WP-Safety

OrderStock by TulipWork Security & Risk Analysis

wordpress.org/plugins/orderstock

Easy stock and order management for merchants, restaurants and organizations.

0 active installs v1.9 PHP 7.0+ WP 5.0+ Updated Oct 31, 2025
inventoryorder-managementrestaurantstocksupplier
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is OrderStock by TulipWork Safe to Use in 2026?

Generally Safe

Score 100/100

OrderStock by TulipWork has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5mo ago
Risk Assessment

The orderstock plugin version 1.9 exhibits a generally good security posture, with strong adherence to best practices in several key areas. The absence of any recorded vulnerabilities, including critical or high severity ones, across its history is a significant positive indicator. Furthermore, the plugin demonstrates robust security controls with a high percentage of properly escaped outputs, a substantial number of nonce and capability checks, and well-implemented prepared statements for most SQL queries. The limited attack surface and lack of external HTTP requests also contribute to its security.

Key Concerns

  • Flows with unsanitized paths
  • File operations present
  • Bundled libraries (dompdf) present
Vulnerabilities
None known

OrderStock by TulipWork Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

OrderStock by TulipWork Code Analysis

Dangerous Functions
0
Raw SQL Queries
5
11 prepared
Unescaped Output
19
390 escaped
Nonce Checks
18
Capability Checks
32
File Operations
4
External Requests
0
Bundled Libraries
1

Bundled Libraries

dompdf

SQL Query Safety

69% prepared16 total queries

Output Escaping

95% escaped409 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

9 flows1 with unsanitized paths
tulipwork_orderstock_supplier_assignment_warning (includes\admin-settings.php:897)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

OrderStock by TulipWork Attack Surface

Entry Points2
Unprotected0

AJAX Handlers 2

authwp_ajax_tulipwork_orderstock_download_pdforderstock.php:1177
noprivwp_ajax_tulipwork_orderstock_download_pdforderstock.php:1178
WordPress Hooks 47
actionsave_post_tulipwork_supplierincludes\admin-settings.php:391
actionsave_post_tulipwork_productincludes\admin-settings.php:654
actionadd_meta_boxesincludes\admin-settings.php:725
actionadd_meta_boxesincludes\admin-settings.php:745
actionsave_post_tulipwork_productincludes\admin-settings.php:819
actionadd_meta_boxesincludes\admin-settings.php:849
actionadmin_noticesincludes\admin-settings.php:896
actionsave_post_tulipwork_supplierincludes\admin-settings.php:912
actiontulipwork_orderstock_initorderstock.php:33
actionplugins_loadedorderstock.php:38
actionadmin_noticesorderstock.php:80
actionadmin_menuorderstock.php:183
actionadmin_initorderstock.php:186
actionadmin_enqueue_scriptsorderstock.php:205
actioninitorderstock.php:228
filterpost_row_actionsorderstock.php:344
actionadmin_initorderstock.php:352
actionadmin_noticesorderstock.php:392
filtermanage_tulipwork_product_posts_columnsorderstock.php:399
actionmanage_tulipwork_product_posts_custom_columnorderstock.php:425
filtermanage_edit-tulipwork_product_sortable_columnsorderstock.php:464
actionpre_get_postsorderstock.php:470
actionpre_get_postsorderstock.php:482
actionsave_post_tulipwork_productorderstock.php:525
actionadmin_noticesorderstock.php:617
actionadmin_initorderstock.php:636
filterpost_row_actionsorderstock.php:641
filteradmin_urlorderstock.php:653
actionadmin_initorderstock.php:662
actionadmin_menuorderstock.php:687
filteruser_has_caporderstock.php:699
filterparent_fileorderstock.php:740
filtersubmenu_fileorderstock.php:759
actionadmin_headorderstock.php:795
actionbulk_edit_custom_boxorderstock.php:822
actionbulk_edit_postsorderstock.php:932
actionquick_edit_custom_boxorderstock.php:977
actionadmin_enqueue_scriptsorderstock.php:1083
filterplugin_row_metaorderstock.php:1096
actiontulipwork_orderstock_initorderstock.php:1175
actiontulipwork_orderstock_cleanup_temp_filesorderstock.php:1210
actiontemplate_redirectorderstock.php:1237
actiontulipwork_orderstock_cleanup_temp_filesorderstock.php:1273
actioncreated_tulipwork_prod_catorderstock.php:1293
actionedited_tulipwork_prod_catorderstock.php:1294
actionrestrict_manage_postsorderstock.php:1302
actiontulipwork_orderstock_initorderstock.php:1328

Scheduled Events 1

tulipwork_orderstock_cleanup_temp_files
Maintenance & Trust

OrderStock by TulipWork Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedOct 31, 2025
PHP min version7.0
Downloads799

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

OrderStock by TulipWork Alternatives

ATUM WooCommerce Inventory Management and Stock Tracking

ATUM WooCommerce Inventory Management and Stock Tracking

atum-stock-manager-for-woocommerce

A
100

WooCommerce Full Inventory Management, Purchase Orders, Suppliers, Inbound Stock, Inventory Logs, WooCommerce Sales Statistics, and More.

10K No CVEs
Stock Manager for WooCommerce

Stock Manager for WooCommerce

woocommerce-stock-manager

A
92

WooCommerce stock management plugin to manage and edit product stock and their variables from a single dashboard. Stock log, import/export, filters!

20K 4 CVEs
Smart Manager – Advanced WooCommerce Bulk Edit & Inventory Management

Smart Manager – Advanced WooCommerce Bulk Edit & Inventory Management

smart-manager-for-wp-e-commerce

A
94

WooCommerce Advanced Bulk Edit products, orders, & posts in an Excel-like sheet editor. Get advanced WooCommerce stock, pricing, & order management.

10K 4 CVEs
Notifima – WooCommerce Stock Manager, Inventory Management, Waitlist

Notifima – WooCommerce Stock Manager, Inventory Management, Waitlist

woocommerce-product-stock-alert

A
99

WooCommerce back in stock notifier and stock manager plugin. Manage inventory, enable waitlists, and send stock notifications automatically.

3K 2 CVEs
FlexStock – Stock Sync with Google Sheets for WooCommerce

FlexStock – Stock Sync with Google Sheets for WooCommerce

stock-sync-with-google-sheet-for-woocommerce

A
99

WooCommerce inventory and stock management plugin with real-time Google Sheets sync. Track, manage, and bulk edit products instantly.

800 1 CVE
Developer Profile

OrderStock by TulipWork Developer Profile

Ziyad Bachalany

4 plugins · 1K total installs

79
trust score
Avg Security Score
100/100
Avg Patch Time
829 days
View full developer profile
Detection Fingerprints

How We Detect OrderStock by TulipWork

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/orderstock/css/bootstrap.min.css/wp-content/plugins/orderstock/css/select2.min.css/wp-content/plugins/orderstock/css/orderstock.css/wp-content/plugins/orderstock/js/bootstrap.bundle.min.js/wp-content/plugins/orderstock/js/select2.full.min.js/wp-content/plugins/orderstock/js/orderstock.js
Script Paths
/wp-content/plugins/orderstock/js/bootstrap.bundle.min.js/wp-content/plugins/orderstock/js/select2.full.min.js/wp-content/plugins/orderstock/js/orderstock.js
Version Parameters
orderstock/css/bootstrap.min.css?ver=orderstock/css/select2.min.css?ver=orderstock/css/orderstock.css?ver=orderstock/js/bootstrap.bundle.min.js?ver=orderstock/js/select2.full.min.js?ver=orderstock/js/orderstock.js?ver=

HTML / DOM Fingerprints

CSS Classes
tulipwork-orderstock-settingstw-os-inputtw-os-labeltw-os-btntw-os-tabletw-os-stock-managementtw-os-order-form
HTML Comments
<!-- OrderStock Dashboard Page --><!-- Stock Management Page --><!-- Order Form Page --><!-- Settings Page -->
Data Attributes
data-plugin-name="OrderStock"data-plugin-version="1.9"data-plugin-author="TulipWork"
JS Globals
window.OrderStockData
FAQ

Frequently Asked Questions about OrderStock by TulipWork