Does WP360 Invoice have any unpatched vulnerabilities?

No. All known vulnerabilities in WP360 Invoice have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WP360 Invoice compatible with WordPress 6.7.5?

According to WordPress.org data, WP360 Invoice 1.0.3 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is WP360 Invoice compatible with PHP 7.4.8+?

WP360 Invoice requires PHP 7.4.8 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is WP360 Invoice updated?

WP360 Invoice was last updated on Jan 23, 2025. Frequent updates are generally a positive security signal.

What is WP360 Invoice's security score?

WP360 Invoice has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WP360 Invoice Security & Risk Analysis

wordpress.org/plugins/wp360-invoice

The WP360 Invoice Plugin provides an intuitive solution to manage and create invoices seamlessly for WooCommerce websites. .

0 active installs v1.0.3 PHP 7.4.8+ WP 5.2.0+ Updated Jan 23, 2025

custom-invoiceinvoicewoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is WP360 Invoice Safe to Use in 2026?

Generally Safe

Score 92/100

WP360 Invoice has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The wp360-invoice v1.0.3 plugin exhibits a generally good security posture, with a robust implementation of security best practices. The absence of any known CVEs and a clean vulnerability history suggest a well-maintained and secure codebase. The static analysis reveals strong adherence to secure coding standards, including the use of prepared statements for all SQL queries and a high percentage of properly escaped outputs. A significant number of nonce and capability checks further bolster its defenses against common web attacks.

However, the taint analysis does highlight two flows with unsanitized paths. While these are not classified as critical or high severity, they represent potential areas where an attacker might be able to exploit the plugin if they can control user-supplied input that reaches these paths without proper sanitization. The presence of these unsanitized paths is a notable weakness, even if the immediate risk is assessed as low. The bundled 'dompdf' library also warrants attention; while its version isn't specified, outdated bundled libraries can introduce vulnerabilities if not kept up-to-date.

In conclusion, wp360-invoice v1.0.3 is a relatively secure plugin, especially given its lack of historical vulnerabilities and its strong use of WordPress security features like nonces and capability checks. The primary concern lies with the identified unsanitized paths in the taint analysis, which should be addressed to mitigate potential risks. Further investigation into the bundled 'dompdf' library's version and update status would also be prudent for a complete security assessment.

Key Concerns

Flows with unsanitized paths detected
Bundled library 'dompdf' requires version check

Vulnerabilities

None known

WP360 Invoice Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

WP360 Invoice Code Analysis

Dangerous Functions

Raw SQL Queries

1 prepared

Unescaped Output

301 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

dompdf

SQL Query Safety

100% prepared1 total queries

Output Escaping

82% escaped369 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

6 flows2 with unsanitized paths

<wp360-invoice-frontpage> (wp360-invoice-frontpage.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

WP360 Invoice Attack Surface

Entry Points3

Unprotected0

AJAX Handlers 2

authwp_ajax_generate_invoice_pdfsuite\index.php:12

noprivwp_ajax_generate_invoice_pdfsuite\index.php:13

Shortcodes 1

[wp360invoice__pagecontent] wp360-invoice.php:156

WordPress Hooks 16

actionshow_user_profileadmin\wp360_invoice_extra_fields.php:7

actionedit_user_profileadmin\wp360_invoice_extra_fields.php:8

actionuser_new_formadmin\wp360_invoice_extra_fields.php:9

actionpersonal_options_updateadmin\wp360_invoice_extra_fields.php:11

actionedit_user_profile_updateadmin\wp360_invoice_extra_fields.php:12

actionuser_registeradmin\wp360_invoice_extra_fields.php:13

actioninitinc\functions.php:81

actionadmin_menusuite\index.php:9

actionadmin_enqueue_scriptssuite\index.php:10

actionadmin_noticeswp360-invoice.php:35

actionwp_enqueue_scriptswp360-invoice.php:57

actionadmin_enqueue_scriptswp360-invoice.php:70

actionadmin_initwp360-invoice.php:93

filterwoocommerce_account_menu_itemswp360-invoice.php:178

actionwp_enqueue_scriptswp360-invoice.php:180

actionadmin_post_wp360invoice_mark_invoice_as_paidwp360-invoice.php:226

Maintenance & Trust

WP360 Invoice Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedJan 23, 2025

PHP min version7.4.8

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

WP360 Invoice Alternatives

PDF Invoices & Packing Slips for WooCommerce

woocommerce-pdf-invoices-packing-slips

Create, print & automatically email PDF or XML Invoices & PDF Packing Slips for WooCommerce orders.

300K 12 CVEs

WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes & Shipping Labels

print-invoices-packing-slip-labels-for-woocommerce

Auto-generate and attach WooCommerce PDF invoices and packing slips to order emails with customizable templates & bulk print options.

60K 6 CVEs

Print Invoice & Delivery Notes for WooCommerce

woocommerce-delivery-notes

Create and print PDF invoices, delivery notes and receipts for your WooCommerce orders. Choose your document format from multiple templates.

30K 9 CVEs

Booster for WooCommerce – PDF Invoices, Abandoned Cart, Variation Swatches & 100+ Tools

woocommerce-jetpack

Supercharge WooCommerce with FREE Abandoned Cart Recovery, Product Variation Swatches, PDF Invoices & 100+ tools. Boost sales & save time.

30K 32 CVEs

Invoices for WooCommerce

woocommerce-pdf-invoices

Automatically generate and attach customizable PDF Invoices and PDF Packing Slips for WooCommerce to emails.

10K No CVEs

Developer Profile

WP360 Invoice Developer Profile

Ankit Sharma

1 plugin · 0 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WP360 Invoice

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wp360-invoice/front/assets/css/front_style.css/wp-content/plugins/wp360-invoice/front/assets/js/front-jspdf.js/wp-content/plugins/wp360-invoice/admin/css/admin_style.css/wp-content/plugins/wp360-invoice/suite/suite.css/wp-content/plugins/wp360-invoice/admin/js/admin_script.js

Script Paths

/wp-content/plugins/wp360-invoice/front/assets/js/front-jspdf.js/wp-content/plugins/wp360-invoice/admin/js/admin_script.js

Version Parameters

wp360-invoice/front/assets/css/front_style.css?ver=wp360-invoice/front/assets/js/front-jspdf.js?ver=wp360-invoice/admin/css/admin_style.css?ver=wp360-invoice/suite/suite.css?ver=wp360-invoice/admin/js/admin_script.js?ver=

HTML / DOM Fingerprints

Data Attributes

data-wp360_invoice_id

JS Globals

wp360_pdf_ajaxwp360_pdf_ajax_admin

Shortcode Output

[wp360invoice__pagecontent]

FAQ