WP-Safety

NIP Field for WooCommerce Security & Risk Analysis

wordpress.org/plugins/nip-field-for-woocommerce

Adds NIP field to WooCommerce checkout with validation and order storage capabilities.

300 active installs v1.2.5 PHP 7.2+ WP 5.0+ Updated Mar 11, 2026
gusnipnip-fieldtax-idwoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is NIP Field for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

NIP Field for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 23d ago
Risk Assessment

The plugin "nip-field-for-woocommerce" v1.2.5 exhibits a generally strong security posture based on the provided static analysis and vulnerability history. The code demonstrates good practices with comprehensive nonce and capability checks across its identified entry points, which consist solely of a single AJAX handler. Furthermore, the absence of dangerous functions, file operations, external HTTP requests, and raw SQL queries, coupled with the exclusive use of prepared statements for database interactions, significantly mitigates common attack vectors. The high percentage of properly escaped output also suggests a good effort in preventing cross-site scripting (XSS) vulnerabilities. The lack of any recorded vulnerabilities, past or present, further reinforces this positive assessment, indicating a mature and well-maintained codebase.

However, a minor area for attention lies in the output escaping. While the majority of outputs are properly escaped, 15% are not, which could potentially lead to XSS vulnerabilities if these unescaped outputs handle user-controlled data. The taint analysis showing zero flows is an excellent sign, but it's important to note that this analysis might not cover all possible data flow scenarios, especially if complex data transformations are involved. Overall, the plugin appears robust, with the primary, albeit minor, concern being the unescaped output. Continued vigilance, particularly around the handling of any user-generated content that might be displayed, is recommended.

Key Concerns

  • Unescaped output detected
Vulnerabilities
None known

NIP Field for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

NIP Field for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
6
35 escaped
Nonce Checks
6
Capability Checks
4
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

85% escaped41 total outputs
Attack Surface

NIP Field for WooCommerce Attack Surface

Entry Points1
Unprotected0

AJAX Handlers 1

authwp_ajax_nip_field_wc_dismiss_bannercore\admin\class-nip-field-wc-admin.php:49
WordPress Hooks 34
actionadmin_menucore\admin\class-nip-field-wc-admin.php:37
actionadmin_initcore\admin\class-nip-field-wc-admin.php:40
actionadmin_enqueue_scriptscore\admin\class-nip-field-wc-admin.php:43
actionadmin_noticescore\admin\class-nip-field-wc-admin.php:46
actionwoocommerce_blocks_loadedcore\includes\class-nip-field-wc-blocks.php:24
actionwoocommerce_blocks_checkout_block_registrationcore\includes\class-nip-field-wc-blocks.php:37
actionwoocommerce_initcore\includes\class-nip-field-wc-blocks.php:44
actionwoocommerce_store_api_checkout_update_order_metacore\includes\class-nip-field-wc-blocks.php:48
actionwoocommerce_store_api_checkout_order_processedcore\includes\class-nip-field-wc-blocks.php:49
actionwoocommerce_checkout_order_processedcore\includes\class-nip-field-wc-blocks.php:52
actionwoocommerce_checkout_order_processedcore\includes\class-nip-field-wc-blocks.php:55
actionwoocommerce_store_api_checkout_order_processedcore\includes\class-nip-field-wc-blocks.php:56
filterwoocommerce_email_customer_details_fieldscore\includes\class-nip-field-wc-blocks.php:59
actionwp_enqueue_scriptscore\includes\class-nip-field-wc-blocks.php:62
actionwoocommerce_customer_save_addresscore\includes\class-nip-field-wc-blocks.php:66
filterwoocommerce_billing_fieldscore\includes\class-nip-field-wc-blocks.php:69
filterwoocommerce_checkout_fieldscore\includes\class-nip-field-wc-checkout.php:30
actionwoocommerce_checkout_processcore\includes\class-nip-field-wc-checkout.php:33
actionwoocommerce_checkout_update_order_metacore\includes\class-nip-field-wc-checkout.php:36
filterwoocommerce_admin_billing_fieldscore\includes\class-nip-field-wc-checkout.php:41
actionwoocommerce_process_shop_order_metacore\includes\class-nip-field-wc-checkout.php:44
filterwoocommerce_email_customer_details_fieldscore\includes\class-nip-field-wc-checkout.php:48
filterwoocommerce_order_get_formatted_billing_addresscore\includes\class-nip-field-wc-checkout.php:51
filterwoocommerce_my_account_my_address_formatted_addresscore\includes\class-nip-field-wc-checkout.php:54
filterwoocommerce_billing_fieldscore\includes\class-nip-field-wc-checkout.php:58
actionwoocommerce_after_save_address_validationcore\includes\class-nip-field-wc-checkout.php:61
actionwoocommerce_customer_save_addresscore\includes\class-nip-field-wc-checkout.php:64
actionwp_enqueue_scriptscore\includes\class-nip-field-wc-checkout.php:67
actionwp_footercore\includes\class-nip-field-wc-checkout.php:337
filterplugin_row_metacore\includes\class-nip-field-wc-main.php:58
filterwoocommerce_customer_meta_fieldscore\includes\class-nip-field-wc-main.php:61
actionadmin_noticescore\nip-field-for-woocommerce.php:93
actionplugins_loadedcore\nip-field-for-woocommerce.php:96
actionbefore_woocommerce_initcore\nip-field-for-woocommerce.php:101
Maintenance & Trust

NIP Field for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 11, 2026
PHP min version7.2
Downloads2K

Community Trust

Rating100/100
Number of ratings2
Active installs300
Alternatives

NIP Field for WooCommerce Alternatives

Nip Finder

Nip Finder

nip-finder

A
100

Automatyczne dane firmowe z GUS do WooCommerce. Szybsze zamówienia B2B, zero błędów w fakturach!

20 No CVEs
Feedaty Rating for WooCommerce

Feedaty Rating for WooCommerce

feedaty-rating-for-woocommerce

A
100

Feedaty WooCommerce Rating is the official WordPress plugin for displaying and managing Feedaty Reviews.

300 No CVEs
UniPAY Payment Gateway For WooCommerce

UniPAY Payment Gateway For WooCommerce

unipay-payment-gateway-for-woocommerce

A
92

Extends WooCommerce 6.2.0 to Process Payments with UniPAY gateway

100 No CVEs
AffiniPay WooCommerce

AffiniPay WooCommerce

affinipay-woocommerce

A
92

Take credit card payments on your WooCommerce site using AffiniPay

60 No CVEs
Anipo

Anipo

anipo

A
100

Anipo adds two columns to WooCommerce orders table, one for getting and printing order barcode and the other for tracking barcode.

10 No CVEs
Developer Profile

NIP Field for WooCommerce Developer Profile

devikit

5 plugins · 330 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect NIP Field for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/nip-field-for-woocommerce/assets/css/admin.css/wp-content/plugins/nip-field-for-woocommerce/assets/js/admin.js
Script Paths
/wp-content/plugins/nip-field-for-woocommerce/assets/js/admin.js
Version Parameters
nip-field-for-woocommerce/assets/css/admin.css?ver=nip-field-for-woocommerce/assets/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
nip-field-wc-tabsnip-field-wc-tabs nav-tabnip-field-wc-tabs nav-tab-activenip-field-wc-tab-contentnip-field-wc-settings-sectionnip-field-wc-settings-fieldnip-field-wc-pro-noticenip-field-wc-pro-features
HTML Comments
<!-- NIP Field for WooCommerce Admin Settings Page --><!-- Settings section for General Settings --><!-- Field for Required NIP --><!-- Field for NIP Format Validation -->+2 more
Data Attributes
data-field-id="required"data-field-id="validate_format"
JS Globals
nip_field_wc_ajax_object
FAQ

Frequently Asked Questions about NIP Field for WooCommerce