Does shipcloud for WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in shipcloud for WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is shipcloud for WooCommerce compatible with WordPress 5.9.13?

According to WordPress.org data, shipcloud for WooCommerce 2.0.5 has been tested up to WordPress 5.9.13. Check the plugin's changelog for the latest compatibility information.

Is shipcloud for WooCommerce compatible with PHP 7.4.2+?

shipcloud for WooCommerce requires PHP 7.4.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is shipcloud for WooCommerce updated?

shipcloud for WooCommerce was last updated on May 12, 2022. Frequent updates are generally a positive security signal.

What is shipcloud for WooCommerce's security score?

shipcloud for WooCommerce has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

shipcloud for WooCommerce Security & Risk Analysis

wordpress.org/plugins/shipcloud-for-woocommerce

This plugin integrates shipcloud into WooCommerce.

100 active installs v2.0.5 PHP 7.4.2+ WP 5.2.0+ Updated May 12, 2022

shippingstampstrackingwoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is shipcloud for WooCommerce Safe to Use in 2026?

Generally Safe

Score 85/100

shipcloud for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago

Risk Assessment

The shipcloud-for-woocommerce v2.0.5 plugin exhibits a mixed security posture. While it has no recorded historical vulnerabilities and demonstrates some good practices like using prepared statements for most SQL queries, it presents significant concerns regarding its attack surface. A substantial number of AJAX handlers (10 out of 10) lack authentication checks, creating a wide entry point for potential unauthorized actions. The taint analysis reveals two flows with unsanitized paths, though these are not classified as critical or high severity, they warrant attention.

The lack of proper output escaping for a majority of outputs (only 36% properly escaped) is a significant weakness that could lead to Cross-Site Scripting (XSS) vulnerabilities if untrusted data is rendered directly. The presence of outdated bundled libraries, specifically jQuery v2.1.3, also poses a risk, as older versions are more likely to contain known vulnerabilities.

Overall, the plugin's security is hampered by the exposed AJAX endpoints and insufficient output escaping. While the absence of historical CVEs and the use of prepared statements are positive indicators, the identified weaknesses in the current version require remediation to ensure a more robust security posture. The significant number of unprotected AJAX endpoints is the most immediate and critical concern.

Key Concerns

10 unprotected AJAX handlers
36% of outputs properly escaped
Bundled outdated jQuery v2.1.3
2 unsanitized path taint flows

Vulnerabilities

None known

shipcloud for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

shipcloud for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

4 prepared

Unescaped Output

122

68 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

jQuery2.1.3TCPDF1.0

SQL Query Safety

80% prepared5 total queries

Output Escaping

36% escaped190 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

create_pdf (includes\class-wc-shipping-shipcloud-order-bulk.php:151)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

10 unprotected

shipcloud for WooCommerce Attack Surface

Entry Points11

Unprotected10

AJAX Handlers 10

authwp_ajax_shipcloud_calculate_shippingincludes\class-wc-shipping-shipcloud-order.php:91

authwp_ajax_shipcloud_create_shipmentincludes\class-wc-shipping-shipcloud-order.php:93

authwp_ajax_shipcloud_create_shipment_labelincludes\class-wc-shipping-shipcloud-order.php:94

authwp_ajax_shipcloud_update_shipmentincludes\class-wc-shipping-shipcloud-order.php:96

authwp_ajax_shipcloud_delete_shipmentincludes\class-wc-shipping-shipcloud-order.php:98

authwp_ajax_shipcloud_force_delete_shipmentincludes\class-wc-shipping-shipcloud-order.php:99

authwp_ajax_shipcloud_create_pickup_requestincludes\class-wc-shipping-shipcloud-order.php:101

authwp_ajax_shipcloud_get_pakadoo_pointincludes\class-wc-shipping-shipcloud-order.php:103

noprivwp_ajax_shipcloud_get_pakadoo_pointincludes\class-wc-shipping-shipcloud-order.php:104

authwp_ajax_shipcloud_dismiss_upgrade_noticewoocommerce-shipping-shipcloud.php:118

Shortcodes 1

[shipcloud_orderid] woocommerce-shipping-shipcloud.php:135

WordPress Hooks 50

actioninitincludes\class-wc-shipping-shipcloud-cpt-parcel-template.php:48

actionadmin_menuincludes\class-wc-shipping-shipcloud-cpt-parcel-template.php:49

actionadmin_enqueue_scriptsincludes\class-wc-shipping-shipcloud-cpt-parcel-template.php:50

actionadd_meta_boxesincludes\class-wc-shipping-shipcloud-cpt-parcel-template.php:51

actionsave_postincludes\class-wc-shipping-shipcloud-cpt-parcel-template.php:52

actionadmin_noticesincludes\class-wc-shipping-shipcloud-cpt-parcel-template.php:54

filterpost_updated_messagesincludes\class-wc-shipping-shipcloud-cpt-parcel-template.php:56

filterbulk_actions-edit-shop_orderincludes\class-wc-shipping-shipcloud-order-bulk.php:33

filterhandle_bulk_actions-edit-shop_orderincludes\class-wc-shipping-shipcloud-order-bulk.php:34

actionadmin_enqueue_scriptsincludes\class-wc-shipping-shipcloud-order-bulk.php:36

actionadmin_print_footer_scriptsincludes\class-wc-shipping-shipcloud-order-bulk.php:37

actionadmin_enqueue_scriptsincludes\class-wc-shipping-shipcloud-order.php:85

actionadd_meta_boxesincludes\class-wc-shipping-shipcloud-order.php:86

actionsave_postincludes\class-wc-shipping-shipcloud-order.php:87

actionwoocommerce_order_details_before_order_tableincludes\class-wc-shipping-shipcloud-order.php:89

filterwoocommerce_billing_fieldsincludes\class-wc-shipping-shipcloud-order.php:106

filterwoocommerce_shipping_fieldsincludes\class-wc-shipping-shipcloud-order.php:107

filterwoocommerce_shipping_fieldsincludes\class-wc-shipping-shipcloud-order.php:109

filterwoocommerce_shipping_fieldsincludes\class-wc-shipping-shipcloud-order.php:110

actionwoocommerce_review_order_before_submitincludes\class-wc-shipping-shipcloud-order.php:112

actionwoocommerce_checkout_update_order_metaincludes\class-wc-shipping-shipcloud-order.php:113

actionadmin_enqueue_scriptsincludes\class-wc-shipping-shipcloud-shipping-classes.php:40

filterwoocommerce_shipping_classes_columnsincludes\class-wc-shipping-shipcloud-shipping-classes.php:41

actionwoocommerce_shipping_classes_column_shipcloud-parcel-widthincludes\class-wc-shipping-shipcloud-shipping-classes.php:42

actionwoocommerce_shipping_classes_column_shipcloud-parcel-heightincludes\class-wc-shipping-shipcloud-shipping-classes.php:43

actionwoocommerce_shipping_classes_column_shipcloud-parcel-lengthincludes\class-wc-shipping-shipcloud-shipping-classes.php:44

actionwoocommerce_shipping_classes_column_shipcloud-parcel-weightincludes\class-wc-shipping-shipcloud-shipping-classes.php:45

actionwoocommerce_shipping_classes_save_classincludes\class-wc-shipping-shipcloud-shipping-classes.php:46

filterwoocommerce_get_shipping_classesincludes\class-wc-shipping-shipcloud-shipping-classes.php:47

actionadmin_footerincludes\class-wc-shipping-shipcloud-utils.php:38

actionadmin_footerincludes\class-wc-shipping-shipcloud-utils.php:39

actionwc_shipcloud_add_admin_noticeincludes\class-wc-shipping-shipcloud-utils.php:41

actionwc_shipcloud_remove_admin_noticeincludes\class-wc-shipping-shipcloud-utils.php:42

actionwc_shipcloud_clear_admin_noticesincludes\class-wc-shipping-shipcloud-utils.php:43

actionwoocommerce_api_shipcloudincludes\class-wc-shipping-shipcloud-webhook.php:33

actionwoocommerce_initincludes\class-wc-shipping-shipcloud-webhook.php:326

actionwoocommerce_shipping_calculator_enable_cityincludes\class-wc-shipping-shipcloud.php:177

actionwoocommerce_calculated_shippingincludes\class-wc-shipping-shipcloud.php:178

actionwoocommerce_shipping_initwoocommerce-shipping-shipcloud.php:109

filterwoocommerce_general_settingswoocommerce-shipping-shipcloud.php:111

filterwoocommerce_shipping_methodswoocommerce-shipping-shipcloud.php:117

actionadmin_menuwoocommerce-shipping-shipcloud.php:121

filterplugin_row_metawoocommerce-shipping-shipcloud.php:123

actionadmin_noticeswoocommerce-shipping-shipcloud.php:124

actionadmin_enqueue_scriptswoocommerce-shipping-shipcloud.php:125

actionwoocommerce_product_options_shippingwoocommerce-shipping-shipcloud.php:128

actionwoocommerce_process_product_metawoocommerce-shipping-shipcloud.php:129

actionwp_enqueue_scriptswoocommerce-shipping-shipcloud.php:133

actionadmin_noticeswoocommerce-shipping-shipcloud.php:597

actionplugins_loadedwoocommerce-shipping-shipcloud.php:600

Maintenance & Trust

shipcloud for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested5.9.13

Last updatedMay 12, 2022

PHP min version7.4.2

Downloads15K

Community Trust

Rating74/100

Number of ratings3

Active installs100

Alternatives

shipcloud for WooCommerce Alternatives

Advanced Shipment Tracking for WooCommerce

woo-advanced-shipment-tracking

Add shipment tracking info to WooCommerce orders, send tracking numbers to customers via email, and let them track deliveries from My Account.

60K 2 CVEs

Shiprocket

shiprocket

Auto Sync your Woocommerce store orders & ship them at lowest shipping rates. Automate your shipping, save time & money.

10K 1 unpatched

AfterShip Tracking – All-In-One WooCommerce Order Tracking (Free plan available)

aftership-woocommerce-tracking

Track orders in one place. shipment tracking, automated notifications, order lookup, branded tracking page, delivery day prediction

8K 1 CVE

YITH WooCommerce Order & Shipment Tracking

yith-woocommerce-order-tracking

Add an easy tool to manage order shipping information of your shop and to notified your customers about the shipping.

7K 1 CVE

Sendcloud Shipping

sendcloud-connected-shipping

100

SendCloud helps to grow your online store by optimizing the shipping process. Shipping packages has never been that easy!

4K No CVEs

Developer Profile

shipcloud for WooCommerce Developer Profile

Sven Wagener

2 plugins · 110 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect shipcloud for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/shipcloud-for-woocommerce/assets/css/shipcloud-backend.css/wp-content/plugins/shipcloud-for-woocommerce/assets/css/shipcloud-frontend.css/wp-content/plugins/shipcloud-for-woocommerce/assets/js/shipcloud-backend.js/wp-content/plugins/shipcloud-for-woocommerce/assets/js/shipcloud-frontend.js

Generator Patterns

shipcloud-for-woocommerce

Script Paths

wp-content/plugins/shipcloud-for-woocommerce/assets/js/shipcloud-backend.jswp-content/plugins/shipcloud-for-woocommerce/assets/js/shipcloud-frontend.js

Version Parameters

shipcloud-for-woocommerce/assets/css/shipcloud-backend.css?ver=shipcloud-for-woocommerce/assets/css/shipcloud-frontend.css?ver=shipcloud-for-woocommerce/assets/js/shipcloud-backend.js?ver=shipcloud-for-woocommerce/assets/js/shipcloud-frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes

shipcloud-shipping-method-settingsshipcloud-backendshipcloud-frontendshipcloud_api_keyshipcloud_carrier_optionsshipcloud_country_options

HTML Comments

shipcloud for WooCommerce Add very late to prevent manipulation by other plugins (e.g. Germanized). Add frontend related code here

Data Attributes

data-shipcloud-order-iddata-shipcloud-label-url

JS Globals

shipcloud_shipping_optionsshipcloud_labels_optionsshipcloud_admin_params

Shortcode Output

[shipcloud_orderid]

FAQ