Does Quaderno: Global Tax & Invoicing Automation for WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in Quaderno: Global Tax & Invoicing Automation for WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Quaderno: Global Tax & Invoicing Automation for WooCommerce compatible with WordPress 6.9.4?

According to WordPress.org data, Quaderno: Global Tax & Invoicing Automation for WooCommerce 2.7.13 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Quaderno: Global Tax & Invoicing Automation for WooCommerce compatible with PHP 7.4+?

Quaderno: Global Tax & Invoicing Automation for WooCommerce requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

Quaderno: Global Tax & Invoicing Automation for WooCommerce Security & Risk Analysis

wordpress.org/plugins/woocommerce-quaderno

Automate global tax calculations and compliant invoicing for WooCommerce. Handle sales tax, VAT, GST worldwide with instant reports.

400 active installs v2.7.13 PHP 7.4+ WP 5.0+ Updated Dec 31, 2025

gstsales-taxticketbaivatverifactu

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Quaderno: Global Tax & Invoicing Automation for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Quaderno: Global Tax & Invoicing Automation for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago

Risk Assessment

The woocommerce-quaderno v2.7.13 plugin demonstrates a generally good security posture, with no known vulnerabilities or critical taint analysis findings. The code analysis reveals a minimal attack surface, consisting of a single AJAX handler that, importantly, appears to be protected by a nonce check and capability check. The plugin also shows strong practices in using prepared statements for SQL queries and proper output escaping for most outputs.

However, there are areas for improvement. The presence of the `unserialize` function is a significant concern, as it can lead to remote code execution if used with untrusted data. While the static analysis did not reveal any active taint flows related to this function, its mere presence represents a potential risk that requires careful handling and strict input validation. Furthermore, the absence of capability checks on the single AJAX handler, despite the nonce check, is a weakness that could be exploited if the nonce mechanism were to be bypassed.

Key Concerns

Unsanitized unserialize function found
Missing capability checks on AJAX handler

Vulnerabilities

None known

Quaderno: Global Tax & Invoicing Automation for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Quaderno: Global Tax & Invoicing Automation for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

12 prepared

Unescaped Output

86 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$document = unserialize(sprintf(quaderno\quaderno_transaction.php:20

SQL Query Safety

92% prepared13 total queries

Output Escaping

92% escaped93 total outputs

Attack Surface

Quaderno: Global Tax & Invoicing Automation for WooCommerce Attack Surface

Entry Points1

Unprotected0

AJAX Handlers 1

authwp_ajax_dismiss_quaderno_alertclasses\class-wc-qd-alerts.php:21

WordPress Hooks 52

actionadmin_noticesclasses\class-wc-qd-alerts.php:17

actionadmin_enqueue_scriptsclasses\class-wc-qd-alerts.php:20

actionwoocommerce_before_calculate_totalsclasses\class-wc-qd-checkout-manager.php:15

actionwoocommerce_checkout_update_order_reviewclasses\class-wc-qd-checkout-manager.php:19

actionwoocommerce_checkout_processclasses\class-wc-qd-checkout-manager.php:22

filterwoocommerce_ajax_calc_line_taxesclasses\class-wc-qd-checkout-manager.php:25

actionwoocommerce_refund_createdclasses\class-wc-qd-credit-manager.php:10

actionplugins_loadedclasses\class-wc-qd-integration.php:32

actionwoocommerce_update_options_integration_quadernoclasses\class-wc-qd-integration.php:33

actionadmin_noticesclasses\class-wc-qd-integration.php:34

filterwoocommerce_adjust_non_base_location_pricesclasses\class-wc-qd-integration.php:41

actionadmin_noticesclasses\class-wc-qd-integration.php:45

actionwoocommerce_payment_completeclasses\class-wc-qd-invoice-manager.php:10

actionwoocommerce_order_status_completedclasses\class-wc-qd-invoice-manager.php:11

actionwp_enqueue_scriptsclasses\class-wc-qd-order-manager.php:10

filterwoocommerce_my_account_my_orders_actionsclasses\class-wc-qd-order-manager.php:11

actionwoocommerce_order_details_after_order_tableclasses\class-wc-qd-order-manager.php:12

actionwoocommerce_order_details_after_customer_addressclasses\class-wc-qd-order-manager.php:13

actionwoocommerce_admin_order_data_after_billing_addressclasses\class-wc-qd-order-manager.php:14

filterwoocommerce_email_order_meta_fieldsclasses\class-wc-qd-order-manager.php:15

actionwoocommerce_admin_status_content_quadernoclasses\class-wc-qd-status.php:14

filterwoocommerce_admin_status_tabsclasses\class-wc-qd-status.php:15

filterwcs_new_order_createdclasses\class-wc-qd-subscription-manager.php:15

actionwoocommerce_product_options_taxclasses\class-wc-qd-tax-code-field.php:27

actionwoocommerce_process_product_metaclasses\class-wc-qd-tax-code-field.php:28

actionwoocommerce_product_quick_edit_endclasses\class-wc-qd-tax-code-field.php:31

actionwoocommerce_product_quick_edit_saveclasses\class-wc-qd-tax-code-field.php:32

actionmanage_product_posts_custom_columnclasses\class-wc-qd-tax-code-field.php:33

actionwoocommerce_after_checkout_billing_formclasses\class-wc-qd-tax-id-field.php:17

actionwoocommerce_checkout_update_order_metaclasses\class-wc-qd-tax-id-field.php:18

actionwoocommerce_after_checkout_validationclasses\class-wc-qd-tax-id-field.php:19

filterwoocommerce_form_fieldclasses\class-wc-qd-tax-id-field.php:21

filterwoocommerce_default_address_fieldsclasses\class-wc-qd-tax-id-field.php:22

filterwoocommerce_customer_meta_fieldsclasses\class-wc-qd-tax-id-field.php:23

filterwoocommerce_product_get_tax_classclasses\class-wc-qd-tax-manager.php:28

filterwoocommerce_product_variation_get_tax_classclasses\class-wc-qd-tax-manager.php:29

actionwoocommerce_checkout_create_order_line_itemclasses\class-wc-qd-tax-manager.php:30

actionwoocommerce_checkout_create_order_fee_itemclasses\class-wc-qd-tax-manager.php:31

actionwoocommerce_checkout_create_order_shipping_itemclasses\class-wc-qd-tax-manager.php:32

actionwoocommerce_checkout_create_order_tax_itemclasses\class-wc-qd-tax-manager.php:33

filterwoocommerce_find_ratesclasses\class-wc-qd-tax-manager.php:36

filterwoocommerce_rate_codeclasses\class-wc-qd-tax-manager.php:39

filterwoocommerce_rate_labelclasses\class-wc-qd-tax-manager.php:42

filterwoocommerce_debug_toolsclasses\class-wc-qd-tools.php:8

filterwoocommerce_debug_toolsclasses\class-wc-qd-tools.php:9

filterwoocommerce_debug_toolsclasses\class-wc-qd-tools.php:10

actionadmin_noticeswoocommerce-quaderno.php:83

filterwoocommerce_integrationswoocommerce-quaderno.php:200

actionwp_enqueue_scriptswoocommerce-quaderno.php:203

actionadmin_enqueue_scriptswoocommerce-quaderno.php:204

actionplugins_loadedwoocommerce-quaderno.php:287

actionbefore_woocommerce_initwoocommerce-quaderno.php:290

Maintenance & Trust

Quaderno: Global Tax & Invoicing Automation for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 31, 2025

PHP min version7.4

Downloads67K

Community Trust

Rating94/100

Number of ratings18

Active installs400

Alternatives

Quaderno: Global Tax & Invoicing Automation for WooCommerce Alternatives

Quaderno for EDD

edd-quaderno

100

Automate global tax calculations and compliant invoicing for Easy Digital Downloads. Handle sales tax, VAT, GST worldwide with instant reports.

40 No CVEs

WooCommerce Tax (formerly WooCommerce Shipping & Tax)

woocommerce-services

100

We’re here to help with tax rates: collect accurate sales tax, automatically.

600K 1 CVE

Rename VAT to GST for WooCommerce

rename-vat-to-gst-for-woocommerce

100

Replaces VAT and Tax terminology with GST throughout WooCommerce (emails, cart, checkout, admin, order pages).

200 No CVEs

FacturaONE para WooCommerce con VeriFactu

wp-facturaone

100

Conecta tu WooCommerce con el ERP FacturaONE ERP y gestiona ventas, stock y facturas en tiempo real. Compatible con VeriFactu 2026 y TicketBAI.

30 No CVEs

Anrok Tax for WooCommerce

anrok-tax

100

Complete sales tax automation for WooCommerce stores, from nexus monitoring to remittance. Connect in minutes, file on autopilot.

0 No CVEs

Developer Profile

Quaderno: Global Tax & Invoicing Automation for WooCommerce Developer Profile

polimorfico

2 plugins · 440 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Quaderno: Global Tax & Invoicing Automation for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/woocommerce-quaderno/assets/js/checkout.js/wp-content/plugins/woocommerce-quaderno/assets/js/products.js

Script Paths