WP-Safety

Order Notification for WooCommerce – Get Audio Alert on new Orders Security & Risk Analysis

wordpress.org/plugins/woc-order-alert

Get instant audio notifications when your WooCommerce store receives new orders, helping you stay on top of sales.

1K active installs v3.6.3 PHP 7.1+ WP 5.6+ Updated Feb 24, 2026
order-alertorder-checkerorder-listenerorder-sound-notificationwoocommerce-audio-alert
98
A · Safe
CVEs total2
Unpatched0
Last CVEJan 19, 2026
Plugin page Download
Safety Verdict

Is Order Notification for WooCommerce – Get Audio Alert on new Orders Safe to Use in 2026?

Generally Safe

Score 98/100

Order Notification for WooCommerce – Get Audio Alert on new Orders has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Jan 19, 2026Updated 1mo ago
Risk Assessment

The 'woc-order-alert' plugin v3.6.3 exhibits a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all SQL queries and performing a significant number of nonce and capability checks. The absence of dangerous functions and file operations is also encouraging. However, concerns arise from the presence of an unprotected AJAX handler, representing a direct entry point without authentication, and three taint flows with unsanitized paths, suggesting potential vulnerabilities that could be exploited. While there are no currently unpatched CVEs, the plugin's history of two medium severity vulnerabilities, including SQL injection, points to a recurring pattern of authorization and sanitization issues that warrant attention. The bundled Freemius library, if outdated, could also introduce risks. Overall, the plugin has strengths in secure SQL handling but requires immediate attention to its unprotected entry points and unsanitized data flows to improve its security posture.

Key Concerns

  • AJAX handler without authentication check
  • Taint flows with unsanitized paths
  • Vulnerability history: Missing Authorization
  • Vulnerability history: SQL Injection
  • Output escaping at 73% is a concern
  • Bundled library (Freemius v1.0) could be outdated
Vulnerabilities
2

Order Notification for WooCommerce – Get Audio Alert on new Orders Security Vulnerabilities

CVEs by Year

1 CVE in 2022
2022
1 CVE in 2026
2026
Patched Has unpatched

Severity Breakdown

Medium
2

2 total CVEs

CVE-2025-68018medium · 5.3Missing Authorization

Order Listener for WooCommerce <= 3.6.1 - Missing Authorization

Jan 19, 2026 Patched in 3.6.2 (47d)
CVE-2022-0948medium · 6.5Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Order Listener for WooCommerce – Play Sounds Instantly on New Orders <= 3.2.1 - Unauthenticated SQL Injection

Apr 12, 2022 Patched in 3.2.2 (651d)
Code Analysis
Analyzed Mar 16, 2026

Order Notification for WooCommerce – Get Audio Alert on new Orders Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
6 prepared
Unescaped Output
203
561 escaped
Nonce Checks
13
Capability Checks
4
File Operations
0
External Requests
3
Bundled Libraries
1

Bundled Libraries

Freemius1.0

SQL Query Safety

100% prepared6 total queries

Output Escaping

73% escaped764 total outputs
Data Flows
3 unsanitized

Data Flow Analysis

7 flows3 with unsanitized paths
render_license_page (includes\wp-dev-kit\classes\class-license.php:383)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

Order Notification for WooCommerce – Get Audio Alert on new Orders Attack Surface

Entry Points7
Unprotected1

AJAX Handlers 6

authwp_ajax_olistenerincludes\class-hooks.php:25
authwp_ajax_wpdk_settings-get-iconsincludes\wp-dev-kit\settings\functions\actions.php:51
authwp_ajax_wpdk_settings-exportincludes\wp-dev-kit\settings\functions\actions.php:89
authwp_ajax_wpdk_settings-importincludes\wp-dev-kit\settings\functions\actions.php:126
authwp_ajax_wpdk_settings-resetincludes\wp-dev-kit\settings\functions\actions.php:154
authwp_ajax_wpdk_settings-chosenincludes\wp-dev-kit\settings\functions\actions.php:194

REST API Routes 1

POST/wp-json/wpdk/activate_licenseincludes\wp-dev-kit\classes\class-license.php:126
WordPress Hooks 61
actioninitincludes\class-hooks.php:22
actionadmin_initincludes\class-hooks.php:23
actionWPDK_Settings/section/order_listenerincludes\class-hooks.php:24
actionadmin_bar_menuincludes\class-hooks.php:26
filterwoocommerce_webhook_deliver_asyncincludes\class-hooks.php:28
filterplugin_row_metaincludes\class-hooks.php:29
actionadmin_footerincludes\class-hooks.php:32
actionwoocommerce_new_orderincludes\class-hooks.php:34
filterolistener_filters_should_notifyincludes\class-olistener-pro.php:16
actionadmin_initincludes\wp-dev-kit\classes\class-client.php:73
actioninitincludes\wp-dev-kit\classes\class-license.php:44
actionrest_api_initincludes\wp-dev-kit\classes\class-license.php:45
filtercron_schedulesincludes\wp-dev-kit\classes\class-license.php:46
actionpb_license_checkincludes\wp-dev-kit\classes\class-license.php:47
actionadmin_menuincludes\wp-dev-kit\classes\class-license.php:329
actionadmin_noticesincludes\wp-dev-kit\classes\class-license.php:330
actioninitincludes\wp-dev-kit\classes\class-notifications.php:33
actionadmin_noticesincludes\wp-dev-kit\classes\class-notifications.php:34
actionwp_enqueue_scriptsincludes\wp-dev-kit\settings\classes\abstract.class.php:23
actionadmin_menuincludes\wp-dev-kit\settings\classes\admin-options.class.php:110
actionadmin_bar_menuincludes\wp-dev-kit\settings\classes\admin-options.class.php:111
actionnetwork_admin_menuincludes\wp-dev-kit\settings\classes\admin-options.class.php:115
filteradmin_footer_textincludes\wp-dev-kit\settings\classes\admin-options.class.php:492
actionadd_meta_boxes_commentincludes\wp-dev-kit\settings\classes\comment-options.class.php:38
actionedit_commentincludes\wp-dev-kit\settings\classes\comment-options.class.php:39
actioncustomize_registerincludes\wp-dev-kit\settings\classes\customize-options.class.php:43
actioncustomize_save_afterincludes\wp-dev-kit\settings\classes\customize-options.class.php:44
actionwp_enqueue_scriptsincludes\wp-dev-kit\settings\classes\customize-options.class.php:48
actionadd_meta_boxesincludes\wp-dev-kit\settings\classes\metabox-options.class.php:50
actionsave_postincludes\wp-dev-kit\settings\classes\metabox-options.class.php:51
actionedit_attachmentincludes\wp-dev-kit\settings\classes\metabox-options.class.php:52
actionwp_nav_menu_item_custom_fieldsincludes\wp-dev-kit\settings\classes\nav-menu-options.class.php:30
actionwp_update_nav_menu_itemincludes\wp-dev-kit\settings\classes\nav-menu-options.class.php:31
filterwp_edit_nav_menu_walkerincludes\wp-dev-kit\settings\classes\nav-menu-options.class.php:33
actionadmin_initincludes\wp-dev-kit\settings\classes\profile-options.class.php:30
actionshow_user_profileincludes\wp-dev-kit\settings\classes\profile-options.class.php:42
actionedit_user_profileincludes\wp-dev-kit\settings\classes\profile-options.class.php:43
actionpersonal_options_updateincludes\wp-dev-kit\settings\classes\profile-options.class.php:45
actionedit_user_profile_updateincludes\wp-dev-kit\settings\classes\profile-options.class.php:46
actionafter_setup_themeincludes\wp-dev-kit\settings\classes\setup.class.php:73
actioninitincludes\wp-dev-kit\settings\classes\setup.class.php:74
actionswitch_themeincludes\wp-dev-kit\settings\classes\setup.class.php:75
actionadmin_enqueue_scriptsincludes\wp-dev-kit\settings\classes\setup.class.php:76
actionwp_enqueue_scriptsincludes\wp-dev-kit\settings\classes\setup.class.php:77
actionwp_headincludes\wp-dev-kit\settings\classes\setup.class.php:78
filteradmin_body_classincludes\wp-dev-kit\settings\classes\setup.class.php:79
actionadmin_footerincludes\wp-dev-kit\settings\classes\shortcode-options.class.php:47
actioncustomize_controls_print_footer_scriptsincludes\wp-dev-kit\settings\classes\shortcode-options.class.php:48
actionelementor/editor/before_enqueue_scriptsincludes\wp-dev-kit\settings\classes\shortcode-options.class.php:59
actionelementor/editor/footerincludes\wp-dev-kit\settings\classes\shortcode-options.class.php:60
actionelementor/editor/footerincludes\wp-dev-kit\settings\classes\shortcode-options.class.php:61
actionenqueue_block_editor_assetsincludes\wp-dev-kit\settings\classes\shortcode-options.class.php:309
actionmedia_buttonsincludes\wp-dev-kit\settings\classes\shortcode-options.class.php:313
actionadmin_initincludes\wp-dev-kit\settings\classes\taxonomy-options.class.php:41
actionadmin_footerincludes\wp-dev-kit\settings\fields\icon\icon.php:41
actioncustomize_controls_print_footer_scriptsincludes\wp-dev-kit\settings\fields\icon\icon.php:42
actionadmin_print_footer_scriptsincludes\wp-dev-kit\settings\fields\link\link.php:65
actionprint_default_editor_scriptsincludes\wp-dev-kit\settings\fields\wp_editor\wp_editor.php:62
actionbefore_woocommerce_initwoc-order-alert.php:53
actionafter_uninstallwoc-order-alert.php:56
actionadmin_enqueue_scriptswoc-order-alert.php:125

Scheduled Events 1

pb_license_check
Maintenance & Trust

Order Notification for WooCommerce – Get Audio Alert on new Orders Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 24, 2026
PHP min version7.1
Downloads37K

Community Trust

Rating72/100
Number of ratings12
Active installs1K
Alternatives

Order Notification for WooCommerce – Get Audio Alert on new Orders Alternatives

New Order Notification for WooCommerce

New Order Notification for WooCommerce

new-order-notification-for-woocommerce

A
100

Instant popup and sound alerts for new WooCommerce orders — never miss a sale again!

1K 1 CVE
Jetly – Notify

Jetly – Notify

jetly-notify

A
100

Deliver powerful WhatsApp order alerts, recover abandoned carts, and offer real-time chat assistance on your WooCommerce store using Jetly.

0 No CVEs
SMSConnectWoo Unify SMS Gateway Center

SMSConnectWoo Unify SMS Gateway Center

sms-connect-woo-unify-sms-gateway-center

A
100

Enhance your WooCommerce store with instant SMS alerts for order updates and engage customers with automated messages using unify.smsgateway.

0 No CVEs
SMSIdea Order Notifier for WooCommerce

SMSIdea Order Notifier for WooCommerce

smsidea-order-notifier-for-woocommerce

A
100

Send WooCommerce order notifications to customers when order status changes.

0 No CVEs
Message Alerts For WooCommerce

Message Alerts For WooCommerce

wc-update-alert

A
85

WooCommerce order alerts to both users and store owners via WhatsApp.

0 No CVEs
Developer Profile

Order Notification for WooCommerce – Get Audio Alert on new Orders Developer Profile

StackWC

4 plugins · 2K total installs

67
trust score
Avg Security Score
83/100
Avg Patch Time
338 days
View full developer profile
Detection Fingerprints

How We Detect Order Notification for WooCommerce – Get Audio Alert on new Orders

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/woc-order-alert/assets/admin/css/style.css/wp-content/plugins/woc-order-alert/assets/admin/js/scripts.js/wp-content/plugins/woc-order-alert/assets/tool-tip.min.css
Script Paths
/wp-content/plugins/woc-order-alert/assets/admin/js/scripts.js
Version Parameters
woc-order-alert/assets/admin/css/style.css?ver=woc-order-alert/assets/admin/js/scripts.js?ver=

HTML / DOM Fingerprints

Data Attributes
data-id="18996"data-slug="woc-order-alert"data-premium-slug="woc-order-alert-pro"
JS Globals
olistenerolistener_wpdk
FAQ

Frequently Asked Questions about Order Notification for WooCommerce – Get Audio Alert on new Orders