Does Smart Reporter For WooCommerce and WP eCommerce have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Smart Reporter For WooCommerce and WP eCommerce compatible with WordPress 5.2.24?

According to WordPress.org data, Smart Reporter For WooCommerce and WP eCommerce 2.10.0 has been tested up to WordPress 5.2.24. Check the plugin's changelog for the latest compatibility information.

What is Smart Reporter For WooCommerce and WP eCommerce's security score?

Smart Reporter For WooCommerce and WP eCommerce has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Smart Reporter For WooCommerce and WP eCommerce Security & Risk Analysis

wordpress.org/plugins/smart-reporter-for-wp-e-commerce

A phenomenal plugin that solves all your business related issues, from business analysis to reporting on your WooCommerce and WordPress eCommerce site …

300 active installs v2.10.0 PHP + WP 4.8.0+ Updated Jul 11, 2019

ecommerce-analyticsecommerce-reportingwoocommerce-analyticswoocommerce-reportingwoocommerce-reports

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Smart Reporter For WooCommerce and WP eCommerce Safe to Use in 2026?

Generally Safe

Score 85/100

Smart Reporter For WooCommerce and WP eCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago

Risk Assessment

The "smart-reporter-for-wp-e-commerce" plugin v2.10.0 presents a mixed security posture. On the positive side, it has no known historical vulnerabilities (CVEs), and the static analysis shows no dangerous functions or file operations, suggesting a generally cautious approach to sensitive operations. The presence of 16 nonce checks and some capability checks indicates an awareness of WordPress security best practices.

However, significant concerns arise from the attack surface. With 5 AJAX handlers, 4 of which lack authentication checks, there's a substantial risk of unauthorized actions being performed. This is further exacerbated by the taint analysis revealing 2 flows with unsanitized paths and 1 critical severity flow. The low percentage (4%) of properly escaped output is also a major red flag, indicating a high likelihood of Cross-Site Scripting (XSS) vulnerabilities. While the SQL query practice is somewhat mixed (53% prepared), this is less concerning than the output escaping and AJAX handler issues.

In conclusion, despite the absence of historical CVEs, the current version of the plugin has critical security weaknesses, particularly in its exposed AJAX endpoints and insufficient output sanitization. These factors create a high risk for XSS and potential unauthorized data manipulation, outweighing the strengths of its vulnerability-free history and lack of dangerous functions.

Key Concerns

Unprotected AJAX handlers
Critical taint flow
Low output escaping percentage
Unsanitized paths in taint flows

Vulnerabilities

None known

Smart Reporter For WooCommerce and WP eCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Smart Reporter For WooCommerce and WP eCommerce Release Timeline

v2.10.0Current

v2.9.19

v2.9.18

v2.9.17

v2.9.16

v2.9.15

v2.9.14

v2.9.13

v2.9.12

v2.9.11

v2.9.10

v2.9.9

v2.9.8

v2.9.7

v2.9.6

v2.9.5

v2.9.4

v2.9.3

v2.9.2

v2.9.1

Code Analysis

Analyzed Mar 16, 2026

Smart Reporter For WooCommerce and WP eCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

94 prepared

Unescaped Output

109

4 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

53% prepared177 total queries

Output Escaping

4% escaped113 total outputs

Data Flows · Security

2 unsanitized

Data Flow Analysis

7 flows2 with unsanitized paths

sr_klawoo_subscribe (smart-reporter.php:1427)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

4 unprotected

Smart Reporter For WooCommerce and WP eCommerce Attack Surface

Entry Points5

Unprotected4

AJAX Handlers 5

authwp_ajax_sr_get_statssmart-reporter.php:1280

authwp_ajax_sr_klawoo_subscribesmart-reporter.php:1281

authwp_ajax_top_ababdoned_products_exportsmart-reporter.php:1385

authwp_ajax_sr_save_settingssmart-reporter.php:1386

authwp_ajax_sr_send_test_mailsmart-reporter.php:1387

WordPress Hooks 33

actioninitsmart-reporter.php:82

actioninitsmart-reporter.php:83

actioninitsmart-reporter.php:84

actionwoocommerce_cart_updatedsmart-reporter.php:86

actionwoocommerce_before_cart_item_quantity_zerosmart-reporter.php:87

filterwoocommerce_order_details_after_order_tablesmart-reporter.php:88

filtersite_transient_update_pluginssmart-reporter.php:90

actionwoocommerce_order_status_changedsmart-reporter.php:92

actionactivate_blogsmart-reporter.php:94

actionwoocommerce_order_actions_startsmart-reporter.php:97

actionwoocommerce_order_refundedsmart-reporter.php:98

actiondeleted_postsmart-reporter.php:100

actiontrashed_postsmart-reporter.php:101

actionuntrashed_postsmart-reporter.php:102

actionplugins_loadedsmart-reporter.php:104

actionadmin_footersmart-reporter.php:107

actionadmin_footersmart-reporter.php:109

actionadmin_initsmart-reporter.php:113

actionadmin_menusmart-reporter.php:116

filtercustom_menu_ordersmart-reporter.php:130

filtermenu_ordersmart-reporter.php:131

filtersa_active_plugins_for_quick_helpsmart-reporter.php:235

filtersa_is_page_for_notificationssmart-reporter.php:236

filterposts_join_requestsmart-reporter.php:381

filterposts_where_requestsmart-reporter.php:399

actionadmin_noticessmart-reporter.php:1276

actionadmin_initsmart-reporter.php:1277

actionadmin_enqueue_scriptssmart-reporter.php:1278

actionadmin_enqueue_scriptssmart-reporter.php:1279

actionnetwork_admin_menusmart-reporter.php:1291

actionwp_dashboard_setupsmart-reporter.php:1402

filterwoocommerce_admin_reportssmart-reporter.php:1603

filterwpsc_additional_pagessmart-reporter.php:1652

Maintenance & Trust

Smart Reporter For WooCommerce and WP eCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested5.2.24

Last updatedJul 11, 2019

PHP min version

Downloads71K

Community Trust

Rating68/100

Number of ratings18

Active installs300

Alternatives

Smart Reporter For WooCommerce and WP eCommerce Alternatives

REPORTiT – Advanced Reporting for WooCommerce

ithemelandco-woo-report

Stop guessing. Grow your sales with powerful, easy-to-understand reports and analytics for WooCommerce.

800 2 CVEs

Putler – Simple WooCommerce Analytics for your Store

woocommerce-putler-connector

A simple WooCommerce analytics plugin that provides detailed reports, insights, exports, segments, subscriptions & GA4 integration all in one place.

300 2 CVEs

WooReports — Advanced Reporting for WooCommerce

wc-reports-lite

Free sales reports for WooCommerce — 11 report modules including orders, products, stock, tax, coupons and payment gateways. No API key needed.

60 1 CVE

Dashboard and Analytics for WooCommerce

dashboard-and-analytics-for-woocommerce

100

The ultimate analytics dashboard for WooCommerce. See sales, orders, and reports at a glance. A simple, clean, and powerful analytics solution.

70 No CVEs

Advanced Woocommerce Reporting and Insights – Smart Product Sales Reporting

charty-custom-smart-analytics

100

Charty Analytics adds a modern, performance-focused WooCommerce analytics dashboard inside wp-admin with advanced reporting, insights, and actionable …

10 No CVEs

Developer Profile

Smart Reporter For WooCommerce and WP eCommerce Developer Profile

storeapps

10 plugins · 132K total installs

trust score

Avg Security Score

96/100

Avg Patch Time

761 days

View full developer profile

Detection Fingerprints

How We Detect Smart Reporter For WooCommerce and WP eCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/smart-reporter-for-wp-e-commerce/js/sr-woo-cart.js/wp-content/plugins/smart-reporter-for-wp-e-commerce/js/sr-woo-checkout.js/wp-content/plugins/smart-reporter-for-wp-e-commerce/js/sr-woo-orders.js/wp-content/plugins/smart-reporter-for-wp-e-commerce/js/sr-woo-products.js/wp-content/plugins/smart-reporter-for-wp-e-commerce/js/sr-woo-reports.js/wp-content/plugins/smart-reporter-for-wp-e-commerce/js/sr-woo-settings.js/wp-content/plugins/smart-reporter-for-wp-e-commerce/js/sr-woo-coupons.js/wp-content/plugins/smart-reporter-for-wp-e-commerce/js/sr-woo-customers.js+4 more

Script Paths

Version Parameters

/wp-content/plugins/smart-reporter-for-wp-e-commerce/css/smart-reporter-admin-style.css?ver=/wp-content/plugins/smart-reporter-for-wp-e-commerce/css/sr-woo-admin.css?ver=/wp-content/plugins/smart-reporter-for-wp-e-commerce/js/sr-woo-cart.js?ver=/wp-content/plugins/smart-reporter-for-wp-e-commerce/js/sr-woo-checkout.js?ver=/wp-content/plugins/smart-reporter-for-wp-e-commerce/js/sr-woo-orders.js?ver=/wp-content/plugins/smart-reporter-for-wp-e-commerce/js/sr-woo-products.js?ver=/wp-content/plugins/smart-reporter-for-wp-e-commerce/js/sr-woo-reports.js?ver=/wp-content/plugins/smart-reporter-for-wp-e-commerce/js/sr-woo-settings.js?ver=/wp-content/plugins/smart-reporter-for-wp-e-commerce/js/sr-woo-coupons.js?ver=/wp-content/plugins/smart-reporter-for-wp-e-commerce/js/sr-woo-customers.js?ver=/wp-content/plugins/smart-reporter-for-wp-e-commerce/js/sr-woo-admin.js?ver=/wp-content/plugins/smart-reporter-for-wp-e-commerce/js/admin-script.js?ver=

HTML / DOM Fingerprints

CSS Classes

sr_pricing_iconsmart-reporter-menu-slug

HTML Comments

Data Attributes

data-sr-order-iddata-sr-customer-iddata-sr-product-id

JS Globals

sr_woo_varsSRPROsr_license_keysr_download_url

FAQ