Does Paccofacile.it for WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in Paccofacile.it for WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Paccofacile.it for WooCommerce compatible with WordPress 6.6.5?

According to WordPress.org data, Paccofacile.it for WooCommerce 2.0.4 has been tested up to WordPress 6.6.5. Check the plugin's changelog for the latest compatibility information.

Is Paccofacile.it for WooCommerce compatible with PHP 7.2+?

Paccofacile.it for WooCommerce requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Paccofacile.it for WooCommerce updated?

Paccofacile.it for WooCommerce was last updated on Oct 9, 2024. Frequent updates are generally a positive security signal.

What is Paccofacile.it for WooCommerce's security score?

Paccofacile.it for WooCommerce has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Paccofacile.it for WooCommerce Security & Risk Analysis

wordpress.org/plugins/paccofacile-for-woocommerce

Connect in few clicks your Paccofacile.it PRO's account and start saving money and time with our automatic shipping manager software.

80 active installs v2.0.4 PHP 7.2+ WP 5.0.0+ Updated Oct 9, 2024

paccofacileshippingspedizioniwoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Paccofacile.it for WooCommerce Safe to Use in 2026?

Generally Safe

Score 92/100

Paccofacile.it for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The "paccofacile-for-woocommerce" v2.0.4 plugin exhibits a concerning security posture due to a significant number of unprotected entry points. While the plugin demonstrates good practices by exclusively using prepared statements for SQL queries and having a high percentage of properly escaped outputs, the lack of authentication checks on all 14 AJAX handlers and 2 REST API routes presents a substantial attack surface. This means an unauthenticated attacker could potentially interact with sensitive functionality within the plugin.

The taint analysis revealed 2 flows with unsanitized paths, which, although not classified as critical or high severity, still indicate a potential for issues related to file operations or external requests if exploited. The presence of file operations and external HTTP requests, especially when coupled with unsanitized paths, warrants further investigation to ensure these operations are not vulnerable to path traversal or other injection attacks. The plugin's vulnerability history is clean, showing no past CVEs, which is a positive indicator. However, this does not mitigate the immediate risks posed by the current lack of authentication on its entry points.

In conclusion, the plugin has strengths in its SQL handling and output escaping. However, the critical weakness lies in its exposed attack surface. The numerous unprotected AJAX and REST API endpoints are the primary security concern. While the taint analysis doesn't flag critical vulnerabilities, the potential for issues related to file operations and external requests needs to be considered, particularly in conjunction with the unprotected entry points. Addressing the authentication checks on these exposed endpoints should be the highest priority for improving the plugin's security.

Key Concerns

14 AJAX handlers without auth checks
2 REST API routes without permission callbacks
2 flows with unsanitized paths
1 file operation
4 external HTTP requests
15 nonce checks (some may be missing for unprotected entry points)
4 capability checks (some may be missing for unprotected entry points)

Vulnerabilities

None known

Paccofacile.it for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Paccofacile.it for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

279 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Select2

Output Escaping

93% escaped301 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

3 flows2 with unsanitized paths

pfwc_pay_order_ajax_handler (admin\class-pfwc-paccofacile-admin.php:516)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

16 unprotected

Paccofacile.it for WooCommerce Attack Surface

Entry Points16

Unprotected16

AJAX Handlers 14

authwp_ajax_paccofacile_pay_orderincludes\class-pfwc-paccofacile.php:247

authwp_ajax_paccofacile_ship_withincludes\class-pfwc-paccofacile.php:248

authwp_ajax_add_carrierincludes\class-pfwc-paccofacile.php:249

authwp_ajax_delete_carrierincludes\class-pfwc-paccofacile.php:250

authwp_ajax_add_boxincludes\class-pfwc-paccofacile.php:251

authwp_ajax_edit_boxincludes\class-pfwc-paccofacile.php:252

authwp_ajax_delete_boxincludes\class-pfwc-paccofacile.php:253

authwp_ajax_add_shipping_customesincludes\class-pfwc-paccofacile.php:254

authwp_ajax_search_localityincludes\class-pfwc-paccofacile.php:255

authwp_ajax_get_lockersincludes\class-pfwc-paccofacile.php:256

authwp_ajax_add_store_lockerincludes\class-pfwc-paccofacile.php:257

authwp_ajax_get_lockersincludes\class-pfwc-paccofacile.php:276

authwp_ajax_get_city_coordinatesincludes\class-pfwc-paccofacile.php:277

authwp_ajax_locker_id_sessionincludes\class-pfwc-paccofacile.php:278

REST API Routes 2

GET/wp-json/paccofacile/v1/order_documents/(?P<order_id>\d+)includes\paccofacile-woocommerce.php:2180

GET/wp-json/paccofacile/v1/order_updateincludes\paccofacile-woocommerce.php:2302

WordPress Hooks 42

actionadmin_menuadmin\class-pfwc-paccofacile-admin.php:174

actioninitincludes\class-pfwc-paccofacile.php:88

actionplugins_loadedincludes\class-pfwc-paccofacile.php:230

actionadmin_enqueue_scriptsincludes\class-pfwc-paccofacile.php:244

actionadmin_enqueue_scriptsincludes\class-pfwc-paccofacile.php:245

actionadmin_initincludes\class-pfwc-paccofacile.php:246

actionwp_enqueue_scriptsincludes\class-pfwc-paccofacile.php:272

actionwp_enqueue_scriptsincludes\class-pfwc-paccofacile.php:273

actioninitincludes\class-pfwc-paccofacile.php:274

filterbody_classincludes\class-pfwc-paccofacile.php:275

actionpaccofacile_order_tracking_info_sentincludes\class-pfwc-tracking-info-order-email.php:62

actionwoocommerce_shipping_initincludes\paccofacile-woocommerce.php:182

filterwoocommerce_shipping_methodsincludes\paccofacile-woocommerce.php:195

actionwoocommerce_review_order_before_cart_contentsincludes\paccofacile-woocommerce.php:271

actionwoocommerce_after_checkout_validationincludes\paccofacile-woocommerce.php:272

filterwoocommerce_package_ratesincludes\paccofacile-woocommerce.php:538

actionwoocommerce_checkout_order_processedincludes\paccofacile-woocommerce.php:902

filterwoocommerce_checkout_fieldsincludes\paccofacile-woocommerce.php:905

filterwoocommerce_order_formatted_billing_addressincludes\paccofacile-woocommerce.php:949

filterwoocommerce_order_formatted_shipping_addressincludes\paccofacile-woocommerce.php:962

actionwoocommerce_admin_order_data_after_shipping_addressincludes\paccofacile-woocommerce.php:976

actionwoocommerce_admin_order_data_after_shipping_addressincludes\paccofacile-woocommerce.php:990

filterwoocommerce_ship_to_different_address_checkedincludes\paccofacile-woocommerce.php:1056

filterwoocommerce_checkout_fieldsincludes\paccofacile-woocommerce.php:1060

filterwoocommerce_default_address_fieldsincludes\paccofacile-woocommerce.php:1080

filterwoocommerce_checkout_get_valueincludes\paccofacile-woocommerce.php:1094

actionwoocommerce_after_checkout_shipping_formincludes\paccofacile-woocommerce.php:1112

filterwoocommerce_general_settingsincludes\paccofacile-woocommerce.php:1176

actionadd_meta_boxesincludes\paccofacile-woocommerce.php:1239

actionwoocommerce_order_details_after_order_tableincludes\paccofacile-woocommerce.php:1654

actionwoocommerce_order_before_calculate_totalsincludes\paccofacile-woocommerce.php:1949

actionwoocommerce_product_options_shippingincludes\paccofacile-woocommerce.php:1977

actionwoocommerce_process_product_metaincludes\paccofacile-woocommerce.php:2004

actionrest_api_initincludes\paccofacile-woocommerce.php:2177

actionrest_api_initincludes\paccofacile-woocommerce.php:2299

filtermanage_edit-shop_order_columnsincludes\paccofacile-woocommerce.php:2315

actionmanage_shop_order_posts_custom_columnincludes\paccofacile-woocommerce.php:2338

filterwoocommerce_email_classesincludes\paccofacile-woocommerce.php:2397

filterwoocommerce_admin_shipping_fieldsincludes\paccofacile-woocommerce.php:2557

actionadmin_noticespaccofacile-for-woocommerce.php:51

actionbefore_woocommerce_initpaccofacile-for-woocommerce.php:67

actionwoocommerce_after_shipping_calculatorpublic\class-pfwc-paccofacile-public.php:59

Maintenance & Trust

Paccofacile.it for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5

Last updatedOct 9, 2024

PHP min version7.2

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs80

Alternatives

Paccofacile.it for WooCommerce Alternatives

Shipping by Weight for WooCommerce

dn-shipping-by-weight

Weight-based shipping costs for Woocomerce. Spese di spedizione basata sul peso per Woocomerce.

60 2 CVEs

Weight Based Shipping Table Rate for WooCommerce – Flexible Shipping

flexible-shipping

Weight based shipping methods for WooCommerce. Flexible shipping with table rate rules by cart weight and order value. Accurate rates at checkout.

100K 2 CVEs

WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes & Shipping Labels

print-invoices-packing-slip-labels-for-woocommerce

Auto-generate and attach WooCommerce PDF invoices and packing slips to order emails with customizable templates & bulk print options.

60K 6 CVEs

Weight Based Shipping for WooCommerce

weight-based-shipping-for-woocommerce

100

Weight Based Shipping is a flexible and widely-used solution to calculate shipping costs based on the total cart weight and value.

60K 1 CVE

Advanced Shipment Tracking for WooCommerce

woo-advanced-shipment-tracking

Add shipment tracking info to WooCommerce orders, send tracking numbers to customers via email, and let them track deliveries from My Account.

60K 2 CVEs

Developer Profile

Paccofacile.it for WooCommerce Developer Profile

sogimaholding

1 plugin · 80 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Paccofacile.it for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/paccofacile-for-woocommerce/css/paccofacile-admin.css/wp-content/plugins/paccofacile-for-woocommerce/js/paccofacile-admin.js/wp-content/plugins/paccofacile-for-woocommerce/openlayers/ol.css/wp-content/plugins/paccofacile-for-woocommerce/openlayers/ol.js/wp-content/plugins/paccofacile-for-woocommerce/fontawesome/css/fontawesome.css/wp-content/plugins/paccofacile-for-woocommerce/fontawesome/css/solid.css

Script Paths

/wp-content/plugins/paccofacile-for-woocommerce/js/paccofacile-admin.js

Version Parameters

paccofacile-for-woocommerce/css/paccofacile-admin.css?ver=paccofacile-for-woocommerce/js/paccofacile-admin.js?ver=paccofacile-for-woocommerce/openlayers/ol.css?ver=paccofacile-for-woocommerce/openlayers/ol.js?ver=paccofacile-for-woocommerce/fontawesome/css/fontawesome.css?ver=paccofacile-for-woocommerce/fontawesome/css/solid.css?ver=

HTML / DOM Fingerprints

CSS Classes

pfwc-paccofacile-admin

HTML Comments

+24 more

Data Attributes

data-pfwc-tracking-to-showdata-pfwc-api-keydata-pfwc-tokendata-pfwc-account-number

JS Globals

PFWC_PACCOFACILE_VERSIONPFWC_PACCOFACILE_PATHPFWC_PACCOFACILE_BASENAME_FILEPFWC_PACCOFACILE_PLUGIN_URLpfwc_admin_params

FAQ