WP-Safety

ChitChats Shipping for WooCommerce Security & Risk Analysis

wordpress.org/plugins/wc-chitchats-shipping

Estimates ChitChats shipping rates in the cart, lets customers to choose shipping method.

200 active installs v1.5.22 PHP 7.3+ WP 5.6+ Updated Mar 4, 2026
cartchitchatsebayshippingwoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is ChitChats Shipping for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

ChitChats Shipping for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The "wc-chitchats-shipping" plugin v1.5.22 presents a mixed security posture. On one hand, the plugin exhibits good practices by utilizing prepared statements for all SQL queries, having no recorded vulnerabilities (CVEs), and not bundling external libraries, which are all positive indicators. However, several concerns warrant attention. The presence of a dangerous function like `unserialize` without any explicit nonce checks or sufficient capability checks on its potential usage vectors is a significant risk. Furthermore, a substantial portion of output is not properly escaped, creating potential for cross-site scripting (XSS) vulnerabilities. The lack of any detected taint flows in the static analysis might suggest the current codebase is not obviously exploitable by known methods, but this does not negate the risks posed by the identified code signals.

Key Concerns

  • Dangerous function unserialize found
  • 55% of output is not properly escaped
  • No nonce checks found
  • Only 1 capability check found
Vulnerabilities
None known

ChitChats Shipping for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

ChitChats Shipping for WooCommerce Code Analysis

Dangerous Functions
1
Raw SQL Queries
0
0 prepared
Unescaped Output
10
12 escaped
Nonce Checks
0
Capability Checks
1
File Operations
2
External Requests
3
Bundled Libraries
0

Dangerous Functions Found

unserialize$data = unserialize($response['body']);includes\Admin\OneTeamSoftware.php:179

Output Escaping

55% escaped22 total outputs
Attack Surface

ChitChats Shipping for WooCommerce Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 12
actionadmin_menuincludes\Admin\OneTeamSoftware.php:55
actionadmin_initincludes\Admin\OneTeamSoftware.php:56
actionadmin_initincludes\Shipping\AbstractShippingMethod.php:24
filterhttp_request_timeoutincludes\Shipping\Adapter\AbstractAdapter.php:82
actionadmin_menuincludes\Shipping\Plugin.php:96
filterwoocommerce_shipping_methodsincludes\Shipping\Plugin.php:100
actionplugins_loadedincludes\Shipping\Plugin.php:107
actionplugins_loadedincludes\Shipping\Plugin.php:109
actionwp_loadedincludes\Shipping\Plugin.php:110
actionwoocommerce_after_checkout_validationincludes\Shipping\Plugin.php:111
filterwoocommerce_billing_fieldsincludes\Shipping\Plugin.php:112
filterwoocommerce_shipping_fieldsincludes\Shipping\Plugin.php:113
Maintenance & Trust

ChitChats Shipping for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 4, 2026
PHP min version7.3
Downloads8K

Community Trust

Rating100/100
Number of ratings1
Active installs200
Alternatives

ChitChats Shipping for WooCommerce Alternatives

Multi-Carrier ShipEngine Shipping Rates & Address Validation for WooCommerce

Multi-Carrier ShipEngine Shipping Rates & Address Validation for WooCommerce

wc-shipengine-shipping

A
100

ShipEngine Shipping will help your business to access deeply discounted rates across multiple carriers and display them in the cart and checkout pages …

10 No CVEs
Modern Cart – WooCommerce Side Cart & Popup Cart

Modern Cart – WooCommerce Side Cart & Popup Cart

modern-cart

A
100

Modern Cart gives your store a side cart and free shipping bar so shoppers stay on the page, spend more to unlock rewards, and check out in seconds.

30K No CVEs
API2Cart Live Shipping 4 Woocommerce

API2Cart Live Shipping 4 Woocommerce

api2cart-live-shipping-4-woocommerce

A
100

This plugin allows to use of real-time shipping rates provided by third-party shipping services.

30 No CVEs
Checkout Shipping Message Add-on for WooCommerce

Checkout Shipping Message Add-on for WooCommerce

checkout-shipping-message-add-on-for-woocommerce

A
85

This add-on will allow you to add a custom message to WooCommerce under that shipping totals shipping section of your checkout.

30 No CVEs
Free Shipping Notice for WooCommerce

Free Shipping Notice for WooCommerce

free-shipping-notice-for-woocommerce

A
85

Displays the remaining price to receive free shipping on the cart and checkout pages.

20 No CVEs
Developer Profile

ChitChats Shipping for WooCommerce Developer Profile

oneteamsoftware

14 plugins · 6K total installs

79
trust score
Avg Security Score
100/100
Avg Patch Time
97 days
View full developer profile
Detection Fingerprints

How We Detect ChitChats Shipping for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wc-chitchats-shipping/assets/css/frontend.css/wp-content/plugins/wc-chitchats-shipping/assets/js/frontend.js
Script Paths
/wp-content/plugins/wc-chitchats-shipping/assets/js/frontend.js
Version Parameters
wc-chitchats-shipping/assets/css/frontend.css?ver=wc-chitchats-shipping/assets/js/frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
oneteamsoftware_custom_cssoneteamsoftware-icononeteamsoftware-logo
HTML Comments
PROGRAM (C) 2022 FlexRCPROPERTY 604-1097 View StOF Victoria, BC, V8V 0G9 CANADA+2 more
Data Attributes
data-plugin-id="wc-chitchats-shipping"data-plugin-version="1.5.22"
JS Globals
window.oneteamsoftware_admin_settingswindow.oneteamsoftware_menu_idwindow.oneteamsoftware_ajax_url
FAQ

Frequently Asked Questions about ChitChats Shipping for WooCommerce