Does QPMN POD by QP Group have any unpatched vulnerabilities?

No. All known vulnerabilities in QPMN POD by QP Group have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is QPMN POD by QP Group compatible with WordPress 6.7.5?

According to WordPress.org data, QPMN POD by QP Group 1.9.1 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is QPMN POD by QP Group compatible with PHP 7.4+?

QPMN POD by QP Group requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is QPMN POD by QP Group updated?

QPMN POD by QP Group was last updated on Jan 21, 2026. Frequent updates are generally a positive security signal.

What is QPMN POD by QP Group's security score?

QPMN POD by QP Group has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

QPMN POD by QP Group Security & Risk Analysis

wordpress.org/plugins/qpmn-pod-by-qp-group

Partner with QPMN, leverage the next-gen customizable print-on-demand drop shipping plugin to transform your store.

200 active installs v1.9.1 PHP 7.4+ WP 5.5+ Updated Jan 21, 2026

customizeddrop-shippingprint-on-demandprintingwoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is QPMN POD by QP Group Safe to Use in 2026?

Generally Safe

Score 100/100

QPMN POD by QP Group has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago

Risk Assessment

Based on the static analysis and vulnerability history provided, the qpmn-pod-by-qp-group plugin v1.9.1 exhibits a generally strong security posture. The absence of any known CVEs and the fact that all identified SQL queries utilize prepared statements are significant positive indicators. Furthermore, the limited attack surface with no apparent unprotected entry points and the presence of nonce checks suggest an effort to implement fundamental security practices. The taint analysis also revealed no critical or high-severity vulnerabilities, which is reassuring. However, a notable area for concern is the output escaping, where 77% are properly escaped. This implies that approximately 23% of output operations might be vulnerable to cross-site scripting (XSS) attacks if the data being output is not inherently safe or is derived from user input without adequate sanitization. While the number of external HTTP requests is low, the lack of explicit mention of capability checks in the code signals, combined with the imperfect output escaping, presents a potential, albeit minor, risk. Overall, the plugin is in a good state with no major red flags, but the output escaping should be investigated further.

Key Concerns

Imperfect output escaping

Vulnerabilities

None known

QPMN POD by QP Group Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

QPMN POD by QP Group Code Analysis

Dangerous Functions

Raw SQL Queries

4 prepared

Unescaped Output

84 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared4 total queries

Output Escaping

77% escaped109 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

add_product_meta_form (includes\wc\class-qpson-wc-product.php:538)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

QPMN POD by QP Group Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 45

actionadmin_enqueue_scriptsincludes\admin\class-qpson-admin-assets.php:10

actionadmin_menuincludes\admin\class-qpson-admin-menus.php:12

actionadmin_initincludes\admin\class-qpson-admin-menus.php:13

actioninitincludes\admin\class-qpson-admin.php:10

filterwoocommerce_admin_order_item_thumbnailincludes\admin\wc\class-qpson-admin-wc-order.php:10

filterwoocommerce_order_item_get_formatted_meta_dataincludes\admin\wc\class-qpson-admin-wc-order.php:11

actionwoocommerce_order_action_push_order_to_qpsonincludes\admin\wc\class-qpson-admin-wc-order.php:12

actionadmin_enqueue_scriptsincludes\admin\wc\class-qpson-admin-wc-order.php:13

actionwoocommerce_webhook_deliveryincludes\admin\wc\class-qpson-admin-wc-order.php:15

filterupdate_option_woocommerce_currencyincludes\admin\wc\class-qpson-admin-wc-settings.php:10

actionwoocommerce_load_shipping_methodsincludes\class-qpson-shipping-method.php:81

filterwoocommerce_cart_shipping_packagesincludes\class-qpson-shipping-method.php:83

actionwoocommerce_after_shipping_rateincludes\class-qpson-shipping-method.php:85

filterwoocommerce_webhook_http_argsincludes\class-qpson-wc-webhook.php:12

actioninitincludes\class-qpson.php:66

actionwoocommerce_shipping_initincludes\class-qpson.php:67

actionwoocommerce_blocks_loadedincludes\class-qpson.php:69

actionrest_api_initincludes\rest-api\Server.php:22

actionwp_enqueue_scriptsincludes\wc\class-qpson-frontend-scripts.php:11

actionwp_loadedincludes\wc\class-qpson-wc-cart.php:12

actionwoocommerce_before_calculate_totalsincludes\wc\class-qpson-wc-cart.php:13

filterwoocommerce_add_cart_item_dataincludes\wc\class-qpson-wc-cart.php:14

filterwoocommerce_cart_item_thumbnailincludes\wc\class-qpson-wc-cart.php:15

filterwoocommerce_cart_item_priceincludes\wc\class-qpson-wc-cart.php:16

filterwoocommerce_quantity_input_argsincludes\wc\class-qpson-wc-cart.php:17

filterwoocommerce_product_add_to_cart_textincludes\wc\class-qpson-wc-category.php:10

filterwoocommerce_product_add_to_cart_urlincludes\wc\class-qpson-wc-category.php:11

actionwoocommerce_cart_item_nameincludes\wc\class-qpson-wc-checkout.php:12

actionwoocommerce_new_order_itemincludes\wc\class-qpson-wc-order.php:12

filterwoocommerce_order_item_get_formatted_meta_dataincludes\wc\class-qpson-wc-order.php:13

filterwoocommerce_order_item_nameincludes\wc\class-qpson-wc-order.php:14

filterwoocommerce_order_shipping_to_display_shipped_viaincludes\wc\class-qpson-wc-order.php:15

actionwoocommerce_before_add_to_cart_buttonincludes\wc\class-qpson-wc-product.php:12

actionwoocommerce_after_add_to_cart_buttonincludes\wc\class-qpson-wc-product.php:13

actionwoocommerce_simple_add_to_cartincludes\wc\class-qpson-wc-product.php:14

actionwoocommerce_is_purchasableincludes\wc\class-qpson-wc-product.php:15

actionwoocommerce_get_price_htmlincludes\wc\class-qpson-wc-product.php:16

filterwoocommerce_product_supportsincludes\wc\class-qpson-wc-product.php:17

actionwp_loadedincludes\wc\class-qpson-wc-product.php:19

actionwoocommerce_simple_add_to_cartincludes\wc\class-qpson-wc-product.php:21

filterwc_product_sku_enabledincludes\wc\class-qpson-wc-product.php:22

actionwoocommerce_after_quantity_input_fieldincludes\wc\class-qpson-wc-product.php:25

filterwoocommerce_quantity_input_argsincludes\wc\class-qpson-wc-product.php:26

filterwoocommerce_available_variationincludes\wc\class-qpson-wc-product.php:28

actioninitincludes\wc\class-qpson-wc.php:10

Maintenance & Trust

QPMN POD by QP Group Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedJan 21, 2026

PHP min version7.4

Downloads4K

Community Trust

Rating0/100

Number of ratings0

Active installs200

Alternatives

QPMN POD by QP Group Alternatives

Printify for WooCommerce

printify-for-woocommerce

Printify is a print on demand drop shipping platform for WordPress users.

10K No CVEs

Teezily plus for WooCommerce

teezily-plus-shipping-method

Teezily Plus is a complete print on demand fulfillment service.

0 No CVEs

Instant Design Tool

instant-design-tool

Connect WooCommerce to your Instant Design Tool. Enable your customers to create and order their own designs with Instant Design Tool.

40 No CVEs

Printful Integration for WooCommerce

printful-shipping-for-woocommerce

Grow your store with the top print-on-demand dropshipping plugin

50K 2 CVEs

Gelato Integration for WooCommerce

gelato-integration-for-woocommerce

Sell globally, print locally with 100+ production hubs in 32 countries

5K No CVEs

Developer Profile

QPMN POD by QP Group Developer Profile

qppitdev2

1 plugin · 200 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect QPMN POD by QP Group

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/qpmn-pod-by-qp-group/assets/js/preview-image.js/wp-content/plugins/qpmn-pod-by-qp-group/assets/css/preview-image.css

Script Paths

/wp-content/plugins/qpmn-pod-by-qp-group/assets/js/preview-image.js

Version Parameters

/assets/js/preview-image.js?ver=/assets/css/preview-image.css?ver=

HTML / DOM Fingerprints

HTML Comments

Data Attributes

data-qpson-image-urldata-qpson-product-url

JS Globals

QPSONQpson_MetaQPSON_TRACK_URLQPSON_SERVERQPSON_FILE_SERVERmyData

Shortcode Output

<div class="order_data_column"><p><strong>Track list</strong>:</p><ul><li><a href="

FAQ