Does Slovenská pošta – ePodací hárok have any unpatched vulnerabilities?

No. All known vulnerabilities in Slovenská pošta – ePodací hárok have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Slovenská pošta – ePodací hárok compatible with WordPress 6.6.5?

According to WordPress.org data, Slovenská pošta – ePodací hárok 1.4.6 has been tested up to WordPress 6.6.5. Check the plugin's changelog for the latest compatibility information.

Is Slovenská pošta – ePodací hárok compatible with PHP 5.2.4+?

Slovenská pošta – ePodací hárok requires PHP 5.2.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Slovenská pošta – ePodací hárok updated?

Slovenská pošta – ePodací hárok was last updated on Jul 30, 2024. Frequent updates are generally a positive security signal.

What is Slovenská pošta – ePodací hárok's security score?

Slovenská pošta – ePodací hárok has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Slovenská pošta – ePodací hárok Security & Risk Analysis

wordpress.org/plugins/slovenska-posta-epodaci-harok

Plugin prepája WooCommerce so službou eph slovenskej pošty. Komunikácia je formou API alebo generovaním XML súboru, ktorý viete následne manuálne nah …

300 active installs v1.4.6 PHP 5.2.4+ WP 3.5+ Updated Jul 30, 2024

balikdoporuceny-listephepodaci-harokposta

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Slovenská pošta – ePodací hárok Safe to Use in 2026?

Generally Safe

Score 92/100

Slovenská pošta – ePodací hárok has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The "slovenska-posta-epodaci-harok" v1.4.6 plugin exhibits several concerning security practices despite having no recorded vulnerability history. The static analysis reveals a significant attack surface with 4 AJAX handlers, all of which lack authentication checks. This means any user, potentially even unauthenticated ones, could trigger these handlers, leading to unauthorized actions or information disclosure. Furthermore, the presence of the `unserialize` function, a known vector for object injection vulnerabilities, is a critical concern, especially when coupled with unescaped output in 36% of its outputs and 4 identified taint flows with unsanitized paths. While the plugin uses prepared statements for SQL queries, which is a positive, the other identified risks outweigh this benefit. The absence of any known CVEs is a positive indicator, but it does not negate the inherent risks identified in the current codebase. A proactive approach to securing the AJAX endpoints and properly sanitizing or validating data before unserialization is crucial.

Key Concerns

4 unprotected AJAX handlers
2 dangerous functions (unserialize)
4 unsanitized taint flows
36% of outputs not properly escaped
0 capability checks on entry points

Vulnerabilities

None known

Slovenská pošta – ePodací hárok Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Slovenská pošta – ePodací hárok Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

55 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize<td><pre><?php print_r(unserialize($log)[0]); ?></pre></td>includes\settings.php:420

unserialize<td><pre><?php print_r(unserialize($log)[1]); ?></pre></td>includes\settings.php:424

Output Escaping

64% escaped86 total outputs

Data Flows

4 unsanitized

Data Flow Analysis

4 flows4 with unsanitized paths

tsseph_bonus_ext_status (includes\bonus.php:215)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

4 unprotected

Slovenská pošta – ePodací hárok Attack Surface

Entry Points4

Unprotected4

AJAX Handlers 4

authwp_ajax_tsseph_reload_settings_pageincludes\admin.php:67

authwp_ajax_tsseph_manage_licenseincludes\bonus.php:6

authwp_ajax_tsseph_bonus_ext_statusincludes\bonus.php:231

authwp_ajax_tsseph_set_shipping_methodincludes\woo-table.php:124

WordPress Hooks 21

actioninitincludes\admin.php:6

actionadmin_menuincludes\admin.php:14

actionadmin_initincludes\admin.php:15

actionadmin_enqueue_scriptsincludes\admin.php:16

actionadmin_enqueue_scriptsincludes\admin.php:17

actionadmin_enqueue_scriptsincludes\admin.php:19

filterbulk_actions-edit-shop_orderincludes\admin.php:22

filterbulk_actions-woocommerce_page_wc-ordersincludes\admin.php:23

filterhandle_bulk_actions-edit-shop_orderincludes\admin.php:24

filterhandle_bulk_actions-woocommerce_page_wc-ordersincludes\admin.php:25

actionadmin_noticesincludes\admin.php:26

filterplugin_row_metaincludes\admin.php:28

actionadd_meta_boxesincludes\woo-metabox.php:11

actionwoocommerce_process_shop_order_metaincludes\woo-metabox.php:100

actionwoocommerce_email_before_order_tableincludes\woo-order-email.php:20

filtermanage_edit-shop_order_columnsincludes\woo-table.php:11

filterwoocommerce_shop_order_list_table_columnsincludes\woo-table.php:12

actionmanage_shop_order_posts_custom_columnincludes\woo-table.php:66

actionwoocommerce_shop_order_list_table_custom_columnincludes\woo-table.php:67

actionmanage_shop_order_posts_custom_columnincludes\woo-table.php:106

actionwoocommerce_shop_order_list_table_custom_columnincludes\woo-table.php:107

Maintenance & Trust

Slovenská pošta – ePodací hárok Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5

Last updatedJul 30, 2024

PHP min version5.2.4

Downloads5K

Community Trust

Rating100/100

Number of ratings4

Active installs300

Alternatives

Slovenská pošta – ePodací hárok Alternatives

Country & Phone Field Contact Form 7

country-phone-field-contact-form-7

100

Add country drop down with flags and phone number with country phone extension fields in contact form 7.

40K No CVEs

International Telephone Input for Contact Form 7

international-telephone-input-for-contact-form-7

Addon for Contact Form 7 that creates a new type of input for entering and validating international telephone numbers. It adds a flag dropdown, detect …

9K No CVEs

Csomagpontok és Címkék WooCommerce-hez

hungarian-pickup-points-for-woocommerce

Csomagpont választó és címkenyomtató WooCommerce-hez, házhozszállításhoz is. MPL, Foxpost, GLS, DPD, Express One, Postapont, Packeta és még sok más

7K 1 CVE

Telephone field for Elementor Forms

telephone-field-for-elementor-forms

100

The plugin helps you in creating a country drop-down list with country flag.

4K No CVEs

Laposta Signup Basic

laposta-signup-basic

Laposta is a Dutch email marketing tool. Load your Laposta lists and render fields in a HTML form with custom styling.

2K 2 CVEs

Developer Profile

Slovenská pošta – ePodací hárok Developer Profile

Matej Podstrelenec

5 plugins · 530 total installs

trust score

Avg Security Score

89/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Slovenská pošta – ePodací hárok

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/slovenska-posta-epodaci-harok/css/spirit-eph.css/wp-content/plugins/slovenska-posta-epodaci-harok/js/spirit-eph-admin.js

Script Paths

/wp-content/plugins/slovenska-posta-epodaci-harok/js/spirit-eph-admin.js

Version Parameters

slovenska-posta-epodaci-harok/css/spirit-eph.css?ver=slovenska-posta-epodaci-harok/js/spirit-eph-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

tsseph_optionstsseph_bonus_optionstsseph_ajax_object

Data Attributes

data-tsseph_optionsdata-tsseph_bonus_options

JS Globals

tsseph_ajax_object

FAQ