WP-Safety

Posten Bring Checkout Security & Risk Analysis

wordpress.org/plugins/posten-bring-checkout

Official Posten Bring checkout plugin for WooCommerce

100 active installs v1.1.46 PHP 7.4+ WP 6.3+ Updated Mar 13, 2026
bringcheckoutpostenshippingwoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Posten Bring Checkout Safe to Use in 2026?

Generally Safe

Score 100/100

Posten Bring Checkout has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 22d ago
Risk Assessment

The "posten-bring-checkout" plugin version 1.1.46 demonstrates a generally good security posture with several positive indicators. The plugin utilizes prepared statements for all SQL queries, exhibits a high percentage of properly escaped output, and has no recorded vulnerabilities (CVEs) or known dangerous functions. The presence of numerous capability checks and nonces further strengthens its defenses against common attack vectors. However, a significant concern is the presence of one AJAX handler without authentication checks, which presents an unprotected entry point into the application. This could potentially be exploited by an attacker to perform unauthorized actions if the functionality of this handler is sensitive. While the plugin has a clean vulnerability history, this single unprotected entry point warrants attention and mitigation to ensure complete security.

Key Concerns

  • Unprotected AJAX handler
Vulnerabilities
None known

Posten Bring Checkout Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Posten Bring Checkout Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
4
252 escaped
Nonce Checks
6
Capability Checks
16
File Operations
0
External Requests
17
Bundled Libraries
0

Output Escaping

98% escaped256 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

2 flows1 with unsanitized paths
add_shipping_provider_filter (admin\Backoffice.php:1154)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

Posten Bring Checkout Attack Surface

Entry Points17
Unprotected1

AJAX Handlers 1

authwp_ajax_posten_bring_checkout_dismiss_noticeincludes\Main.php:215

REST API Routes 16

GET/wp-json/posten-bring-checkout/credentialsadmin\Backoffice.php:338
POST/wp-json/posten-bring-checkout/credentialsadmin\Backoffice.php:350
GET/wp-json/posten-bring-checkout/customersadmin\Backoffice.php:362
GET/wp-json/posten-bring-checkout/servicesadmin\Backoffice.php:374
GET/wp-json/posten-bring-checkout/bookingsadmin\Backoffice.php:386
POST/wp-json/posten-bring-checkout/bookingsadmin\Backoffice.php:398
GET/wp-json/posten-bring-checkout/orders/(?P<orderId>\d+)admin\Backoffice.php:410
GET/wp-json/posten-bring-checkout/labelsadmin\Backoffice.php:422
GET/wp-json/posten-bring-checkout/waybillsadmin\Backoffice.php:434
POST/wp-json/posten-bring-checkout/feedbackadmin\Backoffice.php:446
POST/wp-json/posten-bring-checkout/remote-log-toggleadmin\Backoffice.php:458
POST/wp-json/posten-bring-checkout/dark-modeadmin\Backoffice.php:470
GET/wp-json/posten-bring-checkout/remote-log-toggleadmin\Backoffice.php:482
GET/wp-json/posten-bring-checkout/v1/address-searchadmin\Backoffice.php:494
POST/wp-json/posten-bring-checkout/deactivateadmin\Backoffice.php:511
GET/wp-json/posten-bring-checkout/v1/address-detailsadmin\Backoffice.php:523
WordPress Hooks 64
filterrest_pre_serve_requestadmin\api\handlers\BookingHandler.php:113
filterrest_pre_serve_requestadmin\api\handlers\BookingHandler.php:151
filterplugin_action_linksincludes\Main.php:181
actionadmin_menuincludes\Main.php:182
actionadmin_enqueue_scriptsincludes\Main.php:183
actionadmin_enqueue_scriptsincludes\Main.php:184
actionadmin_enqueue_scriptsincludes\Main.php:185
actionrest_api_initincludes\Main.php:186
actioninitincludes\Main.php:187
actionwoocommerce_shipping_initincludes\Main.php:188
filterwoocommerce_shipping_methodsincludes\Main.php:189
filterwoocommerce_package_ratesincludes\Main.php:190
filterwoocommerce_hidden_order_itemmetaincludes\Main.php:191
actionwoocommerce_admin_order_item_valuesincludes\Main.php:192
filterwoocommerce_order_item_get_method_titleincludes\Main.php:193
filterwoocommerce_validate_postcodeincludes\Main.php:194
filterbulk_actions-woocommerce_page_wc-ordersincludes\Main.php:195
filterbulk_actions-edit-shop_orderincludes\Main.php:196
actionadmin_footerincludes\Main.php:197
actionadmin_footerincludes\Main.php:198
filtermanage_woocommerce_page_wc-orders_columnsincludes\Main.php:199
filtermanage_edit-shop_order_columnsincludes\Main.php:200
actionmanage_woocommerce_page_wc-orders_custom_columnincludes\Main.php:201
actionmanage_shop_order_posts_custom_columnincludes\Main.php:202
actionwoocommerce_product_options_general_product_dataincludes\Main.php:203
actionwoocommerce_product_bulk_edit_endincludes\Main.php:204
actionwoocommerce_process_product_metaincludes\Main.php:205
actionwoocommerce_product_bulk_edit_saveincludes\Main.php:206
actionwoocommerce_order_list_table_restrict_manage_ordersincludes\Main.php:207
actionwoocommerce_store_api_checkout_order_processedincludes\Main.php:208
filterwoocommerce_order_list_table_prepare_items_query_argsincludes\Main.php:209
actionwoocommerce_email_after_order_tableincludes\Main.php:210
filterwoocommerce_register_log_handlersincludes\Main.php:211
actionwoocommerce_variation_optionsincludes\Main.php:212
actionwoocommerce_save_product_variationincludes\Main.php:213
actionadmin_noticesincludes\Main.php:214
filterdwc_shipping_iconincludes\Main.php:216
filterload_textdomain_mofileincludes\Main.php:217
actionwoocommerce_blocks_checkout_block_registrationincludes\Main.php:229
actionwoocommerce_blocks_cart_block_registrationincludes\Main.php:230
actionblock_categories_allincludes\Main.php:231
actionwoocommerce_store_api_checkout_update_order_from_requestincludes\Main.php:232
filter__experimental_woocommerce_blocks_add_data_attributes_to_blockincludes\Main.php:233
actionwoocommerce_after_shipping_rateincludes\Main.php:234
actionwp_enqueue_scriptsincludes\Main.php:235
actionwoocommerce_checkout_create_orderincludes\Main.php:236
actionwoocommerce_after_checkout_validationincludes\Main.php:237
filterwoocommerce_checkout_fieldsincludes\Main.php:238
actionwoocommerce_checkout_update_order_reviewincludes\Main.php:239
filterwoocommerce_checkout_get_valueincludes\Main.php:240
filterwoocommerce_update_order_review_fragmentsincludes\Main.php:241
filterwoocommerce_shipping_method_add_rateincludes\Main.php:242
filterwoocommerce_cart_shipping_method_full_labelincludes\Main.php:243
filterwoocommerce_address_providersincludes\Main.php:244
filterwoo_vipps_shipping_method_pickup_pointsincludes\Main.php:256
actionwoo_vipps_set_order_shipping_detailsincludes\Main.php:257
filterwoo_vipps_checkout_json_shipping_methodsincludes\Main.php:258
filterwoo_vipps_shipping_method_descriptionincludes\Main.php:259
filterwoo_vipps_shipping_method_timeslotsincludes\Main.php:260
filterwoo_vipps_shipping_method_lead_timeincludes\Main.php:261
filterwoocommerce_integrationsposten-bring-checkout.php:121
actionbefore_woocommerce_initposten-bring-checkout.php:130
actionwoocommerce_initposten-bring-checkout.php:140
actionplugins_loadedposten-bring-checkout.php:141
Maintenance & Trust

Posten Bring Checkout Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedMar 13, 2026
PHP min version7.4
Downloads6K

Community Trust

Rating100/100
Number of ratings1
Active installs100
Alternatives

Posten Bring Checkout Alternatives

Comunas de Chile para WooCommerce

Comunas de Chile para WooCommerce

comunas-de-chile-para-woocommerce

A
100

Agrega las Comunas de Chile a WooCommerce para mejorar la experiencia de envío.

2K No CVEs
Remove Checkout Fields for Woocommerce

Remove Checkout Fields for Woocommerce

remove-default-checkout-fields-for-woocommerce

A
92

Remove Fields from woocommerce Checkout page

1K No CVEs
F4 Shipping Phone and E-Mail for WooCommerce

F4 Shipping Phone and E-Mail for WooCommerce

f4-woocommerce-shipping-phone-and-e-mail

A
100

Adds fields for e-mail and/or telephone to the WooCommerce shipping address.

800 No CVEs
Ship to a Different Address Checked/Unchecked for WooCommerce

Ship to a Different Address Checked/Unchecked for WooCommerce

ship-to-a-different-address-checked-unchecked

A
100

Easily set WooCommerce's 'Ship to a different address' checkbox default to checked or unchecked on the checkout page.

700 No CVEs
Bring Fraktguiden for WooCommerce

Bring Fraktguiden for WooCommerce

bring-fraktguiden-for-woocommerce

A
99

Bring Fraktguiden provides shipping calculation based on rates from bring.no.

500 1 CVE
Developer Profile

Posten Bring Checkout Developer Profile

Posten Bring AS

1 plugin · 100 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Posten Bring Checkout

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/posten-bring-checkout/build/admin-index.css/wp-content/plugins/posten-bring-checkout/build/admin-index.js/wp-content/plugins/posten-bring-checkout/admin/bring/js/bring-logo.js/wp-content/plugins/posten-bring-checkout/build/tasks-index.js/wp-content/plugins/posten-bring-checkout/admin/js/posten-bring-checkout-mass-booking.js/wp-content/plugins/posten-bring-checkout/admin/css/posten-bring-checkout-modal.css/wp-content/plugins/posten-bring-checkout/admin/js/posten-bring-checkout-notifications.js
Version Parameters
posten-bring-checkout/build/admin-index.asset.phpposten-bring-checkout/build/tasks-index.asset.php

HTML / DOM Fingerprints

CSS Classes
posten-bring-checkout-mass-booking-button
HTML Comments
<!-- Posten Bring Checkout plugin for WooCommerce -->
Data Attributes
data-posten-bring-checkout
JS Globals
PostenBringCheckoutNotice
REST Endpoints
/wp-json/posten-bring-checkout/
FAQ

Frequently Asked Questions about Posten Bring Checkout