Does Shipox have any unpatched vulnerabilities?

No. All known vulnerabilities in Shipox have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Shipox compatible with WordPress 6.9.4?

According to WordPress.org data, Shipox 3.4.6 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Shipox compatible with PHP 7.0+?

Shipox requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Shipox updated?

Shipox was last updated on Dec 29, 2025. Frequent updates are generally a positive security signal.

What is Shipox's security score?

Shipox has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Shipox Security & Risk Analysis

wordpress.org/plugins/shipox-for-woocommerce

Shipox DMS provides you with a complete delivery management software solution for pickup and delivery.

30 active installs v3.4.6 PHP 7.0+ WP 5.6+ Updated Dec 29, 2025

integrationshipoxshippingwoocommercezip24

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Shipox Safe to Use in 2026?

Generally Safe

Score 100/100

Shipox has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago

Risk Assessment

The shipox-for-woocommerce plugin, version 3.4.6, exhibits a generally strong security posture based on the provided static analysis. A notable strength is the complete absence of dangerous functions, raw SQL queries, and file operations. All identified entry points (AJAX handlers, cron events) are protected by nonce and capability checks, and the plugin does not appear to expose any REST API routes directly. The lack of known CVEs and past vulnerabilities further contributes to a positive security outlook.

However, there are areas for improvement. The output escaping rate of 55% is a significant concern. This indicates that over half of the plugin's output is not properly escaped, leaving it susceptible to Cross-Site Scripting (XSS) vulnerabilities if user-supplied data is not sufficiently sanitized before being displayed. While taint analysis did not reveal unsanitized paths, the low output escaping rate presents a potential attack vector that could be exploited.

In conclusion, shipox-for-woocommerce v3.4.6 is built on a foundation of good security practices, particularly in its handling of core functionalities like database queries and file system access. The protected entry points are commendable. The primary weakness lies in the insufficient output escaping, which is a common gateway for XSS attacks. Addressing this would significantly harden the plugin's security.

Key Concerns

Low output escaping rate

Vulnerabilities

None known

Shipox Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Shipox Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

77 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

55% escaped139 total outputs

Data Flows

All sanitized

Data Flow Analysis

1 flows

<class-shipox-backend-actions> (includes\class-shipox-backend-actions.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Shipox Attack Surface

Entry Points3

Unprotected0

AJAX Handlers 3

authwp_ajax_get_shipox_tokenincludes\class-shipox-api-helper.php:22

authwp_ajax_shipox_admin_get_order_packagesincludes\class-shipox-backend-actions.php:30

authwp_ajax_shipox_admin_order_create_awbincludes\class-shipox-backend-actions.php:31

WordPress Hooks 23

actionwoocommerce_order_status_changedincludes\class-shipox-backend-actions.php:22

actionadd_meta_boxesincludes\class-shipox-backend-actions.php:26

filtercron_schedulesincludes\class-shipox-cron-job.php:46

actioncrawl_every_n_minutesincludes\class-shipox-cron-job.php:52

actionwoocommerce_review_order_before_cart_contentsincludes\class-shipox-frontend-actions.php:22

actionwoocommerce_after_checkout_validationincludes\class-shipox-frontend-actions.php:23

filterwoocommerce_available_payment_gatewaysincludes\class-shipox-frontend-actions.php:24

actionwoocommerce_order_status_processingincludes\class-shipox-frontend-actions.php:27

actionadmin_menuincludes\class-shipox-options.php:22

actionadmin_initincludes\class-shipox-options.php:23

filtershipox_get_customer_geo_locationincludes\class-shipox-order-helper.php:23

filterwcfmmp_settings_fields_shippingincludes\class-shipox-wcfm-integration.php:16

actionwcfm_vendor_settings_before_updateincludes\class-shipox-wcfm-integration.php:17

actionwcfm_vendor_shipping_settings_updateincludes\class-shipox-wcfm-integration.php:18

filtershipox_wcfm_get_sellers_by_product_on_orderincludes\class-shipox-wcfm-integration.php:20

filtershipox_wcfm_get_vendor_pickup_addressincludes\class-shipox-wcfm-integration.php:21

actionadmin_enqueue_scriptsincludes\class-shipox.php:165

actionbefore_woocommerce_initincludes\class-shipox.php:172

actionwoocommerce_shipping_initincludes\class-shipox.php:173

actionwoocommerce_shipping_methodsincludes\class-shipox.php:174

filterwoocommerce_rest_api_get_rest_namespacesincludes\class-shipox.php:175

actionadmin_noticesshipox.php:73

actionplugins_loadedshipox.php:78

Scheduled Events 1

crawl_every_n_minutes

Maintenance & Trust

Shipox Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 29, 2025

PHP min version7.0

Downloads4K

Community Trust

Rating0/100

Number of ratings0

Active installs30

Alternatives

Shipox Alternatives

Shiprocket

shiprocket

Auto Sync your Woocommerce store orders & ship them at lowest shipping rates. Automate your shipping, save time & money.

10K 1 unpatched

MgoSync – European dropshipping and suppliers

megamo

Grow your store by importing products from the suppliers of your choice and keeping them up-to-date. Request your integration today!

30 No CVEs

EasyShipper – EasyPost Integration for WooCommerce

easyshipper

Easyshipper for WooCommerce allows your users to interface with the fantastic EasyPost Shipping API.

10 No CVEs

Soluship Shipping For Woocommerce

soluship-shipping

100

SOLUSHIP Soluship(SOLUtion based SHIPments) is a shipment based project in which service is made globally. Its FREE* to use.

10 No CVEs

FreightPOP

freightpop

The FreightPOP integration plugin for WooCommerce provides real-time shipping quotes directly from FreightPOP.

0 No CVEs

Developer Profile

Shipox Developer Profile

Shipox

1 plugin · 30 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Shipox

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/shipox-for-woocommerce/assets/css/shipox.css/wp-content/plugins/shipox-for-woocommerce/assets/css/shipox-admin.css/wp-content/plugins/shipox-for-woocommerce/assets/js/shipox.js/wp-content/plugins/shipox-for-woocommerce/assets/js/shipox-admin.js

Script Paths

/wp-content/plugins/shipox-for-woocommerce/assets/js/shipox.js/wp-content/plugins/shipox-for-woocommerce/assets/js/shipox-admin.js

Version Parameters

shipox-for-woocommerce/assets/css/shipox.css?ver=shipox-for-woocommerce/assets/css/shipox-admin.css?ver=shipox-for-woocommerce/assets/js/shipox.js?ver=shipox-for-woocommerce/assets/js/shipox-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

shipox-admin-order-packagesshipox-admin-order-create-awb

Data Attributes

data-order_id

JS Globals

shipox_admin_ajax_objectshipox_order_data

REST Endpoints

/wp-json/shipox/v1/admin/order/packages/wp-json/shipox/v1/admin/order/create_awb

FAQ