WP-Safety

ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce Security & Risk Analysis

wordpress.org/plugins/woo-alidropship

Transfer data from AliExpress products to WooCommerce effortlessly and fulfill WooCommerce orders to AliExpress automatically.

10K active installs v2.1.17 PHP 7.0+ WP 5.0+ Updated Feb 27, 2026
alidropshipalidropship-wooaliexpress-dropshippingaliexpress-dropshipping-plugindropship
99
A · Safe
CVEs total2
Unpatched0
Last CVEFeb 14, 2023
Plugin page Download
Safety Verdict

Is ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce Safe to Use in 2026?

Generally Safe

Score 99/100

ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Feb 14, 2023Updated 1mo ago
Risk Assessment

The "woo-alidropship" v2.1.17 plugin exhibits a generally strong security posture, with excellent adherence to best practices in most areas. The static analysis reveals a low number of unprotected entry points, a very low percentage of SQL queries not using prepared statements, and a high rate of output escaping. Nonce and capability checks are also present in a significant number of cases, indicating a conscious effort to secure operations.

However, the presence of one taint flow with unsanitized paths rated as High severity is a notable concern, suggesting a potential for vulnerabilities if this flow is exploited. The plugin's vulnerability history, while showing no currently unpatched CVEs, reveals a past of two medium-severity vulnerabilities, specifically Cross-Site Request Forgery (CSRF) and Missing Authorization. This history, coupled with the high-severity taint flow, suggests that while the developers are responsive to patching, there might be underlying patterns or coding practices that can lead to such issues.

Overall, the plugin is well-maintained with good security practices, but the identified high-severity taint flow and historical medium-severity vulnerabilities warrant careful monitoring and potential further investigation to ensure the complete elimination of risks. The strengths in SQL handling and output escaping are commendable, but the specific taint flow and past vulnerabilities are areas that prevent a perfect security score.

Key Concerns

  • High severity taint flow with unsanitized paths
  • Past medium vulnerabilities (CSRF, Missing Auth)
Vulnerabilities
2

ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce Security Vulnerabilities

CVEs by Year

2 CVEs in 2023
2023
Patched Has unpatched

Severity Breakdown

Medium
2

2 total CVEs

CVE-2022-46811medium · 5.4Cross-Site Request Forgery (CSRF)

ALD Dropping and Fulfillment for AliExpress and WooCommerce <= 1.0.21 - Cross-Site Request Forgery to Order Information Disclosure

Feb 14, 2023 Patched in 1.0.22 (343d)
WF-75f0bc5a-f588-4aeb-9e55-72e180d39ddf-woo-alidropshipmedium · 6.3Missing Authorization

ALD Dropping and Fulfillment for AliExpress and WooCommerce <= 1.0.21 - Missing Authorization to Order Information Disclosure

Feb 14, 2023 Patched in 1.0.22 (343d)
Code Analysis
Analyzed Mar 16, 2026

ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
3
112 prepared
Unescaped Output
21
2005 escaped
Nonce Checks
29
Capability Checks
37
File Operations
2
External Requests
11
Bundled Libraries
1

Bundled Libraries

Select2

SQL Query Safety

97% prepared115 total queries

Output Escaping

99% escaped2026 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

15 flows1 with unsanitized paths
page_callback (admin\error_images.php:217)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce Attack Surface

Entry Points27
Unprotected0

AJAX Handlers 27

authwp_ajax_vi_wad_download_error_product_imagesadmin\error_images.php:15
authwp_ajax_vi_wad_delete_error_product_imagesadmin\error_images.php:16
authwp_ajax_wad_search_product_failed_imagesadmin\error_images.php:19
authwp_ajax_vi_wad_add_to_import_listadmin\find_product.php:18
authwp_ajax_ald_search_productadmin\find_product.php:19
authwp_ajax_vi_wad_override_productadmin\imported.php:19
authwp_ajax_vi_wad_trash_productadmin\imported.php:20
authwp_ajax_vi_wad_restore_productadmin\imported.php:21
authwp_ajax_vi_wad_delete_productadmin\imported.php:23
authwp_ajax_vi_wad_importadmin\import_list.php:29
authwp_ajax_vi_wad_switch_product_attributes_valuesadmin\import_list.php:30
authwp_ajax_vi_wad_select_shippingadmin\import_list.php:31
authwp_ajax_vi_wad_load_variations_tableadmin\import_list.php:32
authwp_ajax_vi_wad_overrideadmin\import_list.php:33
authwp_ajax_vi_wad_removeadmin\import_list.php:34
authwp_ajax_vi_wad_save_attributesadmin\import_list.php:35
authwp_ajax_vi_wad_remove_attributeadmin\import_list.php:36
authwp_ajax_ald_migrate_to_new_tableadmin\migrate-new-table.php:11
authwp_ajax_ald_migrate_remove_old_dataadmin\migrate-new-table.php:12
authwp_ajax_vi_wad_manually_update_ali_order_idadmin\order.php:20
authwp_ajax_vi_wad_ali_order_detailadmin\order.php:21
authwp_ajax_wad_search_productadmin\settings.php:19
authwp_ajax_wad_search_cateadmin\settings.php:20
authwp_ajax_wad_search_tagsadmin\settings.php:21
authwp_ajax_wad_format_price_rules_testadmin\settings.php:22
authwp_ajax_vi_wad_setup_install_pluginsincludes\setup-wizard.php:21
authwp_ajax_vi_wad_setup_activate_pluginsincludes\setup-wizard.php:22
WordPress Hooks 98
filterplugin_action_links_woo-alidropship/woo-alidropship.phpadmin\admin.php:13
actioninitadmin\admin.php:18
actionvi_wad_print_scriptsadmin\admin.php:19
actionrest_api_initadmin\api.php:26
filterwoocommerce_rest_is_request_to_rest_apiadmin\api.php:27
filtervillatheme_woo_alidropship_sync_ali_order_carrier_urladmin\api.php:28
filtervillatheme_woo_alidropship_sync_ali_order_carrier_nameadmin\api.php:52
actionadmin_enqueue_scriptsadmin\auth.php:11
actionadmin_menuadmin\auth.php:12
filterwoocommerce_api_permissions_in_scopeadmin\auth.php:14
actionadmin_enqueue_scriptsadmin\class-villatheme-admin-show-message.php:10
actionadmin_initadmin\error_images.php:11
actionadmin_initadmin\error_images.php:12
actionadmin_enqueue_scriptsadmin\error_images.php:13
actionadmin_menuadmin\error_images.php:14
filterset-screen-optionadmin\error_images.php:17
actionadmin_headadmin\error_images.php:18
actionadmin_initadmin\find_product.php:17
filtertiny_mce_before_initadmin\find_product.php:432
filterquicktags_settingsadmin\find_product.php:433
filterwc_price_argsadmin\find_product.php:659
actionadmin_initadmin\imported.php:15
actionadmin_menuadmin\imported.php:16
actionadmin_enqueue_scriptsadmin\imported.php:17
filterset-screen-optionadmin\imported.php:18
actionadmin_headadmin\imported.php:22
actionadmin_footeradmin\imported.php:110
actioninitadmin\import_list.php:22
actionadmin_initadmin\import_list.php:23
actionadmin_initadmin\import_list.php:24
actionadmin_noticesadmin\import_list.php:25
actionadmin_menuadmin\import_list.php:26
actionadmin_enqueue_scriptsadmin\import_list.php:27
filterset-screen-optionadmin\import_list.php:28
actionadmin_headadmin\import_list.php:37
actionadmin_footeradmin\import_list.php:431
actionadmin_footeradmin\import_list.php:432
actioninitadmin\migrate-new-table.php:10
actionadmin_enqueue_scriptsadmin\order.php:13
actionmanage_shop_order_posts_custom_columnadmin\order.php:14
actionmanage_woocommerce_page_wc-orders_custom_columnadmin\order.php:15
filterwoocommerce_order_item_display_meta_keyadmin\order.php:16
filterwoocommerce_order_item_display_meta_valueadmin\order.php:17
filterwoocommerce_hidden_order_itemmetaadmin\order.php:18
actionwoocommerce_after_order_itemmetaadmin\order.php:19
filterposts_whereadmin\order.php:22
actionwoocommerce_new_order_itemadmin\order.php:23
filterviews_edit-shop_orderadmin\order.php:24
filterviews_woocommerce_page_wc-ordersadmin\order.php:25
actionwoocommerce_order_actions_endadmin\order.php:26
filterposts_whereadmin\order.php:29
filterwoocommerce_orders_table_query_clausesadmin\order.php:30
filterwoocommerce_order_list_table_prepare_items_query_argsadmin\order.php:31
filterposts_joinadmin\order.php:55
filterposts_distinctadmin\order.php:56
actionadmin_enqueue_scriptsadmin\product.php:14
actiontransition_post_statusadmin\product.php:15
actiondeleted_postadmin\product.php:16
filterpost_row_actionsadmin\product.php:17
actionwoocommerce_product_after_variable_attributesadmin\product.php:18
actionwoocommerce_save_product_variationadmin\product.php:19
actionwoocommerce_product_options_pricingadmin\product.php:22
actionwoocommerce_process_product_meta_simpleadmin\product.php:23
actionpost_submitbox_startadmin\product.php:232
actionadmin_menuadmin\recommend.php:14
actionadmin_enqueue_scriptsadmin\recommend.php:15
actionadmin_initadmin\recommend.php:16
actionadmin_menuadmin\settings.php:16
actionadmin_initadmin\settings.php:17
actionadmin_noticesadmin\settings.php:18
actionadmin_enqueue_scriptsadmin\settings.php:23
actionadmin_menuadmin\system.php:12
actionadmin_enqueue_scriptsadmin\system.php:13
actionadmin_initadmin\transfer_settings.php:12
actionadmin_enqueue_scriptsadmin\transfer_settings.php:13
actionadmin_menuadmin\transfer_settings.php:14
actionwoocommerce_after_checkout_validationfrontend\shipping.php:14
actioninitincludes\class-vi-wad-draft-product.php:9
filterbig_image_size_thresholdincludes\functions.php:71
actionadmin_menuincludes\setup-wizard.php:18
actionadmin_headincludes\setup-wizard.php:19
actionadmin_enqueue_scriptsincludes\setup-wizard.php:20
actionadmin_enqueue_scriptsincludes\support.php:32
actionadmin_noticesincludes\support.php:33
actionadmin_initincludes\support.php:34
actionadmin_menuincludes\support.php:35
filterplugin_row_metaincludes\support.php:37
actionadmin_initincludes\support.php:39
actionadmin_bar_menuincludes\support.php:41
actionadmin_noticesincludes\support.php:55
actionadmin_footerincludes\support.php:672
actionadmin_bar_menuincludes\support.php:810
actionadmin_noticesincludes\support.php:956
filtercron_schedulesincludes\wp-background-process.php:67
actionvi_wad_import_list_before_importplugins\jetpack.php:14
actionplugins_loadedwoo-alidropship.php:41
actionbefore_woocommerce_initwoo-alidropship.php:42
actionactivated_pluginwoo-alidropship.php:144
Maintenance & Trust

ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 27, 2026
PHP min version7.0
Downloads602K

Community Trust

Rating74/100
Number of ratings138
Active installs10K
Alternatives

ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce Alternatives

AliExpress Dropshipping Plugin for WooCommerce – AliNext

AliExpress Dropshipping Plugin for WooCommerce – AliNext

ali2woo-lite

A
91

AliExpress Dropshipping Plugin for WooCommerce lets you import products, reviews, images, set rules, and automate orders

4K 7 CVEs
TMDS – Dropshipping for TEMU and Woo

TMDS – Dropshipping for TEMU and Woo

tmds-dropshipping-for-temu-and-woo

A
100

Transfer data from Temu products to WooCommerce effortlessly.

600 No CVEs
YD Culqi gateway for AliDropship

YD Culqi gateway for AliDropship

yd-culqi-gateway-for-alidropship

A
85

YD Culqi payment gateway for AliDropship provides an easy way to take credit card payments on your online store using Culqi.

10 No CVEs
AppScenic – Smart AI Dropshipping

AppScenic – Smart AI Dropshipping

appscenic

A
92

Expand your store catalogue with no upfront inventory cost. Source high-quality products from verified domestic suppliers and use AI in the process.

2K No CVEs
Importify – AI Dropshipping for WooCommerce

Importify – AI Dropshipping for WooCommerce

importify

A
100

Importify is a dropshipping app that allows you to find products from a variety of wholesalers, add them to your WooCommerce store, and sell them onli &hellip;

2K 1 CVE
Developer Profile

ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce Developer Profile

VillaTheme

58 plugins · 167K total installs

78
trust score
Avg Security Score
99/100
Avg Patch Time
217 days
View full developer profile
Detection Fingerprints

How We Detect ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/woo-alidropship/assets/css/admin-style.css/wp-content/plugins/woo-alidropship/assets/css/frontend-style.css/wp-content/plugins/woo-alidropship/assets/js/admin-script.js/wp-content/plugins/woo-alidropship/assets/js/frontend-script.js
Script Paths
/wp-content/plugins/woo-alidropship/assets/js/admin-script.js/wp-content/plugins/woo-alidropship/assets/js/frontend-script.js
Version Parameters
woo-alidropship/assets/css/admin-style.css?ver=woo-alidropship/assets/css/frontend-style.css?ver=woo-alidropship/assets/js/admin-script.js?ver=woo-alidropship/assets/js/frontend-script.js?ver=

HTML / DOM Fingerprints

CSS Classes
vi-woo-alidropship-admin-wrapvi-wad-auth-form
Data Attributes
data-noncedata-set-url
JS Globals
vi_wad_admin_paramsvi_wad_frontend_params
REST Endpoints
/wp-json/woo-alidropship/v1/settings
FAQ

Frequently Asked Questions about ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce