WP-Safety

ZeroV99 Shipment Tracking Security & Risk Analysis

wordpress.org/plugins/zerov99-shipment-tracking

Add a 'Shipped' status to WooCommerce orders, track shipments, and provide real-time updates to customers effortlessly.

0 active installs v1.0.3 PHP 7.4+ WP 5.6+ Updated Dec 3, 2025
order-trackingshipment-trackingshipping-providerstracking-statuswoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is ZeroV99 Shipment Tracking Safe to Use in 2026?

Generally Safe

Score 100/100

ZeroV99 Shipment Tracking has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago
Risk Assessment

The zerov99-shipment-tracking plugin v1.0.3 exhibits a generally strong security posture based on the provided static analysis. The absence of direct SQL injection risks due to 100% prepared statement usage, a high percentage of properly escaped output, and no detected file operations or external HTTP requests are positive indicators. Furthermore, the complete lack of known vulnerabilities (CVEs) in its history suggests a well-maintained and secure codebase over time.

However, a significant concern arises from the absence of capability checks on the identified AJAX handler. While there is only one AJAX handler, and it is protected by a nonce check, the lack of an explicit capability check means that any authenticated user, regardless of their role or permissions, could potentially interact with this endpoint. This could lead to unintended actions or data manipulation if the functionality accessible via the AJAX handler is sensitive.

In conclusion, the plugin demonstrates good development practices in several key areas. The absence of critical vulnerabilities and the robust handling of SQL queries and output are commendable. Nevertheless, the missing capability check on the AJAX handler represents a potential weakness that could be exploited by authenticated attackers with lower privileges. Addressing this would further strengthen the plugin's security.

Key Concerns

  • Missing capability checks on AJAX
Vulnerabilities
None known

ZeroV99 Shipment Tracking Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

ZeroV99 Shipment Tracking Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
6 prepared
Unescaped Output
3
91 escaped
Nonce Checks
3
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared6 total queries

Output Escaping

97% escaped94 total outputs
Attack Surface

ZeroV99 Shipment Tracking Attack Surface

Entry Points1
Unprotected0

AJAX Handlers 1

authwp_ajax_save_tracking_modal_dataincludes\admin\ZeroV99_Shipment_Tracking_Modal.php:32
WordPress Hooks 18
filterwoocommerce_settings_tabs_arrayincludes\admin\settings\ZeroV99_Shipment_Tracking_Settings.php:29
actionwoocommerce_settings_zerov99_shipment_trackingincludes\admin\settings\ZeroV99_Shipment_Tracking_Settings.php:30
actionwoocommerce_update_options_zerov99_shipment_trackingincludes\admin\settings\ZeroV99_Shipment_Tracking_Settings.php:31
actionwoocommerce_admin_field_zerov99_shipping_providers_tableincludes\admin\settings\ZeroV99_Shipment_Tracking_Settings_Shipping_Providers.php:27
actionadmin_enqueue_scriptsincludes\admin\ZeroV99_Shipment_Tracking_Admin_Assets.php:19
actionadmin_noticesincludes\admin\ZeroV99_Shipment_Tracking_Admin_Notices.php:27
actionadd_meta_boxesincludes\admin\ZeroV99_Shipment_Tracking_Completed_Metabox.php:31
actionadd_meta_boxesincludes\admin\ZeroV99_Shipment_Tracking_Metabox.php:33
actionwoocommerce_process_shop_order_metaincludes\admin\ZeroV99_Shipment_Tracking_Metabox.php:34
actionadmin_footerincludes\admin\ZeroV99_Shipment_Tracking_Modal.php:31
filterwoocommerce_admin_order_actionsincludes\admin\ZeroV99_Shipment_Tracking_Order_Actions.php:40
actionwoocommerce_order_details_after_order_tableincludes\frontend\ZeroV99_Order_Tracking_Details.php:34
actionwoocommerce_order_status_changedincludes\helpers\ZeroV99_Shipment_Tracking_Data_Cleanup.php:26
actioninitincludes\tasks\ZeroV99_Auto_Complete_Shipped_Orders.php:27
actioninitincludes\ZeroV99_Shipment_Tracking.php:46
filterwc_order_statusesincludes\ZeroV99_Shipment_Tracking.php:47
actionadmin_noticeszerov99-shipment-tracking.php:24
actionadmin_noticeszerov99-shipment-tracking.php:37
Maintenance & Trust

ZeroV99 Shipment Tracking Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedDec 3, 2025
PHP min version7.4
Downloads448

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

ZeroV99 Shipment Tracking Alternatives

Advanced Shipment Tracking for WooCommerce

Advanced Shipment Tracking for WooCommerce

woo-advanced-shipment-tracking

A
98

Add shipment tracking info to WooCommerce orders, send tracking numbers to customers via email, and let them track deliveries from My Account.

60K 2 CVEs
Orders Tracking for WooCommerce

Orders Tracking for WooCommerce

woo-orders-tracking

A
98

Easily import/manage your tracking numbers, add tracking numbers to PayPal and send email notifications to customers.

10K 3 CVEs
AfterShip Tracking – All-In-One WooCommerce Order Tracking (Free plan available)

AfterShip Tracking – All-In-One WooCommerce Order Tracking (Free plan available)

aftership-woocommerce-tracking

A
99

Track orders in one place. shipment tracking, automated notifications, order lookup, branded tracking page, delivery day prediction

8K 1 CVE
ParcelWILL (Formerly ParcelPanel) – Shipment Tracking, Tracking & Order Tracking for WooCommerce

ParcelWILL (Formerly ParcelPanel) – Shipment Tracking, Tracking & Order Tracking for WooCommerce

parcelpanel

A
96

Free Plan Available. Order Tracking, Shipment Tracking. The best WooCommerce Order Tracker for Track Order Status & Delivery Notifications

8K 2 CVEs
TrackShip for WooCommerce

TrackShip for WooCommerce

trackship-for-woocommerce

A
98

TrackShip auto-tracks orders, adds a branded tracking experience to your store and handles all customer touchpoints from shipping to delivery

7K 2 CVEs
Developer Profile

ZeroV99 Shipment Tracking Developer Profile

0v99com

2 plugins · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect ZeroV99 Shipment Tracking

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/zerov99-shipment-tracking/assets/js/zerov99-shipment-tracking-admin-deactivate-confirm.min.js/wp-content/plugins/zerov99-shipment-tracking/assets/js/zerov99-shipment-tracking-admin-deactivate-confirm.js/wp-content/plugins/zerov99-shipment-tracking/assets/css/zerov99-orders-styles.min.css/wp-content/plugins/zerov99-shipment-tracking/assets/css/zerov99-orders-styles.css/wp-content/plugins/zerov99-shipment-tracking/assets/js/zerov99-combined-orders.min.js/wp-content/plugins/zerov99-shipment-tracking/assets/js/zerov99-combined-orders.js/wp-content/plugins/zerov99-shipment-tracking/assets/css/zerov99-shipping-providers.min.css/wp-content/plugins/zerov99-shipment-tracking/assets/css/zerov99-shipping-providers.css+2 more
Script Paths
/wp-content/plugins/zerov99-shipment-tracking/assets/js/zerov99-shipment-tracking-admin-deactivate-confirm.js/wp-content/plugins/zerov99-shipment-tracking/assets/js/zerov99-combined-orders.js/wp-content/plugins/zerov99-shipment-tracking/assets/js/zerov99-settings.js
Version Parameters
zerov99-shipment-tracking/assets/js/zerov99-shipment-tracking-admin-deactivate-confirm.js?ver=zerov99-shipment-tracking/assets/css/zerov99-orders-styles.css?ver=zerov99-shipment-tracking/assets/js/zerov99-combined-orders.js?ver=zerov99-shipment-tracking/assets/css/zerov99-shipping-providers.css?ver=zerov99-shipment-tracking/assets/js/zerov99-settings.js?ver=

HTML / DOM Fingerprints

CSS Classes
order-statusstatus-shipped
Data Attributes
data-deactivate-confirm
JS Globals
zerov99Adminzerov99Data
FAQ

Frequently Asked Questions about ZeroV99 Shipment Tracking