[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fjhz8770SS8lEqLXlFsVVdtqFiR4rR330EPE8X7lFDo4":3},{"slug":4,"display_name":5,"profile_url":6,"plugin_count":7,"total_installs":8,"avg_security_score":9,"avg_patch_time_days":10,"trust_score":11,"computed_at":12,"plugins":13},"kitgenix","Kitgenix","https:\u002F\u002Fprofiles.wordpress.org\u002Fkitgenix\u002F",5,310,100,30,94,"2026-04-04T05:03:56.289Z",[14,37,53,69,84],{"slug":15,"name":16,"version":17,"author":5,"author_profile":6,"description":18,"short_description":19,"active_installs":20,"downloaded":21,"rating":9,"num_ratings":7,"last_updated":22,"tested_up_to":23,"requires_at_least":24,"requires_php":25,"tags":26,"homepage":32,"download_link":33,"security_score":9,"vuln_count":34,"unpatched_count":34,"last_vuln_date":35,"fetched_at":36},"kitgenix-captcha-for-cloudflare-turnstile","Kitgenix CAPTCHA for Cloudflare Turnstile","1.0.17","\u003Cp>Spam is expensive: it wastes time, clogs inboxes, creates fake accounts, and on stores it can lead to abandoned checkout noise and fraudulent activity. Traditional CAPTCHA solutions can also hurt conversions by adding friction.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Cloudflare Turnstile\u003C\u002Fstrong> is a modern, privacy-first CAPTCHA alternative designed to reduce friction for real people while still blocking bots.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Kitgenix CAPTCHA for Cloudflare Turnstile\u003C\u002Fstrong> is a production-ready Turnstile integration for WordPress that focuses on reliability in real-world setups:\u003Cbr \u002F>\n– Server-side token verification (using Cloudflare’s official endpoint)\u003Cbr \u002F>\n– Fast, conditional loading (only where needed)\u003Cbr \u002F>\n– Support for dynamic\u002FAJAX forms and modern WooCommerce Blocks \u002F Store API checkout\u003Cbr \u002F>\n– Security features: replay protection, proxy-aware IP handling, whitelisting, and developer mode (warn-only)\u003C\u002Fp>\n\u003Cp>You can enable\u002Fdisable each integration (and many per-form toggles), choose auto-injection vs shortcode-only placement, customise display and messaging, and use built-in diagnostics and Site Health checks to troubleshoot.\u003C\u002Fp>\n\u003Ch4>Supported integrations (where Turnstile can be added)\u003C\u002Fh4>\n\u003Cp>All integrations are enable-able from settings. Many also support \u003Cstrong>Mode: Auto vs Shortcode\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WordPress Core\u003C\u002Fstrong>\u003Cbr \u002F>\n– Login\u003Cbr \u002F>\n– Registration\u003Cbr \u002F>\n– Lost password\u003Cbr \u002F>\n– Reset password\u003Cbr \u002F>\n– Comments (including safe handling for comment failures\u002Fredirects)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WooCommerce (Classic)\u003C\u002Fstrong>\u003Cbr \u002F>\n– Checkout\u003Cbr \u002F>\n– My Account login\u003Cbr \u002F>\n– My Account registration\u003Cbr \u002F>\n– Lost password\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WooCommerce Blocks (Store API \u002F Block Checkout)\u003C\u002Fstrong>\u003Cbr \u002F>\n– UI rendering inside block-based checkout\u003Cbr \u002F>\n– Adds token to Store API requests (header and\u002For extensions payload when available)\u003Cbr \u002F>\n– Server-side validation of Store API checkout requests\u003Cbr \u002F>\n– Supports “shortcode-only mode” behaviour so you can control placement\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Easy Digital Downloads (EDD)\u003C\u002Fstrong>\u003Cbr \u002F>\n– Checkout\u003Cbr \u002F>\n– Login\u003Cbr \u002F>\n– Register\u003Cbr \u002F>\n– Profile editor\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Form plugins\u003C\u002Fstrong>\u003Cbr \u002F>\n– Contact Form 7 (CF7)\u003Cbr \u002F>\n– WPForms\u003Cbr \u002F>\n– Fluent Forms\u003Cbr \u002F>\n– Formidable Forms\u003Cbr \u002F>\n– Forminator\u003Cbr \u002F>\n– Gravity Forms\u003Cbr \u002F>\n– JetFormBuilder\u003Cbr \u002F>\n– Jetpack Forms\u003Cbr \u002F>\n– Kadence Forms\u003Cbr \u002F>\n– Elementor Forms (including popups and AJAX submissions)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Community \u002F forums\u003C\u002Fstrong>\u003Cbr \u002F>\n– bbPress (topic\u002Freply flows where applicable)\u003Cbr \u002F>\n– BuddyPress (flows where applicable)\u003C\u002Fp>\n\u003Ch4>Core features (site-wide)\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Turnstile widget rendering\u003C\u002Fstrong>\u003Cbr \u002F>\n– Uses Cloudflare’s official Turnstile API script\u003Cbr \u002F>\n– Widget options:\u003Cbr \u002F>\n  – Theme: auto \u002F light \u002F dark\u003Cbr \u002F>\n  – Size: small \u002F medium \u002F large \u002F normal \u002F flexible\u003Cbr \u002F>\n  – Appearance: stored as Turnstile “appearance” option (defaults to always)\u003Cbr \u002F>\n  – Language: auto or explicit locale (passed via \u003Ccode>hl=...\u003C\u002Fcode>)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Settings & admin experience\u003C\u002Fstrong>\u003Cbr \u002F>\n– Settings page under the shared Kitgenix WP admin menu\u003Cbr \u002F>\n– Live “test widget” preview on the settings screen (renders when a Site Key is present)\u003Cbr \u002F>\n– Site Key + Secret Key storage (secret not printed in HTML by default)\u003Cbr \u002F>\n– “Reveal secret key” (admins only, nonce-protected AJAX action)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Messaging & UX\u003C\u002Fstrong>\u003Cbr \u002F>\n– Custom error message (admin-configurable, used across integrations)\u003Cbr \u002F>\n– Extra message text (optional text displayed alongside\u002Funder the widget)\u003Cbr \u002F>\n– “Disable submit until completed” option (frontend behaviour via plugin JS)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Replay protection (enabled by default)\u003C\u002Fstrong>\u003Cbr \u002F>\n– Detects re-used tokens (hash stored in transients) and blocks replays\u003Cbr \u002F>\n– TTL is filterable\u003Cbr \u002F>\n– Stores hashed token markers under the transient prefix \u003Ccode>kitgenix_captcha_for_cloudflare_turnstile_ts_\u003C\u002Fcode>\u003Cbr \u002F>\n– Sets a short-lived cookie (\u003Ccode>kitgenix_captcha_for_cloudflare_turnstile_ts_replay\u003C\u002Fcode>, ~120s) when replay is detected (for frontend behaviour\u002Fmessages)\u003Cbr \u002F>\n– Dedicated replay message (filterable)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Developer mode (warn-only)\u003C\u002Fstrong>\u003Cbr \u002F>\n– Verification failures do \u003Cstrong>not\u003C\u002Fstrong> block submissions\u003Cbr \u002F>\n– Failures are logged (and emitted via a developer log action)\u003Cbr \u002F>\n– Optional inline warning annotation for admins (frontend config)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Whitelisting (skip Turnstile + skip loading API script)\u003C\u002Fstrong>\u003Cbr \u002F>\n– Whitelist logged-in users\u003Cbr \u002F>\n– Whitelist by IP (exact, wildcards, CIDR — including IPv6)\u003Cbr \u002F>\n– Whitelist by User-Agent (substring or wildcard matching)\u003Cbr \u002F>\n– Filter hook to override whitelist decision\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Proxy \u002F real-IP handling\u003C\u002Fstrong>\u003Cbr \u002F>\n– Optional trust of proxy headers (Cloudflare \u002F X-Forwarded-For style)\u003Cbr \u002F>\n– Trusted proxy IP list \u002F trust controls\u003Cbr \u002F>\n– Forwarded headers are only honoured when the request originates from a trusted proxy\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Performance & resilience\u003C\u002Fstrong>\u003Cbr \u002F>\n– Conditional script loading only where needed\u003Cbr \u002F>\n– Async\u002Fstrategy-based script loading (depending on WP version)\u003Cbr \u002F>\n– Adds resource hints (preconnect \u002F dns-prefetch) for Turnstile domain\u003Cbr \u002F>\n– Detects duplicate Turnstile API loaders (if another plugin\u002Ftheme enqueues \u003Ccode>api.js\u003C\u002Fcode>):\u003Cbr \u002F>\n  – Stores detection in the transient \u003Ccode>kitgenix_turnstile_duplicate_scripts\u003C\u002Fcode>\u003Cbr \u002F>\n  – Shows admin notice on settings and Plugins screen\u003Cbr \u002F>\n  – Includes dismiss link (nonce-protected, uses \u003Ccode>kitgenix_captcha_for_cloudflare_turnstile_ts_dismiss_dupe=1\u003C\u002Fcode>)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Site Health + diagnostics\u003C\u002Fstrong>\u003Cbr \u002F>\n– Adds a Site Health test: “Cloudflare Turnstile readiness”\u003Cbr \u002F>\n– Checks:\u003Cbr \u002F>\n  – Keys present\u003Cbr \u002F>\n  – Duplicate API loader transient (\u003Ccode>kitgenix_turnstile_duplicate_scripts\u003C\u002Fcode>)\u003Cbr \u002F>\n  – Last verification success\u002Ffailure snapshot\u003Cbr \u002F>\n  – Heuristic warning if common optimisation\u002Fcaching plugins are active\u003Cbr \u002F>\n– Stores the last verify outcome (success, time, error codes) for Site Health display\u003Cbr \u002F>\n– Tracks privacy-safe counters in \u003Ccode>kitgenix_captcha_for_cloudflare_turnstile_metrics\u003C\u002Fcode> (checks total\u002Fpassed\u002Ffailed)\u003C\u002Fp>\n\u003Ch4>Manual placement (shortcode)\u003C\u002Fh4>\n\u003Cp>If you have a custom form or an unsupported plugin, you can manually render the widget:\u003C\u002Fp>\n\u003Cp>[kitgenix_turnstile]\u003C\u002Fp>\n\u003Cp>Shortcode output includes:\u003Cbr \u002F>\n– a nonce field\u003Cbr \u002F>\n– a hidden \u003Ccode>cf-turnstile-response\u003C\u002Fcode> input\u003Cbr \u002F>\n– the widget container (with \u003Ccode>data-sitekey\u003C\u002Fcode>)\u003Cbr \u002F>\n– support for passing arbitrary attributes via shortcode attributes\u003C\u002Fp>\n\u003Cp>Many supported integrations also offer \u003Cstrong>Shortcode-only\u003C\u002Fstrong> mode (you place the shortcode where you want; the plugin validates server-side without auto-injection).\u003C\u002Fp>\n\u003Ch4>Quick Start\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Install and activate the plugin.\u003C\u002Fli>\n\u003Cli>Open the Turnstile settings under the Kitgenix hub in wp-admin.\u003C\u002Fli>\n\u003Cli>Add your Cloudflare Turnstile Site Key and Secret Key.\u003C\u002Fli>\n\u003Cli>Configure widget options (theme\u002Fsize\u002Fappearance\u002Flanguage) and messaging if needed.\u003C\u002Fli>\n\u003Cli>Enable the integrations (and per-form toggles) you want.\u003C\u002Fli>\n\u003Cli>Save, then test the key user journeys: login, registration, checkout, and your main contact form.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Tip: Start with \u003Cstrong>Developer mode (warn-only)\u003C\u002Fstrong> on staging or during rollout. Once you’re satisfied, disable warn-only to enforce blocking.\u003C\u002Fp>\n\u003Ch4>Performance and caching notes (important for stores)\u003C\u002Fh4>\n\u003Cp>Turnstile is lightweight, but aggressive optimisation can break rendering or token freshness.\u003C\u002Fp>\n\u003Cp>If you use caching\u002Foptimisation plugins:\u003Cbr \u002F>\n– Allowlist https:\u002F\u002Fchallenges.cloudflare.com\u003Cbr \u002F>\n– Avoid full-page caching on login\u002Faccount\u002Fcheckout pages\u003Cbr \u002F>\n– Avoid combining\u002Finlining the Turnstile loader\u003Cbr \u002F>\n– Avoid heavily delaying Elementor\u002Fform plugin scripts\u003Cbr \u002F>\n– Ensure outbound HTTP requests to Cloudflare are not blocked (needed for server-side verification)\u003C\u002Fp>\n\u003Ch3>Settings Overview\u003C\u002Fh3>\n\u003Cp>Main settings:\u003Cbr \u002F>\n– Site Key\u003Cbr \u002F>\n– Secret Key (with “secret present” state, clear\u002Freveal)\u003Cbr \u002F>\n– Theme (auto\u002Flight\u002Fdark)\u003Cbr \u002F>\n– Size (small\u002Fmedium\u002Flarge\u002Fnormal\u002Fflexible)\u003Cbr \u002F>\n– Appearance (Turnstile appearance option)\u003Cbr \u002F>\n– Language (auto or specific locale)\u003Cbr \u002F>\n– Disable submit until completed\u003Cbr \u002F>\n– Custom error message\u003Cbr \u002F>\n– Extra message text\u003C\u002Fp>\n\u003Cp>Security & advanced:\u003Cbr \u002F>\n– Replay protection (on\u002Foff)\u003Cbr \u002F>\n– Developer mode (warn-only)\u003Cbr \u002F>\n– Whitelist logged-in users\u003Cbr \u002F>\n– Whitelist IPs (wildcards\u002FCIDR, including IPv6)\u003Cbr \u002F>\n– Whitelist user agents\u003Cbr \u002F>\n– Proxy trust (enable\u002Fdisable)\u003Cbr \u002F>\n– Trusted proxy IPs \u002F trust controls\u003C\u002Fp>\n\u003Cp>Integrations (enable + per-form toggles where available):\u003Cbr \u002F>\n– WordPress Core (login\u002Fregister\u002Flost password\u002Freset password\u002Fcomments)\u003Cbr \u002F>\n– WooCommerce (checkout\u002Flogin\u002Fregister\u002Flost password)\u003Cbr \u002F>\n– WooCommerce Blocks mode (auto vs shortcode-only)\u003Cbr \u002F>\n– Easy Digital Downloads (checkout\u002Flogin\u002Fregister\u002Fprofile)\u003Cbr \u002F>\n– Contact Form 7\u003Cbr \u002F>\n– WPForms\u003Cbr \u002F>\n– Fluent Forms\u003Cbr \u002F>\n– Formidable Forms\u003Cbr \u002F>\n– Forminator\u003Cbr \u002F>\n– Gravity Forms\u003Cbr \u002F>\n– Jetpack Forms\u003Cbr \u002F>\n– Kadence Forms\u003Cbr \u002F>\n– Elementor Forms\u003Cbr \u002F>\n– bbPress\u003Cbr \u002F>\n– BuddyPress\u003C\u002Fp>\n\u003Ch3>Developers\u003C\u002Fh3>\n\u003Cp>Shortcode:\u003Cbr \u002F>\n[kitgenix_turnstile]\u003C\u002Fp>\n\u003Cp>Server-side verification endpoint:\u003Cbr \u002F>\nhttps:\u002F\u002Fchallenges.cloudflare.com\u002Fturnstile\u002Fv0\u002Fsiteverify\u003C\u002Fp>\n\u003Cp>Filters (script\u002Floading):\u003Cbr \u002F>\n– kitgenix_captcha_for_cloudflare_turnstile_script_url( $url, $settings )\u003Cbr \u002F>\n– kitgenix_turnstile_freshness_ms\u003Cbr \u002F>\n– kitgenix_turnstile_inline_style\u003C\u002Fp>\n\u003Cp>Filters (verification \u002F request handling):\u003Cbr \u002F>\n– kitgenix_turnstile_siteverify_url\u003Cbr \u002F>\n– kitgenix_turnstile_siteverify_timeout\u003Cbr \u002F>\n– kitgenix_turnstile_siteverify_sslverify\u003Cbr \u002F>\n– kitgenix_turnstile_siteverify_http_args\u003Cbr \u002F>\n– kitgenix_turnstile_send_remoteip\u003Cbr \u002F>\n– kitgenix_turnstile_remote_ip\u003Cbr \u002F>\n– kitgenix_turnstile_token_from_request\u003Cbr \u002F>\n– kitgenix_turnstile_error_codes\u003Cbr \u002F>\n– kitgenix_turnstile_error_message\u003Cbr \u002F>\n– kitgenix_turnstile_replay_message\u003Cbr \u002F>\n– kitgenix_captcha_for_cloudflare_turnstile_{context}_turnstile_error_message\u003C\u002Fp>\n\u003Cp>Filters (replay protection):\u003Cbr \u002F>\n– kitgenix_turnstile_replay_ttl\u003C\u002Fp>\n\u003Cp>Filters (whitelist \u002F proxy trust):\u003Cbr \u002F>\n– kitgenix_turnstile_is_whitelisted( $is_whitelisted, $details )\u003Cbr \u002F>\n– kitgenix_turnstile_trust_headers\u003Cbr \u002F>\n– kitgenix_turnstile_trusted_proxies\u003C\u002Fp>\n\u003Cp>Internal identifiers (options \u002F transients \u002F cookies \u002F meta):\u003Cbr \u002F>\n– Option: kitgenix_captcha_for_cloudflare_turnstile_settings\u003Cbr \u002F>\n– Settings group (Settings API): kitgenix_captcha_for_cloudflare_turnstile_settings_group\u003Cbr \u002F>\n– Option: kitgenix_captcha_for_cloudflare_turnstile_metrics\u003Cbr \u002F>\n– Option: kitgenix_turnstile_last_verify\u003Cbr \u002F>\n– Transient: kitgenix_captcha_for_cloudflare_turnstile_do_activation_redirect\u003Cbr \u002F>\n– Transient: kitgenix_turnstile_duplicate_scripts\u003Cbr \u002F>\n– Transient prefix (replay protection): kitgenix_captcha_for_cloudflare_turnstile_ts_\u003Cbr \u002F>\n– Cookie (replay notice): kitgenix_captcha_for_cloudflare_turnstile_ts_replay\u003Cbr \u002F>\n– WooCommerce order meta (Blocks\u002FStore API verification): _kitgenix_turnstile_verified\u003C\u002Fp>\n\u003Cp>Internal nonces \u002F actions:\u003Cbr \u002F>\n– Shortcode\u002Fform nonce field name: kitgenix_captcha_for_cloudflare_turnstile_nonce\u003Cbr \u002F>\n– Shortcode\u002Fform nonce action: kitgenix_captcha_for_cloudflare_turnstile_action\u003Cbr \u002F>\n– Settings save nonce field name: kitgenix_captcha_for_cloudflare_turnstile_settings_nonce\u003Cbr \u002F>\n– Settings save nonce action: kitgenix_captcha_for_cloudflare_turnstile_settings_save\u003Cbr \u002F>\n– Admin AJAX action (reveal saved secret): kitgenix_turnstile_get_secret (WordPress hook: wp_ajax_kitgenix_turnstile_get_secret)\u003Cbr \u002F>\n– Admin AJAX nonce action (reveal saved secret): kitgenix_turnstile_reveal_secret\u003Cbr \u002F>\n– Duplicate-loader notice dismiss query arg: kitgenix_captcha_for_cloudflare_turnstile_ts_dismiss_dupe\u003Cbr \u002F>\n– Duplicate-loader notice dismiss nonce action: kitgenix_captcha_for_cloudflare_turnstile_ts_dismiss\u003C\u002Fp>\n\u003Cp>Actions (developer logging):\u003Cbr \u002F>\n– kitgenix_turnstile_dev_log\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin uses \u003Cstrong>Cloudflare Turnstile\u003C\u002Fstrong> to verify requests and prevent spam and abuse.\u003C\u002Fp>\n\u003Cp>The plugin may:\u003Cbr \u002F>\n– Load the Turnstile script:\u003Cbr \u002F>\n  https:\u002F\u002Fchallenges.cloudflare.com\u002Fturnstile\u002Fv0\u002Fapi.js\u003Cbr \u002F>\n– Submit verification requests server-side to:\u003Cbr \u002F>\n  https:\u002F\u002Fchallenges.cloudflare.com\u002Fturnstile\u002Fv0\u002Fsiteverify\u003C\u002Fp>\n\u003Cp>When verification is enabled, the plugin sends to Cloudflare:\u003Cbr \u002F>\n– Your Turnstile secret key\u003Cbr \u002F>\n– The Turnstile response token\u003Cbr \u002F>\n– The visitor IP address (as the optional \u003Ccode>remoteip\u003C\u002Fcode> parameter, when enabled)\u003C\u002Fp>\n\u003Cp>The plugin does not send the visitor’s browser user agent to Cloudflare as part of the verification payload (the HTTP request itself is made server-side by WordPress).\u003C\u002Fp>\n\u003Cp>If proxy trust is enabled, the plugin may read forwarding headers (e.g. \u003Ccode>CF-Connecting-IP\u003C\u002Fcode>, \u003Ccode>X-Forwarded-For\u003C\u002Fcode>) to determine the client IP, but only when requests originate from configured trusted proxies.\u003C\u002Fp>\n\u003Cp>The plugin does not add tracking cookies itself and does not sell or share personal data.\u003C\u002Fp>\n\u003Cp>Cloudflare Turnstile Terms: https:\u002F\u002Fdevelopers.cloudflare.com\u002Fturnstile\u002F\u003Cbr \u002F>\nCloudflare Privacy Policy: https:\u002F\u002Fwww.cloudflare.com\u002Fprivacypolicy\u002F\u003C\u002Fp>\n\u003Cp>This plugin also includes a shared “Kitgenix hub” component in wp-admin which may fetch publicly available plugin metadata from WordPress.org using the WordPress core \u003Ccode>plugins_api()\u003C\u002Fcode> function (WordPress.org Plugins API).\u003C\u002Fp>\n\u003Cul>\n\u003Cli>When it runs: only in wp-admin (Kitgenix plugin admin pages)\u003C\u002Fli>\n\u003Cli>Data sent: plugin slug(s) (no personal data)\u003C\u002Fli>\n\u003Cli>Data received: publicly available plugin information (e.g. active installs, ratings)\u003C\u002Fli>\n\u003Cli>Caching: responses are cached locally using transients for ~1 day:\n\u003Cul>\n\u003Cli>\u003Ccode>kitgenix_hub_wporg_active_installs_v1\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>kitgenix_hub_wporg_ratings_v1\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Trademark Notice\u003C\u002Fh3>\n\u003Cp>“Cloudflare” and the Cloudflare logo are trademarks of Cloudflare, Inc. This plugin is not affiliated with or endorsed by Cloudflare, Inc.\u003C\u002Fp>\n\u003Ch3>Support Development\u003C\u002Fh3>\n\u003Cp>If this plugin helps keep spam away without slowing your site down, you can support ongoing development here:\u003Cbr \u002F>\nhttps:\u002F\u002Fbuymeacoffee.com\u002Fkitgenix\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Built with ❤︎ by @kitgenix – https:\u002F\u002Fkitgenix.com\u003C\u002Fp>\n","Add Cloudflare Turnstile to WordPress, WooCommerce, Elementor, and popular form plugins. Privacy-first spam protection with server-side verification.",300,2095,"2026-02-19T22:09:00.000Z","6.9.4","6.0","8.1",[27,28,29,30,31],"anti-spam","captcha","cloudflare","turnstile","woocommerce","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fkitgenix-captcha-for-cloudflare-turnstile\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkitgenix-captcha-for-cloudflare-turnstile.1.0.17.zip",0,null,"2026-03-15T15:16:48.613Z",{"slug":38,"name":39,"version":40,"author":5,"author_profile":6,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":34,"num_ratings":34,"last_updated":45,"tested_up_to":23,"requires_at_least":24,"requires_php":25,"tags":46,"homepage":51,"download_link":52,"security_score":9,"vuln_count":34,"unpatched_count":34,"last_vuln_date":35,"fetched_at":36},"kitgenix-order-tracking-for-woocommerce","Kitgenix Order Tracking for WooCommerce","1.0.5","\u003Cp>Customers don’t just want a tracking number — they want confidence.\u003C\u002Fp>\n\u003Cp>After purchase, the questions are predictable:\u003Cbr \u002F>\n“Has it shipped yet?”, “Is this coming in multiple parcels?”, “Which courier is it with?”, and “Can I track it right now?”\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Kitgenix Order Tracking for WooCommerce\u003C\u002Fstrong> gives you a clean, reliable way to manage \u003Cstrong>WooCommerce shipment tracking\u003C\u002Fstrong> without bloated shipping suites. Add \u003Cstrong>multiple shipments\u003C\u002Fstrong> to a single order (split deliveries, replacements, multi-parcel, different carriers), show tracking clearly to customers, and reduce “where is my order?” support tickets with a self-service tracking page.\u003C\u002Fp>\n\u003Cp>It also includes a \u003Cstrong>Tracking Analytics\u003C\u002Fstrong> screen inside WooCommerce so you can understand shipping speed, exceptions, and how often customers check tracking.\u003C\u002Fp>\n\u003Ch4>Built for real-world shipping workflows\u003C\u002Fh4>\n\u003Cp>This plugin is especially useful if you:\u003Cbr \u002F>\n– ship orders in more than one box (multi-parcel \u002F multi-shipment),\u003Cbr \u002F>\n– part-ship items while the rest are backordered,\u003Cbr \u002F>\n– use multiple couriers (Amazon Logistics, An Post, DHL, DPD, DX, Evri, FedEx, Parcelforce, Royal Mail, UPS, Woodside, Yodel, etc.),\u003Cbr \u002F>\n– want a branded tracking page instead of sending customers to random courier sites,\u003Cbr \u002F>\n– want tracking shown in emails (cleanly, without duplicate blocks),\u003Cbr \u002F>\n– want a “Partially shipped” workflow and email for staged fulfilment.\u003C\u002Fp>\n\u003Ch4>What the plugin does\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Add one or more shipments to a WooCommerce order (carrier + tracking number + optional shipped date + per-item quantities).\u003C\u002Fli>\n\u003Cli>Generate courier tracking links from built-in carrier URL patterns (plus an “Other” courier option for custom links).\u003C\u002Fli>\n\u003Cli>Display tracking for customers:\n\u003Cul>\n\u003Cli>in emails,\u003C\u002Fli>\n\u003Cli>and on a public tracking page via shortcode.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Optionally show an approximate delivery route map (Leaflet + OpenStreetMap; no Google Maps, no API key, no CDN).\u003C\u002Fli>\n\u003Cli>Monitor operations with a Tracking Analytics dashboard (ship speed, totals, breakdowns, lookups, recent shipments).\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Key features\u003C\u002Fh4>\n\u003Ch3>Multiple shipments (multi-parcel, split deliveries, replacements)\u003C\u002Fh3>\n\u003Cp>Add as many shipments as you need to a single order. Each shipment can include:\u003Cbr \u002F>\n– carrier (optional; if omitted, no carrier tracking link is generated),\u003Cbr \u002F>\n– tracking number,\u003Cbr \u002F>\n– shipped date (optional),\u003Cbr \u002F>\n– shipped items + quantities (line-item allocation for partial fulfilment).\u003C\u002Fp>\n\u003Cp>This makes partial shipments and multi-parcel deliveries accurate and customer-friendly.\u003C\u002Fp>\n\u003Ch3>Built-in carriers (UK & Ireland friendly)\u003C\u002Fh3>\n\u003Cp>Includes a carrier registry with icons and tracking URL patterns, so customers get direct “Track shipment” links.\u003C\u002Fp>\n\u003Cp>Built-in carriers include:\u003Cbr \u002F>\n– Amazon Logistics\u003Cbr \u002F>\n– An Post\u003Cbr \u002F>\n– DHL\u003Cbr \u002F>\n– DPD Ireland\u003Cbr \u002F>\n– DPD UK\u003Cbr \u002F>\n– DX\u003Cbr \u002F>\n– Evri\u003Cbr \u002F>\n– FedEx\u003Cbr \u002F>\n– Other (custom link \u002F no pattern)\u003Cbr \u002F>\n– Parcelforce Worldwide\u003Cbr \u002F>\n– Royal Mail\u003Cbr \u002F>\n– UPS Ireland\u003Cbr \u002F>\n– UPS UK\u003Cbr \u002F>\n– Woodside Distribution\u003Cbr \u002F>\n– Yodel\u003C\u002Fp>\n\u003Ch3>Customer tracking page (self-service)\u003C\u002Fh3>\n\u003Cp>Add a tracking page anywhere using:\u003Cbr \u002F>\n[kitgenix_tracking_form]\u003C\u002Fp>\n\u003Cp>The tracking form supports:\u003Cbr \u002F>\n– Order-based lookup (order number + billing email + postcode), and\u003Cbr \u002F>\n– Tracking-number lookup (useful when the customer only has parcel details)\u003C\u002Fp>\n\u003Cp>Great for reducing support tickets and giving customers a consistent experience.\u003C\u002Fp>\n\u003Ch3>Tracking in WooCommerce emails (done cleanly)\u003C\u002Fh3>\n\u003Cp>Tracking is appended to:\u003Cbr \u002F>\n– WooCommerce Completed Order email, and\u003Cbr \u002F>\n– the plugin’s own Partially Shipped email\u003C\u002Fp>\n\u003Cp>Includes duplicate-guarding so tracking blocks aren’t repeated if templates\u002Fhooks are customised.\u003C\u002Fp>\n\u003Ch3>“Partially shipped” order status + email (included)\u003C\u002Fh3>\n\u003Cp>The plugin registers:\u003Cbr \u002F>\n– a custom order status: \u003Cstrong>wc-partially-shipped\u003C\u002Fstrong> (“Partially shipped”), and\u003Cbr \u002F>\n– a custom email: \u003Cstrong>Kitgenix Partially Shipped\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Ideal for stores that ship in stages and want to send tracking early without marking the whole order completed.\u003C\u002Fp>\n\u003Ch3>Optional route map (OpenStreetMap + Leaflet)\u003C\u002Fh3>\n\u003Cp>If enabled, the tracking view can show an approximate route map using:\u003Cbr \u002F>\n– Leaflet (bundled locally — no CDN),\u003Cbr \u002F>\n– OpenStreetMap tiles,\u003Cbr \u002F>\n– Nominatim geocoding (endpoint + contact email are filterable)\u003C\u002Fp>\n\u003Cp>Includes fallbacks if geocoding fails (shows what it can, or hides the map with a message).\u003C\u002Fp>\n\u003Ch3>Tracking Analytics dashboard (inside WooCommerce)\u003C\u002Fh3>\n\u003Cp>Adds an admin screen under the Kitgenix hub with practical metrics:\u003Cbr \u002F>\n– shipped vs unshipped orders,\u003Cbr \u002F>\n– total shipments,\u003Cbr \u002F>\n– exceptions,\u003Cbr \u002F>\n– average\u002Fmedian time-to-ship,\u003Cbr \u002F>\n– carrier\u002Fstatus breakdowns,\u003Cbr \u002F>\n– recent shipments,\u003Cbr \u002F>\n– customer tracking lookup totals,\u003Cbr \u002F>\n– date range selection (predefined windows like 7–180 days)\u003C\u002Fp>\n\u003Cp>Calculations are batched and cached briefly (transients) to keep the dashboard fast.\u003C\u002Fp>\n\u003Ch4>How it works (quick overview)\u003C\u002Fh4>\n\u003Cp>1) Add tracking in wp-admin\u003Cbr \u002F>\nEdit an order and use the \u003Cstrong>Order Tracking\u003C\u002Fstrong> meta box. Create shipments using the “Add tracking” modal:\u003Cbr \u002F>\n– tracking number\u003Cbr \u002F>\n– carrier dropdown (explicit selection, or leave blank)\u003Cbr \u002F>\n– shipped date\u003Cbr \u002F>\n– item quantities (loaded via AJAX)\u003Cbr \u002F>\n– optional order status update after save (don’t change \u002F partially shipped \u002F completed)\u003C\u002Fp>\n\u003Cp>2) Tracking appears for customers\u003Cbr \u002F>\nIf shipments exist, customers see a clear “Shipment Tracking” section in key emails and via the tracking page.\u003C\u002Fp>\n\u003Cp>3) Customers can track without contacting you\u003Cbr \u002F>\nUse the shortcode page so customers can look up tracking by order details or by tracking number.\u003C\u002Fp>\n\u003Cp>4) You can measure shipping performance\u003Cbr \u002F>\nOpen Tracking Analytics to see speed, breakdowns, and customer behaviour.\u003C\u002Fp>\n\u003Ch3>Quick Start\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Install and activate the plugin.\u003C\u002Fli>\n\u003Cli>Create a page called “Track Your Order” (or similar).\u003C\u002Fli>\n\u003Cli>Add this shortcode:\u003Cbr \u002F>\n[kitgenix_tracking_form]\u003C\u002Fli>\n\u003Cli>Edit any order and add a shipment in the Order Tracking meta box.\u003C\u002Fli>\n\u003Cli>Send a Completed Order email (or use Partially Shipped) and confirm tracking is shown.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Developers\u003C\u002Fh3>\n\u003Cp>Text domain:\u003Cbr \u002F>\nkitgenix-order-tracking-for-woocommerce\u003C\u002Fp>\n\u003Cp>Shortcode:\u003Cbr \u002F>\n[kitgenix_tracking_form]\u003C\u002Fp>\n\u003Cp>Data model (high level):\u003Cbr \u002F>\n– Shipments are stored as order meta under \u003Ccode>_kitgenix_tracking_shipments\u003C\u002Fcode> (array)\u003Cbr \u002F>\n– Tracking numbers are indexed for fast lookup via repeated order meta \u003Ccode>_kitgenix_tracking_number\u003C\u002Fcode> (one meta row per tracking number)\u003Cbr \u002F>\n– Admin UI stores the last chosen “update order status” action as order meta \u003Ccode>kitgenix_order_status_action\u003C\u002Fcode> (values: \u003Ccode>no_change\u003C\u002Fcode>, \u003Ccode>partial\u003C\u002Fcode>, \u003Ccode>completed\u003C\u002Fcode>)\u003Cbr \u002F>\n– Carrier settings are stored in the option \u003Ccode>kitgenix_order_tracking_for_woocommerce_carriers_settings\u003C\u002Fcode>\u003Cbr \u002F>\n– Counter option: \u003Ccode>kitgenix_order_tracking_for_woocommerce_tracking_numbers_added\u003C\u002Fcode> (privacy-safe total)\u003Cbr \u002F>\n– Counter option: \u003Ccode>kitgenix_order_tracking_for_woocommerce_lookup_count\u003C\u002Fcode> (successful tracking-page lookups)\u003Cbr \u002F>\n– Analytics aggregates are cached briefly in transients prefixed \u003Ccode>kitgenix_order_tracking_for_woocommerce_analytics_...\u003C\u002Fcode>\u003Cbr \u002F>\n– Activation redirect uses transient \u003Ccode>kitgenix_order_tracking_for_woocommerce_do_activation_redirect\u003C\u002Fcode> (about 30 seconds)\u003Cbr \u002F>\n– No custom database tables are created\u003Cbr \u002F>\n– Uninstall does not automatically remove order meta (to preserve historical tracking)\u003C\u002Fp>\n\u003Cp>Nonces \u002F capabilities (summary):\u003Cbr \u002F>\n– Order edit tracking save uses nonce action \u003Ccode>kitgenix_order_tracking_save\u003C\u002Fcode> (\u003Ccode>kitgenix_order_tracking_nonce\u003C\u002Fcode>) and requires \u003Ccode>edit_shop_order\u003C\u002Fcode>.\u003Cbr \u002F>\n– Order-items modal loads via AJAX action \u003Ccode>kitgenix_order_tracking_for_woocommerce_get_order_items\u003C\u002Fcode> using nonce action \u003Ccode>kitgenix_order_tracking\u003C\u002Fcode>.\u003Cbr \u002F>\n– Tracking form submissions use nonce action \u003Ccode>kitgenix_tracking_lookup\u003C\u002Fcode> (\u003Ccode>kitgenix_tracking_nonce\u003C\u002Fcode>).\u003Cbr \u002F>\n– Carriers (Shippers) settings form uses nonce action \u003Ccode>kitgenix_order_tracking_for_woocommerce_save_carriers\u003C\u002Fcode> (\u003Ccode>kitgenix_order_tracking_for_woocommerce_carriers_nonce\u003C\u002Fcode>).\u003C\u002Fp>\n\u003Cp>Hooks \u002F filters:\u003Cbr \u002F>\n– kitgenix_order_tracking_for_woocommerce_debug_save( bool $enabled, int $order_id ): bool (enable debug order note on save)\u003Cbr \u002F>\n– kitgenix_order_tracking_for_woocommerce_nominatim_email( string $email ): string (supply\u002Foverride Nominatim email param)\u003Cbr \u002F>\n– kitgenix_order_tracking_for_woocommerce_nominatim_endpoint( string $endpoint ): string (override geocoding endpoint)\u003C\u002Fp>\n\u003Cp>Admin AJAX endpoints:\u003Cbr \u002F>\n– wp_ajax_kitgenix_order_tracking_for_woocommerce_get_order_items (load order items into the shipment modal)\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin may connect to external services in two situations:\u003C\u002Fp>\n\u003Cp>1) When customers click courier tracking links\u003Cbr \u002F>\nTracking links open the carrier’s tracking page (e.g. Amazon Logistics, An Post, DHL, DPD, DX, Evri, FedEx, Parcelforce Worldwide, Royal Mail, UPS, Woodside Distribution, Yodel) or a custom “Other” URL. These links may contain the tracking number.\u003C\u002Fp>\n\u003Cp>2) When the optional map is enabled\u003Cbr \u002F>\nThe tracking view may request:\u003Cbr \u002F>\n– OpenStreetMap tile images\u003Cbr \u002F>\n– Nominatim geocoding requests (to convert store\u002Fcustomer address details into coordinates)\u003C\u002Fp>\n\u003Cp>Map implementation notes:\u003Cbr \u002F>\n– Leaflet is bundled locally (no CDN fallback).\u003Cbr \u002F>\n– Map tiles are loaded from \u003Ccode>https:\u002F\u002F{s}.tile.openstreetmap.org\u002F{z}\u002F{x}\u002F{y}.png\u003C\u002Fcode>.\u003Cbr \u002F>\n– Geocoding defaults to \u003Ccode>https:\u002F\u002Fnominatim.openstreetmap.org\u002Fsearch\u003C\u002Fcode> and may include the full store and delivery address string in the \u003Ccode>q\u003C\u002Fcode> parameter.\u003C\u002Fp>\n\u003Cp>3) In wp-admin (Kitgenix hub)\u003Cbr \u002F>\nThis plugin includes a shared “Kitgenix hub” component in wp-admin which may fetch publicly available plugin metadata from WordPress.org using WordPress core’s \u003Ccode>plugins_api()\u003C\u002Fcode> function.\u003C\u002Fp>\n\u003Cp>Caching:\u003Cbr \u002F>\n– Transient: \u003Ccode>kitgenix_hub_wporg_active_installs_v1\u003C\u002Fcode>\u003Cbr \u002F>\n– Transient: \u003Ccode>kitgenix_hub_wporg_ratings_v1\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Leaflet assets are bundled locally (no CDN).\u003C\u002Fp>\n\u003Cp>No personal data is sold or shared by this plugin. Where external services are used, requests may include data required to perform the function (for example, a tracking number in a carrier link, or address data used for geocoding). Review the relevant provider policies for your use case.\u003C\u002Fp>\n\u003Ch3>Trademark Notice\u003C\u002Fh3>\n\u003Cp>All carrier names and logos are trademarks of their respective owners. This plugin is not affiliated with or endorsed by any courier, carrier, OpenStreetMap, or Nominatim service.\u003C\u002Fp>\n\u003Ch3>Support Development\u003C\u002Fh3>\n\u003Cp>If this plugin reduces “where is my order?” tickets and helps customers self-serve tracking, you can support ongoing development here:\u003Cbr \u002F>\nhttps:\u002F\u002Fbuymeacoffee.com\u002Fkitgenix\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Built with ❤︎ by @kitgenix – https:\u002F\u002Fkitgenix.com\u003C\u002Fp>\n","Add multi-shipment tracking to WooCommerce orders, show tracking in customer emails, and provide a public “Track Your Order” page.",10,391,"2026-02-19T22:13:00.000Z",[47,48,49,50,31],"emails","shipments","shipping","tracking","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fkitgenix-order-tracking-for-woocommerce\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkitgenix-order-tracking-for-woocommerce.1.0.5.zip",{"slug":54,"name":55,"version":56,"author":5,"author_profile":6,"description":57,"short_description":58,"active_installs":34,"downloaded":59,"rating":34,"num_ratings":34,"last_updated":60,"tested_up_to":23,"requires_at_least":24,"requires_php":25,"tags":61,"homepage":67,"download_link":68,"security_score":9,"vuln_count":34,"unpatched_count":34,"last_vuln_date":35,"fetched_at":36},"kitgenix-affiliate-link-manager","Kitgenix Affiliate Link Manager","1.0.0","\u003Cp>Affiliate URLs can get long, messy, and hard to manage — especially once they’re embedded across pages, posts, emails, and ads.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Kitgenix Affiliate Link Manager\u003C\u002Fstrong> gives you a simple, central place to create and manage short affiliate links, and redirect visitors using a clean URL format:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u002Fgo\u002F{slug} (prefix configurable)\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>It’s designed to be lightweight and practical:\u003Cbr \u002F>\n– Create links with a Name, Slug and Destination URL\u003Cbr \u002F>\n– Configure the redirect prefix (default: \u003Ccode>go\u003C\u002Fcode>)\u003Cbr \u002F>\n– Choose redirect status: 307, 302 or 301\u003Cbr \u002F>\n– Track click counts per link\u003Cbr \u002F>\n– No third-party redirect\u002Fshort-link service (redirects happen on your site)\u003C\u002Fp>\n\u003Cp>SEO note: you can choose a per-link rel value (nofollow \u002F sponsored \u002F both). When placing your short URL into content, use sponsored\u002Fnofollow to follow search engine guidelines for affiliate links.\u003C\u002Fp>\n\u003Ch4>Notes\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>This plugin stores links in a private custom post type and performs redirects via WordPress rewrite rules.\u003C\u002Fli>\n\u003Cli>After changing the redirect prefix, you may need to re-save Permalinks (Settings \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Permalinks) to ensure rewrite rules are refreshed.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Quick Start\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Install and activate the plugin.\u003C\u002Fli>\n\u003Cli>Go to Kitgenix \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Affiliate Links.\u003C\u002Fli>\n\u003Cli>Add a link (Name + Destination URL + optional custom slug).\u003C\u002Fli>\n\u003Cli>Copy the generated short URL and use it anywhere.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Developers\u003C\u002Fh3>\n\u003Cp>Text domain:\u003Cbr \u002F>\nkitgenix-affiliate-link-manager\u003C\u002Fp>\n\u003Cp>Custom post type:\u003Cbr \u002F>\n– \u003Ccode>kitgenix_aff_link\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Post meta:\u003Cbr \u002F>\n– Destination URL: \u003Ccode>_kitgenix_affiliate_destination_url\u003C\u002Fcode>\u003Cbr \u002F>\n– Click count: \u003Ccode>_kitgenix_affiliate_clicks\u003C\u002Fcode>\u003Cbr \u002F>\n– Rel value: \u003Ccode>_kitgenix_affiliate_rel\u003C\u002Fcode> (allowed: \u003Ccode>nofollow\u003C\u002Fcode>, \u003Ccode>sponsored\u003C\u002Fcode>, \u003Ccode>nofollow sponsored\u003C\u002Fcode>)\u003C\u002Fp>\n\u003Cp>Settings option:\u003Cbr \u002F>\n– \u003Ccode>kitgenix_affiliate_link_manager_settings\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Settings group (Settings API):\u003Cbr \u002F>\n– \u003Ccode>kitgenix_affiliate_link_manager_settings_group\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Redirect query var:\u003Cbr \u002F>\n– \u003Ccode>kitgenix_affiliate_slug\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Admin actions \u002F nonces:\u003Cbr \u002F>\n– Admin-post action (save): \u003Ccode>admin_post_kitgenix_affiliate_link_save\u003C\u002Fcode>\u003Cbr \u002F>\n– Admin-post action (delete): \u003Ccode>admin_post_kitgenix_affiliate_link_delete\u003C\u002Fcode>\u003Cbr \u002F>\n– Link save nonce action: \u003Ccode>kitgenix_affiliate_link_save\u003C\u002Fcode>\u003Cbr \u002F>\n– Link save nonce field name: \u003Ccode>kitgenix_affiliate_link_nonce\u003C\u002Fcode>\u003Cbr \u002F>\n– Link delete nonce action: \u003Ccode>kitgenix_affiliate_link_delete\u003C\u002Fcode>\u003Cbr \u002F>\n– Link delete nonce query arg: \u003Ccode>nonce\u003C\u002Fcode>\u003Cbr \u002F>\n– Settings save nonce action: \u003Ccode>kitgenix_affiliate_link_manager_settings_save\u003C\u002Fcode>\u003Cbr \u002F>\n– Settings save nonce field name: \u003Ccode>kitgenix_affiliate_link_manager_settings_nonce\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Settings UI field identifiers:\u003Cbr \u002F>\n– Redirect status  id: \u003Ccode>kitgenix_affiliate_redirect_status\u003C\u002Fcode>\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin includes a shared “Kitgenix hub” component in wp-admin which may fetch publicly available plugin metadata from WordPress.org using WordPress core’s \u003Ccode>plugins_api()\u003C\u002Fcode> function.\u003C\u002Fp>\n\u003Cp>Caching:\u003Cbr \u002F>\n– Transient: \u003Ccode>kitgenix_hub_wporg_active_installs_v1\u003C\u002Fcode>\u003Cbr \u002F>\n– Transient: \u003Ccode>kitgenix_hub_wporg_ratings_v1\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Redirect destinations:\u003Cbr \u002F>\n– When a visitor uses a short URL like \u003Ccode>\u002Fgo\u002F{slug}\u003C\u002Fcode>, the plugin redirects them to the destination URL you configured for that link. Destination URLs are commonly on third-party domains (affiliate programs).\u003C\u002Fp>\n\u003Ch3>Security & Privacy\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>No tracking cookies are added.\u003C\u002Fli>\n\u003Cli>Admin actions are protected with capability checks and nonces.\u003C\u002Fli>\n\u003Cli>Redirect destinations are validated before redirect.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Uninstall\u003C\u002Fh3>\n\u003Cp>Uninstall removes only plugin settings and plugin-only transients (but does not delete stored affiliate link posts or click data).\u003C\u002Fp>\n\u003Cp>Deleted:\u003Cbr \u002F>\n– Option: \u003Ccode>kitgenix_affiliate_link_manager_settings\u003C\u002Fcode>\u003Cbr \u002F>\n– Transient: \u003Ccode>kitgenix_affiliate_link_manager_do_activation_redirect\u003C\u002Fcode>\u003Cbr \u002F>\n– Transient (short-lived): \u003Ccode>kitgenix_affiliate_link_manager_do_rewrite_flush\u003C\u002Fcode>\u003C\u002Fp>\n\u003Ch3>Support Development\u003C\u002Fh3>\n\u003Cp>If this plugin saves you time managing affiliate URLs, you can support ongoing development here:\u003Cbr \u002F>\nhttps:\u002F\u002Fbuymeacoffee.com\u002Fkitgenix\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Built with ❤︎ by @kitgenix – https:\u002F\u002Fkitgenix.com\u003C\u002Fp>\n","Manage affiliate short links in one place and redirect visitors via \u002Fgo\u002F{slug}.",179,"2026-03-01T12:53:00.000Z",[62,63,64,65,66],"affiliate","links","marketing","redirect","shortlinks","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fkitgenix-affiliate-link-manager\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkitgenix-affiliate-link-manager.1.0.0.zip",{"slug":70,"name":71,"version":40,"author":5,"author_profile":6,"description":72,"short_description":73,"active_installs":34,"downloaded":74,"rating":34,"num_ratings":34,"last_updated":75,"tested_up_to":23,"requires_at_least":24,"requires_php":25,"tags":76,"homepage":81,"download_link":82,"security_score":9,"vuln_count":34,"unpatched_count":34,"last_vuln_date":35,"fetched_at":83},"kitgenix-pdf-invoicing-for-woocommerce","Kitgenix PDF Invoicing for WooCommerce","\u003Cp>Most WooCommerce stores eventually need proper order documents.\u003C\u002Fp>\n\u003Cp>You might need a PDF invoice for accounting, a receipt for the customer, a packing slip for fulfilment, or a credit note when a refund is issued. You also want documents that look professional, match your branding, and work reliably across WooCommerce email flows.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Kitgenix PDF Invoicing for WooCommerce\u003C\u002Fstrong> is a lightweight, security-first PDF invoicing plugin that generates WooCommerce order PDFs on demand — without heavy background queues, and without filling your uploads folder with permanently stored PDFs.\u003C\u002Fp>\n\u003Cp>It’s built around practical store requirements:\u003Cbr \u002F>\n– Stable document identifiers\u002Fnumbering history (so regenerated PDFs stay consistent)\u003Cbr \u002F>\n– Secure Dompdf rendering defaults (chrooted paths, remote disabled by default, PHP in templates disabled by default)\u003Cbr \u002F>\n– Theme template overrides and developer hooks\u003Cbr \u002F>\n– Clean admin preview\u002Fdownload workflow on the order screen\u003Cbr \u002F>\n– Customer “My Account” download buttons and order table actions (optional)\u003Cbr \u002F>\n– Configurable WooCommerce email attachments that clean up temp files automatically\u003C\u002Fp>\n\u003Ch4>Important: Dompdf dependency\u003C\u002Fh4>\n\u003Cp>This plugin uses \u003Cstrong>Dompdf\u003C\u002Fstrong> (installed as a Composer dependency). If you are building from source, you must run Composer so the \u003Ccode>vendor\u002F\u003C\u002Fcode> directory (Dompdf) is present. The WordPress.org release includes the required library.\u003C\u002Fp>\n\u003Ch4>Documents generated (built-in types)\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Invoice (PDF)\u003C\u002Fli>\n\u003Cli>Receipt (PDF)\u003C\u002Fli>\n\u003Cli>Packing Slip (PDF)\u003C\u002Fli>\n\u003Cli>Credit Note (PDF) (only available when refunds exist)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Document types are registered in a document registry and can be extended via filters.\u003C\u002Fp>\n\u003Ch4>Why store owners choose Kitgenix PDF Invoicing\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Secure by default\u003C\u002Fstrong>\u003Cbr \u002F>\n– Dompdf configured with strict defaults:\u003Cbr \u002F>\n  – chroot limited to allowed paths\u003Cbr \u002F>\n  – remote resource fetching disabled by default\u003Cbr \u002F>\n  – PHP execution inside templates disabled by default (opt-in only)\u003Cbr \u002F>\n– All admin\u002Fcustomer download actions are protected with nonces and permission checks.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>No bloat\u003C\u002Fstrong>\u003Cbr \u002F>\n– PDFs are generated only when needed.\u003Cbr \u002F>\n– Email attachments are created as temporary files and automatically cleaned up at shutdown.\u003Cbr \u002F>\n– No custom database tables.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Built for WooCommerce documents\u003C\u002Fstrong>\u003Cbr \u002F>\n– Refund-aware credit notes\u003Cbr \u002F>\n– Email attachment mapping\u003Cbr \u002F>\n– Customer download links in the right places\u003Cbr \u002F>\n– Store-friendly templates and template override system\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Modular + extensible\u003C\u002Fstrong>\u003Cbr \u002F>\nModules (Admin \u002F Settings \u002F Invoicing \u002F Email \u002F Frontend) are registered through a module manager and can be filtered for extension.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Ch3>Admin settings (branding, numbering, styles)\u003C\u002Fh3>\n\u003Cp>Settings page under the shared Kitgenix menu includes:\u003Cbr \u002F>\n– Company name, address, email\u002Fphone, tax ID\u003Cbr \u002F>\n– Logo upload (WordPress media)\u003Cbr \u002F>\n– Footer text and customer notes\u002Ffooter notes\u003Cbr \u002F>\n– Document prefixes:\u003Cbr \u002F>\n  – Invoice prefix\u003Cbr \u002F>\n  – Receipt prefix\u003Cbr \u002F>\n  – Credit note prefix\u003Cbr \u002F>\n– Template style selector (Standard \u002F Simple \u002F Modern \u002F Business)\u003Cbr \u002F>\n– Colour settings:\u003Cbr \u002F>\n  – Primary colour\u003Cbr \u002F>\n  – Accent colour\u003Cbr \u002F>\n  – Text colour\u003Cbr \u002F>\n  – Muted text colour\u003Cbr \u002F>\n  – Border colour\u003Cbr \u002F>\n  – Table header background\u003Cbr \u002F>\n  – Document background\u003Cbr \u002F>\n  – Footer background\u003Cbr \u002F>\n  – Footer text colour\u003C\u002Fp>\n\u003Ch3>Admin order meta box (preview + PDF downloads)\u003C\u002Fh3>\n\u003Cp>On WooCommerce order edit screens the plugin adds document actions:\u003Cbr \u002F>\n– Download Invoice (PDF)\u003Cbr \u002F>\n– Download Packing Slip (PDF)\u003Cbr \u002F>\n– Download Receipt (PDF)\u003Cbr \u002F>\n– Download Credit Note (PDF) (only shown when refunds exist)\u003C\u002Fp>\n\u003Cp>Endpoints are secured using nonce + capability checks.\u003C\u002Fp>\n\u003Ch3>Stable document identifiers & history\u003C\u002Fh3>\n\u003Cp>For documents that require stable numbering (invoices\u002Fcredit notes), the plugin persists document identifiers and relevant timestamps on first generation so the document remains consistent over time.\u003C\u002Fp>\n\u003Ch3>Secure Dompdf PDF rendering\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Renders HTML templates into PDF (A4 portrait by default)\u003C\u002Fli>\n\u003Cli>Remote fetching disabled by default\u003C\u002Fli>\n\u003Cli>Dompdf “chroot” restricts filesystem access to allowed paths\u003C\u002Fli>\n\u003Cli>PHP in templates disabled by default (advanced opt-in only)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Template overrides (theme and agency friendly)\u003C\u002Fh3>\n\u003Cp>Templates can be overridden without editing plugin files.\u003C\u002Fp>\n\u003Cp>Template resolution order:\u003Cbr \u002F>\n1) Full override via filter\u003Cbr \u002F>\n2) Theme override path:\u003Cbr \u002F>\n  kitgenix-pdf-invoicing-for-woocommerce\u002F{style}\u002F\u003Cbr \u002F>\n3) Plugin templates fallback:\u003Cbr \u002F>\n  templates\u002F{style}\u002F\u003C\u002Fp>\n\u003Cp>Where \u003Ccode>{style}\u003C\u002Fcode> is the active template pack selected in settings: \u003Ccode>standard\u003C\u002Fcode>, \u003Ccode>simple\u003C\u002Fcode>, \u003Ccode>modern\u003C\u002Fcode>, or \u003Ccode>business\u003C\u002Fcode>.\u003Cbr \u002F>\nFor compatibility, the resolver also checks \u003Ccode>...\u002Fstandard\u002F\u003C\u002Fcode> and legacy root locations if a file is not found.\u003C\u002Fp>\n\u003Ch3>Customer downloads (My Account)\u003C\u002Fh3>\n\u003Cp>Optional customer-facing downloads for the order owner:\u003Cbr \u002F>\n– Order details page buttons:\u003Cbr \u002F>\n  – Download Invoice (PDF)\u003Cbr \u002F>\n  – Download Credit Note (PDF) (only when refunds exist)\u003Cbr \u002F>\n– My Account \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Orders table actions:\u003Cbr \u002F>\n  – View Invoice\u003Cbr \u002F>\n  – View Credit Note (when refunds exist)\u003C\u002Fp>\n\u003Cp>Customer downloads are nonce-protected and\u002For can be validated by order key for guest access (see “Download permissions”).\u003C\u002Fp>\n\u003Ch3>Download permissions & security\u003C\u002Fh3>\n\u003Cp>PDF rendering supports secure query-arg requests:\u003Cbr \u002F>\n– kitgenix_pdf=1\u003Cbr \u002F>\n– kitgenix_doc={type}\u003Cbr \u002F>\n– order_id={id}\u003Cbr \u002F>\n– _wpnonce=…\u003C\u002Fp>\n\u003Cp>Guest access (without a nonce) is permitted only when a valid WooCommerce order key is provided:\u003Cbr \u002F>\n– key= or order_key= must match the order’s key\u003C\u002Fp>\n\u003Cp>Default per-document rules:\u003Cbr \u002F>\n– Invoice + Receipt:\u003Cbr \u002F>\n  – order owner OR shop staff OR valid order key\u003Cbr \u002F>\n– Packing Slip:\u003Cbr \u002F>\n  – shop staff only (by default)\u003Cbr \u002F>\n– Credit Note:\u003Cbr \u002F>\n  – staff OR order owner (only if refunds exist) OR valid order key (only if refunds exist)\u003C\u002Fp>\n\u003Cp>Final permission gate is filterable.\u003C\u002Fp>\n\u003Ch3>Email attachments (configurable)\u003C\u002Fh3>\n\u003Cp>Attach PDFs to WooCommerce emails using settings and filters.\u003Cbr \u002F>\nThe plugin hooks WooCommerce’s email attachment pipeline, generates PDFs as temporary files for each email, attaches them, and cleans up automatically.\u003C\u002Fp>\n\u003Cp>Sensible defaults (customisable):\u003Cbr \u002F>\n– Invoice: Processing + Completed\u003Cbr \u002F>\n– Receipt: Completed\u003Cbr \u002F>\n– Credit Note: Refunded\u003Cbr \u002F>\n– Packing Slip: New Order (admin email)\u003C\u002Fp>\n\u003Ch3>Filenames, streaming vs download\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Default filename: {type}-{order_number}.pdf (filterable)\u003C\u002Fli>\n\u003Cli>Streams inline by default (Attachment=false), unless filtered to force download\u003C\u002Fli>\n\u003Cli>Generates temporary files for email attachments, cleaned up automatically\u003C\u002Fli>\n\u003Cli>Tracks simple generation metrics in an option (counts successful generations)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Customisation hooks (HTML\u002FCSS\u002Foutput)\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Full HTML filter\u003C\u002Fli>\n\u003Cli>Wrapper hooks before\u002Fafter document\u003C\u002Fli>\n\u003Cli>Custom CSS injection hook\u003C\u002Fli>\n\u003Cli>Language attribute filter\u003C\u002Fli>\n\u003Cli>Document title\u002Fbody class filters\u003C\u002Fli>\n\u003Cli>“Show shipping address” toggle filter\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Quick Start\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Install and activate the plugin (WooCommerce required).\u003C\u002Fli>\n\u003Cli>Open any WooCommerce order in wp-admin.\u003C\u002Fli>\n\u003Cli>In the Kitgenix PDF Invoicing meta box, click “Download Invoice (PDF)” to confirm output.\u003C\u002Fli>\n\u003Cli>Configure settings:\n\u003Cul>\n\u003Cli>branding + company details\u003C\u002Fli>\n\u003Cli>prefixes\u003C\u002Fli>\n\u003Cli>email attachments mapping\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Optional: enable customer downloads and order table actions.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>To customise layout, copy templates into your theme override folder and edit them.\u003C\u002Fp>\n\u003Ch3>Template Overrides\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\n\u003Cp>Copy templates from:\u003Cbr \u002F>\ntemplates\u002F{style}\u002F\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Paste into your theme at:\u003Cbr \u002F>\nkitgenix-pdf-invoicing-for-woocommerce\u002F{style}\u002F\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Edit the theme copies.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>The plugin will automatically use your theme templates instead of bundled templates.\u003C\u002Fp>\n\u003Ch3>Developers\u003C\u002Fh3>\n\u003Cp>Text domain:\u003Cbr \u002F>\nkitgenix-pdf-invoicing-for-woocommerce\u003C\u002Fp>\n\u003Cp>Architecture:\u003Cbr \u002F>\n– Modular plugin with Admin\u002FSettings\u002FInvoicing\u002FEmail\u002FFrontend modules\u003Cbr \u002F>\n– Document types registry (extendable)\u003Cbr \u002F>\n– Template system with theme overrides + HTML\u002FCSS filters\u003Cbr \u002F>\n– Secure download endpoints with nonce\u002Fcapability checks and optional order key validation\u003C\u002Fp>\n\u003Cp>Key filters:\u003Cbr \u002F>\n– kitgenix_pdf_invoicing_modules\u003Cbr \u002F>\n– kitgenix_pdf_document_types\u003Cbr \u002F>\n– kitgenix_pdf_document_enabled\u003Cbr \u002F>\n– kitgenix_pdf_document_user_can_download\u003Cbr \u002F>\n– kitgenix_pdf_document_filename\u003Cbr \u002F>\n– kitgenix_pdf_invoice_filename (back-compat)\u003Cbr \u002F>\n– kitgenix_pdf_document_attachment (inline vs download)\u003Cbr \u002F>\n– kitgenix_pdf_document_template_path\u003Cbr \u002F>\n– kitgenix_pdf_document_html\u003Cbr \u002F>\n– kitgenix_pdf_invoice_html (back-compat)\u003Cbr \u002F>\n– kitgenix_pdf_document_custom_css\u003Cbr \u002F>\n– kitgenix_pdf_document_lang\u003Cbr \u002F>\n– kitgenix_pdf_document_title\u003Cbr \u002F>\n– kitgenix_pdf_document_body_class\u003Cbr \u002F>\n– kitgenix_pdf_show_shipping_address\u003Cbr \u002F>\n– kitgenix_pdf_email_document_map\u003Cbr \u002F>\n– kitgenix_pdf_email_attach_document\u003Cbr \u002F>\n– kitgenix_dompdf_enable_php (advanced; default false)\u003C\u002Fp>\n\u003Cp>Key actions:\u003Cbr \u002F>\n– kitgenix_before_stream_pdf_document\u003Cbr \u002F>\n– kitgenix_after_stream_pdf_document\u003Cbr \u002F>\n– kitgenix_before_stream_pdf_invoice (back-compat)\u003Cbr \u002F>\n– kitgenix_after_stream_pdf_invoice (back-compat)\u003Cbr \u002F>\n– Template hooks:\u003Cbr \u002F>\n  – kitgenix_pdf_before_document \u002F kitgenix_pdf_after_document\u003Cbr \u002F>\n  – kitgenix_pdf_before_document_wrapper \u002F kitgenix_pdf_after_document_wrapper\u003Cbr \u002F>\n  – kitgenix_pdf_after_notes\u003Cbr \u002F>\n  – kitgenix_pdf_after_order_data_rows\u003C\u002Fp>\n\u003Ch3>Data Handling\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Plugin settings stored in a single option: \u003Ccode>kitgenix_pdf_invoicing_settings\u003C\u002Fcode>.\u003C\u002Fli>\n\u003Cli>Anonymous generation metrics stored in: \u003Ccode>kitgenix_pdf_invoicing_for_woocommerce_metrics\u003C\u002Fcode>.\u003C\u002Fli>\n\u003Cli>Document identifiers\u002Fhistory stored on the order to keep documents stable:\n\u003Cul>\n\u003Cli>\u003Ccode>_kitgenix_pdf_invoicing_for_woocommerce_invoice_number\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>_kitgenix_pdf_invoicing_for_woocommerce_invoice_date\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>_kitgenix_pdf_invoicing_for_woocommerce_receipt_number\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>_kitgenix_pdf_invoicing_for_woocommerce_receipt_date\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>_kitgenix_pdf_invoicing_for_woocommerce_credit_note_count\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>_kitgenix_pdf_invoicing_for_woocommerce_credit_note_history\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>PDFs generated on demand (temporary files).\u003C\u002Fli>\n\u003Cli>Email attachments generated as temp files and cleaned up automatically.\u003C\u002Fli>\n\u003Cli>No custom database tables created.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Security & Privacy\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>All admin actions protected with nonces and capability checks.\u003C\u002Fli>\n\u003Cli>Inputs sanitised; outputs escaped appropriately.\u003C\u002Fli>\n\u003Cli>Dompdf PHP execution disabled by default. Enable only if you understand the risk:\u003Cbr \u002F>\nadd_filter( ‘kitgenix_dompdf_enable_php’, ‘__return_true’ );\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Security identifiers (exact):\u003Cbr \u002F>\n– Admin meta box downloads use \u003Ccode>admin-post.php\u003C\u002Fcode> actions \u003Ccode>kitgenix_admin_stream_invoice\u003C\u002Fcode>, \u003Ccode>kitgenix_admin_stream_receipt\u003C\u002Fcode>, \u003Ccode>kitgenix_admin_stream_packing_slip\u003C\u002Fcode>, \u003Ccode>kitgenix_admin_stream_credit_note\u003C\u002Fcode>, protected by query arg \u003Ccode>nonce\u003C\u002Fcode> created\u002Fverified with nonce action \u003Ccode>kitgenix_admin_pdf\u003C\u002Fcode>.\u003Cbr \u002F>\n– WordPress action hooks for those admin-post actions: \u003Ccode>admin_post_kitgenix_admin_stream_invoice\u003C\u002Fcode>, \u003Ccode>admin_post_kitgenix_admin_stream_receipt\u003C\u002Fcode>, \u003Ccode>admin_post_kitgenix_admin_stream_packing_slip\u003C\u002Fcode>, \u003Ccode>admin_post_kitgenix_admin_stream_credit_note\u003C\u002Fcode>.\u003Cbr \u002F>\n– Frontend document downloads use the optional \u003Ccode>_wpnonce\u003C\u002Fcode> value created\u002Fverified with nonce action \u003Ccode>kitgenix_download_{doc_type}_{order_id}\u003C\u002Fcode>.\u003Cbr \u002F>\n– WooCommerce order action key: \u003Ccode>kitgenix_download_pdf_invoice\u003C\u002Fcode> (hook: \u003Ccode>woocommerce_order_action_kitgenix_download_pdf_invoice\u003C\u002Fcode>).\u003C\u002Fp>\n\u003Cp>Admin page hook suffix:\u003Cbr \u002F>\n– \u003Ccode>kitgenix_page_kitgenix-pdf-invoicing-settings\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>PDF generation is performed locally on your server using Dompdf. This plugin does not send customer data to a third-party PDF generation API.\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin includes a shared “Kitgenix hub” component in wp-admin which may fetch publicly available plugin metadata from WordPress.org using WordPress core’s \u003Ccode>plugins_api()\u003C\u002Fcode> function.\u003C\u002Fp>\n\u003Cp>Caching:\u003Cbr \u002F>\n– Transient: \u003Ccode>kitgenix_hub_wporg_active_installs_v1\u003C\u002Fcode>\u003Cbr \u002F>\n– Transient: \u003Ccode>kitgenix_hub_wporg_ratings_v1\u003C\u002Fcode>\u003C\u002Fp>\n\u003Ch3>Uninstall\u003C\u002Fh3>\n\u003Cp>Uninstall removes the plugin settings option (\u003Ccode>kitgenix_pdf_invoicing_settings\u003C\u002Fcode>) and metrics option (\u003Ccode>kitgenix_pdf_invoicing_for_woocommerce_metrics\u003C\u002Fcode>) when uninstalled via WordPress.\u003Cbr \u002F>\nIt also deletes the activation redirect transient: \u003Ccode>kitgenix_pdf_invoicing_for_woocommerce_do_activation_redirect\u003C\u002Fcode>.\u003Cbr \u002F>\nOrder meta and document history are intentionally preserved to avoid accidental loss of invoice\u002Fcredit note history.\u003C\u002Fp>\n\u003Ch3>Support Development\u003C\u002Fh3>\n\u003Cp>If this plugin helps you generate clean WooCommerce PDFs and reduces admin work, you can support ongoing development here:\u003Cbr \u002F>\nhttps:\u002F\u002Fbuymeacoffee.com\u002Fkitgenix\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Built with ❤︎ by @kitgenix – https:\u002F\u002Fkitgenix.com\u003Cbr \u002F>\nBundled library: Dompdf (see vendor\u002F for licenses)\u003C\u002Fp>\n","Generate PDF invoices, receipts, packing slips and credit notes for WooCommerce. Overrides, customer downloads, and configurable email attachments.",284,"",[77,78,79,80,31],"invoices","packing-slips","pdf","receipts","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fkitgenix-pdf-invoicing-for-woocommerce\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkitgenix-pdf-invoicing-for-woocommerce.1.0.5.zip","2026-03-15T10:48:56.248Z",{"slug":85,"name":86,"version":87,"author":5,"author_profile":6,"description":88,"short_description":89,"active_installs":34,"downloaded":90,"rating":34,"num_ratings":34,"last_updated":91,"tested_up_to":23,"requires_at_least":24,"requires_php":25,"tags":92,"homepage":97,"download_link":98,"security_score":9,"vuln_count":34,"unpatched_count":34,"last_vuln_date":35,"fetched_at":36},"kitgenix-stock-sync-for-woocommerce","Kitgenix Stock Sync for WooCommerce","1.0.1","\u003Cp>Running multiple WooCommerce stores often creates the same operational problem: \u003Cstrong>stock drift\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>You update stock on one site, but another site still shows the old quantity. That can lead to oversells, customer frustration, and messy fulfilment.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Kitgenix Stock Sync for WooCommerce\u003C\u002Fstrong> solves this with a secure, practical model:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>One \u003Cstrong>Master\u003C\u002Fstrong> store holds the authoritative stock state.\u003C\u002Fli>\n\u003Cli>One or more \u003Cstrong>Child\u003C\u002Fstrong> stores receive updates from the Master.\u003C\u002Fli>\n\u003Cli>Stores communicate over \u003Cstrong>signed REST requests\u003C\u002Fstrong> (HMAC SHA-256) with timestamp + nonce replay protection.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin is designed to be lightweight:\u003Cbr \u002F>\n– No third-party SaaS.\u003Cbr \u002F>\n– No custom database tables.\u003Cbr \u002F>\n– Uses WooCommerce + WordPress primitives (REST API, options, product meta, transients, WooCommerce logging, Action Scheduler).\u003C\u002Fp>\n\u003Ch4>What this plugin syncs\u003C\u002Fh4>\n\u003Cp>Stock state is synced per SKU, including:\u003Cbr \u002F>\n– stock quantity\u003Cbr \u002F>\n– stock status\u003Cbr \u002F>\n– backorders\u003Cbr \u002F>\n– low stock amount\u003C\u002Fp>\n\u003Cp>Note: this plugin is focused on inventory syncing. It does not sync pricing, product content, images, or orders.\u003C\u002Fp>\n\u003Ch4>How it works (high level)\u003C\u002Fh4>\n\u003Cp>1) Stock changes are captured on each store using WooCommerce stock hooks.\u003C\u002Fp>\n\u003Cp>2) Children send events to the Master; the Master applies incoming events locally and then pushes \u003Cstrong>authoritative stock state\u003C\u002Fstrong> out to all enabled children.\u003C\u002Fp>\n\u003Cp>3) The Master can also run a \u003Cstrong>Reconcile\u003C\u002Fstrong> operation to push stock state for all products in batches.\u003C\u002Fp>\n\u003Ch4>SKU rename sync (important)\u003C\u002Fh4>\n\u003Cp>This plugin supports SKU renames by maintaining an internal, stable identifier (a “GID”) stored as product meta:\u003Cbr \u002F>\n– \u003Ccode>_kitgenix_stock_sync_for_woocommerce_gid\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>When SKUs change on the Master, the plugin emits a \u003Ccode>sku_rename\u003C\u002Fcode> event using the GID so child stores can map the update safely.\u003C\u002Fp>\n\u003Cp>Tip: Run \u003Cstrong>Reconcile\u003C\u002Fstrong> on the Master after initial setup. Reconcile establishes stable GIDs for products that don’t already have one, which makes SKU rename sync reliable.\u003C\u002Fp>\n\u003Ch4>Strict checkout validation (Child)\u003C\u002Fh4>\n\u003Cp>Child stores can optionally enable \u003Cstrong>Strict checkout validation\u003C\u002Fstrong>:\u003Cbr \u002F>\n– During checkout, the child queries the Master’s stock for SKUs in the cart.\u003Cbr \u002F>\n– If the Master reports the SKU is out of stock or insufficient (with backorders disabled), checkout is blocked.\u003Cbr \u002F>\n– If the Master can’t be reached, validation is \u003Cstrong>fail-open\u003C\u002Fstrong> to avoid breaking checkout.\u003C\u002Fp>\n\u003Ch4>Exclusions\u003C\u002Fh4>\n\u003Cp>You can exclude SKUs (comma or new line separated). Excluded SKUs are ignored for:\u003Cbr \u002F>\n– outbound stock events\u003Cbr \u002F>\n– reconcile batches\u003Cbr \u002F>\n– strict checkout validation\u003Cbr \u002F>\n– audit checks\u003C\u002Fp>\n\u003Ch4>Tools & diagnostics included\u003C\u002Fh4>\n\u003Cp>From the plugin admin screen:\u003Cbr \u002F>\n– \u003Cstrong>Test Connection\u003C\u002Fstrong> (ping the configured store)\u003Cbr \u002F>\n– \u003Cstrong>Reconcile (Master)\u003C\u002Fstrong>: push authoritative stock state to all children in batches\u003Cbr \u002F>\n– \u003Cstrong>Manual SKU Sync (Master)\u003C\u002Fstrong>: push a specific set of SKUs to all children\u003Cbr \u002F>\n– \u003Cstrong>Audit Children (Master)\u003C\u002Fstrong>: query each child’s local stock fields and compare against the Master\u003Cbr \u002F>\n– \u003Cstrong>Event Log + Backlog\u003C\u002Fstrong>: see recent events and failed pushes, and clear logs when needed\u003Cbr \u002F>\n– \u003Cstrong>Status\u003C\u002Fstrong>: last inbound\u002Foutbound health timestamps and last error message\u003C\u002Fp>\n\u003Ch3>Quick Start\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Install and activate the plugin on the Master and all Child stores.\u003C\u002Fli>\n\u003Cli>Choose your role on each store:\n\u003Cul>\n\u003Cli>Master: one store\u003C\u002Fli>\n\u003Cli>Child: all other stores\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>On the Child store: set the Master connection (Master URL, Master Store ID, Shared Secret).\u003C\u002Fli>\n\u003Cli>On the Master store: add each child (Child URL, Child Store ID, Shared Secret).\u003C\u002Fli>\n\u003Cli>Use Tools \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> \u003Cstrong>Test Connection\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>On the Master store: run Tools \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> \u003Cstrong>Reconcile\u003C\u002Fstrong> to establish stable GIDs and push initial state.\u003C\u002Fli>\n\u003Cli>Optionally enable Strict checkout validation on children.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Developers\u003C\u002Fh3>\n\u003Cp>Text domain:\u003Cbr \u002F>\nkitgenix-stock-sync-for-woocommerce\u003C\u002Fp>\n\u003Cp>Option key:\u003Cbr \u002F>\n– \u003Ccode>kitgenix_stock_sync_for_woocommerce_settings\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Option schema (high-level):\u003Cbr \u002F>\n– \u003Ccode>this_store_id\u003C\u002Fcode>, \u003Ccode>this_store_name\u003C\u002Fcode>, \u003Ccode>role\u003C\u002Fcode>, \u003Ccode>strict_checkout_validation\u003C\u002Fcode>\u003Cbr \u002F>\n– \u003Ccode>master\u003C\u002Fcode> (child config): \u003Ccode>url\u003C\u002Fcode>, \u003Ccode>store_id\u003C\u002Fcode>, \u003Ccode>secret\u003C\u002Fcode>\u003Cbr \u002F>\n– \u003Ccode>children\u003C\u002Fcode> (master config): entries with \u003Ccode>id\u003C\u002Fcode>, \u003Ccode>name\u003C\u002Fcode>, \u003Ccode>url\u003C\u002Fcode>, \u003Ccode>secret\u003C\u002Fcode>, \u003Ccode>enabled\u003C\u002Fcode>\u003Cbr \u002F>\n– \u003Ccode>exclusions.skus\u003C\u002Fcode>\u003Cbr \u002F>\n– Diagnostics\u002Fadmin UI state: \u003Ccode>notices\u003C\u002Fcode>, \u003Ccode>event_log\u003C\u002Fcode>, \u003Ccode>backlog\u003C\u002Fcode>, \u003Ccode>reconcile\u003C\u002Fcode>, \u003Ccode>health\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Product meta key:\u003Cbr \u002F>\n– \u003Ccode>_kitgenix_stock_sync_for_woocommerce_gid\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>REST API routes (POST):\u003Cbr \u002F>\n– \u003Ccode>\u002Fwp-json\u002Fkitgenix-stock-sync\u002Fv1\u002Fping\u003C\u002Fcode>\u003Cbr \u002F>\n– \u003Ccode>\u002Fwp-json\u002Fkitgenix-stock-sync\u002Fv1\u002Fevent\u003C\u002Fcode>\u003Cbr \u002F>\n– \u003Ccode>\u002Fwp-json\u002Fkitgenix-stock-sync\u002Fv1\u002Fstock\u003C\u002Fcode> (master only; used by strict checkout validation)\u003Cbr \u002F>\n– \u003Ccode>\u002Fwp-json\u002Fkitgenix-stock-sync\u002Fv1\u002Fstock-state\u003C\u002Fcode> (used by audit)\u003C\u002Fp>\n\u003Cp>Authentication headers:\u003Cbr \u002F>\n– \u003Ccode>X-Kitgenix-Store-Id\u003C\u002Fcode>\u003Cbr \u002F>\n– \u003Ccode>X-Kitgenix-Timestamp\u003C\u002Fcode>\u003Cbr \u002F>\n– \u003Ccode>X-Kitgenix-Nonce\u003C\u002Fcode>\u003Cbr \u002F>\n– \u003Ccode>X-Kitgenix-Signature\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Signatures:\u003Cbr \u002F>\n– HMAC SHA-256 over: \u003Ccode>timestamp + \"\\n\" + nonce + \"\\n\" + request_body\u003C\u002Fcode>\u003Cbr \u002F>\n– Timestamp skew allowed: 5 minutes\u003Cbr \u002F>\n– Nonce replay protection stored via transients\u003C\u002Fp>\n\u003Cp>Action Scheduler hooks:\u003Cbr \u002F>\n– (Action group: \u003Ccode>kitgenix-stock-sync\u003C\u002Fcode>)\u003Cbr \u002F>\n– \u003Ccode>kitgenix_stock_sync_for_woocommerce_process_event\u003C\u002Fcode>\u003Cbr \u002F>\n– \u003Ccode>kitgenix_stock_sync_for_woocommerce_push_to_store\u003C\u002Fcode> (async enqueue)\u003Cbr \u002F>\n– \u003Ccode>kitgenix_stock_sync_for_woocommerce_retry_send_to_master\u003C\u002Fcode>\u003Cbr \u002F>\n– \u003Ccode>kitgenix_stock_sync_for_woocommerce_retry_push_to_store\u003C\u002Fcode>\u003Cbr \u002F>\n– \u003Ccode>kitgenix_stock_sync_for_woocommerce_reconcile_batch\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Admin capability:\u003Cbr \u002F>\n– \u003Ccode>manage_woocommerce\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Admin nonces:\u003Cbr \u002F>\n– \u003Ccode>kss_save_config\u003C\u002Fcode>\u003Cbr \u002F>\n– \u003Ccode>kss_save_connection\u003C\u002Fcode>\u003Cbr \u002F>\n– \u003Ccode>kss_save_children\u003C\u002Fcode>\u003Cbr \u002F>\n– \u003Ccode>kss_test_connection\u003C\u002Fcode>\u003Cbr \u002F>\n– \u003Ccode>kss_tools\u003C\u002Fcode>\u003Cbr \u002F>\n– \u003Ccode>kss_logs\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Filters:\u003Cbr \u002F>\n– \u003Ccode>kitgenix_stock_sync_for_woocommerce_parent_menu_slug\u003C\u002Fcode> (change the parent menu slug; default: \u003Ccode>kitgenix\u003C\u002Fcode>)\u003C\u002Fp>\n\u003Cp>Transients (dynamic keys):\u003Cbr \u002F>\n– \u003Ccode>kitgenix_stock_sync_for_woocommerce_do_activation_redirect\u003C\u002Fcode> (30 seconds)\u003Cbr \u002F>\n– \u003Ccode>kitgenix_stock_sync_for_woocommerce_kss_nonce_{md5(store_id|nonce)}\u003C\u002Fcode> (nonce replay protection, 10 minutes)\u003Cbr \u002F>\n– \u003Ccode>kitgenix_stock_sync_for_woocommerce_kss_seen_{md5(event_id)}\u003C\u002Fcode> (duplicate event detection, ~2 hours)\u003Cbr \u002F>\n– \u003Ccode>kitgenix_stock_sync_for_woocommerce_kss_debounce_{md5(key)}\u003C\u002Fcode> (debounce, ~2 seconds)\u003Cbr \u002F>\n– \u003Ccode>kitgenix_stock_sync_for_woocommerce_kss_old_sku_{post_id}\u003C\u002Fcode> (SKU rename helper, 60 seconds)\u003Cbr \u002F>\n– \u003Ccode>kitgenix_stock_sync_for_woocommerce_kss_audit_result_{user_id}\u003C\u002Fcode> (stores last audit result in wp-admin, 10 minutes)\u003C\u002Fp>\n\u003Cp>Object cache (if persistent object cache is enabled):\u003Cbr \u002F>\n– Cache group: \u003Ccode>kitgenix_stock_sync\u003C\u002Fcode>\u003Cbr \u002F>\n– Key: \u003Ccode>kitgenix_stock_sync_for_woocommerce_kss_gid_{md5(gid)}\u003C\u002Fcode> (GID \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> product ID lookup, ~1 hour)\u003C\u002Fp>\n\u003Cp>Internal action hooks (called directly, but can be hooked):\u003Cbr \u002F>\n– \u003Ccode>kitgenix_stock_sync_for_woocommerce_process_order_processing\u003C\u002Fcode>\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin includes a shared “Kitgenix hub” component in wp-admin which may fetch publicly available plugin metadata from WordPress.org using WordPress core’s \u003Ccode>plugins_api()\u003C\u002Fcode> function.\u003C\u002Fp>\n\u003Cp>Caching:\u003Cbr \u002F>\n– Transient: \u003Ccode>kitgenix_hub_wporg_active_installs_v1\u003C\u002Fcode>\u003Cbr \u002F>\n– Transient: \u003Ccode>kitgenix_hub_wporg_ratings_v1\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>This plugin does not otherwise connect to third-party services as part of its stock sync. It does make REST requests between your own WordPress sites (Master and Child stores). These requests may include:\u003Cbr \u002F>\n– product SKUs\u003Cbr \u002F>\n– stock state (quantity\u002Fstatus\u002Fbackorders\u002Flow stock)\u003C\u002Fp>\n\u003Cp>Strict checkout validation on children sends SKUs in the cart to the Master for stock verification.\u003C\u002Fp>\n\u003Ch3>Security & Privacy\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>No tracking cookies are added by this plugin.\u003C\u002Fli>\n\u003Cli>Admin actions are protected with nonces and capability checks.\u003C\u002Fli>\n\u003Cli>REST requests are authenticated using HMAC signatures with timestamp + nonce replay protection.\u003C\u002Fli>\n\u003Cli>Shared secrets are stored in the plugin settings option (\u003Ccode>kitgenix_stock_sync_for_woocommerce_settings\u003C\u002Fcode>). Treat secrets like passwords.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Uninstall\u003C\u002Fh3>\n\u003Cp>This plugin removes its settings and plugin-only transients on uninstall. It does not remove WooCommerce product meta or Action Scheduler records.\u003C\u002Fp>\n\u003Cp>Removed on uninstall:\u003Cbr \u002F>\n– Option: \u003Ccode>kitgenix_stock_sync_for_woocommerce_settings\u003C\u002Fcode>\u003Cbr \u002F>\n– Site option: \u003Ccode>kitgenix_stock_sync_for_woocommerce_settings\u003C\u002Fcode>\u003Cbr \u002F>\n– Transients by prefix: \u003Ccode>kitgenix_stock_sync_for_woocommerce_\u003C\u002Fcode> and \u003Ccode>kss_\u003C\u002Fcode> (covers dynamic keys such as nonce\u002Fseen\u002Fdebounce helpers)\u003C\u002Fp>\n\u003Cp>Multisite:\u003Cbr \u002F>\n– Removes per-site options and transients for each site.\u003C\u002Fp>\n\u003Cp>If you want to remove all plugin data, you can also delete:\u003Cbr \u002F>\n– the product meta \u003Ccode>_kitgenix_stock_sync_for_woocommerce_gid\u003C\u002Fcode> (if you no longer need SKU rename mapping)\u003C\u002Fp>\n\u003Ch3>Support Development\u003C\u002Fh3>\n\u003Cp>If this plugin saves you admin time or helps prevent oversells across multiple stores, you can support ongoing development here:\u003Cbr \u002F>\nhttps:\u002F\u002Fbuymeacoffee.com\u002Fkitgenix\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Built with ❤︎ by @kitgenix – https:\u002F\u002Fkitgenix.com\u003C\u002Fp>\n","Securely sync WooCommerce stock between multiple stores using a master + child topology and signed REST requests.",154,"2026-02-19T22:14:00.000Z",[93,94,95,96,31],"inventory","multi-store","stock","sync","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fkitgenix-stock-sync-for-woocommerce\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkitgenix-stock-sync-for-woocommerce.1.0.1.zip"]