WP-Safety

Product of the Day for WooCommerce Security & Risk Analysis

wordpress.org/plugins/product-of-the-day-for-woocommerce

Promote products from your shop to your customers on each day of the week

100 active installs v3.6.2.2 PHP 7.0+ WP 5.0+ Updated Mar 12, 2026
product-of-the-daypromotionshowcasetop-productsup-sale
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Product of the Day for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Product of the Day for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 22d ago
Risk Assessment

The "product-of-the-day-for-woocommerce" plugin v3.6.2.2 presents a generally good security posture, with no recorded vulnerabilities and a strong adherence to security best practices in critical areas. All identified entry points, including AJAX handlers and REST API routes, appear to have proper authentication and permission checks. The plugin also exclusively uses prepared statements for its SQL queries, which significantly mitigates SQL injection risks. Furthermore, it implements a sufficient number of nonce and capability checks across its functionality. However, the presence of the `unserialize` function, even if not immediately flagged by taint analysis, is a potential concern. If user-controlled data is ever passed to `unserialize` without strict validation, it could lead to object injection vulnerabilities. Additionally, the output escaping rate of 35% is relatively low, indicating a potential risk of cross-site scripting (XSS) vulnerabilities if output data is not properly sanitized before being displayed to users. The absence of known vulnerabilities is a positive indicator, but the identified code signals warrant careful attention.

Key Concerns

  • Usage of unserialize function
  • Low output escaping rate
Vulnerabilities
None known

Product of the Day for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Product of the Day for WooCommerce Code Analysis

Dangerous Functions
1
Raw SQL Queries
0
0 prepared
Unescaped Output
198
108 escaped
Nonce Checks
14
Capability Checks
24
File Operations
4
External Requests
5
Bundled Libraries
0

Dangerous Functions Found

unserialize$error_log = unserialize(preg_replace('/R:\d+/', 's:18:"RECURSION DETECTED"', serialize(self::$errorberocket\includes\updater.php:128

Output Escaping

35% escaped306 total outputs
Data Flows
All sanitized

Data Flow Analysis

8 flows
<framework> (berocket\framework.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Product of the Day for WooCommerce Attack Surface

Entry Points14
Unprotected0

AJAX Handlers 13

authwp_ajax_brfr_get_export_settingsberocket\includes\admin\import_export.php:5
authwp_ajax_brfr_set_import_settingsberocket\includes\admin\import_export.php:6
authwp_ajax_brfr_get_import_backupsberocket\includes\admin\import_export.php:7
authwp_ajax_brfr_restore_import_backupsberocket\includes\admin\import_export.php:8
authwp_ajax_berocket_admin_close_noticeberocket\includes\admin_notices.php:1199
authwp_ajax_berocket_subscribe_emailberocket\includes\admin_notices.php:1200
authwp_ajax_berocket_rate_stars_closeberocket\includes\admin_notices.php:1208
authwp_ajax_berocket_feature_request_sendberocket\includes\admin_notices.php:1209
authwp_ajax_berocket_error_notices_getberocket\includes\error_notices.php:5
authwp_ajax_berocket_information_close_noticeberocket\includes\information_notices.php:198
authwp_ajax_br_test_keyberocket\includes\updater.php:46
authwp_ajax_br_test_keysberocket\includes\updater.php:47
authwp_ajax_brpof_product_of_daydivi\includes\ProductOfDayExtension.php:13

Shortcodes 1

[br_products_of_day] main.php:78
WordPress Hooks 92
filterplugins_listberocket\framework.php:84
filterBeRocket_updater_add_pluginberocket\framework.php:105
filterberocket_admin_notices_rate_stars_pluginsberocket\framework.php:106
actioninitberocket\framework.php:107
actioninitberocket\framework.php:110
actionwp_headberocket\framework.php:111
actionwp_footerberocket\framework.php:112
actionadmin_initberocket\framework.php:113
actionadmin_menuberocket\framework.php:114
actionadmin_enqueue_scriptsberocket\framework.php:115
actionberocket_enqueue_mediaberocket\framework.php:116
filterplugin_row_metaberocket\framework.php:122
filteris_berocket_settings_pageberocket\framework.php:123
actionplugins_loadedberocket\framework.php:128
actionsanitize_comment_cookiesberocket\framework.php:129
actioninstall_plugins_pre_plugin-informationberocket\framework.php:130
filterberocket_admin_notices_subscribe_pluginsberocket\framework.php:132
filterBeRocket_admin_init_user_capabilitiesberocket\framework.php:135
filterberocket_sanitize_array_predefineberocket\framework.php:136
filterberocket_sanitize_array_ksesberocket\framework.php:137
filterberocket_sanitize_array_ksesberocket\framework.php:140
actionbefore_woocommerce_initberocket\framework.php:150
filterloop_shop_per_pageberocket\framework.php:391
actionupgrader_process_completeberocket\framework.php:499
actionadmin_footerberocket\framework.php:1158
actionwp_footerberocket\framework.php:1159
actionadmin_initberocket\framework.php:1273
actionadmin_bar_menuberocket\includes\admin\admin_bar.php:8
actionwp_footerberocket\includes\admin\admin_bar.php:9
filterberocket_admin_bar_plugins_databerocket\includes\admin\admin_bar.php:149
actionBeRocket_framework_updater_account_form_afterberocket\includes\admin\import_export.php:4
filterberocket_admin_notice_is_display_noticeberocket\includes\admin_notices.php:75
filterberocket_admin_notice_is_display_notice_priorityberocket\includes\admin_notices.php:76
actionadmin_noticesberocket\includes\admin_notices.php:1198
actionadmin_noticesberocket\includes\admin_notices.php:1207
actionberocket_rate_plugin_windowberocket\includes\admin_notices.php:1210
actionberocket_related_plugins_windowberocket\includes\admin_notices.php:1211
actionberocket_above_admin_settingsberocket\includes\admin_notices.php:1212
actionberocket_feature_request_windowberocket\includes\admin_notices.php:1213
actionadmin_footerberocket\includes\admin_notices.php:1285
actionadmin_footerberocket\includes\admin_notices.php:1493
actionadmin_footerberocket\includes\admin_notices.php:1922
actionadmin_footerberocket\includes\admin_notices.php:2079
actioninitberocket\includes\custom_post\enable_disable.php:9
actionadmin_initberocket\includes\custom_post\enable_disable.php:10
actionpost_action_enableberocket\includes\custom_post\enable_disable.php:13
actionpost_action_disableberocket\includes\custom_post\enable_disable.php:14
filterpost_classberocket\includes\custom_post\enable_disable.php:16
filterpre_get_postsberocket\includes\custom_post\enable_disable.php:18
actionpre_get_postsberocket\includes\custom_post\sortable.php:22
actionin_admin_footerberocket\includes\custom_post\sortable.php:117
actioninitberocket\includes\custom_post.php:58
filterinitberocket\includes\custom_post.php:59
filteradmin_initberocket\includes\custom_post.php:60
filterwp_insert_post_databerocket\includes\custom_post.php:61
filterBeRocket_admin_init_user_capabilitiesberocket\includes\custom_post.php:71
actionadd_meta_boxesberocket\includes\custom_post.php:128
actionsave_postberocket\includes\custom_post.php:129
filterpost_row_actionsberocket\includes\custom_post.php:130
filterlist_table_primary_columnberocket\includes\custom_post.php:131
actionadmin_enqueue_scriptsberocket\includes\custom_post.php:133
filteris_berocket_settings_pageberocket\includes\custom_post.php:135
actionadmin_footerberocket\includes\custom_post.php:162
actionadmin_noticesberocket\includes\information_notices.php:197
actionadmin_initberocket\includes\updater.php:18
filterwoocommerce_addons_sectionsberocket\includes\updater.php:27
filteris_berocket_settings_pageberocket\includes\updater.php:28
actionadmin_footerberocket\includes\updater.php:30
actionadmin_headberocket\includes\updater.php:39
actionadmin_menuberocket\includes\updater.php:40
actionadmin_menuberocket\includes\updater.php:41
actionnetwork_admin_menuberocket\includes\updater.php:42
actionadmin_initberocket\includes\updater.php:43
filterpre_set_site_transient_update_pluginsberocket\includes\updater.php:44
filterplugins_api_resultberocket\includes\updater.php:45
filterhttp_request_host_is_externalberocket\includes\updater.php:48
actionadmin_footerberocket\includes\updater.php:51
actionwp_footerberocket\includes\updater.php:52
filterberocket_display_additional_noticesberocket\includes\updater.php:92
filtercustom_menu_orderberocket\includes\updater.php:98
filterberocket_admin_notice_is_display_noticeberocket\includes\updater.php:102
filterberocket_admin_notice_is_display_notice_priorityberocket\includes\updater.php:103
filterplugins_api_resultberocket\includes\updater.php:109
actioninitberocket\includes\updater.php:1413
actionadmin_enqueue_scriptsberocket\sale\sale.php:4
filterBeRocket_updater_menu_order_custom_postincludes\custom_post_type.php:318
filterBeRocket_get_product_of_day_arrayincludes\custom_post_type.php:319
actionwidgets_initmain.php:77
filterthe_contentmain.php:81
filterthe_contentmain.php:84
actionget_footermain.php:87
actiondivi_extensions_initmain.php:90
Maintenance & Trust

Product of the Day for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 12, 2026
PHP min version7.0
Downloads14K

Community Trust

Rating60/100
Number of ratings2
Active installs100
Alternatives

Product of the Day for WooCommerce Alternatives

Testimonial – Testimonial Slider and Showcase Plugin

Testimonial – Testimonial Slider and Showcase Plugin

testimonial-slider-and-showcase

A
99

Display customer testimonials beautifully with responsive slider and grid layouts. Build trust and boost conversions with this WordPress testimonial p &hellip;

30K 2 CVEs
Themify Portfolio Post

Themify Portfolio Post

themify-portfolio-post

A
95

Add a simple Portfolio post type to your site.

30K 6 CVEs
WP Logo Showcase Responsive Slider and Carousel

WP Logo Showcase Responsive Slider and Carousel

wp-logo-showcase-responsive-slider-slider

A
100

WP Logo Showcase Responsive Slider and Carousel allows you to display logos of clients, sponsors, brands, or partners in a professional and responsive &hellip;

30K No CVEs
Logo Carousel – Responsive Logo Slider, Logo Showcase, and Clients Logo Gallery

Logo Carousel – Responsive Logo Slider, Logo Showcase, and Clients Logo Gallery

logo-carousel-free

A
99

Add, display, and manage clients, partners, sponsors, and brand logos with multiple slideshows on your site. Customizable – No coding required!

20K 2 CVEs
Team – Team Members Showcase Plugin

Team – Team Members Showcase Plugin

tlp-team

A
90

WordPress team plugin to showcase team members with grid, slider, and filterable layouts. Fully compatible with Elementor & Gutenberg.

10K 5 CVEs
Developer Profile

Product of the Day for WooCommerce Developer Profile

BeRocket

22 plugins · 139K total installs

78
trust score
Avg Security Score
99/100
Avg Patch Time
381 days
View full developer profile
Detection Fingerprints

How We Detect Product of the Day for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/product-of-the-day-for-woocommerce/css/style.css/wp-content/plugins/product-of-the-day-for-woocommerce/js/script.js/wp-content/plugins/product-of-the-day-for-woocommerce/admin/css/style.css/wp-content/plugins/product-of-the-day-for-woocommerce/admin/js/script.js
Version Parameters
product-of-the-day-for-woocommerce/css/style.css?ver=product-of-the-day-for-woocommerce/js/script.js?ver=product-of-the-day-for-woocommerce/admin/css/style.css?ver=product-of-the-day-for-woocommerce/admin/js/script.js?ver=

HTML / DOM Fingerprints

CSS Classes
br-product-of-the-day-widgetbr-products-of-the-day-wrapbr-product-of-the-day-item
HTML Comments
<!-- BE ROCKET PRODUCT OF THE DAY START --><!-- BE ROCKET PRODUCT OF THE DAY END -->
Data Attributes
data-product-of-the-day-iddata-product-of-the-day-name
JS Globals
BeRocket_products_of_day
Shortcode Output
[product_of_the_day]
FAQ

Frequently Asked Questions about Product of the Day for WooCommerce