WP-Safety

Split Backorder for Woocommerce Security & Risk Analysis

wordpress.org/plugins/split-back-order

"Split Backorders plugin automatically creates a separate order with status “Backorders” for the products that are not in stock(products on backo …

0 active installs v1.0.8 PHP 7.4+ WP 6.0+ Updated Unknown
ordersplitsplit-backorderwoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Split Backorder for Woocommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Split Backorder for Woocommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs
Risk Assessment

The split-back-order v1.0.8 plugin exhibits a generally strong security posture due to a lack of direct attack surface vectors and a high percentage of properly escaped output. The absence of known vulnerabilities in its history is also a positive indicator. However, the presence of the `unserialize` function, a known dangerous function, is a significant concern. While no critical or high severity taint flows were identified, the single flow with an unsanitized path indicates a potential for issues if not handled with extreme care. The complete lack of nonce and capability checks across all entry points, combined with the use of `unserialize`, creates a latent risk. If a future version introduces an attack vector, the lack of these fundamental security controls could allow for widespread exploitation.

Key Concerns

  • Dangerous function: unserialize
  • No nonce checks
  • No capability checks
  • Flows with unsanitized paths
  • Output escaping not 100%
Vulnerabilities
None known

Split Backorder for Woocommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Split Backorder for Woocommerce Code Analysis

Dangerous Functions
4
Raw SQL Queries
0
0 prepared
Unescaped Output
29
101 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Dangerous Functions Found

unserialize$posts_array = unserialize(get_post_meta($order_id, 'order_ids', true));include\mail.php:29
unserialize$posts_array = unserialize(get_post_meta($order_id, 'order_ids', true));include\mail.php:90
unserialize$posts_array = unserialize(get_post_meta($order_id, 'order_ids', true));include\splitbackorder-backorder.php:269
unserialize$posts_array = unserialize(get_post_meta($order_id, 'order_ids', true));include\splitbackorder.php:285

Output Escaping

78% escaped130 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

1 flows1 with unsanitized paths
<setting> (include\setting.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Split Backorder for Woocommerce Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 14
actionwoocommerce_checkout_order_processedinclude\splitbackorder-backorder.php:22
filterwoocommerce_thankyou_order_received_textinclude\splitbackorder-backorder.php:23
filterwoocommerce_locate_templateinclude\splitbackorder-backorder.php:24
actionwoocommerce_checkout_order_processedinclude\splitbackorder.php:22
filterwoocommerce_thankyou_order_received_textinclude\splitbackorder.php:23
filterwoocommerce_locate_templateinclude\splitbackorder.php:24
actionadmin_menusplit_back-order.php:83
actionwoocommerce_emailsplit_back-order.php:86
actionwoocommerce_checkout_order_processedsplit_back-order.php:120
filterwoocommerce_endpoint_order-received_titlesplit_back-order.php:122
actionadmin_menusplit_back-order.php:137
actionadmin_enqueue_scriptssplit_back-order.php:149
filtermanage_edit-shop_order_columnssplit_back-order.php:152
actionmanage_shop_order_posts_custom_columnsplit_back-order.php:159
Maintenance & Trust

Split Backorder for Woocommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedUnknown
PHP min version7.4
Downloads2K

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Split Backorder for Woocommerce Alternatives

Multi Order for WooCommerce

Multi Order for WooCommerce

multi-order-for-woocommerce

A
85

Split your orders into suborders.

80 No CVEs
Split Order by category for Woocommerce

Split Order by category for Woocommerce

split-order-by-category

A
92

"Split order by Category for Woocommerce" allows splitting an order into separate orders based on category.

10 No CVEs
split order by different thermospheric transport 溫層拆單

split order by different thermospheric transport 溫層拆單

cmeboss-wc-multilingual-shipping-split-orders

A
92

在結帳時高效拆分冷凍和常溫商品,使用清晰標籤、自動和手動拆單選項、透明配送費用和智能推薦系統,以提升物流和顧客體驗。

0 No CVEs
Split order by weight for WooCommerce

Split order by weight for WooCommerce

split-order-by-weight-for-woocommerce

A
100

“Split order by weight” plugin can split an order automatically into multiple orders based on the weight of the items in the cart.

0 No CVEs
Splitter Orders For Woocommerce

Splitter Orders For Woocommerce

splitter-orders-for-woocommerce

A
85

"Splitter Orders For Woocommerce" plugin, splits an order into separate orders based on the different conditions set by the admin.

0 No CVEs
Developer Profile

Split Backorder for Woocommerce Developer Profile

SunCart

13 plugins · 510 total installs

91
trust score
Avg Security Score
96/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Split Backorder for Woocommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/split-back-order/assets/css/custom_style.css/wp-content/plugins/split-back-order/assets/js/custom.js
Script Paths
/wp-content/plugins/split-back-order/assets/js/custom.js
Version Parameters
split-back-order/assets/css/custom_style.css?ver=split-back-order/assets/js/custom.js?ver=

HTML / DOM Fingerprints

JS Globals
split_back_order
FAQ

Frequently Asked Questions about Split Backorder for Woocommerce