COMITI Invoicing Cloud for Ecommerce

Description

comitifact connects WooCommerce to COMITI’s CFDI 4.0 (Mexico) stamping services.

Key features
– Generate CFDI 4.0 (XML) and its printable representation (PDF).
– CFDI cancellation.
– File uploads attached to orders with size limits and a whitelist of extensions (CSD, XML, ZIP, PEM, etc.).
– Configurable HTTPS endpoints for production and sandbox environments.
– Multisite-aware (cleans up on uninstall per site).
– Internationalization ready (Text Domain: comitifact) and loads translations from /languages.

Security
– Nonces on AJAX actions.
– Capability checks (by default requires manage_woocommerce for admin actions).
– Input sanitization and output escaping.
– Uploads stored in a dedicated folder /wp-content/uploads/comitifact/ with MIME checks and size limits.
– No credentials or endpoints exposed on the front end.

Privacy
This plugin integrates with an external e-invoicing (timbrado) provider. Depending on your configuration, fiscal data from orders (RFC, legal name, CFDI use, tax address, etc.) may be sent to your provider over HTTPS. Review and accept the provider’s terms before use. If you process personal data, ensure you have a lawful basis and appropriate privacy notices.

Requirements
– WordPress ≥ 5.8
– PHP ≥ 7.4
– WooCommerce (a version compatible with your site)

Localization

This plugin is translation-ready. Text domain: comitifact, path: /languages. You can contribute translations via WordPress.org GlotPress once published.

Notes for Reviewers (WordPress.org)

• All AJAX actions that write files or data are protected by nonces and capability checks.
• External services are configurable and default to HTTPS endpoints.
• No external tracking; no personal data is transmitted unless configured by the site owner for invoicing purposes.
• Uninstall routine removes options, transients, prefixed tables, cron hooks, and /uploads/comitifact/.