Does Order & Abandoned Cart Notifications for WooCommerce have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Order & Abandoned Cart Notifications for WooCommerce compatible with WordPress 6.9.4?

According to WordPress.org data, Order & Abandoned Cart Notifications for WooCommerce 1.0.2 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Order & Abandoned Cart Notifications for WooCommerce compatible with PHP 7.4+?

Order & Abandoned Cart Notifications for WooCommerce requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

Order & Abandoned Cart Notifications for WooCommerce Security & Risk Analysis

wordpress.org/plugins/order-notifications-for-woocommerce

Send WhatsApp notifications for WooCommerce orders, order status updates and abandoned cart recovery using the official WhatsApp Business API.

40 active installs v1.0.2 PHP 7.4+ WP 5.7+ Updated Mar 24, 2026

abandoned-cartwhatsappwhatsapp-apiwhatsapp-notificationwoocommerce-whatsapp

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Order & Abandoned Cart Notifications for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Order & Abandoned Cart Notifications for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The plugin "order-notifications-for-woocommerce" v1.0.2 exhibits a generally strong security posture based on the provided static analysis. All identified entry points, including AJAX handlers and REST API routes, appear to have proper authentication and permission checks, which is a significant positive. The code also demonstrates good practices by exclusively using prepared statements for SQL queries and properly escaping all output, mitigating common vulnerabilities like SQL injection and cross-site scripting.

However, a concern arises from the taint analysis, which identified one flow with unsanitized paths and flagged it as high severity. While no critical vulnerabilities were found, this high-severity flow indicates a potential weakness where user-supplied data might not be adequately validated or cleaned before being used in a sensitive operation, potentially leading to unintended behavior or a security bypass. The absence of any recorded vulnerabilities in its history is a positive indicator of past security diligence, but it does not negate the risks highlighted by the current taint analysis.

In conclusion, the plugin is well-implemented in many regards, particularly concerning input validation for database operations and output sanitization. The primary area of concern is the high-severity unsanitized path identified in the taint analysis, which warrants further investigation and remediation to ensure robust security. The lack of historical vulnerabilities is reassuring but should be viewed in conjunction with the current findings.

Key Concerns

High severity unsanitized path in taint analysis

Vulnerabilities

None known

Order & Abandoned Cart Notifications for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Order & Abandoned Cart Notifications for WooCommerce Release Timeline

v1.0.2Current

v1.0.1

v1.0.0

Code Analysis

Analyzed Apr 16, 2026

Order & Abandoned Cart Notifications for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

27 prepared

Unescaped Output

111 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared27 total queries

Output Escaping

100% escaped111 total outputs

Data Flows · Security

1 unsanitized

Data Flow Analysis

5 flows1 with unsanitized paths

maybe_capture_used_meta (includes/classes/class-wanowc-migration.php:242)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Order & Abandoned Cart Notifications for WooCommerce Attack Surface

Entry Points7

Unprotected0

AJAX Handlers 3

authwp_ajax_wanowc_dismiss_migration_noticeincludes/classes/class-wanowc-migration.php:47

authwp_ajax_wanowc_save_cart_abandonment_dataincludes/classes/integrations/class-wanowc-woocommerce.php:29

noprivwp_ajax_wanowc_save_cart_abandonment_dataincludes/classes/integrations/class-wanowc-woocommerce.php:30

REST API Routes 4

GET/wp-json/wanowc/v1/legacy-triggersincludes/classes/class-wanowc-connection.php:437

POST/wp-json/wanowc/v1/woocommerce/batch-sync-startincludes/classes/class-wanowc-connection.php:485

POST/wp-json/wanowc/v1/woocommerce/batch-sync-stopincludes/classes/class-wanowc-connection.php:493

POST/wp-json/wanowc/v1/woocommerce/update-configincludes/classes/class-wanowc-connection.php:501

WordPress Hooks 43

actionafter_setup_themeincludes/class-wanowc.php:60

actionafter_setup_themeincludes/class-wanowc.php:61

actionafter_setup_themeincludes/class-wanowc.php:62

actionafter_setup_themeincludes/class-wanowc.php:63

actionafter_setup_themeincludes/class-wanowc.php:64

actionafter_setup_themeincludes/class-wanowc.php:65

actionadmin_enqueue_scriptsincludes/class-wanowc.php:66

actionwp_enqueue_scriptsincludes/class-wanowc.php:67

actionafter_setup_themeincludes/class-wanowc.php:69

actionwp_loadedincludes/class-wanowc.php:71

actionwanowc_clean_old_logsincludes/class-wanowc.php:72

actionwp_loadedincludes/class-wanowc.php:73

actionadmin_menuincludes/classes/class-wanowc-backend.php:22

actionadmin_initincludes/classes/class-wanowc-backend.php:23

actionrest_api_initincludes/classes/class-wanowc-backend.php:24

filterplugin_action_links_order-notifications-for-woocommerce/order-notifications-for-woocommerce.phpincludes/classes/class-wanowc-backend.php:25

actionrest_api_initincludes/classes/class-wanowc-connection.php:32

actionwanowc_fire_triggerincludes/classes/class-wanowc-connection.php:33

actionwp_footerincludes/classes/class-wanowc-frontend.php:19

actionadmin_noticesincludes/classes/class-wanowc-migration.php:46

actioncurrent_screenincludes/classes/class-wanowc-migration.php:48

actioninitincludes/classes/class-wanowc-notification-triggers.php:21

filterwanowc_notification_triggersincludes/classes/integrations/class-wanowc-wcar.php:20

filterwanowc_notification_merge_tagsincludes/classes/integrations/class-wanowc-wcar.php:21

filterwanowc_notification_recipient_fieldsincludes/classes/integrations/class-wanowc-wcar.php:22

filterwanowc_notification_triggersincludes/classes/integrations/class-wanowc-woocommerce.php:21

filterwanowc_notification_merge_tagsincludes/classes/integrations/class-wanowc-woocommerce.php:22

filterwanowc_notification_recipient_fieldsincludes/classes/integrations/class-wanowc-woocommerce.php:23

actionwoocommerce_review_order_before_submitincludes/classes/integrations/class-wanowc-woocommerce.php:24

actionwoocommerce_checkout_update_order_metaincludes/classes/integrations/class-wanowc-woocommerce.php:25

actionwoocommerce_admin_order_data_after_billing_addressincludes/classes/integrations/class-wanowc-woocommerce.php:26

actionwoocommerce_process_shop_order_metaincludes/classes/integrations/class-wanowc-woocommerce.php:27

actionwoocommerce_cart_updatedincludes/classes/integrations/class-wanowc-woocommerce.php:31

actionwanowc_check_cart_abandonmentincludes/classes/integrations/class-wanowc-woocommerce.php:32

actionwoocommerce_new_orderincludes/classes/integrations/class-wanowc-woocommerce.php:34

actionwpincludes/classes/integrations/class-wanowc-woocommerce.php:36

actionwanowc_push_updated_schemaincludes/classes/integrations/class-wanowc-woocommerce.php:38

actionuser_registerincludes/classes/integrations/class-wanowc-woocommerce.php:40

actionprofile_updateincludes/classes/integrations/class-wanowc-woocommerce.php:41

actionwoocommerce_checkout_update_order_metaincludes/classes/integrations/class-wanowc-woocommerce.php:42

actionwanowc_wc_batch_contact_syncincludes/classes/integrations/class-wanowc-woocommerce.php:44

actionbefore_woocommerce_initorder-notifications-for-woocommerce.php:33

actionplugins_loadedorder-notifications-for-woocommerce.php:56

Maintenance & Trust

Order & Abandoned Cart Notifications for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 24, 2026

PHP min version7.4

Downloads376

Community Trust

Rating100/100

Number of ratings2

Active installs40

Alternatives

Order & Abandoned Cart Notifications for WooCommerce Alternatives

Notiqoo – Order Notification & Customer Chat for WooCommerce

wc-messaging

100

Send WooCommerce WhatsApp notifications via official WhatsApp API for instant order updates, customer chat, and abandoned cart recovery

900 No CVEs

Notifications for Forms & WordPress Actions

notifier

Send WhatsApp notifications for form submissions from CF7, Gravity Forms, WPForms and more and WordPress actions using WhatsApp Business API

1K 3 CVEs

Abandoned Checkout Recovery & Order Notifications for WooCommerce

abandoned-checkout-recovery-order-notifications-for-woocommerce

100

Send WhatsApp notifications for recovering abandoned carts, double confirming CoD orders and for other order & shipment updates! Also, send out yo …

800 No CVEs

Spoki – Chat Buttons and WooCommerce Notifications

spoki

WhatsApp full integration for your website! Recover Abandoned Carts, send Order Notifications and add WhatsApp Buttons.

700 1 unpatched

SendApp Notification – Notifications on Orders and abandoned carts for WooCommerce.

sendapp-notification

100

WhatsApp full integration for your website! Recover Abandoned Carts, Send Order, Post, Product Notifications and add WhatsApp Buttons.

90 No CVEs

Developer Profile

Order & Abandoned Cart Notifications for WooCommerce Developer Profile

WANotifier

2 plugins · 1K total installs

trust score

Avg Security Score

98/100

Avg Patch Time

127 days

View full developer profile

Detection Fingerprints

How We Detect Order & Abandoned Cart Notifications for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/order-notifications-for-woocommerce/assets/js/admin.js/wp-content/plugins/order-notifications-for-woocommerce/assets/css/admin.css

Script Paths

/wp-content/plugins/order-notifications-for-woocommerce/assets/js/admin.js

Version Parameters

order-notifications-for-woocommerce/assets/js/admin.js?ver=1.0.2order-notifications-for-woocommerce/assets/css/admin.css?ver=1.0.2

HTML / DOM Fingerprints

JS Globals

wanowc_migration

FAQ