WP-Safety

SendApp Notification – Notifications on Orders and abandoned carts for WooCommerce. Security & Risk Analysis

wordpress.org/plugins/sendapp-notification

WhatsApp full integration for your website! Recover Abandoned Carts, Send Order, Post, Product Notifications and add WhatsApp Buttons.

90 active installs v1.4.1 PHP 7.4+ WP 5.9+ Updated Jul 2, 2025
abandoned-cartssendappwhatsappwhatsapp-notificationwoocommerce-notification
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is SendApp Notification – Notifications on Orders and abandoned carts for WooCommerce. Safe to Use in 2026?

Generally Safe

Score 100/100

SendApp Notification – Notifications on Orders and abandoned carts for WooCommerce. has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9mo ago
Risk Assessment

The 'sendapp-notification' plugin version 1.4.1 exhibits a concerning security posture primarily due to a significant number of unprotected entry points. All six identified AJAX handlers lack authentication checks, presenting a broad attack surface. While the taint analysis did not reveal critical or high severity vulnerabilities, the presence of two flows with unsanitized paths warrants attention, even if they did not escalate to critical issues in this analysis.

The plugin's code signals indicate some good practices, such as a high percentage of properly escaped outputs and the use of prepared statements in SQL queries. However, the single instance of the `unserialize` function is a notable risk, as it can lead to remote code execution if not handled with extreme care and strict input validation. The limited vulnerability history, with zero recorded CVEs, suggests a past track record of security, but this should not overshadow the immediate risks identified in the static analysis.

In conclusion, the plugin has areas of strength, particularly in output escaping and database query protection. Nevertheless, the lack of authentication on AJAX endpoints and the presence of `unserialize` are significant weaknesses that expose the site to potential attacks. The limited vulnerability history is a positive sign, but the current static analysis findings necessitate a cautious approach.

Key Concerns

  • AJAX handlers without auth checks
  • Use of unserialize() function
  • Flows with unsanitized paths
  • SQL queries without prepared statements
  • Bundled outdated Select2 library
  • Nonce check missing on AJAX handlers
Vulnerabilities
None known

SendApp Notification – Notifications on Orders and abandoned carts for WooCommerce. Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

SendApp Notification – Notifications on Orders and abandoned carts for WooCommerce. Code Analysis

Dangerous Functions
1
Raw SQL Queries
2
1 prepared
Unescaped Output
7
198 escaped
Nonce Checks
1
Capability Checks
0
File Operations
4
External Requests
3
Bundled Libraries
1

Dangerous Functions Found

unserialize$product_array = @unserialize($cart->cart_contents);san-main.php:822

Bundled Libraries

Select23.4.8

SQL Query Safety

33% prepared3 total queries

Output Escaping

97% escaped205 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

4 flows2 with unsanitized paths
san_admin_menu (san-main.php:108)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
6 unprotected

SendApp Notification – Notifications on Orders and abandoned carts for WooCommerce. Attack Surface

Entry Points6
Unprotected6

AJAX Handlers 6

authwp_ajax_get_base_urlsan-main.php:22
noprivwp_ajax_get_base_urlsan-main.php:23
authwp_ajax_yc_share_postssan-main.php:86
authwp_ajax_yc_share_productssan-main.php:87
authwp_ajax_yc_send_customer_msgsan-main.php:88
authwp_ajax_yc_get_wccustsan-main.php:89
WordPress Hooks 37
actioninitsan-main.php:21
actionadmin_initsan-main.php:31
actionadmin_initsan-main.php:32
filtermanage_edit-shop_order_columnssan-main.php:33
actionmanage_shop_order_posts_custom_columnsan-main.php:34
actionadmin_menusan-main.php:35
actionadmin_noticessan-main.php:36
actionwoocommerce_order_status_pendingsan-main.php:38
actionwoocommerce_order_status_failedsan-main.php:39
actionwoocommerce_order_status_on-holdsan-main.php:40
actionwoocommerce_order_status_completedsan-main.php:41
actionwoocommerce_order_status_processingsan-main.php:42
actionwoocommerce_order_status_refundedsan-main.php:43
actionwoocommerce_order_status_cancelledsan-main.php:44
actionwoocommerce_thankyousan-main.php:45
actionwoocommerce_new_customer_notesan-main.php:46
actionwoocommerce_before_checkout_formsan-main.php:47
actionfollowup_cron_hooksan-main.php:48
actionfollowup_cron_hook_2san-main.php:49
actionfollowup_cron_hook_3san-main.php:50
actionaftersales_cron_hooksan-main.php:51
actionabandoned_cron_hooksan-main.php:52
filtercron_schedulessan-main.php:53
actionadmin_bar_menusan-main.php:71
filtersan_editor_panelssan-main.php:73
actionsan_after_savesan-main.php:74
actionsan_before_send_mailsan-main.php:75
actionwp_enqueue_scriptssan-main.php:77
actionedd_purchase_form_user_info_fieldssan-main.php:79
actionedd_checkout_error_checkssan-main.php:80
filteredd_payment_metasan-main.php:81
actionedd_payment_personal_details_listsan-main.php:82
actionedd_payment_receipt_beforesan-main.php:83
actionedd_complete_purchasesan-main.php:84
actionedd_before_checkout_cartsan-main.php:85
actionadmin_enqueue_scriptssan-main.php:157
actionelementor_pro/initsan-main.php:1327

Scheduled Events 5

followup_cron_hook
followup_cron_hook_2
followup_cron_hook_3
aftersales_cron_hook
abandoned_cron_hook
Maintenance & Trust

SendApp Notification – Notifications on Orders and abandoned carts for WooCommerce. Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedJul 2, 2025
PHP min version7.4
Downloads4K

Community Trust

Rating0/100
Number of ratings0
Active installs90
Alternatives

SendApp Notification – Notifications on Orders and abandoned carts for WooCommerce. Alternatives

Spoki – Chat Buttons and WooCommerce Notifications

Spoki – Chat Buttons and WooCommerce Notifications

spoki

B
77

WhatsApp full integration for your website! Recover Abandoned Carts, send Order Notifications and add WhatsApp Buttons.

800 1 unpatched
Wollow

Wollow

wollow

A
100

Wollow is a powerful plugin that helps you to connect your woocommerce with whatsapp.

10 No CVEs
SMSIdea Order Notifier for WooCommerce

SMSIdea Order Notifier for WooCommerce

smsidea-order-notifier-for-woocommerce

A
100

Send WooCommerce order notifications to customers when order status changes.

0 No CVEs
Send Notifications from Woocommerce, Form Plugins and More!

Send Notifications from Woocommerce, Form Plugins and More!

notifier

C
54

WhatsApp API integration to send WhatsApp notifications from Woocommerce, Contact Form 7, Gravity Forms, WPForms & more.

1K 2 unpatched
Notiqoo – Order Notification & Customer Chat for WooCommerce

Notiqoo – Order Notification & Customer Chat for WooCommerce

wc-messaging

A
100

Send WooCommerce WhatsApp notifications via official WhatsApp API for instant order updates, customer chat, and abandoned cart recovery

800 No CVEs
Developer Profile

SendApp Notification – Notifications on Orders and abandoned carts for WooCommerce. Developer Profile

SendApp

1 plugin · 90 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect SendApp Notification – Notifications on Orders and abandoned carts for WooCommerce.

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/sendapp-notification/assets/css/san-admin-style.css/wp-content/plugins/sendapp-notification/assets/css/emojionearea.min.css/wp-content/plugins/sendapp-notification/assets/css/intlTelInput.css/wp-content/plugins/sendapp-notification/assets/css/san-admin-share.css/wp-content/plugins/sendapp-notification/assets/js/intlTelInput.js/wp-content/plugins/sendapp-notification/assets/js/emojionearea.min.js/wp-content/plugins/sendapp-notification/assets/js/jquery.modal.min.js/wp-content/plugins/sendapp-notification/assets/js/san-admin-js.js
Script Paths
/wp-content/plugins/sendapp-notification/assets/js/san-admin-js.js
Version Parameters
sendapp-notification/assets/css/san-admin-style.css?ver=sendapp-notification/assets/js/san-admin-js.js?ver=

HTML / DOM Fingerprints

CSS Classes
san_admin_pagesan_menu_logo
Data Attributes
data-san-id
JS Globals
san_objsendApp
REST Endpoints
/wp-json/sendapp/v1/get_product_search/wp-json/sendapp/v1/get_category_search/wp-json/sendapp/v1/save_message_template/wp-json/sendapp/v1/get_message_template/wp-json/sendapp/v1/delete_message_template/wp-json/sendapp/v1/save_settings/wp-json/sendapp/v1/get_settings/wp-json/sendapp/v1/get_all_wc_customers
FAQ

Frequently Asked Questions about SendApp Notification – Notifications on Orders and abandoned carts for WooCommerce.