RestroFood Lite – Online Food Ordering and Restaurant Management Plugin For WooCommerce Security & Risk Analysis

wordpress.org/plugins/restrofood-lite

Short Description: Complete online food ordering system for restaurants built with WooCommerce.

100 active installs v1.1.4 PHP 7.4+ WP 6.5+ Updated Jan 31, 2026

food-deliveryfood-orderingonline-orderingrestaurant-menuwoocommerce-food

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is RestroFood Lite – Online Food Ordering and Restaurant Management Plugin For WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

RestroFood Lite – Online Food Ordering and Restaurant Management Plugin For WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago

Risk Assessment

The restrofood-lite plugin v1.1.4 exhibits a concerning security posture primarily due to a large number of unprotected AJAX handlers. While the plugin demonstrates good practices in other areas, such as using prepared statements for all SQL queries and a high percentage of properly escaped output, the unprotected entry points are a significant risk. The absence of specific vulnerability history or known CVEs might suggest a lack of past exploitation or discovery, but it should not be interpreted as a guarantee of current security. The taint analysis did reveal unsanitized paths, which, although not classified as critical or high severity, still warrants attention as it indicates potential avenues for malicious data processing. The presence of bundled libraries like DataTables also introduces a dependency that could become a vector if the library itself has known vulnerabilities. The plugin's strengths lie in its secure database interactions and output handling, but these are overshadowed by the readily accessible attack surface without proper authentication.

Key Concerns

AJAX handlers without auth checks
Flows with unsanitized paths
Bundled library (DataTables)

Vulnerabilities

None known

RestroFood Lite – Online Food Ordering and Restaurant Management Plugin For WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

RestroFood Lite – Online Food Ordering and Restaurant Management Plugin For WooCommerce Release Timeline

v1.1.4Current

v1.1.3

v1.1.2

v1.1.1

Code Analysis

Analyzed Mar 16, 2026

RestroFood Lite – Online Food Ordering and Restaurant Management Plugin For WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

3 prepared

Unescaped Output

133

651 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

DataTables

SQL Query Safety

100% prepared3 total queries

Output Escaping

83% escaped784 total outputs

Data Flows · Security

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

getProductById (inc\class-products.php:241)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

30 unprotected

RestroFood Lite – Online Food Ordering and Restaurant Management Plugin For WooCommerce Attack Surface

Entry Points32

Unprotected30

AJAX Handlers 30

authwp_ajax_woo_search_productinc\class-components-ajax.php:17

noprivwp_ajax_woo_search_productinc\class-components-ajax.php:18

authwp_ajax_update_order_review_actioninc\class-components-ajax.php:20

noprivwp_ajax_update_order_review_actioninc\class-components-ajax.php:21

authwp_ajax_order_time_lists_actioninc\class-components-ajax.php:23

noprivwp_ajax_order_time_lists_actioninc\class-components-ajax.php:24

authwp_ajax_woo_update_fixed_cart_subtotalinc\class-components-ajax.php:26

noprivwp_ajax_woo_update_fixed_cart_subtotalinc\class-components-ajax.php:27

authwp_ajax_woo_products_viewinc\class-products.php:18

noprivwp_ajax_woo_products_viewinc\class-products.php:19

authwp_ajax_woo_product_byidinc\class-products.php:21

noprivwp_ajax_woo_product_byidinc\class-products.php:22

authwp_ajax_woo_product_reviews_byidinc\class-products.php:24

noprivwp_ajax_woo_product_reviews_byidinc\class-products.php:25

authwp_ajax_woo_rb_ajax_add_to_cartinc\class-products.php:27

noprivwp_ajax_woo_rb_ajax_add_to_cartinc\class-products.php:28

authwp_ajax_woo_cart_itemsinc\class-products.php:30

noprivwp_ajax_woo_cart_itemsinc\class-products.php:31

authwp_ajax_woo_cart_item_removeinc\class-products.php:33

noprivwp_ajax_woo_cart_item_removeinc\class-products.php:34

authwp_ajax_woo_add_discountinc\class-products.php:36

noprivwp_ajax_woo_add_discountinc\class-products.php:37

authwp_ajax_woo_set_shipping_methodsinc\class-products.php:39

noprivwp_ajax_woo_set_shipping_methodsinc\class-products.php:40

authwp_ajax_woo_get_variation_datainc\class-products.php:42

noprivwp_ajax_woo_get_variation_datainc\class-products.php:43

authwp_ajax_woo_get_cart_countinc\class-products.php:45

noprivwp_ajax_woo_get_cart_countinc\class-products.php:46

authwp_ajax_woo_mini_cart_qty_updateinc\class-products.php:48

noprivwp_ajax_woo_mini_cart_qty_updateinc\class-products.php:49

Shortcodes 2

[restrofoodlite_products] inc\class-hooks.php:18

[restrofoodlite_flash_products] inc\class-hooks.php:21

WordPress Hooks 53

actionadmin_enqueue_scriptsadmin\admin.php:24

actionadmin_menuadmin\inc\class-admin-menu.php:26

actionadmin_initadmin\inc\class-admin-menu.php:27

actionswitch_themeappsero\src\Insights.php:140

actionswitch_themeappsero\src\Insights.php:141

actionadmin_footerappsero\src\Insights.php:158

actionadmin_noticesappsero\src\Insights.php:175

actionadmin_initappsero\src\Insights.php:178

filtercron_schedulesappsero\src\Insights.php:184

actionadmin_menuappsero\src\License.php:219

actionafter_switch_themeappsero\src\License.php:781

actionswitch_themeappsero\src\License.php:782

actionadmin_noticesinc\Admin_Notices.php:20

filtertemplate_includeinc\class-hooks.php:24

actioninitinc\class-hooks.php:27

actionwp_footerinc\class-hooks.php:30

actionwp_footerinc\class-hooks.php:33

actionadd_meta_boxesinc\class-order-metabox.php:19

actionsave_postinc\class-order-metabox.php:21

actioninitinc\class-order-metabox.php:87

actionwoocommerce_checkout_create_order_line_iteminc\class-woo-hooks.php:20

actionwoocommerce_admin_order_data_after_shipping_addressinc\class-woo-hooks.php:23

actionwoocommerce_checkout_update_order_metainc\class-woo-hooks.php:26

filterwoocommerce_locate_templateinc\class-woo-hooks.php:29

filterwoocommerce_order_data_store_cpt_get_orders_queryinc\class-woo-hooks.php:32

filterwoocommerce_product_data_store_cpt_get_products_queryinc\class-woo-hooks.php:35

actionwoocommerce_before_calculate_totalsinc\class-woo-hooks.php:38

actionwoocommerce_order_status_processinginc\class-woo-hooks.php:41

actionwoocommerce_order_status_completedinc\class-woo-hooks.php:42

actionwoocommerce_order_status_on-holdinc\class-woo-hooks.php:43

actionwoocommerce_cancelled_orderinc\class-woo-hooks.php:46

actionwoocommerce_order_status_failedinc\class-woo-hooks.php:49

actionwoocommerce_cart_calculate_feesinc\class-woo-hooks.php:52

actionwoocommerce_checkout_update_order_reviewinc\class-woo-hooks.php:55

filterwc_order_statusesinc\class-woo-hooks.php:58

actioninitinc\class-woo-hooks.php:61

filterwoocommerce_add_to_cart_validationinc\class-woo-hooks.php:64

filtermanage_edit-product_columnsinc\class-woo-hooks.php:67

actionmanage_product_posts_custom_columninc\class-woo-hooks.php:70

filterwoocommerce_package_ratesinc\class-woo-hooks.php:73

actionwoocommerce_after_checkout_validationinc\class-woo-hooks.php:76

actionwoocommerce_checkout_processinc\class-woo-hooks.php:79

actionwoocommerce_before_cartinc\class-woo-hooks.php:82

filterwoocommerce_cancel_unpaid_orderinc\class-woo-hooks.php:85

filterwoocommerce_add_to_cart_fragmentsinc\class-woo-hooks.php:87

actionwoocommerce_widget_shopping_cart_totalinc\class-woo-hooks.php:90

actionrestrofoodlite_delivery_typesinc\custom-hooks.php:17

actionwp_enqueue_scriptsinc\enqueue.php:8

actioninitrestrofood-lite.php:67

actionplugins_loadedrestrofood-lite.php:70

actionadmin_noticesrestrofood-lite.php:96

actionelementor/elements/categories_registeredwidgets\Elementor_Init.php:21

actionelementor/widgets/registerwidgets\Elementor_Init.php:22

Maintenance & Trust

RestroFood Lite – Online Food Ordering and Restaurant Management Plugin For WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 31, 2026

PHP min version7.4

Downloads5K

Community Trust

Rating0/100

Number of ratings0

Active installs100

Alternatives

RestroFood Lite – Online Food Ordering and Restaurant Management Plugin For WooCommerce Alternatives

FoodBook Lite – Online Food Ordering System

foodbook-light-online-food-ordering-system

100

Short Description: WooCommerce-based food ordering and restaurant delivery management plugin.

400 No CVEs

FoodOrd – Online Food Ordering Ecosystem

foodord

100

Food ordering ecosystem with delivery, pickup, toppings, and optional desktop, waiter and kds app.

10 No CVEs

Orderable – WordPress Restaurant Online Ordering System and Food Ordering Plugin

orderable

Take your restaurant/food business online with the online ordering system plugin for WordPress, Orderable.

6K 1 unpatched

Food Menu – Restaurant Menu & Online Ordering for WooCommerce

tlp-food-menu

A Simple Food & Restaurant Menu Display Plugin for Restaurant, Cafes, Fast Food, Coffee House with WooCommerce Online Ordering.

3K 1 CVE

Food Store – Online Food Delivery & Pickup

food-store

Food Store is complete online food ordering platform with all your favourite WooCommerce functionalities.

1K 1 unpatched

Developer Profile

RestroFood Lite – Online Food Ordering and Restaurant Management Plugin For WooCommerce Developer Profile

themelooks

12 plugins · 2K total installs

trust score

Avg Security Score

96/100

Avg Patch Time

20 days

View full developer profile

Detection Fingerprints

How We Detect RestroFood Lite – Online Food Ordering and Restaurant Management Plugin For WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/restrofood-lite/assets/css/frontend.css/wp-content/plugins/restrofood-lite/assets/css/customizer.css/wp-content/plugins/restrofood-lite/assets/js/frontend.js/wp-content/plugins/restrofood-lite/admin/assets/css/backend.css/wp-content/plugins/restrofood-lite/admin/assets/js/backend.js

Script Paths

/wp-content/plugins/restrofood-lite/assets/js/frontend.js/wp-content/plugins/restrofood-lite/admin/assets/js/backend.js

Version Parameters

/wp-content/plugins/restrofood-lite/assets/css/frontend.css?ver=/wp-content/plugins/restrofood-lite/assets/css/customizer.css?ver=/wp-content/plugins/restrofood-lite/assets/js/frontend.js?ver=/wp-content/plugins/restrofood-lite/admin/assets/css/backend.css?ver=/wp-content/plugins/restrofood-lite/admin/assets/js/backend.js?ver=

HTML / DOM Fingerprints

CSS Classes

restrofoodlite-menu-arearestrofoodlite-single-product-contentrestrofoodlite-menu-wrapper

Data Attributes

data-product-id

JS Globals

restrofoodlite_frontend_objrestrofoodlite_admin_obj

Shortcode Output

[restrofoodlite_menu]

FAQ