WP-Safety

Order Delivery Date for WooCommerce Security & Risk Analysis

wordpress.org/plugins/order-delivery-date-for-woocommerce

Let customers choose delivery dates & times on checkout. Simplify delivery management by blocking holidays & setting max deliveries per day.

10K active installs v4.5.0 PHP 7.3+ WP 1.3+ Updated Feb 10, 2026
delivery-datedelivery-timepickup-datepreparation-timewoocommerce
95
A · Safe
CVEs total4
Unpatched0
Last CVEDec 3, 2025
Plugin page Download
Safety Verdict

Is Order Delivery Date for WooCommerce Safe to Use in 2026?

Generally Safe

Score 95/100

Order Delivery Date for WooCommerce has a strong security track record. Known vulnerabilities have been patched promptly.

4 known CVEsLast CVE: Dec 3, 2025Updated 1mo ago
Risk Assessment

The 'order-delivery-date-for-woocommerce' plugin v4.5.0 presents a mixed security posture. While it demonstrates strong practices in using prepared statements for SQL queries and a generally high percentage of properly escaped output, there are significant concerns regarding its attack surface and taint analysis. The presence of 8 AJAX handlers, with 4 lacking authentication checks, creates a substantial entry point for potential unauthorized actions. Furthermore, the taint analysis reveals one flow with an unsanitized path, categorized as high severity, which could lead to exploitable vulnerabilities if not properly addressed. The plugin's vulnerability history, though currently showing no unpatched CVEs, indicates a past pattern of medium severity issues including missing authorization, CSRF, and XSS. This history, coupled with the current static analysis findings, suggests a need for vigilance and prompt patching of any new vulnerabilities discovered.

In conclusion, the plugin benefits from robust SQL handling and output escaping. However, the identified unprotected AJAX handlers and the high-severity taint flow are critical weaknesses that expose the application to potential risks. The historical vulnerability types also highlight areas that require ongoing attention to ensure comprehensive security. A balanced approach, addressing the identified entry points and taint flows while maintaining awareness of past patterns, is crucial for mitigating risks associated with this plugin.

Key Concerns

  • Unprotected AJAX handlers
  • High severity taint flow with unsanitized path
  • Past medium severity vulnerabilities
Vulnerabilities
4

Order Delivery Date for WooCommerce Security Vulnerabilities

CVEs by Year

1 CVE in 2023
2023
1 CVE in 2024
2024
2 CVEs in 2025
2025
Patched Has unpatched

Severity Breakdown

Medium
4

4 total CVEs

CVE-2025-63024medium · 5.3Missing Authorization

Order Delivery Date for WooCommerce <= 4.3.1 - Missing Authorization

Dec 3, 2025 Patched in 4.3.2 (35d)
CVE-2025-58599medium · 4.3Missing Authorization

Order Delivery Date for WooCommerce <= 4.1.0 - Missing Authorization

Sep 3, 2025 Patched in 4.2.0 (7d)
CVE-2024-32434medium · 4.3Cross-Site Request Forgery (CSRF)

Order Delivery Date for WooCommerce <= 3.21.0 - Cross-Site Request Forgery to Notice Dismissal

Apr 12, 2024 Patched in 3.21.1 (6d)
CVE-2023-41874medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Order Delivery Date for WooCommerce <= 3.20.0 - Reflected Cross-Site Scripting via 'orddd_lite_custom_startdate' and 'orddd_lite_custom_enddate'

Aug 2, 2023 Patched in 3.20.1 (174d)
Code Analysis
Analyzed Mar 16, 2026

Order Delivery Date for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
15 prepared
Unescaped Output
95
537 escaped
Nonce Checks
12
Capability Checks
11
File Operations
0
External Requests
2
Bundled Libraries
0

SQL Query Safety

100% prepared15 total queries

Output Escaping

85% escaped632 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

8 flows1 with unsanitized paths
handle_event_json (includes\settings\class-delivery-calendar-event-json.php:38)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
4 unprotected

Order Delivery Date for WooCommerce Attack Surface

Entry Points8
Unprotected4

AJAX Handlers 8

authwp_ajax_save_delivery_datesincludes\class-orddd-lite-admin-delivery.php:31
authwp_ajax_tyche_plugin_deactivation_submit_actionincludes\component\plugin-deactivation\class-tyche-plugin-deactivation.php:93
authwp_ajax_orddd_dismiss_menu_noticeincludes\component\upgrade-to-pro\ts-upgrade-to-pro.php:131
authwp_ajax_ordd_lite_dismiss_upgrade_to_proincludes\component\upgrade-to-pro\ts-upgrade-to-pro.php:133
noprivwp_ajax_check_for_time_slot_ordddorder_delivery_date.php:185
authwp_ajax_check_for_time_slot_ordddorder_delivery_date.php:186
noprivwp_ajax_orddd_order_calendar_contentorder_delivery_date.php:192
authwp_ajax_orddd_order_calendar_contentorder_delivery_date.php:193
WordPress Hooks 106
actionorddd_lite_admin_update_date_notificationemails\class-orddd-lite-email-update-date.php:41
actionadd_meta_boxesincludes\class-orddd-lite-admin-delivery.php:34
filterwoocommerce_email_classesincludes\class-orddd-lite-email-manager.php:30
filterwoocommerce_template_directoryincludes\class-orddd-lite-email-manager.php:42
actionwpo_wcpdf_after_order_detailsincludes\class-orddd-lite-integration.php:29
actionwpo_wcpdf_after_order_detailsincludes\class-orddd-lite-integration.php:31
filterwc_customer_order_csv_export_order_headersincludes\class-orddd-lite-integration.php:35
filterwc_customer_order_csv_export_order_rowincludes\class-orddd-lite-integration.php:36
filterwcdn_order_info_fieldsincludes\class-orddd-lite-integration.php:39
actionwoocommerce_cloudprint_internaloutput_footerincludes\class-orddd-lite-integration.php:41
actionwc_pip_after_bodyincludes\class-orddd-lite-integration.php:44
filterwoocommerce_privacy_export_order_personal_data_propsincludes\class-orddd-lite-privacy.php:30
filterwoocommerce_privacy_export_order_personal_data_propincludes\class-orddd-lite-privacy.php:31
actionadmin_menuincludes\component\faq-support\ts-faq-support.php:91
actionadmin_headincludes\component\faq-support\ts-faq-support.php:92
actionadmin_print_scripts-plugins.phpincludes\component\plugin-deactivation\class-tyche-plugin-deactivation.php:92
filtercron_schedulesincludes\component\plugin-tracking\class-tyche-plugin-tracking.php:82
actionadmin_initincludes\component\plugin-tracking\class-tyche-plugin-tracking.php:83
actionadmin_initincludes\component\plugin-tracking\ts-tracking.php:127
filterorddd_lite_ts_tracker_dataincludes\component\plugin-tracking\ts-tracking.php:129
actionadmin_footerincludes\component\plugin-tracking\ts-tracking.php:130
actionorddd_lite_init_tracker_completedincludes\component\plugin-tracking\ts-tracking.php:132
filterorddd_lite_ts_tracker_display_noticeincludes\component\plugin-tracking\ts-tracking.php:133
actionadmin_noticesincludes\component\upgrade-to-pro\ts-upgrade-to-pro.php:125
actionadmin_enqueue_scriptsincludes\component\upgrade-to-pro\ts-upgrade-to-pro.php:128
actionadmin_headincludes\component\upgrade-to-pro\ts-upgrade-to-pro.php:129
actionadmin_noticesincludes\component\upgrade-to-pro\ts-upgrade-to-pro.php:130
actionadmin_initincludes\component\woocommerce-check\ts-woo-active.php:44
actionadmin_noticesincludes\component\woocommerce-check\ts-woo-active.php:55
actionwoocommerce_store_api_checkout_update_order_from_requestincludes\integrations\wc-blocks\class-orddd-lite-delivery-blocks.php:25
actionwoocommerce_store_api_checkout_update_order_from_requestincludes\integrations\wc-blocks\class-orddd-lite-delivery-blocks.php:26
actionwoocommerce_blocks_loadedincludes\integrations\wc-blocks\order-delivery-date-block.php:12
actionwoocommerce_blocks_cart_block_registrationincludes\integrations\wc-blocks\order-delivery-date-block.php:19
actionwoocommerce_blocks_checkout_block_registrationincludes\integrations\wc-blocks\order-delivery-date-block.php:26
filter__experimental_woocommerce_blocks_add_data_attributes_to_namespaceincludes\integrations\wc-blocks\order-delivery-date-block.php:57
filter__experimental_woocommerce_blocks_add_data_attributes_to_blockincludes\integrations\wc-blocks\order-delivery-date-block.php:66
actioninitincludes\integrations\wc-blocks\order-delivery-date-block.php:75
actionblock_categories_allincludes\integrations\wc-blocks\order-delivery-date-block.php:177
actionwp_footerincludes\integrations\wc-blocks\order-delivery-date-block.php:179
actionadmin_initincludes\settings\class-delivery-calendar-event-json.php:30
actionadmin_initincludes\settings\class-orddd-lite-delivery-calendar.php:29
actionwoocommerce_admin_order_data_after_billing_addressincludes\settings\class-orddd-lite-filter.php:31
actionwoocommerce_admin_order_data_after_shipping_addressincludes\settings\class-orddd-lite-filter.php:33
filterwoocommerce_admin_order_preview_get_order_detailsincludes\settings\class-orddd-lite-filter.php:36
actionrestrict_manage_postsincludes\settings\class-orddd-lite-filter.php:39
filterrequestincludes\settings\class-orddd-lite-filter.php:40
filterwoocommerce_shop_order_search_fieldsincludes\settings\class-orddd-lite-filter.php:41
actionwoocommerce_order_list_table_restrict_manage_ordersincludes\settings\class-orddd-lite-filter.php:42
filterwoocommerce_order_list_table_prepare_items_query_argsincludes\settings\class-orddd-lite-filter.php:43
filterwoocommerce_order_table_search_query_meta_keysincludes\settings\class-orddd-lite-filter.php:44
actionbefore_woocommerce_initorder_delivery_date.php:37
actioninitorder_delivery_date.php:86
actionadmin_initorder_delivery_date.php:87
actionadmin_initorder_delivery_date.php:88
actionadmin_initorder_delivery_date.php:89
actionadmin_menuorder_delivery_date.php:92
actionadmin_initorder_delivery_date.php:93
actionadmin_initorder_delivery_date.php:94
actionadmin_initorder_delivery_date.php:95
actionadmin_initorder_delivery_date.php:96
actionadmin_initorder_delivery_date.php:97
actionadmin_initorder_delivery_date.php:99
actionadmin_initorder_delivery_date.php:100
actionadmin_initorder_delivery_date.php:101
actionadmin_noticesorder_delivery_date.php:105
actionadmin_enqueue_scriptsorder_delivery_date.php:110
actionadmin_enqueue_scriptsorder_delivery_date.php:111
actionadmin_enqueue_scriptsorder_delivery_date.php:112
actionwp_enqueue_scriptsorder_delivery_date.php:116
actionwoocommerce_cart_collateralsorder_delivery_date.php:119
actionwoocommerce_cart_collateralsorder_delivery_date.php:120
actionwoocommerce_checkout_update_order_metaorder_delivery_date.php:123
actionwoocommerce_checkout_update_order_metaorder_delivery_date.php:125
filterwoocommerce_email_order_meta_fieldsorder_delivery_date.php:128
filterwoocommerce_email_order_meta_fieldsorder_delivery_date.php:129
filterwoocommerce_email_order_meta_keysorder_delivery_date.php:131
filterwoocommerce_email_order_meta_keysorder_delivery_date.php:132
actionwoocommerce_checkout_processorder_delivery_date.php:135
filterwoocommerce_order_details_after_order_tableorder_delivery_date.php:137
filterwoocommerce_order_details_after_order_tableorder_delivery_date.php:138
actionwoocommerce_loadedorder_delivery_date.php:139
actionmanage_woocommerce_page_wc-orders_columnsorder_delivery_date.php:147
actionmanage_woocommerce_page_wc-orders_custom_columnorder_delivery_date.php:148
actionmanage_woocommerce_page_wc-orders_sortable_columnsorder_delivery_date.php:149
filterwoocommerce_orders_table_query_clausesorder_delivery_date.php:150
filtermanage_edit-shop_order_columnsorder_delivery_date.php:152
actionmanage_shop_order_posts_custom_columnorder_delivery_date.php:153
filtermanage_edit-shop_order_sortable_columnsorder_delivery_date.php:154
filterposts_clausesorder_delivery_date.php:155
actionwoocommerce_order_status_cancelledorder_delivery_date.php:162
actionwoocommerce_order_status_refundedorder_delivery_date.php:163
actionwoocommerce_order_status_failedorder_delivery_date.php:164
actionwp_trash_postorder_delivery_date.php:165
actionwoocommerce_order_status_changedorder_delivery_date.php:167
actionuntrash_postorder_delivery_date.php:168
actionwoocommerce_cart_calculate_feesorder_delivery_date.php:170
actioninitorder_delivery_date.php:173
filterts_tracker_dataorder_delivery_date.php:177
filterts_tracker_opt_out_dataorder_delivery_date.php:178
filterts_deativate_plugin_questionsorder_delivery_date.php:179
filterplugin_row_metaorder_delivery_date.php:183
filteradmin_footer_textorder_delivery_date.php:188
actionwoocommerce_after_cart_tableorder_delivery_date.php:189
filterbakery_enqueue_scriptsorder_delivery_date.php:190
filterwp_plugin_check_checksorder_delivery_date.php:191
actionadmin_noticesorder_delivery_date.php:294
Maintenance & Trust

Order Delivery Date for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 10, 2026
PHP min version7.3
Downloads489K

Community Trust

Rating86/100
Number of ratings62
Active installs10K
Alternatives

Order Delivery Date for WooCommerce Alternatives

Delivery & Pickup Date Time for WooCommerce

Delivery & Pickup Date Time for WooCommerce

woo-delivery

A
100

Gives the facility of selecting delivery/pickup/both date/time/both at order checkout page.

5K No CVEs
Order Delivery Date And Time

Order Delivery Date And Time

order-delivery-date-and-time

A
100

Order Delivery Date And Time plugin lets customers select delivery/pickup dates and times at checkout page.

1K No CVEs
WooODT Lite – Delivery & pickup date time location for WooCommerce

WooODT Lite – Delivery & pickup date time location for WooCommerce

byconsole-woo-order-delivery-time

C
61

WooODT Lite is a WooCommerce Delivery & Pickup Date Time extension that gives the facility of selecting delivery/pickup date and time/time slot o &hellip;

500 1 unpatched
PiWeb Delivery & Pickup Date Time for WooCommerce

PiWeb Delivery & Pickup Date Time for WooCommerce

pi-woocommerce-order-date-time-and-type

A
100

WooCommerce delivery date | delivery time | pickup date | pickup time | pickup location

500 1 CVE
Pickup | Delivery | Dine-in date time

Pickup | Delivery | Dine-in date time

restaurant-pickup-delivery-dine-in

C
64

WooCommerce based restaurant ordering system for dine in, pickup and delivery. Let you customers book a table online or place an order for delivery or &hellip;

20 1 unpatched
Developer Profile

Order Delivery Date for WooCommerce Developer Profile

tychesoftwares

20 plugins · 160K total installs

73
trust score
Avg Security Score
91/100
Avg Patch Time
232 days
View full developer profile
Detection Fingerprints

How We Detect Order Delivery Date for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/order-delivery-date-for-woocommerce/assets/js/admin-order-delivery-date-lite.js/wp-content/plugins/order-delivery-date-for-woocommerce/assets/js/frontend-order-delivery-date-lite.js/wp-content/plugins/order-delivery-date-for-woocommerce/assets/css/frontend-order-delivery-date-lite.css/wp-content/plugins/order-delivery-date-for-woocommerce/assets/css/admin-order-delivery-date-lite.css/wp-content/plugins/order-delivery-date-for-woocommerce/assets/js/delivery-calendar-admin.js
Script Paths
/wp-content/plugins/order-delivery-date-for-woocommerce/assets/js/admin-order-delivery-date-lite.js/wp-content/plugins/order-delivery-date-for-woocommerce/assets/js/frontend-order-delivery-date-lite.js/wp-content/plugins/order-delivery-date-for-woocommerce/assets/js/delivery-calendar-admin.js
Version Parameters
order-delivery-date-for-woocommerce/assets/js/admin-order-delivery-date-lite.js?ver=order-delivery-date-for-woocommerce/assets/js/frontend-order-delivery-date-lite.js?ver=order-delivery-date-for-woocommerce/assets/css/frontend-order-delivery-date-lite.css?ver=order-delivery-date-for-woocommerce/assets/css/admin-order-delivery-date-lite.css?ver=order-delivery-date-for-woocommerce/assets/js/delivery-calendar-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
orddd-lite-date-field-wrapperorddd-lite-delivery-date-fieldorddd-lite-delivery-time-slot-field
Data Attributes
data-orddd-lite-order-iddata-orddd-lite-order-datedata-orddd-lite-order-time
JS Globals
orddd_lite_frontend_params
FAQ

Frequently Asked Questions about Order Delivery Date for WooCommerce