Does Shipping Discount for WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in Shipping Discount for WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Shipping Discount for WooCommerce compatible with WordPress 6.9.4?

According to WordPress.org data, Shipping Discount for WooCommerce 1.0.18 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Shipping Discount for WooCommerce compatible with PHP 7.3+?

Shipping Discount for WooCommerce requires PHP 7.3 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Shipping Discount for WooCommerce updated?

Shipping Discount for WooCommerce was last updated on Mar 4, 2026. Frequent updates are generally a positive security signal.

What is Shipping Discount for WooCommerce's security score?

Shipping Discount for WooCommerce has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Shipping Discount for WooCommerce Security & Risk Analysis

wordpress.org/plugins/wc-shipping-discount

Configurable shipping discount rules based on the amount spent for the items with a given shipping class.

200 active installs v1.0.18 PHP 7.3+ WP 5.6+ Updated Mar 4, 2026

discountshippingshipping-discountwoocommercewoocommerce-shipping-discount

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Shipping Discount for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Shipping Discount for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The static analysis of "wc-shipping-discount" v1.0.18 reveals a generally sound security posture with no direct attack surface identified in AJAX handlers, REST API routes, shortcodes, or cron events. The plugin also demonstrates good practice by exclusively using prepared statements for its SQL queries and has no recorded vulnerability history, indicating a lack of past exploitable issues. However, the presence of the `unserialize` function is a significant concern, as it can lead to object injection vulnerabilities if the serialized data originates from untrusted sources. Furthermore, only 44% of output escaping is properly implemented, suggesting potential for cross-site scripting (XSS) vulnerabilities in areas where output is not sanitized. The lack of nonce checks and capability checks, while not directly exploitable due to the absence of defined entry points, represents a missed opportunity to implement robust access control mechanisms.

Key Concerns

Use of unserialize function
Low percentage of properly escaped output
Missing nonce checks
Missing capability checks

Vulnerabilities

None known

Shipping Discount for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Shipping Discount for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

11 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$data = unserialize($response['body']);includes\Admin\OneTeamSoftware.php:180

Output Escaping

44% escaped25 total outputs

Attack Surface

Shipping Discount for WooCommerce Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 6

actionadmin_menuincludes\Admin\OneTeamSoftware.php:55

actionadmin_initincludes\Admin\OneTeamSoftware.php:56

actionwoocommerce_shipping_initincludes\ShippingDiscount.php:22

filterwoocommerce_shipping_methodsincludes\ShippingDiscount.php:23

actionadmin_menuincludes\ShippingDiscount.php:29

filterwoocommerce_package_ratesincludes\ShippingMethod.php:62

Maintenance & Trust

Shipping Discount for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 4, 2026

PHP min version7.3

Downloads12K

Community Trust

Rating74/100

Number of ratings3

Active installs200

Alternatives

Shipping Discount for WooCommerce Alternatives

ELEX Woo Discount Per Country

elex-discount-per-country

100

It will be a pleasant little surprise for customers if you offer a discount based on the shipping state/country they have chosen on the Checkout page.

300 No CVEs