WP-Safety

Order Sync with Zendesk for WooCommerce Security & Risk Analysis

wordpress.org/plugins/mwb-zendesk-woo-order-sync

Manage Customer Support Tickets and Orders with Zendesk Woo Order Sync

30 active installs v2.2.2 PHP 7.4+ WP 5.5.0+ Updated Apr 8, 2026
customer-support-ticket-systemhelp-deskintegrationorder-synczendesk
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Order Sync with Zendesk for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Order Sync with Zendesk for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The "mwb-zendesk-woo-order-sync" v2.2.1 plugin exhibits a generally good security posture, with several strengths noted in the static analysis. The absence of dangerous functions, the exclusive use of prepared statements for SQL queries, and a high percentage of properly escaped output are positive indicators. The plugin also appears to handle nonces correctly and has a history free of known vulnerabilities, suggesting a commitment to secure development practices. However, there are a few areas for concern that warrant attention.

The primary concern lies in the attack surface, specifically the presence of one REST API route that lacks a permission callback. This could potentially expose sensitive functionality to unauthenticated users. While the taint analysis did not reveal any unsanitized paths or critical/high severity flows, the lack of a permission check on a REST API endpoint is a significant oversight that bypasses WordPress's robust access control mechanisms.

Overall, the plugin is well-developed from a security perspective, with no critical or high-risk issues identified through taint analysis or its vulnerability history. The strengths in code hygiene and SQL security are commendable. Nevertheless, the unprotected REST API route is a notable weakness that should be addressed to ensure complete security. Addressing this single unprotected entry point would significantly enhance the plugin's security profile.

Key Concerns

  • REST API route without permission callback
Vulnerabilities
None known

Order Sync with Zendesk for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Order Sync with Zendesk for WooCommerce Release Timeline

v2.2.2Current
v2.2.1
v2.2.0
v2.1.2
v2.1.1
v2.1.0
v2.0.9
v2.0.8
v2.0.7
v2.0.6
v2.0.5
v2.0.4
v2.0.3
v2.0.2
v2.0.1
v2.0.0
v1.0.1
Code Analysis
Analyzed Mar 16, 2026

Order Sync with Zendesk for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
10
179 escaped
Nonce Checks
9
Capability Checks
0
File Operations
0
External Requests
12
Bundled Libraries
0

Output Escaping

95% escaped189 total outputs
Data Flows · Security
All sanitized

Data Flow Analysis

6 flows
update_user_ticket (Library\class-mwb-zendesk-global-functions.php:28)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

Order Sync with Zendesk for WooCommerce Attack Surface

Entry Points8
Unprotected1

AJAX Handlers 6

authwp_ajax_mwb_zndsk_suggest_acceptclass-mwb-zendesk-connect-api.php:72
authwp_ajax_mwb_zndsk_suggest_laterclass-mwb-zendesk-connect-api.php:73
authwp_ajax_mwb_zndsk_ticketclass-mwb-zendesk-connect-api.php:74
authwp_ajax_mwb_zndsk_tickt_emailclass-mwb-zendesk-connect-api.php:75
authwp_ajax_mwb_zndsk_chat_historyclass-mwb-zendesk-connect-api.php:76
authwp_ajax_mwb_zndsk_save_order_config_optionsLibrary\class-mwb-zendesk-settings.php:53

REST API Routes 1

GET/wp-json/zndskwoo/order_detailsLibrary\class-mwb-zendesk-manager.php:324

Shortcodes 1

[mwb-ticket-history] Library\class-mwb-zendesk-manager.php:181
WordPress Hooks 23
actionadmin_footerLibrary\class-mwb-zendesk-global-functions.php:1011
actioninitLibrary\class-mwb-zendesk-manager.php:63
actionadmin_initLibrary\class-mwb-zendesk-manager.php:64
actionwoocommerce_account_ticket-history_endpointLibrary\class-mwb-zendesk-manager.php:67
filterwoocommerce_account_menu_itemsLibrary\class-mwb-zendesk-manager.php:68
filtermanage_users_columnsLibrary\class-mwb-zendesk-manager.php:69
actionmanage_users_custom_columnLibrary\class-mwb-zendesk-manager.php:70
actionwoocommerce_order_status_changedLibrary\class-mwb-zendesk-manager.php:72
actionwoocommerce_created_customerLibrary\class-mwb-zendesk-manager.php:73
actioninitLibrary\class-mwb-zendesk-manager.php:75
actioninitLibrary\class-mwb-zendesk-manager.php:76
filterwoocommerce_email_classesLibrary\class-mwb-zendesk-manager.php:78
actionadmin_menuLibrary\class-mwb-zendesk-settings.php:51
actionadd_meta_boxesLibrary\class-mwb-zendesk-settings.php:52
actionwp_loadedmwb-zendesk-woo-order-sync.php:77
filterplugin_row_metamwb-zendesk-woo-order-sync.php:98
actionbefore_woocommerce_initmwb-zendesk-woo-order-sync.php:109
actionrest_api_initmwb-zendesk-woo-order-sync.php:147
actionplugins_loadedmwb-zendesk-woo-order-sync.php:150
actionadmin_enqueue_scriptsmwb-zendesk-woo-order-sync.php:189
actionwp_enqueue_scriptsmwb-zendesk-woo-order-sync.php:190
actionadmin_initmwb-zendesk-woo-order-sync.php:265
actionadmin_noticesmwb-zendesk-woo-order-sync.php:274
Maintenance & Trust

Order Sync with Zendesk for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedApr 8, 2026
PHP min version7.4
Downloads7K

Community Trust

Rating100/100
Number of ratings2
Active installs30
Alternatives

Order Sync with Zendesk for WooCommerce Alternatives

Zendesk Support for WordPress

Zendesk Support for WordPress

zendesk

A
85

Bring the helpdesk into your blog

2K 1 CVE
Integration for Epos Now and WooCommerce

Integration for Epos Now and WooCommerce

woo-epos-now-integration

A
100

Seamlessly integrate WooCommerce and Epos Now.

300 No CVEs
WP Gravity Forms Zendesk

WP Gravity Forms Zendesk

gf-zendesk

A
99

Gravity Forms Zendesk Add-on sends Gravity Forms entries to Zendesk.

200 2 CVEs
Yetix Request Form for Zendesk

Yetix Request Form for Zendesk

yetix-request-form

A
85

Zendesk Ticket Form into your WordPress site.

10 No CVEs
Bizzmags Sync for Trendyol and WC

Bizzmags Sync for Trendyol and WC

bizzmagssynctrendyolwc

A
100

Connect WooCommerce with Trendyol Marketplace and automate product, stock, and order synchronization.

0 No CVEs
Developer Profile

Order Sync with Zendesk for WooCommerce Developer Profile

WP Swings

13 plugins · 42K total installs

86
trust score
Avg Security Score
97/100
Avg Patch Time
90 days
View full developer profile
Detection Fingerprints

How We Detect Order Sync with Zendesk for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/mwb-zendesk-woo-order-sync/assets/zndsk-admin.css/wp-content/plugins/mwb-zendesk-woo-order-sync/assets/zndsk-admin.js/wp-content/plugins/mwb-zendesk-woo-order-sync/assets/zndsk-admin-global.js/wp-content/plugins/mwb-zendesk-woo-order-sync/assets/zndsk-global.css/wp-content/plugins/mwb-zendesk-woo-order-sync/assets/zndsk-ticket.js/wp-content/plugins/mwb-zendesk-woo-order-sync/assets/zndsk-public-ticket.css
Script Paths
//js.hsforms.net/forms/shell.js
Version Parameters
mwb-zendesk-woo-order-sync/assets/zndsk-admin.css?ver=mwb-zendesk-woo-order-sync/assets/zndsk-admin.js?ver=mwb-zendesk-woo-order-sync/assets/zndsk-admin-global.js?ver=mwb-zendesk-woo-order-sync/assets/zndsk-global.css?ver=mwb-zendesk-woo-order-sync/assets/zndsk-ticket.js?ver=mwb-zendesk-woo-order-sync/assets/zndsk-public-ticket.css?ver=

HTML / DOM Fingerprints

JS Globals
zndsk_ajax_object
REST Endpoints
/wp-json/mwb-zendesk-connect-api
FAQ

Frequently Asked Questions about Order Sync with Zendesk for WooCommerce