[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fS3wUnFHD9eR7NiekoLZbyy_59EZC1mElVvADjcPXYwU":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":37,"analysis":38,"fingerprints":402},"sales-analytics-for-woocommerce","Sales Analytics for WooCommerce","2.5.3","TechBeeps Services","https:\u002F\u002Fprofiles.wordpress.org\u002Ftechbeeps\u002F","\u003Cp>Sales Analytics for WooCommerce is a powerful plugin designed to generate custom analytics reports for WooCommerce stores. It provides detailed insights into sales, revenue, product performance, and now introduces \u003Cstrong>AI-powered analysis\u003C\u002Fstrong> for smarter decision-making. It also includes Order Origin Analytics, allowing store owners to track sales by source with daily, monthly, and yearly views.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Order Origin Analytics (Daily \u002F Monthly \u002F Yearly reports)\u003Cbr \u002F>\n* AI-powered performance analysis using \u003Ca href=\"https:\u002F\u002Fplugins.techbeeps.com\u002Fapi-ai-analyze\u002F\" rel=\"nofollow ugc\">TechBeeps AI Analyze API\u003C\u002Fa>\u003Cbr \u002F>\n* AI Revenue Insights\u003Cbr \u002F>\n* AI Insights: High & Low Performers\u003Cbr \u002F>\n* Let AI reveal which payment methods drive your sales—and which don’t.\u003Cbr \u002F>\n* Generate sales and revenue analytics reports.\u003Cbr \u002F>\n* View analytics by payment method.\u003Cbr \u002F>\n* Get detailed product analytics reports.\u003Cbr \u002F>\n* Download reports in CSV or PDF format.\u003Cbr \u002F>\n* Visualize data using Charts.js.\u003Cbr \u002F>\n* Supports multiple currencies.\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin connects to an external service to generate AI-based performance insights.\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.techbeeps.com\u002Fapi-ai-analyze\u002F\" rel=\"nofollow ugc\">TechBeeps AI Analyze API\u003C\u002Fa>\n\u003Cul>\n\u003Cli>\u003Cstrong>What it does:\u003C\u002Fstrong> Generates AI-based analytical responses based on store data.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data sent:\u003C\u002Fstrong> Product name,order amount, revenue, currency, sales date.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.techbeeps.com\u002Fterms-of-service-for-ai-analyze-api\u002F\" rel=\"nofollow ugc\">Terms of Service\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.techbeeps.com\u002Fprivacy-policy-for-ai-analyze-api\u002F\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>For support and further inquiries, visit our official website: \u003Ca href=\"https:\u002F\u002Fplugins.techbeeps.com\" rel=\"nofollow ugc\">https:\u002F\u002Fplugins.techbeeps.com\u003C\u002Fa>.\u003C\u002Fp>\n","Sales Analytics for WooCommerce: detailed reports, payment analytics, AI-based insights, CSV\u002FPDF export, multi-currency, and chart visuals.",10,627,0,"","6.9.4","6.7","7.4",[19,20,21,22,23],"ai-ecommerce-reports","ai-for-woocommerce","ai-revenue-analysis","ai-sales-insights","product-performance-tracking","https:\u002F\u002Fplugins.techbeeps.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsales-analytics-for-woocommerce.2.5.3.zip",100,null,"2026-03-15T10:48:56.248Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":26,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"techbeeps",5,80,30,94,"2026-04-04T09:14:15.768Z",[],{"attackSurface":39,"codeSignals":108,"taintFlows":133,"riskAssessment":394,"analyzedAt":401},{"hooks":40,"ajaxHandlers":88,"restRoutes":103,"shortcodes":104,"cronEvents":105,"entryPointCount":106,"unprotectedCount":107},[41,47,51,55,60,63,66,69,72,75,78,83,86],{"type":42,"name":43,"callback":44,"file":45,"line":46},"action","admin_notices","closure","includes\\functions.php",74,{"type":42,"name":48,"callback":49,"file":45,"line":50},"admin_init","salesafw_sales_analytics_check_woocommerce",79,{"type":42,"name":52,"callback":53,"file":45,"line":54},"admin_enqueue_scripts","salesafw_sales_analytics_chartjs_enqueue_scripts",87,{"type":42,"name":56,"callback":57,"file":58,"line":59},"admin_menu","salesafw_sales_analytics_sales_analytics_menu","includes\\menu-reg.php",6,{"type":42,"name":56,"callback":61,"file":58,"line":62},"salesafw_sales_analytics_add_new_sales_analytics_submenu",21,{"type":42,"name":56,"callback":64,"file":58,"line":65},"salesafw_sales_analytics_add_new__payment_method_analytics_submenu",35,{"type":42,"name":56,"callback":67,"file":58,"line":68},"salesafw_sales_analytics_add_new_sales_by_product_analytics_submenu",49,{"type":42,"name":56,"callback":70,"file":58,"line":71},"salesafw_sales_by_user_analytics_submenu",63,{"type":42,"name":56,"callback":73,"file":58,"line":74},"salesafw_origin_analytics_submenu",75,{"type":42,"name":56,"callback":76,"file":58,"line":77},"salesafw_about_page_submenu",88,{"type":42,"name":79,"callback":80,"file":81,"line":82},"plugins_loaded","salesafw_sales_analytics_init","sales-analytics-for-woocommerce.php",58,{"type":42,"name":52,"callback":84,"file":81,"line":85},"salesafw_enqueue_admin_assets",64,{"type":42,"name":48,"callback":44,"file":81,"line":87},70,[89,93,98,100],{"action":90,"nopriv":91,"callback":44,"hasNonce":91,"hasCapCheck":91,"file":45,"line":92},"salesafw_ai_suggestions",false,7,{"action":94,"nopriv":91,"callback":95,"hasNonce":96,"hasCapCheck":91,"file":45,"line":97},"product_search","salesafw_sales_analytics_product_search_callback",true,104,{"action":94,"nopriv":96,"callback":95,"hasNonce":96,"hasCapCheck":91,"file":45,"line":99},105,{"action":101,"nopriv":91,"callback":44,"hasNonce":91,"hasCapCheck":91,"file":45,"line":102},"salesafw_analytics_disable_walkthrough",143,[],[],[],4,2,{"dangerousFunctions":109,"sqlUsage":110,"outputEscaping":116,"fileOperations":106,"externalRequests":111,"nonceChecks":131,"capabilityChecks":59,"bundledLibraries":132},[],{"prepared":85,"raw":111,"locations":112},1,[113],{"file":114,"line":54,"context":115},"sales-by-origin-analytics.php","$wpdb->get_col() with variable interpolation",{"escaped":117,"rawEcho":32,"locations":118},375,[119,122,125,127,129],{"file":114,"line":120,"context":121},253,"raw output",{"file":123,"line":124,"context":121},"sales-by-user.php",107,{"file":123,"line":126,"context":121},108,{"file":123,"line":128,"context":121},109,{"file":123,"line":130,"context":121},112,11,[],[134,152,160,182,193,204,212,229,242,256,282,303,319,340,356,378],{"entryPoint":135,"graph":136,"unsanitizedCount":13,"severity":151},"salesafw_sales_analytics_product_search_callback (includes\\functions.php:107)",{"nodes":137,"edges":149},[138,143],{"id":139,"type":140,"label":141,"file":45,"line":142},"n0","source","$_POST",116,{"id":144,"type":145,"label":146,"file":45,"line":147,"wp_function":148},"n1","sink","get_results() [SQLi]",117,"get_results",[150],{"from":139,"to":144,"sanitized":96},"low",{"entryPoint":153,"graph":154,"unsanitizedCount":13,"severity":151},"\u003Cfunctions> (includes\\functions.php:0)",{"nodes":155,"edges":158},[156,157],{"id":139,"type":140,"label":141,"file":45,"line":142},{"id":144,"type":145,"label":146,"file":45,"line":147,"wp_function":148},[159],{"from":139,"to":144,"sanitized":96},{"entryPoint":161,"graph":162,"unsanitizedCount":13,"severity":151},"salesafw_sales_analytics_sales_analytics_page (sales-analytics.php:7)",{"nodes":163,"edges":179},[164,168,172,176],{"id":139,"type":140,"label":165,"file":166,"line":167},"$_REQUEST","sales-analytics.php",41,{"id":144,"type":145,"label":169,"file":166,"line":170,"wp_function":171},"echo() [XSS]",77,"echo",{"id":173,"type":140,"label":174,"file":166,"line":175},"n2","$_GET (x4)",45,{"id":177,"type":145,"label":169,"file":166,"line":178,"wp_function":171},"n3",98,[180,181],{"from":139,"to":144,"sanitized":96},{"from":173,"to":177,"sanitized":96},{"entryPoint":183,"graph":184,"unsanitizedCount":13,"severity":151},"\u003Csales-analytics> (sales-analytics.php:0)",{"nodes":185,"edges":190},[186,187,188,189],{"id":139,"type":140,"label":165,"file":166,"line":167},{"id":144,"type":145,"label":169,"file":166,"line":170,"wp_function":171},{"id":173,"type":140,"label":174,"file":166,"line":175},{"id":177,"type":145,"label":169,"file":166,"line":178,"wp_function":171},[191,192],{"from":139,"to":144,"sanitized":96},{"from":173,"to":177,"sanitized":96},{"entryPoint":194,"graph":195,"unsanitizedCount":13,"severity":151},"salesafw_origin_analytics_callback (sales-by-origin-analytics.php:129)",{"nodes":196,"edges":202},[197,200],{"id":139,"type":140,"label":198,"file":114,"line":199},"$_GET (x3)",147,{"id":144,"type":145,"label":169,"file":114,"line":201,"wp_function":171},197,[203],{"from":139,"to":144,"sanitized":96},{"entryPoint":205,"graph":206,"unsanitizedCount":13,"severity":151},"\u003Csales-by-origin-analytics> (sales-by-origin-analytics.php:0)",{"nodes":207,"edges":210},[208,209],{"id":139,"type":140,"label":198,"file":114,"line":199},{"id":144,"type":145,"label":169,"file":114,"line":201,"wp_function":171},[211],{"from":139,"to":144,"sanitized":96},{"entryPoint":213,"graph":214,"unsanitizedCount":111,"severity":228},"salesafw_sales_analytics_generate_csv_revenue (csv-handler\\csv-generate.php:95)",{"nodes":215,"edges":225},[216,219,222],{"id":139,"type":140,"label":217,"file":218,"line":128},"$_GET","csv-handler\\csv-generate.php",{"id":144,"type":220,"label":221,"file":218,"line":128},"transform","→ salesafw_sales_analytics_get_order_details_for_period_revenue()",{"id":173,"type":145,"label":146,"file":223,"line":224,"wp_function":148},"fetch-query-functions\\revenue-analytics-query.php",186,[226,227],{"from":139,"to":144,"sanitized":91},{"from":144,"to":173,"sanitized":91},"high",{"entryPoint":230,"graph":231,"unsanitizedCount":111,"severity":228},"salesafw_sales_analytics_generate_csv_payment_method (csv-handler\\csv-generate.php:178)",{"nodes":232,"edges":239},[233,234,236],{"id":139,"type":140,"label":217,"file":218,"line":201},{"id":144,"type":220,"label":235,"file":218,"line":201},"→ salesafw_sales_analytics_get_order_details_for_period_by_payment_method()",{"id":173,"type":145,"label":146,"file":237,"line":238,"wp_function":148},"fetch-query-functions\\sale-by-method-query.php",119,[240,241],{"from":139,"to":144,"sanitized":91},{"from":144,"to":173,"sanitized":91},{"entryPoint":243,"graph":244,"unsanitizedCount":111,"severity":228},"salesafw_sales_analytics_generate_csv_sales_by_product (csv-handler\\csv-generate.php:268)",{"nodes":245,"edges":253},[246,248,250],{"id":139,"type":140,"label":217,"file":218,"line":247},285,{"id":144,"type":220,"label":249,"file":218,"line":247},"→ salesafw_sales_analytics_get_order_details_sales_by_products()",{"id":173,"type":145,"label":146,"file":251,"line":252,"wp_function":148},"fetch-query-functions\\sales-by-product-query.php",122,[254,255],{"from":139,"to":144,"sanitized":91},{"from":144,"to":173,"sanitized":91},{"entryPoint":257,"graph":258,"unsanitizedCount":281,"severity":228},"\u003Ccsv-generate> (csv-handler\\csv-generate.php:0)",{"nodes":259,"edges":274},[260,261,262,263,264,266,268,270,272],{"id":139,"type":140,"label":217,"file":218,"line":128},{"id":144,"type":220,"label":221,"file":218,"line":128},{"id":173,"type":145,"label":146,"file":223,"line":224,"wp_function":148},{"id":177,"type":140,"label":217,"file":218,"line":201},{"id":265,"type":220,"label":235,"file":218,"line":201},"n4",{"id":267,"type":145,"label":146,"file":237,"line":238,"wp_function":148},"n5",{"id":269,"type":140,"label":217,"file":218,"line":247},"n6",{"id":271,"type":220,"label":249,"file":218,"line":247},"n7",{"id":273,"type":145,"label":146,"file":251,"line":252,"wp_function":148},"n8",[275,276,277,278,279,280],{"from":139,"to":144,"sanitized":91},{"from":144,"to":173,"sanitized":91},{"from":177,"to":265,"sanitized":91},{"from":265,"to":267,"sanitized":91},{"from":269,"to":271,"sanitized":91},{"from":271,"to":273,"sanitized":91},3,{"entryPoint":283,"graph":284,"unsanitizedCount":107,"severity":228},"salesafw_sales_analytics_new_sales_analytics_page_callback (revenue-analytics.php:8)",{"nodes":285,"edges":298},[286,289,290,292,293,296,297],{"id":139,"type":140,"label":165,"file":287,"line":288},"revenue-analytics.php",28,{"id":144,"type":145,"label":169,"file":287,"line":50,"wp_function":171},{"id":173,"type":140,"label":174,"file":287,"line":291},31,{"id":177,"type":145,"label":169,"file":287,"line":178,"wp_function":171},{"id":265,"type":140,"label":294,"file":287,"line":295},"$_GET (x2)",33,{"id":267,"type":220,"label":221,"file":287,"line":295},{"id":269,"type":145,"label":146,"file":223,"line":224,"wp_function":148},[299,300,301,302],{"from":139,"to":144,"sanitized":96},{"from":173,"to":177,"sanitized":96},{"from":265,"to":267,"sanitized":91},{"from":267,"to":269,"sanitized":91},{"entryPoint":304,"graph":305,"unsanitizedCount":107,"severity":228},"\u003Crevenue-analytics> (revenue-analytics.php:0)",{"nodes":306,"edges":314},[307,308,309,310,311,312,313],{"id":139,"type":140,"label":165,"file":287,"line":288},{"id":144,"type":145,"label":169,"file":287,"line":50,"wp_function":171},{"id":173,"type":140,"label":174,"file":287,"line":291},{"id":177,"type":145,"label":169,"file":287,"line":178,"wp_function":171},{"id":265,"type":140,"label":294,"file":287,"line":295},{"id":267,"type":220,"label":221,"file":287,"line":295},{"id":269,"type":145,"label":146,"file":223,"line":224,"wp_function":148},[315,316,317,318],{"from":139,"to":144,"sanitized":96},{"from":173,"to":177,"sanitized":96},{"from":265,"to":267,"sanitized":91},{"from":267,"to":269,"sanitized":91},{"entryPoint":320,"graph":321,"unsanitizedCount":107,"severity":228},"salesafw_sales_analytics_new_payment_method_analytics_page_callback (sales-by-method.php:6)",{"nodes":322,"edges":335},[323,326,328,329,331,333,334],{"id":139,"type":140,"label":165,"file":324,"line":325},"sales-by-method.php",29,{"id":144,"type":145,"label":169,"file":324,"line":327,"wp_function":171},89,{"id":173,"type":140,"label":174,"file":324,"line":291},{"id":177,"type":145,"label":169,"file":324,"line":330,"wp_function":171},130,{"id":265,"type":140,"label":294,"file":324,"line":332},36,{"id":267,"type":220,"label":235,"file":324,"line":332},{"id":269,"type":145,"label":146,"file":237,"line":238,"wp_function":148},[336,337,338,339],{"from":139,"to":144,"sanitized":96},{"from":173,"to":177,"sanitized":96},{"from":265,"to":267,"sanitized":91},{"from":267,"to":269,"sanitized":91},{"entryPoint":341,"graph":342,"unsanitizedCount":107,"severity":228},"\u003Csales-by-method> (sales-by-method.php:0)",{"nodes":343,"edges":351},[344,345,346,347,348,349,350],{"id":139,"type":140,"label":165,"file":324,"line":325},{"id":144,"type":145,"label":169,"file":324,"line":327,"wp_function":171},{"id":173,"type":140,"label":174,"file":324,"line":291},{"id":177,"type":145,"label":169,"file":324,"line":330,"wp_function":171},{"id":265,"type":140,"label":294,"file":324,"line":332},{"id":267,"type":220,"label":235,"file":324,"line":332},{"id":269,"type":145,"label":146,"file":237,"line":238,"wp_function":148},[352,353,354,355],{"from":139,"to":144,"sanitized":96},{"from":173,"to":177,"sanitized":96},{"from":265,"to":267,"sanitized":91},{"from":267,"to":269,"sanitized":91},{"entryPoint":357,"graph":358,"unsanitizedCount":107,"severity":228},"salesafw_sales_analytics_new_sales_by_product_analytics_page_callback (sales-by-product.php:7)",{"nodes":359,"edges":373},[360,364,366,367,369,371,372],{"id":139,"type":140,"label":361,"file":362,"line":363},"$_GET (x5)","sales-by-product.php",38,{"id":144,"type":145,"label":169,"file":362,"line":365,"wp_function":171},85,{"id":173,"type":140,"label":165,"file":362,"line":295},{"id":177,"type":145,"label":169,"file":362,"line":368,"wp_function":171},86,{"id":265,"type":140,"label":294,"file":362,"line":370},39,{"id":267,"type":220,"label":249,"file":362,"line":370},{"id":269,"type":145,"label":146,"file":251,"line":252,"wp_function":148},[374,375,376,377],{"from":139,"to":144,"sanitized":96},{"from":173,"to":177,"sanitized":96},{"from":265,"to":267,"sanitized":91},{"from":267,"to":269,"sanitized":91},{"entryPoint":379,"graph":380,"unsanitizedCount":107,"severity":228},"\u003Csales-by-product> (sales-by-product.php:0)",{"nodes":381,"edges":389},[382,383,384,385,386,387,388],{"id":139,"type":140,"label":361,"file":362,"line":363},{"id":144,"type":145,"label":169,"file":362,"line":365,"wp_function":171},{"id":173,"type":140,"label":165,"file":362,"line":295},{"id":177,"type":145,"label":169,"file":362,"line":368,"wp_function":171},{"id":265,"type":140,"label":294,"file":362,"line":370},{"id":267,"type":220,"label":249,"file":362,"line":370},{"id":269,"type":145,"label":146,"file":251,"line":252,"wp_function":148},[390,391,392,393],{"from":139,"to":144,"sanitized":96},{"from":173,"to":177,"sanitized":96},{"from":265,"to":267,"sanitized":91},{"from":267,"to":269,"sanitized":91},{"summary":395,"deductions":396},"The \"sales-analytics-for-woocommerce\" plugin v2.5.3 demonstrates generally good security practices, particularly in its diligent use of prepared statements for SQL queries and proper output escaping. The low number of file operations and external HTTP requests also contribute positively to its security posture.  The plugin's history of zero known CVEs further suggests a stable and secure development process.\n\nHowever, the static analysis reveals a notable concern: two of the four AJAX handlers lack authentication checks. This creates an attack surface where unauthenticated users could potentially interact with these endpoints, leading to unintended actions or information disclosure. The taint analysis further highlights this by identifying ten high-severity flows with unsanitized paths, which could be directly exploitable through these unprotected AJAX endpoints, especially if they process user-supplied data.\n\nWhile the plugin has no known vulnerabilities, the presence of unprotected AJAX endpoints and critical taint flows is a significant risk. Addressing these weaknesses by implementing proper authentication and authorization checks on all AJAX handlers and sanitizing the identified high-severity tainted paths is crucial for mitigating potential exploitation.",[397,399],{"reason":398,"points":11},"Unprotected AJAX handlers",{"reason":400,"points":11},"High severity taint flows","2026-03-16T23:25:57.880Z",{"wat":403,"direct":412},{"assetPaths":404,"generatorPatterns":406,"scriptPaths":407,"versionParams":409},[405],"\u002Fwp-content\u002Fplugins\u002Fsales-analytics-for-woocommerce\u002Fassets\u002Fcss\u002Fstyle.css",[],[408],"\u002Fwp-content\u002Fplugins\u002Fsales-analytics-for-woocommerce\u002Fassets\u002Fjs\u002Fchart.js",[410,411],"sales-analytics-for-woocommerce\u002Fassets\u002Fcss\u002Fstyle.css?ver=","sales-analytics-for-woocommerce\u002Fassets\u002Fjs\u002Fchart.js?ver=",{"cssClasses":413,"htmlComments":416,"htmlAttributes":418,"restEndpoints":421,"jsGlobals":423,"shortcodeOutput":426},[414,415],"salesafw-sales-analytics-style","salesafw-chart-js",[417],"Add this to your plugin main file",[419,420],"data-nonce=\"salesafw_ai_suggestions_nonce\"","data-nonce=\"analytics_nonce\"",[422],"\u002Fwp-json\u002Fsalesafw\u002Fv1\u002Fai-suggestions",[424,425],"window.salesafw_ai_suggestions","window.salesafw_product_search_callback",[]]