WP-Safety

Shipping Rates Cities Woocommerce Security & Risk Analysis

wordpress.org/plugins/shipping-rates-cities-woocommerce

Shipping Rates Cities Woocommerce

20 active installs v1.0.1 PHP 7.1+ WP 5.0+ Updated Feb 2, 2020
commercee-commercestorewordpress-ecommerce
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Shipping Rates Cities Woocommerce Safe to Use in 2026?

Generally Safe

Score 85/100

Shipping Rates Cities Woocommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago
Risk Assessment

The plugin "shipping-rates-cities-woocommerce" v1.0.1 exhibits a generally strong security posture due to the absence of known vulnerabilities and a good level of output escaping. The static analysis reveals a minimal attack surface with only one AJAX handler, and importantly, no unprotected entry points. The code also demonstrates good practices with nonce checks in place for its entry points. However, a potential concern arises from the presence of one unsanitized path identified in the taint analysis. While no critical or high severity issues were flagged, this indicates a potential vector for data manipulation if the path is part of a user-controllable input.

The vulnerability history shows a clean slate, with no recorded CVEs. This suggests either a well-developed and secure plugin, or a lack of focused security auditing or exploitation attempts targeting it so far. The SQL query practices are mixed, with a significant portion not using prepared statements, which could be a risk if these queries handle sensitive data. Despite these minor points, the overall security of the plugin appears robust, especially considering its minimal attack surface and lack of publicly disclosed vulnerabilities. The primary area for improvement would be to address the identified unsanitized path and to ensure all SQL queries are properly prepared.

Key Concerns

  • Flows with unsanitized paths found
  • SQL queries not using prepared statements
Vulnerabilities
None known

Shipping Rates Cities Woocommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Shipping Rates Cities Woocommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
3
2 prepared
Unescaped Output
1
7 escaped
Nonce Checks
2
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

40% prepared5 total queries

Output Escaping

88% escaped8 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

1 flows1 with unsanitized paths
<tabs> (includes\admin\tabs.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Shipping Rates Cities Woocommerce Attack Surface

Entry Points1
Unprotected0

AJAX Handlers 1

authwp_ajax_shipping_rates_cities_wc_sr_dbincludes\class-shipping-rates-cities-woocommerce-plugin.php:91
WordPress Hooks 9
actionadmin_noticesincludes\class-shipping-rates-cities-woocommerce-plugin.php:74
filterwoocommerce_shipping_methodsincludes\class-shipping-rates-cities-woocommerce-plugin.php:89
actionadmin_enqueue_scriptsincludes\class-shipping-rates-cities-woocommerce-plugin.php:90
actionplugins_loadedshipping-rates-cities-woocommerce.php:22
actionadmin_noticesshipping-rates-cities-woocommerce.php:44
actionadmin_noticesshipping-rates-cities-woocommerce.php:56
actionadmin_noticesshipping-rates-cities-woocommerce.php:72
actionadmin_noticesshipping-rates-cities-woocommerce.php:88
actionadmin_noticesshipping-rates-cities-woocommerce.php:103
Maintenance & Trust

Shipping Rates Cities Woocommerce Maintenance & Trust

Maintenance Signals

WordPress version tested5.2.24
Last updatedFeb 2, 2020
PHP min version7.1
Downloads3K

Community Trust

Rating100/100
Number of ratings1
Active installs20
Alternatives

Shipping Rates Cities Woocommerce Alternatives

Payment Integration Wompi

Payment Integration Wompi

payment-integration-wompi

A
92

Integration of Wompi for Woocommerce

1K No CVEs
Payment Integration Wompi – El Salvador

Payment Integration Wompi – El Salvador

wompi-el-salvador

A
85

Integración para Wompi - El Salvador para Woocommerce

800 No CVEs
Pay with ATH Movil (WooCommerce payment gateway)

Pay with ATH Movil (WooCommerce payment gateway)

pay-with-ath-movil-woocommerce-gateway

A
85

Accept ATH Movil payments on your WooCommerce store.

100 No CVEs
Shipping Servientrega Woocommerce

Shipping Servientrega Woocommerce

shipping-servientrega-woocommerce

A
100

Servientrega empresa transportadora de Colombia

50 No CVEs
Subscription Payu Latam

Subscription Payu Latam

subscription-payu-latam

A
85

Receive recurring payments for the countries Brazil, Colombia, Mexico and Peru

40 No CVEs
Developer Profile

Shipping Rates Cities Woocommerce Developer Profile

Saul Morales Pacheco

11 plugins · 8K total installs

88
trust score
Avg Security Score
92/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Shipping Rates Cities Woocommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/shipping-rates-cities-woocommerce/assets//wp-content/plugins/shipping-rates-cities-woocommerce/includes//wp-content/plugins/shipping-rates-cities-woocommerce/lib/vendor/autoload.php
Script Paths
/wp-content/plugins/shipping-rates-cities-woocommerce/assets/
Version Parameters
shipping-rates-cities-woocommerce/assets/shipping-rates-cities-woocommerce/includes/shipping-rates-cities-woocommerce/lib/vendor/autoload.php

HTML / DOM Fingerprints

Data Attributes
data-plugin-name="shipping-rates-cities-woocommerce"data-version="1.0.1"
JS Globals
window.shipping_rates_cities_wc_sr_db
REST Endpoints
/wp-json/shipping_rates_cities_wc_sr/v1/
FAQ

Frequently Asked Questions about Shipping Rates Cities Woocommerce