WP-Safety

PiWeb Shipping method dropdown for WooCommerce Security & Risk Analysis

wordpress.org/plugins/shipping-method-dropdown-for-woocommerce

Shipping method display Style for WooCommerce lets you create a shipping method dropdown, customize the shipping method display style, and sort shippi …

100 active installs v1.1.17 PHP 7.5+ WP 6.0+ Updated Feb 23, 2026
dropdownshipping-methodwoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is PiWeb Shipping method dropdown for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

PiWeb Shipping method dropdown for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The "shipping-method-dropdown-for-woocommerce" plugin, version 1.1.19, demonstrates a generally strong security posture based on the provided static analysis. The absence of any known CVEs and the lack of identified critical or high severity issues in taint analysis are significant strengths. Furthermore, the plugin makes good use of prepared statements for SQL queries and maintains a high percentage of properly escaped output, indicating adherence to secure coding practices. The plugin also incorporates nonce and capability checks, which are essential for protecting against common web vulnerabilities.

Despite the positive indicators, there are a few areas that warrant attention. The presence of a single flow with an unsanitized path in the taint analysis, although not categorized as critical or high, represents a potential entry point for unexpected behavior or, in a more complex scenario, vulnerabilities. The plugin also makes an external HTTP request, which, while not inherently insecure, is an additional attack vector that should be monitored for potential issues if the target endpoint is compromised or behaves unexpectedly. The complete lack of identifiable entry points like AJAX handlers, REST API routes, or shortcodes is unusual and could either indicate a very minimal plugin or a potential underreporting in the static analysis.

Overall, the plugin appears to be developed with security in mind, evidenced by its clean vulnerability history and sound coding practices. However, the single unsanitized path in taint analysis and the external HTTP request are minor points of concern that should be investigated further. The lack of traditional entry points is an anomaly worth noting, but without further context, it's difficult to assign a specific risk to it.

Key Concerns

  • Flow with unsanitized path in taint analysis
  • External HTTP request
Vulnerabilities
None known

PiWeb Shipping method dropdown for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

PiWeb Shipping method dropdown for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
5
98 escaped
Nonce Checks
3
Capability Checks
1
File Operations
0
External Requests
1
Bundled Libraries
0

Output Escaping

95% escaped103 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

4 flows1 with unsanitized paths
handle_tracker_action (admin\class-analytics.php:75)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

PiWeb Shipping method dropdown for WooCommerce Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 23
actionadmin_enqueue_scriptsadmin\class-analytics.php:34
actionadmin_footer-plugins.phpadmin\class-analytics.php:35
actionadmin_noticesadmin\class-analytics.php:38
filterwoocommerce_settings_tabs_arrayadmin\class-shipping-method-display-style-woocommerce-admin.php:55
actionwoocommerce_settings_tabs_shipping_display_styleadmin\class-shipping-method-display-style-woocommerce-admin.php:57
actionwoocommerce_update_options_shipping_display_styleadmin\class-shipping-method-display-style-woocommerce-admin.php:59
filterinstall_plugins_nonmenu_tabsadmin\plugin.php:20
actionplugins_loadedincludes\class-shipping-method-display-style-woocommerce.php:145
actionadmin_enqueue_scriptsincludes\class-shipping-method-display-style-woocommerce.php:160
actionadmin_enqueue_scriptsincludes\class-shipping-method-display-style-woocommerce.php:161
actionwp_enqueue_scriptsincludes\class-shipping-method-display-style-woocommerce.php:176
actionwp_enqueue_scriptsincludes\class-shipping-method-display-style-woocommerce.php:177
actionadmin_noticesincludes\review.php:30
filterwoocommerce_package_ratespublic\class-record-shipping-methods.php:20
filterwoocommerce_locate_templatepublic\class-shipping-method-display-style-woocommerce-public.php:55
filterwoocommerce_cart_shipping_method_full_labelpublic\class-shipping-method-display-style-woocommerce-public.php:57
filterwoocommerce_package_ratespublic\class-shipping-method-display-style-woocommerce-public.php:59
filterwoocommerce_shipping_chosen_methodpublic\class-shipping-method-display-style-woocommerce-public.php:64
filterbody_classpublic\class-shipping-method-display-style-woocommerce-public.php:67
filterwoocommerce_package_ratespublic\class-shipping-method-display-style-woocommerce-public.php:69
actionadmin_noticesshipping-method-display-style-woocommerce.php:44
actionbefore_woocommerce_initshipping-method-display-style-woocommerce.php:64
actionadmin_initshipping-method-display-style-woocommerce.php:106
Maintenance & Trust

PiWeb Shipping method dropdown for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 23, 2026
PHP min version7.5
Downloads5K

Community Trust

Rating100/100
Number of ratings2
Active installs100
Alternatives

PiWeb Shipping method dropdown for WooCommerce Alternatives

WC Hide Shipping Methods

WC Hide Shipping Methods

wc-hide-shipping-methods

A
100

This plugin automatically hides all other shipping methods when "Free Shipping" is available, while allowing you to retain "Local Picku …

20K No CVEs
Hide Shipping Method For WooCommerce

Hide Shipping Method For WooCommerce

hide-shipping-method-for-woocommerce

A
99

Allows store owners to hide shipping methods based on specific conditions!

10K 1 CVE
Cities Shipping Zones for WooCommerce

Cities Shipping Zones for WooCommerce

cities-shipping-zones-for-woocommerce

A
98

WooCommerce plugin for turning the state field into a dropdown city field. To be used as Shipping Zones.

4K 1 CVE
Australia Post WooCommerce Extension

Australia Post WooCommerce Extension

australian-post-woocommerce-extension

A
100

Australia Post WooCommerce Extension integrates Australia Post with WooCommerce, calculating shipping costs and delivery times for customers.

3K No CVEs
WC City Select

WC City Select

wc-city-select

A
92

City Select for WooCommerce. Show a dropdown select as the cities input.

3K No CVEs
Developer Profile

PiWeb Shipping method dropdown for WooCommerce Developer Profile

PI Web Solution

30 plugins · 93K total installs

78
trust score
Avg Security Score
99/100
Avg Patch Time
235 days
View full developer profile
Detection Fingerprints

How We Detect PiWeb Shipping method dropdown for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/shipping-method-dropdown-for-woocommerce/assets/css/custom.css/wp-content/plugins/shipping-method-dropdown-for-woocommerce/assets/js/custom.js
Script Paths
/wp-content/plugins/shipping-method-dropdown-for-woocommerce/assets/js/custom.js
Version Parameters
/wp-content/plugins/shipping-method-dropdown-for-woocommerce/assets/css/custom.css?ver=/wp-content/plugins/shipping-method-dropdown-for-woocommerce/assets/js/custom.js?ver=

HTML / DOM Fingerprints

CSS Classes
shipping_method_dropdown_for_woocommerce
HTML Comments
<!-- START: Shipping Method Dropdown for WooCommerce Settings --><!-- END: Shipping Method Dropdown for WooCommerce Settings -->
Data Attributes
data-select2-id
JS Globals
shipping_method_dropdown_for_woocommerce
FAQ

Frequently Asked Questions about PiWeb Shipping method dropdown for WooCommerce