Does Invoicing with InvoiceXpress for WooCommerce – Free have any unpatched vulnerabilities?

No. All known vulnerabilities in Invoicing with InvoiceXpress for WooCommerce – Free have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Invoicing with InvoiceXpress for WooCommerce – Free compatible with WordPress 7.0?

According to WordPress.org data, Invoicing with InvoiceXpress for WooCommerce – Free 8.0 has been tested up to WordPress 7.0. Check the plugin's changelog for the latest compatibility information.

Is Invoicing with InvoiceXpress for WooCommerce – Free compatible with PHP 7.2+?

Invoicing with InvoiceXpress for WooCommerce – Free requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

What is Invoicing with InvoiceXpress for WooCommerce – Free's security score?

Invoicing with InvoiceXpress for WooCommerce – Free has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Invoicing with InvoiceXpress for WooCommerce – Free Security & Risk Analysis

wordpress.org/plugins/woo-billing-with-invoicexpress

WooCommerce legal invoicing made easy with InvoiceXpress integration. Facturação legal em Portugal com o InvoiceXpress.

100 active installs v8.0 PHP 7.2+ WP 5.8+ Updated Mar 12, 2026

billingecommerceinvoiceinvoicexpresswoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Invoicing with InvoiceXpress for WooCommerce – Free Safe to Use in 2026?

Generally Safe

Score 100/100

Invoicing with InvoiceXpress for WooCommerce – Free has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 22d ago

Risk Assessment

The "woo-billing-with-invoicexpress" plugin v8.0 exhibits a generally strong security posture based on the provided static analysis. The absence of any known CVEs and a clean vulnerability history across all severity levels is a significant positive indicator. The code appears to follow good practices by having a limited attack surface with no apparent unprotected entry points and a high percentage of properly escaped output. However, a critical concern arises from the taint analysis, which revealed two flows with unsanitized paths. While no critical or high severity issues were flagged by taint analysis, the presence of unsanitized paths, even if not immediately exploitable or resulting in critical vulnerabilities in this specific scan, represents a potential weakness that could be leveraged by attackers under certain conditions. Additionally, the plugin lacks nonce checks on its cron events, which could potentially be a vector for privilege escalation or unwanted action execution if the cron event's functionality is sensitive. The limited number of SQL queries and their high usage of prepared statements are commendable.

Key Concerns

Flows with unsanitized paths detected
No nonce checks on cron events

Vulnerabilities

None known

Invoicing with InvoiceXpress for WooCommerce – Free Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Invoicing with InvoiceXpress for WooCommerce – Free Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

119 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

67% prepared3 total queries

Output Escaping

95% escaped125 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

3 flows2 with unsanitized paths

startAPI (includes\ReDownloadPDF.php:17)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Invoicing with InvoiceXpress for WooCommerce – Free Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 44

filterwp_mail_content_typeincludes\BaseController.php:920

actioninitincludes\BaseSettings.php:57

actionafter_setup_themeincludes\BaseSettings.php:82

actionadmin_initincludes\BaseSettings.php:83

actionafter_setup_themeincludes\Menu\Menu.php:26

actionadmin_menuincludes\Menu\Menu.php:32

actionadmin_noticesincludes\Menu\Menu.php:33

actionwoocommerce_process_shop_order_metaincludes\Menu\Menu.php:36

actioninitincludes\Menu\Menu.php:40

filterquery_varsincludes\Menu\Menu.php:41

actionparse_requestincludes\Menu\Menu.php:42

actioninitincludes\Modules\Invoice\InvoiceController.php:21

filterwoocommerce_order_actionsincludes\Modules\Invoice\InvoiceController.php:24

actioninitincludes\Modules\SimplifiedInvoice\SimplifiedInvoiceController.php:21

filterwoocommerce_order_actionsincludes\Modules\SimplifiedInvoice\SimplifiedInvoiceController.php:24

actionwoocommerce_checkout_update_order_metaincludes\Modules\Taxes\TaxController.php:16

actionwoocommerce_store_api_checkout_order_processedincludes\Modules\Taxes\TaxController.php:18

actionwoocommerce_admin_order_data_after_billing_addressincludes\Modules\Taxes\TaxController.php:20

actionwoocommerce_process_shop_order_metaincludes\Modules\Taxes\TaxController.php:21

actionplugins_loadedincludes\Modules\Vat\VatController.php:55

actionafter_setup_themeincludes\Modules\Vat\VatController.php:67

filterwoocommerce_checkout_fieldsincludes\Modules\Vat\VatController.php:76

actionwoocommerce_after_checkout_validationincludes\Modules\Vat\VatController.php:78

actionwoocommerce_checkout_update_order_metaincludes\Modules\Vat\VatController.php:80

actionwoocommerce_after_edit_address_form_billingincludes\Modules\Vat\VatController.php:83

actionwoocommerce_customer_save_addressincludes\Modules\Vat\VatController.php:85

filterwoocommerce_customer_meta_fieldsincludes\Modules\Vat\VatController.php:88

filterwoocommerce_admin_billing_fieldsincludes\Modules\Vat\VatController.php:90

filterwoocommerce_ajax_get_customer_detailsincludes\Modules\Vat\VatController.php:92

filterwoocommerce_email_order_meta_fieldsincludes\Modules\Vat\VatController.php:95

actionwoocommerce_admin_order_data_after_shipping_addressincludes\Modules\Vat\VatController.php:107

actionwoocommerce_process_shop_order_metaincludes\Modules\Vat\VatController.php:109

actioninitincludes\Plugin.php:56

actionplugins_loadedincludes\Plugin.php:118

actionplugins_loadedincludes\Plugin.php:119

actionadmin_enqueue_scriptsincludes\Plugin.php:120

filterwoocommerce_screen_idsincludes\Plugin.php:121

actioninitincludes\Plugin.php:123

actionupdate_option_hd_wc_ie_plus_subdomainincludes\Settings\Settings.php:28

actionwoocommerce_store_api_checkout_order_processedincludes\WoocommerceBlocks\invoicexpress-vat-extend-store-endpoint.php:60

actionwoocommerce_blocks_loadedincludes\WoocommerceBlocks\VatCheckoutBlock.php:34

actionwoocommerce_blocks_checkout_block_registrationincludes\WoocommerceBlocks\VatCheckoutBlock.php:45

actionadmin_noticeswoocommerce-billing-invoicexpress-standard-edition.php:94

actionbefore_woocommerce_initwoocommerce-billing-invoicexpress-standard-edition.php:113

Scheduled Events 1

invoicexpress_woocommerce_fetch_at_code

Maintenance & Trust

Invoicing with InvoiceXpress for WooCommerce – Free Maintenance & Trust

Maintenance Signals

WordPress version tested7.0

Last updatedMar 12, 2026

PHP min version7.2

Downloads26K

Community Trust

Rating100/100

Number of ratings11

Active installs100

Alternatives

Invoicing with InvoiceXpress for WooCommerce – Free Alternatives

TOConline for WooCommerce

toconline-for-woocommerce

100

TOConline for WooCommerce is a WordPress plugin that automates invoicing with TOConline.

100 No CVEs

PDF InvoiceX – PDF Invoice for WooCommerce

pdf-invoicex

100

Generate and download PDF invoices for WooCommerce orders, with customizable settings, email attachments, and bulk generation.

70 No CVEs

Invoices by Customer

invoices-by-customer-347

Obtain a list of invoices by quarter and year for customers who exceed a certain amount.

20 No CVEs

MagniFinance Invoice System

magnifinance-invoice-system

MagniFinance Invoice System for WooCommerce.

10 No CVEs

Invoct – PDF Invoices & Billing for WooCommerce

kirilkirkov-pdf-invoice-manager

Professional PDF invoicing & billing for WooCommerce and WordPress, with Stripe payments and automated VAT/tax handling.

0 1 CVE

Developer Profile

Invoicing with InvoiceXpress for WooCommerce – Free Developer Profile

Marco Almeida | Webdados

21 plugins · 27K total installs

trust score

Avg Security Score

100/100

Avg Patch Time

143 days

View full developer profile

Detection Fingerprints

How We Detect Invoicing with InvoiceXpress for WooCommerce – Free

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/woo-billing-with-invoicexpress/assets/css/admin.css/wp-content/plugins/woo-billing-with-invoicexpress/assets/js/admin.js

Script Paths

/wp-content/plugins/woo-billing-with-invoicexpress/assets/js/admin.js

Version Parameters

woo-billing-with-invoicexpress/assets/css/admin.css?ver=woo-billing-with-invoicexpress/assets/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

invoicexpress-woocommerce-wrapinvoicexpress-woocommerce-fieldinvoicexpress-woocommerce-api-keyinvoicexpress-woocommerce-company-idinvoicexpress-woocommerce-api-tokeninvoicexpress-woocommerce-api-token-helpinvoicexpress-woocommerce-manual-sync-wrapperinvoicexpress-woocommerce-manual-sync-button+4 more

HTML Comments

/* If you're reading this you must know what you're doing ;-) Greetings from sunny Portugal! */

Data Attributes

data-id='invoicexpress_woocommerce_api_key'data-id='invoicexpress_woocommerce_company_id'data-id='invoicexpress_woocommerce_api_token'data-id='invoicexpress_woocommerce_sync_all'data-id='invoicexpress_woocommerce_sync_customers'data-id='invoicexpress_woocommerce_sync_invoices'+5 more

JS Globals

window.invoicexpress_woocommerce_admin_ajax_urlwindow.invoicexpress_woocommerce_nonce

FAQ