WP-Safety

swftbox for WooCommerce Security & Risk Analysis

wordpress.org/plugins/swftbox-for-woocommerce

Connect WooCommerce with swftbox for real-time order sync and bidirectional status updates.

0 active installs v1.1.0 PHP 7.4+ WP 5.8+ Updated Unknown
deliveryorder-syncshippingswftboxwoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is swftbox for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

swftbox for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs
Risk Assessment

The 'swftbox-for-woocommerce' v1.1.0 plugin exhibits a generally good security posture, with strengths in its SQL query handling, output escaping, and the absence of known vulnerabilities. The plugin utilizes prepared statements for all SQL queries, and all detected output is properly escaped, significantly reducing the risk of common injection and cross-site scripting (XSS) vulnerabilities. Nonce and capability checks are also implemented for most entry points, indicating an effort to secure against unauthorized actions. However, a critical concern arises from the presence of one unprotected REST API route, representing a direct entry point that could be exploited without proper authentication or authorization. Additionally, the two identified flows with unsanitized paths, even though not flagged as critical or high severity in the taint analysis, warrant attention as they could potentially lead to unintended consequences or information disclosure if exploited in conjunction with other weaknesses.

Key Concerns

  • REST API route without permission callbacks
  • Flows with unsanitized paths
Vulnerabilities
None known

swftbox for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

swftbox for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
14 prepared
Unescaped Output
0
81 escaped
Nonce Checks
13
Capability Checks
15
File Operations
0
External Requests
5
Bundled Libraries
0

SQL Query Safety

100% prepared14 total queries

Output Escaping

100% escaped81 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

4 flows2 with unsanitized paths
handle_settings_form (includes\class-swftbox-admin.php:111)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

swftbox for WooCommerce Attack Surface

Entry Points10
Unprotected1

AJAX Handlers 9

authwp_ajax_swftbox_sync_credentialsincludes\class-swftbox-oauth.php:101
authwp_ajax_swftbox_reconnect_webhooksincludes\class-swftbox-webhooks.php:102
authwp_ajax_swftbox_verify_connectionincludes\class-swftbox-webhooks.php:105
authwp_ajax_swftbox_get_oauth_urlincludes\class-swftbox-wizard.php:97
authwp_ajax_swftbox_exchange_oauth_codeincludes\class-swftbox-wizard.php:98
authwp_ajax_swftbox_test_connectionincludes\class-swftbox-wizard.php:99
authwp_ajax_swftbox_disconnect_oauthincludes\class-swftbox-wizard.php:100
authwp_ajax_swftbox_save_settingsincludes\class-swftbox-wizard.php:101
authwp_ajax_swftbox_start_wc_oauthincludes\class-swftbox-wizard.php:102

REST API Routes 1

GET/wp-json/swftbox/v1/oauth/receiveincludes\class-swftbox-wizard.php:135
WordPress Hooks 24
actionadmin_menuincludes\class-swftbox-admin.php:59
actionadmin_initincludes\class-swftbox-admin.php:60
actionadmin_initincludes\class-swftbox-admin.php:61
actionadmin_noticesincludes\class-swftbox-admin.php:62
actionadmin_noticesincludes\class-swftbox-api.php:91
actionrest_api_initincludes\class-swftbox-oauth.php:86
actionadmin_initincludes\class-swftbox-oauth.php:89
actionadmin_initincludes\class-swftbox-oauth.php:92
actionadmin_noticesincludes\class-swftbox-oauth.php:95
actionupdate_option_swftbox_integration_keyincludes\class-swftbox-oauth.php:98
filterwoocommerce_billing_fieldsincludes\class-swftbox-phone.php:67
filteroption_woocommerce_checkout_phone_fieldincludes\class-swftbox-phone.php:70
filterdefault_option_woocommerce_checkout_phone_fieldincludes\class-swftbox-phone.php:73
actionupdate_option_swftbox_integration_keyincludes\class-swftbox-webhooks.php:88
actionadd_option_swftbox_integration_keyincludes\class-swftbox-webhooks.php:89
actionadmin_noticesincludes\class-swftbox-webhooks.php:92
actionwoocommerce_webhook_disabled_due_delivery_failuresincludes\class-swftbox-webhooks.php:95
actioninitincludes\class-swftbox-webhooks.php:98
actionswftbox_webhook_health_checkincludes\class-swftbox-webhooks.php:99
actionrest_api_initincludes\class-swftbox-wizard.php:105
actionbefore_woocommerce_initswftbox-woocommerce.php:63
actionadmin_noticesswftbox-woocommerce.php:116
actionplugins_loadedswftbox-woocommerce.php:136
actionadmin_enqueue_scriptsswftbox-woocommerce.php:258

Scheduled Events 1

swftbox_webhook_health_check
Maintenance & Trust

swftbox for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedUnknown
PHP min version7.4
Downloads213

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

swftbox for WooCommerce Alternatives

Claudio Sanches – Correios for WooCommerce

Claudio Sanches – Correios for WooCommerce

woocommerce-correios

A
92

Integration between the Correios and WooCommerce

30K No CVEs
Shiprocket

Shiprocket

shiprocket

B
78

Auto Sync your Woocommerce store orders & ship them at lowest shipping rates. Automate your shipping, save time & money.

10K 1 unpatched
MyParcel

MyParcel

woocommerce-myparcel

A
99

Export your WooCommerce orders to MyParcel (www.myparcel.nl) and print labels directly from the WooCommerce admin

9K 1 CVE
YITH WooCommerce Order & Shipment Tracking

YITH WooCommerce Order & Shipment Tracking

yith-woocommerce-order-tracking

A
99

Add an easy tool to manage order shipping information of your shop and to notified your customers about the shipping.

7K 1 CVE
Frenet Shipping Gateway for WooCommerce – Correios, Etiquetas e Rastreio

Frenet Shipping Gateway for WooCommerce – Correios, Etiquetas e Rastreio

woo-shipping-gateway

A
100

Frete inteligente, simples e acessível para negócios que querem crescer

5K No CVEs
Developer Profile

swftbox for WooCommerce Developer Profile

swftbox

1 plugin · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect swftbox for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/swftbox-for-woocommerce/assets/css/admin.css/wp-content/plugins/swftbox-for-woocommerce/assets/css/wizard.css/wp-content/plugins/swftbox-for-woocommerce/assets/js/admin.js/wp-content/plugins/swftbox-for-woocommerce/assets/js/wizard.js
Script Paths
/wp-content/plugins/swftbox-for-woocommerce/assets/js/wizard.js/wp-content/plugins/swftbox-for-woocommerce/assets/js/admin.js
Version Parameters
/wp-content/plugins/swftbox-for-woocommerce/assets/css/wizard.css?ver=/wp-content/plugins/swftbox-for-woocommerce/assets/css/admin.css?ver=/wp-content/plugins/swftbox-for-woocommerce/assets/js/wizard.js?ver=/wp-content/plugins/swftbox-for-woocommerce/assets/js/admin.js?ver=

HTML / DOM Fingerprints

JS Globals
swftboxWizardswftboxAdmin
FAQ

Frequently Asked Questions about swftbox for WooCommerce