WP-Safety

XML Invoices for WooCommerce Security & Risk Analysis

wordpress.org/plugins/xml-invoices-for-woocommerce

Offer XML Invoices for customers in WooCommerce.

0 active installs v1.0.0 PHP + WP 4.0+ Updated Oct 14, 2025
woocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is XML Invoices for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

XML Invoices for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7mo ago
Risk Assessment

The 'xml-invoices-for-woocommerce' plugin version 1.0.0 exhibits a strong security posture based on the provided static analysis. The absence of any identified vulnerabilities in its history, coupled with a clean code analysis, suggests a well-developed and secure codebase. The plugin demonstrates good security practices by not exposing any direct attack surface through AJAX handlers, REST API routes, shortcodes, or cron events that lack authentication or permission checks. Furthermore, all SQL queries are properly prepared, and the vast majority of output is correctly escaped, mitigating common injection and cross-site scripting risks. The presence of nonce checks also indicates an effort to prevent request forgery.

Vulnerabilities
None known

XML Invoices for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

XML Invoices for WooCommerce Release Timeline

v1.0.0Current
Code Analysis
Analyzed Mar 17, 2026

XML Invoices for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
2
38 escaped
Nonce Checks
3
Capability Checks
0
File Operations
2
External Requests
1
Bundled Libraries
0

Output Escaping

95% escaped40 total outputs
Data Flows · Security
All sanitized

Data Flow Analysis

2 flows
xml_invoices_for_wc_display_button_text_settings (includes\admin\class-admin-xml_invoices-settingspage.php:19)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

XML Invoices for WooCommerce Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 12
filterwoocommerce_email_attachmentsincludes\admin\premium\class-xml_invoices-functions-hooks-integration-woocommerce.php:7
actioninitincludes\class-xml-invoices-for-woocommerce-settings.php:90
actionadmin_initincludes\class-xml-invoices-for-woocommerce-settings.php:93
actionadmin_menuincludes\class-xml-invoices-for-woocommerce-settings.php:96
actionwp_enqueue_scriptsincludes\class-xml-invoices-for-woocommerce.php:126
actionwp_enqueue_scriptsincludes\class-xml-invoices-for-woocommerce.php:127
actionadmin_enqueue_scriptsincludes\class-xml-invoices-for-woocommerce.php:130
actionadmin_enqueue_scriptsincludes\class-xml-invoices-for-woocommerce.php:131
filterwoocommerce_email_attachmentsincludes\integration\class-xml_invoices-functions-hooks-integration-woocommerce.php:6
actionplugins_loadedxml-invoices-for-woocommerce.php:36
actionbefore_woocommerce_initxml-invoices-for-woocommerce.php:39
actionadmin_noticesxml-invoices-for-woocommerce.php:49
Maintenance & Trust

XML Invoices for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedOct 14, 2025
PHP min version
Downloads169

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

XML Invoices for WooCommerce Alternatives

Essential Addons for Elementor – Popular Elementor Templates & Widgets

Essential Addons for Elementor – Popular Elementor Templates & Widgets

essential-addons-for-elementor-lite

B
76

Elementor addon offering 110+ widgets and templates — Elementor Gallery, Slider, Form, Post Grid, Menu, Accordion, WooCommerce & more.

2.0M 59 CVEs
Limit Login Attempts Reloaded – Login Security, 2FA, Brute Force Protection & Firewall

Limit Login Attempts Reloaded – Login Security, 2FA, Brute Force Protection & Firewall

limit-login-attempts-reloaded

A
98

Stop password guessing attacks, secure WooCommerce, block bad IPs, block by countries (Pro), and add email 2FA. Lightweight with better performance.

2.0M 4 CVEs
Google for WooCommerce

Google for WooCommerce

google-listings-and-ads

A
99

Native integration with Google that allows merchants to easily display their products across Google’s network.

900K 1 CVE
WooPayments: Integrated WooCommerce Payments

WooPayments: Integrated WooCommerce Payments

woocommerce-payments

A
89

Securely accept credit and debit cards on your WooCommerce store. Manage payments without leaving your WordPress dashboard. Only with WooPayments.

900K 7 CVEs
WooCommerce PayPal Payments

WooCommerce PayPal Payments

woocommerce-paypal-payments

A
100

PayPal's latest payment processing solution. Accept PayPal, Pay Later, credit/debit cards, alternative digital wallets and bank accounts.

800K 1 CVE
Developer Profile

XML Invoices for WooCommerce Developer Profile

Appalify

5 plugins · 70 total installs

92
trust score
Avg Security Score
97/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect XML Invoices for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/xml-invoices-for-woocommerce/assets/css/style.css/wp-content/plugins/xml-invoices-for-woocommerce/assets/js/admin-script.js
Script Paths
/wp-content/plugins/xml-invoices-for-woocommerce/assets/js/admin-script.js
Version Parameters
xml-invoices-for-woocommerce/assets/css/style.css?ver=xml-invoices-for-woocommerce/assets/js/admin-script.js?ver=

HTML / DOM Fingerprints

CSS Classes
xml-invoices-for-woocommerce-settings
HTML Comments
<!-- Settings class file. --><!-- Settings class. --><!-- Helper hook to include files late. -->
Data Attributes
data-id="xml_invoices_for_woocommerce_settings"data-parent="xml_invoices_for_woocommerce"
FAQ

Frequently Asked Questions about XML Invoices for WooCommerce