WP-Safety

BookMyOrder – Food ordering, delivery, takeaway and reservation for restaurants Security & Risk Analysis

wordpress.org/plugins/food-ordering-for-restaurants

BookMyOrder WordPress Plugin

0 active installs v1.0.0 PHP 7.0+ WP 4.6+ Updated Apr 4, 2024
food-deliveryfood-menufood-orderingrestaurant-menu
92
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is BookMyOrder – Food ordering, delivery, takeaway and reservation for restaurants Safe to Use in 2026?

Generally Safe

Score 92/100

BookMyOrder – Food ordering, delivery, takeaway and reservation for restaurants has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago
Risk Assessment

The "food-ordering-for-restaurants" plugin v1.0.0 exhibits a generally good security posture with several positive indicators. The complete absence of known CVEs and the consistent use of prepared statements for all SQL queries are significant strengths. Furthermore, the vast majority of output is properly escaped, and there are no indications of dangerous function usage, file operations, or external HTTP requests that typically raise immediate red flags. However, a notable concern arises from the presence of 13 AJAX handlers, with two of them lacking any authentication checks. This creates a direct attack vector for unauthenticated users to potentially interact with sensitive functionalities. The taint analysis, while limited in scope, did reveal two flows with unsanitized paths, which, though not categorized as critical or high severity in this analysis, warrant attention as they indicate potential weaknesses in input validation that could be exploited in conjunction with other vulnerabilities.

Key Concerns

  • Unprotected AJAX handlers
  • Flows with unsanitized paths
Vulnerabilities
None known

BookMyOrder – Food ordering, delivery, takeaway and reservation for restaurants Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

BookMyOrder – Food ordering, delivery, takeaway and reservation for restaurants Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
7
209 escaped
Nonce Checks
8
Capability Checks
0
File Operations
0
External Requests
2
Bundled Libraries
0

Output Escaping

97% escaped216 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths
handle_requests (classes\admin\setup-page.php:21)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

BookMyOrder – Food ordering, delivery, takeaway and reservation for restaurants Attack Surface

Entry Points13
Unprotected2

AJAX Handlers 13

authwp_ajax_bmowp_product_listincludes\bmo-ajax-actions.php:7
noprivwp_ajax_bmowp_product_listincludes\bmo-ajax-actions.php:8
authwp_ajax_bmowp_save_pagesincludes\bmo-ajax-actions.php:11
authwp_ajax_bmowp_set_locationincludes\bmo-ajax-actions.php:14
noprivwp_ajax_bmowp_set_locationincludes\bmo-ajax-actions.php:15
authwp_ajax_bmowp_add_to_cartincludes\bmo-ajax-actions.php:18
noprivwp_ajax_bmowp_add_to_cartincludes\bmo-ajax-actions.php:19
authwp_ajax_bmowp_remove_cart_itemincludes\bmo-ajax-actions.php:22
noprivwp_ajax_bmowp_remove_cart_itemincludes\bmo-ajax-actions.php:23
authwp_ajax_bmowp_update_cart_itemincludes\bmo-ajax-actions.php:26
noprivwp_ajax_bmowp_update_cart_itemincludes\bmo-ajax-actions.php:27
authwp_ajax_bmowp_checkoutincludes\bmo-ajax-actions.php:30
noprivwp_ajax_bmowp_checkoutincludes\bmo-ajax-actions.php:31
WordPress Hooks 8
actionadmin_initclasses\admin\setup-page.php:13
actionadmin_enqueue_scriptsincludes\bmo-admin-init.php:10
actionadmin_menuincludes\bmo-admin-init.php:11
actionwp_enqueue_scriptsincludes\bmo-public-init.php:13
actionwp_headincludes\bmo-public-init.php:14
actiontemplate_redirectincludes\bmo-public-init.php:18
filterbody_classincludes\bmo-public-init.php:19
filterpage_templateincludes\bmo-public-init.php:20
Maintenance & Trust

BookMyOrder – Food ordering, delivery, takeaway and reservation for restaurants Maintenance & Trust

Maintenance Signals

WordPress version tested6.4.8
Last updatedApr 4, 2024
PHP min version7.0
Downloads598

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

BookMyOrder – Food ordering, delivery, takeaway and reservation for restaurants Alternatives

Orderable – WordPress Restaurant Online Ordering System and Food Ordering Plugin

Orderable – WordPress Restaurant Online Ordering System and Food Ordering Plugin

orderable

B
75

Take your restaurant/food business online with the online ordering system plugin for WordPress, Orderable.

6K 1 unpatched
Food Menu – Restaurant Menu & Online Ordering for WooCommerce

Food Menu – Restaurant Menu & Online Ordering for WooCommerce

tlp-food-menu

A
99

A Simple Food & Restaurant Menu Display Plugin for Restaurant, Cafes, Fast Food, Coffee House with WooCommerce Online Ordering.

3K 1 CVE
Single Page Restaurant Menu for WooCommerce

Single Page Restaurant Menu for WooCommerce

single-page-restaurant-menu-for-woocommerce

A
85

This plugin is developed to list all woocommerce products/menus in a single page with category and editable cart information.

10 No CVEs
Restaurant Menu – Food Ordering System – Table Reservation

Restaurant Menu – Food Ordering System – Table Reservation

menu-ordering-reservations

A
96

Create a restaurant menu and start taking food orders online, with no commissions or costs. Table reservations are also available for free.

8K 7 CVEs
WPCafe – Restaurant Menu, Online Food Ordering and Reservation Booking Solution

WPCafe – Restaurant Menu, Online Food Ordering and Reservation Booking Solution

wp-cafe

A
91

Complete restaurant solution for restaurant menus, online food ordering, delivery, reservations and booking

6K 9 CVEs
Developer Profile

BookMyOrder – Food ordering, delivery, takeaway and reservation for restaurants Developer Profile

bookmyorder1

1 plugin · 0 total installs

88
trust score
Avg Security Score
92/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect BookMyOrder – Food ordering, delivery, takeaway and reservation for restaurants

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/food-ordering-for-restaurants/assets/css/admin/style.css/wp-content/plugins/food-ordering-for-restaurants/assets/js/admin/script.js/wp-content/plugins/food-ordering-for-restaurants/assets/icons/icons.css/wp-content/plugins/food-ordering-for-restaurants/assets/css/style.css/wp-content/plugins/food-ordering-for-restaurants/assets/lib/datetimepicker/css/jquery.datetimepicker.css/wp-content/plugins/food-ordering-for-restaurants/assets/js/script.js/wp-content/plugins/food-ordering-for-restaurants/assets/css/custom.css/wp-content/plugins/food-ordering-for-restaurants/assets/lib/datetimepicker/js/jquery.datetimepicker.full.min.js
Script Paths
//fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600&display=swap
Version Parameters
food-ordering-for-restaurants/assets/js/admin/script.js?ver=food-ordering-for-restaurants/assets/css/admin/style.css?ver=food-ordering-for-restaurants/assets/js/script.js?ver=food-ordering-for-restaurants/assets/lib/datetimepicker/js/jquery.datetimepicker.full.min.js?ver=food-ordering-for-restaurants/assets/css/style.css?ver=food-ordering-for-restaurants/assets/icons/icons.css?ver=food-ordering-for-restaurants/assets/css/custom.css?ver=food-ordering-for-restaurants/assets/lib/datetimepicker/css/jquery.datetimepicker.css?ver=

HTML / DOM Fingerprints

CSS Classes
bmo-bodybmo-skin-3
JS Globals
bmowp_ajax
FAQ

Frequently Asked Questions about BookMyOrder – Food ordering, delivery, takeaway and reservation for restaurants