WP-Safety

Ni WooCommerce Product Vendor Security & Risk Analysis

wordpress.org/plugins/ni-woocommerce-product-vendor

Provide the option to create the product vendor and show the product vendor sales report

0 active installs v1.1.1 PHP 7.0+ WP 4.7+ Updated Feb 19, 2023
product-reportproduct-vendorstock-reportwoocommerce
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Ni WooCommerce Product Vendor Safe to Use in 2026?

Generally Safe

Score 85/100

Ni WooCommerce Product Vendor has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago
Risk Assessment

The "ni-woocommerce-product-vendor" plugin version 1.1.1 exhibits a mixed security posture. On the positive side, it utilizes prepared statements for all SQL queries and has no file operations or external HTTP requests, which are good security practices. The absence of known historical vulnerabilities also suggests a generally stable codebase in that regard. However, significant concerns arise from the static analysis. The plugin has a notable attack surface consisting of one AJAX handler that completely lacks authentication checks, posing a direct risk of unauthorized actions. Furthermore, a concerning 93% of its output is not properly escaped, leaving it vulnerable to cross-site scripting (XSS) attacks. The taint analysis, while limited, did identify two flows with unsanitized paths, which, combined with the lack of nonce checks and capability checks, amplifies the risk of these flows being exploited.

Key Concerns

  • AJAX handler without authentication
  • High percentage of unescaped output
  • Taint analysis found unsanitized paths
  • Missing nonce checks
  • Missing capability checks
Vulnerabilities
None known

Ni WooCommerce Product Vendor Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Ni WooCommerce Product Vendor Release Timeline

No version history available.
Code Analysis
Analyzed Mar 17, 2026

Ni WooCommerce Product Vendor Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
21 prepared
Unescaped Output
71
5 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared21 total queries

Output Escaping

7% escaped76 total outputs
Data Flows · Security
2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths
get_ajax (includes\niwoopv-setting.php:38)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

Ni WooCommerce Product Vendor Attack Surface

Entry Points1
Unprotected1

AJAX Handlers 1

authwp_ajax_niwoopv_ajaxincludes\niwoopv-core.php:9
WordPress Hooks 6
actionadmin_menuincludes\niwoopv-core.php:7
actionadmin_enqueue_scriptsincludes\niwoopv-core.php:8
actionadmin_initincludes\niwoopv-core.php:10
actionwoocommerce_checkout_create_order_line_itemincludes\niwoopv-order-hook.php:6
actionadd_meta_boxesincludes\niwoopv-product-hook.php:7
actionsave_postincludes\niwoopv-product-hook.php:8
Maintenance & Trust

Ni WooCommerce Product Vendor Maintenance & Trust

Maintenance Signals

WordPress version tested6.1.10
Last updatedFeb 19, 2023
PHP min version7.0
Downloads1K

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Ni WooCommerce Product Vendor Alternatives

WCFM – Frontend Manager for WooCommerce

WCFM – Frontend Manager for WooCommerce

wc-frontend-manager

A
88

Professional frontend dashboard for WooCommerce and multivendor marketplaces. Supports WCFM Marketplace, Dokan, WC Vendors, WC Product Vendors.

20K 10 CVEs
WCFM Marketplace – Multivendor Marketplace for WooCommerce

WCFM Marketplace – Multivendor Marketplace for WooCommerce

wc-multivendor-marketplace

D
37

The most featured and powerful multi vendor plugin for WordPress, setup fantastic woocommerce marketplace store in minutes.

10K 2 unpatched
WC Vendors – WooCommerce Multivendor, WooCommerce Marketplace, Product Vendors

WC Vendors – WooCommerce Multivendor, WooCommerce Marketplace, Product Vendors

wc-vendors

A
93

The original WooCommerce multi-vendor plugin. Easily create a WooCommerce marketplace with multi-seller, product vendor stores & vendor commissions.

4K 4 CVEs
REPORTiT – Advanced Reporting for WooCommerce

REPORTiT – Advanced Reporting for WooCommerce

ithemelandco-woo-report

A
98

Stop guessing. Grow your sales with powerful, easy-to-understand reports and analytics for WooCommerce.

800 2 CVEs
Ni WooCommerce Sales Report

Ni WooCommerce Sales Report

ni-woocommerce-sales-report

A
100

Ni WooCommerce Sales Report Plugin - Generate Comprehensive Sales Reports for Your WooCommerce Store.

600 1 CVE
Developer Profile

Ni WooCommerce Product Vendor Developer Profile

Anzar Ahmed

26 plugins · 5K total installs

69
trust score
Avg Security Score
86/100
Avg Patch Time
228 days
View full developer profile
Detection Fingerprints

How We Detect Ni WooCommerce Product Vendor

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
../admin/css/niwoopv-report.css../admin/css/lib/bootstrap.min.css../admin/js/lib/bootstrap.min.js../admin/js/lib/popper.min.js../admin/css/font-awesome.css../admin/js/amcharts/amcharts.js../admin/js/amcharts/light.js../admin/js/amcharts/pie.js+4 more

HTML / DOM Fingerprints

CSS Classes
niwoopv-dashboardniwoopv-order-product-reportniwoopv-stock-reportniwoopv-setting
Data Attributes
niwoopv_ajax_object
JS Globals
niwoopv_ajax_object
FAQ

Frequently Asked Questions about Ni WooCommerce Product Vendor