WP-Safety

Ordered Product Identifier Security & Risk Analysis

wordpress.org/plugins/ordered-product-identifier

Grow your customer's trust on delivered product by uniquely identify ordered products.

20 active installs v1.0.6 PHP + WP 3.8+ Updated Jun 29, 2021
ordered-productordered-product-identifierwoocommercewoocommerce-ordered-productwoocommerec-plugin
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Ordered Product Identifier Safe to Use in 2026?

Generally Safe

Score 85/100

Ordered Product Identifier has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago
Risk Assessment

The "ordered-product-identifier" v1.0.6 plugin exhibits a mixed security posture. While it demonstrates good practices by avoiding dangerous functions, raw SQL queries, file operations, and external HTTP requests, significant concerns arise from its attack surface and output handling. The presence of an unprotected AJAX handler, representing the entirety of its exposed entry points, is a critical oversight. Additionally, a substantial portion of its output (62%) is not properly escaped, creating a potential for cross-site scripting (XSS) vulnerabilities. The plugin's clean vulnerability history is a positive indicator, suggesting a lack of publicly known exploits. However, this does not negate the risks identified within the current version's code. The confluence of an unprotected AJAX endpoint and inadequately escaped output points towards a moderate to high risk, demanding immediate attention to secure the AJAX handler and improve output sanitization.

Key Concerns

  • Unprotected AJAX handler
  • Low percentage of properly escaped output
Vulnerabilities
None known

Ordered Product Identifier Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Ordered Product Identifier Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
15
9 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

38% escaped24 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths
ced_opi_content (ordered-product-identifier.php:247)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

Ordered Product Identifier Attack Surface

Entry Points1
Unprotected1

AJAX Handlers 1

authwp_ajax_ced_opi_send_mailordered-product-identifier.php:91
WordPress Hooks 15
actionplugins_loadedordered-product-identifier.php:49
filterplugin_row_metaordered-product-identifier.php:80
actionadmin_initordered-product-identifier.php:81
actionwoocommerce_admin_order_item_headersordered-product-identifier.php:83
actionwoocommerce_admin_order_item_valuesordered-product-identifier.php:84
actionwoocommerce_process_shop_order_metaordered-product-identifier.php:85
actionwoocommerce_order_item_meta_startordered-product-identifier.php:86
actionadmin_menuordered-product-identifier.php:87
actionwpo_wcpdf_before_item_metaordered-product-identifier.php:88
actionwcdn_order_item_beforeordered-product-identifier.php:89
actionadmin_enqueue_scriptsordered-product-identifier.php:90
actionadmin_initordered-product-identifier.php:409
actionadmin_noticesordered-product-identifier.php:420
actionadmin_initordered-product-identifier.php:442
actionadmin_noticesordered-product-identifier.php:454
Maintenance & Trust

Ordered Product Identifier Maintenance & Trust

Maintenance Signals

WordPress version tested5.6.17
Last updatedJun 29, 2021
PHP min version
Downloads3K

Community Trust

Rating80/100
Number of ratings1
Active installs20
Alternatives

Ordered Product Identifier Alternatives

Orders Pro

Orders Pro

orders-pro

A
100

Professionally Customize admin-side orders page and enjoy it.

10 No CVEs
Essential Addons for Elementor – Popular Elementor Templates & Widgets

Essential Addons for Elementor – Popular Elementor Templates & Widgets

essential-addons-for-elementor-lite

B
76

Elementor addon offering 110+ widgets and templates — Elementor Gallery, Slider, Form, Post Grid, Menu, Accordion, WooCommerce & more.

2.0M 56 CVEs
Google for WooCommerce

Google for WooCommerce

google-listings-and-ads

A
99

Native integration with Google that allows merchants to easily display their products across Google’s network.

900K 1 CVE
WooPayments: Integrated WooCommerce Payments

WooPayments: Integrated WooCommerce Payments

woocommerce-payments

A
97

Securely accept credit and debit cards on your WooCommerce store. Manage payments without leaving your WordPress dashboard. Only with WooPayments.

900K 6 CVEs
WooCommerce PayPal Payments

WooCommerce PayPal Payments

woocommerce-paypal-payments

A
100

PayPal's latest payment processing solution. Accept PayPal, Pay Later, credit/debit cards, alternative digital wallets and bank accounts.

800K 1 CVE
Developer Profile

Ordered Product Identifier Developer Profile

cedcommerce

21 plugins · 5K total installs

67
trust score
Avg Security Score
83/100
Avg Patch Time
204 days
View full developer profile
Detection Fingerprints

How We Detect Ordered Product Identifier

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/ordered-product-identifier/assets/css/ordered-product-style.css/wp-content/plugins/ordered-product-identifier/assets/js/opi.js
Script Paths
/wp-content/plugins/ordered-product-identifier/assets/js/opi.js

HTML / DOM Fingerprints

JS Globals
ajax_url
FAQ

Frequently Asked Questions about Ordered Product Identifier