WP-Safety

Ninjalytics: Sales Reports & Order Export for WooCommerce and EDD Security & Risk Analysis

wordpress.org/plugins/product-sales-report-for-woocommerce

Create sales reports and order exports for WooCommerce with product analytics, order fulfillment data, filtering, charts, and 15+ templates.

6K active installs v2.0.14 PHP 8.1+ WP 6.2+ Updated Mar 31, 2026
order-exportproduct-sales-analyticsreportingsales-reportwoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Ninjalytics: Sales Reports & Order Export for WooCommerce and EDD Safe to Use in 2026?

Generally Safe

Score 100/100

Ninjalytics: Sales Reports & Order Export for WooCommerce and EDD has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The plugin "product-sales-report-for-woocommerce" v2.0.12 exhibits a generally strong security posture based on the provided static analysis. The overwhelming majority of output is properly escaped, SQL queries largely utilize prepared statements, and there are a good number of capability checks and nonces in place. The absence of external HTTP requests and a small attack surface with no apparent unprotected entry points are also positive indicators. However, the presence of the `unserialize()` function is a significant concern, as it can lead to Remote Code Execution vulnerabilities if used with unsanitized or maliciously crafted data. Additionally, the taint analysis revealed two flows with unsanitized paths, classified as high severity, indicating potential pathways for attackers to inject malicious data that is not properly validated before being used in a sensitive operation. The complete lack of recorded vulnerabilities, while seemingly positive, could also suggest a lack of historical scrutiny or that past vulnerabilities were minor and not publicly disclosed. Therefore, while the plugin demonstrates good general coding practices, the identified risks related to `unserialize()` and the high-severity taint flows warrant careful attention and mitigation.

Key Concerns

  • Unsanitized taint flow (high severity)
  • Unsanitized taint flow (high severity)
  • Dangerous function: unserialize() detected
Vulnerabilities
None known

Ninjalytics: Sales Reports & Order Export for WooCommerce and EDD Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Ninjalytics: Sales Reports & Order Export for WooCommerce and EDD Release Timeline

v2.0.14Current
v2.0.13
v2.0.12
v2.0.11
v2.0.10
v2.0.9
v2.0.8
v2.0.7
v2.0.6
v2.0.5
v2.0.4
v2.0.3
v2.0.2
v2.0.1
v2.0.0
v1.5.6
v1.5.5
v1.5.4
v1.5.3
v1.5.2
Code Analysis
Analyzed Mar 16, 2026

Ninjalytics: Sales Reports & Order Export for WooCommerce and EDD Code Analysis

Dangerous Functions
1
Raw SQL Queries
6
20 prepared
Unescaped Output
6
375 escaped
Nonce Checks
4
Capability Checks
9
File Operations
9
External Requests
0
Bundled Libraries
1

Dangerous Functions Found

unserialize$taxArray = @unserialize($taxes->taxes);hm-product-sales-report.php:2916

Bundled Libraries

DataTables

SQL Query Safety

77% prepared26 total queries

Output Escaping

98% escaped381 total outputs
Data Flows · Security
2 unsanitized

Data Flow Analysis

7 flows2 with unsanitized paths
renderReportsPage (admin\admin.php:634)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Ninjalytics: Sales Reports & Order Export for WooCommerce and EDD Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 21
filterberrypress_admin_page_display_sidebaradmin\admin.php:28
filterdefault_option_ninjalytics_settingshm-product-sales-report.php:56
filterninjalytics_report_templateshm-product-sales-report.php:68
actionadmin_menuhm-product-sales-report.php:77
actionbefore_woocommerce_inithm-product-sales-report.php:108
actioninithm-product-sales-report.php:166
filternocache_headershm-product-sales-report.php:180
filterninjalytics_get_order_report_queryhm-product-sales-report.php:936
filtercomments_clauseshm-product-sales-report.php:1464
filtercomments_clauseshm-product-sales-report.php:1477
actioncurrent_screenhm-product-sales-report.php:1909
filteradmin_body_classhm-product-sales-report.php:1912
actionadmin_enqueue_scriptshm-product-sales-report.php:1913
actionadmin_enqueue_scriptshm-product-sales-report.php:1916
filterpp_wc_get_schedulable_email_reportshm-product-sales-report.php:1953
actionninjalytics_update_field_cachehm-product-sales-report.php:2351
filtersanitize_keyhm-product-sales-report.php:2614
filtersanitize_keyhm-product-sales-report.php:2864
filtersanitize_keyhm-product-sales-report.php:2903
actionadmin_noticeshm-product-sales-report.php:3022
filterset_screen_option_ninjalytics_admin_notice_hidehm-product-sales-report.php:3025

Scheduled Events 1

ninjalytics_update_field_cache
Maintenance & Trust

Ninjalytics: Sales Reports & Order Export for WooCommerce and EDD Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 31, 2026
PHP min version8.1
Downloads165K

Community Trust

Rating88/100
Number of ratings57
Active installs6K
Alternatives

Ninjalytics: Sales Reports & Order Export for WooCommerce and EDD Alternatives

Sales Report for WooCommerce

Sales Report for WooCommerce

sales-report-for-woocommerce

A
100

Sales Report for WooCommerce generates daily, weekly and monthly sales report

1K No CVEs
REPORTiT – Advanced Reporting for WooCommerce

REPORTiT – Advanced Reporting for WooCommerce

ithemelandco-woo-report

A
98

Stop guessing. Grow your sales with powerful, easy-to-understand reports and analytics for WooCommerce.

800 2 CVEs
Advanced Reporting & Statistics for WooCommerce – Orders, Products & Customers Reporting

Advanced Reporting & Statistics for WooCommerce – Orders, Products & Customers Reporting

webd-woocommerce-advanced-reporting-statistics

A
93

A comprehensive WordPress Plugin for Advanced WooCommerce Reporting, Product Sales Report, Statistics, Analytics & Forecasting Tool for Orders, Pr …

400 3 CVEs
WooReports — Advanced Reporting for WooCommerce

WooReports — Advanced Reporting for WooCommerce

wc-reports-lite

A
99

Free sales reports for WooCommerce — 11 report modules including orders, products, stock, tax, coupons and payment gateways. No API key needed.

60 1 CVE
Advanced Order Export For WooCommerce

Advanced Order Export For WooCommerce

woo-order-export-lite

A
90

Export WooCommerce orders to Excel, CSV, XML, JSON, PDF and HTML. Best free order export plugin for WooCommerce.

100K 8 CVEs
Developer Profile

Ninjalytics: Sales Reports & Order Export for WooCommerce and EDD Developer Profile

BerryPress

11 plugins · 11K total installs

93
trust score
Avg Security Score
99/100
Avg Patch Time
19 days
View full developer profile
Detection Fingerprints

How We Detect Ninjalytics: Sales Reports & Order Export for WooCommerce and EDD

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/product-sales-report-for-woocommerce/includes/berrypress-admin-framework/Page.php/wp-content/plugins/product-sales-report-for-woocommerce/admin/admin.php

HTML / DOM Fingerprints

CSS Classes
ninjalytics-free
HTML Comments
Ninjalytics Copyright (C) 2026 BerryPress This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <https://www.gnu.org/licenses/>. CREDITS: * This plugin contains code copied from and/or based on the following third-party products, * in addition to any others indicated in code comments or license files: * * WordPress, by Automattic, GPLv2+ * WooCommerce, by Automattic, GPLv3+ * Easy Digital Downloads, Copyright (C) Sandhills Development, LLC, GPLv2+ *
FAQ

Frequently Asked Questions about Ninjalytics: Sales Reports & Order Export for WooCommerce and EDD