Convenience and cost continues to beat security.
Running Ethernet cables to the Point-of-Sale devices costs more. The cables have to comply with electrical and fire codes, and the manpower cost to route cables is non-trivial. So a wireless network is far, far more convenient (you can remodel the store and move stations about easily, and add new ones, if so wished).
[Tongue-in-cheek] As for the use of WinXP: it could, possibly, have been Windows XP Embedded updated to Service Pack 3, the extended support for which end on 1st December this year (2016)...
The use of out-dated/obsolescent software in specialised machinery is not a new problem. There is a fair amount of industrial machinery 'out there' still using MS/DOS-based control systems. The hard bit is finding spare parts for the PCs the software runs on. The problem of updating old Android phones is also well known.
It is often cheaper to continue to run an old system than pay for a new one - and if the accountants have not depreciated it fully, there could well be strong incentives not to scrap it - industrial machinery can have accounting depreciation periods of decades.
You can still buy or manufacture the leather belt needed to transfer power from a steam-powered traction engine to a threshing machine. Hardware usually has a much longer potential service life than software, and I think it is a reasonable expectation that software should be capable of remaining fit-for-purpose for as long as the hardware it is running on. Astounding progress has been made with virtualization, emulators, and API cloning, so that old programs can be run on new cpus that are even a different architecture to the original: however, hardware compatibility is the Achilles heel here: many old systems are kept in service because they are tied to using obsolescent hardware connectivity - it's all very well being able to run a DOS program on an ARM Android device, but you can't plug in an ISA-bus interface card.
So, while you can encapsulate old software in a modern, supposedly more secure and capable Virtual Machine; there is no equivalent solution for hardware connectivity. This is a security challenge for the future - how to design hardware to maximise the chance of it being capable of being used, and in a secure manner, in the unpredictable future. How would you, for example, use the bidirectional Centronics interface (IEEE1284) disk-drive on a Mac equipped only with Thunderbolt ports? Or plug in an 8-bit XT ISA-bus controller?
This brings us back to Clive's point-of-sale device: it might be stuck on XP due to the availability of drivers and/or hardware.
I don't know what the solution is, but I agree one is needed.