Does Terminal Africa have any unpatched vulnerabilities?

Yes — Terminal Africa currently has 1 unpatched vulnerability. We recommend switching to an alternative or applying any available workarounds.

Is Terminal Africa compatible with WordPress 6.8.5?

According to WordPress.org data, Terminal Africa 1.13.23 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Terminal Africa compatible with PHP 5.6+?

Terminal Africa requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Terminal Africa updated?

Terminal Africa was last updated on Feb 3, 2026. Frequent updates are generally a positive security signal.

What is Terminal Africa's security score?

Terminal Africa has a WP-Safety security score of 78/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Terminal Africa Security & Risk Analysis

wordpress.org/plugins/terminal-africa

Terminal Africa Shipping Method Plugin for WooCommerce

80 active installs v1.13.23 PHP 5.6+ WP 6.0+ Updated Feb 3, 2026

africa-shippingnigeria-shippingshipping-methodterminalwoocommerce-shipping

B · Generally Safe

CVEs total1

Unpatched1

Last CVEApr 10, 2025

Plugin page Download

Safety Verdict

Is Terminal Africa Safe to Use in 2026?

Mostly Safe

Score 78/100

Terminal Africa is generally safe to use. 1 past CVE were resolved. Keep it updated.

1 known CVE 1 unpatched Last CVE: Apr 10, 2025Updated 2mo ago

Risk Assessment

The 'terminal-africa' plugin version 1.13.23 exhibits a mixed security posture. On the positive side, the plugin demonstrates strong adherence to secure coding practices, with 100% of its SQL queries using prepared statements and 95% of output properly escaped. The absence of dangerous functions, file operations, and taint analysis indicating no unsanitized paths or critical/high severity flows are also encouraging signs. However, significant concerns arise from the attack surface. The plugin exposes 88 entry points, with a notable 5 of these lacking proper authentication checks. This, combined with only 2 capability checks, presents a substantial risk of unauthorized access and potential manipulation of plugin functionality.

The plugin's vulnerability history, while currently showing only one medium-severity CVE, is concerning due to it being unpatched. This indicates a potential for exploitation of known weaknesses. The common vulnerability type being Cross-site Scripting (XSS) in the past further highlights the need for rigorous input validation and output encoding. The existence of an unpatched medium CVE, coupled with a significant number of unprotected entry points, outweighs the otherwise good coding practices. While the code itself appears to have solid foundations regarding SQL and output handling, the exposed, unprotected entry points and the unpatched vulnerability are critical areas that require immediate attention.

Key Concerns

Unprotected AJAX handlers
REST API route without permission callback
Unpatched medium severity CVE

Vulnerabilities

Terminal Africa Security Vulnerabilities

CVEs by Year

1 CVE in 2025 · unpatched

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-32515medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Terminal Africa <= 1.13.17 - Reflected Cross-Site Scripting

Apr 10, 2025Unpatched

Code Analysis

Analyzed Mar 16, 2026

Terminal Africa Code Analysis

Dangerous Functions

Raw SQL Queries

1 prepared

Unescaped Output

390 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Select2

SQL Query Safety

100% prepared1 total queries

Output Escaping

95% escaped410 total outputs

Data Flows

All sanitized

Data Flow Analysis

9 flows

save_terminal_default_shipping_weight (includes\parts\ajax.php:152)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

5 unprotected

Terminal Africa Attack Surface

Entry Points88

Unprotected5

AJAX Handlers 79

authwp_ajax_terminal_africa_authincludes\parts\ajax.php:32

noprivwp_ajax_terminal_africa_authincludes\parts\ajax.php:33

authwp_ajax_terminal_merchant_save_addressincludes\parts\ajax.php:35

noprivwp_ajax_terminal_merchant_save_addressincludes\parts\ajax.php:36

authwp_ajax_terminal_africa_get_statesincludes\parts\ajax.php:38

noprivwp_ajax_terminal_africa_get_statesincludes\parts\ajax.php:39

authwp_ajax_terminal_africa_get_citiesincludes\parts\ajax.php:41

noprivwp_ajax_terminal_africa_get_citiesincludes\parts\ajax.php:42

authwp_ajax_terminal_africa_sign_outincludes\parts\ajax.php:44

noprivwp_ajax_terminal_africa_sign_outincludes\parts\ajax.php:45

authwp_ajax_terminal_africa_enable_terminalincludes\parts\ajax.php:47

noprivwp_ajax_terminal_africa_enable_terminalincludes\parts\ajax.php:48

authwp_ajax_terminal_africa_save_cart_itemincludes\parts\ajax.php:50

noprivwp_ajax_terminal_africa_save_cart_itemincludes\parts\ajax.php:51

authwp_ajax_terminal_africa_process_terminal_ratesincludes\parts\ajax.php:53

noprivwp_ajax_terminal_africa_process_terminal_ratesincludes\parts\ajax.php:54

authwp_ajax_terminal_africa_save_shipping_carrierincludes\parts\ajax.php:56

noprivwp_ajax_terminal_africa_save_shipping_carrierincludes\parts\ajax.php:57

authwp_ajax_terminal_africa_get_rate_dataincludes\parts\ajax.php:59

noprivwp_ajax_terminal_africa_get_rate_dataincludes\parts\ajax.php:60

authwp_ajax_terminal_customer_save_addressincludes\parts\ajax.php:62

noprivwp_ajax_terminal_customer_save_addressincludes\parts\ajax.php:63

authwp_ajax_terminal_africa_process_terminal_rates_customerincludes\parts\ajax.php:65

noprivwp_ajax_terminal_africa_process_terminal_rates_customerincludes\parts\ajax.php:66

authwp_ajax_terminal_africa_apply_terminal_rates_customerincludes\parts\ajax.php:68

noprivwp_ajax_terminal_africa_apply_terminal_rates_customerincludes\parts\ajax.php:69

authwp_ajax_terminal_africa_arrange_terminal_deliveryincludes\parts\ajax.php:71

noprivwp_ajax_terminal_africa_arrange_terminal_deliveryincludes\parts\ajax.php:72

authwp_ajax_refresh_terminal_walletincludes\parts\ajax.php:74

noprivwp_ajax_refresh_terminal_walletincludes\parts\ajax.php:75

authwp_ajax_refresh_terminal_rate_dataincludes\parts\ajax.php:77

noprivwp_ajax_refresh_terminal_rate_dataincludes\parts\ajax.php:78

authwp_ajax_save_terminal_carrier_settingsincludes\parts\ajax.php:80

noprivwp_ajax_save_terminal_carrier_settingsincludes\parts\ajax.php:81

authwp_ajax_refresh_terminal_carriers_dataincludes\parts\ajax.php:83

noprivwp_ajax_refresh_terminal_carriers_dataincludes\parts\ajax.php:84

authwp_ajax_get_terminal_packagingincludes\parts\ajax.php:86

noprivwp_ajax_get_terminal_packagingincludes\parts\ajax.php:87

authwp_ajax_get_terminal_shipment_statusincludes\parts\ajax.php:89

noprivwp_ajax_get_terminal_shipment_statusincludes\parts\ajax.php:90

authwp_ajax_update_user_carrier_terminalincludes\parts\ajax.php:92

noprivwp_ajax_update_user_carrier_terminalincludes\parts\ajax.php:93

authwp_ajax_deactivate_terminal_africaincludes\parts\ajax.php:95

noprivwp_ajax_deactivate_terminal_africaincludes\parts\ajax.php:96

authwp_ajax_cancel_terminal_shipmentincludes\parts\ajax.php:98

noprivwp_ajax_cancel_terminal_shipmentincludes\parts\ajax.php:99

authwp_ajax_save_terminal_custom_price_mark_upincludes\parts\ajax.php:101

noprivwp_ajax_save_terminal_custom_price_mark_upincludes\parts\ajax.php:102

authwp_ajax_save_terminal_default_currency_codeincludes\parts\ajax.php:104

noprivwp_ajax_save_terminal_default_currency_codeincludes\parts\ajax.php:105

authwp_ajax_terminal_reset_carriers_dataincludes\parts\ajax.php:107

noprivwp_ajax_terminal_reset_carriers_dataincludes\parts\ajax.php:108

authwp_ajax_update_user_carrier_shipment_timeline_terminalincludes\parts\ajax.php:110

noprivwp_ajax_update_user_carrier_shipment_timeline_terminalincludes\parts\ajax.php:111

authwp_ajax_update_user_carrier_shipment_rate_terminalincludes\parts\ajax.php:113

noprivwp_ajax_update_user_carrier_shipment_rate_terminalincludes\parts\ajax.php:114

authwp_ajax_update_user_carrier_shipment_insurance_terminalincludes\parts\ajax.php:116

noprivwp_ajax_update_user_carrier_shipment_insurance_terminalincludes\parts\ajax.php:117

authwp_ajax_terminal_africa_get_address_bookincludes\parts\ajax.php:119

noprivwp_ajax_terminal_africa_get_address_bookincludes\parts\ajax.php:120

authwp_ajax_terminal_africa_get_transactionsincludes\parts\ajax.php:122

noprivwp_ajax_terminal_africa_get_transactionsincludes\parts\ajax.php:123

authwp_ajax_terminal_africa_get_shipping_api_dataincludes\parts\ajax.php:125

authwp_ajax_terminal_africa_get_merchant_address_dataincludes\parts\ajax.php:127

authwp_ajax_update_user_terminal_payment_gatewayincludes\parts\ajax.php:129

authwp_ajax_request_terminal_africa_payment_accessincludes\parts\ajax.php:131

authwp_ajax_update_terminal_user_settingsincludes\parts\ajax.php:133

authwp_ajax_update_terminal_wallet_currencyincludes\parts\ajax.php:135

authwp_ajax_terminal_africa_close_noticeincludes\parts\ajax.php:137

authwp_ajax_terminal_africa_validate_terminal_shipmentincludes\parts\ajax.php:139

authwp_ajax_terminal_africa_get_all_shipments_v2includes\parts\ajax.php:141

authwp_ajax_update_user_carrier_free_shipping_above_specific_amount_terminalincludes\parts\ajax.php:143

authwp_ajax_save_terminal_default_shipping_weightincludes\parts\ajax.php:145

authwp_ajax_terminal_africa_payment_initincludes\payment-gateway\includes\class-wc-gateway-terminal.php:110

noprivwp_ajax_terminal_africa_payment_initincludes\payment-gateway\includes\class-wc-gateway-terminal.php:112

authwp_ajax_terminal_africa_payment_statusincludes\payment-gateway\includes\class-wc-gateway-terminal.php:115

noprivwp_ajax_terminal_africa_payment_statusincludes\payment-gateway\includes\class-wc-gateway-terminal.php:120

authwp_ajax_check_if_terminal_plugin_already_loggedincludes\terminalLogHandler.php:28

noprivwp_ajax_check_if_terminal_plugin_already_loggedincludes\terminalLogHandler.php:29

REST API Routes 9

GET/wp-json/terminal-africa/v1/ordersincludes\parts\api.php:311

GET/wp-json/terminal-africa/v1/update-order-statusincludes\parts\api.php:322

GET/wp-json/terminal-africa/v1/order_metaincludes\parts\api.php:333

GET/wp-json/terminal-africa/v1/deactivateincludes\parts\api.php:344

GET/wp-json/terminal-africa/v1/update-user-settingsincludes\parts\api.php:355

GET/wp-json/terminal-africa/v1/pull-productsincludes\parts\api.php:368

GET/wp-json/terminal-africa/v1/update-productincludes\parts\api.php:381

GET/wp-json/terminal-africa/v1/update-bulk-productsincludes\parts\api.php:394

GET/wp-json/terminal_africa_payment/v1/terminal_africa_payment_verify_paymentincludes\payment-gateway\includes\class-wc-gateway-terminal.php:410

WordPress Hooks 58

actionadmin_menuincludes\class-terminal-africa.php:194

filterwoocommerce_countriesincludes\class-terminal-africa.php:196

filterwoocommerce_statesincludes\class-terminal-africa.php:198

actionplugins_loadedincludes\class-terminal-africa.php:200

actionadmin_enqueue_scriptsincludes\class-terminal-africa.php:202

actionwp_enqueue_scriptsincludes\class-terminal-africa.php:204

actionwp_headincludes\class-terminal-africa.php:206

actionwp_headincludes\class-terminal-africa.php:208

actionwoocommerce_checkout_update_order_reviewincludes\class-terminal-africa.php:209

actionwoocommerce_add_to_cartincludes\class-terminal-africa.php:212

actionwoocommerce_after_cart_item_quantity_updateincludes\class-terminal-africa.php:214

actionwoocommerce_cart_item_removedincludes\class-terminal-africa.php:216

filtermanage_edit-shop_order_columnsincludes\class-terminal-africa.php:218

actionmanage_shop_order_posts_custom_columnincludes\class-terminal-africa.php:220

filterwoocommerce_shop_order_list_table_columnsincludes\class-terminal-africa.php:222

actionwoocommerce_shop_order_list_table_custom_columnincludes\class-terminal-africa.php:224

actionwoocommerce_shipping_initincludes\class-terminal-delivery.php:74

actionwoocommerce_checkout_update_order_metaincludes\class-terminal-delivery.php:76

actionwoocommerce_checkout_order_createdincludes\class-terminal-delivery.php:79

actionwoocommerce_admin_order_data_after_shipping_addressincludes\class-terminal-delivery.php:88

filterwoocommerce_cart_shipping_method_full_labelincludes\class-terminal-delivery.php:94

filterwoocommerce_checkout_fieldsincludes\class-terminal-delivery.php:96

filterwoocommerce_shipping_methodsincludes\class-terminal-delivery.php:98

filterwoocommerce_shipping_calculator_enable_cityincludes\class-terminal-delivery.php:100

filterwoocommerce_checkout_update_order_reviewincludes\class-terminal-delivery.php:103

actionwpincludes\class-terminal-delivery.php:106

actionwp_headincludes\class-terminal-delivery.php:119

actionwp_headincludes\class-terminal-delivery.php:124

actionwpincludes\parts\activation.php:21

actionrest_api_initincludes\parts\api.php:37

filterwoocommerce_register_shop_order_post_statusesincludes\parts\api.php:39

filterwc_order_statusesincludes\parts\api.php:41

actionwoocommerce_new_orderincludes\parts\api.php:43

actionwoocommerce_checkout_order_processedincludes\parts\api.php:45

actionwoocommerce_order_status_changedincludes\parts\api.php:47

filterwoocommerce_product_data_tabsincludes\parts\api.php:49

actionwoocommerce_product_data_panelsincludes\parts\api.php:51

actionwoocommerce_process_product_metaincludes\parts\api.php:53

actionplugins_loadedincludes\payment-gateway\class-terminal-payment.php:13

actionadmin_noticesincludes\payment-gateway\class-terminal-payment.php:22

filterwoocommerce_payment_gatewaysincludes\payment-gateway\class-terminal-payment.php:24

actionbefore_woocommerce_initincludes\payment-gateway\class-terminal-payment.php:58

actionwoocommerce_blocks_payment_method_type_registrationincludes\payment-gateway\class-terminal-payment.php:79

actionwoocommerce_blocks_loadedincludes\payment-gateway\class-terminal-payment.php:91

actionwoocommerce_rest_checkout_process_payment_with_contextincludes\payment-gateway\includes\class-wc-gateway-terminal-blocks-support.php:24

actionwc_gateway_terminal_africa_payment_process_payment_errorincludes\payment-gateway\includes\class-wc-gateway-terminal-blocks-support.php:102

actionwp_enqueue_scriptsincludes\payment-gateway\includes\class-wc-gateway-terminal.php:70

actionwoocommerce_available_payment_gatewaysincludes\payment-gateway\includes\class-wc-gateway-terminal.php:71

actionadmin_enqueue_scriptsincludes\payment-gateway\includes\class-wc-gateway-terminal.php:72

actionadmin_noticesincludes\payment-gateway\includes\class-wc-gateway-terminal.php:87

actionrest_api_initincludes\payment-gateway\includes\class-wc-gateway-terminal.php:123

actionadmin_noticesterminal-africa.php:94

actionadmin_initterminal-africa.php:100

actionadmin_initterminal-africa.php:101

actionadmin_noticesterminal-africa.php:102

actionplugins_loadedterminal-africa.php:106

actionadmin_noticesterminal-africa.php:142

actionupgrader_process_completeterminal-africa.php:163

Maintenance & Trust

Terminal Africa Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedFeb 3, 2026

PHP min version5.6

Downloads7K

Community Trust

Rating100/100

Number of ratings1

Active installs80

Alternatives

Terminal Africa Alternatives

User role based shipping methods

user-role-based-shipping-method

Display WooCommerce shipping methods based on User Role and Country. Globally compatible.

500 No CVEs

Conditional Shipping for WooCommerce: Restrict Shipping Options by Anything

wpfactory-conditional-shipping-for-woocommerce

100

Set conditions for WooCommerce shipping methods to show up.

400 No CVEs

COD24 Shipping For Woocommerce

cod24-shipping

100

Add Cod24 shipping methods To Woocommerce

300 No CVEs

Яндекс Доставка

yandex-go-delivery

Яндекс Доставка — это сервис, который помогает бизнесам отправлять заказы клиентам внутри города и между городами.

300 No CVEs

Selloship

selloship

Auto Sync your woocommerce store orders & ship them at lowest shipping rates. Automate your shipping, save time & money.

100 No CVEs

Developer Profile

Terminal Africa Developer Profile

terminalafrica

1 plugin · 80 total installs

trust score

Avg Security Score

78/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Terminal Africa

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/terminal-africa/assets/css/terminal-africa.css/wp-content/plugins/terminal-africa/assets/js/terminal-africa.js/wp-content/plugins/terminal-africa/assets/css/terminal-africa.frontend.css/wp-content/plugins/terminal-africa/assets/js/terminal-africa.frontend.js

Script Paths

/wp-content/plugins/terminal-africa/assets/js/terminal-africa.js/wp-content/plugins/terminal-africa/assets/js/terminal-africa.frontend.js

Version Parameters

terminal-africa/assets/css/terminal-africa.css?ver=terminal-africa/assets/js/terminal-africa.js?ver=terminal-africa/assets/css/terminal-africa.frontend.css?ver=terminal-africa/assets/js/terminal-africa.frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes

terminal-africa-checkout-fieldterminal-africa-form-rowterminal-africa-shipping-method-wrapperterminal-africa-select-country-label

HTML Comments

Data Attributes

data-terminal-africa-api-keydata-terminal-africa-shipping-options

JS Globals

window.terminalAfricaAjaxUrlwindow.terminalAfricaSettingsvar terminalAfricaAjaxUrlvar terminalAfricaSettings

REST Endpoints

/wp-json/terminal-africa/v1/shipping_methods/wp-json/terminal-africa/v1/calculate_rates

Shortcode Output

[terminal_africa_shipping_calculator][terminal_africa_tracking_widget]

FAQ