WP-Safety

TaxCloud for WooCommerce Security & Risk Analysis

wordpress.org/plugins/simple-sales-tax

Simplify sales tax calculations, reporting, and filing by connecting your WooCommerce store to TaxCloud.

500 active installs v8.4.6 PHP 7.4+ WP 4.5.0+ Updated Mar 9, 2026
sales-taxsales-tax-filingtaxtaxcloudwoocommerce
99
A · Safe
CVEs total1
Unpatched0
Last CVEJan 21, 2026
Download
Safety Verdict

Is TaxCloud for WooCommerce Safe to Use in 2026?

Generally Safe

Score 99/100

TaxCloud for WooCommerce has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Jan 21, 2026Updated 25d ago
Risk Assessment

The "simple-sales-tax" plugin version 8.4.6 demonstrates a generally strong security posture based on static analysis. The absence of unprotected AJAX handlers, REST API routes, and shortcodes, coupled with robust output escaping (99%) and a significant number of nonce and capability checks, indicates a commitment to secure coding practices and reducing the attack surface. The plugin also effectively uses prepared statements for most of its SQL queries and avoids file operations, which are common sources of vulnerabilities.

However, the plugin does have one known medium-severity vulnerability in its history, specifically related to missing authorization. While currently unpatched CVEs are zero, this past vulnerability pattern is a concern. The static analysis did not reveal any critical or high-severity taint flows, which is positive, but the presence of 7 external HTTP requests warrants careful monitoring as these can sometimes be vectors for attacks if not handled securely.

In conclusion, the plugin is well-built with many good security practices in place. The single medium vulnerability in its history, though resolved, should be a reminder for ongoing vigilance. The low number of unprotected entry points and effective use of security features are significant strengths. Developers should continue to prioritize secure handling of external requests and maintain the high standard of input validation and authorization.

Key Concerns

  • Past medium severity vulnerability (Missing Authorization)
  • External HTTP requests (7)
Vulnerabilities
1

TaxCloud for WooCommerce Security Vulnerabilities

CVEs by Year

1 CVE in 2026
2026
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2025-67958medium · 5.3Missing Authorization

TaxCloud for WooCommerce <= 8.3.8 - Missing Authorization

Jan 21, 2026 Patched in 8.4.0 (8d)
Code Analysis
Analyzed Mar 16, 2026

TaxCloud for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
13
14 prepared
Unescaped Output
2
197 escaped
Nonce Checks
11
Capability Checks
7
File Operations
0
External Requests
7
Bundled Libraries
0

SQL Query Safety

52% prepared27 total queries

Output Escaping

99% escaped199 total outputs
Attack Surface

TaxCloud for WooCommerce Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 165
filterwootax_fee_ticincludes\abstracts\class-sst-abstract-cart.php:45
actionsst_output_tax_meta_boxincludes\abstracts\class-sst-marketplace-integration.php:32
filtersst_should_capture_orderincludes\abstracts\class-sst-marketplace-integration.php:35
filtersst_should_refund_orderincludes\abstracts\class-sst-marketplace-integration.php:36
filterwootax_cart_packages_before_splitincludes\abstracts\class-sst-marketplace-integration.php:39
filterwootax_order_packages_before_splitincludes\abstracts\class-sst-marketplace-integration.php:40
filterwoocommerce_integrationsincludes\admin\class-sst-admin.php:36
actionadmin_enqueue_scriptsincludes\admin\class-sst-admin.php:37
actionadd_meta_boxesincludes\admin\class-sst-admin.php:38
actionwoocommerce_reports_chartsincludes\admin\class-sst-admin.php:39
filterwoocommerce_debug_toolsincludes\admin\class-sst-admin.php:40
actionproduct_cat_add_form_fieldsincludes\admin\class-sst-admin.php:41
actionproduct_cat_edit_form_fieldsincludes\admin\class-sst-admin.php:42
actioncreate_product_catincludes\admin\class-sst-admin.php:43
actionedited_product_catincludes\admin\class-sst-admin.php:44
actionwoocommerce_before_settings_taxincludes\admin\class-sst-admin.php:45
actionedit_user_profileincludes\admin\class-sst-admin.php:46
actionshow_user_profileincludes\admin\class-sst-admin.php:47
actionadmin_noticesincludes\admin\class-sst-admin.php:48
actionadmin_initincludes\admin\class-sst-integration.php:40
actionwoocommerce_hide_sst_address_mismatch_noticeincludes\admin\class-sst-integration.php:41
actionplugins_loadedincludes\class-simplesalestax.php:51
actionbefore_woocommerce_initincludes\class-simplesalestax.php:52
actionbefore_woocommerce_initincludes\class-simplesalestax.php:53
filterwoocommerce_get_query_varsincludes\class-simplesalestax.php:54
actionadmin_noticesincludes\class-simplesalestax.php:249
actionadmin_noticesincludes\class-simplesalestax.php:256
actionadmin_noticesincludes\class-simplesalestax.php:260
actionadmin_noticesincludes\class-simplesalestax.php:280
actionadmin_noticesincludes\class-simplesalestax.php:284
actionadmin_noticesincludes\class-simplesalestax.php:288
actioninitincludes\class-sst-assets.php:25
actionwp_enqueue_scriptsincludes\class-sst-assets.php:26
actionadmin_enqueue_scriptsincludes\class-sst-assets.php:27
filterthe_contentincludes\class-sst-blocks-integration.php:26
actionwoocommerce_blocks_loadedincludes\class-sst-blocks.php:48
actionwoocommerce_blocks_loadedincludes\class-sst-blocks.php:52
actionwoocommerce_blocks_loadedincludes\class-sst-blocks.php:56
actionwoocommerce_blocks_checkout_block_registrationincludes\class-sst-blocks.php:68
actioninitincludes\class-sst-install.php:70
actionadmin_initincludes\class-sst-install.php:71
actionadmin_initincludes\class-sst-install.php:72
actionadmin_initincludes\class-sst-install.php:73
filterwoocommerce_rate_codeincludes\class-sst-install.php:75
filterwoocommerce_rate_labelincludes\class-sst-install.php:76
actionplugins_loadedincludes\class-sst-install.php:77
filtersst_show_origin_address_dropdownincludes\class-sst-marketplaces.php:67
filtersst_settings_form_fieldsincludes\class-sst-marketplaces.php:68
actionwoocommerce_order_status_completedincludes\class-sst-order-controller.php:24
actionwoocommerce_refund_createdincludes\class-sst-order-controller.php:25
actionwoocommerce_payment_completeincludes\class-sst-order-controller.php:26
filterwoocommerce_hidden_order_itemmetaincludes\class-sst-order-controller.php:27
filterwoocommerce_order_item_get_taxesincludes\class-sst-order-controller.php:28
actionwoocommerce_before_order_object_saveincludes\class-sst-order-controller.php:29
actionwoocommerce_order_after_calculate_totalsincludes\class-sst-order-controller.php:30
filterwoocommerce_order_data_store_cpt_get_orders_queryincludes\class-sst-order-controller.php:36
actionwoocommerce_process_shop_order_metaincludes\class-sst-order-controller.php:42
filterwoocommerce_order_hide_zero_taxesincludes\class-sst-order-controller.php:43
actionwoocommerce_product_options_shippingincludes\class-sst-product.php:28
actionwoocommerce_product_bulk_edit_startincludes\class-sst-product.php:29
actionwoocommerce_product_bulk_edit_saveincludes\class-sst-product.php:30
actionwoocommerce_product_options_taxincludes\class-sst-product.php:31
actionwoocommerce_product_after_variable_attributesincludes\class-sst-product.php:32
actionwoocommerce_ajax_save_product_variationsincludes\class-sst-product.php:33
actionsave_post_productincludes\class-sst-product.php:34
actionsst_update_data_mover_settingsincludes\class-sst-taxcloud-v3.php:46
filtersst_get_optionincludes\class-sst-taxcloud-v3.php:47
filterwoocommerce_calculated_totalincludes\frontend\class-sst-checkout.php:43
filterwoocommerce_cart_hide_zero_taxesincludes\frontend\class-sst-checkout.php:44
actionwoocommerce_checkout_order_createdincludes\frontend\class-sst-checkout.php:45
actionwoocommerce_cart_emptiedincludes\frontend\class-sst-checkout.php:46
actionwoocommerce_after_checkout_validationincludes\frontend\class-sst-checkout.php:47
filterwoocommerce_add_cart_itemincludes\frontend\class-sst-checkout.php:48
filterwootax_cart_packagesincludes\frontend\class-sst-checkout.php:49
actionwoocommerce_initincludes\frontend\class-sst-checkout.php:50
actionwoocommerce_store_api_checkout_update_order_from_requestincludes\frontend\class-sst-checkout.php:51
actionwoocommerce_cart_calculate_feesincludes\frontend\class-sst-checkout.php:52
actiontemplate_redirectincludes\frontend\class-sst-checkout.php:53
actionwoocommerce_checkout_shippingincludes\frontend\class-sst-checkout.php:56
actionwoocommerce_checkout_after_customer_detailsincludes\frontend\class-sst-checkout.php:58
actionwoocommerce_checkout_create_order_shipping_itemincludes\frontend\class-sst-checkout.php:61
actionwoocommerce_store_api_cart_get_cartincludes\frontend\class-sst-checkout.php:63
filterwoocommerce_account_menu_itemsincludes\frontend\class-sst-my-account.php:42
actionwoocommerce_account_exemption-certificates_endpointincludes\frontend\class-sst-my-account.php:43
filteradp_calculate_totals_flags_for_cloned_cart_before_processincludes\integrations\class-sst-adp.php:47
filteradp_flags_for_final_calculate_totalsincludes\integrations\class-sst-adp.php:48
filterwootax_product_priceincludes\integrations\class-sst-composite-products.php:18
filterwoocommerce_get_cart_contentsincludes\integrations\class-sst-deposits-for-wc.php:22
filterwootax_cart_packagesincludes\integrations\class-sst-deposits-for-wc.php:33
filterwoocommerce_calculated_totalincludes\integrations\class-sst-deposits-for-wc.php:37
filterwoocommerce_calculated_totalincludes\integrations\class-sst-deposits-for-wc.php:41
filterdfw_total_cart_amount_price_figure_htmlincludes\integrations\class-sst-deposits-for-wc.php:47
filterwootax_order_packagesincludes\integrations\class-sst-deposits-for-wc.php:54
actionadmin_initincludes\integrations\class-sst-deposits-for-wc.php:61
actionwoocommerce_before_order_object_saveincludes\integrations\class-sst-deposits-for-wc.php:62
actionwoocommerce_after_order_object_saveincludes\integrations\class-sst-deposits-for-wc.php:66
filterwootax_cart_packagesincludes\integrations\class-sst-deposits-for-wc.php:104
filterwootax_save_packages_for_captureincludes\integrations\class-sst-deposits-for-wc.php:105
filterwoocommerce_get_cart_contentsincludes\integrations\class-sst-deposits-for-wc.php:176
filterpre_option_woocommerce_calc_taxesincludes\integrations\class-sst-deposits-for-wc.php:243
filterpre_option_gmt_offsetincludes\integrations\class-sst-deposits-for-wc.php:250
actionwoocommerce_order_before_calculate_totalsincludes\integrations\class-sst-deposits-for-wc.php:256
actionwoocommerce_before_order_object_saveincludes\integrations\class-sst-deposits-for-wc.php:301
filterwoocommerce_calculated_totalincludes\integrations\class-sst-deposits-for-wc.php:411
filterwootax_cart_packagesincludes\integrations\class-sst-deposits-for-wc.php:548
filterwootax_save_packages_for_captureincludes\integrations\class-sst-deposits-for-wc.php:549
filterwootax_cart_packagesincludes\integrations\class-sst-deposits-for-wc.php:553
actionadmin_noticesincludes\integrations\class-sst-dokan.php:73
actiondokan_new_product_after_product_tagsincludes\integrations\class-sst-dokan.php:77
actiondokan_product_edit_after_product_tagsincludes\integrations\class-sst-dokan.php:78
actiondokan_product_after_variable_attributesincludes\integrations\class-sst-dokan.php:79
actiondokan_new_product_addedincludes\integrations\class-sst-dokan.php:80
actiondokan_product_updatedincludes\integrations\class-sst-dokan.php:81
actiondokan_save_product_variationincludes\integrations\class-sst-dokan.php:82
actionwoocommerce_save_product_variationincludes\integrations\class-sst-dokan.php:83
actiondokan_variation_options_pricingincludes\integrations\class-sst-dokan.php:84
actiondokan_product_after_variable_attributesincludes\integrations\class-sst-dokan.php:85
actionwp_footerincludes\integrations\class-sst-dokan.php:86
filterwootax_tic_select_init_eventsincludes\integrations\class-sst-dokan.php:87
actiondokan_checkout_update_order_metaincludes\integrations\class-sst-dokan.php:88
filterwc_tax_enabledincludes\integrations\class-sst-dokan.php:182
filterwootax_add_feesincludes\integrations\class-sst-subscriptions.php:24
filterwootax_cart_packages_before_splitincludes\integrations\class-sst-subscriptions.php:25
filterwootax_order_packages_before_splitincludes\integrations\class-sst-subscriptions.php:26
filterwootax_product_ticincludes\integrations\class-sst-subscriptions.php:27
filterwoocommerce_calculated_totalincludes\integrations\class-sst-subscriptions.php:28
actionwoocommerce_cart_updatedincludes\integrations\class-sst-subscriptions.php:29
actionwoocommerce_checkout_update_order_metaincludes\integrations\class-sst-subscriptions.php:30
filterwcs_renewal_order_createdincludes\integrations\class-sst-subscriptions.php:31
filterwootax_save_packages_for_captureincludes\integrations\class-sst-subscriptions.php:32
filterwoocommerce_subscriptions_calculated_totalincludes\integrations\class-sst-subscriptions.php:33
actionadmin_noticesincludes\integrations\class-sst-wc-vendors.php:64
actionwcv_after_product_detailsincludes\integrations\class-sst-wc-vendors.php:68
actionwcv_product_variation_before_tax_classincludes\integrations\class-sst-wc-vendors.php:69
actionwcvendors_before_product_formincludes\integrations\class-sst-wc-vendors.php:70
actionwcv_save_productincludes\integrations\class-sst-wc-vendors.php:71
actionwcv_save_product_variationincludes\integrations\class-sst-wc-vendors.php:72
filterpre_option_wcvendors_hide_product_variations_tax_classincludes\integrations\class-sst-wc-vendors.php:148
filterpre_option_wcvendors_hide_product_general_taxincludes\integrations\class-sst-wc-vendors.php:149
actionadmin_noticesincludes\integrations\class-sst-wcfm.php:66
filterwcfm_product_simple_fields_taxincludes\integrations\class-sst-wcfm.php:71
filtershow_shipping_zone_taxincludes\integrations\class-sst-wcfm.php:72
actionwcfm_products_manage_tax_endincludes\integrations\class-sst-wcfm.php:73
filterwcfm_variation_edit_dataincludes\integrations\class-sst-wcfm.php:74
filterwcfm_product_manage_fields_variationsincludes\integrations\class-sst-wcfm.php:75
filterwootax_tic_select_init_eventsincludes\integrations\class-sst-wcfm.php:76
actionafter_wcfm_products_manage_meta_saveincludes\integrations\class-sst-wcfm.php:77
actionafter_wcfm_product_variation_meta_saveincludes\integrations\class-sst-wcfm.php:78
actionafter_wcfm_orders_editincludes\integrations\class-sst-wcfm.php:79
actionadmin_noticesincludes\integrations\class-sst-wcmp.php:64
filterwcmp_can_vendor_configure_taxincludes\integrations\class-sst-wcmp.php:68
filterafm_can_vendor_configure_taxincludes\integrations\class-sst-wcmp.php:69
actionwcmp_afm_after_general_product_dataincludes\integrations\class-sst-wcmp.php:70
actionwcmp_process_product_objectincludes\integrations\class-sst-wcmp.php:71
filtersst_tic_select_button_classesincludes\integrations\class-sst-wcmp.php:72
filtersst_tic_select_input_classesincludes\integrations\class-sst-wcmp.php:73
actionwcmp_afm_product_after_variable_attributesincludes\integrations\class-sst-wcmp.php:74
actionwoocommerce_save_product_variationincludes\integrations\class-sst-wcmp.php:75
actionwoocommerce_saved_order_itemsincludes\integrations\class-sst-wcmp.php:76
actionwoocommerce_checkout_order_processedincludes\integrations\class-sst-wcmp.php:77
actionwoocommerce_rest_insert_shop_order_objectincludes\integrations\class-sst-wcmp.php:78
actionadmin_footerincludes\sst-functions.php:261
actionwp_footerincludes\sst-functions.php:262
actionsst_output_tax_meta_boxincludes\sst-functions.php:430
actionadmin_noticesincludes\sst-message-functions.php:58

Scheduled Events 1

sst_update_data_mover_settings
Maintenance & Trust

TaxCloud for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 9, 2026
PHP min version7.4
Downloads48K

Community Trust

Rating78/100
Number of ratings10
Active installs500
Alternatives

TaxCloud for WooCommerce Alternatives

TaxJar – Sales Tax Automation for WooCommerce

TaxJar – Sales Tax Automation for WooCommerce

taxjar-simplified-taxes-for-woocommerce

A
100

Trusted by more than 20,000 businesses, TaxJar’s award-winning solution makes it easy to automate sales tax reporting and filing, and determine econom &hellip;

6K No CVEs
Sales Tax Reports For WooCommerce

Sales Tax Reports For WooCommerce

sales-tax-reports-for-woocommerce

A
100

The Sales Tax Reports For WooCommerce Plugin

800 No CVEs
Anrok Tax for WooCommerce

Anrok Tax for WooCommerce

anrok-tax

A
100

Complete sales tax automation for WooCommerce stores, from nexus monitoring to remittance. Connect in minutes, file on autopilot.

0 No CVEs
SutTax

SutTax

avior-sales-tax-automation-for-woocommerce

A
85

Avior SutTax offers sales tax determination web service to retailers. With SutTax WooCommerce Plugin, retailers are able to add accurate sales tax to &hellip;

0 No CVEs
TaxDo

TaxDo

taxdo

A
100

A unique solution for managing sales tax calculation & tax exemption certificates.

0 No CVEs
Developer Profile

TaxCloud for WooCommerce Developer Profile

Taxcloud

1 plugin · 500 total installs

93
trust score
Avg Security Score
99/100
Avg Patch Time
8 days
View full developer profile
Detection Fingerprints

How We Detect TaxCloud for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/simple-sales-tax/assets/css/sst-admin.css/wp-content/plugins/simple-sales-tax/assets/css/sst-certificate-modal.css/wp-content/plugins/simple-sales-tax/assets/js/sst-admin.js
Script Paths
/wp-content/plugins/simple-sales-tax/assets/js/sst-admin.js
Version Parameters
simple-sales-tax/assets/css/sst-admin.css?ver=simple-sales-tax/assets/css/sst-certificate-modal.css?ver=simple-sales-tax/assets/js/sst-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
wootax-reports-page
Data Attributes
data-address-lookup-url
JS Globals
sstAdmin
FAQ

Frequently Asked Questions about TaxCloud for WooCommerce