Does Multi-Carrier ShipStation Shipping Rates for WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in Multi-Carrier ShipStation Shipping Rates for WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Multi-Carrier ShipStation Shipping Rates for WooCommerce compatible with WordPress 6.9.4?

According to WordPress.org data, Multi-Carrier ShipStation Shipping Rates for WooCommerce 1.4.18 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Multi-Carrier ShipStation Shipping Rates for WooCommerce compatible with PHP 7.3+?

Multi-Carrier ShipStation Shipping Rates for WooCommerce requires PHP 7.3 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

Multi-Carrier ShipStation Shipping Rates for WooCommerce Security & Risk Analysis

wordpress.org/plugins/wc-shipstation-shipping

Take your integration with ShipStation shipping service to the next level by displaying live shipping rates in the cart and checkout pages.

1K active installs v1.4.18 PHP 7.3+ WP 5.6+ Updated Mar 4, 2026

marketplaceshippingshipstationwoocommercewoocommerce-shipping

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Multi-Carrier ShipStation Shipping Rates for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Multi-Carrier ShipStation Shipping Rates for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The wc-shipstation-shipping plugin version 1.4.18 exhibits a generally strong security posture based on the provided static analysis and vulnerability history. There are no recorded CVEs, indicating a historical lack of exploitable vulnerabilities. The attack surface appears minimal, with no identified AJAX handlers, REST API routes, shortcodes, or cron events that lack authentication or permission checks. Furthermore, all SQL queries are properly prepared, and there are no recorded critical or high-severity taint flows, which are positive indicators of secure coding practices.

However, a few areas warrant attention. The presence of a `unserialize` function, even if not immediately exploitable in this context, is a known security risk if not handled with extreme care, as it can lead to object injection vulnerabilities. Additionally, the output escaping is only at 55%, suggesting a significant portion of output might be vulnerable to cross-site scripting (XSS) attacks. While the capability checks are present, the absence of nonce checks on any potential entry points is also a concern, as nonces are crucial for preventing cross-site request forgery (CSRF) attacks.

In conclusion, while the plugin has a clean vulnerability history and a well-protected attack surface, the identified code signals related to `unserialize`, insufficient output escaping, and the lack of nonce checks present potential risks. These are areas that should be prioritized for review and remediation to further strengthen the plugin's security.

Key Concerns

Presence of unserialize function
Insufficient output escaping (45%)
Missing nonce checks

Vulnerabilities

None known

Multi-Carrier ShipStation Shipping Rates for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Multi-Carrier ShipStation Shipping Rates for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

12 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$data = unserialize($response['body']);includes\Admin\OneTeamSoftware.php:179

Output Escaping

55% escaped22 total outputs

Attack Surface

Multi-Carrier ShipStation Shipping Rates for WooCommerce Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 12

actionadmin_menuincludes\Admin\OneTeamSoftware.php:55

actionadmin_initincludes\Admin\OneTeamSoftware.php:56

actionadmin_initincludes\Shipping\AbstractShippingMethod.php:24

filterhttp_request_timeoutincludes\Shipping\Adapter\AbstractAdapter.php:82

actionadmin_menuincludes\Shipping\Plugin.php:96

filterwoocommerce_shipping_methodsincludes\Shipping\Plugin.php:100

actionplugins_loadedincludes\Shipping\Plugin.php:107

actionplugins_loadedincludes\Shipping\Plugin.php:109

actionwp_loadedincludes\Shipping\Plugin.php:110

actionwoocommerce_after_checkout_validationincludes\Shipping\Plugin.php:111

filterwoocommerce_billing_fieldsincludes\Shipping\Plugin.php:112

filterwoocommerce_shipping_fieldsincludes\Shipping\Plugin.php:113

Maintenance & Trust

Multi-Carrier ShipStation Shipping Rates for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 4, 2026

PHP min version7.3

Downloads26K

Community Trust

Rating72/100

Number of ratings11

Active installs1K

Alternatives

Multi-Carrier ShipStation Shipping Rates for WooCommerce Alternatives

Weight Based Shipping Table Rate for WooCommerce – Flexible Shipping

flexible-shipping

Weight based shipping methods for WooCommerce. Flexible shipping with table rate rules by cart weight and order value. Accurate rates at checkout.

100K 2 CVEs

Weight Based Shipping for WooCommerce

weight-based-shipping-for-woocommerce

100

Weight Based Shipping is a flexible and widely-used solution to calculate shipping costs based on the total cart weight and value.

60K 1 CVE

Advanced Free Shipping for WooCommerce

woocommerce-advanced-free-shipping

100

Advanced Free Shipping for WooCommerce is an plugin which allows you to set up advanced free shipping conditions.

40K No CVEs

Conditional Shipping for WooCommerce

conditional-shipping-for-woocommerce

Restrict WooCommerce shipping methods based on conditions. Works with your existing shipping methods and zones.

10K 2 CVEs

Shiprocket

shiprocket

Auto Sync your Woocommerce store orders & ship them at lowest shipping rates. Automate your shipping, save time & money.

10K 1 unpatched

Developer Profile

Multi-Carrier ShipStation Shipping Rates for WooCommerce Developer Profile

oneteamsoftware

14 plugins · 6K total installs

trust score

Avg Security Score

100/100

Avg Patch Time

97 days

View full developer profile

Detection Fingerprints

How We Detect Multi-Carrier ShipStation Shipping Rates for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wc-shipstation-shipping/assets/css/admin.css/wp-content/plugins/wc-shipstation-shipping/assets/css/frontend.css/wp-content/plugins/wc-shipstation-shipping/assets/js/admin.js/wp-content/plugins/wc-shipstation-shipping/assets/js/frontend.js

Script Paths

/wp-content/plugins/wc-shipstation-shipping/assets/js/admin.js/wp-content/plugins/wc-shipstation-shipping/assets/js/frontend.js

Version Parameters

/wp-content/plugins/wc-shipstation-shipping/assets/css/admin.css?ver=/wp-content/plugins/wc-shipstation-shipping/assets/css/frontend.css?ver=/wp-content/plugins/wc-shipstation-shipping/assets/js/admin.js?ver=/wp-content/plugins/wc-shipstation-shipping/assets/js/frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes

oneteamsoftwareoneteamsoftware-custom-cssoneteamsoftware-logooneteamsoftware-header-logo

HTML Comments

/*********************************************************************/
/* PROGRAM    (C) 2022 FlexRC                                        */
/* PROPERTY   604-1097 View St                                        */
/* OF         Victoria, BC, V8V 0G9                                   */
/*            CANADA                                                 */
/*            Voice (604) 800-7879                                   */
/*********************************************************************/

Data Attributes

data-namedata-plugin-namedata-plugin-url

JS Globals

shipstation_admin_params

FAQ