[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fHRDAiG4xSzO1y0WKcQ4Y-tdM0yaTgGf96qzQyShQup4":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":13,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":47,"crawl_stats":36,"alternatives":53,"analysis":154,"fingerprints":795},"arca-payment-gateway","Planet Studio Payment Gateway for ArCa","1.5.2","Planet Studio","https:\u002F\u002Fprofiles.wordpress.org\u002Fplanetstudio\u002F","\u003Cp>Accept payments from local & international customers to Armenian banks & Idram via ArCa paycenter for WooCommerce & GiveWP donation plugin.\u003C\u002Fp>\n\u003Ch3>Payment gateway works for\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>ACBA-Credit Agricole Bank\u003C\u002Fli>\n\u003Cli>Araratbank\u003C\u002Fli>\n\u003Cli>Armeconombank\u003C\u002Fli>\n\u003Cli>Ameriabank\u003C\u002Fli>\n\u003Cli>Ardshinbank\u003C\u002Fli>\n\u003Cli>Armbusinessbank\u003C\u002Fli>\n\u003Cli>Byblos Bank Armenia\u003C\u002Fli>\n\u003Cli>Evocabank\u003C\u002Fli>\n\u003Cli>IDBank\u003C\u002Fli>\n\u003Cli>Inecobank\u003C\u002Fli>\n\u003Cli>Armswiss Bank\u003C\u002Fli>\n\u003Cli>Converse Bank\u003C\u002Fli>\n\u003Cli>Idram payment system\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Payment gateway Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Test mode so you can test without activating live payments.\u003C\u002Fli>\n\u003Cli>Easy to use – just need to add a username, a password that the bank will provide you, and your website ready to receive payment.\u003C\u002Fli>\n\u003Cli>WooCommerce integration\u003C\u002Fli>\n\u003Cli>GiveWP donation Plugin integration\u003C\u002Fli>\n\u003Cli>TATIOSA hotel booking management platform integration\u003C\u002Fli>\n\u003Cli>Accepts Credit cards\u002FDebit cards.\u003C\u002Fli>\n\u003Cli>Route payments in different currencies\u003C\u002Fli>\n\u003Cli>Supports 3D Secure\u003C\u002Fli>\n\u003Cli>Checkout form shortcode\u003C\u002Fli>\n\u003Cli>Payment button shortcode\u003C\u002Fli>\n\u003Cli>Available order logs\u003C\u002Fli>\n\u003Cli>Available error logs\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>PREMIUM VERSION FEATURES\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Production mode – Free version support only test mode\u003C\u002Fli>\n\u003Cli>Timely compatibility updates and bug fixes.\u003C\u002Fli>\n\u003Cli>Premium support!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>This plugin connects to various banking APIs, payment systems, and booking management platforms to process payments. The integration with these external services ensures secure and efficient transactions.\u003Cbr \u002F>\nSupported Payment Systems and Banks\u003C\u002Fp>\n\u003Cp>ArCa System Banks\u003Cbr \u002F>\nProduction: ipay.arca.am\u003Cbr \u002F>\nTesting: ipaytest.arca.am\u003C\u002Fp>\n\u003Cp>Ameriabank\u003Cbr \u002F>\nProduction: services.ameriabank.am\u003Cbr \u002F>\nTesting: servicestest.ameriabank.am\u003C\u002Fp>\n\u003Cp>Inecobank\u003Cbr \u002F>\nProduction: pg.inecoecom.am\u003C\u002Fp>\n\u003Cp>Idram\u003Cbr \u002F>\nProduction: banking.idram.am\u003C\u002Fp>\n\u003Cp>Booking Management Platform\u003C\u002Fp>\n\u003Cp>TATIOSA\u003Cbr \u002F>\nCustom Payment Gateway API: tatiosa.net\u003C\u002Fp>\n\u003Cp>Each of these services plays a crucial role in handling payments securely and efficiently. Ensure that you have the necessary credentials and permissions to use these APIs before integrating them into your system.\u003C\u002Fp>\n","Accept payments from local & international customers to Armenian banks & Idram via ArCa paycenter for WooCommerce & GiveWP donation plugin.",100,5880,0,"2025-08-06T07:28:00.000Z","6.8.5","5.4","7.4",[19,20,21,22,23],"arca","armenian-banks","idram-payment-system","online-payment","payment-gateway","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Farca-payment-gateway.1.5.2.zip",99,1,"2024-11-28 00:00:00","2026-03-15T15:16:48.613Z",[31],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":38,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":28,"updated_date":43,"references":44,"days_to_patch":46},"CVE-2024-53759","arca-payment-gateway-cross-site-request-forgery-to-stored-cross-site-scripting","ArCa Payment Gateway \u003C= 1.3.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting","The ArCa Payment Gateway plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.1. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",null,"\u003C=1.3.1","1.3.4","medium",5.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:L\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2024-12-12 22:43:55",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F6ec069ef-7b53-47b5-93bc-92cfc2d62c88?source=api-prod",15,{"slug":48,"display_name":7,"profile_url":8,"plugin_count":49,"total_installs":50,"avg_security_score":11,"avg_patch_time_days":46,"trust_score":51,"computed_at":52},"planetstudio",2,170,94,"2026-04-04T17:44:05.489Z",[54,76,97,119,135],{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":62,"downloaded":63,"rating":64,"num_ratings":65,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":17,"tags":69,"homepage":73,"download_link":74,"security_score":26,"vuln_count":27,"unpatched_count":13,"last_vuln_date":75,"fetched_at":29},"woo-payment-gateway-paysera","Paysera Payment Gateway for WooCommerce","3.11.1","paysera","https:\u002F\u002Fprofiles.wordpress.org\u002Fpaysera\u002F","\u003Ch4>Paysera payments + delivery\u003C\u002Fh4>\n\u003Cp>With this one plugin you will receive everything your e-shop needs in one place – payment gateway to accept online payments and delivery options via all popular couriers displayed on your website.\u003C\u002Fp>\n\u003Cp>In order to receive full benefits of both Paysera Payment and Delivery plugins, please use the outlined links to access our detailed how-to instructions.\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>Paysera Payments\u003Cbr \u002F>\nThis service included in the plugin enables you to accept online payments via cards, SMS, or the most popular banks in your country. It is used by thousands of online merchants across Europe, and is easy to integrate and manage.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.paysera.com\u002Fv2\u002Fen\u002Fpayment-gateway-checkout\" rel=\"nofollow ugc\">Read more about Paysera Checkout >\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fdevelopers.paysera.com\u002Fen\u002Fcheckout\u002Fbasic\" rel=\"nofollow ugc\">Instructions >\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Paysera Delivery\u003Cbr \u002F>\nThis service, that is also included in this plugin displays different delivery companies that your buyers can choose from when ordering your products. No need to sign separate agreements with couriers or overcome several different integrations – we have done it for you. Enjoy low delivery prices and quick support when needed.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.paysera.com\u002Fv2\u002Fen\u002Fcheckout-delivery-service\" rel=\"nofollow ugc\">Read more about Paysera Delivery >\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fdevelopers.paysera.com\u002Fen\u002Fdelivery\u002F\" rel=\"nofollow ugc\">Instructions >\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Features and benefits\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>One plugin for integration of different payment methods: cards, SMS, online banking, more.\u003C\u002Fli>\n\u003Cli>One plugin for integration of different courier services: Omniva, Venipak, LP Express, and others.\u003C\u002Fli>\n\u003Cli>Integration takes up to 5 min (if you are already a Paysera client).\u003C\u002Fli>\n\u003Cli>One agreement for all the couriers and all banks.\u003C\u002Fli>\n\u003Cli>Easy to manage: turn couriers and payment methods ON and OFF as you like.\u003C\u002Fli>\n\u003Cli>Everything in one place – Paysera system: see all the deliveries by different couriers, receive payments via different banks and payment methods in the same system.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Logging\u003C\u002Fh4>\n\u003Cp>To keep track of the plugin’s errors, default log level for payment and delivery is set to ‘Error’.\u003Cbr \u002F>\nThe logs can be viewed and downloaded from the plugin ‘Extra Settings’ page. To download the zip, php zip extension is required.\u003Cbr \u002F>\nLog files can be deleted from the ‘WooCommerce -> Status -> Logs’ page. Available logging levels are:\u003Cbr \u002F>\n – None: it disables logging and no logs are saved.\u003Cbr \u002F>\n – Error: only plugin errors are saved.\u003Cbr \u002F>\n – Info: plugin errors and related debug information are saved.\u003C\u002Fp>\n\u003Ch4>Fees\u003C\u002Fh4>\n\u003Cp>For information regarding Paysera fees please visit:\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.paysera.com\u002Fv2\u002Fen\u002Ffees\u002Fcheckout-delivery\" rel=\"nofollow ugc\">Paysera Delivery fees >\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.paysera.com\u002Fv2\u002Fen\u002Ffees\u002Fpayment-gateway-fees\" rel=\"nofollow ugc\">Paysera Checkout fees >\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>Paysera Client Support in English is available 24\u002F7!\u003Cbr \u002F>\n+44 20 80996963\u003Cbr \u002F>\nsupport@paysera.com\u003C\u002Fp>\n\u003Cp>During working hours support is available in 12 languages.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.paysera.lt\u002Fv2\u002Fen\u002Fcontacts\" rel=\"nofollow ugc\">Contact us >\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>For the latest news about the Paysera services – follow us on \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fpaysera.international\u002F\" rel=\"nofollow ugc\">Facebook\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fpaysera\" rel=\"nofollow ugc\">Twitter\u003C\u002Fa>.\u003Cbr \u002F>\nGet notifications about our operational status – subscribe to our \u003Ca href=\"https:\u002F\u002Fpaysera.freshstatus.io\u002F\" rel=\"nofollow ugc\">status page\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>About Paysera\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.paysera.com\u002Fv2\u002Fen\u002Fpaysera-account\" rel=\"nofollow ugc\">Paysera\u003C\u002Fa> is a global fintech company providing financial and related services to clients from all over the world since 2004.\u003C\u002Fp>\n\u003Cp>Explore other Paysera services:\u003Cbr \u002F>\n – \u003Ca href=\"https:\u002F\u002Fwww.paysera.com\u002Fv2\u002Fen\u002Ffees\u002Fcurrency-conversion-calculator#\u002F\" rel=\"nofollow ugc\">currency exchange\u003C\u002Fa> at competitive rates;\u003Cbr \u002F>\n – instant euro and cheap \u003Ca href=\"https:\u002F\u002Fwww.paysera.com\u002Fv2\u002Fen-GB\u002Finternational-transfers\" rel=\"nofollow ugc\">international transfers\u003C\u002Fa>;\u003Cbr \u002F>\n – LT, BG, and RO \u003Ca href=\"https:\u002F\u002Fwww.paysera.com\u002Fv2\u002Fen\u002Fblog\u002Fiban-account\" rel=\"nofollow ugc\">IBANs\u003C\u002Fa> for business and private clients;\u003Cbr \u002F>\n – \u003Ca href=\"https:\u002F\u002Fwww.paysera.com\u002Fv2\u002Fen\u002Fpayment-card-visa\" rel=\"nofollow ugc\">visa cards\u003C\u002Fa> that are compatible with \u003Ca href=\"https:\u002F\u002Fwww.paysera.com\u002Fv2\u002Fen\u002Fblog\u002Fgooglepay-samsungpay\" rel=\"nofollow ugc\">Google Play\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwww.paysera.com\u002Fv2\u002Fen\u002Fapple-pay\" rel=\"nofollow ugc\">Apple Pay\u003C\u002Fa>, and so much more.\u003C\u002Fp>\n\u003Cp>All the main services can be easily managed via the \u003Ca href=\"https:\u002F\u002Fwww.paysera.com\u002Fv2\u002Fen-GB\u002Fmobile-application\" rel=\"nofollow ugc\">Paysera mobile app\u003C\u002Fa>, which is available to download from the \u003Ca href=\"https:\u002F\u002Fapps.apple.com\u002Fus\u002Fapp\u002Fpaysera-mobile-wallet\u002Fid737308884\" rel=\"nofollow ugc\">App Store\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplay.google.com\u002Fstore\u002Fapps\u002Fdetails?id=lt.lemonlabs.android.paysera\" rel=\"nofollow ugc\">Google Play\u003C\u002Fa>, and \u003Ca href=\"https:\u002F\u002Fappgallery.huawei.com\u002F#\u002Fapp\u002FC103007513\" rel=\"nofollow ugc\">Huawei AppGallery\u003C\u002Fa>.\u003C\u002Fp>\n","Paysera payments + delivery",7000,174507,58,16,"2026-03-02T11:36:00.000Z","6.9.4","4.0",[70,22,71,23,72],"international-payments","payment","shipping","https:\u002F\u002Fwww.paysera.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwoo-payment-gateway-paysera.3.11.1.zip","2025-12-04 00:00:00",{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":86,"num_ratings":87,"last_updated":88,"tested_up_to":15,"requires_at_least":89,"requires_php":90,"tags":91,"homepage":94,"download_link":95,"security_score":26,"vuln_count":27,"unpatched_count":13,"last_vuln_date":96,"fetched_at":29},"aba-payway-woocommerce-payment-gateway","ABA PayWay Payment Gateway for WooCommerce","2.1.8","ABA Bank","https:\u002F\u002Fprofiles.wordpress.org\u002Fabapayway\u002F","\u003Cp>PayWay is Cambodia’s leading online payment gateway provided by Advanced Bank of Asia Ltd. (ABA Bank).\u003Cbr \u002F>\nIt offers multiple way of checkout options with credit\u002Fdebit cards (Visa, Mastercard, UnionPay) and ABA PAY QR code (ABA account, VISA QR, Mastercard QR) and more to come.\u003C\u002Fp>\n\u003Cp>With this plugin you can easily integrate your website with PayWay just in a few clicks.\u003C\u002Fp>\n\u003Ch4>PayWay’s Feature\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Payment Options: PayWay accepted ABA account to account payment, Visa card, Master card, and UPI.\u003Cbr \u002F>\nMerchant Portals: Merchant be able to see all payment transaction which has been made from their customer and it’s detail, doing refund, customer management & invoicing tool, managing user and role, audit trail.\u003C\u002Fli>\n\u003Cli>Invoicing tool: PayWay provide invoicing tool which is available in through the merchant portal. Merchant could manage their customer information and managing invoice information.\u003Cbr \u002F>\nThe invoicing tool is suitable for business to business and also business to individual customer.\u003Cbr \u002F>\nMerchant quickly create an invoice, send the invoice thought the email or any other channel by just single click to copy the link and send to their customer.\u003C\u002Fli>\n\u003Cli>User & Role: Merchant could manage the access level of each user so that they are restricted to perform only the action that they are allow.\u003C\u002Fli>\n\u003Cli>Audit trail: every actions that user perform in the system are tracked properly so merchant can always see know who made change in the system.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>What you can do with this plugin?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Enable\u002Fdisable payment options.\u003C\u002Fli>\n\u003Cli>Switching between staging environment and production environment.\u003C\u002Fli>\n\u003Cli>Payment logo size configuration to make sure it’s will fit your website.\u003C\u002Fli>\n\u003Cli>The plugin will appear on the checkout page.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Why ABA PayWay Payment Gateway for WooCommerce?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Is plugin is officially developed by Advanced Bank of Asia, which mean you will be the first who get an update once the gateway has new features.\u003C\u002Fli>\n\u003Cli>Saving time of integration. Rapidly put your produce\u002Fservice on sales within few click.\u003C\u002Fli>\n\u003Cli>Saving cost. You don’t have to hire technical people to do the integration. With this plugin, you con just filling few fields, activate and ready to go.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>A brief Markdown Example\u003C\u002Fh3>\n\u003Cp>Payment options:\u003C\u002Fp>\n\u003Col>\n\u003Cli>ABA PAY\u003C\u002Fli>\n\u003Cli>Mastercard\u002FVisa\u002FUnionPay\u003C\u002Fli>\n\u003Cli>KHQR\u003C\u002Fli>\n\u003Cli>Alipay\u003C\u002Fli>\n\u003Cli>WeChat\u003C\u002Fli>\n\u003C\u002Fol>\n","PayWay is Cambodia's leading online payment gateway provided by Advanced Bank of Asia Ltd. (ABA Bank). It offers multiple way of checkout options &hellip;",200,16747,26,3,"2025-12-03T08:34:00.000Z","6.1","8.0",[92,93],"e-commerce","online-payment-gateway","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Faba-payway-woocommerce-payment-gateway\u002F#description","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Faba-payway-woocommerce-payment-gateway.zip","2025-04-09 00:00:00",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":84,"downloaded":105,"rating":106,"num_ratings":107,"last_updated":108,"tested_up_to":109,"requires_at_least":110,"requires_php":17,"tags":111,"homepage":116,"download_link":117,"security_score":118,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":29},"bykea-cash-online-payments","Bykea.Cash – Online Payments","3.2","dizyn","https:\u002F\u002Fprofiles.wordpress.org\u002Fdizyn\u002F","\u003Cp>The Bykea Cash plugin is a universal payment collection method for the Pakistani market which is extremely easy to install on any WordPress WooCommerce website.\u003C\u002Fp>\n\u003Cp>Using Bykea Cash plugin, you can accept payments securely for the products you are selling online without compromising the security requirements and without causing your theme to suffer. Give your customers their preferred ways to pay with one simple payment integration!\u003C\u002Fp>\n\u003Cp>Using this latest Bykea Cash extension, any WooCommerce shop can start accepting cash and digital payments in Pakistan immediately using these two options:\u003Cbr \u002F>\n1. Cash Pickups on Doorstep\u003Cbr \u002F>\n2. Credit\u002FDebit Card (Visa\u002FMasterCard)\u003C\u002Fp>\n\u003Cp>We will soon introduce the following payment collection methods:\u003Cbr \u002F>\n1. UnionPay debit cards (Coming Soon)\u003Cbr \u002F>\n2. PayPak debit cards (Coming Soon)\u003Cbr \u002F>\n3. Easypaisa Wallet (Coming Soon)\u003Cbr \u002F>\n4. Easypaisa OTC (Coming Soon)\u003Cbr \u002F>\n5. JazzCash Wallet (Coming Soon)\u003Cbr \u002F>\n6. JazzCash OTC (Coming Soon)\u003Cbr \u002F>\n7. Bank transfer for the following banks (Coming Soon)\u003Cbr \u002F>\n    7.1 Allied Bank Limited – ABL\u003Cbr \u002F>\n    7.2 Habib Bank Ltd – HBL\u003Cbr \u002F>\n    7.3 Bank Alfalah Limited\u003Cbr \u002F>\n    7.4 United Bank Limited – UBL\u003Cbr \u002F>\n    7.5 Standard Chartered Bank – SCB\u003Cbr \u002F>\n    7.6 JS Bank\u003Cbr \u002F>\n    7.7 Muslim Commercial Bank Limited – MCB\u003Cbr \u002F>\n    7.8 Meezan Bank limited\u003Cbr \u002F>\n    7.9 Askari Commercial Bank Limited\u003Cbr \u002F>\n    7.10 Faysal Bank Limited\u003Cbr \u002F>\n    7.11 Bank Al Habib Limited\u003Cbr \u002F>\n    7.12 Habib Metropolitan Bank Limited\u003Cbr \u002F>\n    7.13 Al Baraka Islamic Bank Limited\u003Cbr \u002F>\n    7.14 Bank Islami Pakistan Limited\u003Cbr \u002F>\n    7.15 Bank of Punjab\u003Cbr \u002F>\n    7.16 Dubai islamic Bank Pakistan Limited\u003Cbr \u002F>\n    7.17 First Women Bank\u003Cbr \u002F>\n    7.18 ICBC\u003Cbr \u002F>\n    7.19 MCB Islamic\u003Cbr \u002F>\n    7.20 National Bank of Pakistan – NBP\u003Cbr \u002F>\n    7.21 Samba Bank\u003Cbr \u002F>\n    7.22 Silk Bank\u003Cbr \u002F>\n    7.23 Sindh Bank\u003Cbr \u002F>\n    7.24 Soneri Bank Limited\u003Cbr \u002F>\n    7.25 Summit Bank\u003Cbr \u002F>\n    7.26 SadaPay\u003Cbr \u002F>\n    7.27 Apna Microfinance Bank\u003Cbr \u002F>\n    7.28 Finca Microfinance Bank\u003Cbr \u002F>\n    7.29 NRSP Microfinance Bank\u003Cbr \u002F>\n    7.30 Upaisa \u002F Ubank\u003Cbr \u002F>\n8. NIFT Payment Gateway (Coming Soon)\u003Cbr \u002F>\n9. Avanza APPS payment gateway (Coming Soon)\u003Cbr \u002F>\n10. HBL Konnect (Coming Soon)\u003Cbr \u002F>\n11. HBL Pay (Coming Soon)\u003Cbr \u002F>\n12. Direct operator billing\u003Cbr \u002F>\n    12.1 Jazz \u002F Warid – Mobilink\u003Cbr \u002F>\n    12.2 Telenor\u003Cbr \u002F>\n    12.3 Zong\u003Cbr \u002F>\n    12.4 Ufone\u003C\u002Fp>\n","The Bykea Cash plugin allows you to collect payments on your WordPress WooCommerce website instantly using Credit\u002FDebit Cards (VISA, MasterCard, PayPa &hellip;",16265,60,4,"2022-08-04T08:05:00.000Z","6.0.11","5.2",[112,113,114,23,115],"bykea-cash","cash-pickup","online-payments-visa-mastercard","payments","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbykea-cash-online-payments","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbykea-cash-online-payments.3.2.zip",85,{"slug":120,"name":121,"version":122,"author":123,"author_profile":124,"description":125,"short_description":126,"active_installs":84,"downloaded":127,"rating":11,"num_ratings":49,"last_updated":128,"tested_up_to":15,"requires_at_least":129,"requires_php":17,"tags":130,"homepage":133,"download_link":134,"security_score":11,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":29},"modenapaymentgateway","Modena Payment Gateway","4.0.0","René Oruman","https:\u002F\u002Fprofiles.wordpress.org\u002Frenemodena\u002F","\u003Cp>Modena is a full checkout solution for all of your e-commerce needs. We cover all popular payment methods. Modena can help you get started with everything you need to start your online store checkout in Estonia. Let us know your needs by phone +372 6604144 or mail us at info@modena.ee.\u003C\u002Fp>\n\u003Ch3>BANK LINKS AND CARD PAYMENTS\u003C\u002Fh3>\n\u003Cp>We help you cover all major banks in Estonia to collect your payments. All transactions are immediate. In addition we can provide your e-commerce site with card payments.\u003C\u002Fp>\n\u003Ch3>FINANCING\u003C\u002Fh3>\n\u003Cp>Modena offers a broad range of credit products to a wide variety of your target audience. We offer you an option accept business or personal credit offers for your product. We help you to make more business by making your products more available to a wider audience.\u003C\u002Fp>\n\u003Ch3>SPLIT PAYMENTS – BUY NOW AND PAY LATER\u003C\u002Fh3>\n\u003Cp>Your customers have the ability to pay for your services in 3 or less parts, making your services accessible to more clients.\u003C\u002Fp>\n\u003Ch3>HOW TO GET STARTED\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Let us know if you want to sign up. Visit https:\u002F\u002Fmodena.ee.\u003C\u002Fli>\n\u003Cli>Verify your identity.\u003C\u002Fli>\n\u003Cli>Set up the plugin and start receiving payments.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>More information about Modena products can be found on our website \u003Ca href=\"https:\u002F\u002Fwww.modena.ee\" rel=\"nofollow ugc\">website\u003C\u002Fa>\u003Cbr \u002F>\nAny questions? Just send us an email at info@modena.ee.\u003C\u002Fp>\n","Modena is a full checkout solution for all of your e-commerce needs. We cover all popular payment methods. Modena can help you get started with everyt &hellip;",4617,"2025-11-24T09:54:00.000Z","4.7",[22,71,23,131,132],"payment_gateway","woocommerce","https:\u002F\u002Fdeveloper.modena.ee\u002Fen\u002Fdeveloper-integration-woocommerce","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmodenapaymentgateway.4.0.0.zip",{"slug":136,"name":137,"version":138,"author":139,"author_profile":140,"description":141,"short_description":142,"active_installs":11,"downloaded":143,"rating":13,"num_ratings":13,"last_updated":144,"tested_up_to":24,"requires_at_least":145,"requires_php":146,"tags":147,"homepage":151,"download_link":152,"security_score":153,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":29},"feexpay","FeexPay","1.0.8","Feexpay","https:\u002F\u002Fprofiles.wordpress.org\u002Flavedettemedia\u002F","\u003Cp>A secure plugin to accept Mobile Money and Credit Card payments.\u003C\u002Fp>\n\u003Cp>FeexPay is a plugin designed for Woocommerce that allows you to accept mobile money or credit card payments on your various websites.\u003C\u002Fp>\n\u003Cp>As an advantage, this plugin is very easy to use, intuitive and above all requires no integration costs.\u003C\u002Fp>\n\u003Cp>Using FeexPay is choosing a fast, secure and reliable way to collect online payments.\u003C\u002Fp>\n","A secure plugin to accept Mobile Money and Credit Card payments.",3063,"2024-10-25T14:29:00.000Z","4.4","5.6",[148,149,150,22,23],"credit-card","digital-payment","mobile-money","https:\u002F\u002Fgithub.com\u002FLa-Vedette-Media\u002Ffeexpay-woocommerce","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffeexpay.1.0.8.zip",92,{"attackSurface":155,"codeSignals":324,"taintFlows":468,"riskAssessment":783,"analyzedAt":794},{"hooks":156,"ajaxHandlers":296,"restRoutes":305,"shortcodes":306,"cronEvents":323,"entryPointCount":314,"unprotectedCount":49},[157,164,167,173,177,181,184,189,192,196,200,205,209,213,216,220,224,229,233,237,241,245,248,251,255,259,263,267,269,273,277,280,284,288,292],{"type":158,"name":159,"callback":160,"priority":161,"file":162,"line":163},"action","init","arca_pg_init",500,"arca-payment-gateway.php",34,{"type":158,"name":159,"callback":165,"file":162,"line":166},"closure",127,{"type":168,"name":169,"callback":170,"priority":171,"file":162,"line":172},"filter","plugin_action_links","apg_plugin_action_links",10,134,{"type":168,"name":174,"callback":175,"priority":171,"file":162,"line":176},"plugin_row_meta","apg_plugin_row_meta",148,{"type":168,"name":178,"callback":179,"file":162,"line":180},"woocommerce_payment_gateways","wc_apg_add_to_gateways",160,{"type":168,"name":178,"callback":182,"file":162,"line":183},"wc_apg_add_to_gateways_idram",167,{"type":158,"name":185,"callback":186,"priority":187,"file":162,"line":188},"plugins_loaded","wc_apg_gateway_init",550,174,{"type":158,"name":185,"callback":190,"priority":187,"file":162,"line":191},"give_wp_apg_gateway_init",191,{"type":158,"name":193,"callback":194,"file":162,"line":195},"admin_footer","apg_deactivate_popup",220,{"type":158,"name":197,"callback":198,"file":162,"line":199},"give_init","give_remove_fieldsets",236,{"type":158,"name":201,"callback":202,"file":203,"line":204},"woocommerce_api_idram_result","apg_wc_api_idram_result","endpoints\\apg-idram.php",12,{"type":158,"name":206,"callback":207,"file":203,"line":208},"woocommerce_api_idram_complete","apg_wc_api_idram_complete",13,{"type":158,"name":210,"callback":211,"file":203,"line":212},"woocommerce_api_idram_fail","apg_wc_api_idram_fail",14,{"type":168,"name":214,"callback":165,"file":203,"line":215},"request",17,{"type":158,"name":217,"callback":218,"file":219,"line":107},"admin_menu","arca_pg_add_plugin_admin_menu","includes\\apg-admin-menu.php",{"type":158,"name":221,"callback":222,"file":223,"line":107},"wp_dashboard_setup","add_apg_dashboard_widgets","includes\\apg-dashboard-widgets.php",{"type":168,"name":225,"callback":226,"file":227,"line":228},"give_payment_gateways","insta_for_give_register_payment_method_idram","includes\\apg-give-wp-idram.php",23,{"type":168,"name":230,"callback":231,"file":227,"line":232},"give_get_sections_gateways","insta_for_give_register_payment_gateway_sections_idram",35,{"type":168,"name":234,"callback":235,"file":227,"line":236},"give_get_settings_gateways","insta_for_give_register_payment_gateway_setting_fields_idram",73,{"type":158,"name":238,"callback":239,"file":227,"line":240},"give_gateway_apg_gatewey_idram","insta_for_give_process_apg_gatewey_donation_idram",141,{"type":168,"name":225,"callback":242,"file":243,"line":244},"insta_for_give_register_payment_method","includes\\apg-give-wp.php",21,{"type":168,"name":230,"callback":246,"file":243,"line":247},"insta_for_give_register_payment_gateway_sections",33,{"type":168,"name":234,"callback":249,"file":243,"line":250},"insta_for_give_register_payment_gateway_setting_fields",71,{"type":158,"name":252,"callback":253,"file":243,"line":254},"give_gateway_apg_gatewey","insta_for_give_process_apg_gatewey_donation",139,{"type":158,"name":256,"callback":257,"file":258,"line":107},"admin_enqueue_scripts","arca_pg_register_admin_scripts_style","includes\\apg-register-scripts-styles.php",{"type":158,"name":260,"callback":261,"file":258,"line":262},"wp_enqueue_scripts","arca_pg_register_front_scripts_style",20,{"type":168,"name":264,"callback":265,"priority":171,"file":266,"line":107},"display_post_states","arca_pg_ecs_add_post_state","includes\\apg-set-post-states.php",{"type":168,"name":264,"callback":268,"priority":171,"file":266,"line":65},"arca_pg_ecs_add_post_state2",{"type":168,"name":270,"callback":271,"priority":171,"file":272,"line":107},"woocommerce_gateway_icon","custom_payment_gateway_icons","includes\\apg-wc-gateways_icons.php",{"type":158,"name":274,"callback":165,"file":275,"line":276},"woocommerce_blocks_payment_method_type_registration","includes\\apg-wc-idram.php",55,{"type":158,"name":274,"callback":165,"file":278,"line":279},"includes\\apg-wc.php",98,{"type":168,"name":281,"callback":282,"file":278,"line":283},"manage_edit-shop_order_columns","arca_pg_add_order_column_wc_orders",111,{"type":158,"name":285,"callback":286,"priority":171,"file":278,"line":287},"manage_shop_order_posts_custom_column","arca_pg_render_order_column_wc_orders",118,{"type":158,"name":289,"callback":290,"file":278,"line":291},"restrict_manage_posts","apg_filter_orders_by_payment_method",149,{"type":168,"name":293,"callback":294,"file":278,"line":295},"woocommerce_order_query_args","apg_filter_orders_query_by_payment_method",176,[297,302],{"action":298,"nopriv":299,"callback":300,"hasNonce":299,"hasCapCheck":299,"file":301,"line":107},"arca_pg_popup",false,"arca_pg_iframe_popup","includes\\apg-show-popup.php",{"action":298,"nopriv":303,"callback":300,"hasNonce":299,"hasCapCheck":299,"file":301,"line":304},true,5,[],[307,311,315,319],{"tag":308,"callback":309,"file":310,"line":304},"arca-pg-form","arca_pg_form_shortcode","includes\\apg-shortcodes.php",{"tag":312,"callback":313,"file":310,"line":314},"arca-pg-button","arca_pg_button_shortcode",6,{"tag":316,"callback":317,"file":310,"line":318},"arca-pg-button-custom-amount","arca_pg_button_custom_amount_shortcode",7,{"tag":320,"callback":321,"file":310,"line":322},"arca-pg-button-idram","arca_pg_idram_shortcode",8,[],{"dangerousFunctions":325,"sqlUsage":326,"outputEscaping":460,"fileOperations":13,"externalRequests":466,"nonceChecks":27,"capabilityChecks":13,"bundledLibraries":467},[],{"prepared":327,"raw":328,"locations":329},300,64,[330,332,334,338,341,344,348,351,353,355,357,358,359,362,363,365,367,369,372,374,377,379,381,382,384,386,387,388,390,391,393,395,397,399,401,403,405,407,409,411,412,414,416,418,420,422,424,426,428,430,432,434,436,438,440,442,444,446,448,450,452,454,456,458],{"file":162,"line":64,"context":331},"$wpdb->get_row() with variable interpolation",{"file":333,"line":26,"context":331},"includes\\apg-checkout-form.php",{"file":335,"line":336,"context":337},"includes\\apg-config.php",378,"$wpdb->get_results() with variable interpolation",{"file":339,"line":340,"context":337},"includes\\apg-currency.php",59,{"file":342,"line":343,"context":337},"includes\\apg-dashboard.php",187,{"file":345,"line":346,"context":347},"includes\\apg-error-logs.php",28,"$wpdb->query() with variable interpolation",{"file":349,"line":350,"context":337},"includes\\apg-idram-config.php",207,{"file":352,"line":171,"context":347},"includes\\apg-orders.php",{"file":352,"line":354,"context":347},31,{"file":356,"line":318,"context":331},"includes\\apg-price-list-shortcodes.php",{"file":356,"line":106,"context":337},{"file":356,"line":236,"context":337},{"file":360,"line":361,"context":337},"includes\\apg-price-list.php",122,{"file":360,"line":254,"context":337},{"file":360,"line":364,"context":337},168,{"file":360,"line":366,"context":337},181,{"file":360,"line":368,"context":337},192,{"file":370,"line":371,"context":337},"includes\\apg-widget.php",57,{"file":373,"line":212,"context":347},"insert.php",{"file":373,"line":375,"context":376},25,"$wpdb->get_var() with variable interpolation",{"file":373,"line":378,"context":347},27,{"file":373,"line":380,"context":347},45,{"file":373,"line":26,"context":376},{"file":373,"line":383,"context":347},108,{"file":373,"line":385,"context":347},123,{"file":373,"line":254,"context":376},{"file":373,"line":240,"context":347},{"file":373,"line":389,"context":347},155,{"file":373,"line":50,"context":347},{"file":373,"line":392,"context":376},183,{"file":373,"line":394,"context":347},185,{"file":373,"line":396,"context":347},199,{"file":373,"line":398,"context":376},212,{"file":373,"line":400,"context":347},214,{"file":373,"line":402,"context":347},228,{"file":373,"line":404,"context":347},253,{"file":373,"line":406,"context":347},269,{"file":373,"line":408,"context":376},287,{"file":373,"line":410,"context":347},289,{"file":373,"line":327,"context":331},{"file":373,"line":413,"context":331},320,{"file":373,"line":415,"context":347},342,{"file":373,"line":417,"context":347},344,{"file":373,"line":419,"context":347},345,{"file":373,"line":421,"context":347},346,{"file":373,"line":423,"context":347},347,{"file":373,"line":425,"context":347},349,{"file":373,"line":427,"context":347},350,{"file":373,"line":429,"context":347},351,{"file":373,"line":431,"context":347},356,{"file":373,"line":433,"context":347},358,{"file":373,"line":435,"context":347},363,{"file":373,"line":437,"context":347},365,{"file":373,"line":439,"context":347},370,{"file":373,"line":441,"context":347},372,{"file":373,"line":443,"context":347},377,{"file":373,"line":445,"context":347},379,{"file":373,"line":447,"context":347},383,{"file":373,"line":449,"context":347},386,{"file":373,"line":451,"context":347},387,{"file":373,"line":453,"context":331},391,{"file":373,"line":455,"context":347},440,{"file":373,"line":457,"context":347},458,{"file":373,"line":459,"context":347},473,{"escaped":461,"rawEcho":27,"locations":462},453,[463],{"file":278,"line":464,"context":465},161,"raw output",18,[],[469,486,497,535,560,570,579,608,633,650,664,678,693,736,751,759,772],{"entryPoint":470,"graph":471,"unsanitizedCount":27,"severity":39},"apg_wc_api_idram_complete (endpoints\\apg-idram.php:273)",{"nodes":472,"edges":484},[473,478],{"id":474,"type":475,"label":476,"file":203,"line":477},"n0","source","$_REQUEST",309,{"id":479,"type":480,"label":481,"file":203,"line":482,"wp_function":483},"n1","sink","wp_redirect() [Open Redirect]",315,"wp_redirect",[485],{"from":474,"to":479,"sanitized":299},{"entryPoint":487,"graph":488,"unsanitizedCount":27,"severity":39},"\u003Capg-deactivate-popup> (includes\\apg-deactivate-popup.php:0)",{"nodes":489,"edges":495},[490,493],{"id":474,"type":475,"label":491,"file":492,"line":318},"$_POST","includes\\apg-deactivate-popup.php",{"id":479,"type":480,"label":481,"file":492,"line":494,"wp_function":483},30,[496],{"from":474,"to":479,"sanitized":299},{"entryPoint":498,"graph":499,"unsanitizedCount":65,"severity":534},"\u003Capg-ameria-bank> (endpoints\\apg-ameria-bank.php:0)",{"nodes":500,"edges":529},[501,504,507,509,514,518,523,527],{"id":474,"type":475,"label":502,"file":503,"line":215},"$_REQUEST (x8)","endpoints\\apg-ameria-bank.php",{"id":479,"type":480,"label":505,"file":503,"line":106,"wp_function":506},"get_var() [SQLi]","get_var",{"id":508,"type":475,"label":476,"file":503,"line":466},"n2",{"id":510,"type":480,"label":511,"file":503,"line":512,"wp_function":513},"n3","get_row() [SQLi]",103,"get_row",{"id":515,"type":475,"label":516,"file":503,"line":517},"n4","$_REQUEST (x5)",273,{"id":519,"type":480,"label":520,"file":503,"line":521,"wp_function":522},"n5","query() [SQLi]",327,"query",{"id":524,"type":475,"label":525,"file":503,"line":526},"n6","$_REQUEST (x2)",277,{"id":528,"type":480,"label":481,"file":503,"line":437,"wp_function":483},"n7",[530,531,532,533],{"from":474,"to":479,"sanitized":299},{"from":508,"to":510,"sanitized":299},{"from":515,"to":519,"sanitized":299},{"from":524,"to":528,"sanitized":299},"high",{"entryPoint":536,"graph":537,"unsanitizedCount":212,"severity":534},"\u003Capg-arca> (endpoints\\apg-arca.php:0)",{"nodes":538,"edges":555},[539,542,543,544,546,549,551,553],{"id":474,"type":475,"label":540,"file":541,"line":215},"$_REQUEST (x7)","endpoints\\apg-arca.php",{"id":479,"type":480,"label":505,"file":541,"line":64,"wp_function":506},{"id":508,"type":475,"label":476,"file":541,"line":466},{"id":510,"type":480,"label":511,"file":541,"line":545,"wp_function":513},95,{"id":515,"type":475,"label":547,"file":541,"line":548},"$_REQUEST (x4)",268,{"id":519,"type":480,"label":520,"file":541,"line":550,"wp_function":522},313,{"id":524,"type":475,"label":525,"file":541,"line":552},322,{"id":528,"type":480,"label":481,"file":541,"line":554,"wp_function":483},354,[556,557,558,559],{"from":474,"to":479,"sanitized":299},{"from":508,"to":510,"sanitized":299},{"from":515,"to":519,"sanitized":299},{"from":524,"to":528,"sanitized":299},{"entryPoint":561,"graph":562,"unsanitizedCount":107,"severity":534},"apg_wc_api_idram_result (endpoints\\apg-idram.php:26)",{"nodes":563,"edges":568},[564,566],{"id":474,"type":475,"label":547,"file":203,"line":565},49,{"id":479,"type":480,"label":520,"file":203,"line":567,"wp_function":522},52,[569],{"from":474,"to":479,"sanitized":299},{"entryPoint":571,"graph":572,"unsanitizedCount":27,"severity":534},"apg_wc_api_idram_fail (endpoints\\apg-idram.php:320)",{"nodes":573,"edges":577},[574,576],{"id":474,"type":475,"label":476,"file":203,"line":575},341,{"id":479,"type":480,"label":520,"file":203,"line":421,"wp_function":522},[578],{"from":474,"to":479,"sanitized":299},{"entryPoint":580,"graph":581,"unsanitizedCount":171,"severity":534},"\u003Capg-idram> (endpoints\\apg-idram.php:0)",{"nodes":582,"edges":602},[583,584,585,587,589,590,592,593,595,597],{"id":474,"type":475,"label":516,"file":203,"line":565},{"id":479,"type":480,"label":520,"file":203,"line":567,"wp_function":522},{"id":508,"type":475,"label":525,"file":203,"line":586},142,{"id":510,"type":480,"label":481,"file":203,"line":588,"wp_function":483},292,{"id":515,"type":475,"label":525,"file":203,"line":439},{"id":519,"type":480,"label":505,"file":203,"line":591,"wp_function":506},406,{"id":524,"type":475,"label":476,"file":203,"line":439},{"id":528,"type":480,"label":511,"file":203,"line":594,"wp_function":513},416,{"id":596,"type":475,"label":516,"file":203,"line":441},"n8",{"id":598,"type":480,"label":599,"file":203,"line":600,"wp_function":601},"n9","echo() [XSS]",486,"echo",[603,604,605,606,607],{"from":474,"to":479,"sanitized":299},{"from":508,"to":510,"sanitized":299},{"from":515,"to":519,"sanitized":299},{"from":524,"to":528,"sanitized":299},{"from":596,"to":598,"sanitized":303},{"entryPoint":609,"graph":610,"unsanitizedCount":632,"severity":534},"\u003Capg-inecobank> (endpoints\\apg-inecobank.php:0)",{"nodes":611,"edges":627},[612,614,616,617,619,622,624,626],{"id":474,"type":475,"label":516,"file":613,"line":65},"endpoints\\apg-inecobank.php",{"id":479,"type":480,"label":505,"file":613,"line":615,"wp_function":506},53,{"id":508,"type":475,"label":476,"file":613,"line":215},{"id":510,"type":480,"label":511,"file":613,"line":618,"wp_function":513},76,{"id":515,"type":475,"label":620,"file":613,"line":621},"$_REQUEST (x3)",241,{"id":519,"type":480,"label":520,"file":613,"line":623,"wp_function":522},284,{"id":524,"type":475,"label":525,"file":613,"line":625},294,{"id":528,"type":480,"label":481,"file":613,"line":521,"wp_function":483},[628,629,630,631],{"from":474,"to":479,"sanitized":299},{"from":508,"to":510,"sanitized":299},{"from":515,"to":519,"sanitized":299},{"from":524,"to":528,"sanitized":299},11,{"entryPoint":634,"graph":635,"unsanitizedCount":107,"severity":534},"\u003Cinvoice> (forms\\invoice.php:0)",{"nodes":636,"edges":646},[637,639,640,641,643,644],{"id":474,"type":475,"label":620,"file":638,"line":318},"forms\\invoice.php",{"id":479,"type":480,"label":511,"file":638,"line":204,"wp_function":513},{"id":508,"type":475,"label":547,"file":638,"line":318},{"id":510,"type":480,"label":599,"file":638,"line":642,"wp_function":601},39,{"id":515,"type":475,"label":476,"file":638,"line":318},{"id":519,"type":480,"label":520,"file":638,"line":645,"wp_function":522},74,[647,648,649],{"from":474,"to":479,"sanitized":299},{"from":508,"to":510,"sanitized":303},{"from":515,"to":519,"sanitized":299},{"entryPoint":651,"graph":652,"unsanitizedCount":87,"severity":534},"\u003Capg-checkout-form> (includes\\apg-checkout-form.php:0)",{"nodes":653,"edges":661},[654,657,658,660],{"id":474,"type":475,"label":655,"file":333,"line":656},"$_POST (x3)",42,{"id":479,"type":480,"label":520,"file":333,"line":380,"wp_function":522},{"id":508,"type":475,"label":491,"file":333,"line":659},19,{"id":510,"type":480,"label":599,"file":333,"line":254,"wp_function":601},[662,663],{"from":474,"to":479,"sanitized":299},{"from":508,"to":510,"sanitized":303},{"entryPoint":665,"graph":666,"unsanitizedCount":107,"severity":534},"\u003Capg-config> (includes\\apg-config.php:0)",{"nodes":667,"edges":675},[668,670,671,673],{"id":474,"type":475,"label":525,"file":335,"line":669},113,{"id":479,"type":480,"label":520,"file":335,"line":191,"wp_function":522},{"id":508,"type":475,"label":672,"file":335,"line":172},"$_POST (x2)",{"id":510,"type":480,"label":520,"file":335,"line":674,"wp_function":522},208,[676,677],{"from":474,"to":479,"sanitized":299},{"from":508,"to":510,"sanitized":299},{"entryPoint":679,"graph":680,"unsanitizedCount":49,"severity":534},"\u003Capg-error-logs> (includes\\apg-error-logs.php:0)",{"nodes":681,"edges":690},[682,684,685,686],{"id":474,"type":475,"label":683,"file":345,"line":171},"$_GET",{"id":479,"type":480,"label":520,"file":345,"line":466,"wp_function":522},{"id":508,"type":475,"label":683,"file":345,"line":208},{"id":510,"type":480,"label":687,"file":345,"line":688,"wp_function":689},"get_results() [SQLi]",67,"get_results",[691,692],{"from":474,"to":479,"sanitized":299},{"from":508,"to":510,"sanitized":299},{"entryPoint":694,"graph":695,"unsanitizedCount":314,"severity":534},"\u003Capg-orders> (includes\\apg-orders.php:0)",{"nodes":696,"edges":727},[697,698,699,701,703,705,707,708,710,712,715,718,721,724],{"id":474,"type":475,"label":683,"file":352,"line":65},{"id":479,"type":480,"label":520,"file":352,"line":244,"wp_function":522},{"id":508,"type":475,"label":683,"file":352,"line":700},47,{"id":510,"type":480,"label":599,"file":352,"line":702,"wp_function":601},88,{"id":515,"type":475,"label":704,"file":352,"line":208},"$_GET (x2)",{"id":519,"type":480,"label":687,"file":352,"line":706,"wp_function":689},136,{"id":524,"type":475,"label":683,"file":352,"line":208},{"id":528,"type":480,"label":599,"file":352,"line":709,"wp_function":601},240,{"id":596,"type":475,"label":683,"file":352,"line":711},40,{"id":598,"type":713,"label":714,"file":352,"line":711},"transform","→ refundPayment()",{"id":716,"type":480,"label":505,"file":717,"line":244,"wp_function":506},"n10","includes\\apg_REFUND.php",{"id":719,"type":475,"label":683,"file":352,"line":720},"n11",51,{"id":722,"type":713,"label":723,"file":352,"line":720},"n12","→ cancelPayment()",{"id":725,"type":480,"label":505,"file":717,"line":726,"wp_function":506},"n13",56,[728,729,730,731,732,733,734,735],{"from":474,"to":479,"sanitized":299},{"from":508,"to":510,"sanitized":303},{"from":515,"to":519,"sanitized":299},{"from":524,"to":528,"sanitized":299},{"from":596,"to":598,"sanitized":299},{"from":598,"to":716,"sanitized":299},{"from":719,"to":722,"sanitized":299},{"from":722,"to":725,"sanitized":299},{"entryPoint":737,"graph":738,"unsanitizedCount":87,"severity":534},"\u003Capg-price-list-shortcodes> (includes\\apg-price-list-shortcodes.php:0)",{"nodes":739,"edges":747},[740,741,742,743,744,745],{"id":474,"type":475,"label":683,"file":356,"line":204},{"id":479,"type":480,"label":511,"file":356,"line":46,"wp_function":513},{"id":508,"type":475,"label":704,"file":356,"line":204},{"id":510,"type":480,"label":599,"file":356,"line":276,"wp_function":601},{"id":515,"type":475,"label":704,"file":356,"line":204},{"id":519,"type":480,"label":599,"file":356,"line":746,"wp_function":601},93,[748,749,750],{"from":474,"to":479,"sanitized":299},{"from":508,"to":510,"sanitized":303},{"from":515,"to":519,"sanitized":299},{"entryPoint":752,"graph":753,"unsanitizedCount":27,"severity":534},"\u003Capg-price-list> (includes\\apg-price-list.php:0)",{"nodes":754,"edges":757},[755,756],{"id":474,"type":475,"label":683,"file":360,"line":171},{"id":479,"type":480,"label":520,"file":360,"line":46,"wp_function":522},[758],{"from":474,"to":479,"sanitized":299},{"entryPoint":760,"graph":761,"unsanitizedCount":107,"severity":534},"arca_pg_form_shortcode (includes\\apg-shortcodes.php:11)",{"nodes":762,"edges":769},[763,764,766,768],{"id":474,"type":475,"label":525,"file":310,"line":163},{"id":479,"type":480,"label":505,"file":310,"line":765,"wp_function":506},41,{"id":508,"type":475,"label":525,"file":310,"line":767},37,{"id":510,"type":480,"label":511,"file":310,"line":328,"wp_function":513},[770,771],{"from":474,"to":479,"sanitized":299},{"from":508,"to":510,"sanitized":299},{"entryPoint":773,"graph":774,"unsanitizedCount":632,"severity":534},"\u003Capg-shortcodes> (includes\\apg-shortcodes.php:0)",{"nodes":775,"edges":780},[776,777,778,779],{"id":474,"type":475,"label":540,"file":310,"line":163},{"id":479,"type":480,"label":505,"file":310,"line":765,"wp_function":506},{"id":508,"type":475,"label":547,"file":310,"line":767},{"id":510,"type":480,"label":511,"file":310,"line":328,"wp_function":513},[781,782],{"from":474,"to":479,"sanitized":299},{"from":508,"to":510,"sanitized":299},{"summary":784,"deductions":785},"The arca-payment-gateway plugin version 1.5.2 exhibits a mixed security posture. On the positive side, it demonstrates excellent practices in output escaping, with all 454 outputs properly escaped, and the majority of SQL queries (82%) utilize prepared statements. The absence of file operations and dangerous functions is also a strength. However, significant concerns arise from the identified attack surface and taint analysis.\n\nSpecifically, the plugin exposes two AJAX handlers without authentication checks, creating potential entry points for unauthorized actions. The taint analysis reveals a concerning 15 high-severity flows with unsanitized paths, indicating a strong possibility of vulnerabilities that could allow attackers to manipulate data or code execution. While the plugin has a history of vulnerabilities, particularly CSRF, the current lack of unpatched CVEs is a positive sign, suggesting active maintenance, though the previous occurrences warrant vigilance. The single nonce check is insufficient to cover all potential attack vectors.\n\nIn conclusion, while the plugin has adopted good practices in output sanitization and SQL query preparation, the unprotected AJAX endpoints and the high number of unsanitized taint flows present a substantial risk. The vulnerability history, though currently clear of unpatched issues, suggests a pattern that requires ongoing monitoring. Addressing the unprotected entry points and the identified taint flows should be a priority to improve the plugin's overall security.",[786,788,790,792],{"reason":787,"points":171},"Unprotected AJAX handlers",{"reason":789,"points":46},"High severity taint flows without sanitization",{"reason":791,"points":304},"Limited nonce checks",{"reason":793,"points":304},"Previous vulnerability history (CSRF)","2026-03-16T21:03:30.420Z",{"wat":796,"direct":829},{"assetPaths":797,"generatorPatterns":812,"scriptPaths":813,"versionParams":814},[798,799,800,801,802,803,804,805,806,807,808,809,810,811],"\u002Fwp-content\u002Fplugins\u002Farca-payment-gateway\u002Fassets\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Farca-payment-gateway\u002Fassets\u002Fcss\u002Fcustom.css","\u002Fwp-content\u002Fplugins\u002Farca-payment-gateway\u002Fassets\u002Fcss\u002Fdaterangepicker.css","\u002Fwp-content\u002Fplugins\u002Farca-payment-gateway\u002Fassets\u002Fcss\u002Fgive-wp-style.css","\u002Fwp-content\u002Fplugins\u002Farca-payment-gateway\u002Fassets\u002Fcss\u002Fgive-wp-style.min.css","\u002Fwp-content\u002Fplugins\u002Farca-payment-gateway\u002Fassets\u002Fcss\u002Fselect2.min.css","\u002Fwp-content\u002Fplugins\u002Farca-payment-gateway\u002Fassets\u002Fcss\u002Fselect2-bootstrap4.css","\u002Fwp-content\u002Fplugins\u002Farca-payment-gateway\u002Fassets\u002Fcss\u002Ftoastr.min.css","\u002Fwp-content\u002Fplugins\u002Farca-payment-gateway\u002Fassets\u002Fjs\u002Fadmin.js","\u002Fwp-content\u002Fplugins\u002Farca-payment-gateway\u002Fassets\u002Fjs\u002Fcustom.js","\u002Fwp-content\u002Fplugins\u002Farca-payment-gateway\u002Fassets\u002Fjs\u002Fdaterangepicker.min.js","\u002Fwp-content\u002Fplugins\u002Farca-payment-gateway\u002Fassets\u002Fjs\u002Fgive-wp-scripts.js","\u002Fwp-content\u002Fplugins\u002Farca-payment-gateway\u002Fassets\u002Fjs\u002Fselect2.full.min.js","\u002Fwp-content\u002Fplugins\u002Farca-payment-gateway\u002Fassets\u002Fjs\u002Ftoastr.min.js",[],[806,807,808,809,810,811],[815,816,817,818,819,820,821,822,823,824,825,826,827,828],"arca-payment-gateway\u002Fassets\u002Fcss\u002Fadmin.css?ver=","arca-payment-gateway\u002Fassets\u002Fcss\u002Fcustom.css?ver=","arca-payment-gateway\u002Fassets\u002Fcss\u002Fdaterangepicker.css?ver=","arca-payment-gateway\u002Fassets\u002Fcss\u002Fgive-wp-style.css?ver=","arca-payment-gateway\u002Fassets\u002Fcss\u002Fgive-wp-style.min.css?ver=","arca-payment-gateway\u002Fassets\u002Fcss\u002Fselect2.min.css?ver=","arca-payment-gateway\u002Fassets\u002Fcss\u002Fselect2-bootstrap4.css?ver=","arca-payment-gateway\u002Fassets\u002Fcss\u002Ftoastr.min.css?ver=","arca-payment-gateway\u002Fassets\u002Fjs\u002Fadmin.js?ver=","arca-payment-gateway\u002Fassets\u002Fjs\u002Fcustom.js?ver=","arca-payment-gateway\u002Fassets\u002Fjs\u002Fdaterangepicker.min.js?ver=","arca-payment-gateway\u002Fassets\u002Fjs\u002Fgive-wp-scripts.js?ver=","arca-payment-gateway\u002Fassets\u002Fjs\u002Fselect2.full.min.js?ver=","arca-payment-gateway\u002Fassets\u002Fjs\u002Ftoastr.min.js?ver=",{"cssClasses":830,"htmlComments":835,"htmlAttributes":837,"restEndpoints":840,"jsGlobals":841,"shortcodeOutput":844},[831,832,833,834],"arca-pg-settings","arca-pg-idram-settings","arca-pg-admin-menu","arca-pg-deactivate-popup-wrap",[836],"\u003C!-- TATIOSA multi account integration not found. file: \"multi-account.php\" -->",[838,839],"data-plugin-name=\"arca-payment-gateway\"","data-plugin-version=\"1.5.2\"",[],[842,843],"ARCAPG_VERSION","ARCAPG_PRO",[]]