WP-Safety

Ninjalytics (formerly Product Sales Report) Security & Risk Analysis

wordpress.org/plugins/product-sales-report-for-woocommerce

Quickly create sales reports and charts for your WooCommerce store with advanced filtering by date range, id, category, tag, status, and more.

6K active installs v2.0.12 PHP 8.1+ WP 6.2+ Updated Feb 22, 2026
analyticsreportingsales-reportwoocommercewoocommerce-sales
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Ninjalytics (formerly Product Sales Report) Safe to Use in 2026?

Generally Safe

Score 100/100

Ninjalytics (formerly Product Sales Report) has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The plugin "product-sales-report-for-woocommerce" v2.0.12 exhibits a generally strong security posture based on the provided static analysis. The overwhelming majority of output is properly escaped, SQL queries largely utilize prepared statements, and there are a good number of capability checks and nonces in place. The absence of external HTTP requests and a small attack surface with no apparent unprotected entry points are also positive indicators. However, the presence of the `unserialize()` function is a significant concern, as it can lead to Remote Code Execution vulnerabilities if used with unsanitized or maliciously crafted data. Additionally, the taint analysis revealed two flows with unsanitized paths, classified as high severity, indicating potential pathways for attackers to inject malicious data that is not properly validated before being used in a sensitive operation. The complete lack of recorded vulnerabilities, while seemingly positive, could also suggest a lack of historical scrutiny or that past vulnerabilities were minor and not publicly disclosed. Therefore, while the plugin demonstrates good general coding practices, the identified risks related to `unserialize()` and the high-severity taint flows warrant careful attention and mitigation.

Key Concerns

  • Unsanitized taint flow (high severity)
  • Unsanitized taint flow (high severity)
  • Dangerous function: unserialize() detected
Vulnerabilities
None known

Ninjalytics (formerly Product Sales Report) Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Ninjalytics (formerly Product Sales Report) Code Analysis

Dangerous Functions
1
Raw SQL Queries
6
20 prepared
Unescaped Output
6
375 escaped
Nonce Checks
4
Capability Checks
9
File Operations
9
External Requests
0
Bundled Libraries
1

Dangerous Functions Found

unserialize$taxArray = @unserialize($taxes->taxes);hm-product-sales-report.php:2916

Bundled Libraries

DataTables

SQL Query Safety

77% prepared26 total queries

Output Escaping

98% escaped381 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

7 flows2 with unsanitized paths
renderReportsPage (admin\admin.php:634)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Ninjalytics (formerly Product Sales Report) Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 21
filterberrypress_admin_page_display_sidebaradmin\admin.php:28
filterdefault_option_ninjalytics_settingshm-product-sales-report.php:56
filterninjalytics_report_templateshm-product-sales-report.php:68
actionadmin_menuhm-product-sales-report.php:77
actionbefore_woocommerce_inithm-product-sales-report.php:108
actioninithm-product-sales-report.php:166
filternocache_headershm-product-sales-report.php:180
filterninjalytics_get_order_report_queryhm-product-sales-report.php:936
filtercomments_clauseshm-product-sales-report.php:1464
filtercomments_clauseshm-product-sales-report.php:1477
actioncurrent_screenhm-product-sales-report.php:1909
filteradmin_body_classhm-product-sales-report.php:1912
actionadmin_enqueue_scriptshm-product-sales-report.php:1913
actionadmin_enqueue_scriptshm-product-sales-report.php:1916
filterpp_wc_get_schedulable_email_reportshm-product-sales-report.php:1953
actionninjalytics_update_field_cachehm-product-sales-report.php:2351
filtersanitize_keyhm-product-sales-report.php:2614
filtersanitize_keyhm-product-sales-report.php:2864
filtersanitize_keyhm-product-sales-report.php:2903
actionadmin_noticeshm-product-sales-report.php:3022
filterset_screen_option_ninjalytics_admin_notice_hidehm-product-sales-report.php:3025

Scheduled Events 1

ninjalytics_update_field_cache
Maintenance & Trust

Ninjalytics (formerly Product Sales Report) Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 22, 2026
PHP min version8.1
Downloads160K

Community Trust

Rating88/100
Number of ratings57
Active installs6K
Alternatives

Ninjalytics (formerly Product Sales Report) Alternatives

Advanced Reporting & Statistics for WooCommerce – Orders, Products & Customers Reporting

Advanced Reporting & Statistics for WooCommerce – Orders, Products & Customers Reporting

webd-woocommerce-advanced-reporting-statistics

A
96

A comprehensive WordPress Plugin for Advanced WooCommerce Reporting, Product Sales Report, Statistics, Analytics & Forecasting Tool for Orders, Pr …

400 2 CVEs
Alpha Insights – Profit Intelligence & Analytics for WooCommerce

Alpha Insights – Profit Intelligence & Analytics for WooCommerce

alpha-insights-sales-report-builder-analytics-for-woocommerce

A
100

WooCommerce reporting plugin for profit & loss, cost of goods (COGS), ad spend, ROI and custom sales reports.

0 No CVEs
REPORTiT – Advanced Reporting for WooCommerce

REPORTiT – Advanced Reporting for WooCommerce

ithemelandco-woo-report

A
98

Stop guessing. Grow your sales with powerful, easy-to-understand reports and analytics for WooCommerce.

800 2 CVEs
Brikpanel — WooCommerce Dashboard, Reports & Analytics

Brikpanel — WooCommerce Dashboard, Reports & Analytics

brikpanel-admin-panel-dashboard-for-woocommerce

A
100

Modern WooCommerce dashboard with sales reports, real-time analytics, conversion tracking, and advanced reporting — all free.

60 No CVEs
Order Reports for WooCommerce

Order Reports for WooCommerce

wc-order-reports

A
92

Product sales reports for woocommerce store, order overview, order status wise performance, sales report download and show options with product item d …

400 No CVEs
Developer Profile

Ninjalytics (formerly Product Sales Report) Developer Profile

BerryPress

9 plugins · 11K total installs

93
trust score
Avg Security Score
99/100
Avg Patch Time
19 days
View full developer profile
Detection Fingerprints

How We Detect Ninjalytics (formerly Product Sales Report)

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/product-sales-report-for-woocommerce/includes/berrypress-admin-framework/Page.php/wp-content/plugins/product-sales-report-for-woocommerce/admin/admin.php

HTML / DOM Fingerprints

CSS Classes
ninjalytics-free
HTML Comments
Ninjalytics Copyright (C) 2026 BerryPress This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <https://www.gnu.org/licenses/>. CREDITS: * This plugin contains code copied from and/or based on the following third-party products, * in addition to any others indicated in code comments or license files: * * WordPress, by Automattic, GPLv2+ * WooCommerce, by Automattic, GPLv3+ * Easy Digital Downloads, Copyright (C) Sandhills Development, LLC, GPLv2+ *
FAQ

Frequently Asked Questions about Ninjalytics (formerly Product Sales Report)