Does Visma for WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in Visma for WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Visma for WooCommerce compatible with WordPress 6.8.5?

According to WordPress.org data, Visma for WooCommerce 2.5.2 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

How often is Visma for WooCommerce updated?

Visma for WooCommerce was last updated on Sep 25, 2025. Frequent updates are generally a positive security signal.

What is Visma for WooCommerce's security score?

Visma for WooCommerce has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Visma for WooCommerce Security & Risk Analysis

wordpress.org/plugins/woo-visma-integration

Visma for WooCommerce är den mest omfattande integrationen mellan WooCommerce och Visma eEkonomi. Pluginet automatiserar hela flödet från webshop till …

90 active installs v2.5.2 PHP + WP 5.0+ Updated Sep 25, 2025

accountinge-commerceordersyncwoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Visma for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Visma for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6mo ago

Risk Assessment

The "woo-visma-integration" plugin v2.5.2 presents a mixed security posture. On the positive side, it exhibits good practices by using prepared statements for 89% of its SQL queries and properly escaping 87% of its outputs. The absence of known CVEs in its vulnerability history is also a strong indicator of a generally well-maintained codebase.

However, significant security concerns arise from its attack surface. The plugin exposes four AJAX handlers, all of which lack proper authentication checks. This creates a substantial risk of unauthorized access and manipulation of sensitive data or functionality. Additionally, the taint analysis reveals two flows with unsanitized paths, which could potentially lead to vulnerabilities if these paths are exposed to user-controlled input without sufficient sanitization.

While the plugin has no documented vulnerabilities, the presence of unprotected AJAX endpoints and unsanitized paths indicates a need for improvement. The plugin's strengths lie in its handling of SQL and output escaping, but the unprotected entry points represent a clear and present danger. Users should be aware of these risks and consider applying security hardening measures until these issues are addressed by the developer.

Key Concerns

4 AJAX handlers without auth checks
2 Taint flows with unsanitized paths
2 Nonce checks (low coverage)
2 Capability checks (low coverage)

Vulnerabilities

None known

Visma for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Visma for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

8 prepared

Unescaped Output

82 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

89% prepared9 total queries

Output Escaping

87% escaped94 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

4 flows2 with unsanitized paths

check_wetail_visma_license_key (includes\class-wtv-ajax.php:112)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

4 unprotected

Visma for WooCommerce Attack Surface

Entry Points4

Unprotected4

AJAX Handlers 4

authwp_ajax_wtv_get_order_invoice_pdfplugin.php:84

authwp_ajax_visma_update_settingplugin.php:163

authwp_ajax_visma_admin_actionplugin.php:170

authwp_ajax_check_wetail_visma_license_keyplugin.php:177

WordPress Hooks 43

actionvisma_after_order_syncincludes\api\class-wtv-notes.php:92

actionwoocommerce_order_status_changedincludes\api\class-wtv-sync-controller.php:15

actionwetail_visma_sync_orderincludes\api\class-wtv-sync-controller.php:32

filterpre_optionincludes\class-wtv-migrate.php:135

filterpre_update_optionincludes\class-wtv-migrate.php:136

filterpre_optionincludes\utils\class-wtv-customer-visma-db.php:36

filterpre_update_optionincludes\utils\class-wtv-customer-visma-db.php:37

actionwoocommerce_admin_process_product_objectincludes\views\class-wtv-product-fields.php:37

actionwoocommerce_save_product_variationincludes\views\class-wtv-product-fields.php:44

actionwoocommerce_duplicate_product_exclude_metaincludes\views\class-wtv-product-fields.php:49

actionwoocommerce_product_options_pricingincludes\views\class-wtv-product-fields.php:67

actionwoocommerce_product_after_variable_attributesincludes\views\class-wtv-product-fields.php:88

actionbefore_woocommerce_initplugin.php:35

actionplugins_loadedplugin.php:66

actionwoocommerce_order_refundedplugin.php:73

actionwoocommerce_order_refundedplugin.php:78

actioninitplugin.php:82

actionadd_meta_boxesplugin.php:83

actioninitplugin.php:93

actionwoocommerce_checkout_update_order_metaplugin.php:95

actionwoocommerce_process_shop_order_metaplugin.php:96

actionwoocommerce_before_resend_order_emailsplugin.php:97

actionwoocommerce_api_create_orderplugin.php:98

actionwoocommerce_deposits_create_orderplugin.php:99

filterwoocommerce_order_numberplugin.php:102

filterwoocommerce_checkout_fieldsplugin.php:105

actionwoocommerce_process_shop_order_metaplugin.php:106

actionwoocommerce_admin_order_data_after_billing_addressplugin.php:110

actionadmin_initplugin.php:120

actionadmin_noticesplugin.php:125

actionadmin_noticesplugin.php:126

actionadmin_noticesplugin.php:127

actionadmin_enqueue_scriptsplugin.php:131

filtermanage_edit-shop_order_columnsplugin.php:134

filterwoocommerce_shop_order_list_table_columnsplugin.php:135

actionmanage_shop_order_posts_custom_columnplugin.php:138

actionwoocommerce_shop_order_list_table_custom_columnplugin.php:139

filtermanage_edit-product_columnsplugin.php:142

actionmanage_product_posts_custom_columnplugin.php:145

actionsave_postplugin.php:148

actionupgrader_process_completeplugin.php:150

actionadmin_menuplugin.php:156

filterrest_api_initplugin.php:185

Scheduled Events 1

wetail_visma_sync_order

Maintenance & Trust

Visma for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedSep 25, 2025

PHP min version

Downloads8K

Community Trust

Rating0/100

Number of ratings0

Active installs90

Alternatives

Visma for WooCommerce Alternatives

Fortnox for WooCommerce

woocommerce-fortnox-integration

Synchronizes all customers, products and orders from WooCommerce to Fortnox. Saves you both sweat and hours of work.

200 2 CVEs

Up2pay e-Transactions WooCommerce Payment Gateway

e-transactions-wc

100

This plugin is a Up2pay e-Transactions payment gateway for WooCommerce 4.x

4K No CVEs

GSheetConnector for WC

wc-gsheetconnector

Google Sheet Integration for WooCommerce Plugin, Addon plugin of WooCommerce - Helps to send the orders directly to Google Sheets in a real-time.

3K 3 CVEs

TT Extra Fee Option for WooCommerce

woocommerce-extra-fee-option

100

A WooCommerce plugin that add an extra fee to customer order based on conditions.

1K No CVEs

Paybox WooCommerce Payment Gateway

paybox-woocommerce-gateway

100

This plugin is a Paybox payment gateway for WooCommerce 4.x

500 No CVEs

Developer Profile

Visma for WooCommerce Developer Profile

Wetail

6 plugins · 540 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

8 days

View full developer profile

Detection Fingerprints

How We Detect Visma for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/woo-visma-integration/assets/css/backend.css/wp-content/plugins/woo-visma-integration/assets/js/backend.js/wp-content/plugins/woo-visma-integration/assets/js/frontend.js

Script Paths

/wp-content/plugins/woo-visma-integration/assets/js/backend.js/wp-content/plugins/woo-visma-integration/assets/js/frontend.js

Version Parameters

woo-visma-integration/assets/css/backend.css?ver=woo-visma-integration/assets/js/backend.js?ver=woo-visma-integration/assets/js/frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes

wtv-billing-country-wrapwtv-billing-company-wrapwtv-product-sync-statuswtv-product-sync-iconwtv-product-sync-tooltipwtv-order-sync-statuswtv-order-sync-iconwtv-order-sync-tooltip+6 more

HTML Comments

+8 more

Data Attributes

data-wtv-product-iddata-wtv-sync-actiondata-wtv-order-iddata-wtv-sync-action

JS Globals

wtv_ajax_object

REST Endpoints

/wp-json/visma/v1/products/wp-json/visma/v1/orders/wp-json/visma/v1/customers/wp-json/visma/v1/invoices

FAQ