Does SafeRoute WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in SafeRoute WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is SafeRoute WooCommerce compatible with WordPress 6.2.9?

According to WordPress.org data, SafeRoute WooCommerce 3.5.1 has been tested up to WordPress 6.2.9. Check the plugin's changelog for the latest compatibility information.

Is SafeRoute WooCommerce compatible with PHP 7.1+?

SafeRoute WooCommerce requires PHP 7.1 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is SafeRoute WooCommerce updated?

SafeRoute WooCommerce was last updated on Feb 21, 2025. Frequent updates are generally a positive security signal.

What is SafeRoute WooCommerce's security score?

SafeRoute WooCommerce has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

SafeRoute WooCommerce Security & Risk Analysis

wordpress.org/plugins/saferoute-woocommerce

Плагин для быстрой интеграции виджета доставки SafeRoute в магазины на основе WooCommerce.

60 active installs v3.5.1 PHP 7.1+ WP 4.9+ Updated Feb 21, 2025

delivery%d0%b4%d0%be%d1%81%d1%82%d0%b0%d0%b2%d0%ba%d0%b0saferouteshippingwoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is SafeRoute WooCommerce Safe to Use in 2026?

Generally Safe

Score 92/100

SafeRoute WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The 'saferoute-woocommerce' plugin v3.5.1 exhibits a concerning security posture primarily due to its unprotected entry points. All four identified AJAX handlers lack authentication checks, meaning any unauthenticated user could potentially trigger these functions, leading to a broad attack surface. While the taint analysis did not reveal any critical or high-severity vulnerabilities, and there's no recorded vulnerability history, this does not negate the immediate risks posed by the lack of authorization on AJAX actions. The plugin also shows a significant weakness in output escaping, with only 21% of outputs being properly escaped, which could lead to cross-site scripting (XSS) vulnerabilities if user-supplied data is rendered without proper sanitization. The presence of SQL queries without prepared statements is another concern, although only one was detected. The good news is that there are no known CVEs, no bundled outdated libraries, and no file operations or cron events, which are positive signs. However, the lack of capability checks and nonces on AJAX handlers, combined with poor output escaping, indicates a need for significant security improvements.

Key Concerns

All AJAX handlers are unprotected
Low percentage of properly escaped output
SQL queries not using prepared statements
Only one nonce check across all entry points
No capability checks on entry points

Vulnerabilities

None known

SafeRoute WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

SafeRoute WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

9 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared1 total queries

Output Escaping

21% escaped42 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

_adminSettingsPage (includes\SafeRouteWooCommerceAdmin.php:139)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

4 unprotected

SafeRoute WooCommerce Attack Surface

Entry Points4

Unprotected4

AJAX Handlers 4

authwp_ajax_error_action_retryincludes\SafeRouteWooCommerceAdminApi.php:14

authwp_ajax_error_action_hideincludes\SafeRouteWooCommerceAdminApi.php:51

authwp_ajax_set_deliveryincludes\SafeRouteWooCommerceAdminApi.php:70

authwp_ajax_get_widget_paramsincludes\SafeRouteWooCommerceAdminApi.php:85

WordPress Hooks 26

actionwoocommerce_initincludes\SafeRouteWooCommerce.php:132

actionwp_loadedincludes\SafeRouteWooCommerce.php:133

filterwoocommerce_billing_fieldsincludes\SafeRouteWooCommerce.php:147

filterwoocommerce_add_errorincludes\SafeRouteWooCommerce.php:170

actionwoocommerce_checkout_update_order_metaincludes\SafeRouteWooCommerce.php:233

actionadmin_noticesincludes\SafeRouteWooCommerceAdmin.php:76

actionadd_meta_boxesincludes\SafeRouteWooCommerceAdmin.php:190

filtermanage_edit-shop_order_columnsincludes\SafeRouteWooCommerceAdmin.php:357

actionmanage_shop_order_posts_custom_columnincludes\SafeRouteWooCommerceAdmin.php:371

actionwoocommerce_product_options_general_product_dataincludes\SafeRouteWooCommerceAdmin.php:409

actionwoocommerce_process_product_metaincludes\SafeRouteWooCommerceAdmin.php:445

actionadmin_menuincludes\SafeRouteWooCommerceAdmin.php:467

filterwoocommerce_order_item_get_formatted_meta_dataincludes\SafeRouteWooCommerceAdmin.php:469

actionwoocommerce_admin_order_data_after_shipping_addressincludes\SafeRouteWooCommerceAdmin.php:470

actionload-post.phpincludes\SafeRouteWooCommerceAdmin.php:471

actionwoocommerce_after_order_itemmetaincludes\SafeRouteWooCommerceAdmin.php:472

actionwoocommerce_order_before_calculate_totalsincludes\SafeRouteWooCommerceAdmin.php:473

actionwp_loadedincludes\SafeRouteWooCommerceAdmin.php:489

filterwoocommerce_product_data_store_cpt_get_products_queryincludes\SafeRouteWooCommerceBackendApi.php:160

actionrest_api_initincludes\SafeRouteWooCommerceBackendApi.php:248

actionedit_postincludes\SafeRouteWooCommerceBackendApi.php:271

filterwoocommerce_package_ratesincludes\SafeRouteWooCommerceShippingMethod.php:104

filterwoocommerce_shipping_methodsincludes\SafeRouteWooCommerceShippingMethod.php:128

actionwoocommerce_shipping_initincludes\SafeRouteWooCommerceShippingMethod.php:129

filterwoocommerce_cart_shipping_packagesincludes\SafeRouteWooCommerceShippingMethod.php:130

actionrest_api_initincludes\SafeRouteWooCommerceWidgetApi.php:77

Maintenance & Trust

SafeRoute WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.2.9

Last updatedFeb 21, 2025

PHP min version7.1

Downloads4K

Community Trust

Rating100/100

Number of ratings1

Active installs60

Alternatives

SafeRoute WooCommerce Alternatives

DDelivery WooCommerce

ddelivery-woocommerce

Модуль для быстрой интеграции виджета DDelivery в магазин на основе WooCommerce. https://ddelivery.ru/

10 No CVEs

Claudio Sanches – Correios for WooCommerce

woocommerce-correios

Integration between the Correios and WooCommerce

30K No CVEs

Shiprocket

shiprocket

Auto Sync your Woocommerce store orders & ship them at lowest shipping rates. Automate your shipping, save time & money.

10K 1 unpatched

MyParcel

woocommerce-myparcel

Export your WooCommerce orders to MyParcel (www.myparcel.nl) and print labels directly from the WooCommerce admin

9K 1 CVE

YITH WooCommerce Order & Shipment Tracking

yith-woocommerce-order-tracking

Add an easy tool to manage order shipping information of your shop and to notified your customers about the shipping.

7K 1 CVE

Developer Profile

SafeRoute WooCommerce Developer Profile

Dmitry

2 plugins · 70 total installs

trust score

Avg Security Score

89/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect SafeRoute WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/saferoute-woocommerce/assets/checkout.css/wp-content/plugins/saferoute-woocommerce/assets/checkout.js/wp-content/plugins/saferoute-woocommerce/assets/helpers.js

Script Paths

/wp-content/plugins/saferoute-woocommerce/assets/checkout.js/wp-content/plugins/saferoute-woocommerce/assets/helpers.js

Version Parameters

saferoute-widget-api?ver=saferoute-helpers?ver=saferoute-checkout?ver=

HTML / DOM Fingerprints

Data Attributes

data-sr-widget-api-path

JS Globals

SR_WIDGETSR_HIDE_CHECKOUT_BILLING_BLOCK

REST Endpoints

/wp-json/saferoute/v1/widget/get

FAQ