_en_xpo_update_shipping_rule_statusshipping-rules\shipping-rules-save.php:33
authwp_ajax_en_xpo_freight_activate_hit_to_update_planupdate-plan.php:11
noprivwp_ajax_en_xpo_freight_activate_hit_to_update_planupdate-plan.php:12
noprivwp_ajax_en_wd_get_addresswarehouse-dropship\wild\includes\wild-delivery-save.php:24
authwp_ajax_en_wd_get_addresswarehouse-dropship\wild\includes\wild-delivery-save.php:25
noprivwp_ajax_en_wd_delete_dropshipwarehouse-dropship\wild\includes\wild-delivery-save.php:27
authwp_ajax_en_wd_delete_dropshipwarehouse-dropship\wild\includes\wild-delivery-save.php:28
noprivwp_ajax_en_wd_save_warehousewarehouse-dropship\wild\includes\wild-delivery-save.php:30
authwp_ajax_en_wd_save_warehousewarehouse-dropship\wild\includes\wild-delivery-save.php:31
noprivwp_ajax_en_wd_save_dropshipwarehouse-dropship\wild\includes\wild-delivery-save.php:33
authwp_ajax_en_wd_save_dropshipwarehouse-dropship\wild\includes\wild-delivery-save.php:34
noprivwp_ajax_en_wd_edit_dropshipwarehouse-dropship\wild\includes\wild-delivery-save.php:37
authwp_ajax_en_wd_edit_dropshipwarehouse-dropship\wild\includes\wild-delivery-save.php:38
noprivwp_ajax_en_wd_delete_warehousewarehouse-dropship\wild\includes\wild-delivery-save.php:40
authwp_ajax_en_wd_delete_warehousewarehouse-dropship\wild\includes\wild-delivery-save.php:41
noprivwp_ajax_en_wd_edit_warehousewarehouse-dropship\wild\includes\wild-delivery-save.php:43
authwp_ajax_en_wd_edit_warehousewarehouse-dropship\wild\includes\wild-delivery-save.php:44
noprivwp_ajax_en_wd_get_addresswarehouse-dropship\wild\includes\xpo-wild-delivery-save.php:24
authwp_ajax_en_wd_get_addresswarehouse-dropship\wild\includes\xpo-wild-delivery-save.php:25
noprivwp_ajax_xpo_en_wd_delete_dropshipwarehouse-dropship\wild\includes\xpo-wild-delivery-save.php:27
authwp_ajax_xpo_en_wd_delete_dropshipwarehouse-dropship\wild\includes\xpo-wild-delivery-save.php:28
noprivwp_ajax_xpo_en_wd_save_warehousewarehouse-dropship\wild\includes\xpo-wild-delivery-save.php:30
authwp_ajax_xpo_en_wd_save_warehousewarehouse-dropship\wild\includes\xpo-wild-delivery-save.php:31
noprivwp_ajax_xpo_en_wd_save_dropshipwarehouse-dropship\wild\includes\xpo-wild-delivery-save.php:33
authwp_ajax_xpo_en_wd_save_dropshipwarehouse-dropship\wild\includes\xpo-wild-delivery-save.php:34
noprivwp_ajax_xpo_en_wd_edit_dropshipwarehouse-dropship\wild\includes\xpo-wild-delivery-save.php:37
authwp_ajax_xpo_en_wd_edit_dropshipwarehouse-dropship\wild\includes\xpo-wild-delivery-save.php:38
noprivwp_ajax_xpo_en_wd_delete_warehousewarehouse-dropship\wild\includes\xpo-wild-delivery-save.php:40
authwp_ajax_xpo_en_wd_delete_warehousewarehouse-dropship\wild\includes\xpo-wild-delivery-save.php:41
noprivwp_ajax_xpo_en_wd_edit_warehousewarehouse-dropship\wild\includes\xpo-wild-delivery-save.php:43
authwp_ajax_xpo_en_wd_edit_warehousewarehouse-dropship\wild\includes\xpo-wild-delivery-save.php:44
noprivwp_ajax_en_xpo_wd_bulk_delete_locationswarehouse-dropship\wild\includes\xpo-wild-delivery-save.php:46
authwp_ajax_en_xpo_wd_bulk_delete_locationswarehouse-dropship\wild\includes\xpo-wild-delivery-save.php:47
noprivwp_ajax_xpo_actionxpo-test-connection.php:13
authwp_ajax_xpo_actionxpo-test-connection.php:14

REST API Routes 1

POST/wp-json/fdo-company-id/update-statusltl-freight-quotes-xpo-edition.php:598
WordPress Hooks 75
actionbefore_woocommerce_initltl-freight-quotes-xpo-edition.php:21
filteren_pluginsltl-freight-quotes-xpo-edition.php:34
filteren_woo_plans_notification_actionltl-freight-quotes-xpo-edition.php:59
filteren_woo_plans_notification_message_actionltl-freight-quotes-xpo-edition.php:71
filteren_woo_plans_nested_notification_message_actionltl-freight-quotes-xpo-edition.php:84
actionadmin_initltl-freight-quotes-xpo-edition.php:111
actionadmin_noticesltl-freight-quotes-xpo-edition.php:119
actionadmin_initltl-freight-quotes-xpo-edition.php:132
actionadmin_noticesltl-freight-quotes-xpo-edition.php:142
actionadmin_enqueue_scriptsltl-freight-quotes-xpo-edition.php:180
actionadmin_enqueue_scriptsltl-freight-quotes-xpo-edition.php:198
actionadmin_initltl-freight-quotes-xpo-edition.php:264
actionadmin_initltl-freight-quotes-xpo-edition.php:265
actioninitltl-freight-quotes-xpo-edition.php:303
actionupgrader_process_completeltl-freight-quotes-xpo-edition.php:304
actionwoocommerce_shipping_initltl-freight-quotes-xpo-edition.php:309
filterwoocommerce_shipping_methodsltl-freight-quotes-xpo-edition.php:310
filterwoocommerce_get_settings_pagesltl-freight-quotes-xpo-edition.php:311
filterwoocommerce_package_ratesltl-freight-quotes-xpo-edition.php:312
filterwoocommerce_cart_no_shipping_available_htmlltl-freight-quotes-xpo-edition.php:313
actioninitltl-freight-quotes-xpo-edition.php:314
actioninitltl-freight-quotes-xpo-edition.php:315
actionwoocommerce_proceed_to_checkoutltl-freight-quotes-xpo-edition.php:350
filterplugin_action_linksltl-freight-quotes-xpo-edition.php:357
actionwp_enqueue_scriptsltl-freight-quotes-xpo-edition.php:384
filterxpo_quotes_quotes_plans_suscription_and_featuresltl-freight-quotes-xpo-edition.php:460
filterxpo_quotes_plans_notification_linkltl-freight-quotes-xpo-edition.php:481
filteren_append_account_number_multiple_pluginsltl-freight-quotes-xpo-edition.php:533
filteren_append_account_number_hidden_multiple_pluginsltl-freight-quotes-xpo-edition.php:548
actionrest_api_initltl-freight-quotes-xpo-edition.php:595
filteren_suppress_parcel_rates_hookltl-freight-quotes-xpo-edition.php:661
actionwoocommerce_thankyouorder\en-order-export.php:14
actioninitorder\en-order-export.php:15
actionen_async_orders_exporting_processorder\en-order-export.php:16
filtercron_schedulesorder\en-order-export.php:17
actionwoocommerce_order_actionsorder\en-order-widget.php:16
actionwoocommerce_order_before_calculate_totalsorder\rates\order-rates.php:13
filteren_order_accessoriesorder\rates\order-rates.php:14
filteren_app_common_plan_statusproduct\en-product-detail.php:23
filteren_compatible_optimized_product_optionsproduct\en-product-detail.php:26
actionwoocommerce_product_options_shippingproduct\en-product-detail.php:31
actionwoocommerce_process_product_metaproduct\en-product-detail.php:32
actionwoocommerce_product_after_variable_attributesproduct\en-product-detail.php:35
actionwoocommerce_save_product_variationproduct\en-product-detail.php:36
filterEn_Plugins_dropship_filterproduct\en-product-detail.php:39
filterEn_Plugins_variable_freight_classification_filterproduct\en-product-detail.php:40
filteren_xpo_freight_wd_update_query_stringstandard-package-addon\instore-pickup-local-delivery\instore-local-delivery.php:17
filteren_xpo_freight_wd_origin_array_setstandard-package-addon\instore-pickup-local-delivery\instore-local-delivery.php:18
filteren_xpo_freight_wd_standard_plansstandard-package-addon\instore-pickup-local-delivery\instore-local-delivery.php:19
filtersuppress_local_deliverystandard-package-addon\instore-pickup-local-delivery\instore-local-delivery.php:20
filterwoocommerce_product_export_product_column_en_nicknametemplate\csv-export.php:9
filterwoocommerce_product_export_product_column_en_citytemplate\csv-export.php:10
filterwoocommerce_product_export_product_column_en_statetemplate\csv-export.php:11
filterwoocommerce_product_export_product_column_en_ziptemplate\csv-export.php:12
filterwoocommerce_product_export_product_column_en_countrytemplate\csv-export.php:13
filterwoocommerce_product_export_product_column_en_product_freight_classtemplate\csv-export.php:16
filterwoocommerce_product_export_product_column_en_product_freight_class_variationtemplate\csv-export.php:17
filterwoocommerce_product_export_column_namestemplate\csv-export.php:20
filterwoocommerce_product_export_product_default_columnstemplate\csv-export.php:21
actionwoocommerce_product_options_shippingtemplate\products-nested-options.php:31
actionwoocommerce_process_product_metatemplate\products-nested-options.php:34
actionwoocommerce_product_after_variable_attributestemplate\products-nested-options.php:44
actionwoocommerce_save_product_variationtemplate\products-nested-options.php:48
actionadmin_noticesupdate-plan.php:268
filteren_wd_get_addresswarehouse-dropship\get-distance-request.php:21
actionadmin_enqueue_scriptswarehouse-dropship\wild-delivery.php:33
actionadmin_enqueue_scriptswarehouse-dropship\xpo-wild-delivery.php:34
filterwoocommerce_product_importer_parsed_dataxpo-admin-filter.php:190
filteren_xpo_accessorial_excludedxpo-carrier-service.php:586
filteren_fdo_image_urls_mergexpo-group-package.php:424
filterforce_show_methodsxpo-shipping-class.php:182
filterwoocommerce_package_ratesxpo-shipping-class.php:817
filterwoocommerce_package_ratesxpo-shipping-class.php:841
filterwoocommerce_package_ratesxpo-shipping-class.php:924
filterwoocommerce_settings_tabs_arrayxpo-tab-class.php:22

Scheduled Events 1

en_async_orders_exporting_process
Maintenance & Trust

LTL Freight Quotes – XPO Edition Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 7, 2026
PHP min version
Downloads7K

Community Trust

Rating0/100
Number of ratings0
Active installs60
Alternatives

LTL Freight Quotes – XPO Edition Alternatives

LTL Freight Quotes – FreightQuote Edition

LTL Freight Quotes – FreightQuote Edition

ltl-freight-quotes-freightquote-edition

A
98

Real-time LTL freight quotes from FreightQuote. Fifteen day free trial.

70 2 CVEs
LTL Freight Quotes – Unishippers Edition

LTL Freight Quotes – Unishippers Edition

ltl-freight-quotes-unishippers-edition

A
97

Real-time Unishippers freight quotes from Unishippers. Fifteen day free trial.

50 3 CVEs
LTL Freight Quotes – Estes Edition

LTL Freight Quotes – Estes Edition

ltl-freight-quotes-estes-edition

A
98

Real-time LTL freight quotes from Estes. Fifteen day free trial.

30 1 CVE
LTL Freight Quotes – GlobalTranz Edition

LTL Freight Quotes – GlobalTranz Edition

ltl-freight-quotes-globaltranz-edition

A
98

Real-time LTL freight quotes from GlobalTranz. Fifteen day free trial.

30 2 CVEs
LTL Freight Quotes – Old Dominion Edition

LTL Freight Quotes – Old Dominion Edition

ltl-freight-quotes-odfl-edition

A
98

Real-time LTL freight quotes from Old Dominion Freight Line. Fifteen day free trial.

30 1 CVE
Developer Profile

LTL Freight Quotes – XPO Edition Developer Profile

enituretechnology

29 plugins · 1K total installs

93
trust score
Avg Security Score
98/100
Avg Patch Time
11 days
View full developer profile
Detection Fingerprints

How We Detect LTL Freight Quotes – XPO Edition

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/ltl-freight-quotes-xpo-edition/css/wickedpicker.min.css/wp-content/plugins/ltl-freight-quotes-xpo-edition/js/wickedpicker.js/wp-content/plugins/ltl-freight-quotes-xpo-edition/css/xpo-style.css/wp-content/plugins/ltl-freight-quotes-xpo-edition/shipping-rules/assets/js/shipping_rules.js/wp-content/plugins/ltl-freight-quotes-xpo-edition/shipping-rules/assets/css/shipping_rules.css/wp-content/plugins/ltl-freight-quotes-xpo-edition/logs/en-json-tree-view/en-jtv-style.css/wp-content/plugins/ltl-freight-quotes-xpo-edition/logs/en-json-tree-view/en-jtv-script.js
Script Paths
/wp-content/plugins/ltl-freight-quotes-xpo-edition/js/wickedpicker.js/wp-content/plugins/ltl-freight-quotes-xpo-edition/shipping-rules/assets/js/shipping_rules.js/wp-content/plugins/ltl-freight-quotes-xpo-edition/logs/en-json-tree-view/en-jtv-script.js
Version Parameters
ltl-freight-quotes-xpo-edition/css/wickedpicker.min.css?ver=1.0.0ltl-freight-quotes-xpo-edition/js/wickedpicker.js?ver=1.0.0ltl-freight-quotes-xpo-edition/css/xpo-style.css?ver=1.1.6ltl-freight-quotes-xpo-edition/shipping-rules/assets/js/shipping_rules.js?ver=1.0.3ltl-freight-quotes-xpo-edition/shipping-rules/assets/css/shipping_rules.css?ver=1.0.1ltl-freight-quotes-xpo-edition/logs/en-json-tree-view/en-jtv-style.css?ver=ltl-freight-quotes-xpo-edition/logs/en-json-tree-view/en-jtv-script.js?ver=1.0.0

HTML / DOM Fingerprints

CSS Classes
xpo-styleen-jtv-styleen-xpo-sr-script
Data Attributes
en_tree_view_url
JS Globals
en_xpo_sr_script
FAQ

Frequently Asked Questions about LTL Freight Quotes – XPO Edition