Does Shipping Live rates for Canada Post for WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in Shipping Live rates for Canada Post for WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Shipping Live rates for Canada Post for WooCommerce compatible with WordPress 6.9.4?

According to WordPress.org data, Shipping Live rates for Canada Post for WooCommerce 2.0.15 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Shipping Live rates for Canada Post for WooCommerce compatible with PHP 7.4+?

Shipping Live rates for Canada Post for WooCommerce requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

What is Shipping Live rates for Canada Post for WooCommerce's security score?

Shipping Live rates for Canada Post for WooCommerce has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Shipping Live rates for Canada Post for WooCommerce Security & Risk Analysis

wordpress.org/plugins/octolize-canada-post-shipping

Offer your customers the Canada Post shipping methods with real-time calculated shipping rates for domestic and international shipping.

300 active installs v2.0.15 PHP 7.4+ WP 6.4+ Updated Feb 24, 2026

canada-postcanada-post-live-ratescanada-post-ratescanada-post-shippingcanada-post-woocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Shipping Live rates for Canada Post for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Shipping Live rates for Canada Post for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The "octolize-canada-post-shipping" plugin v2.0.15 exhibits a generally strong security posture based on the provided static analysis. The plugin has a small attack surface with only one AJAX handler, and importantly, this entry point has no detected authentication checks missing. Furthermore, there are no recorded vulnerabilities (CVEs) for this plugin, indicating a history of stable and secure development. The taint analysis also found no critical or high severity unsanitized flows, which is a positive sign.

However, the static analysis does highlight some areas for improvement. The presence of dangerous functions like `proc_open` and `unserialize` warrants careful review to ensure they are used in a secure context and are not exploitable. The significant percentage of SQL queries not using prepared statements is a notable concern, as this can be a vector for SQL injection attacks. Additionally, a substantial portion of outputs are not properly escaped, which could lead to cross-site scripting (XSS) vulnerabilities. The use of bundled libraries, while common, also introduces a potential risk if these libraries are not kept up-to-date.

In conclusion, while the plugin benefits from a lack of known vulnerabilities and a protected entry point, the identified code signals regarding dangerous functions, SQL query security, and output escaping represent tangible risks. Addressing these specific code-level concerns would significantly enhance the plugin's overall security.

Key Concerns

SQL queries not using prepared statements
Significant portion of outputs not properly escaped
Use of dangerous function: unserialize
Use of dangerous function: proc_open
Bundled library (Guzzle) - potential for outdated components

Vulnerabilities

None known

Shipping Live rates for Canada Post for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Shipping Live rates for Canada Post for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

210

76 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

proc_open$this->process = proc_open($this->command, static::DESCRIPTOR_SPEC, $this->pipes, $this->cwd);vendor_prefixed\monolog\monolog\src\Monolog\Handler\ProcessHandler.php:104

unserializereturn unserialize($value);vendor_prefixed\wpdesk\wp-forms\src\Serializer\SerializeSerializer.php:15

unserializereturn unserialize($this->container->get($id));vendor_prefixed\wpdesk\wp-persistence\src\Decorator\SerializedPersistentContainer.php:24

Bundled Libraries

Guzzle

SQL Query Safety

0% prepared2 total queries

Output Escaping

27% escaped286 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

processAjaxNoticeDismiss (vendor_prefixed\wpdesk\wp-notice\src\WPDesk\Notice\AjaxHandler.php:72)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Shipping Live rates for Canada Post for WooCommerce Attack Surface

Entry Points1

Unprotected0

AJAX Handlers 1

authwp_ajax_wpdesk_notice_dismissvendor_prefixed\wpdesk\wp-notice\src\WPDesk\Notice\AjaxHandler.php:42

WordPress Hooks 66

actioninitsrc\Plugin.php:115

actioninitsrc\Plugin.php:117

filterwoocommerce_shipping_methodssrc\Plugin.php:219

filterpre_option_woocommerce_settings_shipping_recommendations_hiddensrc\Plugin.php:221

actioninitsrc\Plugin.php:230

actionoctolize_canada_post_shipping_settings_sidebarsrc\SettingsSidebar.php:16

actionadmin_enqueue_scriptsvendor_prefixed\octolize\wp-octolize-brand-assets\src\Brand\Assets\AdminAssets.php:54

actionadmin_noticesvendor_prefixed\octolize\wp-octolize-tracker\src\OptInNotice\OptInNotice.php:41

actionadmin_footervendor_prefixed\octolize\wp-octolize-tracker\src\OptInNotice\OptInNotice.php:55

filterwpdesk_tracker_notice_screensvendor_prefixed\octolize\wp-octolize-tracker\src\TrackerInitializer.php:82

actionplugins_loadedvendor_prefixed\octolize\wp-octolize-tracker\src\TrackerInitializer.php:83

actioncurrent_screenvendor_prefixed\octolize\wp-onboarding\src\Onboarding\Onboarding.php:64

actionadmin_enqueue_scriptsvendor_prefixed\octolize\wp-onboarding\src\Onboarding\Onboarding.php:70

actionadmin_footervendor_prefixed\octolize\wp-onboarding\src\Onboarding\Onboarding.php:71

filterwpdesk_tracker_deactivation_datavendor_prefixed\octolize\wp-onboarding\src\Onboarding\OnboardingDeactivationData.php:31

filterwpdesk_tracker_datavendor_prefixed\octolize\wp-onboarding\src\Onboarding\OnboardingTrackerData.php:38

actionupgrader_process_completevendor_prefixed\octolize\wp-onboarding\src\Onboarding\PluginUpgrade\PluginUpgradeWatcher.php:31

actionadmin_enqueue_scriptsvendor_prefixed\octolize\wp-shipping-extensions\src\ShippingExtensions\Assets.php:37

actionadmin_menuvendor_prefixed\octolize\wp-shipping-extensions\src\ShippingExtensions\Page.php:40

actionin_admin_headervendor_prefixed\octolize\wp-shipping-extensions\src\ShippingExtensions\PageViewTracker.php:29

actionwpdesk_tracker_startedvendor_prefixed\octolize\wp-shipping-extensions\src\ShippingExtensions\Tracker\Tracker.php:29

actionadmin_headvendor_prefixed\octolize\wp-shipping-extensions\src\ShippingExtensions\WooCommerceSuggestions.php:12

actionadmin_enqueue_scriptsvendor_prefixed\wpdesk\wp-builder\src\Plugin\AbstractPlugin.php:148

actionwp_enqueue_scriptsvendor_prefixed\wpdesk\wp-builder\src\Plugin\AbstractPlugin.php:149

actionadmin_footervendor_prefixed\wpdesk\wp-helpscout-beacon\src\Beacon\Beacon.php:66

actionadmin_enqueue_scriptsvendor_prefixed\wpdesk\wp-helpscout-beacon\src\Beacon\Beacon.php:67

actionadmin_enqueue_scriptsvendor_prefixed\wpdesk\wp-notice\src\WPDesk\Notice\AjaxHandler.php:41

actionadmin_noticesvendor_prefixed\wpdesk\wp-notice\src\WPDesk\Notice\Notice.php:144

actionadmin_footervendor_prefixed\wpdesk\wp-notice\src\WPDesk\Notice\Notice.php:145

filterwp_autoloader_loader_loaders_to_loadvendor_prefixed\wpdesk\wp-plugin-flow-common\src\Initialization\PluginDisablerByFileTrait.php:45

filterwp_autoloader_loader_loaders_to_createvendor_prefixed\wpdesk\wp-plugin-flow-common\src\Initialization\PluginDisablerByFileTrait.php:46

actionplugins_loadedvendor_prefixed\wpdesk\wp-plugin-flow-common\src\Initialization\Simple\SimplePaidStrategy.php:58

actionplugins_loadedvendor_prefixed\wpdesk\wp-plugin-flow-common\src\PluginBootstrap.php:81

actionbefore_woocommerce_initvendor_prefixed\wpdesk\wp-plugin-flow-common\src\PluginBootstrap.php:88

actionactivated_pluginvendor_prefixed\wpdesk\wp-plugin-flow-common\src\PluginBootstrap.php:102

filterdoing_it_wrong_trigger_errorvendor_prefixed\wpdesk\wp-plugin-flow-common\src\PluginBootstrap.php:123

actionwoocommerce_active_payments_checkout_shipping_methodvendor_prefixed\wpdesk\wp-woocommerce-shipping\src\WooCommerceShipping\ActivePayments\Integration.php:39

actionadmin_noticesvendor_prefixed\wpdesk\wp-woocommerce-shipping\src\WooCommerceShipping\AddMethodReminder\AddMethodReminder.php:44

actionadmin_initvendor_prefixed\wpdesk\wp-woocommerce-shipping\src\WooCommerceShipping\AddMethodReminder\ClickNoticeTracker.php:23

filterwpdesk_tracker_deactivation_datavendor_prefixed\wpdesk\wp-woocommerce-shipping\src\WooCommerceShipping\AddMethodReminder\DeactivationTrackerData.php:26

filterwpdesk_tracker_datavendor_prefixed\wpdesk\wp-woocommerce-shipping\src\WooCommerceShipping\AddMethodReminder\TrackerData.php:27

actionadmin_enqueue_scriptsvendor_prefixed\wpdesk\wp-woocommerce-shipping\src\WooCommerceShipping\Assets.php:59

actionadmin_enqueue_scriptsvendor_prefixed\wpdesk\wp-woocommerce-shipping\src\WooCommerceShipping\Assets.php:60

actionwp_enqueue_scriptsvendor_prefixed\wpdesk\wp-woocommerce-shipping\src\WooCommerceShipping\Assets.php:61

actionwoocommerce_review_order_after_shippingvendor_prefixed\wpdesk\wp-woocommerce-shipping\src\WooCommerceShipping\CollectionPoints\CheckoutHandler.php:89

actionwoocommerce_checkout_update_order_reviewvendor_prefixed\wpdesk\wp-woocommerce-shipping\src\WooCommerceShipping\CollectionPoints\CheckoutHandler.php:90

actionwoocommerce_after_shipping_ratevendor_prefixed\wpdesk\wp-woocommerce-shipping\src\WooCommerceShipping\EstimatedDelivery\EstimatedDeliveryDatesDisplay.php:56

filterwoocommerce_package_ratesvendor_prefixed\wpdesk\wp-woocommerce-shipping\src\WooCommerceShipping\EstimatedDelivery\EstimatedDeliveryDatesDisplay.php:57

actionwoocommerce_hidden_order_itemmetavendor_prefixed\wpdesk\wp-woocommerce-shipping\src\WooCommerceShipping\EstimatedDelivery\EstimatedDeliveryDatesDisplay.php:58

filterwoocommerce_order_item_display_meta_keyvendor_prefixed\wpdesk\wp-woocommerce-shipping\src\WooCommerceShipping\OrderMetaData\AdminOrderMetaDataDisplay.php:70

filterwoocommerce_order_item_display_meta_valuevendor_prefixed\wpdesk\wp-woocommerce-shipping\src\WooCommerceShipping\OrderMetaData\AdminOrderMetaDataDisplay.php:71

filterwoocommerce_hidden_order_itemmetavendor_prefixed\wpdesk\wp-woocommerce-shipping\src\WooCommerceShipping\OrderMetaData\AdminOrderMetaDataDisplay.php:72

actionwoocommerce_order_details_after_order_tablevendor_prefixed\wpdesk\wp-woocommerce-shipping\src\WooCommerceShipping\OrderMetaData\FrontOrderMetaDataDisplay.php:44

actionwoocommerce_email_order_metavendor_prefixed\wpdesk\wp-woocommerce-shipping\src\WooCommerceShipping\OrderMetaData\FrontOrderMetaDataDisplay.php:45

actionadmin_noticesvendor_prefixed\wpdesk\wp-woocommerce-shipping\src\WooCommerceShipping\ThirdParty\Germanized\TaxSettingsNotice.php:18

actionadmin_noticesvendor_prefixed\wpdesk\wp-wpdesk-rating-petition\src\RatingPetitionNotice.php:82

actionadmin_noticesvendor_prefixed\wpdesk\wp-wpdesk-rating-petition\src\RatingPetitionNotice.php:83

actionwpdesk_notice_dismissed_noticevendor_prefixed\wpdesk\wp-wpdesk-rating-petition\src\RatingPetitionNotice.php:84

actionadmin_enqueue_scriptsvendor_prefixed\wpdesk\wp-wpdesk-rating-petition\src\TextPetitionDisplayer.php:39

actionadmin_initvendor_prefixed\wpdesk\wp-wpdesk-rating-petition\src\TimeWatcher\ShippingMethodInstanceWatcher.php:75

actionwoocommerce_shipping_zone_method_addedvendor_prefixed\wpdesk\wp-wpdesk-rating-petition\src\TimeWatcher\ShippingMethodInstanceWatcher.php:76

actionadmin_enqueue_scriptsvendor_prefixed\wpdesk\wp-wpdesk-tracker\src\PSR\WPDesk\Tracker\Assets.php:28

actionadmin_menuvendor_prefixed\wpdesk\wp-wpdesk-tracker\src\PSR\WPDesk\Tracker\OptInPage.php:35

actionadmin_initvendor_prefixed\wpdesk\wp-wpdesk-tracker\src\PSR\WPDesk\Tracker\OptInPage.php:36

actionadmin_noticesvendor_prefixed\wpdesk\wp-wpdesk-tracker\src\PSR\WPDesk\Tracker\OptOut.php:28

filterplugin_row_metavendor_prefixed\wpdesk\wp-wpdesk-tracker\src\PSR\WPDesk\Tracker\PluginActionLinks.php:36

Maintenance & Trust

Shipping Live rates for Canada Post for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 24, 2026

PHP min version7.4

Downloads13K

Community Trust

Rating100/100

Number of ratings2

Active installs300

Alternatives

Shipping Live rates for Canada Post for WooCommerce Alternatives

Canada Post Shipping For WooCommerce

canada-post-shipping-for-woocommerce

100

Add Canada Post as a shipping option for your customers

2K No CVEs

Automated Canada Post – HPOS Supported

a2z-canada-post-automated-shipping

100

Canada Post shipping plugin, integrate seamlessly with Canada Post for real-time shipping rates, label printing, automatic tracking number e-mail gene …

20 No CVEs

Developer Profile

Shipping Live rates for Canada Post for WooCommerce Developer Profile

Octolize Shipping Plugins

11 plugins · 114K total installs

trust score

Avg Security Score

100/100

Avg Patch Time

91 days

View full developer profile

Detection Fingerprints

How We Detect Shipping Live rates for Canada Post for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/octolize-canada-post-shipping/vendor_prefixed/octolize/wp-octolize-brand-assets/src/Brand/Assets/../assets/dist/css/admin.css

/wp-content/plugins/octolize-canada-post-shipping/vendor_prefixed/octolize/wp-onboarding/assets/css/onboarding.css/wp-content/plugins/octolize-canada-post-shipping/vendor_prefixed/octolize/wp-onboarding/assets/js/onboarding.js

Script Paths

/wp-content/plugins/octolize-canada-post-shipping/vendor_prefixed/octolize/wp-onboarding/assets/js/onboarding.js

Version Parameters

octolize-canada-post-shipping/vendor_prefixed/octolize/wp-octolize-brand-assets/src/Brand/Assets/../assets/dist/css/admin.css?ver=

octolize-canada-post-shipping/vendor_prefixed/octolize/wp-onboarding/assets/css/onboarding.css?ver=octolize-canada-post-shipping/vendor_prefixed/octolize/wp-onboarding/assets/js/onboarding.js?ver=

HTML / DOM Fingerprints

CSS Classes

octolize-onboarding-modal

Data Attributes

data-onboarding-iddata-open-autodata-logo-imgdata-pagedata-ajax-urldata-ajax-nonce+3 more

JS Globals

OctolizeOnboarding

FAQ

Shipping Live rates for Canada Post for WooCommerce Security & Risk Analysis

Is Shipping Live rates for Canada Post for WooCommerce Safe to Use in 2026?

Generally Safe

Key Concerns

Shipping Live rates for Canada Post for WooCommerce Security Vulnerabilities

Shipping Live rates for Canada Post for WooCommerce Code Analysis

Dangerous Functions Found

Bundled Libraries

SQL Query Safety

Output Escaping

Data Flow Analysis

Shipping Live rates for Canada Post for WooCommerce Attack Surface

AJAX Handlers 1

Shipping Live rates for Canada Post for WooCommerce Maintenance & Trust

Maintenance Signals

Community Trust

Shipping Live rates for Canada Post for WooCommerce Alternatives

Canada Post Shipping For WooCommerce

Automated Canada Post – HPOS Supported

Shipping Live rates for Canada Post for WooCommerce Developer Profile

How We Detect Shipping Live rates for Canada Post for WooCommerce

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Shipping Live rates for Canada Post for WooCommerce