WP-Safety

PDF Invoice for Woocommerce Security & Risk Analysis

wordpress.org/plugins/pdf-invoice-for-woocommerce

Automatically generate professionally designed pdf invoices and attach to WooCommerce order emails.

10 active installs v1.3.4 PHP 8.0+ WP 6.4+ Updated Mar 2, 2026
pdf-invoicepdf-invoice-woocommercewoocommerce-invoicewoocommerce-pdf-invoice
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is PDF Invoice for Woocommerce Safe to Use in 2026?

Generally Safe

Score 100/100

PDF Invoice for Woocommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The security posture of the pdf-invoice-for-woocommerce plugin v1.3.4 appears to be generally good, with no known critical or high vulnerabilities in its history and a focus on using prepared statements for all SQL queries. The static analysis also reveals a small attack surface, with only one AJAX handler and no REST API routes, shortcodes, or cron events exposed. Crucially, the single AJAX handler does not appear to have any explicit authentication or capability checks, which represents a significant concern regarding unauthorized access to its functionality. While the plugin demonstrates some positive security practices, the lack of robust authorization for its entry point, coupled with a concerning percentage of improperly escaped output, introduces potential risks that require attention. The absence of any recorded vulnerabilities in its history is a positive sign, suggesting the developers may be proactive, but this should not overshadow the identified code-level concerns.

Key Concerns

  • AJAX handler without auth checks
  • Significant portion of output not escaped
Vulnerabilities
None known

PDF Invoice for Woocommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

PDF Invoice for Woocommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
26
22 escaped
Nonce Checks
1
Capability Checks
0
File Operations
2
External Requests
0
Bundled Libraries
1

Bundled Libraries

dompdf

Output Escaping

46% escaped48 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

2 flows1 with unsanitized paths
invoice_save_fields (invoice-for-wc.php:222)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

PDF Invoice for Woocommerce Attack Surface

Entry Points1
Unprotected0

AJAX Handlers 1

authwp_ajax_wphub-previewinvoice-for-wc.php:49
WordPress Hooks 15
filterwoocommerce_settings_tabs_arrayclasses\wexp-hub-invoice-settings.php:7
actionwoocommerce_settings_tabs_wphub_invoiceclasses\wexp-hub-invoice-settings.php:8
actionwoocommerce_update_options_wphub_invoiceclasses\wexp-hub-invoice-settings.php:9
actioninitinvoice-for-wc.php:44
actioninitinvoice-for-wc.php:45
actioninitinvoice-for-wc.php:46
actionwoocommerce_loadedinvoice-for-wc.php:47
actionadmin_enqueue_scriptsinvoice-for-wc.php:48
actionwoocommerce_order_status_changedinvoice-for-wc.php:50
filterwoocommerce_email_attachmentsinvoice-for-wc.php:51
filterwoocommerce_checkout_fieldsinvoice-for-wc.php:52
actionwoocommerce_checkout_order_processedinvoice-for-wc.php:53
actionwoocommerce_admin_field_wphub_invoice_settinginvoice-for-wc.php:54
actionwoocommerce_update_options_wphub_invoiceinvoice-for-wc.php:55
actionbefore_woocommerce_initinvoice-for-wc.php:56
Maintenance & Trust

PDF Invoice for Woocommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 2, 2026
PHP min version8.0
Downloads2K

Community Trust

Rating100/100
Number of ratings1
Active installs10
Alternatives

PDF Invoice for Woocommerce Alternatives

WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes & Shipping Labels

WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes & Shipping Labels

print-invoices-packing-slip-labels-for-woocommerce

A
96

Auto-generate and attach WooCommerce PDF invoices and packing slips to order emails with customizable templates & bulk print options.

60K 6 CVEs
Flexible PDF Invoices for WooCommerce & WordPress

Flexible PDF Invoices for WooCommerce & WordPress

flexible-invoices

A
99

WooCommerce PDF invoices made simple. EU VAT validation, reverse charge invoice, proforma invoices, MOSS / OSS support, invoices in bulk and more.

7K 1 CVE
PDF Invoices & Packing Slips for WooCommerce – Challan

PDF Invoices & Packing Slips for WooCommerce – Challan

webappick-pdf-invoice-for-woocommerce

A
97

WooCommerce PDF invoice generator with automatic email attachment. Create packing slips, shipping labels, credit notes, multilingual.

3K 2 CVEs
PDF Builder for WooCommerce. Create invoices,packing slips and more

PDF Builder for WooCommerce. Create invoices,packing slips and more

woo-pdf-invoice-builder

A
92

Create WooCommerce pdf invoices, packing slips, certificates and more, customized them as you want them with the best drag-drop builder.

2K 10 CVEs
Invoice Manager for WooCommerce

Invoice Manager for WooCommerce

wc-invoice-manager

A
100

Manage WooCommerce invoices with the first Gutenberg-based editor; it's user-friendly, and ensures professional, accurate billing.

30 No CVEs
Developer Profile

PDF Invoice for Woocommerce Developer Profile

WpExperts Hub

5 plugins · 7K total installs

90
trust score
Avg Security Score
94/100
Avg Patch Time
15 days
View full developer profile
Detection Fingerprints

How We Detect PDF Invoice for Woocommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/pdf-invoice-for-woocommerce/assets/js/preview.js
Script Paths
/wp-content/plugins/pdf-invoice-for-woocommerce/assets/js/preview.js
Version Parameters
/wp-content/plugins/pdf-invoice-for-woocommerce/assets/js/preview.js?ver=

HTML / DOM Fingerprints

Data Attributes
data-wphub-invoice-preview
JS Globals
wphub_pdf
FAQ

Frequently Asked Questions about PDF Invoice for Woocommerce