WP E-Commerce Advance Sales Report Lite Security & Risk Analysis
wordpress.org/plugins/wp-e-commerce-advance-sales-report-liteWP E-Commerce Advance Sales Report Lite shows you all key sales information in one main Dashboard in very intuitive, easy to understand format which g …
Is WP E-Commerce Advance Sales Report Lite Safe to Use in 2026?
Generally Safe
Score 85/100WP E-Commerce Advance Sales Report Lite has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The plugin 'wp-e-commerce-advance-sales-report-lite' version 1.0 exhibits a significant security concern due to an unprotected AJAX handler, representing its entire attack surface. While the majority of SQL queries utilize prepared statements and there's a lack of dangerous functions or external HTTP requests, the absence of authentication checks on the sole entry point is a critical oversight. This leaves the plugin vulnerable to unauthorized access and potential manipulation of its sales report functionalities.
The static analysis also reveals a concerning 0% of output escaping. This means that any data processed or displayed by the plugin could be susceptible to cross-site scripting (XSS) attacks, as user-supplied input might not be properly sanitized before being rendered in the browser. The lack of nonce checks and capability checks further exacerbates these risks, as there are no mechanisms in place to verify user authorization or prevent request forgery.
Despite the lack of recorded vulnerability history, which is a positive indicator, the current state of the code suggests a foundational lack of security best practices. The presence of an unprotected AJAX handler and universally unescaped output are serious weaknesses that outweigh the positive aspects of prepared SQL statements. While the plugin is small and has no known CVEs, the existing code signals highlight significant potential vulnerabilities that require immediate attention.
Key Concerns
- Unprotected AJAX handler
- 0% properly escaped output
- Missing nonce checks
- Missing capability checks
WP E-Commerce Advance Sales Report Lite Security Vulnerabilities
WP E-Commerce Advance Sales Report Lite Code Analysis
SQL Query Safety
Output Escaping
WP E-Commerce Advance Sales Report Lite Attack Surface
AJAX Handlers 1
WordPress Hooks 4
Maintenance & Trust
WP E-Commerce Advance Sales Report Lite Maintenance & Trust
Maintenance Signals
Community Trust
WP E-Commerce Advance Sales Report Lite Alternatives
Admin Shipping Calculator for WooCommerce
admin-shipping-calculator
With that plugin you can calculate your shipping costs when you create orders in wp-admin. Select a shipping method and the rate will be calculated fo …
LightStart – Maintenance Mode, Coming Soon and Landing Page Builder
wp-maintenance-mode
Easy Drag & Drop Page Builder that adds a splash page to your site that it's perfect for a coming soon page, maintenance or landing page.
Adminimize
adminimize
Adminimize that lets you hide 'unnecessary' items from the WordPress backend
Remove Dashboard Access
remove-dashboard-access-for-non-admins
Disable Dashboard access for users of a specific role or capability. Disallowed users are redirected to a chosen URL. Get set up in seconds.
Error Log Monitor
error-log-monitor
Adds a Dashboard widget that displays the latest messages from your PHP error log. It can also send logged errors to email.
WP E-Commerce Advance Sales Report Lite Developer Profile
6 plugins · 60 total installs
How We Detect WP E-Commerce Advance Sales Report Lite
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/wp-e-commerce-advance-sales-report-lite/assets/css/admin.css/wp-content/plugins/wp-e-commerce-advance-sales-report-lite/assets/graph/css/jquery.jqplot.min.css/wp-content/plugins/wp-e-commerce-advance-sales-report-lite/assets/graph/scripts/jquery.jqplot.min.js/wp-content/plugins/wp-e-commerce-advance-sales-report-lite/assets/graph/scripts/jqplot.pieRenderer.min.js/wp-content/plugins/wp-e-commerce-advance-sales-report-lite/assets/graph/scripts/jqplot.meterGaugeRenderer.min.js/wp-content/plugins/wp-e-commerce-advance-sales-report-lite/assets/graph/scripts/jqplot.pointLabels.min.js/wp-content/plugins/wp-e-commerce-advance-sales-report-lite/assets/graph/scripts/jqplot.dateAxisRenderer.min.js/wp-content/plugins/wp-e-commerce-advance-sales-report-lite/assets/graph/scripts/graph.js/wp-content/plugins/wp-e-commerce-advance-sales-report-lite/assets/graph/scripts/graph.jswp-e-commerce-advance-sales-report-lite/assets/css/admin.css?ver=wp-e-commerce-advance-sales-report-lite/assets/graph/css/jquery.jqplot.min.css?ver=wp-e-commerce-advance-sales-report-lite/assets/graph/scripts/jquery.jqplot.min.js?ver=wp-e-commerce-advance-sales-report-lite/assets/graph/scripts/jqplot.pieRenderer.min.js?ver=wp-e-commerce-advance-sales-report-lite/assets/graph/scripts/jqplot.meterGaugeRenderer.min.js?ver=wp-e-commerce-advance-sales-report-lite/assets/graph/scripts/jqplot.pointLabels.min.js?ver=wp-e-commerce-advance-sales-report-lite/assets/graph/scripts/jqplot.dateAxisRenderer.min.js?ver=wp-e-commerce-advance-sales-report-lite/assets/graph/scripts/graph.js?ver=HTML / DOM Fingerprints
ic_mis_reportic_cr_wrapwoo_cr-reports-wrapwoo_cr-reports-topstatThreeCol_BoxesLastBox_Marginexample-chartid="today_order_count_meter_gauge"id="top_product_pie_chart"id="last_7_days_sales_order_amount"ajax_object