[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fh3w8Ql17Set3ZJPnZWL45oYtMyyJtiPyym2_-Dxl52I":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":77,"crawl_stats":38,"alternatives":85,"analysis":162,"fingerprints":418},"accounting-for-woocommerce","Accounting for WooCommerce","1.6.11","Bastien Ho","https:\u002F\u002Fprofiles.wordpress.org\u002Fbastho\u002F","\u003Cp>Define global codes for each type of data: products, taxes, shipping fees, payment methods, account number, analytic.\u003C\u002Fp>\n\u003Cp>You can export your orders in a CSV file, filtered by date and status, set columns and separators so every common Accounting Software.\u003Cbr \u002F>\nAt this time, tested on : CIEL, Cogilog, EBP Accounting, GNUcash\u003C\u002Fp>\n\u003Cp>With the \u003Ca href=\"https:\u002F\u002Fapps.avecnous.eu\u002Fproduct\u002Fwoocommerce-accounting\u002F?mtm_campaign=wp-plugin&mtm_kwd=accounting-for-woocommerce-pro-addon&mtm_medium=wp-repo&mtm_source=premium\" rel=\"nofollow ugc\">PRO addon\u003C\u002Fa>, you will be able to set accounting number and analytic code for each item of: products, taxes, shipping fees and payment methods.\u003C\u002Fp>\n\u003Cp>Try out this plugin on our \u003Ca href=\"https:\u002F\u002Fdemo.avecnous.eu\u002Fcompta\u002F?mtm_campaign=wp-plugin&mtm_kwd=accounting-for-woocommerce-pro-addon&mtm_medium=wp-repo&mtm_source=demo\" rel=\"nofollow ugc\">demo site\u003C\u002Fa> to see how it works.\u003C\u002Fp>\n\u003Ch3>Features in free version\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Define global codes (account number and analytic) for each type of data: products, taxes, shipping fees, payment methods, customers\u003C\u002Fli>\n\u003Cli>Define which order status you want to export\u003C\u002Fli>\n\u003Cli>Export accounting in CSV file\u003C\u002Fli>\n\u003Cli>Custom date format\u003C\u002Fli>\n\u003Cli>Custom separator\u003C\u002Fli>\n\u003Cli>Custom decimal separator\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Features added by \u003Ca href=\"https:\u002F\u002Fapps.avecnous.eu\u002Fproduct\u002Fwoocommerce-accounting\u002F?mtm_campaign=wp-plugin&mtm_kwd=accounting-for-woocommerce-pro-addon&mtm_medium=wp-repo&mtm_source=premium\" rel=\"nofollow ugc\">PRO addon\u003C\u002Fa>\u003C\u002Fh3>\n\u003Cp>All free version features plus:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Define accounting number and analytic code for each item of: products, taxes, shipping fees and payment methods\u003C\u002Fli>\n\u003Cli>Define accounting number for each customers\u003C\u002Fli>\n\u003Cli>Support invoice number from WooCommerce PDF Invoices & Packing Slips\u003C\u002Fli>\n\u003Cli>Mark orders as exported\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Moreover, you can add the bank slips generated by \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbank-slip-for-woocommerce\u002F\" rel=\"ugc\">Bank Slip for WooCommerce\u003C\u002Fa> (free) in your exports with the \u003Ca href=\"https:\u002F\u002Fapps.avecnous.eu\u002Fproduit\u002Fmodule-journal-de-banque-comptabilite-pour-woocommerce\u002F?mtm_campaign=wp-plugin&mtm_kwd=accounting-for-woocommerce-bank-reconciliation&mtm_medium=wp-repo&mtm_source=premium\" rel=\"nofollow ugc\">Bank Reconcilation addon\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>This plugin is a fork from WooCommerce Book-keeper with a huge refactor by \u003Ca href=\"https:\u002F\u002Fapps.avecnous.eu\u002F?mtm_campaign=wp-plugin&mtm_kwd=accounting-for-woocommerce-pro-addon&mtm_medium=wp-repo&mtm_source=auhthor\" rel=\"nofollow ugc\">NOUS Ouvert Utile et Simple\u003C\u002Fa>.\u003C\u002Fp>\n","All you need to transfer accounting data from Woocommerce to accounting softwares!",600,11408,60,2,"2025-12-04T14:24:00.000Z","6.9.4","5.3","7.4",[20,21,22,23,24],"accounting","bookkeeping","export","vat","woocommerce","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Faccounting-for-woocommerce.1.6.11.zip",95,3,0,"2025-03-27 00:00:00","2026-03-15T15:16:48.613Z",[33,49,63],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2025-30835","accounting-for-woocommerce-unauthenticated-local-file-inclusion","Accounting for WooCommerce \u003C= 1.6.8 - Unauthenticated Local File Inclusion","The Accounting for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 1.6.8. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included.",null,"\u003C=1.6.8","1.6.9","critical",9.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Improper Control of Filename for Include\u002FRequire Statement in PHP Program ('PHP Remote File Inclusion')","2025-04-03 13:35:45",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fab721099-677d-48f4-83ba-f4c409374e80?source=api-prod",8,{"id":50,"url_slug":51,"title":52,"description":53,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":54,"cvss_score":55,"cvss_vector":56,"vuln_type":57,"published_date":58,"updated_date":59,"references":60,"days_to_patch":62},"CVE-2025-26929","accounting-for-woocommerce-authenticated-administrator-stored-cross-site-scripting","Accounting for WooCommerce \u003C=1.6.8 - Authenticated (Administrator+) Stored Cross-Site Scripting","The Accounting for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.6.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.","medium",4.4,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-03-11 00:00:00","2025-03-17 16:32:40",[61],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fffd97ee6-1858-4e8b-bd91-1c509cfa5a15?source=api-prod",7,{"id":64,"url_slug":65,"title":66,"description":67,"plugin_slug":4,"theme_slug":38,"affected_versions":68,"patched_in_version":69,"severity":54,"cvss_score":70,"cvss_vector":71,"vuln_type":57,"published_date":72,"updated_date":73,"references":74,"days_to_patch":76},"CVE-2024-11324","accounting-for-woocommerce-reflected-cross-site-scripting","Accounting for WooCommerce \u003C= 1.6.6 - Reflected Cross-Site Scripting","The Accounting for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.6.6. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.","\u003C=1.6.6","1.6.7",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2024-12-04 00:00:00","2024-12-05 09:23:08",[75],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ff34b7518-5cb3-4b4e-8b18-927c08c045f7?source=api-prod",1,{"slug":78,"display_name":7,"profile_url":8,"plugin_count":79,"total_installs":80,"avg_security_score":81,"avg_patch_time_days":82,"trust_score":83,"computed_at":84},"bastho",12,2150,88,15,86,"2026-04-04T07:19:00.002Z",[86,105,123,136,150],{"slug":87,"name":88,"version":89,"author":90,"author_profile":91,"description":92,"short_description":93,"active_installs":94,"downloaded":95,"rating":96,"num_ratings":97,"last_updated":25,"tested_up_to":16,"requires_at_least":98,"requires_php":18,"tags":99,"homepage":102,"download_link":103,"security_score":96,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":104},"peki-fiken-integration-for-woocommerce","Peki – Fiken Integration for WooCommerce","1.0.23","PEKI AS","https:\u002F\u002Fprofiles.wordpress.org\u002Fpeki\u002F","\u003Cp>Peki – Fiken Integration for WooCommerce automatically exports your WooCommerce orders to the Norwegian accounting platform Fiken. When orders are completed, the plugin creates vouchers in Fiken, reducing manual work and potential errors.\u003C\u002Fp>\n\u003Cp>Visit \u003Ca href=\"https:\u002F\u002Fpeki.no\u002Fintegration\u002Ffiken\" rel=\"nofollow ugc\">peki.no\u002Fintegration\u002Ffiken\u003C\u002Fa> for more information.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Automatic order export to Fiken when orders are completed\u003C\u002Fli>\n\u003Cli>Advanced bank account mapping – developed with senior accountant\u003C\u002Fli>\n\u003Cli>Automatic customer creation in Fiken\u003C\u002Fli>\n\u003Cli>Separate shipping line items with proper VAT handling\u003C\u002Fli>\n\u003Cli>VAT export for goods and services outside Norway\u003C\u002Fli>\n\u003Cli>Dynamic VAT rates based on store location\u003C\u002Fli>\n\u003Cli>Multi-currency support\u003C\u002Fli>\n\u003Cli>Refund handling with credit notes\u003C\u002Fli>\n\u003Cli>Multi-site support with shared quota per Fiken company\u003C\u002Fli>\n\u003Cli>GDPR compliant – only necessary data is transmitted\u003C\u002Fli>\n\u003Cli>Norwegian translation included\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cp>Before using this plugin, you need:\u003C\u002Fp>\n\u003Col>\n\u003Cli>An active Fiken account with API access enabled (NOK 99\u002Fmonth add-on)\u003C\u002Fli>\n\u003Cli>At least one invoice issued in Fiken to initialize counters\u003C\u002Fli>\n\u003Cli>WooCommerce installed and activated\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Free Plan\u003C\u002Fh4>\n\u003Cp>The plugin includes 15 free transfers per month. Multiple WordPress sites connected to the same Fiken company share the monthly quota.\u003C\u002Fp>\n\u003Ch4>Pricing\u003C\u002Fh4>\n\u003Cp>Most affordable Fiken integration on the market. Upgrade plans available for higher transfer limits:\u003Cbr \u002F>\n* Starter: 100 transfers\u002Fmonth (NOK 119 ex. VAT)\u003Cbr \u002F>\n* Growth: 1,000 transfers\u002Fmonth (NOK 319 ex. VAT)\u003Cbr \u002F>\n* Pro: 5,000 transfers\u002Fmonth (NOK 639 ex. VAT)\u003C\u002Fp>\n\u003Ch3>Plan Benefits\u003C\u002Fh3>\n\u003Cp>The plugin includes a free tier and three paid plans. Here’s what you get with each:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Free:\n\u003Cul>\n\u003Cli>15 transfers\u002Fmonth\u003C\u002Fli>\n\u003Cli>Core Woo \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Fiken export\u003C\u002Fli>\n\u003Cli>Community-level support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Starter:\n\u003Cul>\n\u003Cli>Everything in Free\u003C\u002Fli>\n\u003Cli>100 transfers\u002Fmonth\u003C\u002Fli>\n\u003Cli>Email support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Growth:\n\u003Cul>\n\u003Cli>Everything in Starter\u003C\u002Fli>\n\u003Cli>Automatically save invoice PDFs to the Media Library\u003C\u002Fli>\n\u003Cli>Per-payment document type overrides (Invoice vs CashSale)\u003C\u002Fli>\n\u003Cli>1,000 transfers\u002Fmonth\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Pro:\n\u003Cul>\n\u003Cli>Everything in Growth\u003C\u002Fli>\n\u003Cli>Highest monthly transfer limit (5,000 transfers\u002Fmonth)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Note: This is an independent third-party plugin. We are not affiliated with Fiken AS or WooCommerce\u002FAutomattic.\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin connects to external services to function:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Peki export service (peki.no) – Processes and forwards order data to Fiken API\u003C\u002Fli>\n\u003Cli>Fiken API (fiken.no) – Creates accounting vouchers from order data\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>By using this plugin, you agree to data processing on these external servers. Review their respective privacy policies for details.\u003C\u002Fp>\n","Automate your bookkeeping by connecting WooCommerce to Fiken. Export orders automatically and save time on manual accounting tasks.",30,1067,100,4,"5.8",[20,21,100,101,24],"fiken","invoices","https:\u002F\u002Fpeki.no\u002Fintegration\u002Ffiken","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpeki-fiken-integration-for-woocommerce.1.0.23.zip","2026-03-15T10:48:56.248Z",{"slug":106,"name":107,"version":108,"author":109,"author_profile":110,"description":111,"short_description":112,"active_installs":29,"downloaded":113,"rating":96,"num_ratings":14,"last_updated":25,"tested_up_to":16,"requires_at_least":114,"requires_php":115,"tags":116,"homepage":121,"download_link":122,"security_score":96,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":104},"comptaflow-by-meetempo","ComptaFlow by MeeTempo – French Accounting for WordPress","1.0.4","meetempo","https:\u002F\u002Fprofiles.wordpress.org\u002Fmeetempo\u002F","\u003Cp>\u003Cstrong>The only WordPress plugin built for French accounting standards (PCG).\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>ComptaFlow by MeeTempo is a free accounting assistant designed specifically for France: freelancers, auto-entrepreneurs, SASU, EURL, and small businesses. Enter your daily transactions with a guided system that automatically suggests the right PCG accounts and generates proper double-entry journal entries. Fully compliant with French tax requirements.\u003C\u002Fp>\n\u003Ch4>Why ComptaFlow by MeeTempo?\u003C\u002Fh4>\n\u003Cp>✅ \u003Cstrong>Guided Entry\u003C\u002Fstrong>: PCG accounts are automatically suggested (type “fuel” \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> 6061, “lawyer” \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> 6226)\u003C\u002Fp>\n\u003Cp>✅ \u003Cstrong>Automatic Journal Entries\u003C\u002Fstrong>: Double-entry bookkeeping generated automatically\u003C\u002Fp>\n\u003Cp>✅ \u003Cstrong>French Chart of Accounts\u003C\u002Fstrong>: 200+ pre-configured PCG accounts\u003C\u002Fp>\n\u003Cp>✅ \u003Cstrong>Multiple Exports\u003C\u002Fstrong>: Balance Sheet, General Ledger, Journal, Income Statement\u003C\u002Fp>\n\u003Cp>✅ \u003Cstrong>VAT Tracking\u003C\u002Fstrong>: Monitor your VAT for CA3 or CA12 regimes\u003C\u002Fp>\n\u003Ch4>Features (Free Version)\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Invoicing\u003C\u002Fstrong> – Create, edit, validate, duplicate invoices with PDF generation\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Client management\u003C\u002Fstrong> – Full CRUD with statistics per client\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Unlimited income and expense entries\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic journal entries\u003C\u002Fstrong> following French accounting standards\u003C\u002Fli>\n\u003Cli>\u003Cstrong>French Chart of Accounts (PCG)\u003C\u002Fstrong> with 200+ pre-configured accounts\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Financial operations\u003C\u002Fstrong> (bank transfers, loans, capital)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Manual journal entries\u003C\u002Fstrong> for adjustments (OD)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>CSV Exports\u003C\u002Fstrong>: Balance Sheet, General Ledger, Journal, Income Statement\u003C\u002Fli>\n\u003Cli>\u003Cstrong>VAT rate management\u003C\u002Fstrong> with multiple rates support\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Backup and restore\u003C\u002Fstrong> functionality\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Company settings\u003C\u002Fstrong> (SIRET, VAT number, fiscal year)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>The Right Workflow\u003C\u002Fh4>\n\u003Col>\n\u003Cli>\u003Cstrong>Daily\u003C\u002Fstrong>: Enter your income and expenses with the guided system\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Weekly\u003C\u002Fstrong>: Review your journal entries and correct if needed\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Monthly\u003C\u002Fstrong>: Export your reports and track your VAT\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Year-End\u003C\u002Fstrong>: Send your exports to your accountant for validation\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Who Is This For?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>French freelancers and consultants (profession libérale, BNC, BIC)\u003C\u002Fli>\n\u003Cli>Auto-entrepreneurs & micro-entrepreneurs preparing for “régime réel”\u003C\u002Fli>\n\u003Cli>SASU \u002F SAS \u002F EURL \u002F SARL owners\u003C\u002Fli>\n\u003Cli>Small businesses in France up to 10 employees\u003C\u002Fli>\n\u003Cli>Anyone who needs PCG-compliant bookkeeping in WordPress\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>⚠️ \u003Cstrong>Important\u003C\u002Fstrong>: This plugin is built exclusively for French accounting standards (Plan Comptable Général). It is not suitable for US, UK, or other countries’ accounting systems.\u003C\u002Fp>\n\u003Ch4>ComptaFlow Pro\u003C\u002Fh4>\n\u003Cp>Need advanced features? \u003Cstrong>ComptaFlow Pro\u003C\u002Fstrong> adds:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>📄 \u003Cstrong>Full Invoicing\u003C\u002Fstrong> – Invoices, Quotes, Credit Notes with PDF generation\u003C\u002Fli>\n\u003Cli>🔍 \u003Cstrong>SIRET API\u003C\u002Fstrong> – Auto-fill company and client info from official database\u003C\u002Fli>\n\u003Cli>📤 \u003Cstrong>FEC Export\u003C\u002Fstrong> – DGFiP-compliant file for tax audits\u003C\u002Fli>\n\u003Cli>🏦 \u003Cstrong>Bank Reconciliation\u003C\u002Fstrong> – Multi-bank CSV import with intelligent matching\u003C\u002Fli>\n\u003Cli>📋 \u003Cstrong>VAT Management\u003C\u002Fstrong> – CA3\u002FCA12 automatic declarations\u003C\u002Fli>\n\u003Cli>🏢 \u003Cstrong>Fixed Assets\u003C\u002Fstrong> – Depreciation schedules and asset management\u003C\u002Fli>\n\u003Cli>💰 \u003Cstrong>Payroll Tracking\u003C\u002Fstrong> – Simplified salary and social charges entry\u003C\u002Fli>\n\u003Cli>📊 \u003Cstrong>Liasse Fiscale 2031\u003C\u002Fstrong> – Tax return form generation\u003C\u002Fli>\n\u003Cli>📧 \u003Cstrong>Client Reminders\u003C\u002Fstrong> – Email & WhatsApp automatic payment reminders (VIP)\u003C\u002Fli>\n\u003Cli>🎯 \u003Cstrong>Priority Support\u003C\u002Fstrong> – Direct assistance from our team\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>🇫🇷 \u003Cstrong>The Pro version is entirely in French\u003C\u002Fstrong> – fully translated interface from installation.\u003C\u002Fp>\n\u003Cp>Visit \u003Ca href=\"https:\u002F\u002Fcomptaflow.meetempo.com\" rel=\"nofollow ugc\">comptaflow.meetempo.com\u003C\u002Fa> to learn more about ComptaFlow Pro.\u003C\u002Fp>\n\u003Ch3>Disclaimer\u003C\u002Fh3>\n\u003Cp>ComptaFlow by MeeTempo is an accounting entry assistance and data organization tool. It does not constitute certified accounting software, nor does it provide tax or legal advice. The user remains responsible for the accuracy of their accounting. We recommend having documents validated by a certified accountant before submitting them to tax authorities.\u003C\u002Fp>\n\u003Ch3>Privacy\u003C\u002Fh3>\n\u003Cp>This free version of ComptaFlow does not collect any data and makes no external API calls. All your accounting data remains exclusively in your WordPress database.\u003C\u002Fp>\n","French accounting (PCG) for freelancers & small businesses. Invoicing, guided entry, automatic journal entries, VAT, FEC export (Pro).",303,"6.0","8.0",[117,21,118,119,120],"billing","french-accounting","invoice","vat-france","https:\u002F\u002Fcomptaflow.meetempo.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcomptaflow-by-meetempo.1.0.4.zip",{"slug":124,"name":125,"version":126,"author":109,"author_profile":110,"description":127,"short_description":128,"active_installs":29,"downloaded":129,"rating":29,"num_ratings":29,"last_updated":130,"tested_up_to":16,"requires_at_least":114,"requires_php":115,"tags":131,"homepage":134,"download_link":135,"security_score":96,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"comptaflow-uk-by-meetempo","ComptaFlow UK by MeeTempo","1.1.0","\u003Cp>\u003Cstrong>The WordPress plugin built for UK accounting standards.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>ComptaFlow UK by MeeTempo is a free accounting assistant designed specifically for the United Kingdom: sole traders, partnerships, LLPs, and limited companies. Enter your daily transactions with a guided system that automatically suggests the right nominal codes and generates proper double-entry journal entries. Built around UK tax requirements and HMRC compliance.\u003C\u002Fp>\n\u003Ch4>Why ComptaFlow UK by MeeTempo?\u003C\u002Fh4>\n\u003Cp>✅ \u003Cstrong>Guided Entry\u003C\u002Fstrong>: Nominal codes are automatically suggested (type “fuel” \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> 6540, “insurance” \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> 6040)\u003C\u002Fp>\n\u003Cp>✅ \u003Cstrong>Automatic Journal Entries\u003C\u002Fstrong>: Double-entry bookkeeping generated automatically\u003C\u002Fp>\n\u003Cp>✅ \u003Cstrong>UK Chart of Accounts\u003C\u002Fstrong>: 30+ pre-configured nominal codes following UK conventions\u003C\u002Fp>\n\u003Cp>✅ \u003Cstrong>Multiple Exports\u003C\u002Fstrong>: Audit Trail, Trial Balance, Journal, Nominal Ledger, Profit & Loss\u003C\u002Fp>\n\u003Cp>✅ \u003Cstrong>VAT Tracking\u003C\u002Fstrong>: Monitor your VAT for Standard, Flat Rate, and Annual schemes\u003C\u002Fp>\n\u003Ch4>Features (Free Version)\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Income and expense entries\u003C\u002Fstrong> with guided nominal code suggestions\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic journal entries\u003C\u002Fstrong> following UK double-entry standards\u003C\u002Fli>\n\u003Cli>\u003Cstrong>UK Chart of Accounts\u003C\u002Fstrong> with pre-configured nominal codes (1100-7020)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Client management\u003C\u002Fstrong> – Full CRM with company\u002Findividual support\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Invoicing\u003C\u002Fstrong> – Create, send, and track invoices with PDF generation\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Credit notes\u003C\u002Fstrong> – Issue credit notes with automatic journal entries\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Financial operations\u003C\u002Fstrong> (bank transfers, loans, capital, director’s loan)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Manual journal entries\u003C\u002Fstrong> for adjustments\u003C\u002Fli>\n\u003Cli>\u003Cstrong>CSV Exports\u003C\u002Fstrong>: Audit Trail, Trial Balance, Journal, Nominal Ledger, Profit & Loss\u003C\u002Fli>\n\u003Cli>\u003Cstrong>VAT rate management\u003C\u002Fstrong> (Standard 20%, Reduced 5%, Zero, Exempt, Reverse Charge)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>VAT settings\u003C\u002Fstrong> for all UK schemes (Standard, Flat Rate, Annual, Not Registered)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Backup and restore\u003C\u002Fstrong> functionality\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Company settings\u003C\u002Fstrong> with Companies House lookup\u003C\u002Fli>\n\u003Cli>\u003Cstrong>UK fiscal year\u003C\u002Fstrong> support (April to March or custom)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>The Right Workflow\u003C\u002Fh4>\n\u003Col>\n\u003Cli>\u003Cstrong>Daily\u003C\u002Fstrong>: Enter your income and expenses with the guided system\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Weekly\u003C\u002Fstrong>: Review your journal entries and correct if needed\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Monthly\u003C\u002Fstrong>: Export your reports and track your VAT\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Year-End\u003C\u002Fstrong>: Send your exports to your accountant for validation\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Who Is This For?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>UK sole traders and freelancers\u003C\u002Fli>\n\u003Cli>Partnerships and LLPs\u003C\u002Fli>\n\u003Cli>Limited company directors (Ltd, PLC)\u003C\u002Fli>\n\u003Cli>Small businesses in the UK up to 10 employees\u003C\u002Fli>\n\u003Cli>Anyone who needs UK-standard bookkeeping in WordPress\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>⚠️ \u003Cstrong>Important\u003C\u002Fstrong>: This plugin is built for UK accounting standards and HMRC requirements. It is not suitable for US, EU, or other countries’ accounting systems.\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin connects to the following external service:\u003C\u002Fp>\n\u003Ch4>Companies House API\u003C\u002Fh4>\n\u003Cp>The optional “Company Lookup” feature in Settings allows you to search for UK company information (name, registration number, registered address) using the official Companies House API.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>When\u003C\u002Fstrong>: Only when you manually click the “Look up” button in the Company Settings page\u003C\u002Fli>\n\u003Cli>\u003Cstrong>What is sent\u003C\u002Fstrong>: The company name or number you type in the search field\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Service provider\u003C\u002Fstrong>: Companies House (UK Government)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>API endpoint\u003C\u002Fstrong>: Requests are proxied through our secure endpoint at \u003Ccode>https:\u002F\u002Fapi.meetempo.com\u002Fch\u002F\u003C\u002Fcode> to protect the API key\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Companies House website\u003C\u002Fstrong>: \u003Ca href=\"https:\u002F\u002Fwww.gov.uk\u002Fgovernment\u002Forganisations\u002Fcompanies-house\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.gov.uk\u002Fgovernment\u002Forganisations\u002Fcompanies-house\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Companies House API documentation\u003C\u002Fstrong>: \u003Ca href=\"https:\u002F\u002Fdeveloper.company-information.service.gov.uk\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fdeveloper.company-information.service.gov.uk\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms of Use\u003C\u002Fstrong>: \u003Ca href=\"https:\u002F\u002Fdeveloper.company-information.service.gov.uk\u002Fdeveloper-guidelines\" rel=\"nofollow ugc\">https:\u002F\u002Fdeveloper.company-information.service.gov.uk\u002Fdeveloper-guidelines\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy Policy\u003C\u002Fstrong>: \u003Ca href=\"https:\u002F\u002Fwww.gov.uk\u002Fgovernment\u002Forganisations\u002Fcompanies-house\u002Fabout\u002Fpersonal-information-charter\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.gov.uk\u002Fgovernment\u002Forganisations\u002Fcompanies-house\u002Fabout\u002Fpersonal-information-charter\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>No other external API calls are made by this plugin. All accounting data remains exclusively in your WordPress database.\u003C\u002Fp>\n\u003Ch3>Disclaimer\u003C\u002Fh3>\n\u003Cp>ComptaFlow UK by MeeTempo is an accounting entry assistance and data organisation tool. It does not constitute certified accounting software, nor does it provide tax or legal advice. The user remains responsible for the accuracy of their accounting. We recommend having documents validated by a qualified accountant before submitting them to HMRC or Companies House.\u003C\u002Fp>\n\u003Ch3>Privacy\u003C\u002Fh3>\n\u003Cp>This free version of ComptaFlow UK makes no external API calls except for the optional Companies House company lookup feature (which queries the official Companies House API via a secure proxy). All your accounting data remains exclusively in your WordPress database.\u003C\u002Fp>\n","UK accounting plugin for sole traders, partnerships & limited companies. Guided entry, automatic journal entries, VAT tracking, HMRC-ready exports.",87,"2026-03-13T20:45:00.000Z",[20,21,132,133,23],"small-business","uk-accounting","https:\u002F\u002Fcomptaflow-uk.meetempo.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcomptaflow-uk-by-meetempo.1.1.0.zip",{"slug":137,"name":138,"version":139,"author":140,"author_profile":141,"description":142,"short_description":143,"active_installs":29,"downloaded":144,"rating":96,"num_ratings":76,"last_updated":145,"tested_up_to":16,"requires_at_least":98,"requires_php":18,"tags":146,"homepage":148,"download_link":149,"security_score":96,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"invoicing-integration-for-fakturowo-and-woocommerce","Invoicing Integration for Fakturowo and WooCommerce","1.0.13","devikit","https:\u002F\u002Fprofiles.wordpress.org\u002Fdevikit\u002F","\u003Cp>Integrate your WooCommerce store with Fakturowo.pl accounting system. Create invoices automatically, manage VAT numbers, and streamline your accounting workflow.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Ch4>Free version\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Manual invoice generation from order edit screen.\u003C\u002Fli>\n\u003Cli>Storing invoice number in order.\u003C\u002Fli>\n\u003Cli>Invoice link preview.\u003C\u002Fli>\n\u003Cli>API communication logs.\u003C\u002Fli>\n\u003Cli>Advanced VAT rate mapping.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Pro Version\u003C\u002Fh4>\n\u003Cp>A Pro version is also available with additional features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Automatic invoice generation after status change.\u003C\u002Fli>\n\u003Cli>Proforma invoice support.\u003C\u002Fli>\n\u003Cli>Bulk document generation and email sending – Generate invoices and proformas for multiple orders at once with progress tracking.\u003C\u002Fli>\n\u003Cli>Email notifications with PDF attachments.\u003C\u002Fli>\n\u003Cli>WooCommerce Subscriptions compatibility.\u003C\u002Fli>\n\u003Cli>Technical support.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fdevikit.pl\u002Fprodukt\u002Ffakturowo-woocommerce-pro\u002F\" rel=\"nofollow ugc\">Get Pro Version\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>This plugin connects to the Fakturowo.pl API service to manage invoices and customer data for your WooCommerce store.\u003C\u002Fp>\n\u003Ch4>What is Fakturowo.pl?\u003C\u002Fh4>\n\u003Cp>Fakturowo.pl is a Polish online accounting and invoicing service. This plugin uses their API to automatically create and manage invoices for your WooCommerce orders.\u003C\u002Fp>\n\u003Ch4>What data is sent and when?\u003C\u002Fh4>\n\u003Cp>The plugin sends the following data to Fakturowo.pl API when you create an invoice:\u003Cbr \u002F>\n* Customer information (name, email, address, VAT number if provided)\u003Cbr \u002F>\n* Order details (products, prices, taxes, payment method)\u003Cbr \u002F>\n* Invoice settings configured in the plugin\u003C\u002Fp>\n\u003Cp>Data is sent in the following scenarios:\u003Cbr \u002F>\n* When you manually click “Create Invoice” button on an order page\u003Cbr \u002F>\n* When testing the API connection in plugin settings\u003Cbr \u002F>\n* When downloading invoice PDFs\u003C\u002Fp>\n\u003Ch4>API Endpoint\u003C\u002Fh4>\n\u003Cp>The plugin connects to your unique Fakturowo API URL (e.g., https:\u002F\u002Fyourcompany.fakturowo.pl\u002Fapi\u002F)\u003C\u002Fp>\n\u003Ch4>Service Terms and Privacy\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Fakturowo.pl Service: https:\u002F\u002Fkonto.fakturowo.pl\u002F\u003C\u002Fli>\n\u003Cli>Terms of Service: https:\u002F\u002Fwww.fakturowo.pl\u002Fpomoc\u002Fregulamin\u003C\u002Fli>\n\u003Cli>Privacy Policy: https:\u002F\u002Fwww.fakturowo.pl\u002Fpomoc\u002Fpolityka-prywatnosci\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Note: You must have an active Fakturowo.pl account with API access enabled (one-time activation fee) to use this plugin. The plugin does not send any data without your explicit action (clicking invoice creation buttons).\u003C\u002Fp>\n","WooCommerce invoicing integration with Fakturowo.pl accounting system.",258,"2026-03-11T10:22:00.000Z",[20,147,119,23,24],"fakturowo","https:\u002F\u002Fpl.wordpress.org\u002Fplugins\u002Finvoicing-integration-for-fakturowo-and-woocommerce\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Finvoicing-integration-for-fakturowo-and-woocommerce.1.0.13.zip",{"slug":151,"name":152,"version":153,"author":90,"author_profile":91,"description":154,"short_description":155,"active_installs":29,"downloaded":156,"rating":29,"num_ratings":29,"last_updated":157,"tested_up_to":158,"requires_at_least":114,"requires_php":18,"tags":159,"homepage":25,"download_link":161,"security_score":96,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"peki-tripletex-integration-for-woocommerce","Peki Tripletex Integration for WooCommerce","1.0.1","\u003Cp>\u003Cstrong>Peki Tripletex Integration for WooCommerce\u003C\u002Fstrong> connects your WooCommerce store to the Norwegian accounting system \u003Cstrong>Tripletex\u003C\u002Fstrong> and sends order data securely for processing.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Automatic transfers:\u003C\u002Fstrong> Completed WooCommerce orders can be sent to Tripletex.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Simple setup:\u003C\u002Fstrong> Connect your store in a few clicks via the Peki service.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Standards compliant:\u003C\u002Fstrong> Built following WordPress coding standards (i18n, escaping, nonces, capabilities).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cblockquote>\n\u003Cp>This plugin is a client that connects to an external processing service (peki.no). No local features are locked in this WordPress.org version.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch3>What it does\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Adds an admin screen to connect your site to the Peki service.\u003C\u002Fli>\n\u003Cli>Sends order data to the external service which handles the Tripletex processing.\u003C\u002Fli>\n\u003Cli>Lets you optionally store a local employee token and company slug for the connection.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>What it does not do\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>It does not implement a local paywall or feature limits.\u003C\u002Fli>\n\u003Cli>It does not perform the accounting locally; processing happens on external servers (serviceware).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin connects to \u003Cstrong>two\u003C\u002Fstrong> external services:\u003C\u002Fp>\n\u003Cp>1) \u003Cstrong>Peki Service (peki.no)\u003C\u002Fstrong> – used to process and relay WooCommerce orders to Tripletex.\u003Cbr \u002F>\n   – \u003Cstrong>When data is sent:\u003C\u002Fstrong> when you connect\u002Fdisconnect, check service status, or trigger an export.\u003Cbr \u002F>\n   – \u003Cstrong>What data is sent:\u003C\u002Fstrong> your site URL, order basics (e.g., order ID, order totals, currency, customer billing data), and settings needed for the integration (e.g., employee token, company slug). Exact payload depends on your store configuration.\u003Cbr \u002F>\n   – \u003Cstrong>Provider:\u003C\u002Fstrong> Peki (peki.no)\u003Cbr \u002F>\n   – \u003Cstrong>Terms of Use:\u003C\u002Fstrong> https:\u002F\u002Fpeki.no\u002Fterms (update to your live URL)\u003Cbr \u002F>\n   – \u003Cstrong>Privacy Policy:\u003C\u002Fstrong> https:\u002F\u002Fpeki.no\u002Fprivacy (update to your live URL)\u003C\u002Fp>\n\u003Cp>2) \u003Cstrong>Tripletex (tripletex.no)\u003C\u002Fstrong> – the accounting system receiving the data as part of the processing done by the Peki service.\u003Cbr \u002F>\n   – \u003Cstrong>Provider:\u003C\u002Fstrong> Tripletex AS (tripletex.no)\u003Cbr \u002F>\n   – \u003Cstrong>Terms of Use:\u003C\u002Fstrong> https:\u002F\u002Fwww.tripletex.no\u002F (link to official terms)\u003Cbr \u002F>\n   – \u003Cstrong>Privacy Policy:\u003C\u002Fstrong> https:\u002F\u002Fwww.tripletex.no\u002Fpersonvern\u002F (or official privacy policy URL)\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>You must have an active Tripletex account with API access (“Integrasjoner”) to use the integration.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch3>Privacy\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>This plugin connects to the Peki service (peki.no) to process orders and forward data to Tripletex.\u003C\u002Fli>\n\u003Cli>Data transmitted can include order identifiers, totals, currency, billing details, and settings needed to perform the integration.\u003C\u002Fli>\n\u003Cli>Review the external providers’ \u003Cstrong>Terms\u003C\u002Fstrong> and \u003Cstrong>Privacy Policies\u003C\u002Fstrong> before use.\u003C\u002Fli>\n\u003Cli>No analytics or tracking is performed by this plugin itself beyond the functionality described.\u003C\u002Fli>\n\u003C\u002Ful>\n","Integrate WooCommerce with Tripletex. Automatically transfer orders and refunds to Tripletex via the Peki service. Learn more on our Tripletex plugin  &hellip;",199,"2025-08-28T21:22:00.000Z","6.8.5",[20,21,101,160,24],"tripletex","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpeki-tripletex-integration-for-woocommerce.1.0.1.zip",{"attackSurface":163,"codeSignals":229,"taintFlows":286,"riskAssessment":402,"analyzedAt":417},{"hooks":164,"ajaxHandlers":225,"restRoutes":226,"shortcodes":227,"cronEvents":228,"entryPointCount":29,"unprotectedCount":29},[165,170,173,176,179,184,188,191,195,198,203,206,210,214,218,222],{"type":166,"name":167,"callback":168,"file":169,"line":97},"action","admin_init","woocommerce_accounting_col_mapping_install","inc\\columns-mapping.php",{"type":166,"name":167,"callback":171,"file":172,"line":28},"register_woocommerce_accounting_settings","inc\\settings.php",{"type":166,"name":174,"callback":175,"file":172,"line":97},"woocommerce_settings_save_accounting","woocommerce_accounting_update_settings_fields",{"type":166,"name":177,"callback":178,"file":172,"line":62},"load-woocommerce_page_wc-settings","woocommerce_accounting_add_help_tab",{"type":180,"name":181,"callback":182,"priority":183,"file":172,"line":48},"filter","woocommerce_settings_tabs_array","woocommerce_accounting_add_settings_tab",50,{"type":180,"name":185,"callback":186,"priority":187,"file":172,"line":187},"woocommerce_get_sections_accounting","woocommerce_accounting_add_sections",10,{"type":166,"name":189,"callback":190,"file":172,"line":79},"woocommerce_sections_accounting","woocommerce_accounting_output_sections",{"type":166,"name":192,"callback":193,"file":172,"line":194},"woocommerce_settings_accounting","woocommerce_accounting_output_settings",13,{"type":180,"name":196,"callback":197,"priority":183,"file":172,"line":82},"woocommerce_accounting:settings:save:woocommerce_accounting_colorder","woocommerce_accounting_parse_setting_colorder",{"type":166,"name":199,"callback":200,"file":201,"line":202},"init","closure","woocommerce-accounting.php",31,{"type":166,"name":167,"callback":204,"file":201,"line":205},"woocommerce_accounting_install",44,{"type":166,"name":207,"callback":208,"priority":183,"file":201,"line":209},"admin_menu","woocommerce_accounting_exporter_page",45,{"type":166,"name":211,"callback":212,"file":201,"line":213},"admin_post_woocommerce_accounting_export","woocommerce_accounting_export_data",48,{"type":166,"name":215,"callback":216,"file":201,"line":217},"admin_post_woocommerce_accounting_refunds_export","woocommerce_accounting_export_refunds_data",49,{"type":180,"name":219,"callback":220,"priority":187,"file":201,"line":221},"plugin_row_meta","woocommerce_accounting_plugin_row_meta",53,{"type":166,"name":223,"callback":200,"file":201,"line":224},"woocommerce_accounting:export_form:before_title",218,[],[],[],[],{"dangerousFunctions":230,"sqlUsage":231,"outputEscaping":233,"fileOperations":14,"externalRequests":29,"nonceChecks":14,"capabilityChecks":14,"bundledLibraries":285},[],{"prepared":29,"raw":29,"locations":232},[],{"escaped":234,"rawEcho":235,"locations":236},126,24,[237,240,242,245,247,248,250,252,254,256,258,260,262,264,266,268,270,272,274,277,280,281,282,283],{"file":172,"line":238,"context":239},185,"raw output",{"file":172,"line":241,"context":239},203,{"file":243,"line":244,"context":239},"inc\\utils.php",70,{"file":246,"line":209,"context":239},"views\\export-basic.php",{"file":246,"line":13,"context":239},{"file":246,"line":249,"context":239},79,{"file":246,"line":251,"context":239},94,{"file":246,"line":253,"context":239},109,{"file":246,"line":255,"context":239},122,{"file":246,"line":257,"context":239},136,{"file":246,"line":259,"context":239},149,{"file":246,"line":261,"context":239},162,{"file":246,"line":263,"context":239},177,{"file":246,"line":265,"context":239},191,{"file":246,"line":267,"context":239},206,{"file":246,"line":269,"context":239},219,{"file":246,"line":271,"context":239},232,{"file":246,"line":273,"context":239},246,{"file":275,"line":276,"context":239},"views\\export-refunds.php",35,{"file":278,"line":279,"context":239},"views\\settings-accounting-general.php",41,{"file":278,"line":279,"context":239},{"file":278,"line":279,"context":239},{"file":278,"line":279,"context":239},{"file":278,"line":284,"context":239},255,[],[287,329,345,362,373,384,392],{"entryPoint":288,"graph":289,"unsanitizedCount":28,"severity":54},"woocommerce_accounting_export_data (inc\\export.php:17)",{"nodes":290,"edges":322},[291,297,302,305,310,314,318],{"id":292,"type":293,"label":294,"file":295,"line":296},"n0","source","$_POST (x16)","inc\\export.php",33,{"id":298,"type":299,"label":300,"file":295,"line":213,"wp_function":301},"n1","sink","update_option() [Settings Manipulation]","update_option",{"id":303,"type":293,"label":304,"file":295,"line":296},"n2","$_POST (x2)",{"id":306,"type":299,"label":307,"file":295,"line":308,"wp_function":309},"n3","header() [Header Injection]",244,"header",{"id":311,"type":293,"label":312,"file":295,"line":313},"n4","$_POST (x3)",454,{"id":315,"type":316,"label":317,"file":295,"line":313},"n5","transform","→ woocommerce_accounting_add_line()",{"id":319,"type":299,"label":320,"file":243,"line":244,"wp_function":321},"n6","echo() [XSS]","echo",[323,325,326,328],{"from":292,"to":298,"sanitized":324},true,{"from":303,"to":306,"sanitized":324},{"from":311,"to":315,"sanitized":327},false,{"from":315,"to":319,"sanitized":327},{"entryPoint":330,"graph":331,"unsanitizedCount":28,"severity":54},"\u003Cexport> (inc\\export.php:0)",{"nodes":332,"edges":340},[333,334,335,336,337,338,339],{"id":292,"type":293,"label":294,"file":295,"line":296},{"id":298,"type":299,"label":300,"file":295,"line":213,"wp_function":301},{"id":303,"type":293,"label":304,"file":295,"line":296},{"id":306,"type":299,"label":307,"file":295,"line":308,"wp_function":309},{"id":311,"type":293,"label":312,"file":295,"line":313},{"id":315,"type":316,"label":317,"file":295,"line":313},{"id":319,"type":299,"label":320,"file":243,"line":244,"wp_function":321},[341,342,343,344],{"from":292,"to":298,"sanitized":324},{"from":303,"to":306,"sanitized":324},{"from":311,"to":315,"sanitized":327},{"from":315,"to":319,"sanitized":327},{"entryPoint":346,"graph":347,"unsanitizedCount":29,"severity":361},"woocommerce_accounting_export_refunds_data (inc\\export-refunds.php:11)",{"nodes":348,"edges":358},[349,353,355,356],{"id":292,"type":293,"label":350,"file":351,"line":352},"$_POST (x13)","inc\\export-refunds.php",25,{"id":298,"type":299,"label":300,"file":351,"line":354,"wp_function":301},37,{"id":303,"type":293,"label":304,"file":351,"line":352},{"id":306,"type":299,"label":307,"file":351,"line":357,"wp_function":309},278,[359,360],{"from":292,"to":298,"sanitized":324},{"from":303,"to":306,"sanitized":324},"low",{"entryPoint":363,"graph":364,"unsanitizedCount":29,"severity":361},"\u003Cexport-refunds> (inc\\export-refunds.php:0)",{"nodes":365,"edges":370},[366,367,368,369],{"id":292,"type":293,"label":350,"file":351,"line":352},{"id":298,"type":299,"label":300,"file":351,"line":354,"wp_function":301},{"id":303,"type":293,"label":304,"file":351,"line":352},{"id":306,"type":299,"label":307,"file":351,"line":357,"wp_function":309},[371,372],{"from":292,"to":298,"sanitized":324},{"from":303,"to":306,"sanitized":324},{"entryPoint":374,"graph":375,"unsanitizedCount":76,"severity":361},"woocommerce_accounting_update_settings_fields (inc\\settings.php:153)",{"nodes":376,"edges":382},[377,380],{"id":292,"type":293,"label":378,"file":172,"line":379},"$_POST",163,{"id":298,"type":299,"label":300,"file":172,"line":381,"wp_function":301},164,[383],{"from":292,"to":298,"sanitized":327},{"entryPoint":385,"graph":386,"unsanitizedCount":76,"severity":361},"\u003Csettings> (inc\\settings.php:0)",{"nodes":387,"edges":390},[388,389],{"id":292,"type":293,"label":378,"file":172,"line":379},{"id":298,"type":299,"label":300,"file":172,"line":381,"wp_function":301},[391],{"from":292,"to":298,"sanitized":327},{"entryPoint":393,"graph":394,"unsanitizedCount":14,"severity":361},"\u003Csettings-accounting-general> (views\\settings-accounting-general.php:0)",{"nodes":395,"edges":400},[396,398],{"id":292,"type":293,"label":304,"file":278,"line":397},17,{"id":298,"type":299,"label":300,"file":278,"line":399,"wp_function":301},18,[401],{"from":292,"to":298,"sanitized":327},{"summary":403,"deductions":404},"The \"accounting-for-woocommerce\" plugin v1.6.11 exhibits a mixed security posture. On the positive side, the static analysis reveals a clean attack surface with no identified entry points and a strong reliance on prepared statements for SQL queries. Furthermore, a significant portion of output is properly escaped, and nonce and capability checks are present. However, several concerning signals emerge. The presence of file operations coupled with unsanitized paths in the taint analysis suggests potential risks, although no critical or high severity flows were directly identified in this specific analysis. This warrants careful investigation of how file paths are handled. The plugin's vulnerability history is a significant concern, with three previously disclosed CVEs, including one critical vulnerability. The types of past vulnerabilities, such as Remote File Inclusion and Cross-Site Scripting, indicate historical weaknesses in input validation and file handling. While no vulnerabilities are currently unpatched, the recurring nature of these issues suggests a need for more robust and proactive security measures within the development lifecycle.\n\nOverall, while the current static analysis of v1.6.11 shows improvements in certain areas like SQL handling and a controlled attack surface, the historical vulnerability data, particularly the critical CVE and the types of past exploits, temper the confidence in its security. The combination of past critical issues and potential unsanitized paths in file operations presents a moderate to high-risk profile. Future development should prioritize addressing the root causes of past vulnerabilities and ensuring all file operations are rigorously secured against path traversal and include vulnerabilities. Developers should also focus on further improving output escaping to reach 100% coverage and ensure comprehensive sanitization for all user-controlled inputs that influence file operations.",[405,407,410,412,414],{"reason":406,"points":79},"Unsanitized paths in taint flows",{"reason":408,"points":409},"File operations present",5,{"reason":411,"points":82},"Previous critical CVE (unpatched history)",{"reason":413,"points":187},"Previous medium CVEs (unpatched history)",{"reason":415,"points":416},"Output escaping not 100%",6,"2026-03-16T19:31:29.478Z",{"wat":419,"direct":425},{"assetPaths":420,"generatorPatterns":422,"scriptPaths":423,"versionParams":424},[421],"\u002Fwp-content\u002Fplugins\u002Faccounting-for-woocommerce\u002Fassets\u002Fjquery-ui.css",[],[],[],{"cssClasses":426,"htmlComments":427,"htmlAttributes":428,"restEndpoints":429,"jsGlobals":430,"shortcodeOutput":431},[],[],[],[],[],[]]