Does One Click Order Re-Order have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is One Click Order Re-Order compatible with WordPress 6.5.8?

According to WordPress.org data, One Click Order Re-Order 1.1.13 has been tested up to WordPress 6.5.8. Check the plugin's changelog for the latest compatibility information.

How often is One Click Order Re-Order updated?

One Click Order Re-Order was last updated on Jul 10, 2024. Frequent updates are generally a positive security signal.

What is One Click Order Re-Order's security score?

One Click Order Re-Order has a WP-Safety security score of 91/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

One Click Order Re-Order Security & Risk Analysis

wordpress.org/plugins/one-click-order-reorder

Place any previous WooCommerce orders again into cart without any restrictions of orders status by just ONE CLICK.

1K active installs v1.1.13 PHP + WP 3.8+ Updated Jul 10, 2024

one-click-order-reorderone-click-re-order-pluginplace-same-order-againwoo-orderwoocommerce-extension

A · Safe

CVEs total1

Unpatched0

Last CVEJul 3, 2024

Plugin page Download

Safety Verdict

Is One Click Order Re-Order Safe to Use in 2026?

Generally Safe

Score 91/100

One Click Order Re-Order has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

1 known CVELast CVE: Jul 3, 2024Updated 1yr ago

Risk Assessment

The "one-click-order-reorder" plugin exhibits a mixed security posture. While it demonstrates good practices by exclusively using prepared statements for SQL queries and avoiding dangerous functions or file operations, significant concerns arise from its attack surface. A considerable number of AJAX handlers lack authentication checks, creating direct entry points for unauthenticated users. The static analysis also reveals a notable percentage of outputs that are not properly escaped, which could lead to cross-site scripting vulnerabilities.

The plugin's vulnerability history, although currently showing no unpatched issues, indicates a pattern of missing authorization vulnerabilities. The most recent CVE was also related to this type of weakness. This suggests a recurring area of concern that requires careful attention. While the absence of critical taint flows is positive, the substantial number of unprotected AJAX endpoints coupled with potential output escaping issues presents a tangible risk. The plugin has strengths in its data handling but weaknesses in access control and output sanitization that need to be addressed.

Key Concerns

Unprotected AJAX handlers
Insufficient output escaping
Past missing authorization CVEs

Vulnerabilities

1 published

One Click Order Re-Order Security Vulnerabilities

CVEs by Year

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2024-5641medium · 6.4Missing Authorization

One Click Order Re-Order <= 1.1.9 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting

Jul 3, 2024 Patched in 1.1.10 (1d)

Version History

One Click Order Re-Order Release Timeline

v1.1.13Current

v1.1.12

Code Analysis

Analyzed Mar 16, 2026

One Click Order Re-Order Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

171 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

82% escaped208 total outputs

Data Flows · Security

All sanitized

Data Flow Analysis

2 flows

ced_ocor_settings_html (includes\class-basket-order.php:151)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

7 unprotected

One Click Order Re-Order Attack Surface

Entry Points13

Unprotected7

AJAX Handlers 13

authwp_ajax_get_order_cartincludes\ced-click-n-go-class.php:24

noprivwp_ajax_get_order_cartincludes\ced-click-n-go-class.php:25

authwp_ajax_get_oreder_productsincludes\ced-click-n-go-class.php:32

noprivwp_ajax_get_oreder_productsincludes\ced-click-n-go-class.php:33

authwp_ajax_get_same_order_cartincludes\ced-click-n-go-class.php:38

noprivwp_ajax_get_same_order_cartincludes\ced-click-n-go-class.php:39

authwp_ajax_ced_ocor_send_mailincludes\ced-click-n-go-class.php:40

authwp_ajax_ced_ocor_save_general_settingincludes\class-basket-order.php:56

authwp_ajax_ced_ocor_add_to_basketincludes\class-basket-order.php:57

authwp_ajax_ced_ocor_remove_from_basketincludes\class-basket-order.php:58

authwp_ajax_ced_ocor_add_basket_items_to_cartincludes\class-basket-order.php:59

authwp_ajax_ced_ocor_get_basket_itemsincludes\class-basket-order.php:60

authwp_ajax_ced_ocor_get_attchment_icon_infoincludes\class-basket-order.php:61

WordPress Hooks 29

filterplugin_row_metaced-click-n-go.php:73

actionplugins_loadedced-click-n-go.php:89

actionadmin_initced-click-n-go.php:99

actionadmin_noticesced-click-n-go.php:102

actionbefore_woocommerce_initced-click-n-go.php:106

actionadmin_enqueue_scriptsincludes\ced-click-n-go-class.php:19

actionwp_enqueue_scriptsincludes\ced-click-n-go-class.php:20

filterwoocommerce_my_account_my_orders_actionsincludes\ced-click-n-go-class.php:23

actionwoocommerce_order_details_after_order_tableincludes\ced-click-n-go-class.php:26

actionafter_setup_themeincludes\ced-click-n-go-class.php:27

filterwoocommerce_product_variation_title_include_attributesincludes\ced-click-n-go-class.php:41

filterwoocommerce_is_attribute_in_product_nameincludes\ced-click-n-go-class.php:42

actionadmin_initincludes\class-basket-order.php:36

actionwp_headincludes\class-basket-order.php:41

actionadmin_menuincludes\class-basket-order.php:46

actionced_ocor_general_settings_html_contentincludes\class-basket-order.php:51

actionwp_footerincludes\class-basket-order.php:66

actionupdate_attached_fileincludes\class-basket-order.php:71

actionwoocommerce_checkout_create_orderincludes\class-basket-order.php:76

actionwoocommerce_new_orderincludes\class-basket-order.php:77

filtermanage_edit-shop_order_columnsincludes\class-basket-order.php:78

actionmanage_shop_order_posts_custom_columnincludes\class-basket-order.php:79

actionadmin_print_stylesincludes\class-basket-order.php:80

actionrestrict_manage_postsincludes\class-basket-order.php:81

filterrequestincludes\class-basket-order.php:82

actionwoocommerce_after_shop_loop_itemincludes\class-basket-order.php:120

actionwoocommerce_after_single_variationincludes\class-basket-order.php:121

actionwoocommerce_after_shop_loop_itemincludes\class-basket-order.php:124

actionwoocommerce_after_single_variationincludes\class-basket-order.php:125

Maintenance & Trust

One Click Order Re-Order Maintenance & Trust

Maintenance Signals

WordPress version tested6.5.8

Last updatedJul 10, 2024

PHP min version

Downloads33K

Community Trust

Rating86/100

Number of ratings6

Active installs1K

Alternatives

One Click Order Re-Order Alternatives

Custom Payment Gateway for WooCommerce

woocommerce-other-payment-gateway

100

Do not miss a single sale! This plugin is very useful to catch every possible sale.

8K No CVEs

Store Toolkit – WooCommerce Extensions, Quick Enhancements & Handy Tools

woocommerce-store-toolkit

A huge set of Quick Enhancements and Handy Tools for WooCommerce – the ultimate WooCommerce booster!

8K 4 CVEs

WooCommerce Gateway Affirm

woocommerce-gateway-affirm

100

Affirm Payments for WooCommerce: Buy now, pay later for your business—but smarter. Increase conversions and AOV by offering shoppers flexible payment …

6K No CVEs

Australia Post WooCommerce Extension

australian-post-woocommerce-extension

100

Australia Post WooCommerce Extension integrates Australia Post with WooCommerce, calculating shipping costs and delivery times for customers.

3K No CVEs

Free Shipping Per Product for WooCommerce

woo-free-shipping-per-product

100

A simple way to set free shipping for certain products.

3K No CVEs

Developer Profile

One Click Order Re-Order Developer Profile

cedcommerce

25 plugins · 5K total installs

trust score

Avg Security Score

83/100

Avg Patch Time

204 days

View full developer profile

Detection Fingerprints

How We Detect One Click Order Re-Order

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/one-click-order-reorder/assets/css/ced-click-n-go.css/wp-content/plugins/one-click-order-reorder/assets/js/ced-click-n-go.js

Script Paths

/wp-content/plugins/one-click-order-reorder/assets/js/ced-click-n-go.js

Version Parameters

one-click-order-reorder/assets/css/ced-click-n-go.css?ver=one-click-order-reorder/assets/js/ced-click-n-go.js?ver=

HTML / DOM Fingerprints

CSS Classes

ced_my_account_reorder

Data Attributes

data-order_id

JS Globals

ced_ocor_hide_email

FAQ