Ni WooCommerce Order Export Security & Risk Analysis
wordpress.org/plugins/ni-woocommerce-order-exportNi WooCommerce Order Export plugin provides the functionality to export the sales order information into CSV or excel format.
Is Ni WooCommerce Order Export Safe to Use in 2026?
High Risk
Score 41/100Ni WooCommerce Order Export carries significant security risk with 2 known CVEs, 2 still unpatched. Consider switching to a maintained alternative.
The ni-woocommerce-order-export plugin version 3.1.6 exhibits a concerning security posture despite some positive indicators. While the plugin utilizes prepared statements for all SQL queries and avoids file operations and external HTTP requests, significant weaknesses are present. The presence of an unprotected AJAX handler represents a direct entry point for attackers, and the lack of nonce and capability checks on this handler amplifies the risk. Furthermore, a substantial portion of output is not properly escaped, indicating a high likelihood of Cross-Site Scripting (XSS) vulnerabilities. The plugin's vulnerability history reveals a known medium severity vulnerability, specifically an XSS issue, with a recent discovery in December 2024, and crucially, this vulnerability remains unpatched. This pattern of unpatched vulnerabilities, coupled with the identified code weaknesses, suggests a plugin that may not be actively maintained or tested for security flaws, posing a significant risk to WordPress sites that utilize it.
Key Concerns
- Unpatched CVE exists
- Unprotected AJAX handler
- Lack of nonce checks on AJAX
- Lack of capability checks
- Low percentage of properly escaped output
- Flows with unsanitized paths
Ni WooCommerce Order Export Security Vulnerabilities
CVEs by Year
Severity Breakdown
2 total CVEs
Ni WooCommerce Order Export <= 3.1.6 - Cross-Site Request Forgery to Settings Update via ni_order_export_action AJAX Action
Ni WooCommerce Order Export <= 3.1.6 - Reflected Cross-Site Scripting
Ni WooCommerce Order Export Release Timeline
Ni WooCommerce Order Export Code Analysis
SQL Query Safety
Output Escaping
Data Flow Analysis
Ni WooCommerce Order Export Attack Surface
AJAX Handlers 1
WordPress Hooks 5
Maintenance & Trust
Ni WooCommerce Order Export Maintenance & Trust
Maintenance Signals
Community Trust
Ni WooCommerce Order Export Alternatives
WP All Export – Product Export Add-On for WooCommerce
product-export-for-woocommerce
Drag & drop to export products to CSV, Excel, or XML files of any format. Supports variations, images, attributes, brands, and more with powerful …
Export All Posts, Products, Orders, Refunds & Users
wp-ultimate-exporter
Export any WordPress website including WooCommerce data seamlessly with our powerful export plugin. Save records as CSV, XML, or Excel file for secure …
Migrate Import Export WooCommerce Store with Excel
store-migration-products-orders-import-export-with-excel
Import Orders Export Orders WooCommerce Products Subscriptions with Excel WordPress Plugin is a Store Migration solution to Migrate from/to WooCommerc …
Dropshipping Product Export for WooCommerce
dropshipping-product-export-for-woocommerce
Effortlessly export your WooCommerce products to CSV or XML — perfect for dropshipping partners.
SV WooCommerce Order Export
sv-woocommerce-order-export
Exports WooCommerce Order Data
Ni WooCommerce Order Export Developer Profile
26 plugins · 5K total installs
How We Detect Ni WooCommerce Order Export
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/ni-woocommerce-order-export/assets/css/ni-sales-report-summary.css/wp-content/plugins/ni-woocommerce-order-export/assets/css/font-awesome.css/wp-content/plugins/ni-woocommerce-order-export/assets/js/amcharts/amcharts.js/wp-content/plugins/ni-woocommerce-order-export/assets/js/amcharts/amcharts.jsHTML / DOM Fingerprints
nioe-order-listni-order-exportni-order-billing-addressni-order-shipping-addressni-order-settingsni-addonsdata-pageni_order_export_action