Does OrderBadger have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is OrderBadger compatible with WordPress 6.9.4?

According to WordPress.org data, OrderBadger 1.1.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is OrderBadger compatible with PHP 7.4+?

OrderBadger requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is OrderBadger updated?

OrderBadger was last updated on Apr 1, 2026. Frequent updates are generally a positive security signal.

What is OrderBadger's security score?

OrderBadger has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

OrderBadger Security — No Known CVEs

Safety Verdict

Is OrderBadger Safe to Use in 2026?

Generally Safe

Score 100/100

OrderBadger has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The orderbadger plugin, version 1.1.0, exhibits a mixed security posture. On the positive side, it demonstrates strong adherence to secure coding practices by utilizing prepared statements for all SQL queries and properly escaping the vast majority of its output. There are no recorded vulnerabilities or CVEs, indicating a history of good security. However, significant concerns arise from the static analysis. The plugin exposes one unprotected REST API route, which represents a direct entry point for potential attackers without any authentication or authorization checks. Furthermore, the taint analysis reveals a high number of flows with unsanitized paths, with 7 categorized as high severity. This suggests that data processed by the plugin could be manipulated by attackers to execute malicious actions or expose sensitive information, despite the general use of prepared statements for direct SQL interaction.

Key Concerns

Unprotected REST API route
7 High severity unsanitized flows

Vulnerabilities

None known

OrderBadger Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

OrderBadger Release Timeline

v1.1.0Current

Code Analysis

Analyzed Apr 16, 2026

OrderBadger Code Analysis

Dangerous Functions

0

Raw SQL Queries

0

66 prepared

Unescaped Output

14

915 escaped

Nonce Checks

1

Capability Checks

3

File Operations

0

External Requests

4

Bundled Libraries

0

SQL Query Safety

100% prepared66 total queries

Output Escaping

98% escaped929 total outputs

Data Flows · Security

12 unsanitized

Data Flow Analysis

12 flows12 with unsanitized paths

render_settings_page (includes/class-orderbadger-admin-controller.php:455)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

OrderBadger Attack Surface

Entry Points1

Unprotected1

REST API Routes 1

GET/wp-json/orderbadger/v1/verify-installincludes/class-orderbadger-integration.php:276

WordPress Hooks 29

filterorderbadger_is_remote_areaincludes/class-orderbadger-automation-filters.php:29

filterorderbadger_is_business_hoursincludes/class-orderbadger-automation-filters.php:30

filterorderbadger_is_peak_seasonincludes/class-orderbadger-automation-filters.php:31

actionadmin_headincludes/class-orderbadger-badge-renderer.php:67

filterwoocommerce_shop_order_list_table_columnsincludes/class-orderbadger-badge-renderer.php:70

actionwoocommerce_shop_order_list_table_custom_columnincludes/class-orderbadger-badge-renderer.php:71

filtermanage_edit-shop_order_columnsincludes/class-orderbadger-badge-renderer.php:74

actionmanage_shop_order_posts_custom_columnincludes/class-orderbadger-badge-renderer.php:75

filterwoocommerce_admin_order_actionsincludes/class-orderbadger-badge-renderer.php:78

actionadd_meta_boxesincludes/class-orderbadger-badge-renderer.php:81

actionrestrict_manage_postsincludes/class-orderbadger-badge-renderer.php:84

actionwoocommerce_order_list_table_restrict_manage_ordersincludes/class-orderbadger-badge-renderer.php:85

filterpre_get_postsincludes/class-orderbadger-badge-renderer.php:86

filterwoocommerce_order_list_table_prepare_items_query_argsincludes/class-orderbadger-badge-renderer.php:87

filtercron_schedulesincludes/class-orderbadger-cron-manager.php:48

actionorderbadger_send_digestincludes/class-orderbadger-digest-service.php:43

actioninitincludes/class-orderbadger-integration.php:184

actionadmin_initincludes/class-orderbadger-integration.php:185

actionrest_api_initincludes/class-orderbadger-integration.php:192

actionrest_api_initincludes/class-orderbadger-integration.php:193

actionadmin_enqueue_scriptsincludes/class-orderbadger-integration.php:194

actionorderbadger_cleanup_stale_draftsincludes/class-orderbadger-integration.php:205

filterwoocommerce_order_actionsincludes/class-orderbadger-integration.php:212

actionwoocommerce_order_status_changedincludes/class-orderbadger-order-service.php:60

actionadmin_noticesorderbadger.php:78

actionadmin_menuorderbadger.php:85

actionadmin_noticesorderbadger.php:87

actionbefore_woocommerce_initorderbadger.php:180

actionplugins_loadedorderbadger.php:196

Scheduled Events 1

orderbadger_cleanup_stale_drafts

Maintenance & Trust

OrderBadger Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedApr 1, 2026

PHP min version7.4

Downloads95

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

OrderBadger Alternatives

PureDevs Customer History for WooCommerce

puredevs-customer-history-for-woocommerce

A

100

Track your WooCommerce customers' order history, spending, and behaviour from a clean admin dashboard.

20 No CVEs

Repeat Customer for WooCommerce

repeat-customer-for-woocommerce

A

100

See customer order history, lifetime value, and purchase patterns directly on the WooCommerce order edit screen.

0 No CVEs

Smart Manager – Advanced WooCommerce Bulk Edit & Inventory Management

smart-manager-for-wp-e-commerce

A

94

WooCommerce Advanced Bulk Edit products, orders, & posts in an Excel-like sheet editor. Get advanced WooCommerce stock, pricing, & order management.

10K 4 CVEs

FraudLabs Pro for WooCommerce

fraudlabs-pro-for-woocommerce

A

98

Fraud prevention plugin for WooCommerce to minimize payment fraud and avoid chargebacks. With the FraudLabs Pro Micro Plan, you can get 500 free fraud …

1K 2 CVEs

Veeqo for WooCommerce

veeqo-for-woocommerce

A

85

Veeqo integrates with your WooCommerce stock with other online marketplaces and allows you to print shipping labels in one click.

700 No CVEs

Developer Profile

OrderBadger Developer Profile

smartfact

2 plugins · 0 total installs

94

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect OrderBadger

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/orderbadger/assets/css/ob-admin-main.css/wp-content/plugins/orderbadger/assets/css/ob-backend.css/wp-content/plugins/orderbadger/assets/css/ob-frontend.css/wp-content/plugins/orderbadger/assets/js/ob-admin-main.js/wp-content/plugins/orderbadger/assets/js/ob-admin-settings.js/wp-content/plugins/orderbadger/assets/js/ob-backend.js/wp-content/plugins/orderbadger/assets/js/ob-frontend.js/wp-content/plugins/orderbadger/assets/js/ob-utils.js

Script Paths

/wp-content/plugins/orderbadger/assets/js/ob-admin-main.js/wp-content/plugins/orderbadger/assets/js/ob-admin-settings.js/wp-content/plugins/orderbadger/assets/js/ob-backend.js/wp-content/plugins/orderbadger/assets/js/ob-frontend.js/wp-content/plugins/orderbadger/assets/js/ob-utils.js

Version Parameters

orderbadger/assets/css/ob-admin-main.css?ver=orderbadger/assets/css/ob-backend.css?ver=orderbadger/assets/css/ob-frontend.css?ver=orderbadger/assets/js/ob-admin-main.js?ver=orderbadger/assets/js/ob-admin-settings.js?ver=orderbadger/assets/js/ob-backend.js?ver=orderbadger/assets/js/ob-frontend.js?ver=orderbadger/assets/js/ob-utils.js?ver=

HTML / DOM Fingerprints

CSS Classes

ob-allowob-badge-editor-canvas

Data Attributes

data-ob-disable-auto-apply-on-savedata-ob-new-badge-preview-modedata-ob-is-badge-editor-newdata-ob-hide-color-pickerdata-ob-hide-font-family-pickerdata-ob-hide-font-size-picker+9 more

JS Globals

OrderBadger_Admin

FAQ

OrderBadger Security & Risk Analysis