WP-Safety

WPC Estimated Delivery Date for WooCommerce Security & Risk Analysis

wordpress.org/plugins/wpc-estimated-delivery-date

WPC Estimated Delivery Date allows you to establish and personalize delivery times for each product available in your store on several levels.

10K active installs v2.6.3 PHP + WP 4.0+ Updated Mar 10, 2026
delivery-datedelivery-timeestimatedwoocommercewpc
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is WPC Estimated Delivery Date for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

WPC Estimated Delivery Date for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 24d ago
Risk Assessment

The "wpc-estimated-delivery-date" plugin version 2.6.3 exhibits a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all SQL queries and a high percentage of properly escaped output. The absence of known vulnerabilities (CVEs) and recorded past vulnerabilities suggests a generally stable codebase. However, there are notable areas of concern, primarily related to its attack surface. With 11 AJAX handlers, a significant portion (4) lack authentication checks, presenting potential entry points for unauthorized actions. Additionally, the presence of the `unserialize` function, a known security risk if input is not strictly controlled, is another point of caution. The taint analysis shows one flow with unsanitized paths, though it's not classified as critical or high, it warrants attention. The plugin's overall security is decent due to the lack of known exploits and good SQL/output handling, but the unprotected AJAX endpoints and `unserialize` usage introduce moderate risks that could be exploited if an attacker can trigger these functions with malicious input.

Key Concerns

  • AJAX handlers without authentication checks
  • Use of the unserialize function
  • Flow with unsanitized paths (taint analysis)
Vulnerabilities
None known

WPC Estimated Delivery Date for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

WPC Estimated Delivery Date for WooCommerce Code Analysis

Dangerous Functions
3
Raw SQL Queries
0
0 prepared
Unescaped Output
29
226 escaped
Nonce Checks
9
Capability Checks
4
File Operations
0
External Requests
3
Bundled Libraries
0

Dangerous Functions Found

unserialize$plugins = unserialize( $response['body'] );includes\dashboard\wpc-dashboard.php:111
unserialize$plugins = unserialize( $response['body'] );includes\dashboard\wpc-dashboard.php:189
unserialize$plugins = unserialize( $response['body'] );includes\kit\wpc-kit.php:98

Output Escaping

89% escaped255 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

7 flows1 with unsanitized paths
ajax_date_format_preview (includes\class-backend.php:454)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
4 unprotected

WPC Estimated Delivery Date for WooCommerce Attack Surface

Entry Points12
Unprotected4

AJAX Handlers 11

authwp_ajax_wpced_add_ruleincludes\class-backend.php:80
authwp_ajax_wpced_add_dateincludes\class-backend.php:81
authwp_ajax_wpced_search_termincludes\class-backend.php:82
authwp_ajax_wpced_date_format_previewincludes\class-backend.php:83
authwp_ajax_wpced_get_order_datesincludes\class-backend.php:87
authwp_ajax_wpced_save_order_datesincludes\class-backend.php:88
authwp_ajax_wpc_get_pluginsincludes\dashboard\wpc-dashboard.php:19
authwp_ajax_wpc_get_suggestionincludes\dashboard\wpc-dashboard.php:20
authwp_ajax_wpc_exportincludes\dashboard\wpc-dashboard.php:21
authwp_ajax_wpc_importincludes\dashboard\wpc-dashboard.php:22
authwp_ajax_wpc_get_essential_kitincludes\kit\wpc-kit.php:22

Shortcodes 1

[wpced] includes\class-frontend.php:20
WordPress Hooks 43
actioninitincludes\class-backend.php:39
actionadmin_enqueue_scriptsincludes\class-backend.php:42
actionadmin_initincludes\class-backend.php:45
actionadmin_menuincludes\class-backend.php:46
filterplugin_action_linksincludes\class-backend.php:49
filterplugin_row_metaincludes\class-backend.php:50
filterwoocommerce_product_data_tabsincludes\class-backend.php:53
actionwoocommerce_product_data_panelsincludes\class-backend.php:54
actionwoocommerce_process_product_metaincludes\class-backend.php:55
actionwoocommerce_product_after_variable_attributesincludes\class-backend.php:58
actionwoocommerce_save_product_variationincludes\class-backend.php:62
actionwpcvd_duplicatedincludes\class-backend.php:65
actionwpcvb_bulk_update_variationincludes\class-backend.php:68
filterwoocommerce_product_export_meta_valueincludes\class-backend.php:71
filterwoocommerce_product_import_pre_insert_product_objectincludes\class-backend.php:74
actionwoocommerce_order_item_add_action_buttonsincludes\class-backend.php:86
actionwp_enqueue_scriptsincludes\class-frontend.php:17
actionwoocommerce_shop_loop_item_titleincludes\class-frontend.php:27
actionwoocommerce_after_shop_loop_item_titleincludes\class-frontend.php:30
actionwoocommerce_after_shop_loop_item_titleincludes\class-frontend.php:33
actionwoocommerce_after_shop_loop_itemincludes\class-frontend.php:36
actionwoocommerce_after_shop_loop_itemincludes\class-frontend.php:39
actionwpced_custom_archive_positionincludes\class-frontend.php:46
actionwoocommerce_single_product_summaryincludes\class-frontend.php:54
actionwpced_custom_single_positionincludes\class-frontend.php:57
filterwoocommerce_available_variationincludes\class-frontend.php:62
actionwoocommerce_before_variations_formincludes\class-frontend.php:63
actionwc_ajax_wpced_reload_datesincludes\class-frontend.php:66
filterwoocommerce_cart_item_nameincludes\class-frontend.php:70
filterwoocommerce_get_item_dataincludes\class-frontend.php:74
actionwoocommerce_cart_contentsincludes\class-frontend.php:78
actionwoocommerce_checkout_create_order_line_itemincludes\class-frontend.php:82
actionwoocommerce_order_item_meta_startincludes\class-frontend.php:83
filterwoocommerce_email_stylesincludes\class-frontend.php:84
filterwoocommerce_hidden_order_itemmetaincludes\class-frontend.php:87
actionwoocommerce_before_order_itemmetaincludes\class-frontend.php:88
actionadmin_enqueue_scriptsincludes\dashboard\wpc-dashboard.php:17
actionadmin_menuincludes\dashboard\wpc-dashboard.php:18
actionbefore_woocommerce_initincludes\hpos.php:7
actionadmin_enqueue_scriptsincludes\kit\wpc-kit.php:20
actionadmin_menuincludes\kit\wpc-kit.php:21
actionplugins_loadedwpc-estimated-delivery-date.php:36
actionadmin_noticeswpc-estimated-delivery-date.php:40
Maintenance & Trust

WPC Estimated Delivery Date for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 10, 2026
PHP min version
Downloads63K

Community Trust

Rating78/100
Number of ratings8
Active installs10K
Alternatives

WPC Estimated Delivery Date for WooCommerce Alternatives

Order Delivery Date for WooCommerce

Order Delivery Date for WooCommerce

order-delivery-date-for-woocommerce

A
95

Let customers choose delivery dates & times on checkout. Simplify delivery management by blocking holidays & setting max deliveries per day.

10K 4 CVEs
Delivery & Pickup Date Time for WooCommerce

Delivery & Pickup Date Time for WooCommerce

woo-delivery

A
100

Gives the facility of selecting delivery/pickup/both date/time/both at order checkout page.

5K No CVEs
Order Delivery Date And Time

Order Delivery Date And Time

order-delivery-date-and-time

A
100

Order Delivery Date And Time plugin lets customers select delivery/pickup dates and times at checkout page.

1K No CVEs
WooODT Lite – Delivery & pickup date time location for WooCommerce

WooODT Lite – Delivery & pickup date time location for WooCommerce

byconsole-woo-order-delivery-time

C
61

WooODT Lite is a WooCommerce Delivery & Pickup Date Time extension that gives the facility of selecting delivery/pickup date and time/time slot o …

500 1 unpatched
PiWeb Delivery & Pickup Date Time for WooCommerce

PiWeb Delivery & Pickup Date Time for WooCommerce

pi-woocommerce-order-date-time-and-type

A
100

WooCommerce delivery date | delivery time | pickup date | pickup time | pickup location

500 1 CVE
Developer Profile

WPC Estimated Delivery Date for WooCommerce Developer Profile

WPClever

71 plugins · 441K total installs

87
trust score
Avg Security Score
99/100
Avg Patch Time
68 days
View full developer profile
Detection Fingerprints

How We Detect WPC Estimated Delivery Date for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wpc-estimated-delivery-date/assets/css/backend.css/wp-content/plugins/wpc-estimated-delivery-date/assets/css/frontend.css/wp-content/plugins/wpc-estimated-delivery-date/assets/js/backend.js/wp-content/plugins/wpc-estimated-delivery-date/assets/js/frontend.js
Script Paths
/wp-content/plugins/wpc-estimated-delivery-date/assets/js/backend.js/wp-content/plugins/wpc-estimated-delivery-date/assets/js/frontend.js
Version Parameters
wpc-estimated-delivery-date/assets/css/backend.css?ver=wpc-estimated-delivery-date/assets/css/frontend.css?ver=wpc-estimated-delivery-date/assets/js/backend.js?ver=wpc-estimated-delivery-date/assets/js/frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
wpc-estimated-delivery-date-countdownwpced_date_wrapperwpced-date-wrap
HTML Comments
<!-- WPC Estimated Delivery Date Settings --><!-- WPCED Date --><!-- WPCED_DATE_FORMAT_PREVIEW --><!-- WPCED_DATE_FORMAT_PREVIEW -->+4 more
Data Attributes
data-wpced-variation-iddata-wpced-order-item-id
JS Globals
wpced_vars
FAQ

Frequently Asked Questions about WPC Estimated Delivery Date for WooCommerce