[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fzAQC2Ynf_epZnUWL0BL_9iKJynInABTa4bvLv8rm4_w":3,"$fVzwfkUykviB0gKK87qv-kvG1vToZd9sIBllrS_AfWpg":371,"$fKEYLQHoSIC0VAQIH5wZGrlghOfizZKP-leYx5l4Q320":376},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"discovery_status":32,"vulnerabilities":33,"developer":83,"crawl_stats":39,"alternatives":89,"analysis":175,"fingerprints":310},"alma-gateway-for-woocommerce","Alma – Pay in installments or later for WooCommerce","6.0.7","Alma","https:\u002F\u002Fprofiles.wordpress.org\u002Falmapayments\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Falmapay.com\" rel=\"nofollow ugc\">Alma\u003C\u002Fa> is a service to provide merchants with an \u003Cstrong>easy\u003C\u002Fstrong> and \u003Cstrong>safe\u003C\u002Fstrong> monthly payments solution.\u003Cbr \u002F>\nLet your customers pay for their purchases at their own pace! You’ll receive the funds instantly, and your customer will pay later over a few monthly instalments.\u003C\u002Fp>\n\u003Cp>This plugin integrates Alma into WooCommerce by adding a new payment method that you can activate to offer monthly payments to your customers.\u003C\u002Fp>\n\u003Ch3>Documentation\u003C\u002Fh3>\n\u003Cp>You can find more documentation on our \u003Ca href=\"https:\u002F\u002Fdocs.almapay.com\u002Fdocs\u002Fwoocommerce\" rel=\"nofollow ugc\">website\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>v6.0.7 – 2026-04-01\u003C\u002Fh3>\n\u003Ch3>Changes\u003C\u002Fh3>\n\u003Ch3>🐛 Bug Fixes\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Clean alma_soc_ongoing option in DB (#574)\u003C\u002Fli>\n\u003Cli>fix: Remove picture url from CartItemDto constructor (#571)\u003C\u002Fli>\n\u003Cli>Fix admin & gateway settings detection with pretty permalinks (#570)\u003C\u002Fli>\n\u003Cli>fix: Update unique cart ID generation to prevent TypeError in PHP 8.0+ (#568)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Contributors\u003C\u002Fh4>\n\u003Cp>@Benjamin-Freoua-Alma, @Francois-Gomis, @alma-renovate-bot[bot], @joyet-simon, @remi-zuffinetti, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fapps\u002Falma-create-pr-with-team-review\" rel=\"nofollow ugc\">alma-create-pr-with-team-review[bot]\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fapps\u002Falma-renovate-bot\" rel=\"nofollow ugc\">alma-renovate-bot[bot]\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>v6.0.6 – 2026-03-25\u003C\u002Fh3>\n\u003Ch3>Changes\u003C\u002Fh3>\n\u003Ch3>🐛 Bug Fixes\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>fix: build.sh for svn release (#553)\u003C\u002Fli>\n\u003Cli>fix: Add language support to In-Page for classic checkout (#556)\u003C\u002Fli>\n\u003Cli>fix: Return early if cart_id is empty in onOrderConfirmed method (#554)\u003C\u002Fli>\n\u003Cli>Fix: woocommerce merchant cms p24x activation impossible (#552)\u003C\u002Fli>\n\u003Cli>fix: gateway ordering for Alma gateways to ensure unique incremental … (#551)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Contributors\u003C\u002Fh4>\n\u003Cp>@Francois-Gomis and @joyet-simon\u003C\u002Fp>\n\u003Ch3>v6.0.5 – 2026-03-17\u003C\u002Fh3>\n\u003Ch3>Changes\u003C\u002Fh3>\n\u003Ch3>🐛 Bug Fixes\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>feat: Add .wordpress.org folder to fix the sync SVN (#543)\u003C\u002Fli>\n\u003Cli>Fix: fee plan migration error (#547)\u003C\u002Fli>\n\u003Cli>Fix: ordering gateways on checkout page (#546)\u003C\u002Fli>\n\u003Cli>Fix: rename css class (#548)\u003C\u002Fli>\n\u003Cli>fix: force type float for price_to_cents call (#545)\u003C\u002Fli>\n\u003Cli>Fix: remove unused css class (#544)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Contributors\u003C\u002Fh4>\n\u003Cp>@Benjamin-Freoua-Alma, @joyet-simon and \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fapps\u002Falma-create-pr-with-team-review\" rel=\"nofollow ugc\">alma-create-pr-with-team-review[bot]\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>v6.0.4 – 2026-03-11\u003C\u002Fh3>\n\u003Ch3>Changes\u003C\u002Fh3>\n\u003Ch3>🐛 Bug Fixes\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>fix: Widget Eligibility get sandbox on live mode (#540)\u003C\u002Fli>\n\u003Cli>fix: Change asset name for changing asset (#538)\u003C\u002Fli>\n\u003Cli>fix: Price in page block without cent error (#537)\u003C\u002Fli>\n\u003Cli>fix: Price regex in classic inpage checkout nor support Thousands sep… (#536)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Contributors\u003C\u002Fh4>\n\u003Cp>@Benjamin-Freoua-Alma, @joyet-simon and \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fapps\u002Falma-create-pr-with-team-review\" rel=\"nofollow ugc\">alma-create-pr-with-team-review[bot]\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>v6.0.3 – 2026-03-10\u003C\u002Fh3>\n\u003Ch3>Changes\u003C\u002Fh3>\n\u003Ch3>🐛 Bug Fixes\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>fix: get first element of order total (#533)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Contributors\u003C\u002Fh4>\n\u003Cp>@joyet-simon\u003C\u002Fp>\n\u003Ch3>v6.0.2 – 2026-03-10\u003C\u002Fh3>\n\u003Ch3>Changes\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Feature\u002Fecom 3898 wrong error message (#530)\u003C\u002Fli>\n\u003Cli>Feature\u002Fecom 3858 classic checkout in page bug when cdn is too long to load (#526)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🚀 New Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>fix: fix namespaces (#529)\u003C\u002Fli>\n\u003Cli>feat: add cache on Fee Plan Repository (#524)\u003C\u002Fli>\n\u003Cli>fix: installments display (#527)\u003C\u002Fli>\n\u003Cli>Feature\u002F6.0 (#516)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Contributors\u003C\u002Fh4>\n\u003Cp>@Benjamin-Freoua-Alma, @alma-create-pr-with-team-review[bot], @alma-renovate-bot[bot], @joyet-simon, @remi-zuffinetti, @webaaz, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fapps\u002Falma-create-pr-with-team-review\" rel=\"nofollow ugc\">alma-create-pr-with-team-review[bot]\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fapps\u002Falma-renovate-bot\" rel=\"nofollow ugc\">alma-renovate-bot[bot]\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>v6.0.0 – 2026-02-18\u003C\u002Fh3>\n\u003Ch3>Changes\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>API refactoring\u003C\u002Fli>\n\u003Cli>Native Blocks Management\u003C\u002Fli>\n\u003Cli>Remove technical fields\u003C\u002Fli>\n\u003Cli>Full alignment with WooCommerce guidelines\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Contributors\u003C\u002Fh4>\n\u003Cp>@Benjamin-Freoua-Alma, @alma-renovate-bot[bot], @joyet-simon, @remi-zuffinetti, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fapps\u002Falma-create-pr-with-team-review\" rel=\"nofollow ugc\">alma-create-pr-with-team-review[bot]\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fapps\u002Falma-renovate-bot\" rel=\"nofollow ugc\">alma-renovate-bot[bot]\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>v5.11.0 – 2025-02-18\u003C\u002Fh3>\n\u003Ch3>Changes\u003C\u002Fh3>\n\u003Ch3>🚀 New Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Add payment method position to the gather cms data (#326)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🐛 Bug Fixes\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Fix typeError for display in page in gather cms data (#326)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Contributors\u003C\u002Fh4>\n\u003Cp>@joyet-simon and \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fapps\u002Falma-create-pr-with-team-review\" rel=\"nofollow ugc\">alma-create-pr-with-team-review[bot]\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>v5.10.0 – 2025-02-11\u003C\u002Fh3>\n\u003Ch3>Changes\u003C\u002Fh3>\n\u003Ch3>🚀 New Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Use cdn for alma widget and update to version 4.x.x (#322)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Contributors\u003C\u002Fh4>\n\u003Cp>@joyet-simon and \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fapps\u002Falma-create-pr-with-team-review\" rel=\"nofollow ugc\">alma-create-pr-with-team-review[bot]\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>v5.9.0 – 2025-02-06\u003C\u002Fh3>\n\u003Ch3>🚀 New Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Fix compatibility with Woocommerce Blocks (#310)\u003C\u002Fli>\n\u003Cli>Add auto_update in specific_features for gather cms data (#312)\u003C\u002Fli>\n\u003Cli>Fix error when no file to add or remove on release (#305)\u003C\u002Fli>\n\u003Cli>Cancel order before delete (#308)\u003C\u002Fli>\n\u003Cli>Change check nonce log lvl (#307)\u003C\u002Fli>\n\u003Cli>Fix has pay now method (#306)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Contributors\u003C\u002Fh4>\n\u003Cp>@Benjamin-Freoua-Alma, @Francois-Gomis, @carine-bonnafous, @joyet-simon, @webaaz and \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fapps\u002Falma-create-pr-with-team-review\" rel=\"nofollow ugc\">alma-create-pr-with-team-review[bot]\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>v5.8.1 – 2024-12-16\u003C\u002Fh3>\n\u003Ch3>🐛 Bug Fixes\u003C\u002Fh3>\n\u003Cp>Hotfix: compatibility for Woocommerce version under 6.1.0\u003C\u002Fp>\n\u003Ch3>v5.8.0 – 2024-12-12\u003C\u002Fh3>\n\u003Ch3>Changes\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Feature\u002Fecom 2261 translations loaded to early in woocommerce plugin (#298)\u003C\u002Fli>\n\u003Cli>Add editor config and sonarcloud config (#292)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🚀 New Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Implement add order status to order change (#299)\u003C\u002Fli>\n\u003Cli>Add gather cms data (#297)\u003C\u002Fli>\n\u003Cli>Feature\u002Fecom 2212 sonarcloud configuration (#296)\u003C\u002Fli>\n\u003Cli>Update widget version to 3.4.0 (#295)\u003C\u002Fli>\n\u003Cli>Add getter for product variable config (#290)\u003C\u002Fli>\n\u003Cli>fix: Change wording for In-Page configuration (#288)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🐛 Bug Fixes\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>fix: in page unmount (#289)\u003C\u002Fli>\n\u003Cli>fix: avoid blocking in-page if a notice is returned (#287)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Contributors\u003C\u002Fh4>\n\u003Cp>@Benjamin-Freoua-Alma, @CamilleFljt, @Francois-Gomis, @alma-create-pr-with-team-review, @gdraynz, @joyet-simon, @webaaz and Martin Supiot\u003C\u002Fp>\n\u003Ch3>v5.7.0 – 2024-10-07\u003C\u002Fh3>\n\u003Ch3>Changes\u003C\u002Fh3>\n\u003Ch3>🚀 New Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Integrate credit on in page (#282)\u003C\u002Fli>\n\u003Cli>Add hmac verification on ipn (#281)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Contributors\u003C\u002Fh4>\n\u003Cp>@Francois-Gomis, @alma-create-pr-with-team-review and @joyet-simon\u003C\u002Fp>\n\u003Ch3>v5.6.0 – 2024-09-16\u003C\u002Fh3>\n\u003Ch3>Changes\u003C\u002Fh3>\n\u003Ch3>🚀 New Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>feat: compatibility woocommerce 9.2.3 wordpress 6.6.1 (#278)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🐛 Bug Fixes\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>fix: force picture_url to string (#277)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Contributors\u003C\u002Fh4>\n\u003Cp>@Benjamin-Freoua-Alma, @Francois-Gomis, @alma-create-pr-with-team-review and @joyet-simon\u003C\u002Fp>\n\u003Ch3>v5.5.0 – 2024-07-29\u003C\u002Fh3>\n\u003Ch3>Changes\u003C\u002Fh3>\n\u003Ch3>🚀 New Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>feature: Compatibility woocommerce 9.0.2 wordpress 6.5.5 (#269)\u003C\u002Fli>\n\u003Cli>feature: Gather cart data from pnx and deferred payments (#265)\u003C\u002Fli>\n\u003Cli>feature: Compatibility woocommerce 8.9.2 (#260)\u003C\u002Fli>\n\u003Cli>feature: Compatibility woocommerce 8.8.2 wordpress 6.5 (#248)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Contributors\u003C\u002Fh4>\n\u003Cp>@Benjamin-Freoua-Alma, @ClaireAlma, @FranceBe, @carine-bonnafous, @gdraynz, @joyet-simon and @remic-alma\u003C\u002Fp>\n\u003Cp>v5.4.0\u003C\u002Fp>\n\u003Cul>\n\u003Cli>feature: Compatibility Woocommerce Blocks\u003C\u002Fli>\n\u003Cli>feature: compatibility Woocommerce 8.7.0\u003C\u002Fli>\n\u003Cli>feature: Compatibility WordPress 6.4.2\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>v5.3.0\u003C\u002Fp>\n\u003Cul>\n\u003Cli>feature: In page with Deferred payments is available\u003C\u002Fli>\n\u003Cli>feature: compatibility Woocommerce 8.2.2\u003C\u002Fli>\n\u003Cli>feature: Compatibility WordPress 6.4.1\u003C\u002Fli>\n\u003Cli>feature: add psr4\u003C\u002Fli>\n\u003Cli>fix: deactivate rendering of Alma payment methods on order pay checkout page\u003C\u002Fli>\n\u003Cli>fix: delete abandoned orders created by In Page\u003C\u002Fli>\n\u003Cli>fix: default plan selection\u003C\u002Fli>\n\u003Cli>fix: add flag security for SOC\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>5.2.1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>fix: shortcode widget for XSS injection\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>5.2.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>feat: Update translations\u003C\u002Fli>\n\u003Cli>fix: widget XSS\u003C\u002Fli>\n\u003Cli>feature : HPOS compatibility\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>5.1.4\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>feat: Compatibility Woocommerce 8.2.1\u003C\u002Fli>\n\u003Cli>feat: change fee wording in the BO\u003C\u002Fli>\n\u003Cli>fix: In page installment plans\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>5.1.3\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>fix: update issues from version 1.* and 2.*\u003C\u002Fli>\n\u003Cli>feat: Compatibility WordPress 6.3.2\u003C\u002Fli>\n\u003Cli>feat: Compatibility Woocommerce 8.2.0\u003C\u002Fli>\n\u003Cli>feat: Update Widget version 3.3.8\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>5.1.2\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>fix: svn marketplace activation issue\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>5.1.1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>fix: css incompatibility with plugin Yith Woocommerce Checkout Manager\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>5.1.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>feature : In Page checkout for all merchants\u003C\u002Fli>\n\u003Cli>feat: Update Widget version 3.3.6\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>5.0.6\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>hotfix: Show form errors on checkout in-page when some information are missing for the form\u003C\u002Fli>\n\u003Cli>hotfix: Add method payment description for In Page methods\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>5.0.5\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>hotfix: fix compatibility betwen In-Page mode and some plugins(colissimo, …)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>5.0.4\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>feat: compatibility Woocommerce 8.1.1\u003C\u002Fli>\n\u003Cli>change : PHP client version 1.11.2\u003C\u002Fli>\n\u003Cli>fix: compatibility with WC_Checkout::process_checkout()\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>5.0.3\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>fix : Incompatibility with Woocommerce Paypal Plugin\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>5.0.2\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>fix : In-Page creation order\u003C\u002Fli>\n\u003Cli>feat: Compatibility WordPress 6.3.1\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>5.0.1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>fix: missing client information when In Page is activated\u003C\u002Fli>\n\u003Cli>fix: missing shipping information when In Page is activated\u003C\u002Fli>\n\u003Cli>fix: loading of the translation files\u003C\u002Fli>\n\u003Cli>feat: Compatibility Woocommerce 8.0.3\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>5.0.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>feat: In Page checkout\u003C\u002Fli>\n\u003Cli>feat: Separate the gateways in the checkout page\u003C\u002Fli>\n\u003Cli>feat: Compatibility Woocommerce 8.0.1\u003C\u002Fli>\n\u003Cli>feat: Compatibility Woocommerce 8.0.2\u003C\u002Fli>\n\u003Cli>feat: Compatibility WordPress 6.3\u003C\u002Fli>\n\u003Cli>feat: Update Widget version 3.3.5\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>4.3.4\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>fix: wrong variable in mismatch\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>4.3.3\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>fix: prevent to call Eligibility api with an amount to 0\u003C\u002Fli>\n\u003Cli>fix: wrong variable name\u003C\u002Fli>\n\u003Cli>fix: Change the return code (500 to 200)on Ipn callback when it’s a mismatch or potential fraud\u003C\u002Fli>\n\u003Cli>feat: upgrade PHP client to 1.11.1\u003C\u002Fli>\n\u003Cli>feat: Compatibility woocommerce 7.9.0\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>4.3.2\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>fix: SEPA deprecated test\u003C\u002Fli>\n\u003Cli>fix: Restore HTML description in gateway\u003C\u002Fli>\n\u003Cli>fix: Improve auto-update\u003C\u002Fli>\n\u003Cli>feat: Add merchant infos in BO\u003C\u002Fli>\n\u003Cli>feat: Add previous version info in BO\u003C\u002Fli>\n\u003Cli>feat: Prevent issues with Germanized for WooCommerce\u003C\u002Fli>\n\u003Cli>feat: Compatibility woocommerce 7.8.2\u003C\u002Fli>\n\u003Cli>feat: New widget v3.3.4\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>4.3.1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>fix: Warning: Cannot modify header information – headers already sent\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>4.3.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>feat: Implement Pay Now\u003C\u002Fli>\n\u003Cli>feat: Compatibility woocommerce 7.8.0\u003C\u002Fli>\n\u003Cli>feat: Update Widget to 3.3.3\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>4.2.5\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>fix: fix the accordion css on checkout\u003C\u002Fli>\n\u003Cli>feat: Update widget to 3.3.2\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>4.2.4\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>feat: Allow to customize the gateway title\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>4.2.3\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>hotfix: don’t do the basic gateway checks during update process\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>4.2.2\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>hotfix: Prevent to send multi update thread\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>4.2.1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>hotfix: Plugin update when the gateway is disabled\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>4.2.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>feat: Share of checkout feature\u003C\u002Fli>\n\u003Cli>feat: Encryption Key feature in database\u003C\u002Fli>\n\u003Cli>feat: Gather the gateway in checkout (design)\u003C\u002Fli>\n\u003Cli>fix: Reduce extended-call data\u003C\u002Fli>\n\u003Cli>feat: Send basket order details for credit\u003C\u002Fli>\n\u003Cli>feat: Implement a template system\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>4.1.2\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>fix: nonce error log issue\u003C\u002Fli>\n\u003Cli>feat: Update widget\u003C\u002Fli>\n\u003Cli>feat: compatibility with woocommerce 7.6\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>4.1.1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>fix: PHP 8.0 and 8.1 compatibility\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>4.1.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>feat: compatibility WordPress 6.2\u003C\u002Fli>\n\u003Cli>feat: add logger to the php client\u003C\u002Fli>\n\u003Cli>feat: compatibility woocommerce 7.5\u003C\u002Fli>\n\u003Cli>feat: add namespaces\u003C\u002Fli>\n\u003Cli>fix: save alma version in db on fresh install\u003C\u002Fli>\n\u003Cli>fix: translations\u003C\u002Fli>\n\u003Cli>fix: unique nonce fields\u003C\u002Fli>\n\u003Cli>fix: compatibility with other plugins\u003C\u002Fli>\n\u003Cli>fix: reduce api calls\u003C\u002Fli>\n\u003Cli>fix: migration between versions of alma module\u003C\u002Fli>\n\u003Cli>fix: implement best practices Woocommerce and WordPress\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>3.2.2\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>feat: update widget to 3.1.0\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>3.2.1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>feat: update widget to 3.0.4\u003C\u002Fli>\n\u003Cli>fix: nonce double check issue\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>3.2.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>feat: rebranding 2022\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>3.1.2\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>fix: widget translations\u003C\u002Fli>\n\u003Cli>fix: php8 compatibility\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>3.1.1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>fix: correct bad button text for refund\u003C\u002Fli>\n\u003Cli>fix: correcting issue of multiple times the same order note\u003C\u002Fli>\n\u003Cli>fix: correcting wording issue in case of order not have a transaction_id\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>3.1.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>feat: implement B2B fields (INT-714 #65)\u003C\u002Fli>\n\u003Cli>refact: widget injection (INT-589 #57)\u003C\u002Fli>\n\u003Cli>fix: use sales price to update widget instead regular price (INT-290 \u002F INT-570 #52)\u003C\u002Fli>\n\u003Cli>feat: refund from woocommerce back-office (INT-510 #69)\u003C\u002Fli>\n\u003Cli>fix: alma should be hidden on checkout when test key is selected & user is not admin (INT-586 #71)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>3.0.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>feat: add nonce to secure checkout form\u003C\u002Fli>\n\u003Cli>feat: add script to retrieve widget files\u003C\u002Fli>\n\u003Cli>fix: data sanitizing\u003C\u002Fli>\n\u003Cli>fix: upd payment fields validation notice messages\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>2.6.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>feat: add BO dynamic check variation\u003C\u002Fli>\n\u003Cli>feat: add BO technical fields section\u003C\u002Fli>\n\u003Cli>feat: add payment upon shipping\u003C\u002Fli>\n\u003Cli>fix: names inversion between shipping & billing addresses\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>2.5.2\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>feat: ignore & remove composer.lock\u003C\u002Fli>\n\u003Cli>fix: allow widget to be injected in builder\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>2.5.1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>fix: admin test on unavailable var for other admin pages\u003C\u002Fli>\n\u003Cli>fix: check cart eligibility without customer\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>2.5.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>feat: back-office i18n custom fields\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>2.4.1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>fix: issue on payment method order on checkout page\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>2.4.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>feat: split payments\u003C\u002Fli>\n\u003Cli>fix: model get_cart on null in wysiwyg builder\u003C\u002Fli>\n\u003Cli>refactor: Remove the unnecessary boolean literal\u003C\u002Fli>\n\u003Cli>refactor: payment gateway description fix code duplication\u003C\u002Fli>\n\u003Cli>refactor: reduce cognitive complexity\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>2.3.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>feat(widget): upgrade CDN from 1.x to 2.x\u003C\u002Fli>\n\u003Cli>feat(widget): alma API mode\u003C\u002Fli>\n\u003Cli>feat(widget): deferred_days & deferred_months\u003C\u002Fli>\n\u003Cli>feat(widget): locale\u003C\u002Fli>\n\u003Cli>fix: filter eligible feeplans in checkout\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>2.2.1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>fix: send user_locale in Alma checkout\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>2.2.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>ci: add shell script bumper\u003C\u002Fli>\n\u003Cli>feat: add IT & DE languages\u003C\u002Fli>\n\u003Cli>fix: call eligibility without country if null\u003C\u002Fli>\n\u003Cli>fix: dynamic update on checkout for anonymous user\u003C\u002Fli>\n\u003Cli>fix: update translations without space on go_to_log\u003C\u002Fli>\n\u003Cli>fix: widget handler replace excluding by including tax\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>2.1.1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>fix: remove upgrade process\u003C\u002Fli>\n\u003Cli>fix: usage of woo deprecated get price func\u003C\u002Fli>\n\u003Cli>refactor: remove redundant properties initializations\u003C\u002Fli>\n\u003Cli>refactor: add Settings magic properties\u003C\u002Fli>\n\u003Cli>refactor: remove unnecessary brackets into strings\u003C\u002Fli>\n\u003Cli>word(typo): fix all doc block typo\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>2.1.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>[i18n] allow plugin to works with all locales\u003C\u002Fli>\n\u003Cli>[i18n] add locale & advanced address fields on payment creation\u003C\u002Fli>\n\u003Cli>[i18n] add customer addresses information to check payment plans on checkout\u003C\u002Fli>\n\u003Cli>[i18n] add nl & es translations\u003C\u002Fli>\n\u003Cli>minor refactorings\u003C\u002Fli>\n\u003Cli>enhance docker env\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>2.0.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Add inline Pay Later (Eligibility V2)\u003C\u002Fli>\n\u003Cli>Add dedicated DB migrations processor\u003C\u002Fli>\n\u003Cli>Load & update fee-plans dynamically from ALMA dashboard config\u003C\u002Fli>\n\u003Cli>Add autoloader\u003C\u002Fli>\n\u003Cli>Minor refactorisations\u003C\u002Fli>\n\u003Cli>Root tree refactorisation\u003C\u002Fli>\n\u003Cli>Re-design back-office fee plans configuration\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>1.3.1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Avoid Fatal error on (not found) product badge injection\u003C\u002Fli>\n\u003Cli>Increase debug log on non displayed bages\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>1.3.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Remove PHP warnings & do not display widget on out-stock or un-priced product\u003C\u002Fli>\n\u003Cli>Minor refactoring\u003C\u002Fli>\n\u003Cli>Enhance dev docker env (display php warnings \u002F errors + prioritize custom-php-ini file)\u003C\u002Fli>\n\u003Cli>Fix widget display price without tax depending on WooCommerce tax rule configuration\u003C\u002Fli>\n\u003Cli>Add fallback locale on checkout payment ALMA API call\u003C\u002Fli>\n\u003Cli>Add filter to override locale on checkout payment ALMA API call\u003C\u002Fli>\n\u003Cli>Add widget shortcodes\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>1.2.3\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Use unpkg.com instead of unpkg.io\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>1.2.2\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Do not display a radio button at checkout, when there’s only one payment plan available\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>1.2.1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Fixes default min\u002Fmax amount values being converted to cents multiple times in a row\u003C\u002Fli>\n\u003Cli>Improves xdebug configuration\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>1.2.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Allows merchant to activate 2-, 3- a 4-installment plans, with min and max allowed amounts per plan\u003C\u002Fli>\n\u003Cli>Displays an Alma widget on product pages and cart page to inform customers of eligible payment plans\u003C\u002Fli>\n\u003Cli>Displays a full payment plan for each plan option on the checkout page\u003C\u002Fli>\n\u003Cli>Enables Alma by default for all \u003Ccode>fr_*\u003C\u002Fcode> locales\u003C\u002Fli>\n\u003Cli>Adds a \u003Ccode>alma_wc_enable_for_locale\u003C\u002Fcode> that can be used to enable Alma for additional locales\u003C\u002Fli>\n\u003Cli>Any of the module’s settings can be overridden via a filter: \u003Ccode>alma_wc_settings_[setting_name]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Fixes compatibility issues with WooCommerce 2.6.14\u003C\u002Fli>\n\u003Cli>Fixes many bugs\u003C\u002Fli>\n\u003Cli>Dependencies update\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>1.17\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Do not require Live key in Test mode and vice versa\u003C\u002Fli>\n\u003Cli>Include cancel url, order reference & order URLs in payment data\u003C\u002Fli>\n\u003Cli>Don’t show the eligibility message in case of API error\u003C\u002Fli>\n\u003Cli>Stop checking in vendor dependencies – they’ll be included in each release’s ZIP file\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>1.1.6\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Dependencies update\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>1.1.5\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Fixes display on cart option that was always on\u003C\u002Fli>\n\u003Cli>Tested against latest versions of WordPress\u002FWooCommerce\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>1.1.4\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Fixes various warnings when WooCommerce isn’t activated\u003C\u002Fli>\n\u003Cli>Updates dependencies\u003C\u002Fli>\n\u003Cli>Fixes errors when Alma’s API is not available\u003C\u002Fli>\n\u003Cli>Attempt to fix problem triggered when calling the WordPress API\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>1.1.3\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Fixes warning when \u003Ccode>excluded_products_list\u003C\u002Fcode> is not set\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>1.1.2\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Adds hidden option to be able to choose installments count to use for created payments\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>1.1.1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Fixes bug occurring in \u003Ccode>wp-admin\u002Fnav-menus.php\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>1.1.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Fixes case of “alma” in includes path\u003C\u002Fli>\n\u003Cli>Adds possibility to exclude product categories from installment payments, to help enforce contractual restrictions\u003Cbr \u002F>\n(i.e. Alma cannot be used to sell\u002Fbuy virtual\u002Fdownloadable products such as gift cards, subscriptions, …)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>1.0.1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Switches logo file to SVG\u003C\u002Fli>\n\u003Cli>Uses latest Eligibility check behaviour to remove one extra call to the API\u003C\u002Fli>\n\u003Cli>Adds User-Agent string containing the module’s version, WordPress version, WooCommerce, PHP client and PHP versions, to all requests going to Alma’s  …\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin adds a new payment method to WooCommerce, which allows you to offer monthly payments to your customer using Alma.",1000,57051,68,5,"2026-04-01T13:47:00.000Z","6.9.4","6.6.0","7.4",[20,21,22,23,24],"bnpl","e-commerce","ecommerce","payments","woocommerce","https:\u002F\u002Fdocs.almapay.com\u002Fdocs\u002Fwoocommerce","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.6.0.7.zip",98,2,0,"2026-01-14 00:00:00","2026-04-16T10:56:18.058Z","no_bundle",[34,67],{"id":35,"url_slug":36,"title":37,"description":38,"plugin_slug":4,"theme_slug":39,"affected_versions":40,"patched_in_version":41,"severity":42,"cvss_score":43,"cvss_vector":44,"vuln_type":45,"published_date":30,"updated_date":46,"references":47,"days_to_patch":49,"patch_diff_files":50,"patch_trac_url":39,"research_status":56,"research_verified":57,"research_rounds_completed":58,"research_plan":59,"research_summary":60,"research_vulnerable_code":61,"research_fix_diff":62,"research_exploit_outline":63,"research_model_used":64,"research_started_at":65,"research_completed_at":66,"research_error":39,"poc_status":39,"poc_video_id":39,"poc_summary":39,"poc_steps":39,"poc_tested_at":39,"poc_wp_version":39,"poc_php_version":39,"poc_playwright_script":39,"poc_exploit_code":39,"poc_has_trace":57,"poc_model_used":39,"poc_verification_depth":39},"CVE-2026-24999","alma-missing-authorization","Alma \u003C= 5.16.1 - Missing Authorization","The Alma – Pay in installments or later for WooCommerce plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 5.16.1. This makes it possible for unauthenticated attackers to perform an unauthorized action.",null,"\u003C=5.16.1","5.16.2","medium",5.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Missing Authorization","2026-05-04 15:04:04",[48],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F4424b889-fade-4ddd-85e9-812752a2552d?source=api-prod",111,[51,52,53,54,55],"alma-gateway-for-woocommerce.php","assets\u002Fjs\u002Falma-checkout-in-page.js","build\u002Falma-checkout-block\u002Falma-checkout-blocks.asset.php","build\u002Falma-checkout-block\u002Falma-checkout-blocks.js","build\u002Falma-checkout-block\u002Fstyle-alma-checkout-blocks.css","researched",false,3,"# Exploitation Research Plan - CVE-2026-24999 (Alma Payment Gateway)\n\n## 1. Vulnerability Summary\nThe **Alma – Pay in installments or later for WooCommerce** plugin (versions \u003C= 5.16.1) contains a missing authorization vulnerability. Specifically, the plugin registers AJAX handlers that perform state-changing actions (such as order cancellation) via `wp_ajax_nopriv_` hooks without implementing proper capability checks or verifying that the requester owns the resource (e.g., the order). This allows unauthenticated attackers to perform unauthorized actions, most notably cancelling arbitrary WooCommerce orders.\n\n## 2. Attack Vector Analysis\n*   **Endpoint:** `\u002Fwp-admin\u002Fadmin-ajax.php`\n*   **Action:** `alma_cancel_order_in_page` (identified from `assets\u002Fjs\u002Falma-checkout-in-page.js`)\n*   **HTTP Method:** `POST`\n*   **Parameters:**\n    *   `action`: `alma_cancel_order_in_page`\n    *   `order_id`: The WooCommerce order ID to be cancelled.\n*   **Authentication:** None (unauthenticated).\n*   **Preconditions:** A WooCommerce order must exist in the system.\n\n## 3. Code Flow\n1.  The client-side script `assets\u002Fjs\u002Falma-checkout-in-page.js` defines a function `cancel_order(orderId)`.\n2.  This function triggers a POST request to `admin-ajax.php` with `action: 'alma_cancel_order_in_page'`.\n3.  The plugin's server-side logic (likely within the `AlmaPlugin` class or a service class like `AlmaBusinessEventService`) registers this action using `add_action('wp_ajax_nopriv_alma_cancel_order_in_page', ...)`.\n4.  The handler function executes. Because the vulnerability is \"Missing Authorization,\" it fails to check:\n    *   If the user is logged in.\n    *   If the user has the `edit_shop_orders` capability.\n    *   If the order ID provided belongs to the current session\u002Fuser.\n5.  The handler proceeds to call WooCommerce methods (e.g., `$order->update_status('cancelled')`) based solely on the user-provided `order_id`.\n\n## 4. Nonce Acquisition Strategy\nBased on `assets\u002Fjs\u002Falma-checkout-in-page.js`, the `cancel_order` function does **not** appear to include a nonce in its data payload:\n\n```javascript\n\u002F\u002F From assets\u002Fjs\u002Falma-checkout-in-page.js\nfunction cancel_order(orderId)\n{\n    var data = {\n        'action': 'alma_cancel_order_in_page',\n        'order_id': orderId\n    };\n\n    jQuery.post( ajax_object.ajax_url, data )\n}\n```\n\nIf the handler does verify a nonce (e.g., using `check_ajax_referer`), it would likely be localized in the `ajax_object` variable. \n\n**Acquisition Steps (if needed):**\n1.  The script is likely enqueued on the WooCommerce Checkout page.\n2.  Navigate to the checkout page: `browser_navigate(\"\u002Fcheckout\u002F\")`.\n3.  Execute JS to find the nonce: `browser_eval(\"window.ajax_object?.nonce\")`.\n4.  If the handler is truly vulnerable to unauthenticated \"unauthorized access,\" it likely either lacks the nonce check entirely or uses a generic, publicly accessible nonce.\n\n## 5. Exploitation Strategy\nThe goal is to cancel a legitimate WooCommerce order as an unauthenticated attacker.\n\n### Step 1: Target Identification\nIdentify a valid Order ID (Post ID). In a real attack, these are often sequential or can be guessed.\n\n### Step 2: Malicious Request\nSend a POST request to the AJAX endpoint.\n\n**Request Details:**\n*   **URL:** `http:\u002F\u002F[TARGET]\u002Fwp-admin\u002Fadmin-ajax.php`\n*   **Content-Type:** `application\u002Fx-www-form-urlencoded`\n*   **Body:** `action=alma_cancel_order_in_page&order_id=[TARGET_ORDER_ID]`\n\n### Step 3: Secondary Actions\nOther actions found in `assets\u002Fjs\u002Falma-checkout-in-page.js` should also be tested for unauthorized access:\n*   `alma_do_checkout_in_page`: May allow unauthorized creation\u002Fmanipulation of payment intents.\n*   `alma_return_checkout_in_page`: May allow manipulation of the checkout return flow.\n\n## 6. Test Data Setup\n1.  **Install WooCommerce** and the **Alma** plugin (v5.16.1).\n2.  **Create a Product:** `wp post create --post_type=product --post_title=\"Test Product\" --post_status=publish`.\n3.  **Generate an Order:**\n    ```bash\n    # Create an order for a guest user\n    ORDER_ID=$(wp wc shop_order create --user=0 --customer_id=0 --status=pending --porcelain)\n    echo \"Created Order ID: $ORDER_ID\"\n    ```\n4.  **Configure Alma:** Ensure the plugin is active (Alma API keys are not strictly necessary for the AJAX handler to exist, but the plugin must be enabled as a gateway).\n\n## 7. Expected Results\n*   The server should return a `200 OK` or a JSON success response (e.g., `{\"success\": true}`).\n*   The WooCommerce order status for the targeted `ORDER_ID` should change from `pending` (or `processing`) to `cancelled`.\n\n## 8. Verification Steps\n1.  **Check Order Status via WP-CLI:**\n    ```bash\n    wp wc shop_order get [ORDER_ID] --fields=status\n    ```\n    *Successful exploit:* The status should be `cancelled`.\n2.  **Check Order Notes:**\n    ```bash\n    wp post get [ORDER_ID] --field=post_excerpt\n    # Or check comments (WC Order Notes)\n    wp comment list --post_id=[ORDER_ID]\n    ```\n    *Check if a note was added stating the order was cancelled via Alma.*\n\n## 9. Alternative Approaches\nIf `alma_cancel_order_in_page` requires a nonce that is strictly tied to a specific session:\n1.  Test `alma_do_checkout_in_page`. This action takes `fields` (serialized form). Attempt to pass a different `order_id` or manipulate order data during the \"in-page\" checkout creation process.\n2.  If the vulnerability lies in `alma_return_checkout_in_page`, attempt to call it with a `payment_id` or `order_id` to trick the system into thinking a payment was successful or needs state reconciliation.","The Alma plugin for WooCommerce (\u003C= 5.16.1) fails to perform authorization, ownership, or nonce checks on several AJAX handlers, including the one responsible for order cancellation. This allows unauthenticated attackers to cancel arbitrary WooCommerce orders by providing a valid order ID to the admin-ajax.php endpoint.","\u002F\u002F assets\u002Fjs\u002Falma-checkout-in-page.js\n\nfunction cancel_order(orderId)\n{\n    var data = {\n        'action': 'alma_cancel_order_in_page',\n        'order_id': orderId\n    };\n\n    jQuery.post( ajax_object.ajax_url, data )\n}","--- \u002Fhome\u002Fdeploy\u002Fwp-safety.org\u002Fdata\u002Fplugin-versions\u002Falma-gateway-for-woocommerce\u002F5.16.1\u002Fassets\u002Fjs\u002Falma-checkout-in-page.js\t2024-12-12 15:40:18.000000000 +0000\n+++ \u002Fhome\u002Fdeploy\u002Fwp-safety.org\u002Fdata\u002Fplugin-versions\u002Falma-gateway-for-woocommerce\u002F5.16.2\u002Fassets\u002Fjs\u002Falma-checkout-in-page.js\t2026-01-29 13:42:24.000000000 +0000\n@@ -131,15 +131,17 @@\n \t\t\t\t\t\t\t\t'alma_fee_plan_in_page': feePlanChecked\n \t\t\t\t\t\t\t};\n \n-\t\t\t\t\t\t\tpaymentId = response.data.payment_id;\n-\t\t\t\t\t\t\torderId   = response.data.order_id;\n+\t\t\t\t\t\t\tlet paymentId = response.data.payment_id;\n+\t\t\t\t\t\t\tlet orderId   = response.data.order_id;\n+                            let orderKey   = response.data.order_key;\n+                            let nonce = ajax_object.nonce;\n \n-\t\t\t\t\t\t\t\u002F\u002F Start the payment.\n+\t\t\t\t\t\t\t\u002F\u002F Start the payment.\n \t\t\t\t\t\t\tinPage.startPayment(\n \t\t\t\t\t\t\t\t{\n \t\t\t\t\t\t\t\t\tpaymentId:paymentId,\n \t\t\t\t\t\t\t\t\tonUserCloseModal: () => {\n-\t\t\t\t\t\t\t\t\t\tcancel_order( orderId );\n+\t\t\t\t\t\t\t\t\t\tcancel_order( orderId, orderKey, nonce );\n \t\t\t\t\t\t\t\t\t\t$( '.alma-loader-wrapper' ).remove();\n \t\t\t\t\t\t\t\t\t}\n \t\t\t\t\t\t\t\t}\n@@ -162,11 +164,13 @@\n \t\t$( \"body\" ).append( \"\u003Cdiv class='alma-loader-wrapper'>\" + loading + \"\u003C\u002Fdiv>\" );\n \t}\n \n-\tfunction cancel_order(orderId)\n+\tfunction cancel_order(orderId, orderKey, nonce)\n \t{\n \t\tvar data = {\n \t\t\t'action': 'alma_cancel_order_in_page',\n-\t\t\t'order_id': orderId\n+\t\t\t'order_id': orderId,\n+            'order_key': orderKey,\n+            'nonce': nonce\n \t\t};\n \n \t\tjQuery.post( ajax_object.ajax_url, data )","The exploit involves a direct unauthenticated request to the WordPress AJAX endpoint. \n\n1. Identify a target WooCommerce Order ID. In many WordPress installations, these are incremental and easily enumerable. \n2. Send a POST request to `\u002Fwp-admin\u002Fadmin-ajax.php`. \n3. Include the following parameters in the body: `action=alma_cancel_order_in_page` and `order_id=[TARGET_ORDER_ID]`. \n4. Because the vulnerable versions do not check for a nonce, order key, or the current user's session, the server-side handler (registered via `wp_ajax_nopriv_alma_cancel_order_in_page`) will process the request and update the status of the specified order to 'cancelled'.","gemini-3-flash-preview","2026-05-05 09:45:00","2026-05-05 09:46:01",{"id":68,"url_slug":69,"title":70,"description":71,"plugin_slug":4,"theme_slug":39,"affected_versions":72,"patched_in_version":73,"severity":42,"cvss_score":74,"cvss_vector":75,"vuln_type":76,"published_date":77,"updated_date":78,"references":79,"days_to_patch":81,"patch_diff_files":82,"patch_trac_url":39,"research_status":39,"research_verified":57,"research_rounds_completed":29,"research_plan":39,"research_summary":39,"research_vulnerable_code":39,"research_fix_diff":39,"research_exploit_outline":39,"research_model_used":39,"research_started_at":39,"research_completed_at":39,"research_error":39,"poc_status":39,"poc_video_id":39,"poc_summary":39,"poc_steps":39,"poc_tested_at":39,"poc_wp_version":39,"poc_php_version":39,"poc_playwright_script":39,"poc_exploit_code":39,"poc_has_trace":57,"poc_model_used":39,"poc_verification_depth":39},"CVE-2023-50369","alma-pay-in-installments-or-later-for-woocommerce-authenticated-contributor-stored-cross-site-scripting","Alma – Pay in installments or later for WooCommerce \u003C= 5.2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting","The Alma – Pay in installments or later for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 5.2.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C=5.2.0","5.2.1",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2023-12-07 00:00:00","2024-04-01 21:04:44",[80],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F044d7480-ccd7-4ce8-bb5d-367ba5d0217c?source=api-prod",117,[],{"slug":84,"display_name":7,"profile_url":8,"plugin_count":85,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":86,"trust_score":87,"computed_at":88},"almapayments",1,114,78,"2026-05-19T22:44:13.144Z",[90,106,122,144,159],{"slug":91,"name":92,"version":93,"author":94,"author_profile":95,"description":96,"short_description":92,"active_installs":97,"downloaded":98,"rating":99,"num_ratings":85,"last_updated":100,"tested_up_to":16,"requires_at_least":101,"requires_php":18,"tags":102,"homepage":104,"download_link":105,"security_score":99,"vuln_count":29,"unpatched_count":29,"last_vuln_date":39,"fetched_at":31},"onvo-pay","ONVO Pay","1.2.2","ONVO","https:\u002F\u002Fprofiles.wordpress.org\u002Fonvopay\u002F","\u003Cp>ONVO Pay es una solución integrada de pagos en línea que ayuda a los comercios a vender más y mejor, mientras optimiza la experiencia de compra de los clientes.\u003C\u002Fp>\n\u003Cp>Sus principales características son:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Habilita pagos por tarjetas de crédito y débito, así como transferencias bancarias (SINPE y SINPE Móvil).\u003C\u002Fli>\n\u003Cli>No genera redireccionamiento ni requiere comprobantes.\u003C\u002Fli>\n\u003Cli>Cuenta con la certificación PCI DSS, la normativa internacional de seguridad que deben cumplir todas las entidades que almacenan, procesan o transmiten datos de tarjetas.\u003C\u002Fli>\n\u003Cli>Los clientes pueden elegir guardar su información de pago para compras futuras de un solo clic.\u003C\u002Fli>\n\u003Cli>Toda la data transaccional se integra en un panel de fácil navegación, diseñado acorde con las mejores prácticas de usabilidad y experiencia de usuario.\u003C\u002Fli>\n\u003C\u002Ful>\n",300,11268,100,"2026-04-09T18:33:00.000Z","6.2",[21,22,103,23,24],"onvopay","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fonvo-pay-gateway\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fonvo-pay.1.2.2.zip",{"slug":107,"name":108,"version":109,"author":110,"author_profile":111,"description":112,"short_description":113,"active_installs":114,"downloaded":115,"rating":99,"num_ratings":85,"last_updated":116,"tested_up_to":16,"requires_at_least":117,"requires_php":118,"tags":119,"homepage":120,"download_link":121,"security_score":99,"vuln_count":29,"unpatched_count":29,"last_vuln_date":39,"fetched_at":31},"slickpay-payment-gateway","Slick-Pay Payment Gateway","1.0.5","Slick-Pay","https:\u002F\u002Fprofiles.wordpress.org\u002Fslickpay\u002F","\u003Cp>WordPress plugin for Slick-Pay API implementation, once installed, it provides a new payment gateway to the WooCommerce payment methods.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Security, make secure transfers;\u003C\u002Fli>\n\u003Cli>Reliability, a reliable solution for your transfers;\u003C\u002Fli>\n\u003Cli>Mobility, by everyone at any time;\u003C\u002Fli>\n\u003Cli>Simplicity, make your payment with few clicks.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>One of the most important benefits of using Slick-Pay is that the transactions fees can be on the Slick-Pay account owner or the final client during the payment process.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>[ New ]\u003C\u002Fstrong>: New feature implemented, now you are able to make your client pay only a \u003Cstrong>deposit\u003C\u002Fstrong> during the checkout.\u003C\u002Fp>\n\u003Cp>Slick-Pay is available for Store Owners and Merchants in:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Agleria\u003C\u002Fli>\n\u003C\u002Ful>\n","Slick-Pay.com Payment Gateway Plug-in for WooCommerce.",60,3057,"2026-03-11T13:05:00.000Z","6.0","7.3",[21,22,23,24],"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fslickpay-payement-gateway\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fslickpay-payment-gateway.1.0.5.zip",{"slug":123,"name":124,"version":125,"author":126,"author_profile":127,"description":128,"short_description":129,"active_installs":130,"downloaded":131,"rating":132,"num_ratings":85,"last_updated":133,"tested_up_to":134,"requires_at_least":135,"requires_php":136,"tags":137,"homepage":140,"download_link":141,"security_score":142,"vuln_count":29,"unpatched_count":29,"last_vuln_date":39,"fetched_at":143},"alternative-payments-for-woocommerce","Alternative Payments for WooCommerce","1.0.9","molivver","https:\u002F\u002Fprofiles.wordpress.org\u002Fmolivver\u002F","\u003Cp>The Alternative Payments WooCommerce plugin allows for a seamless integration with our payment gateway. With this plugin, you can add a broad portfolio of local payment methods to your WooCommerce webshop. The following payments methods are supported in this version:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>SEPA EuroDebit\u003C\u002Fli>\n\u003Cli>iDEAL\u003C\u002Fli>\n\u003Cli>Sofort Überweisung\u003C\u002Fli>\n\u003Cli>giropay\u003C\u002Fli>\n\u003Cli>eps\u003C\u002Fli>\n\u003Cli>Przelewy24\u003C\u002Fli>\n\u003Cli>teleingreso\u003C\u002Fli>\n\u003Cli>POLi\u003C\u002Fli>\n\u003Cli>SafetyPay\u003C\u002Fli>\n\u003Cli>Bancontact MisterCash\u003C\u002Fli>\n\u003Cli>TrustPay\u003C\u002Fli>\n\u003Cli>Verkkopankki\u003C\u002Fli>\n\u003Cli>QIWI\u003C\u002Fli>\n\u003Cli>Alipay\u003C\u002Fli>\n\u003Cli>Tenpay\u003C\u002Fli>\n\u003Cli>paysafecard\u003C\u002Fli>\n\u003Cli>CASHU\u003C\u002Fli>\n\u003Cli>BrazilPay Boleto Bancário\u003C\u002Fli>\n\u003Cli>BrazilPay Bank Transfer\u003C\u002Fli>\n\u003Cli>BrazilPay Charge Card\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Please go to the Alternative Payments’ \u003Ca href=\"https:\u002F\u002Fmerchant.alternativepayments.com\u002FAccount\u002FRegister\" rel=\"nofollow ugc\">Merchant Portal\u003C\u002Fa>, create an account and start processing international transactions in less than 15 minutes. \u003Ca href=\"http:\u002F\u002Fwww.alternativepayments.com\u002Fsupport\u002Ftech-contact.html\" rel=\"nofollow ugc\">Contact us\u003C\u002Fa> if you have any questions or comments about this plugin.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Edit order for every payment method\u003C\u002Fli>\n\u003Cli>Smart Payment Option filtering by supported country\u003C\u002Fli>\n\u003Cli>Enable\u002FDisable individual payment option\u003C\u002Fli>\n\u003Cli>Custom return and cancel URL\u003C\u002Fli>\n\u003Cli>Extensive webhooks\u003C\u002Fli>\n\u003Cli>SMS Verification for SEPA\u003C\u002Fli>\n\u003Cli>Option to change order status to processing on SEPA transactions\u003C\u002Fli>\n\u003C\u002Ful>\n","Convert millions of international consumers that don't use credit cards.",10,3572,20,"2017-12-06T15:55:00.000Z","4.9.29","4.4.1","",[138,21,22,139,24],"alternative-payments","local","http:\u002F\u002Falternativepayments.com\u002Fsupport\u002Fplugins.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falternative-payments-for-woocommerce.1.0.9.zip",85,"2026-04-06T09:54:40.288Z",{"slug":145,"name":146,"version":147,"author":148,"author_profile":149,"description":150,"short_description":151,"active_installs":130,"downloaded":152,"rating":29,"num_ratings":29,"last_updated":153,"tested_up_to":154,"requires_at_least":155,"requires_php":156,"tags":157,"homepage":136,"download_link":158,"security_score":99,"vuln_count":29,"unpatched_count":29,"last_vuln_date":39,"fetched_at":31},"nasswallet-payment-gateway-for-woocommerce","NassWallet Payment Gateway for WooCommerce","1.1","Renas Adnan","https:\u002F\u002Fprofiles.wordpress.org\u002Fnasswallettechsupport\u002F","\u003Cp>NassWallet for WooCommerce is developed to accept payments through NassWallet payment gateway from WooCommerce stores.\u003C\u002Fp>\n\u003Cp>By default, NassWallet payment gateway accepts only IQD as currency unit. However, you can enable Multi currency Support Option from the plugin settings in order to accept payments in different Currencies. For that you need to set an accurate exchange and up to date rate against IQD in which the plugin will use to calculate and change the order amount to IQD. It will be the merchant’s responsiblity to set an accurate exchange rate against the IQD. The developer is not responsible for setting incorrect or outdated rates.\u003C\u002Fp>\n\u003Cp>In case of the failure payments, by default we will redirect the customer to the main home page. In order to change this behavior, you can set the redirection URL option from the settings with the full page URL that you want the user to redirect to it.\u003C\u002Fp>\n\u003Cp>The customer will be redirected to the checkout page for Successful payments.\u003C\u002Fp>\n\u003Cp>In order to accept payments and use NassWallet in Production Environment, you will need to contact NassWallet Team from this link: \u003Ca href=\"https:\u002F\u002Fnw.iq\u002Fbecome-partner\" rel=\"nofollow ugc\">Become a Partner\u003C\u002Fa> to open a permanent Account and start accepting payments through the gateway.\u003C\u002Fp>\n","Accept payments on your WooCommerce store with NassWallet Payment Gateway.",1183,"2026-02-19T10:12:00.000Z","6.3.0","5.8","7.0",[21,22,23,24],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnasswallet-payment-gateway-for-woocommerce.1.2.zip",{"slug":160,"name":161,"version":162,"author":163,"author_profile":164,"description":165,"short_description":166,"active_installs":130,"downloaded":167,"rating":29,"num_ratings":29,"last_updated":168,"tested_up_to":169,"requires_at_least":170,"requires_php":18,"tags":171,"homepage":173,"download_link":174,"security_score":99,"vuln_count":29,"unpatched_count":29,"last_vuln_date":39,"fetched_at":143},"payd-money-for-woocommerce","Payd Money for WooCommerce","2.6","Payd Money","https:\u002F\u002Fprofiles.wordpress.org\u002Fpaydhq\u002F","\u003Cp>Payd Money for WooCommerce is a payment gateway that allows you to accept payments on your WooCommerce store via Payd Money.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Accept payments via Payd Money\u003C\u002Fli>\n\u003Cli>Automatic payment verification\u003C\u002Fli>\n\u003Cli>Support for refunds\u003C\u002Fli>\n\u003Cli>Compatible with WooCommerce blocks\u003C\u002Fli>\n\u003C\u002Ful>\n","Get paid the easy, cool way on your WooCommerce store powered by Payd Money.",646,"2025-07-24T08:52:00.000Z","6.8.5","5.6",[21,22,172,23,24],"payd","https:\u002F\u002Fpayd.money","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpayd-money-for-woocommerce.2.6.zip",{"attackSurface":176,"codeSignals":252,"taintFlows":296,"riskAssessment":297,"analyzedAt":309},{"hooks":177,"ajaxHandlers":248,"restRoutes":249,"shortcodes":250,"cronEvents":251,"entryPointCount":29,"unprotectedCount":29},[178,183,187,190,194,198,202,207,211,213,215,217,222,225,228,230,233,237,239,244],{"type":179,"name":180,"callback":181,"file":51,"line":182},"action","before_woocommerce_init","closure",56,{"type":179,"name":184,"callback":185,"priority":29,"file":51,"line":186},"plugins_loaded","plugin_warmup",65,{"type":179,"name":184,"callback":188,"priority":85,"file":51,"line":189},"plugin_migration",72,{"type":179,"name":191,"callback":192,"file":51,"line":193},"woocommerce_init","plugin_setup",79,{"type":179,"name":195,"callback":196,"priority":130,"file":197,"line":114},"woocommerce_rest_checkout_process_payment_with_context","process_payment_with_context","includes\\Infrastructure\\Block\\Gateway\\AbstractGatewayBlock.php",{"type":179,"name":199,"callback":181,"file":200,"line":201},"woocommerce_blocks_cart_block_registration","includes\\Infrastructure\\Entity\\CartWidget.php",36,{"type":179,"name":203,"callback":204,"priority":85,"file":205,"line":206},"woocommerce_update_options_payment_gateways_alma_config_gateway","process_admin_options","includes\\Infrastructure\\Gateway\\AbstractGateway.php",74,{"type":179,"name":208,"callback":181,"file":209,"line":210},"admin_notices","includes\\Infrastructure\\Helper\\AdminNotificationHelper.php",21,{"type":179,"name":208,"callback":181,"file":209,"line":212},37,{"type":179,"name":208,"callback":181,"file":209,"line":214},53,{"type":179,"name":208,"callback":181,"file":209,"line":216},69,{"type":218,"name":219,"callback":181,"file":220,"line":221},"filter","woocommerce_payment_gateways","includes\\Infrastructure\\Helper\\BackendHelper.php",28,{"type":179,"name":203,"callback":181,"file":223,"line":224},"includes\\Infrastructure\\Helper\\CoreHelper.php",23,{"type":218,"name":219,"callback":181,"file":226,"line":227},"includes\\Infrastructure\\Helper\\FrontendHelper.php",48,{"type":218,"name":229,"callback":181,"file":226,"line":216},"woocommerce_available_payment_gateways",{"type":179,"name":184,"callback":181,"file":231,"line":232},"includes\\Infrastructure\\Helper\\LanguageHelper.php",18,{"type":179,"name":234,"callback":181,"file":235,"line":236},"woocommerce_proceed_to_checkout","includes\\Infrastructure\\Helper\\ShortcodeWidgetHelper.php",33,{"type":179,"name":238,"callback":181,"file":235,"line":189},"woocommerce_before_add_to_cart_form",{"type":179,"name":240,"callback":241,"file":242,"line":243},"woocommerce_api_alma_checkout_data","getCheckoutData","includes\\Infrastructure\\Service\\CheckoutService.php",46,{"type":179,"name":245,"callback":181,"file":246,"line":247},"woocommerce_blocks_payment_method_type_registration","includes\\Infrastructure\\Service\\GatewayService.php",130,[],[],[],[],{"dangerousFunctions":253,"sqlUsage":259,"outputEscaping":266,"fileOperations":29,"externalRequests":29,"nonceChecks":58,"capabilityChecks":29,"bundledLibraries":292},[254],{"fn":255,"file":256,"line":257,"context":258},"unserialize","includes\\Infrastructure\\Repository\\FeePlanRepository.php",242,"$feePlanList = @unserialize( $raw ); \u002F\u002F phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions",{"prepared":260,"raw":85,"locations":261},15,[262],{"file":263,"line":264,"context":265},"includes\\Infrastructure\\Repository\\BusinessEventsRepository.php",24,"$wpdb->get_var() with variable interpolation",{"escaped":267,"rawEcho":268,"locations":269},34,12,[270,273,275,277,279,280,282,284,286,288,289,290],{"file":209,"line":271,"context":272},22,"raw output",{"file":209,"line":274,"context":272},38,{"file":209,"line":276,"context":272},54,{"file":209,"line":278,"context":272},70,{"file":235,"line":201,"context":272},{"file":235,"line":281,"context":272},75,{"file":283,"line":232,"context":272},"public\\templates\\partials\\gateway-description.php",{"file":285,"line":212,"context":272},"public\\templates\\partials\\gateway-plans.php",{"file":285,"line":287,"context":272},64,{"file":285,"line":189,"context":272},{"file":285,"line":193,"context":272},{"file":285,"line":291,"context":272},91,[293],{"name":294,"version":39,"knownCves":295},"Guzzle",[],[],{"summary":298,"deductions":299},"The alma-gateway-for-woocommerce plugin, version 6.0.4, exhibits a mixed security posture. On the positive side, it has a commendably small attack surface with no discovered AJAX handlers, REST API routes, shortcodes, or cron events that lack authentication or permission checks. Furthermore, the vast majority of SQL queries utilize prepared statements, and a significant portion of output is properly escaped, indicating good practices in these areas. Nonce checks are also present, and there are no external HTTP requests or file operations that could introduce vulnerabilities. The absence of critical and high severity taint analysis findings is also reassuring.\n\nHowever, there are notable areas of concern. The presence of the `unserialize` function without explicit context or sanitization on its input is a significant risk, as unserialization of untrusted data can lead to Remote Code Execution. While the plugin has a history of one medium severity Cross-Site Scripting (XSS) vulnerability, and the last known vulnerability was in December 2023, the fact that it had a medium severity XSS indicates potential for input handling weaknesses. The absence of capability checks on any entry points is also a weakness, as it means that even if an entry point existed, authorization would not be explicitly enforced by role.\n\nIn conclusion, while the plugin demonstrates strengths in minimizing its attack surface and using prepared statements, the presence of `unserialize` and the historical XSS vulnerability are critical red flags. The lack of capability checks on any potential entry points further compounds the risk. Developers should prioritize addressing the potential risks associated with `unserialize` and ensure robust input validation and sanitization are implemented.",[300,302,305,307],{"reason":301,"points":260},"Dangerous function unserialize present",{"reason":303,"points":304},"Medium severity XSS vulnerability history",8,{"reason":306,"points":14},"No capability checks on entry points",{"reason":308,"points":58},"Output escaping not fully implemented (74%)","2026-03-16T18:45:06.377Z",{"wat":311,"direct":344},{"assetPaths":312,"generatorPatterns":327,"scriptPaths":328,"versionParams":329},[313,314,315,316,317,318,319,320,321,322,323,324,325,326],"\u002Fwp-content\u002Fplugins\u002Falma-gateway-for-woocommerce\u002Fassets\u002Fcss\u002Falma-checkout-classic.css","\u002Fwp-content\u002Fplugins\u002Falma-gateway-for-woocommerce\u002Fassets\u002Fcss\u002Falma-widget.css","\u002Fwp-content\u002Fplugins\u002Falma-gateway-for-woocommerce\u002Fassets\u002Fcss\u002Falma-widget-block.css","\u002Fwp-content\u002Fplugins\u002Falma-gateway-for-woocommerce\u002Fassets\u002Fcss\u002Falma-widget-block-editor.css","\u002Fwp-content\u002Fplugins\u002Falma-gateway-for-woocommerce\u002Fassets\u002Fcss\u002Falma-gateway-block.css","\u002Fwp-content\u002Fplugins\u002Falma-gateway-for-woocommerce\u002Fassets\u002Fcss\u002Falma-admin.css","\u002Fwp-content\u002Fplugins\u002Falma-gateway-for-woocommerce\u002Fassets\u002Fjs\u002Falma-checkout-classic.js","\u002Fwp-content\u002Fplugins\u002Falma-gateway-for-woocommerce\u002Fassets\u002Fjs\u002Falma-widget.js","\u002Fwp-content\u002Fplugins\u002Falma-gateway-for-woocommerce\u002Fassets\u002Fjs\u002Falma-widget-block.js","\u002Fwp-content\u002Fplugins\u002Falma-gateway-for-woocommerce\u002Fassets\u002Fjs\u002Falma-widget-block-editor.js","\u002Fwp-content\u002Fplugins\u002Falma-gateway-for-woocommerce\u002Fassets\u002Fjs\u002Falma-gateway-block.js","\u002Fwp-content\u002Fplugins\u002Falma-gateway-for-woocommerce\u002Fassets\u002Fjs\u002Falma-admin.js","\u002Fwp-content\u002Fplugins\u002Falma-gateway-for-woocommerce\u002Fassets\u002Fjs\u002Falma-common.js","\u002Fwp-content\u002Fplugins\u002Falma-gateway-for-woocommerce\u002Fassets\u002Fjs\u002Falma-in-page.js",[],[319,320,321,322,323,324,325,326],[330,331,332,333,334,335,336,337,338,339,340,341,342,343],"alma-gateway-for-woocommerce\u002Fassets\u002Fcss\u002Falma-checkout-classic.css?ver=","alma-gateway-for-woocommerce\u002Fassets\u002Fcss\u002Falma-widget.css?ver=","alma-gateway-for-woocommerce\u002Fassets\u002Fcss\u002Falma-widget-block.css?ver=","alma-gateway-for-woocommerce\u002Fassets\u002Fcss\u002Falma-widget-block-editor.css?ver=","alma-gateway-for-woocommerce\u002Fassets\u002Fcss\u002Falma-gateway-block.css?ver=","alma-gateway-for-woocommerce\u002Fassets\u002Fcss\u002Falma-admin.css?ver=","alma-gateway-for-woocommerce\u002Fassets\u002Fjs\u002Falma-checkout-classic.js?ver=","alma-gateway-for-woocommerce\u002Fassets\u002Fjs\u002Falma-widget.js?ver=","alma-gateway-for-woocommerce\u002Fassets\u002Fjs\u002Falma-widget-block.js?ver=","alma-gateway-for-woocommerce\u002Fassets\u002Fjs\u002Falma-widget-block-editor.js?ver=","alma-gateway-for-woocommerce\u002Fassets\u002Fjs\u002Falma-gateway-block.js?ver=","alma-gateway-for-woocommerce\u002Fassets\u002Fjs\u002Falma-admin.js?ver=","alma-gateway-for-woocommerce\u002Fassets\u002Fjs\u002Falma-common.js?ver=","alma-gateway-for-woocommerce\u002Fassets\u002Fjs\u002Falma-in-page.js?ver=",{"cssClasses":345,"htmlComments":354,"htmlAttributes":355,"restEndpoints":359,"jsGlobals":363,"shortcodeOutput":370},[346,347,348,349,350,351,352,353],"alma-widget-wrapper","alma-widget-container","alma-widget-block-wrapper","alma-widget-block-container","alma-widget-block-editor-wrapper","alma-gateway-block-wrapper","alma-admin-wrapper","alma-in-page-wrapper",[],[356,357,358],"data-alma-payment-gateway-settings","data-alma-payment-gateway-locale","data-alma-payment-gateway-public-key",[360,361,362],"\u002Fwp-json\u002Falma\u002Fv1\u002Fconfig","\u002Fwp-json\u002Falma\u002Fv1\u002Finstallments","\u002Fwp-json\u002Falma\u002Fv1\u002Fpayment",[364,365,366,367,368,369],"AlmaGatewayConfig","AlmaWidgetConfig","AlmaWidgetBlockConfig","AlmaWidgetBlockEditorConfig","AlmaGatewayBlockConfig","AlmaAdminConfig",[],{"error":372,"url":373,"statusCode":374,"statusMessage":375,"message":375},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Falma-gateway-for-woocommerce\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":377,"versions":378},57,[379,384,391,398,404,412,420,428,436,444,452,460,468,476,484,492,500,508,516,524,532,540,548,555,564,573,582,591,600,609,618,627,636,645,654,663,672,681,690,699,708,717,726,735,744,753,762,771,780,789,798,807,816,825,834,843,852],{"version":6,"download_url":26,"svn_tag_url":380,"released_at":39,"has_diff":57,"diff_files_changed":381,"diff_lines":39,"trac_diff_url":382,"vulnerabilities":383,"is_current":372},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F6.0.7\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F6.0.6&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F6.0.7",[],{"version":385,"download_url":386,"svn_tag_url":387,"released_at":39,"has_diff":57,"diff_files_changed":388,"diff_lines":39,"trac_diff_url":389,"vulnerabilities":390,"is_current":57},"6.0.6","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.6.0.6.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F6.0.6\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F6.0.4&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F6.0.6",[],{"version":392,"download_url":393,"svn_tag_url":394,"released_at":39,"has_diff":57,"diff_files_changed":395,"diff_lines":39,"trac_diff_url":396,"vulnerabilities":397,"is_current":57},"6.0.4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.6.0.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F6.0.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.16.2&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F6.0.4",[],{"version":41,"download_url":399,"svn_tag_url":400,"released_at":39,"has_diff":57,"diff_files_changed":401,"diff_lines":39,"trac_diff_url":402,"vulnerabilities":403,"is_current":57},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.5.16.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F5.16.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.16.1&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.16.2",[],{"version":405,"download_url":406,"svn_tag_url":407,"released_at":39,"has_diff":57,"diff_files_changed":408,"diff_lines":39,"trac_diff_url":409,"vulnerabilities":410,"is_current":57},"5.16.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.5.16.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F5.16.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.16.0&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.16.1",[411],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":413,"download_url":414,"svn_tag_url":415,"released_at":39,"has_diff":57,"diff_files_changed":416,"diff_lines":39,"trac_diff_url":417,"vulnerabilities":418,"is_current":57},"5.16.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.5.16.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F5.16.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.15.0&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.16.0",[419],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":421,"download_url":422,"svn_tag_url":423,"released_at":39,"has_diff":57,"diff_files_changed":424,"diff_lines":39,"trac_diff_url":425,"vulnerabilities":426,"is_current":57},"5.15.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.5.15.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F5.15.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.14.2&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.15.0",[427],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":429,"download_url":430,"svn_tag_url":431,"released_at":39,"has_diff":57,"diff_files_changed":432,"diff_lines":39,"trac_diff_url":433,"vulnerabilities":434,"is_current":57},"5.14.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.5.14.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F5.14.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.14.1&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.14.2",[435],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":437,"download_url":438,"svn_tag_url":439,"released_at":39,"has_diff":57,"diff_files_changed":440,"diff_lines":39,"trac_diff_url":441,"vulnerabilities":442,"is_current":57},"5.14.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.5.14.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F5.14.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.13.1&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.14.1",[443],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":445,"download_url":446,"svn_tag_url":447,"released_at":39,"has_diff":57,"diff_files_changed":448,"diff_lines":39,"trac_diff_url":449,"vulnerabilities":450,"is_current":57},"5.13.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.5.13.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F5.13.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.13.0&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.13.1",[451],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":453,"download_url":454,"svn_tag_url":455,"released_at":39,"has_diff":57,"diff_files_changed":456,"diff_lines":39,"trac_diff_url":457,"vulnerabilities":458,"is_current":57},"5.13.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.5.13.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F5.13.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.12.0&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.13.0",[459],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":461,"download_url":462,"svn_tag_url":463,"released_at":39,"has_diff":57,"diff_files_changed":464,"diff_lines":39,"trac_diff_url":465,"vulnerabilities":466,"is_current":57},"5.12.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.5.12.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F5.12.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.11.0&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.12.0",[467],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":469,"download_url":470,"svn_tag_url":471,"released_at":39,"has_diff":57,"diff_files_changed":472,"diff_lines":39,"trac_diff_url":473,"vulnerabilities":474,"is_current":57},"5.11.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.5.11.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F5.11.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.10.0&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.11.0",[475],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":477,"download_url":478,"svn_tag_url":479,"released_at":39,"has_diff":57,"diff_files_changed":480,"diff_lines":39,"trac_diff_url":481,"vulnerabilities":482,"is_current":57},"5.10.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.5.10.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F5.10.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.9.0&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.10.0",[483],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":485,"download_url":486,"svn_tag_url":487,"released_at":39,"has_diff":57,"diff_files_changed":488,"diff_lines":39,"trac_diff_url":489,"vulnerabilities":490,"is_current":57},"5.9.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.5.9.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F5.9.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.8.1&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.9.0",[491],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":493,"download_url":494,"svn_tag_url":495,"released_at":39,"has_diff":57,"diff_files_changed":496,"diff_lines":39,"trac_diff_url":497,"vulnerabilities":498,"is_current":57},"5.8.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.5.8.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F5.8.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.8.0&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.8.1",[499],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":501,"download_url":502,"svn_tag_url":503,"released_at":39,"has_diff":57,"diff_files_changed":504,"diff_lines":39,"trac_diff_url":505,"vulnerabilities":506,"is_current":57},"5.8.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.5.8.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F5.8.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.7.0&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.8.0",[507],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":509,"download_url":510,"svn_tag_url":511,"released_at":39,"has_diff":57,"diff_files_changed":512,"diff_lines":39,"trac_diff_url":513,"vulnerabilities":514,"is_current":57},"5.7.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.5.7.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F5.7.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.6.0&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.7.0",[515],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":517,"download_url":518,"svn_tag_url":519,"released_at":39,"has_diff":57,"diff_files_changed":520,"diff_lines":39,"trac_diff_url":521,"vulnerabilities":522,"is_current":57},"5.6.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.5.6.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F5.6.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.5.0&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.6.0",[523],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":525,"download_url":526,"svn_tag_url":527,"released_at":39,"has_diff":57,"diff_files_changed":528,"diff_lines":39,"trac_diff_url":529,"vulnerabilities":530,"is_current":57},"5.5.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.5.5.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F5.5.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.4.0&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.5.0",[531],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":533,"download_url":534,"svn_tag_url":535,"released_at":39,"has_diff":57,"diff_files_changed":536,"diff_lines":39,"trac_diff_url":537,"vulnerabilities":538,"is_current":57},"5.4.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.5.4.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F5.4.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.3.0&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.4.0",[539],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":541,"download_url":542,"svn_tag_url":543,"released_at":39,"has_diff":57,"diff_files_changed":544,"diff_lines":39,"trac_diff_url":545,"vulnerabilities":546,"is_current":57},"5.3.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.5.3.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F5.3.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.2.1&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.3.0",[547],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":73,"download_url":549,"svn_tag_url":550,"released_at":39,"has_diff":57,"diff_files_changed":551,"diff_lines":39,"trac_diff_url":552,"vulnerabilities":553,"is_current":57},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.5.2.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F5.2.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.2.0&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.2.1",[554],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":556,"download_url":557,"svn_tag_url":558,"released_at":39,"has_diff":57,"diff_files_changed":559,"diff_lines":39,"trac_diff_url":560,"vulnerabilities":561,"is_current":57},"5.2.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.5.2.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F5.2.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.1.4&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.2.0",[562,563],{"id":68,"url_slug":69,"title":70,"severity":42,"cvss_score":74,"vuln_type":76,"patched_in_version":73},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":565,"download_url":566,"svn_tag_url":567,"released_at":39,"has_diff":57,"diff_files_changed":568,"diff_lines":39,"trac_diff_url":569,"vulnerabilities":570,"is_current":57},"5.1.4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.5.1.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F5.1.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.1.3&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.1.4",[571,572],{"id":68,"url_slug":69,"title":70,"severity":42,"cvss_score":74,"vuln_type":76,"patched_in_version":73},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":574,"download_url":575,"svn_tag_url":576,"released_at":39,"has_diff":57,"diff_files_changed":577,"diff_lines":39,"trac_diff_url":578,"vulnerabilities":579,"is_current":57},"5.1.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.5.1.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F5.1.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.1.2&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.1.3",[580,581],{"id":68,"url_slug":69,"title":70,"severity":42,"cvss_score":74,"vuln_type":76,"patched_in_version":73},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":583,"download_url":584,"svn_tag_url":585,"released_at":39,"has_diff":57,"diff_files_changed":586,"diff_lines":39,"trac_diff_url":587,"vulnerabilities":588,"is_current":57},"5.1.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.5.1.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F5.1.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.1.1&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.1.2",[589,590],{"id":68,"url_slug":69,"title":70,"severity":42,"cvss_score":74,"vuln_type":76,"patched_in_version":73},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":592,"download_url":593,"svn_tag_url":594,"released_at":39,"has_diff":57,"diff_files_changed":595,"diff_lines":39,"trac_diff_url":596,"vulnerabilities":597,"is_current":57},"5.1.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.5.1.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F5.1.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.1.0&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.1.1",[598,599],{"id":68,"url_slug":69,"title":70,"severity":42,"cvss_score":74,"vuln_type":76,"patched_in_version":73},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":601,"download_url":602,"svn_tag_url":603,"released_at":39,"has_diff":57,"diff_files_changed":604,"diff_lines":39,"trac_diff_url":605,"vulnerabilities":606,"is_current":57},"5.1.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.5.1.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F5.1.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.0.6&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.1.0",[607,608],{"id":68,"url_slug":69,"title":70,"severity":42,"cvss_score":74,"vuln_type":76,"patched_in_version":73},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":610,"download_url":611,"svn_tag_url":612,"released_at":39,"has_diff":57,"diff_files_changed":613,"diff_lines":39,"trac_diff_url":614,"vulnerabilities":615,"is_current":57},"5.0.6","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.5.0.6.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F5.0.6\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.0.5&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.0.6",[616,617],{"id":68,"url_slug":69,"title":70,"severity":42,"cvss_score":74,"vuln_type":76,"patched_in_version":73},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":619,"download_url":620,"svn_tag_url":621,"released_at":39,"has_diff":57,"diff_files_changed":622,"diff_lines":39,"trac_diff_url":623,"vulnerabilities":624,"is_current":57},"5.0.5","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.5.0.5.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F5.0.5\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.0.4&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.0.5",[625,626],{"id":68,"url_slug":69,"title":70,"severity":42,"cvss_score":74,"vuln_type":76,"patched_in_version":73},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":628,"download_url":629,"svn_tag_url":630,"released_at":39,"has_diff":57,"diff_files_changed":631,"diff_lines":39,"trac_diff_url":632,"vulnerabilities":633,"is_current":57},"5.0.4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.5.0.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F5.0.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.0.3&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.0.4",[634,635],{"id":68,"url_slug":69,"title":70,"severity":42,"cvss_score":74,"vuln_type":76,"patched_in_version":73},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":637,"download_url":638,"svn_tag_url":639,"released_at":39,"has_diff":57,"diff_files_changed":640,"diff_lines":39,"trac_diff_url":641,"vulnerabilities":642,"is_current":57},"5.0.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.5.0.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F5.0.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.0.2&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.0.3",[643,644],{"id":68,"url_slug":69,"title":70,"severity":42,"cvss_score":74,"vuln_type":76,"patched_in_version":73},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":646,"download_url":647,"svn_tag_url":648,"released_at":39,"has_diff":57,"diff_files_changed":649,"diff_lines":39,"trac_diff_url":650,"vulnerabilities":651,"is_current":57},"5.0.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.5.0.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F5.0.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.0.1&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.0.2",[652,653],{"id":68,"url_slug":69,"title":70,"severity":42,"cvss_score":74,"vuln_type":76,"patched_in_version":73},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":655,"download_url":656,"svn_tag_url":657,"released_at":39,"has_diff":57,"diff_files_changed":658,"diff_lines":39,"trac_diff_url":659,"vulnerabilities":660,"is_current":57},"5.0.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.5.0.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F5.0.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.0.0&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.0.1",[661,662],{"id":68,"url_slug":69,"title":70,"severity":42,"cvss_score":74,"vuln_type":76,"patched_in_version":73},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":664,"download_url":665,"svn_tag_url":666,"released_at":39,"has_diff":57,"diff_files_changed":667,"diff_lines":39,"trac_diff_url":668,"vulnerabilities":669,"is_current":57},"5.0.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.5.0.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F5.0.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F4.3.4&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F5.0.0",[670,671],{"id":68,"url_slug":69,"title":70,"severity":42,"cvss_score":74,"vuln_type":76,"patched_in_version":73},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":673,"download_url":674,"svn_tag_url":675,"released_at":39,"has_diff":57,"diff_files_changed":676,"diff_lines":39,"trac_diff_url":677,"vulnerabilities":678,"is_current":57},"4.3.4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.4.3.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F4.3.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F4.3.3&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F4.3.4",[679,680],{"id":68,"url_slug":69,"title":70,"severity":42,"cvss_score":74,"vuln_type":76,"patched_in_version":73},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":682,"download_url":683,"svn_tag_url":684,"released_at":39,"has_diff":57,"diff_files_changed":685,"diff_lines":39,"trac_diff_url":686,"vulnerabilities":687,"is_current":57},"4.3.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.4.3.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F4.3.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F4.3.2&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F4.3.3",[688,689],{"id":68,"url_slug":69,"title":70,"severity":42,"cvss_score":74,"vuln_type":76,"patched_in_version":73},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":691,"download_url":692,"svn_tag_url":693,"released_at":39,"has_diff":57,"diff_files_changed":694,"diff_lines":39,"trac_diff_url":695,"vulnerabilities":696,"is_current":57},"4.3.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.4.3.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F4.3.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F4.3.1&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F4.3.2",[697,698],{"id":68,"url_slug":69,"title":70,"severity":42,"cvss_score":74,"vuln_type":76,"patched_in_version":73},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":700,"download_url":701,"svn_tag_url":702,"released_at":39,"has_diff":57,"diff_files_changed":703,"diff_lines":39,"trac_diff_url":704,"vulnerabilities":705,"is_current":57},"4.3.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.4.3.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F4.3.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F4.3.0&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F4.3.1",[706,707],{"id":68,"url_slug":69,"title":70,"severity":42,"cvss_score":74,"vuln_type":76,"patched_in_version":73},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":709,"download_url":710,"svn_tag_url":711,"released_at":39,"has_diff":57,"diff_files_changed":712,"diff_lines":39,"trac_diff_url":713,"vulnerabilities":714,"is_current":57},"4.3.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.4.3.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F4.3.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F4.2.5&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F4.3.0",[715,716],{"id":68,"url_slug":69,"title":70,"severity":42,"cvss_score":74,"vuln_type":76,"patched_in_version":73},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":718,"download_url":719,"svn_tag_url":720,"released_at":39,"has_diff":57,"diff_files_changed":721,"diff_lines":39,"trac_diff_url":722,"vulnerabilities":723,"is_current":57},"4.2.5","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.4.2.5.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F4.2.5\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F4.2.4&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F4.2.5",[724,725],{"id":68,"url_slug":69,"title":70,"severity":42,"cvss_score":74,"vuln_type":76,"patched_in_version":73},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":727,"download_url":728,"svn_tag_url":729,"released_at":39,"has_diff":57,"diff_files_changed":730,"diff_lines":39,"trac_diff_url":731,"vulnerabilities":732,"is_current":57},"4.2.4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.4.2.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F4.2.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F4.2.3&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F4.2.4",[733,734],{"id":68,"url_slug":69,"title":70,"severity":42,"cvss_score":74,"vuln_type":76,"patched_in_version":73},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":736,"download_url":737,"svn_tag_url":738,"released_at":39,"has_diff":57,"diff_files_changed":739,"diff_lines":39,"trac_diff_url":740,"vulnerabilities":741,"is_current":57},"4.2.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.4.2.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F4.2.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F4.2.2&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F4.2.3",[742,743],{"id":68,"url_slug":69,"title":70,"severity":42,"cvss_score":74,"vuln_type":76,"patched_in_version":73},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":745,"download_url":746,"svn_tag_url":747,"released_at":39,"has_diff":57,"diff_files_changed":748,"diff_lines":39,"trac_diff_url":749,"vulnerabilities":750,"is_current":57},"4.2.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.4.2.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F4.2.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F4.2.1&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F4.2.2",[751,752],{"id":68,"url_slug":69,"title":70,"severity":42,"cvss_score":74,"vuln_type":76,"patched_in_version":73},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":754,"download_url":755,"svn_tag_url":756,"released_at":39,"has_diff":57,"diff_files_changed":757,"diff_lines":39,"trac_diff_url":758,"vulnerabilities":759,"is_current":57},"4.2.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.4.2.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F4.2.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F4.2.0&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F4.2.1",[760,761],{"id":68,"url_slug":69,"title":70,"severity":42,"cvss_score":74,"vuln_type":76,"patched_in_version":73},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":763,"download_url":764,"svn_tag_url":765,"released_at":39,"has_diff":57,"diff_files_changed":766,"diff_lines":39,"trac_diff_url":767,"vulnerabilities":768,"is_current":57},"4.2.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.4.2.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F4.2.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F4.1.2&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F4.2.0",[769,770],{"id":68,"url_slug":69,"title":70,"severity":42,"cvss_score":74,"vuln_type":76,"patched_in_version":73},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":772,"download_url":773,"svn_tag_url":774,"released_at":39,"has_diff":57,"diff_files_changed":775,"diff_lines":39,"trac_diff_url":776,"vulnerabilities":777,"is_current":57},"4.1.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.4.1.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F4.1.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F4.1.1&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F4.1.2",[778,779],{"id":68,"url_slug":69,"title":70,"severity":42,"cvss_score":74,"vuln_type":76,"patched_in_version":73},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":781,"download_url":782,"svn_tag_url":783,"released_at":39,"has_diff":57,"diff_files_changed":784,"diff_lines":39,"trac_diff_url":785,"vulnerabilities":786,"is_current":57},"4.1.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.4.1.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F4.1.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F4.1.0&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F4.1.1",[787,788],{"id":68,"url_slug":69,"title":70,"severity":42,"cvss_score":74,"vuln_type":76,"patched_in_version":73},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":790,"download_url":791,"svn_tag_url":792,"released_at":39,"has_diff":57,"diff_files_changed":793,"diff_lines":39,"trac_diff_url":794,"vulnerabilities":795,"is_current":57},"4.1.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.4.1.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F4.1.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F3.2.2&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F4.1.0",[796,797],{"id":68,"url_slug":69,"title":70,"severity":42,"cvss_score":74,"vuln_type":76,"patched_in_version":73},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":799,"download_url":800,"svn_tag_url":801,"released_at":39,"has_diff":57,"diff_files_changed":802,"diff_lines":39,"trac_diff_url":803,"vulnerabilities":804,"is_current":57},"3.2.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.3.2.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F3.2.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F3.2.1&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F3.2.2",[805,806],{"id":68,"url_slug":69,"title":70,"severity":42,"cvss_score":74,"vuln_type":76,"patched_in_version":73},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":808,"download_url":809,"svn_tag_url":810,"released_at":39,"has_diff":57,"diff_files_changed":811,"diff_lines":39,"trac_diff_url":812,"vulnerabilities":813,"is_current":57},"3.2.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.3.2.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F3.2.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F3.2.0&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F3.2.1",[814,815],{"id":68,"url_slug":69,"title":70,"severity":42,"cvss_score":74,"vuln_type":76,"patched_in_version":73},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":817,"download_url":818,"svn_tag_url":819,"released_at":39,"has_diff":57,"diff_files_changed":820,"diff_lines":39,"trac_diff_url":821,"vulnerabilities":822,"is_current":57},"3.2.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.3.2.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F3.2.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F3.1.2&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F3.2.0",[823,824],{"id":68,"url_slug":69,"title":70,"severity":42,"cvss_score":74,"vuln_type":76,"patched_in_version":73},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":826,"download_url":827,"svn_tag_url":828,"released_at":39,"has_diff":57,"diff_files_changed":829,"diff_lines":39,"trac_diff_url":830,"vulnerabilities":831,"is_current":57},"3.1.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.3.1.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F3.1.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F3.1.1&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F3.1.2",[832,833],{"id":68,"url_slug":69,"title":70,"severity":42,"cvss_score":74,"vuln_type":76,"patched_in_version":73},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":835,"download_url":836,"svn_tag_url":837,"released_at":39,"has_diff":57,"diff_files_changed":838,"diff_lines":39,"trac_diff_url":839,"vulnerabilities":840,"is_current":57},"3.1.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.3.1.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F3.1.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F3.1.0&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F3.1.1",[841,842],{"id":68,"url_slug":69,"title":70,"severity":42,"cvss_score":74,"vuln_type":76,"patched_in_version":73},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":844,"download_url":845,"svn_tag_url":846,"released_at":39,"has_diff":57,"diff_files_changed":847,"diff_lines":39,"trac_diff_url":848,"vulnerabilities":849,"is_current":57},"3.1.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.3.1.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F3.1.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Falma-gateway-for-woocommerce%2Ftags%2F3.0.0&new_path=%2Falma-gateway-for-woocommerce%2Ftags%2F3.1.0",[850,851],{"id":68,"url_slug":69,"title":70,"severity":42,"cvss_score":74,"vuln_type":76,"patched_in_version":73},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":853,"download_url":854,"svn_tag_url":855,"released_at":39,"has_diff":57,"diff_files_changed":856,"diff_lines":39,"trac_diff_url":39,"vulnerabilities":857,"is_current":57},"3.0.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falma-gateway-for-woocommerce.3.0.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Falma-gateway-for-woocommerce\u002Ftags\u002F3.0.0\u002F",[],[858,859],{"id":68,"url_slug":69,"title":70,"severity":42,"cvss_score":74,"vuln_type":76,"patched_in_version":73},{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41}]