Does Nova Post for WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in Nova Post for WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Nova Post for WooCommerce compatible with WordPress 6.9.4?

According to WordPress.org data, Nova Post for WooCommerce 2.2.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Nova Post for WooCommerce compatible with PHP 8.0+?

Nova Post for WooCommerce requires PHP 8.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Nova Post for WooCommerce updated?

Nova Post for WooCommerce was last updated on Mar 9, 2026. Frequent updates are generally a positive security signal.

What is Nova Post for WooCommerce's security score?

Nova Post for WooCommerce has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Nova Post for WooCommerce Security & Risk Analysis

wordpress.org/plugins/nova-post-for-woocommerce

Official Nova Post shipping plugin for WooCommerce. Create shipments, calculate rates, print labels and track deliveries across Europe and Ukraine.

0 active installs v2.2.0 PHP 8.0+ WP 6.6+ Updated Mar 9, 2026

nova-postparcel-trackingshippingshipping-rateswoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Nova Post for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Nova Post for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 25d ago

Risk Assessment

The plugin 'nova-post-for-woocommerce' v2.2.0 exhibits a generally good security posture based on the provided static analysis and vulnerability history. The absence of critical or high-severity taint flows and the fact that all SQL queries use prepared statements are significant strengths, indicating a developer awareness of common web vulnerabilities. Furthermore, the plugin demonstrates good practices by implementing nonce and capability checks where appropriate, and the vulnerability history is clean, with no recorded CVEs. This suggests a mature and secure development process.

However, there are minor areas for improvement. While the attack surface is currently zero, this can change with future updates if new entry points are introduced without proper authorization checks. The percentage of properly escaped output (87%) is good but leaves room for potential cross-site scripting (XSS) vulnerabilities if the remaining 13% of outputs are exposed to user-controlled data. The presence of bundled libraries like Guzzle and TCPDF, while not inherently problematic, could pose a risk if they are outdated and contain known vulnerabilities, though no such issues are indicated in the provided data.

In conclusion, 'nova-post-for-woocommerce' v2.2.0 appears to be a relatively secure plugin. Its robust handling of SQL and taint analysis is commendable. The primary area of attention would be ensuring that any future expansion of its attack surface is rigorously secured and that output escaping is consistently applied to 100% of outputs to mitigate any potential XSS risks.

Key Concerns

Unescaped output exists
Bundled libraries present

Vulnerabilities

None known

Nova Post for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Nova Post for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

8 prepared

Unescaped Output

92 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

GuzzleTCPDF

SQL Query Safety

100% prepared8 total queries

Output Escaping

87% escaped106 total outputs

Attack Surface

Nova Post for WooCommerce Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 37

actionadmin_noticesincludes\Admin\AdminAlerts.php:29

actionadmin_enqueue_scriptsincludes\Admin\AdminAlerts.php:30

actionadmin_enqueue_scriptsincludes\Admin\AdminAssets.php:34

actionadmin_menuincludes\Admin\AdminSetup.php:30

filterbulk_actions-edit-shop_orderincludes\Admin\OrderBulkActions.php:53

filterbulk_actions-woocommerce_page_wc-ordersincludes\Admin\OrderBulkActions.php:54

actionadmin_footerincludes\Admin\OrderBulkActions.php:56

actionadmin_noticesincludes\Admin\OrderBulkActions.php:66

filtermanage_edit-shop_order_columnsincludes\Admin\OrderListColumn.php:29

filtermanage_woocommerce_page_wc-orders_columnsincludes\Admin\OrderListColumn.php:30

actionmanage_shop_order_posts_custom_columnincludes\Admin\OrderListColumn.php:32

actionmanage_woocommerce_page_wc-orders_custom_columnincludes\Admin\OrderListColumn.php:33

actionwoocommerce_admin_order_data_after_shipping_addressincludes\Admin\OrderShippingData.php:39

actionadd_meta_boxes_shop_orderincludes\Admin\OrderSidebarMetaBox.php:38

actionadd_meta_boxesincludes\Admin\OrderSidebarMetaBox.php:41

actionwoocommerce_blocks_checkout_block_registrationincludes\Checkout\CheckoutSetup.php:30

actionwoocommerce_blocks_loadedincludes\Checkout\CheckoutSetup.php:38

actionwoocommerce_checkout_order_createdincludes\Checkout\CheckoutSetup.php:49

actionwoocommerce_store_api_checkout_update_order_from_requestincludes\Checkout\CheckoutSetup.php:56

filterwoocommerce_checkout_fieldsincludes\Checkout\CheckoutSetup.php:63

actionwoocommerce_checkout_order_createdincludes\Checkout\CheckoutSetup.php:70

actionwoocommerce_store_api_checkout_order_processedincludes\Checkout\CheckoutSetup.php:77

actionwoocommerce_checkout_validate_order_before_paymentincludes\Checkout\CheckoutSetup.php:84

actionwoocommerce_email_order_detailsincludes\Plugin\NovaPostForWoocommerce.php:64

actionrest_api_initincludes\Plugin\NovaPostForWoocommerce.php:71

filterwoocommerce_shipping_methodsincludes\Plugin\NovaPostForWoocommerce.php:101

actionwoocommerce_checkout_order_createdincludes\Plugin\NovaPostForWoocommerce.php:134

actionwoocommerce_new_orderincludes\Plugin\NovaPostForWoocommerce.php:136

actionplugins_loadedincludes\Plugin\NovaPostForWoocommercePlugin.php:36

actionadmin_noticesincludes\Plugin\NovaPostForWoocommercePlugin.php:61

actionadmin_noticesincludes\Plugin\NovaPostForWoocommercePlugin.php:88

actionwoocommerce_product_options_shipping_product_dataincludes\Services\ProductPageService.php:29

actionwoocommerce_process_product_metaincludes\Services\ProductPageService.php:30

actionadmin_noticesincludes\Services\ProductPageService.php:31

actionwp_enqueue_scriptsincludes\Widget\NovaPostWidgetIntegration.php:82

actionwp_enqueue_scriptsincludes\Widget\NovaPostWidgetIntegration.php:83

actionenqueue_block_editor_assetsincludes\Widget\NovaPostWidgetIntegration.php:84

Maintenance & Trust

Nova Post for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 9, 2026

PHP min version8.0

Downloads417

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Nova Post for WooCommerce Alternatives

Printful Integration for WooCommerce

printful-shipping-for-woocommerce

Grow your store with the top print-on-demand dropshipping plugin

50K 2 CVEs

WC Hide Shipping Methods

wc-hide-shipping-methods

100

This plugin automatically hides all other shipping methods when "Free Shipping" is available, while allowing you to retain "Local Picku …

20K No CVEs

Gelato Integration for WooCommerce

gelato-integration-for-woocommerce

Sell globally, print locally with 100+ production hubs in 32 countries

5K No CVEs

Sendcloud Shipping

sendcloud-connected-shipping

100

SendCloud helps to grow your online store by optimizing the shipping process. Shipping packages has never been that easy!

4K No CVEs

PiWeb Flat rate / Conditional shipping for WooCommerce

advanced-free-flat-shipping-woocommerce

100

WooCommerce conditional shipping & WooCommerce Advanced Flat rate shipping rates plugin to Create Advanced Flat rate shipping or Free shipping met …

2K 1 CVE

Developer Profile

Nova Post for WooCommerce Developer Profile

Nova Post

1 plugin · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Nova Post for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/nova-post-for-woocommerce/assets/js/admin/order-edit.js/wp-content/plugins/nova-post-for-woocommerce/assets/js/admin/order-list.js/wp-content/plugins/nova-post-for-woocommerce/assets/js/admin/settings-page.js/wp-content/plugins/nova-post-for-woocommerce/assets/js/frontend/checkout.js/wp-content/plugins/nova-post-for-woocommerce/assets/js/tooltip-script.js/wp-content/plugins/nova-post-for-woocommerce/assets/css/admin/order-edit.css/wp-content/plugins/nova-post-for-woocommerce/assets/css/admin/order-list.css/wp-content/plugins/nova-post-for-woocommerce/assets/css/admin/settings-page.css+1 more

Script Paths

nova-post-tooltipnova-post-admin-order-editnova-post-admin-order-listnova-post-admin-settings-pagenova-post-frontend-checkout

Version Parameters

nova-post-for-woocommerce/assets/js/admin/order-edit.js?ver=nova-post-for-woocommerce/assets/js/admin/order-list.js?ver=nova-post-for-woocommerce/assets/js/admin/settings-page.js?ver=nova-post-for-woocommerce/assets/js/frontend/checkout.js?ver=nova-post-for-woocommerce/assets/js/tooltip-script.js?ver=nova-post-for-woocommerce/assets/css/admin/order-edit.css?ver=nova-post-for-woocommerce/assets/css/admin/order-list.css?ver=nova-post-for-woocommerce/assets/css/admin/settings-page.css?ver=nova-post-for-woocommerce/assets/css/frontend/checkout.css?ver=

HTML / DOM Fingerprints

CSS Classes

nova-post-alert-api-key-missing

Data Attributes

data-tip

FAQ