WP-Safety

EU VAT Assistant for WooCommerce Security & Risk Analysis

wordpress.org/plugins/woocommerce-eu-vat-assistant

Extends the standard WooCommerce sale process and assists in achieving compliance with the new EU VAT regime starting on the 1st of January 2015.

5K active installs v2.1.26.251024 PHP 7.1+ WP 5.0+ Updated Dec 4, 2025
aeliadigital-vattax-compliancevat-compliancewoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is EU VAT Assistant for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

EU VAT Assistant for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago
Risk Assessment

The "woocommerce-eu-vat-assistant" v2.1.26.251024 plugin demonstrates a generally strong security posture with a clean vulnerability history. Notably, it avoids dangerous functions and utilizes prepared statements for all SQL queries, indicating good development practices in these critical areas. The absence of known CVEs and recent vulnerabilities further reinforces its perceived security. However, the static analysis reveals a significant concern regarding output escaping, with only 4% of outputs being properly escaped. This indicates a high potential for Cross-Site Scripting (XSS) vulnerabilities, which could be exploited by attackers to inject malicious scripts into user sessions. Additionally, the presence of one unprotected AJAX handler exposes a potential entry point that is not secured by authentication or capability checks, increasing the risk of unauthorized actions.

Key Concerns

  • Unprotected AJAX handler
  • Low percentage of properly escaped output
Vulnerabilities
None known

EU VAT Assistant for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

EU VAT Assistant for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
110
4 escaped
Nonce Checks
1
Capability Checks
2
File Operations
15
External Requests
2
Bundled Libraries
0

Output Escaping

4% escaped114 total outputs
Attack Surface
1 unprotected

EU VAT Assistant for WooCommerce Attack Surface

Entry Points3
Unprotected1

AJAX Handlers 3

authwp_ajax_validate_vat_numbersrc\plugin-main.php:480
noprivwp_ajax_validate_vat_numbersrc\plugin-main.php:481
authwp_ajax_collect_order_vat_infosrc\plugin-main.php:482
WordPress Hooks 28
actionadmin_initsrc\embedded-framework\wc-aelia-foundation-classes-embedded\src\plugin-main.php:94
actioninitsrc\embedded-framework\wc-aelia-foundation-classes-embedded\src\plugin-main.php:98
actionwp_loginsrc\embedded-framework\wc-aelia-foundation-classes-embedded\src\plugin-main.php:100
filtercron_schedulessrc\embedded-framework\wc-aelia-foundation-classes-embedded\src\plugin-main.php:326
filterpre_option_woocommerce_allowed_countriessrc\plugin-main.php:360
filterwoocommerce_countries_allowed_countriessrc\plugin-main.php:361
filterwc_aelia_eu_vat_assistant_validate_vat_numbersrc\plugin-main.php:443
actionadmin_noticessrc\plugin-main.php:446
actionwoocommerce_checkout_update_order_metasrc\plugin-main.php:462
actionwoocommerce_checkout_update_user_metasrc\plugin-main.php:463
actionwoocommerce_checkout_fieldssrc\plugin-main.php:466
actionwoocommerce_checkout_update_order_reviewsrc\plugin-main.php:469
actionwoocommerce_checkout_processsrc\plugin-main.php:470
filterwcs_renewal_order_createdsrc\plugin-main.php:473
actionwoocommerce_checkout_order_processedsrc\plugin-main.php:477
actionwc_aelia_currencyswitcher_settings_savedsrc\plugin-main.php:490
actionadd_meta_boxessrc\plugin-main.php:493
filterwoocommerce_order_formatted_billing_addresssrc\plugin-main.php:494
filterwoocommerce_formatted_address_replacementssrc\plugin-main.php:495
filterwoocommerce_localisation_address_formatssrc\plugin-main.php:496
filterwoocommerce_admin_billing_fieldssrc\plugin-main.php:499
filterwoocommerce_process_shop_order_metasrc\plugin-main.php:503
filterwoocommerce_ajax_get_customer_detailssrc\plugin-main.php:507
filterwoocommerce_customer_meta_fieldssrc\plugin-main.php:511
filterwc_aelia_eu_vat_assistant_convertsrc\plugin-main.php:515
filterwc_aelia_eu_vat_assistant_get_order_exchange_ratesrc\plugin-main.php:516
filterwc_aelia_eu_vat_assistant_get_settingsrc\plugin-main.php:517
filterwoocommerce_order_is_vat_exemptsrc\plugin-main.php:521
Maintenance & Trust

EU VAT Assistant for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.9
Last updatedDec 4, 2025
PHP min version7.1
Downloads314K

Community Trust

Rating100/100
Number of ratings37
Active installs5K
Alternatives

EU VAT Assistant for WooCommerce Alternatives

European VAT Compliance Assistant for WooCommerce

European VAT Compliance Assistant for WooCommerce

woocommerce-eu-vat-compliance

A
100

Assists with EU/UK/Norway/Switzerland VAT compliance for WooCommerce, for the VAT regimes that began in 2015 and were extended in 2021), including the …

3K No CVEs
Connect WooCommerce Shop to ERP/CRM, Verifactu and EU/VAT Compliance

Connect WooCommerce Shop to ERP/CRM, Verifactu and EU/VAT Compliance

woocommerce-es

A
100

Add VAT Fields, Import European Taxes and check VAT compliance. Connect WooCommerce with ERPs and CRMs. Products, Clients and Orders with ERP/CRM.

1K No CVEs
Essential Addons for Elementor – Popular Elementor Templates & Widgets

Essential Addons for Elementor – Popular Elementor Templates & Widgets

essential-addons-for-elementor-lite

B
76

Elementor addon offering 110+ widgets and templates — Elementor Gallery, Slider, Form, Post Grid, Menu, Accordion, WooCommerce & more.

2.0M 56 CVEs
Google for WooCommerce

Google for WooCommerce

google-listings-and-ads

A
99

Native integration with Google that allows merchants to easily display their products across Google’s network.

900K 1 CVE
WooPayments: Integrated WooCommerce Payments

WooPayments: Integrated WooCommerce Payments

woocommerce-payments

A
97

Securely accept credit and debit cards on your WooCommerce store. Manage payments without leaving your WordPress dashboard. Only with WooPayments.

900K 6 CVEs
Developer Profile

EU VAT Assistant for WooCommerce Developer Profile

Diego

1 plugin · 5K total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect EU VAT Assistant for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/woocommerce-eu-vat-assistant/js/admin/admin-common.js/wp-content/plugins/woocommerce-eu-vat-assistant/design/css/admin.css
Script Paths
/wp-content/plugins/woocommerce-eu-vat-assistant/js/admin/admin-common.js/wp-content/plugins/woocommerce-eu-vat-assistant/js/frontend.js
Version Parameters
woocommerce-eu-vat-assistant/js/admin/admin-common.js?ver=woocommerce-eu-vat-assistant/design/css/admin.css?ver=woocommerce-eu-vat-assistant/js/frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
aelia-wc-afc-admin-scripts
HTML Comments
<!-- Standalone AFC Framework feature removed -->
Data Attributes
data-aelia-wc-afc-ajax-actiondata-aelia-wc-afc-ajax-urldata-aelia-wc-afc-home-urldata-aelia-wc-afc-wp-nonce
JS Globals
window.aelia_afc_admin_params
FAQ

Frequently Asked Questions about EU VAT Assistant for WooCommerce