Does Advanced Shipment Tracking for WooCommerce have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Advanced Shipment Tracking for WooCommerce compatible with WordPress 6.9.4?

According to WordPress.org data, Advanced Shipment Tracking for WooCommerce 3.9.1 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Advanced Shipment Tracking for WooCommerce compatible with PHP 7.2+?

Advanced Shipment Tracking for WooCommerce requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Advanced Shipment Tracking for WooCommerce updated?

Advanced Shipment Tracking for WooCommerce was last updated on Mar 31, 2026. Frequent updates are generally a positive security signal.

What is Advanced Shipment Tracking for WooCommerce's security score?

Advanced Shipment Tracking for WooCommerce has a WP-Safety security score of 98/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Advanced Shipment Tracking for WooCommerce Security & Risk Analysis

wordpress.org/plugins/woo-advanced-shipment-tracking

Add shipment tracking info to WooCommerce orders, send tracking numbers to customers via email, and let them track deliveries from My Account.

60K active installs v3.9.1 PHP 7.2+ WP 5.3+ Updated Mar 31, 2026

order-trackingshipment-trackingshippingtracking-numberwoocommerce

A · Safe

CVEs total2

Unpatched0

Last CVEMar 28, 2023

Plugin page Download

Safety Verdict

Is Advanced Shipment Tracking for WooCommerce Safe to Use in 2026?

Generally Safe

Score 98/100

Advanced Shipment Tracking for WooCommerce has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

2 known CVEsLast CVE: Mar 28, 2023Updated 1mo ago

Risk Assessment

The "woo-advanced-shipment-tracking" plugin v3.9 exhibits a mixed security posture. On the positive side, the plugin demonstrates strong adherence to secure coding practices with a high percentage of prepared SQL statements and properly escaped output. The presence of numerous nonce and capability checks is also a good indicator of security awareness. However, a significant concern arises from the substantial attack surface exposed through AJAX handlers, with a concerning 9 out of 23 handlers lacking proper authentication checks. This creates a clear pathway for unauthorized actions if exploited.

Taint analysis reveals 7 high-severity flows, which, coupled with 10 flows with unsanitized paths, points to potential risks where user-supplied data might not be adequately validated or sanitized before being used, especially in conjunction with the unprotected AJAX endpoints. The vulnerability history, including a past critical CVE related to missing authorization, reinforces the concern that authorization and input validation are recurring areas of weakness for this plugin. While there are currently no unpatched vulnerabilities, the pattern suggests a tendency for these types of issues to emerge.

In conclusion, while the plugin has strengths in its use of prepared statements and output escaping, the high number of unprotected AJAX handlers and the critical taint flows represent significant security weaknesses. The historical pattern of missing authorization vulnerabilities further emphasizes the need for diligent security reviews and robust input validation, particularly for the identified AJAX entry points. Addressing these vulnerabilities is crucial to mitigate potential risks.

Key Concerns

Unprotected AJAX handlers
High severity taint flows
Flows with unsanitized paths
Past critical CVE
Past medium CVE

Vulnerabilities

2 published

Advanced Shipment Tracking for WooCommerce Security Vulnerabilities

CVEs by Year

1 CVE in 2021

2021

1 CVE in 2023

2023

Patched Has unpatched

Severity Breakdown

Critical

Medium

2 total CVEs

CVE-2022-41635medium · 4.3Cross-Site Request Forgery (CSRF)

Advanced Shipment Tracking for WooCommerce <= 3.5.2 - Cross-Site Request Forgery via paginate_shipping_provider_list and filter_shipping_provider_list

Mar 28, 2023 Patched in 3.5.3 (301d)

CVE-2021-4347critical · 9.9Missing Authorization

Advanced Shipment Tracking for WooCommerce <= 3.2.6 - Authenticated WordPress Options Change

Jul 26, 2021 Patched in 3.2.7 (911d)

Version History

Advanced Shipment Tracking for WooCommerce Release Timeline

v3.9.1Current

v3.9

v3.8.9

v3.8.8

v3.8.7

v3.8.6

v3.8.5

v3.8.4

v3.8.3

v3.8.2

v3.8.1

v3.8.0

v3.7.9

v3.7.8

v3.7.7

v3.7.6

v3.7.5

v3.7.4

v3.7.3

v3.7.2

Code Analysis

Analyzed Mar 16, 2026

Advanced Shipment Tracking for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

124 prepared

Unescaped Output

351 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

99% prepared125 total queries

Output Escaping

96% escaped366 total outputs

Data Flows · Security

10 unsanitized

Data Flow Analysis

19 flows10 with unsanitized paths

get_meta_box_items_ajax (includes\class-wc-advanced-shipment-tracking.php:610)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

9 unprotected

Advanced Shipment Tracking for WooCommerce Attack Surface

Entry Points24

Unprotected9

AJAX Handlers 23

authwp_ajax_wc_ast_upload_csv_form_updateincludes\class-wc-advanced-shipment-tracking-admin.php:75

authwp_ajax_paginate_shipping_provider_listincludes\class-wc-advanced-shipment-tracking-admin.php:82

authwp_ajax_filter_shipping_provider_listincludes\class-wc-advanced-shipment-tracking-admin.php:84

authwp_ajax_get_provider_detailsincludes\class-wc-advanced-shipment-tracking-admin.php:86

authwp_ajax_shipping_paginationincludes\class-wc-advanced-shipment-tracking-admin.php:88

authwp_ajax_reset_default_providerincludes\class-wc-advanced-shipment-tracking-admin.php:92

authwp_ajax_woocommerce_shipping_provider_deleteincludes\class-wc-advanced-shipment-tracking-admin.php:94

authwp_ajax_update_provider_statusincludes\class-wc-advanced-shipment-tracking-admin.php:96

authwp_ajax_reset_shipping_providers_databaseincludes\class-wc-advanced-shipment-tracking-admin.php:98

authwp_ajax_update_default_providerincludes\class-wc-advanced-shipment-tracking-admin.php:100

authwp_ajax_update_shipment_statusincludes\class-wc-advanced-shipment-tracking-admin.php:102

authwp_ajax_search_disabled_default_carrierincludes\class-wc-advanced-shipment-tracking-admin.php:108

authwp_ajax_sync_providersincludes\class-wc-advanced-shipment-tracking-settings.php:69

authwp_ajax_ast_open_inline_tracking_formincludes\class-wc-advanced-shipment-tracking-settings.php:136

authwp_ajax_save_ast_email_settingsincludes\customizer\ast-customizer.php:74

authwp_ajax_ast_email_previewincludes\customizer\ast-customizer.php:76

authwp_ajax_wc_shipment_tracking_delete_itemwoocommerce-advanced-shipment-tracking.php:226

authwp_ajax_wc_shipment_tracking_save_formwoocommerce-advanced-shipment-tracking.php:228

authwp_ajax_reassign_order_statuswoocommerce-advanced-shipment-tracking.php:233

authwp_ajax_add_inline_tracking_numberwoocommerce-advanced-shipment-tracking.php:254

authwp_ajax_wc_ast_settings_form_updatewoocommerce-advanced-shipment-tracking.php:266

authwp_ajax_wc_usage_tracking_form_updatewoocommerce-advanced-shipment-tracking.php:269

authwp_ajax_wc_ast_custom_order_status_form_updatewoocommerce-advanced-shipment-tracking.php:271

Shortcodes 1

[ast_settings_admin_notice] includes\class-wc-advanced-shipment-tracking-admin-notice.php:45

WordPress Hooks 87

actionadmin_initincludes\class-wc-advanced-shipment-tracking-admin-notice.php:41

actionadmin_noticesincludes\class-wc-advanced-shipment-tracking-admin-notice.php:42

actionadmin_noticesincludes\class-wc-advanced-shipment-tracking-admin-notice.php:51

actionadmin_initincludes\class-wc-advanced-shipment-tracking-admin-notice.php:54

actionadmin_headincludes\class-wc-advanced-shipment-tracking-admin.php:61

filterwoocommerce_shop_order_search_fieldsincludes\class-wc-advanced-shipment-tracking-admin.php:64

actionrestrict_manage_postsincludes\class-wc-advanced-shipment-tracking-admin.php:67

actionwoocommerce_order_list_table_restrict_manage_ordersincludes\class-wc-advanced-shipment-tracking-admin.php:68

filterrequestincludes\class-wc-advanced-shipment-tracking-admin.php:70

filterwoocommerce_shop_order_list_table_prepare_items_query_argsincludes\class-wc-advanced-shipment-tracking-admin.php:71

filterwoocommerce_email_titleincludes\class-wc-advanced-shipment-tracking-admin.php:73

actionadmin_footerincludes\class-wc-advanced-shipment-tracking-admin.php:77

filterwoocommerce_admin_order_actionsincludes\class-wc-advanced-shipment-tracking-admin.php:79

actionupdate_order_status_after_adding_trackingincludes\class-wc-advanced-shipment-tracking-admin.php:104

actionadd_more_api_providerincludes\class-wc-advanced-shipment-tracking-admin.php:106

actioninitincludes\class-wc-advanced-shipment-tracking-install.php:61

actionast_insert_shipping_providerincludes\class-wc-advanced-shipment-tracking-install.php:62

filterwc_order_statusesincludes\class-wc-advanced-shipment-tracking-settings.php:62

filterwoocommerce_register_shop_order_post_statusesincludes\class-wc-advanced-shipment-tracking-settings.php:63

filterbulk_actions-edit-shop_orderincludes\class-wc-advanced-shipment-tracking-settings.php:65

filterbulk_actions-woocommerce_page_wc-ordersincludes\class-wc-advanced-shipment-tracking-settings.php:66

actionwoocommerce_update_options_email_customer_partial_shipped_orderincludes\class-wc-advanced-shipment-tracking-settings.php:68

actioninitincludes\class-wc-advanced-shipment-tracking-settings.php:74

filterwc_order_statusesincludes\class-wc-advanced-shipment-tracking-settings.php:76

filterwoocommerce_reports_order_statusesincludes\class-wc-advanced-shipment-tracking-settings.php:78

filterwoocommerce_order_is_paid_statusesincludes\class-wc-advanced-shipment-tracking-settings.php:80

filterbulk_actions-edit-shop_orderincludes\class-wc-advanced-shipment-tracking-settings.php:82

filterbulk_actions-woocommerce_page_wc-ordersincludes\class-wc-advanced-shipment-tracking-settings.php:83

filterwoocommerce_valid_order_statuses_for_order_againincludes\class-wc-advanced-shipment-tracking-settings.php:85

filterwoocommerce_admin_order_preview_actionsincludes\class-wc-advanced-shipment-tracking-settings.php:87

filterwoocommerce_admin_order_actionsincludes\class-wc-advanced-shipment-tracking-settings.php:89

actioninitincludes\class-wc-advanced-shipment-tracking-settings.php:97

filterwc_order_statusesincludes\class-wc-advanced-shipment-tracking-settings.php:99

filterwoocommerce_reports_order_statusesincludes\class-wc-advanced-shipment-tracking-settings.php:101

filterwoocommerce_order_is_paid_statusesincludes\class-wc-advanced-shipment-tracking-settings.php:103

filterwoocommerce_order_is_download_permittedincludes\class-wc-advanced-shipment-tracking-settings.php:104

filterbulk_actions-edit-shop_orderincludes\class-wc-advanced-shipment-tracking-settings.php:106

filterbulk_actions-woocommerce_page_wc-ordersincludes\class-wc-advanced-shipment-tracking-settings.php:107

filterwoocommerce_valid_order_statuses_for_order_againincludes\class-wc-advanced-shipment-tracking-settings.php:109

filterwcast_order_status_email_typeincludes\class-wc-advanced-shipment-tracking-settings.php:110

actioninitincludes\class-wc-advanced-shipment-tracking-settings.php:117

filterwc_order_statusesincludes\class-wc-advanced-shipment-tracking-settings.php:119

filterwoocommerce_reports_order_statusesincludes\class-wc-advanced-shipment-tracking-settings.php:121

filterwoocommerce_order_is_paid_statusesincludes\class-wc-advanced-shipment-tracking-settings.php:123

filterwoocommerce_order_is_download_permittedincludes\class-wc-advanced-shipment-tracking-settings.php:124

filterbulk_actions-edit-shop_orderincludes\class-wc-advanced-shipment-tracking-settings.php:126

filterbulk_actions-woocommerce_page_wc-ordersincludes\class-wc-advanced-shipment-tracking-settings.php:127

filterwoocommerce_valid_order_statuses_for_order_againincludes\class-wc-advanced-shipment-tracking-settings.php:129

filteradmin_body_classincludes\class-wc-advanced-shipment-tracking-settings.php:133

actionwp_footerincludes\class-wc-advanced-shipment-tracking.php:955

actioninitincludes\customizer\ast-customizer.php:55

actionadmin_menuincludes\customizer\ast-customizer.php:71

actionadmin_enqueue_scriptsincludes\customizer\ast-customizer.php:79

actionadmin_footerincludes\customizer\ast-customizer.php:82

filterwp_kses_allowed_htmlincludes\customizer\ast-customizer.php:1007

filtersafe_style_cssincludes\customizer\ast-customizer.php:1008

filterwoocommerce_email_classesincludes\email-manager.php:18

filterwoocommerce_locate_templateincludes\email-manager.php:21

filterwoocommerce_email_heading_customer_completed_orderincludes\email-manager.php:23

filterwoocommerce_email_subject_customer_completed_orderincludes\email-manager.php:24

actionplugins_loadedwoocommerce-advanced-shipment-tracking.php:112

actionadmin_footerwoocommerce-advanced-shipment-tracking.php:117

actionadmin_noticeswoocommerce-advanced-shipment-tracking.php:195

actionadd_meta_boxeswoocommerce-advanced-shipment-tracking.php:221

actionwoocommerce_view_orderwoocommerce-advanced-shipment-tracking.php:222

actionwoocommerce_my_account_my_orders_actionswoocommerce-advanced-shipment-tracking.php:224

actionwoocommerce_process_shop_order_metawoocommerce-advanced-shipment-tracking.php:227

actionwoocommerce_email_order_metawoocommerce-advanced-shipment-tracking.php:240

actionwoocommerce_email_before_order_tablewoocommerce-advanced-shipment-tracking.php:242

filtermanage_shop_order_posts_columnswoocommerce-advanced-shipment-tracking.php:247

filtermanage_woocommerce_page_wc-orders_columnswoocommerce-advanced-shipment-tracking.php:248

actionmanage_shop_order_posts_custom_columnwoocommerce-advanced-shipment-tracking.php:249

actionmanage_woocommerce_page_wc-orders_custom_columnwoocommerce-advanced-shipment-tracking.php:250

actionadmin_footerwoocommerce-advanced-shipment-tracking.php:252

filterget_ast_provider_namewoocommerce-advanced-shipment-tracking.php:256

filterget_shipping_provdider_srcwoocommerce-advanced-shipment-tracking.php:257

actionadmin_enqueue_scriptswoocommerce-advanced-shipment-tracking.php:260

actionadmin_menuwoocommerce-advanced-shipment-tracking.php:263

actionwoocommerce_order_status_partial-shippedwoocommerce-advanced-shipment-tracking.php:276

actionwoocommerce_order_status_updated-trackingwoocommerce-advanced-shipment-tracking.php:281

filtertracking_item_argswoocommerce-advanced-shipment-tracking.php:283

actionrest_api_initwoocommerce-advanced-shipment-tracking.php:306

actionafter_setup_themewoocommerce-advanced-shipment-tracking.php:398

actionbefore_woocommerce_initwoocommerce-advanced-shipment-tracking.php:468

actionadmin_enqueue_scriptszorem-tracking\zorem-tracking.php:39

actioninitzorem-tracking\zorem-tracking.php:78

actionadmin_initzorem-tracking\zorem-tracking.php:80

Maintenance & Trust

Advanced Shipment Tracking for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 31, 2026

PHP min version7.2

Downloads2.5M

Community Trust

Rating90/100

Number of ratings347

Active installs60K

Alternatives

Advanced Shipment Tracking for WooCommerce Alternatives

Orders Tracking for WooCommerce

woo-orders-tracking

Easily import/manage your tracking numbers, add tracking numbers to PayPal and send email notifications to customers.

10K 3 CVEs

AfterShip Tracking – All-In-One WooCommerce Order Tracking (Free plan available)

aftership-woocommerce-tracking

Track orders in one place. shipment tracking, automated notifications, order lookup, branded tracking page, delivery day prediction

8K 1 CVE

Track Orders for WooCommerce – Multi Carrier WooCommerce Shipping

track-orders-for-woocommerce

100

Track Orders for WooCommerce – WooCommerce Shipping Plugin with delivery notifications, tracking templates, and live updates.

300 No CVEs

Štíteknabalík.cz

foxdeli

Looking for a reliable label printing solution? Štíteknabalík.cz will help you!

0 No CVEs

ZeroV99 Shipment Tracking

zerov99-shipment-tracking

100

Add a 'Shipped' status to WooCommerce orders, track shipments, and provide real-time updates to customers effortlessly.

0 No CVEs

Developer Profile

Advanced Shipment Tracking for WooCommerce Developer Profile

Zorem

4 plugins · 70K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

274 days

View full developer profile

Detection Fingerprints

How We Detect Advanced Shipment Tracking for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/woo-advanced-shipment-tracking/assets/css/admin-style.css/wp-content/plugins/woo-advanced-shipment-tracking/assets/css/style.css/wp-content/plugins/woo-advanced-shipment-tracking/assets/js/admin-script.js/wp-content/plugins/woo-advanced-shipment-tracking/assets/js/script.js

Script Paths

/wp-content/plugins/woo-advanced-shipment-tracking/assets/js/script.js

Version Parameters

woo-advanced-shipment-tracking/assets/css/admin-style.css?ver=woo-advanced-shipment-tracking/assets/css/style.css?ver=woo-advanced-shipment-tracking/assets/js/admin-script.js?ver=woo-advanced-shipment-tracking/assets/js/script.js?ver=

HTML / DOM Fingerprints

CSS Classes

wcast_tracking_formwcast_tracking_providerwcast_tracking_numberast-order-tracking-wrap

HTML Comments

+4 more

Data Attributes

data-wcast-providerdata-wcast-tracking-numberdata-wcast-tracking-url

JS Globals

wcast_order_datawcast_settings

REST Endpoints

/wp-json/ast-free/v1/tracking-providers/wp-json/ast-free/v1/orders

FAQ