Does Shipping Gateway Per Product for WooCommerce have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Shipping Gateway Per Product for WooCommerce compatible with WordPress 6.9.4?

According to WordPress.org data, Shipping Gateway Per Product for WooCommerce 2.7.6 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Shipping Gateway Per Product for WooCommerce compatible with PHP 7.4+?

Shipping Gateway Per Product for WooCommerce requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

What is Shipping Gateway Per Product for WooCommerce's security score?

Shipping Gateway Per Product for WooCommerce has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Shipping Gateway Per Product for WooCommerce Security & Risk Analysis

wordpress.org/plugins/woocommerce-shipping-gateway-per-product

Take full control of your WooCommerce shipping by assigning gateways per product, category, tag, or mixed cart.

100 active installs v2.7.6 PHP 7.4+ WP 5.8+ Updated Apr 9, 2026

product-shippingshippingshipping-gatewayshipping-methodswoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Shipping Gateway Per Product for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Shipping Gateway Per Product for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The plugin exhibits a concerning security posture due to its unprotected AJAX endpoints, which represent its entire attack surface. While the plugin does not appear to have a history of known vulnerabilities, this is overshadowed by the immediate risks identified in the static analysis. The presence of two AJAX handlers without any authentication checks is a significant oversight, potentially allowing unauthenticated users to trigger plugin functionality. Furthermore, the extremely low percentage of properly escaped output (3%) indicates a high likelihood of Cross-Site Scripting (XSS) vulnerabilities, as user-supplied data might be directly rendered without adequate sanitization. Although there are no raw SQL queries and taint analysis shows no critical or high severity flows, the lack of output escaping and unprotected AJAX handlers are critical weaknesses. The bundled Freemius library, while common, should also be monitored for potential vulnerabilities. Overall, while the absence of known historical vulnerabilities is positive, the current code analysis reveals significant and immediate security risks that require urgent attention.

Key Concerns

AJAX handlers without authentication
Low percentage of properly escaped output
Bundled Freemius v1.0 library

Vulnerabilities

None known

Shipping Gateway Per Product for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Shipping Gateway Per Product for WooCommerce Release Timeline

v2.7.6Current

v2.7.0

v2.5.8

v2.5.7

v2.5.5

v2.5.4

v2.5.3

v2.5.2

v2.5.1

v2.5.0

v2.4.2

v2.4.1

v2.4.0

v2.3.5

v2.3.4

v2.3.3

v2.3.2

v2.3.1

v2.3.0

v2.2.0

Code Analysis

Analyzed Mar 16, 2026

Shipping Gateway Per Product for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

1 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Freemius1.0

Output Escaping

3% escaped36 total outputs

Data Flows · Security

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

wpsf_quick_edit (inc\quick_bulk_edit_patch.php:52)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

Shipping Gateway Per Product for WooCommerce Attack Surface

Entry Points2

Unprotected2

AJAX Handlers 2

authwp_ajax_wpsf_quick_editinc\quick_bulk_edit_patch.php:49

noprivwp_ajax_wpsf_quick_editinc\quick_bulk_edit_patch.php:50

WordPress Hooks 28

actionwoocommerce_product_quick_edit_endinc\quick_bulk_edit_patch.php:5

actionwoocommerce_product_bulk_edit_endinc\quick_bulk_edit_patch.php:15

actionwoocommerce_product_quick_edit_saveinc\quick_bulk_edit_patch.php:23

actionwoocommerce_product_bulk_edit_saveinc\quick_bulk_edit_patch.php:24

actionadmin_head-edit.phpinc\quick_bulk_edit_patch.php:62

filteradmin_footer_textinc\settings.php:6

filterupdate_footerinc\settings.php:7

filteradmin_footer_textinc\settings.php:72

filterupdate_footerinc\settings.php:73

filteradmin_footer_textinc\settings.php:96

filterupdate_footerinc\settings.php:97

filteradmin_footer_textinc\settings.php:142

filterupdate_footerinc\settings.php:143

filteradmin_footer_textinc\settings.php:153

filterupdate_footerinc\settings.php:154

filteradmin_footer_textinc\settings.php:176

filterupdate_footerinc\settings.php:177

actionbefore_woocommerce_initwoocommerce-product-shippings.php:28

filterhide_account_tabswoocommerce-product-shippings.php:95

actionadmin_initwoocommerce-product-shippings.php:126

actionadd_meta_boxeswoocommerce-product-shippings.php:170

actionsave_postwoocommerce-product-shippings.php:260

actionadmin_headwoocommerce-product-shippings.php:402

filterwoocommerce_shipping_packageswoocommerce-product-shippings.php:458

filtersoftsdev_show_disabled_shippingswoocommerce-product-shippings.php:459

actionwp_headwoocommerce-product-shippings.php:484

actionadmin_menuwoocommerce-product-shippings.php:485

actionadmin_enqueue_scriptswoocommerce-product-shippings.php:507

Maintenance & Trust

Shipping Gateway Per Product for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedApr 9, 2026

PHP min version7.4

Downloads59K

Community Trust

Rating76/100

Number of ratings10

Active installs100

Alternatives

Shipping Gateway Per Product for WooCommerce Alternatives

WC Hide Shipping Methods

wc-hide-shipping-methods

100

This plugin automatically hides all other shipping methods when "Free Shipping" is available, while allowing you to retain "Local Picku …

20K No CVEs

Hide Shipping Method For WooCommerce

hide-shipping-method-for-woocommerce

Allows store owners to hide shipping methods based on specific conditions!

10K 1 CVE

ELEX Hide WooCommerce Shipping Methods

elex-hide-woocommerce-shipping-methods-basic

100

The ELEX Hide WooCommerce Shipping Methods is a free plugin allows you to hide certain shipping methods based on shipping class, order weight, other e …

1K No CVEs

bpost shipping

bpost-shipping

This plugin allows customers to choose their preferred Belgian bpost delivery method when ordering in your Woocommerce webshop.

800 No CVEs

WC Hide Shipping Methods Except Pont

wc-hide-shipping-methods-except-pont

This plugin automatically hides all other shipping methods when “free shipping” is available.

300 No CVEs

Developer Profile

Shipping Gateway Per Product for WooCommerce Developer Profile

dreamfox

6 plugins · 410 total installs

trust score

Avg Security Score

94/100

Avg Patch Time

87 days

View full developer profile

Detection Fingerprints

How We Detect Shipping Gateway Per Product for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/woocommerce-shipping-gateway-per-product/freemius/start.php/wp-content/plugins/woocommerce-shipping-gateway-per-product/inc/quick_bulk_edit_patch.php/wp-content/plugins/woocommerce-shipping-gateway-per-product/inc/settings.php

HTML / DOM Fingerprints

CSS Classes

wps-shipping-form

Data Attributes

data-zone-iddata-method-id

JS Globals

dfm_sgppfw_fs

FAQ