Does ShipStation for WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in ShipStation for WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is ShipStation for WooCommerce compatible with WordPress 6.9.4?

According to WordPress.org data, ShipStation for WooCommerce 4.9.5 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is ShipStation for WooCommerce compatible with PHP 7.4+?

ShipStation for WooCommerce requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is ShipStation for WooCommerce updated?

ShipStation for WooCommerce was last updated on Mar 9, 2026. Frequent updates are generally a positive security signal.

What is ShipStation for WooCommerce's security score?

ShipStation for WooCommerce has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

ShipStation for WooCommerce Security & Risk Analysis

wordpress.org/plugins/woocommerce-shipstation-integration

Power your entire shipping operation from one platform.

30K active installs v4.9.5 PHP 7.4+ WP 6.8+ Updated Mar 9, 2026

automatticshippingwoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is ShipStation for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

ShipStation for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 24d ago

Risk Assessment

The plugin 'woocommerce-shipstation-integration' v4.9.7 exhibits a strong security posture based on the provided static analysis and vulnerability history. The absence of any known CVEs, critical taint flows, or direct SQL injection vulnerabilities is a significant strength. The plugin demonstrates good security practices with comprehensive nonce and capability checks for all its identified AJAX entry points, and a high percentage of properly escaped outputs. The lack of dangerous functions and external HTTP requests further contributes to its security. However, a minor concern could be the presence of file operations, though the static analysis doesn't indicate any unsanitized paths related to them. Overall, this plugin appears to be well-secured and responsibly developed.

Vulnerabilities

None known

ShipStation for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

ShipStation for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

3 prepared

Unescaped Output

93 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared3 total queries

Output Escaping

94% escaped99 total outputs

Data Flows

All sanitized

Data Flow Analysis

1 flows

<class-checkout> (includes\class-checkout.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

ShipStation for WooCommerce Attack Surface

Entry Points6

Unprotected0

AJAX Handlers 6

authwp_ajax_shipstation_get_auth_dataincludes\class-auth-controller.php:36

authwp_ajax_shipstation_generate_new_keysincludes\class-auth-controller.php:37

authwp_ajax_shipstation_save_field_valueincludes\class-checkout.php:61

noprivwp_ajax_shipstation_save_field_valueincludes\class-checkout.php:62

authwp_ajax_shipstation_load_field_valuesincludes\class-checkout.php:63

noprivwp_ajax_shipstation_load_field_valuesincludes\class-checkout.php:64

WordPress Hooks 40

filterwoocommerce_is_attribute_in_product_nameincludes\api\requests\class-wc-shipstation-api-export.php:437

filterwoocommerce_is_attribute_in_product_nameincludes\api\rest\class-orders-controller.php:1200

actionwoocommerce_api_wc_shipstationincludes\api\rest\class-orders-controller.php:1716

actionadmin_enqueue_scriptsincludes\class-auth-controller.php:57

actionadmin_footerincludes\class-auth-controller.php:58

filterwoocommerce_checkout_fieldsincludes\class-checkout.php:45

filterwoocommerce_form_field_checkboxincludes\class-checkout.php:46

actionwp_enqueue_scriptsincludes\class-checkout.php:47

actionwoocommerce_checkout_processincludes\class-checkout.php:48

actionwoocommerce_checkout_update_order_metaincludes\class-checkout.php:49

filterwoocommerce_admin_shipping_fieldsincludes\class-checkout.php:50

actionwoocommerce_thankyouincludes\class-checkout.php:51

actionwoocommerce_initincludes\class-checkout.php:52

filterwoocommerce_filter_fields_for_order_confirmationincludes\class-checkout.php:53

actionwoocommerce_shipping_initincludes\class-checkout.php:54

actionwoocommerce_blocks_validate_location_order_fieldsincludes\class-checkout.php:55

actionwoocommerce_store_api_checkout_update_order_from_requestincludes\class-checkout.php:56

actionwoocommerce_store_api_checkout_update_order_metaincludes\class-checkout.php:57

actionwoocommerce_email_customer_detailsincludes\class-checkout.php:58

actionplugins_loadedincludes\class-main.php:50

filterwoocommerce_integrationsincludes\class-main.php:51

actionwoocommerce_api_wc_shipstationincludes\class-main.php:52

actionbefore_woocommerce_initincludes\class-main.php:54

actionadmin_noticesincludes\class-main.php:76

actionbefore_woocommerce_initincludes\class-main.php:86

actionwoocommerce_initincludes\class-main.php:87

filtercomments_clausesincludes\class-order-util.php:352

actionrest_api_initincludes\class-rest-api-loader.php:41

filterwoocommerce_rest_api_get_rest_namespacesincludes\class-rest-api-loader.php:42

actionwoocommerce_update_options_integration_shipstationincludes\class-wc-shipstation-integration.php:183

filterwoocommerce_subscriptions_renewal_order_meta_queryincludes\class-wc-shipstation-integration.php:184

actionwp_loadedincludes\class-wc-shipstation-integration.php:185

filterwoocommerce_translations_updates_for_woocommerce_shipstation_integrationincludes\class-wc-shipstation-integration.php:186

actionwoocommerce_shipstation_get_orders_before_process_requestincludes\class-wc-shipstation-integration.php:187

actionwoocommerce_shipstation_get_orders_before_process_requestincludes\class-wc-shipstation-integration.php:188

actionadmin_enqueue_scriptsincludes\class-wc-shipstation-integration.php:196

actionadmin_noticesincludes\class-wc-shipstation-integration.php:197

filterwoocommerce_order_query_argsincludes\class-wc-shipstation-integration.php:201

filterwoocommerce_order_data_store_cpt_get_orders_queryincludes\class-wc-shipstation-integration.php:202

filterwoocommerce_shipstation_diagnostics_controller_get_detailsincludes\class-wc-shipstation-integration.php:203

Maintenance & Trust

ShipStation for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 9, 2026

PHP min version7.4

Downloads1.9M

Community Trust

Rating66/100

Number of ratings13

Active installs30K

Alternatives

ShipStation for WooCommerce Alternatives

Weight Based Shipping Table Rate for WooCommerce – Flexible Shipping

flexible-shipping

Weight based shipping methods for WooCommerce. Flexible shipping with table rate rules by cart weight and order value. Accurate rates at checkout.

100K 2 CVEs

WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes & Shipping Labels

print-invoices-packing-slip-labels-for-woocommerce

Auto-generate and attach WooCommerce PDF invoices and packing slips to order emails with customizable templates & bulk print options.

60K 6 CVEs

Weight Based Shipping for WooCommerce

weight-based-shipping-for-woocommerce

100

Weight Based Shipping is a flexible and widely-used solution to calculate shipping costs based on the total cart weight and value.

60K 1 CVE

Advanced Shipment Tracking for WooCommerce

woo-advanced-shipment-tracking

Add shipment tracking info to WooCommerce orders, send tracking numbers to customers via email, and let them track deliveries from My Account.

60K 2 CVEs

WooCommerce Shipping

woocommerce-shipping

100

A free shipping plugin for US merchants to print discounted shipping labels and compare live label rates directly from your WooCommerce dashboard.

60K No CVEs

Developer Profile

ShipStation for WooCommerce Developer Profile

WooCommerce

36 plugins · 4.7M total installs

trust score

Avg Security Score

96/100

Avg Patch Time

234 days

View full developer profile

Detection Fingerprints

How We Detect ShipStation for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/woocommerce-shipstation-integration/assets/css/auth-display.css/wp-content/plugins/woocommerce-shipstation-integration/assets/js/auth-display.js

Version Parameters

/woocommerce-shipstation-integration/assets/css/auth-display.css?ver=/woocommerce-shipstation-integration/assets/js/auth-display.js?ver=

HTML / DOM Fingerprints

Data Attributes

data-shipstation-auth-modaldata-shipstation-copy-buttondata-shipstation-show-hide-buttondata-shipstation-api-key-id

JS Globals

wc_shipstation_auth_params

FAQ