WP-Safety

Print Invoice & Delivery Notes for WooCommerce Security & Risk Analysis

wordpress.org/plugins/woocommerce-delivery-notes

Create and print PDF invoices, delivery notes and receipts for your WooCommerce orders. Choose your document format from multiple templates.

30K active installs v6.0.0 PHP 7.4+ WP 4.4+ Updated Feb 10, 2026
delivery-notesinvoicepacking-slipspdf-invoicewoocommerce-print-invoice
89
A · Safe
CVEs total8
Unpatched0
Last CVEFeb 3, 2026
Plugin page Download
Safety Verdict

Is Print Invoice & Delivery Notes for WooCommerce Safe to Use in 2026?

Generally Safe

Score 89/100

Print Invoice & Delivery Notes for WooCommerce has a strong security track record. Known vulnerabilities have been patched promptly.

8 known CVEsLast CVE: Feb 3, 2026Updated 1mo ago
Risk Assessment

The "woocommerce-delivery-notes" plugin v6.0.0 exhibits a mixed security posture. While the static analysis shows good practices in some areas, such as 100% of SQL queries using prepared statements and a high percentage of output escaping, significant concerns arise from its vulnerability history and taint analysis.

The plugin has a history of 8 known CVEs, including a past critical vulnerability and several medium severity issues across common types like Code Injection, CSRF, Information Exposure, Missing Authorization, and XSS. This indicates a recurring pattern of security weaknesses that have required significant patching in the past. The taint analysis reveals flows with unsanitized paths, although no critical or high severity issues were found in this specific version's analysis. However, the presence of unsanitized paths, even without immediate critical impact, warrants attention given the plugin's history.

Overall, the plugin demonstrates some positive security implementations in its current version's static analysis, particularly regarding SQL queries and output escaping. Nevertheless, the substantial historical vulnerability count, including past critical flaws, coupled with the identification of unsanitized paths in taint analysis, suggests that this plugin requires careful monitoring and potentially stricter auditing. Users should be aware that despite improvements in the current version's static analysis, the plugin's past indicates a higher risk profile.

Key Concerns

  • Significant historical CVEs, including critical
  • Flows with unsanitized paths identified
  • Bundled library (Select2) potential for outdatedness
Vulnerabilities
8

Print Invoice & Delivery Notes for WooCommerce Security Vulnerabilities

CVEs by Year

2 CVEs in 2023
2023
2 CVEs in 2024
2024
3 CVEs in 2025
2025
1 CVE in 2026
2026
Patched Has unpatched

Severity Breakdown

Critical
1
Medium
7

8 total CVEs

CVE-2026-24946medium · 5.3Missing Authorization

Print Invoice & Delivery Notes for WooCommerce <= 5.8.0 - Missing Authorization

Feb 3, 2026 Patched in 5.9.0 (7d)
CVE-2025-13773critical · 9.8Improper Control of Generation of Code ('Code Injection')

Print Invoice & Delivery Notes for WooCommerce <= 5.8.0 - Unauthenticated Remote Code Execution

Dec 23, 2025 Patched in 5.9.0 (1d)
CVE-2025-49239medium · 4.3Cross-Site Request Forgery (CSRF)

Print Invoice & Delivery Notes for WooCommerce <= 5.5.0 - Cross-Site Request Forgery

Jun 5, 2025 Patched in 5.6.0 (7d)
CVE-2024-13640medium · 5.9Exposure of Sensitive Information to an Unauthorized Actor

Print Invoice & Delivery Notes for WooCommerce <= 5.4.1 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory

Mar 7, 2025 Patched in 5.5.0 (1d)
CVE-2024-12210medium · 4.3Missing Authorization

Print Invoice & Delivery Notes for WooCommerce <= 5.4.0 - Missing Authorization to Authenticated (Subscriber+) Logo Deletion

Dec 23, 2024 Patched in 5.4.1 (1d)
CVE-2024-4233medium · 4.3Missing Authorization

Multiple Plugins by tychesoftwares <= (Various Versions) - Missing Authorization to Notice Dismissal

Apr 26, 2024 Patched in 4.9.0 (5d)
CVE-2022-46795medium · 4.3Cross-Site Request Forgery (CSRF)

Print Invoice & Delivery Notes for WooCommerce <= 4.7.2 - Cross-Site Request Forgery via ts_reset_tracking_setting

Mar 13, 2023 Patched in 4.7.3 (316d)
CVE-2023-0479medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Print Invoice & Delivery Notes for WooCommerce <= 4.7.1 - Reflected Cross-Site Scripting

Feb 2, 2023 Patched in 4.7.2 (355d)
Code Analysis
Analyzed Mar 16, 2026

Print Invoice & Delivery Notes for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
105
781 escaped
Nonce Checks
7
Capability Checks
8
File Operations
11
External Requests
2
Bundled Libraries
1

Bundled Libraries

Select2

Output Escaping

88% escaped886 total outputs
Data Flows
4 unsanitized

Data Flow Analysis

11 flows4 with unsanitized paths
load_image_ajax (includes\class-wcdn-settings.php:600)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Print Invoice & Delivery Notes for WooCommerce Attack Surface

Entry Points4
Unprotected0

AJAX Handlers 4

authwp_ajax_print_orderincludes\class-wcdn-print.php:197
authwp_ajax_wcdn_remove_shoplogoincludes\class-wcdn-settings.php:47
authwp_ajax_ts_reset_tracking_settingincludes\class-woocommerce-delivery-notes.php:355
authwp_ajax_tyche_plugin_deactivation_submit_actionincludes\component\plugin-deactivation\class-tyche-plugin-deactivation.php:93
WordPress Hooks 55
actioninitincludes\class-wcdn-print.php:193
filterquery_varsincludes\class-wcdn-print.php:194
actionparse_requestincludes\class-wcdn-print.php:195
actiontemplate_redirectincludes\class-wcdn-print.php:196
actionwcdn_after_itemsincludes\class-wcdn-print.php:198
actionadmin_menuincludes\class-wcdn-settings.php:43
filterwoocommerce_settings_tabs_arrayincludes\class-wcdn-settings.php:44
actionwoocommerce_settings_startincludes\class-wcdn-settings.php:45
actionwoocommerce_admin_field_linkincludes\class-wcdn-settings.php:48
actionwp_loadedincludes\class-wcdn-theme.php:30
filterwoocommerce_my_account_my_orders_actionsincludes\class-wcdn-theme.php:39
actionwoocommerce_view_orderincludes\class-wcdn-theme.php:40
actionwoocommerce_thankyouincludes\class-wcdn-theme.php:41
actionwp_enqueue_scriptsincludes\class-wcdn-theme.php:42
actionwoocommerce_email_after_order_tableincludes\class-wcdn-theme.php:43
filterwoocommerce_email_attachmentsincludes\class-wcdn-theme.php:44
actionadmin_initincludes\class-wcdn-writepanel.php:30
actionwoocommerce_admin_order_actions_endincludes\class-wcdn-writepanel.php:38
actionadmin_enqueue_scriptsincludes\class-wcdn-writepanel.php:39
actionadmin_enqueue_scriptsincludes\class-wcdn-writepanel.php:40
actionadd_meta_boxesincludes\class-wcdn-writepanel.php:41
filterbulk_actions-edit-shop_orderincludes\class-wcdn-writepanel.php:42
filterhandle_bulk_actions-edit-shop_orderincludes\class-wcdn-writepanel.php:43
filterbulk_actions-woocommerce_page_wc-ordersincludes\class-wcdn-writepanel.php:44
filterhandle_bulk_actions-woocommerce_page_wc-ordersincludes\class-wcdn-writepanel.php:45
actionadmin_noticesincludes\class-wcdn-writepanel.php:47
actionwcdn_delete_fileincludes\class-woocommerce-delivery-notes.php:135
actioninitincludes\class-woocommerce-delivery-notes.php:145
actioninitincludes\class-woocommerce-delivery-notes.php:146
actioninitincludes\class-woocommerce-delivery-notes.php:147
actionadmin_enqueue_scriptsincludes\class-woocommerce-delivery-notes.php:148
actionwoocommerce_initincludes\class-woocommerce-delivery-notes.php:149
actionadmin_initincludes\class-woocommerce-delivery-notes.php:348
actioninitincludes\class-woocommerce-delivery-notes.php:349
filterwcdn_ts_tracker_dataincludes\class-woocommerce-delivery-notes.php:351
actionwcdn_init_tracker_completedincludes\class-woocommerce-delivery-notes.php:353
filterwcdn_ts_tracker_display_noticeincludes\class-woocommerce-delivery-notes.php:354
actionadmin_print_scripts-plugins.phpincludes\component\plugin-deactivation\class-tyche-plugin-deactivation.php:92
actionadmin_noticesincludes\component\plugin-tracking\class-tyche-plugin-tracking.php:81
filtercron_schedulesincludes\component\plugin-tracking\class-tyche-plugin-tracking.php:82
actionadmin_initincludes\component\plugin-tracking\class-tyche-plugin-tracking.php:83
actionadmin_initincludes\component\woocommerce-check\ts-woo-active.php:42
actionadmin_noticesincludes\component\woocommerce-check\ts-woo-active.php:53
filterwoocommerce_get_order_item_totalsincludes\wcdn-template-functions.php:198
filterwoocommerce_get_order_item_totalsincludes\wcdn-template-functions.php:199
filterwoocommerce_get_order_item_totalsincludes\wcdn-template-functions.php:200
filterwoocommerce_get_item_countincludes\wcdn-template-functions.php:886
actionwcdn_headincludes\wcdn-template-hooks.php:18
actionwcdn_headincludes\wcdn-template-hooks.php:19
actionwcdn_before_pageincludes\wcdn-template-hooks.php:24
actionwcdn_loop_contentincludes\wcdn-template-hooks.php:29
filterwcdn_order_item_fieldsincludes\wcdn-template-hooks.php:30
actionwoocommerce_checkout_create_orderincludes\wcdn-template-hooks.php:35
actionwoocommerce_store_api_checkout_update_order_metaincludes\wcdn-template-hooks.php:36
actionbefore_woocommerce_initwoocommerce-delivery-notes.php:61
Maintenance & Trust

Print Invoice & Delivery Notes for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.0
Last updatedFeb 10, 2026
PHP min version7.4
Downloads1.3M

Community Trust

Rating92/100
Number of ratings119
Active installs30K
Alternatives

Print Invoice & Delivery Notes for WooCommerce Alternatives

WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes & Shipping Labels

WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes & Shipping Labels

print-invoices-packing-slip-labels-for-woocommerce

A
96

Auto-generate and attach WooCommerce PDF invoices and packing slips to order emails with customizable templates & bulk print options.

60K 6 CVEs
PDF Invoices and Packing Slips For WooCommerce

PDF Invoices and Packing Slips For WooCommerce

pdf-invoices-and-packing-slips-for-woocommerce

A
99

WooCommerce PDF Invoice plugin helps to generate custom designed invoices for a WooCommerce store. Apart from the Invoice, this plugin can also be use &hellip;

1K 1 CVE
Invoices for WooCommerce

Invoices for WooCommerce

woocommerce-pdf-invoices

A
92

Automatically generate and attach customizable PDF Invoices and PDF Packing Slips for WooCommerce to emails.

10K No CVEs
PDF Invoices and Packing Slips for Woocommerce

PDF Invoices and Packing Slips for Woocommerce

webplanex-invoices

A
100

Generate PDF Invoices, Shipping Labels, Packing Slips, Delivery Notes and Credit notes for your WooCommerce store.

30 No CVEs
WCPDF User Template

WCPDF User Template

bvd-wcpdf-user-template

A
100

With this plugin you can change what PDF template will be used for a certain user. "WooCommerce PDF Invoices & Packing Slips" is the plu &hellip;

0 No CVEs
Developer Profile

Print Invoice & Delivery Notes for WooCommerce Developer Profile

tychesoftwares

20 plugins · 160K total installs

73
trust score
Avg Security Score
91/100
Avg Patch Time
232 days
View full developer profile
Detection Fingerprints

How We Detect Print Invoice & Delivery Notes for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/woocommerce-delivery-notes/assets/css/admin.css/wp-content/plugins/woocommerce-delivery-notes/assets/css/bootstrap.min.css/wp-content/plugins/woocommerce-delivery-notes/assets/css/select2.min.css/wp-content/plugins/woocommerce-delivery-notes/assets/js/bootstrap.min.js/wp-content/plugins/woocommerce-delivery-notes/assets/js/bootstrap.bundle.min.js/wp-content/plugins/woocommerce-delivery-notes/assets/js/select2.min.js/wp-content/plugins/woocommerce-delivery-notes/assets/js/vue.js/wp-content/plugins/woocommerce-delivery-notes/assets/js/jquery.print-link.js+5 more
Script Paths
woocommerce-delivery-notes/assets/js/bootstrap.min.jswoocommerce-delivery-notes/assets/js/bootstrap.bundle.min.jswoocommerce-delivery-notes/assets/js/select2.min.jswoocommerce-delivery-notes/assets/js/vue.jswoocommerce-delivery-notes/assets/js/jquery.print-link.jswoocommerce-delivery-notes/assets/js/admin.js+3 more
Version Parameters
woocommerce-delivery-notes/assets/css/admin.css?ver=woocommerce-delivery-notes/assets/css/bootstrap.min.css?ver=woocommerce-delivery-notes/assets/css/select2.min.css?ver=woocommerce-delivery-notes/assets/js/bootstrap.min.js?ver=woocommerce-delivery-notes/assets/js/bootstrap.bundle.min.js?ver=woocommerce-delivery-notes/assets/js/select2.min.js?ver=woocommerce-delivery-notes/assets/js/vue.js?ver=woocommerce-delivery-notes/assets/js/jquery.print-link.js?ver=woocommerce-delivery-notes/assets/js/admin.js?ver=woocommerce-delivery-notes/assets/js/wdne-invoice-add-edit.js?ver=woocommerce-delivery-notes/assets/css/adminstyle.css?ver=woocommerce-delivery-notes/assets/js/wdne-receipt-add-edit.js?ver=woocommerce-delivery-notes/assets/js/wdne-deliverynote-add-edit.js?ver=

HTML / DOM Fingerprints

CSS Classes
wcdn-settingswcdn_invoicewcdn_receiptwcdn_deliverynote
Data Attributes
data-tab="wcdn-settings"data-setting="wcdn_invoice"data-setting="wcdn_receipt"data-setting="wcdn_deliverynote"
JS Globals
wcdnadmin_object
FAQ

Frequently Asked Questions about Print Invoice & Delivery Notes for WooCommerce