Does TaxJar – Sales Tax Automation for WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in TaxJar – Sales Tax Automation for WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is TaxJar – Sales Tax Automation for WooCommerce compatible with WordPress 6.9.4?

According to WordPress.org data, TaxJar – Sales Tax Automation for WooCommerce 4.2.7 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is TaxJar – Sales Tax Automation for WooCommerce compatible with PHP 7.0+?

TaxJar – Sales Tax Automation for WooCommerce requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is TaxJar – Sales Tax Automation for WooCommerce updated?

TaxJar – Sales Tax Automation for WooCommerce was last updated on Jan 14, 2026. Frequent updates are generally a positive security signal.

What is TaxJar – Sales Tax Automation for WooCommerce's security score?

TaxJar – Sales Tax Automation for WooCommerce has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

TaxJar – Sales Tax Automation for WooCommerce Security & Risk Analysis

wordpress.org/plugins/taxjar-simplified-taxes-for-woocommerce

Trusted by more than 20,000 businesses, TaxJar’s award-winning solution makes it easy to automate sales tax reporting and filing, and determine econom …

6K active installs v4.2.7 PHP 7.0+ WP 5.4+ Updated Jan 14, 2026

sales-taxtaxtaxestaxjarwoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is TaxJar – Sales Tax Automation for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

TaxJar – Sales Tax Automation for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago

Risk Assessment

The "taxjar-simplified-taxes-for-woocommerce" plugin version 4.2.7 exhibits a generally strong security posture based on the provided static analysis. The absence of unprotected AJAX handlers, REST API routes, shortcodes, and cron events significantly limits the attack surface. Furthermore, the plugin demonstrates good development practices by consistently utilizing prepared statements for a high percentage of its SQL queries and properly escaping the vast majority of its output. The plugin also includes a reasonable number of nonce and capability checks, indicating an awareness of common WordPress security vulnerabilities.

The static analysis revealed no critical or high-severity taint flows, suggesting that data processing within the plugin is likely handled securely. The presence of file operations and external HTTP requests are standard for such plugins and do not inherently indicate a risk without further context. The lack of any recorded vulnerabilities in its history, particularly critical or high-severity ones, further reinforces this positive assessment.

While the plugin appears to be well-secured, the overall risk remains low. The most notable area for potential improvement, though not a current deficiency, is the presence of several SQL queries and output operations that, while mostly secured, could benefit from 100% adherence to best practices. However, given the overall strong security indicators and clean vulnerability history, this plugin can be considered a low-risk option.

Vulnerabilities

None known

TaxJar – Sales Tax Automation for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

TaxJar – Sales Tax Automation for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

29 prepared

Unescaped Output

147 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

76% prepared38 total queries

Output Escaping

94% escaped156 total outputs

Attack Surface

TaxJar – Sales Tax Automation for WooCommerce Attack Surface

Entry Points2

Unprotected0

AJAX Handlers 2

authwp_ajax_wc_taxjar_update_nexus_cacheincludes\class-wc-taxjar-ajax.php:21

authwp_ajax_wc_taxjar_run_transaction_backfillincludes\class-wc-taxjar-ajax.php:22

WordPress Hooks 48

actionadd_meta_boxesincludes\admin\class-admin-meta-boxes.php:27

actionwoocommerce_update_orderincludes\class-taxjar-order-record.php:93

actionwoocommerce_update_orderincludes\class-taxjar-order-record.php:101

actionadmin_menuincludes\class-taxjar-settings.php:31

filterwoocommerce_settings_tabs_arrayincludes\class-taxjar-settings.php:32

filterwoocommerce_admin_settings_sanitize_option_woocommerce_taxjar-integration_settingsincludes\class-taxjar-settings.php:36

actionwoocommerce_sections_taxincludes\class-taxjar-settings.php:39

actionwoocommerce_after_calculate_totalsincludes\class-taxjar-tax-calculation.php:40

filterwcs_new_order_createdincludes\class-taxjar-tax-calculation.php:43

actionwoocommerce_order_after_calculate_totalsincludes\class-taxjar-tax-calculation.php:45

actionwoocommerce_checkout_create_orderincludes\class-taxjar-tax-calculation.php:46

actionwoocommerce_checkout_create_subscriptionincludes\class-taxjar-tax-calculation.php:47

actionshow_user_profileincludes\class-wc-taxjar-customer-sync.php:34

actionedit_user_profileincludes\class-wc-taxjar-customer-sync.php:35

actionpersonal_options_updateincludes\class-wc-taxjar-customer-sync.php:37

actionedit_user_profile_updateincludes\class-wc-taxjar-customer-sync.php:38

actiontaxjar_customer_exemption_settings_updatedincludes\class-wc-taxjar-customer-sync.php:40

actionwoocommerce_rest_insert_customerincludes\class-wc-taxjar-customer-sync.php:42

actionwc_csv_import_suite_create_customerincludes\class-wc-taxjar-customer-sync.php:44

actionwc_csv_import_suite_update_customerincludes\class-wc-taxjar-customer-sync.php:45

actiondelete_userincludes\class-wc-taxjar-customer-sync.php:47

actioninitincludes\class-wc-taxjar-install.php:17

filterwpmu_drop_tablesincludes\class-wc-taxjar-install.php:18

actionadmin_enqueue_scriptsincludes\class-wc-taxjar-integration.php:102

actionadmin_enqueue_scriptsincludes\class-wc-taxjar-integration.php:107

actionadmin_initincludes\class-wc-taxjar-transaction-sync.php:43

actionwoocommerce_new_orderincludes\class-wc-taxjar-transaction-sync.php:48

actionwoocommerce_update_orderincludes\class-wc-taxjar-transaction-sync.php:49

actionwoocommerce_order_refundedincludes\class-wc-taxjar-transaction-sync.php:51

filterwoocommerce_order_actionsincludes\class-wc-taxjar-transaction-sync.php:53

actionwoocommerce_order_action_taxjar_sync_actionincludes\class-wc-taxjar-transaction-sync.php:54

actionwp_trash_postincludes\class-wc-taxjar-transaction-sync.php:56

actionbefore_delete_postincludes\class-wc-taxjar-transaction-sync.php:57

actionbefore_delete_postincludes\class-wc-taxjar-transaction-sync.php:58

actionuntrashed_postincludes\class-wc-taxjar-transaction-sync.php:59

actionwoocommerce_order_status_cancelledincludes\class-wc-taxjar-transaction-sync.php:61

actionwoocommerce_product_options_taxincludes\class-wc-taxjar-transaction-sync.php:63

actionwoocommerce_variation_options_taxincludes\class-wc-taxjar-transaction-sync.php:64

actionwp_loadedincludes\compatibility\class-module-loader.php:30

filtertaxjar_order_total_amountincludes\compatibility\modules\class-woocommerce-gift-cards.php:30

actionwoocommerce_after_calculate_totalsincludes\compatibility\modules\class-woocommerce-pdf-product-vouchers.php:40

filtertaxjar_order_total_amountincludes\compatibility\modules\class-woocommerce-smart-coupons.php:30

filterrest_dispatch_requestincludes\TaxCalculation\class-block-flag.php:32

actionadmin_noticestaxjar-woocommerce.php:34

actionplugins_loadedtaxjar-woocommerce.php:53

actionbefore_woocommerce_inittaxjar-woocommerce.php:54

actionwoocommerce_integrations_inittaxjar-woocommerce.php:136

actionadmin_noticestaxjar-woocommerce.php:139

Maintenance & Trust

TaxJar – Sales Tax Automation for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 14, 2026

PHP min version7.0

Downloads425K

Community Trust

Rating52/100

Number of ratings28

Active installs6K

Alternatives

TaxJar – Sales Tax Automation for WooCommerce Alternatives

SutTax

avior-sales-tax-automation-for-woocommerce

Avior SutTax offers sales tax determination web service to retailers. With SutTax WooCommerce Plugin, retailers are able to add accurate sales tax to …

0 No CVEs

TaxDo

taxdo

100

A unique solution for managing sales tax calculation & tax exemption certificates.

0 No CVEs

Sales Tax Reports For WooCommerce

sales-tax-reports-for-woocommerce

100

The Sales Tax Reports For WooCommerce Plugin

800 No CVEs

TaxCloud for WooCommerce

simple-sales-tax

Simplify sales tax calculations, reporting, and filing by connecting your WooCommerce store to TaxCloud.

500 1 CVE

CereTax

ceretax

100

Simplify sales tax complexity with CereTax for WooCommerce.

30 No CVEs

Developer Profile

TaxJar – Sales Tax Automation for WooCommerce Developer Profile

Sean Voss

3 plugins · 6K total installs

trust score

Avg Security Score

90/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect TaxJar – Sales Tax Automation for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/taxjar-simplified-taxes-for-woocommerce/assets/css/taxjar-settings.css/wp-content/plugins/taxjar-simplified-taxes-for-woocommerce/assets/js/taxjar-settings.js/wp-content/plugins/taxjar-simplified-taxes-for-woocommerce/assets/js/taxjar-connection.js/wp-content/plugins/taxjar-simplified-taxes-for-woocommerce/assets/js/taxjar-admin.js

Version Parameters

taxjar-simplified-taxes-for-woocommerce/assets/css/taxjar-settings.css?ver=taxjar-simplified-taxes-for-woocommerce/assets/js/taxjar-settings.js?ver=taxjar-simplified-taxes-for-woocommerce/assets/js/taxjar-connection.js?ver=taxjar-simplified-taxes-for-woocommerce/assets/js/taxjar-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

taxjar-settings-wrappertaxjar-connection-statustaxjar-alerttaxjar-notice

HTML Comments

TaxJar is inactive.This version of TaxJar requires WooCommerce %s or newer. Please install or update WooCommerce to version %s or newer.TaxJar requires PHP 5.3 or higher. You are currently using %s.Please activate WooCommerce before activating TaxJar.

Data Attributes

data-taxjar-api-endpointdata-taxjar-nonce

JS Globals

TaxjarSettingsTaxjarConnection

FAQ