Does POP – Free European electronic invoicing for e-commerce (ex-WooPop) have any unpatched vulnerabilities?

No. All known vulnerabilities in POP – Free European electronic invoicing for e-commerce (ex-WooPop) have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is POP – Free European electronic invoicing for e-commerce (ex-WooPop) compatible with WordPress 6.9.4?

According to WordPress.org data, POP – Free European electronic invoicing for e-commerce (ex-WooPop) 6.8.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

POP – Free European electronic invoicing for e-commerce (ex-WooPop) Security & Risk Analysis

wordpress.org/plugins/woopop-electronic-invoice-free

Automate European e-invoicing for e-commerce: generate XML & PDF invoices, send via SdI and PEPPOL, manage compliance with API credits.

100 active installs v6.8.0 PHP 5.6+ WP 4.6+ Updated Mar 13, 2026

e-invoicingfattura-elettronicafattura-xmlfatturazione-elettronicafatture

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is POP – Free European electronic invoicing for e-commerce (ex-WooPop) Safe to Use in 2026?

Generally Safe

Score 100/100

POP – Free European electronic invoicing for e-commerce (ex-WooPop) has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 22d ago

Risk Assessment

The "woopop-electronic-invoice-free" plugin v6.8.0 demonstrates a generally strong security posture with many good practices in place. The static analysis shows that all identified entry points (AJAX handlers and REST API routes) are protected by authentication checks, which is a significant positive. Furthermore, all SQL queries utilize prepared statements, and a robust number of nonce and capability checks are implemented, indicating a proactive approach to secure coding. The absence of any recorded vulnerabilities, including critical or high severity ones, and no known CVEs, is also a strong indicator of a well-maintained and secure plugin.

Key Concerns

Potential risk from unserialize usage
High number of unsanitized flows
Significant file operation count
High volume of external HTTP requests
Significant percentage of unescaped outputs

Vulnerabilities

None known

POP – Free European electronic invoicing for e-commerce (ex-WooPop) Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

POP – Free European electronic invoicing for e-commerce (ex-WooPop) Code Analysis

Dangerous Functions

Raw SQL Queries

21 prepared

Unescaped Output

220

816 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserializereturn (!is_null($s)) ? unserialize($s) : null;src\Functions\NuSoap.php:8482

Bundled Libraries

Guzzle

SQL Query Safety

100% prepared21 total queries

Output Escaping

79% escaped1036 total outputs

Data Flows

9 unsanitized

Data Flow Analysis

17 flows9 with unsanitized paths

pageTab (src\Admin\Settings\OptionPage.php:825)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

POP – Free European electronic invoicing for e-commerce (ex-WooPop) Attack Surface

Entry Points3

Unprotected0

AJAX Handlers 2

authwp_ajax_integration_save_optionsrc\Integrations.php:348

authwp_ajax_wizard_config_getsrc\Wizard.php:77

REST API Routes 1

GET/wp-json/pop-wp/v1/invoice/(?P<order_id>\d+)inc\wc\filtersFront.php:130

WordPress Hooks 106

filterwc_el_inv-billing_fieldsaddon\for\cozmos\inc\billingFields.php:290

filterwc_el_inv-filtersaddon\for\cozmos\inc\filters.php:161

filterwc_el_inv-filters_adminaddon\for\cozmos\inc\filtersAdmin.php:172

filterwc_el_inv-filters_frontaddon\for\cozmos\inc\filtersFront.php:248

actioninitaddon\for\cozmos\index.php:42

filterwc_el_inv-billing_fieldsaddon\for\pmpro\inc\billingFields.php:292

filterwc_el_inv-filters_adminaddon\for\pmpro\inc\filtersAdmin.php:505

filterwc_el_inv-filtersaddon\for\pmpro\inc\filtersAjax.php:59

filterwc_el_inv-filtersaddon\for\pmpro\inc\filtersAlways.php:325

filterwc_el_inv-filters_frontaddon\for\pmpro\inc\filtersFront.php:413

actionpmpro_after_order_settings_tableaddon\for\pmpro\inc\snippets\billing-fields-in-order.php:5

actionadmin_initaddon\for\pmpro\inc\snippets\billing-fields.php:184

actionpmpro_checkout_boxesaddon\for\pmpro\inc\snippets\billing-fields.php:190

actionpmpro_checkout_after_payment_information_fieldsaddon\for\pmpro\inc\snippets\billing-fields.php:211

filterpmpro_custom_advanced_settingsaddon\for\pmpro\inc\snippets\council-directive-2006-112-ec.php:18

filterpmpro_format_priceaddon\for\pmpro\inc\snippets\council-directive-2006-112-ec.php:55

filterpmpro_taxaddon\for\pmpro\inc\snippets\council-directive-2006-112-ec.php:56

filterpmpro_vat_by_countryaddon\for\pmpro\inc\snippets\council-directive-2006-112-ec.php:57

filterpmprovat_hide_vat_if_same_countryaddon\for\pmpro\inc\snippets\council-directive-2006-112-ec.php:62

actioninitaddon\for\pmpro\inc\snippets\council-directive-2006-112-ec.php:65

actioninitaddon\for\pmpro\index.php:44

actioninitaddon\to\aruba\index.php:107

filterwoocommerce_email_attachmentsaddon\to\aruba\src\Functions\Api.php:801

actionwc_el_inv-before_closing_settings_formaddon\to\aruba\src\Functions\Utils.php:255

actiontwiceDailyWooPoPToFattureArubaJobsScheduledUploadaddon\to\aruba\src\Jobs.php:318

actioninitaddon\to\fattureincloud\index.php:94

filterwoocommerce_email_attachmentsaddon\to\fattureincloud\src\Functions\Api.php:3052

actionwc_el_inv-before_closing_settings_formaddon\to\fattureincloud\src\Functions\Utils.php:255

actiontwiceDailyWooPoPToFattureInCloudJobsScheduledUploadaddon\to\fattureincloud\src\Jobs.php:532

filterwfc-oauth_flow_after_defined_access_permissionaddon\to\fattureincloud-receipts\index.php:63

actionwfc-create_invoiceaddon\to\fattureincloud-receipts\index.php:75

filterwfc-create_invoice_messageaddon\to\fattureincloud-receipts\index.php:136

filterwfc-create_invoice_codeaddon\to\fattureincloud-receipts\index.php:160

filterwfc-create_invoice_extra_resultaddon\to\fattureincloud-receipts\index.php:170

actionwfc-delete_receiptaddon\to\fattureincloud-receipts\index.php:180

filterwfc-delete_receipt_messageaddon\to\fattureincloud-receipts\index.php:202

actioninitaddon\to\fattureincloud-receipts\index.php:226

actioninitaddon\to\fattureincloud-stock\index.php:86

actioninitaddon\to\sdi-pec\index.php:96

actionwc_el_inv-before_closing_settings_formaddon\to\sdi-pec\src\Functions\Utils.php:384

actiontwiceDailyWooPoPToSdIPecJobsScheduledUploadaddon\to\sdi-pec\src\Jobs.php:292

actionwc_el_inv-plugin_header_noticeinc\filtersAdmin.php:350

actionwc_el_inv-after_settings_forminc\settings\pageSettingsFields.php:768

actionwc_el_inv-page_setting_provider_integration_fieldsinc\settings\pageSettingsFields.php:1851

filterwc_el_inv-billing_fieldsinc\wc\billingFields.php:309

filterwc_el_inv-filtersinc\wc\filters.php:341

filterwc_el_inv-filters_admininc\wc\filtersAdmin.php:403

filterwc_el_inv-xml_data_filterinc\wc\filtersFront.php:254

filterwc_el_inv-filters_frontinc\wc\filtersFront.php:389

filterwc_el_inv-scripts_listinc\wc\scripts.php:67

actionwc_el_inv-page_setting_section_invoiceinc\wc\settings\pageSettingsFields.php:34

actionwc_el_inv-page_setting_provider_integration_navinc\wc\settings\pageSettingsFields.php:171

actionwc_el_inv-page_setting_provider_integration_fieldsinc\wc\settings\pageSettingsFields.php:186

filterwc_el_inv-page_settings_tabinc\wc\settings\pageSettingsTabs.php:47

actionadmin_noticesindex.php:67

actionadmin_noticesindex.php:83

actioninitindex.php:110

actionbefore_woocommerce_initindex.php:172

actioncurrent_screenindex.php:189

actiontemplate_redirectindex.php:200

actioninitindex.php:212

actioninitindex.php:217

actionwc_el_inv-after_settings_formsrc\Admin\Settings\Fields\XmlOrdersList.php:69

actionwc_el_inv-plugin_header_noticesrc\Admin\Settings\OptionPage.php:912

filterwoocommerce_order_data_store_cpt_get_orders_querysrc\Admin\XmlOrderListTable.php:1391

actionwc_el_inv-plugin_header_noticesrc\Connection.php:63

actionwc_el_inv-plugin_header_license_infosrc\Connection.php:71

actionwc_el_inv-plugin_header_license_infosrc\Connection.php:85

filterwp_delete_filesrc\Functions\CloudApi.php:583

filterwoocommerce_get_tax_locationsrc\Functions\Utils.php:778

filterwc_el_inv-params_filter_before_api_requestsrc\Functions\Webhooks.php:216

actioninitsrc\Integrations.php:347

actionwc_el_inv-after_initsrc\Integrations.php:349

filterwc_el_inv-params_filter_before_api_requestsrc\InvoiceApi.php:598

filterwc_el_inv-params_filter_before_api_requestsrc\PeppolApi.php:476

actionwc_el_inv-after_settings_formsrc\Wizard.php:76

actionwoocommerce_order_status_completed_notificationsrc\WooCommerce\Emails\InvoicePdfCompletedOrder.php:62

actionwoocommerce_order_status_completed_notificationsrc\WooCommerce\Emails\InvoiceXmlCompletedOrder.php:62

actionwoocommerce_order_status_completed_notificationsrc\WooCommerce\Emails\ReceiptPdfCompletedOrder.php:56

actionwoocommerce_package_ratessrc\WooCommerce\Fields\InvoiceFields.php:2389

actionwoocommerce_cart_totals_get_fees_from_cart_taxessrc\WooCommerce\Fields\InvoiceFields.php:2407

filterwoocommerce_product_get_tax_classsrc\WooCommerce\Fields\InvoiceFields.php:2421

filterwoocommerce_product_variation_get_tax_classsrc\WooCommerce\Fields\InvoiceFields.php:2440

actionwoocommerce_package_ratessrc\WooCommerce\Fields\InvoiceFields.php:2577

actionwoocommerce_cart_totals_get_fees_from_cart_taxessrc\WooCommerce\Fields\InvoiceFields.php:2598

filterwoocommerce_product_get_tax_classsrc\WooCommerce\Fields\InvoiceFields.php:2613

filterwoocommerce_product_variation_get_tax_classsrc\WooCommerce\Fields\InvoiceFields.php:2634

filterwoocommerce_calculated_totalsrc\WooCommerce\Fields\InvoiceFields.php:2656

filterwoocommerce_cart_totals_order_total_htmlsrc\WooCommerce\Fields\InvoiceFields.php:2660

filterwoocommerce_blocks_checkout_process_additional_fieldssrc\WooCommerce\Fields\InvoiceFields.php:3189

actionwp_enqueue_scriptssrc\WooCommerce\Fields\InvoiceFields.php:3265

actionenqueue_block_editor_assetssrc\WooCommerce\Fields\InvoiceFields.php:3275

actionwoocommerce_store_api_cart_errorssrc\WooCommerce\Fields\InvoiceFields.php:3291

actionwoocommerce_store_api_checkout_update_order_from_requestsrc\WooCommerce\Fields\InvoiceFields.php:3327

filterwoocommerce_checkout_posted_datasrc\WooCommerce\Fields\InvoiceFields.php:3603

filterwoocommerce_checkout_posted_datasrc\WooCommerce\Fields\InvoiceFields.php:3622

filterwoocommerce_checkout_posted_datasrc\WooCommerce\Fields\InvoiceFields.php:3784

filterwoocommerce_checkout_posted_datasrc\WooCommerce\Fields\InvoiceFields.php:3838

filterwoocommerce_checkout_posted_datasrc\WooCommerce\Fields\InvoiceFields.php:3884

filterwoocommerce_checkout_posted_datasrc\WooCommerce\Fields\InvoiceFields.php:4012

filterwoocommerce_checkout_posted_datasrc\WooCommerce\Fields\InvoiceFields.php:4031

filterwoocommerce_checkout_posted_datasrc\WooCommerce\Fields\InvoiceFields.php:4172

filterwoocommerce_checkout_posted_datasrc\WooCommerce\Fields\InvoiceFields.php:4212

filterwoocommerce_checkout_posted_datasrc\WooCommerce\Fields\InvoiceFields.php:4236

filterwoocommerce_checkout_posted_datasrc\WooCommerce\Fields\InvoiceFields.php:4447

filterplugin_localesrc\Xml\CreateXml.php:3429

Scheduled Events 5

twiceDailyWooPoPToFattureArubaJobsScheduledUpload

twiceDailyWooPoPToFattureInCloudJobsScheduledUpload

popSdiPec_send_password_expiry_email_7_days

popSdiPec_send_password_expiry_email_1_day

twiceDailyWooPoPToSdIPecJobsScheduledUpload

Maintenance & Trust

POP – Free European electronic invoicing for e-commerce (ex-WooPop) Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 13, 2026

PHP min version5.6

Downloads13K

Community Trust

Rating98/100

Number of ratings14

Active installs100

Alternatives

POP – Free European electronic invoicing for e-commerce (ex-WooPop) Alternatives

WFatture for WooCommerce Fattureincloud

woo-fattureincloud

WooCommerce Fattureincloud by Woofatture trasforma gli ordini in fatture su fattureincloud.it WFatture for WooCommerce Fattureincloud

800 1 CVE

FreeInvoice API

freeinvoice-api

Plugin di FreeInvoice per la fatturazione elettronica con WooCommerce.

10 No CVEs

WooCompany015

woocompany015

100

Plugin ufficiale WooCompany015, attiva l'integrazione degli ordini ricevuti sul sito WooCommerce con il gestionale COMPANY015 https://www.

0 No CVEs

Fattura24

fattura24

100

The official Fattura24 plugin allows the creation of electronic invoices, orders, traditional invoices and receipts via Fattura24

500 1 CVE

Easy Fattura Elettronica FREE

easy-fattura-elettronica-free

100

Compatibile con la versione 1.7.1 delle specifiche tecniche dell'Agenzia delle Entrate in vigore dal 1° ottobre 2022.

100 No CVEs

Developer Profile

POP – Free European electronic invoicing for e-commerce (ex-WooPop) Developer Profile

POP

1 plugin · 100 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect POP – Free European electronic invoicing for e-commerce (ex-WooPop)

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/woopop-electronic-invoice-free/assets/css/frontend.css/wp-content/plugins/woopop-electronic-invoice-free/assets/js/frontend.js/wp-content/plugins/woopop-electronic-invoice-free/assets/css/backend.css/wp-content/plugins/woopop-electronic-invoice-free/assets/js/backend.js/wp-content/plugins/woopop-electronic-invoice-free/assets/js/vendors/cropper.min.js/wp-content/plugins/woopop-electronic-invoice-free/assets/js/vendors/tinymce/tinymce.min.js/wp-content/plugins/woopop-electronic-invoice-free/assets/js/woo-fields.js/wp-content/plugins/woopop-electronic-invoice-free/assets/js/admin-notices.js+2 more

Script Paths

/wp-content/plugins/woopop-electronic-invoice-free/assets/js/frontend.js/wp-content/plugins/woopop-electronic-invoice-free/assets/js/backend.js/wp-content/plugins/woopop-electronic-invoice-free/assets/js/vendors/cropper.min.js/wp-content/plugins/woopop-electronic-invoice-free/assets/js/vendors/tinymce/tinymce.min.js/wp-content/plugins/woopop-electronic-invoice-free/assets/js/woo-fields.js/wp-content/plugins/woopop-electronic-invoice-free/assets/js/admin-notices.js+2 more

Version Parameters

woopop-electronic-invoice-free/assets/css/frontend.css?ver=woopop-electronic-invoice-free/assets/js/frontend.js?ver=woopop-electronic-invoice-free/assets/css/backend.css?ver=woopop-electronic-invoice-free/assets/js/backend.js?ver=woopop-electronic-invoice-free/assets/js/vendors/cropper.min.js?ver=woopop-electronic-invoice-free/assets/js/vendors/tinymce/tinymce.min.js?ver=woopop-electronic-invoice-free/assets/js/woo-fields.js?ver=woopop-electronic-invoice-free/assets/js/admin-notices.js?ver=woopop-electronic-invoice-free/assets/js/woo-checkout-fields.js?ver=woopop-electronic-invoice-free/assets/js/settings.js?ver=

HTML / DOM Fingerprints

CSS Classes

pop-invoice-field

HTML Comments

POP checkout > WooCommerce Block

Data Attributes

data-pop-invoice-field

JS Globals

wc_el_inv_optionsWcElectronInvoice

FAQ

POP – Free European electronic invoicing for e-commerce (ex-WooPop) Security & Risk Analysis

Is POP – Free European electronic invoicing for e-commerce (ex-WooPop) Safe to Use in 2026?

Generally Safe

Key Concerns

POP – Free European electronic invoicing for e-commerce (ex-WooPop) Security Vulnerabilities

POP – Free European electronic invoicing for e-commerce (ex-WooPop) Code Analysis

Dangerous Functions Found

Bundled Libraries

SQL Query Safety

Output Escaping

Data Flow Analysis

POP – Free European electronic invoicing for e-commerce (ex-WooPop) Attack Surface

AJAX Handlers 2

REST API Routes 1

Scheduled Events 5

POP – Free European electronic invoicing for e-commerce (ex-WooPop) Maintenance & Trust

Maintenance Signals

Community Trust

POP – Free European electronic invoicing for e-commerce (ex-WooPop) Alternatives

WFatture for WooCommerce Fattureincloud

FreeInvoice API

WooCompany015

Fattura24

Easy Fattura Elettronica FREE

POP – Free European electronic invoicing for e-commerce (ex-WooPop) Developer Profile

How We Detect POP – Free European electronic invoicing for e-commerce (ex-WooPop)

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about POP – Free European electronic invoicing for e-commerce (ex-WooPop)