Does ChaChing – New Order Notifications for WooCommerce have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is ChaChing – New Order Notifications for WooCommerce compatible with WordPress 6.7.5?

According to WordPress.org data, ChaChing – New Order Notifications for WooCommerce 0.2 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is ChaChing – New Order Notifications for WooCommerce compatible with PHP 7.2.0+?

ChaChing – New Order Notifications for WooCommerce requires PHP 7.2.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

What is ChaChing – New Order Notifications for WooCommerce's security score?

ChaChing – New Order Notifications for WooCommerce has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

ChaChing – New Order Notifications for WooCommerce Security & Risk Analysis

wordpress.org/plugins/bp-new-order-notifications-for-woocommerce

New Order Notifications for WooCommerce plugin will show a popup notification for every new order received with a unique ChaChing sound.

100 active installs v0.2 PHP 7.2.0+ WP 4.9+ Updated Feb 11, 2025

woocommerce-new-orderwoocommerce-notificationwoocommerce-orderwoocommerce-order-notification

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is ChaChing – New Order Notifications for WooCommerce Safe to Use in 2026?

Generally Safe

Score 92/100

ChaChing – New Order Notifications for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The "bp-new-order-notifications-for-woocommerce" plugin v0.2 demonstrates a generally good security posture, with no recorded vulnerabilities or critical security flaws identified in the static and taint analysis. The presence of numerous nonce checks (14) and capability checks (2) across its 5 AJAX handlers suggests a strong focus on authorization and preventing unauthorized actions. Furthermore, all SQL queries utilize prepared statements, and the absence of direct file operations or external HTTP requests further reduces the attack surface. However, a concern arises from the output escaping, where only 69% of outputs are properly escaped. This leaves approximately 31% of outputs potentially vulnerable to cross-site scripting (XSS) attacks if user-supplied data is not handled carefully within those unescaped areas. While the attack surface is relatively small and all entry points appear to have authentication checks, the unescaped output is the primary area requiring attention. The complete lack of historical vulnerabilities is a positive indicator of past security efforts, but it does not entirely negate the potential risks identified in the current codebase.

Key Concerns

Unescaped output detected

Vulnerabilities

None known

ChaChing – New Order Notifications for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

ChaChing – New Order Notifications for WooCommerce Release Timeline

v0.2Current

v0.1

Code Analysis

Analyzed Mar 16, 2026

ChaChing – New Order Notifications for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

235

532 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

DataTables

SQL Query Safety

100% prepared2 total queries

Output Escaping

69% escaped767 total outputs

Data Flows · Security

All sanitized

Data Flow Analysis

3 flows

csf_export (include\codestar\functions\actions.php:62)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

ChaChing – New Order Notifications for WooCommerce Attack Surface

Entry Points5

Unprotected0

AJAX Handlers 5

authwp_ajax_csf-get-iconsinclude\codestar\functions\actions.php:50

authwp_ajax_csf-exportinclude\codestar\functions\actions.php:87

authwp_ajax_csf-importinclude\codestar\functions\actions.php:123

authwp_ajax_csf-resetinclude\codestar\functions\actions.php:150

authwp_ajax_csf-choseninclude\codestar\functions\actions.php:189

WordPress Hooks 53

actionwp_enqueue_scriptsinclude\codestar\classes\abstract.class.php:21

actionadmin_menuinclude\codestar\classes\admin-options.class.php:107

actionadmin_bar_menuinclude\codestar\classes\admin-options.class.php:108

actionnetwork_admin_menuinclude\codestar\classes\admin-options.class.php:112

filteradmin_footer_textinclude\codestar\classes\admin-options.class.php:432

actionadd_meta_boxes_commentinclude\codestar\classes\comment-options.class.php:38

actionedit_commentinclude\codestar\classes\comment-options.class.php:39

actioncustomize_registerinclude\codestar\classes\customize-options.class.php:44

actioncustomize_save_afterinclude\codestar\classes\customize-options.class.php:45

actionwp_enqueue_scriptsinclude\codestar\classes\customize-options.class.php:49

actionadd_meta_boxesinclude\codestar\classes\metabox-options.class.php:50

actionsave_postinclude\codestar\classes\metabox-options.class.php:51

actionedit_attachmentinclude\codestar\classes\metabox-options.class.php:52

actionwp_nav_menu_item_custom_fieldsinclude\codestar\classes\nav-menu-options.class.php:32

actionwp_update_nav_menu_iteminclude\codestar\classes\nav-menu-options.class.php:33

filterwp_edit_nav_menu_walkerinclude\codestar\classes\nav-menu-options.class.php:35

actionadmin_initinclude\codestar\classes\profile-options.class.php:32

actionshow_user_profileinclude\codestar\classes\profile-options.class.php:44

actionedit_user_profileinclude\codestar\classes\profile-options.class.php:45

actionpersonal_options_updateinclude\codestar\classes\profile-options.class.php:47

actionedit_user_profile_updateinclude\codestar\classes\profile-options.class.php:48

actionafter_setup_themeinclude\codestar\classes\setup.class.php:73

actioninitinclude\codestar\classes\setup.class.php:74

actionswitch_themeinclude\codestar\classes\setup.class.php:75

actionadmin_enqueue_scriptsinclude\codestar\classes\setup.class.php:76

actionwp_enqueue_scriptsinclude\codestar\classes\setup.class.php:77

actionwp_headinclude\codestar\classes\setup.class.php:78

filteradmin_body_classinclude\codestar\classes\setup.class.php:79

actionadmin_footerinclude\codestar\classes\shortcode-options.class.php:47

actioncustomize_controls_print_footer_scriptsinclude\codestar\classes\shortcode-options.class.php:48

actionelementor/editor/before_enqueue_scriptsinclude\codestar\classes\shortcode-options.class.php:59

actionelementor/editor/footerinclude\codestar\classes\shortcode-options.class.php:60

actionelementor/editor/footerinclude\codestar\classes\shortcode-options.class.php:61

actionenqueue_block_editor_assetsinclude\codestar\classes\shortcode-options.class.php:258

actionmedia_buttonsinclude\codestar\classes\shortcode-options.class.php:262

actionadmin_initinclude\codestar\classes\taxonomy-options.class.php:41

actionadmin_footerinclude\codestar\fields\icon\icon.php:41

actioncustomize_controls_print_footer_scriptsinclude\codestar\fields\icon\icon.php:42

actionadmin_print_footer_scriptsinclude\codestar\fields\link\link.php:65

actionprint_default_editor_scriptsinclude\codestar\fields\wp_editor\wp_editor.php:62

actionadmin_menuinclude\codestar\views\welcome.php:19

filterplugin_action_linksinclude\codestar\views\welcome.php:20

filterplugin_row_metainclude\codestar\views\welcome.php:21

actionwoocommerce_loadedmain.php:41

actionadmin_noticesmain.php:51

actionbefore_woocommerce_initmain.php:60

actioninitsrc\Bootstrap.php:16

actionadmin_enqueue_scriptssrc\Bootstrap.php:18

actionadmin_bar_menusrc\Bootstrap.php:19

actionadmin_menusrc\Bootstrap.php:20

actionbpnon_refresh_timersrc\Bootstrap.php:302

actionadmin_menusrc\Settings.php:8

filterplugin_row_metasrc\Settings.php:9

Scheduled Events 2

bpnon_refresh_timer

Maintenance & Trust

ChaChing – New Order Notifications for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedFeb 11, 2025

PHP min version7.2.0

Downloads3K

Community Trust

Rating100/100

Number of ratings1

Active installs100

Alternatives

ChaChing – New Order Notifications for WooCommerce Alternatives

Chat notifications for Woocommerce

chat-notifications-for-woocommerce

Chat notifications for Woocommerce, allows users to automatically send WhatsApp custom templates to your customers when an Order status is updated.

0 No CVEs

PiWeb Advance notification for WooCommerce

advance-notification-for-woocommerce

100

Advance notification for WooCommerce | WooCommerce email notifications | Woocommerce send email after order | WooCommerce order notification | Low sto …

10 No CVEs

PiWeb Live sales notification for WooCommerce

live-sales-notifications-for-woocommerce

Fake sales alert for WooCommerce or Live sales notification for WooCommerce. Boost sales by encouraging your visitors to buy when they see your live n …

60K 1 unpatched

Order Export & Order Import for WooCommerce

order-import-export-for-woocommerce

The best order export import plugin for WooCommerce. Easily import and export WooCommerce orders and WooCommerce coupons using CSV.

60K 7 CVEs

Smart Manager – Advanced WooCommerce Bulk Edit & Inventory Management

smart-manager-for-wp-e-commerce

WooCommerce Advanced Bulk Edit products, orders, & posts in an Excel-like sheet editor. Get advanced WooCommerce stock, pricing, & order management.

10K 4 CVEs

Developer Profile

ChaChing – New Order Notifications for WooCommerce Developer Profile

brightvesseldev

15 plugins · 48K total installs

trust score

Avg Security Score

96/100

Avg Patch Time

277 days

View full developer profile

Detection Fingerprints

How We Detect ChaChing – New Order Notifications for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/bp-new-order-notifications-for-woocommerce/assets/css/style.css/wp-content/plugins/bp-new-order-notifications-for-woocommerce/assets/js/main.js/wp-content/plugins/bp-new-order-notifications-for-woocommerce/assets/js/vendor/jquery-3.6.0.min.js

Script Paths

/wp-content/plugins/bp-new-order-notifications-for-woocommerce/assets/js/main.js/wp-content/plugins/bp-new-order-notifications-for-woocommerce/assets/js/vendor/jquery-3.6.0.min.js

Version Parameters

bp-new-order-notifications-for-woocommerce/assets/css/style.css?ver=bp-new-order-notifications-for-woocommerce/assets/js/main.js?ver=bp-new-order-notifications-for-woocommerce/assets/js/vendor/jquery-3.6.0.min.js?ver=

HTML / DOM Fingerprints

CSS Classes

bp-non-order-notification-popup

Data Attributes

data-chaching-sound

JS Globals

BPNON_ASSETSBPNON_PLUGIN_DIRBPNON_PLUGIN_FILEBPNON_PLUGIN_VERBPNON_TEMPLATE_PATHBPNON_URL

FAQ