WP-Safety

WC Search Orders By Product Security & Risk Analysis

wordpress.org/plugins/wc-search-orders-by-product

A simple plugin that helps you search your WooCommerce orders by product.

800 active installs v3.2 PHP + WP 4.8+ Updated Feb 12, 2026
wc-search-orders-by-productwoocommerce-search-orders-by-productwoocommerce-search-orders-by-product-categorywoocommerce-search-orders-by-product-namewoocommerce-search-orders-by-product-type
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is WC Search Orders By Product Safe to Use in 2026?

Generally Safe

Score 100/100

WC Search Orders By Product has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago
Risk Assessment

The plugin "wc-search-orders-by-product" v3.2 exhibits a mixed security posture. On the positive side, it has no recorded vulnerabilities (CVEs) and avoids dangerous functions and file operations. The majority of its SQL queries use prepared statements and most output is properly escaped, indicating an effort towards secure coding practices. However, there are notable concerns. The plugin exposes one unprotected AJAX handler, representing a significant attack vector that could be exploited without proper authentication. While the number of taint flows with unsanitized paths is low and no critical or high severity issues were found, the presence of two such flows warrants attention. The plugin also lacks capability checks on its entry points, further increasing the risk associated with the unprotected AJAX handler.

Key Concerns

  • Unprotected AJAX handler
  • Flows with unsanitized paths (2)
  • SQL queries without prepared statements (3)
  • Output not properly escaped (14%)
  • No capability checks on entry points
Vulnerabilities
None known

WC Search Orders By Product Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

WC Search Orders By Product Release Timeline

v3.2Current
v3.1
v3.0
v2.0
v1.9
v1.8
v1.7
v1.6
v1.5
v1.4
v1.3
v1.2
v1.1
v1.0
Code Analysis
Analyzed Mar 16, 2026

WC Search Orders By Product Code Analysis

Dangerous Functions
0
Raw SQL Queries
3
6 prepared
Unescaped Output
18
68 escaped
Nonce Checks
2
Capability Checks
0
File Operations
0
External Requests
2
Bundled Libraries
0

SQL Query Safety

67% prepared9 total queries

Output Escaping

79% escaped86 total outputs
Data Flows · Security
2 unsanitized

Data Flow Analysis

4 flows2 with unsanitized paths
display_products_search_dropdown (includes\admin\class-wc-search-orders-by-product-admin.php:70)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

WC Search Orders By Product Attack Surface

Entry Points2
Unprotected1

AJAX Handlers 2

authwp_ajax_save_sobp_plugin_dataincludes\admin\class-wc-search-orders-by-product-admin-ajax.php:28
authwp_ajax_wpheka_sobp_submit_deactivationincludes\admin\class-wc-search-orders-by-product-deactivation-popup.php:41
WordPress Hooks 10
actionrestrict_manage_postsincludes\admin\class-wc-search-orders-by-product-admin.php:31
filterrequestincludes\admin\class-wc-search-orders-by-product-admin.php:32
actionwoocommerce_order_list_table_restrict_manage_ordersincludes\admin\class-wc-search-orders-by-product-admin.php:35
filterwoocommerce_hpos_pre_queryincludes\admin\class-wc-search-orders-by-product-admin.php:36
actionadmin_footerincludes\admin\class-wc-search-orders-by-product-deactivation-popup.php:40
actionadmin_initincludes\admin\settings\class-wc-search-orders-by-product-admin-settings.php:27
actionadmin_menuincludes\admin\settings\class-wc-search-orders-by-product-admin-settings.php:28
actionadmin_enqueue_scriptsincludes\admin\settings\class-wc-search-orders-by-product-admin-settings.php:29
actioninitincludes\class-wc-search-orders-by-product.php:119
actionbefore_woocommerce_initwc-search-orders-by-product.php:63
Maintenance & Trust

WC Search Orders By Product Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 12, 2026
PHP min version
Downloads18K

Community Trust

Rating86/100
Number of ratings3
Active installs800
Alternatives

WC Search Orders By Product Alternatives

No alternatives data available yet.

Developer Profile

WC Search Orders By Product Developer Profile

akshayaswaroop

5 plugins · 2K total installs

79
trust score
Avg Security Score
100/100
Avg Patch Time
932 days
View full developer profile
Detection Fingerprints

How We Detect WC Search Orders By Product

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wc-search-orders-by-product/assets/admin/css/admin.css/wp-content/plugins/wc-search-orders-by-product/assets/admin/css/common.css/wp-content/plugins/wc-search-orders-by-product/assets/admin/js/plugin-loader.js
Script Paths
/wp-content/plugins/wc-search-orders-by-product/assets/admin/js/plugin-loader.js
Version Parameters
wc-search-orders-by-productsobp_admin_csssobp_common_csssobp_plugin_loader_js

HTML / DOM Fingerprints

CSS Classes
wpheka-page-barwpheka-page-wrapperwpheka-sidebarwpheka-main-contentwpheka-boxwpheka-box-title-barwpheka-box-content
Data Attributes
id="search_orders_by_product_type"id="search_orders_by_product_category"
JS Globals
WC_Search_Orders_By_Productwc_search_orders_by_product
REST Endpoints
/wp-json/
FAQ

Frequently Asked Questions about WC Search Orders By Product