[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f6p9Q9mRjH09YHrE1qg1hbpHbQc9N0xKslSRDHiIfw_k":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":13,"vuln_count":27,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":48,"crawl_stats":37,"alternatives":55,"analysis":152,"fingerprints":395},"bangladeshi-payment-gateways","Bangladeshi Payment Gateways – Make Payment Using QR Code","4.0.4","ultraDevs","https:\u002F\u002Fprofiles.wordpress.org\u002Fultradevs\u002F","\u003Cp>Bangladeshi Payment Gateways for WooCommerce. It has some advanced features that will help you to manage payment easily.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Pay with QR Code\u003C\u002Fli>\n\u003Cli>Fee for each gateway\u003C\u002Fli>\n\u003Cli>Block Based Checkout Page Support\u003C\u002Fli>\n\u003Cli>USD to BDT Conversion Support\u003C\u002Fli>\n\u003Cli>Statistics, Transactions.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Supported Gateways\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>bKash\u003C\u002Fli>\n\u003Cli>Rocket\u003C\u002Fli>\n\u003Cli>Nagad\u003C\u002Fli>\n\u003Cli>Upay\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Video\u003C\u002Fh4>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FArJ-zOW1KBU?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch3>Our Other Plugins.\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Feasy-dropbox-integration\u002F\" rel=\"ugc\">Easy Dropbox Integration For WordPress\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Frandom-image-block-for-block-editor\u002F\" rel=\"ugc\">Random Image Block for Block Editor\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fultraembed-advanced-iframe\u002F\" rel=\"ugc\">UltraEmbed – Advanced Iframe Plugin For WordPress with Gutenberg Block Included\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftestimonialx-block\u002F\" rel=\"ugc\">TestimonialX – Testimonial Block For Gutenberg Block Editor with 15+ Stunning Styles\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Need Help?\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fbangladeshi-payment-gateways\u002F\" rel=\"ugc\">Free Support\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fweb.facebook.com\u002Fhello.ultradevs\" rel=\"nofollow ugc\">Live Chat\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fultradevs.com\u002Fdocs\u002Fbangladeshi-payment-gateways\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>  | \u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fplaylist?list=PL6-MOhUm73eiSSVHgAVnFFEvs6rO2sZyC\" rel=\"nofollow ugc\">Video Tutorials\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Join With US\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fweb.facebook.com\u002Fgroups\u002Fpowerfulblocks\u002F\" rel=\"nofollow ugc\">Facebook – Community\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fweb.facebook.com\u002Fhello.ultradevs\" rel=\"nofollow ugc\">Facebook – Page\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fchannel\u002FUCc2yL-QGQjscXpPx9Pp7J8w\" rel=\"nofollow ugc\">Youtube\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Ftwitter.com\u002FultraDevsBD\" rel=\"nofollow ugc\">Twitter\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.instagram.com\u002Fultradevs\u002F\" rel=\"nofollow ugc\">Instagram\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Contribute\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FultraDevs\u002FBangladeshi-Payment-Gateways\" rel=\"nofollow ugc\">Github Link\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Privacy Policy\u003C\u002Fh3>\n\u003Cp>Bangladeshi Payment Gateways uses \u003Ca href=\"https:\u002F\u002Fappsero.com\" rel=\"nofollow ugc\">Appsero\u003C\u002Fa> SDK to collect some telemetry data upon user’s confirmation. This helps us to troubleshoot problems faster & make product improvements.\u003C\u002Fp>\n\u003Cp>Appsero SDK \u003Cstrong>does not gather any data by default.\u003C\u002Fstrong> The SDK only starts gathering basic telemetry data \u003Cstrong>when a user allows it via the admin notice\u003C\u002Fstrong>. We collect the data to ensure a great user experience for all our users.\u003C\u002Fp>\n\u003Cp>Integrating Appsero SDK \u003Cstrong>DOES NOT IMMEDIATELY\u003C\u002Fstrong> start gathering data, \u003Cstrong>without confirmation from users in any case.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Learn more about how \u003Ca href=\"https:\u002F\u002Fappsero.com\u002Fprivacy-policy\u002F\" rel=\"nofollow ugc\">Appsero collects and uses this data\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Made with love by \u003Ca href=\"https:\u002F\u002Fultradevs.com\" rel=\"nofollow ugc\">ultraDevs\u003C\u002Fa>\u003C\u002Fp>\n","Bangladeshi Payment Gateways for WooCommerce.",5000,72784,100,87,"2025-12-28T04:28:00.000Z","6.9.4","4.4","7.0.0",[20,21,22,23,24],"bkash","mobile-payment","payment-gateway","qr-code","woocommerce","https:\u002F\u002Fultradevs.com\u002Fproducts\u002Fwp-plugin\u002Fbangladeshi-payment-gateways\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbangladeshi-payment-gateways.4.0.4.zip",1,0,"2022-12-16 00:00:00","2026-03-15T15:16:48.613Z",[32],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":39,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":29,"updated_date":44,"references":45,"days_to_patch":47},"WF-84003388-c47c-41db-8d2d-4643aa375a89-bangladeshi-payment-gateways","appsero-missing-authorization-31","Appsero \u003C= 1.2.1 - Missing Authorization","The Appsero analytics tool used in several plugins is vulnerable to authorization bypass due to a missing capability check on the uninstall_reason_submission function used for feedback submission in versions up to, and including, 1.2.1. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to invoke this function intended for administrator use.",null,"\u003C=2.0.6","2.0.7","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Missing Authorization","2024-11-13 15:47:37",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F84003388-c47c-41db-8d2d-4643aa375a89?source=api-prod",699,{"slug":49,"display_name":7,"profile_url":8,"plugin_count":50,"total_installs":51,"avg_security_score":52,"avg_patch_time_days":47,"trust_score":53,"computed_at":54},"ultradevs",6,5230,96,76,"2026-04-04T09:16:13.868Z",[56,75,97,118,136],{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":13,"num_ratings":27,"last_updated":66,"tested_up_to":16,"requires_at_least":67,"requires_php":68,"tags":69,"homepage":71,"download_link":72,"security_score":73,"vuln_count":27,"unpatched_count":28,"last_vuln_date":74,"fetched_at":30},"hitpay-payment-gateway","HitPay Payment Gateway for WooCommerce","4.2.1","HitPay Payment Solutions Pte Ltd","https:\u002F\u002Fprofiles.wordpress.org\u002Fhitpay2020\u002F","\u003Cp>HitPay Payment Gateway Plugin allows HitPay merchants to accept PayNow QR, Cards, Apple Pay, Google Pay, WeChatPay, AliPay and GrabPay Payments.\u003C\u002Fp>\n\u003Cp>This plugin would communicate with 3rd party HitPay payment gateway(https:\u002F\u002Fwww.hitpayapp.com\u002F) in order to process the payments.\u003C\u002Fp>\n\u003Cp>Merchant must create an account with HitPay payment gateway(https:\u002F\u002Fwww.hitpayapp.com\u002F).\u003C\u002Fp>\n\u003Cp>Pay only per transaction. No monthly, setup, admin or any hidden service fees.\u003C\u002Fp>\n\u003Cp>Merchant once created an account with HitPay payment gateway(https:\u002F\u002Fwww.hitpayapp.com\u002F), they can go to thier HitPay dashboard and choose the payment options they would to avail for their site.\u003C\u002Fp>\n\u003Cp>And merchant need to copy the API keys and Salt values from the HitPay Web Dashboard under Settings > Payment Gateway > API Keys\u003C\u002Fp>\n\u003Ch3>Configuration\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Go to WooCommerce settings\u003C\u002Fli>\n\u003Cli>Select the “Payments” tab\u003C\u002Fli>\n\u003Cli>Activate the payment method (if inactive)\u003C\u002Fli>\n\u003Cli>Set the name you wish to show your users on Checkout (for example: “HitPay or Creditcard”)\u003C\u002Fli>\n\u003Cli>Fill the payment method’s description (for example: “Pay with HitPay”)\u003C\u002Fli>\n\u003Cli>Copy the API keys and Salt values from the HitPay Web Dashboard under Settings > Payment Gateway > API Keys\u003C\u002Fli>\n\u003Cli>Select the payment gateway logos.\u003C\u002Fli>\n\u003Cli>Click “Save Changes”\u003C\u002Fli>\n\u003Cli>All done!\u003C\u002Fli>\n\u003C\u002Fol>\n","HitPay Payment Gateway Plugin allows HitPay merchants to accept PayNow QR, Cards, Apple Pay, Google Pay, WeChatPay, AliPay and GrabPay Payments.",4000,42761,"2025-11-29T02:34:00.000Z","4.0","5.5",[70,22,23,24],"hitpay","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhitpay-payment-gateway.4.2.1.zip",99,"2024-07-11 00:00:00",{"slug":76,"name":77,"version":78,"author":79,"author_profile":80,"description":81,"short_description":82,"active_installs":83,"downloaded":84,"rating":13,"num_ratings":85,"last_updated":86,"tested_up_to":87,"requires_at_least":88,"requires_php":89,"tags":90,"homepage":95,"download_link":96,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"codecarebd-bkash-nagad-rocket-payoneer-gateway","CodeCareBD – Payment Gateway for WooCommerce","1.0","Shakil Ahamed","https:\u002F\u002Fprofiles.wordpress.org\u002Fdevshakil\u002F","\u003Cp>CodeCareBD – Payment Gateway plugin integrates bKash, Nagad, Rocket, and Payoneer Payment Gateways with WooCommerce.\u003C\u002Fp>\n\u003Ch3>How to use\u003C\u002Fh3>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FyrK5dhQpX68?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch3>Please note:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>This is a WooCommerce plugin, requiring WooCommerce activation.\u003C\u002Fli>\n\u003Cli>You need accounts with bKash, Nagad, Rocket, or Payoneer to receive payments.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For suggestions and support, contact us \u003Ca href=\"https:\u002F\u002Fcodecarebd.com\u002Fcontact\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n","CodeCareBD - Payment Gateway plugin integrates bKash, Nagad, Rocket, and Payoneer Payment Gateways with WooCommerce.",300,11362,3,"2026-02-03T09:12:00.000Z","6.7.5","6.3","7.3",[20,91,92,93,94],"nagad","payoneer","rocket","woocommerce-payment-gateway","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcodecarebd-bkash-nagad-rocket-payoneer-gateway","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcodecarebd-bkash-nagad-rocket-payoneer-gateway.1.0.zip",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":105,"downloaded":106,"rating":107,"num_ratings":50,"last_updated":108,"tested_up_to":109,"requires_at_least":110,"requires_php":111,"tags":112,"homepage":116,"download_link":117,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"wc-6amtech-payment-gateway-bkash","6amTech – Payment Gateway for bKash and WC","1.2.2","6amtech","https:\u002F\u002Fprofiles.wordpress.org\u002F6amtech\u002F","\u003Cp>6amTech – Payment Gateway for bKash and WooCommerce is an essential solution for WooCommerce stores in Bangladesh. It lets you easily integrate bKash, the country’s leading mobile payment system, directly into your website.\u003C\u002Fp>\n\u003Cp>This plugin provides your website’s customers with a smooth and secure checkout experience, making payments as effortless as possible. By adding this gateway, you’re not only offering a trusted and one of the most used e-commerce payment options but also improving the overall user experience. In general, it helps websites build trust and drive conversions.\u003C\u002Fp>\n\u003Ch3>Key Features:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Quick integration of bKash payment into WooCommerce checkout.\u003C\u002Fli>\n\u003Cli>Secure and encrypted payment processing with bKash.\u003C\u002Fli>\n\u003Cli>Supports both sandbox and live environments for testing.\u003C\u002Fli>\n\u003Cli>Customize bKash payment method display names\u003C\u002Fli>\n\u003Cli>Easy setup and configuration from WooCommerce settings.\u003C\u002Fli>\n\u003Cli>No technical knowledge is required for installation and use.\u003C\u002Fli>\n\u003Cli>Optimized for mobile payments and the Bangladesh e-commerce market.\u003C\u002Fli>\n\u003Cli>Option to add payment charge as an additional fee.\u003C\u002Fli>\n\u003Cli>Easy to validate the sandbox on the merchant panel with our payment response viewing feature.\u003C\u002Fli>\n\u003Cli>Supports custom BDT pricing, even if your WooCommerce store operates in another currency.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Benefits:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Increase Sales\u003C\u002Fstrong>: By offering bKash as a payment option, you will significantly increase the number of checkouts as bKash is already familiar to millions of users in Bangladesh.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Secure Transactions\u003C\u002Fstrong>: With the bKash WooCommerce plugin, your customers’ payments are protected by the latest security measures, giving both you and your buyers peace of mind.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Mobile-friendly\u003C\u002Fstrong>: This bKash plugin for WooCommerce is perfect for mobile e-commerce sites, with easy-to-use, responsive checkout.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Additional Revenue\u003C\u002Fstrong>: You’re in control with the option to add payment charges as an additional fee to cover transaction costs and maintain profitability without affecting your margins.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Easy setup and management\u003C\u002Fstrong>: This bKash WooCommerce plugin is designed with developers in mind. You’ll have it up and running in no time.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multi-Currency Support\u003C\u002Fstrong>: If the store’s default currency isn’t BDT, custom BDT prices can be set per product. bKash plugin will process the payment in BDT at checkout.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Documentation\u003C\u002Fh3>\n\u003Cp>Our bKash Payment Gateway for WooCommerce plugin includes detailed \u003Ca href=\"https:\u002F\u002F6amtech.com\u002Fbkash-payment-gateway-plugin-documentation\u002F\" rel=\"nofollow ugc\">documentation\u003C\u002Fa> to guide you through installation, setup, and configuration. Whether you’re a beginner or an experienced developer, our step-by-step instructions ensure a smooth integration for your WooCommerce store.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Watch the plugin in action:\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F8yvpLYc3xwY?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Watch how the plugin handles bkash payment if your WooCommerce store uses a different currency\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FiLi73ar3L6w?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n","6amTech – Payment Gateway for bKash and WooCommerce allows seamless bKash integration, making transactions secure and easy for Bangladeshi customers.",200,4470,94,"2025-09-09T04:08:00.000Z","6.8.5","5.1","7.4",[20,113,114,115,22],"bkash-for-woocommerce","bkash-payment","bkash-payment-gateway","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwc-6amtech-payment-gateway-bkash\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwc-6amtech-payment-gateway-bkash.1.2.2.zip",{"slug":119,"name":120,"version":121,"author":122,"author_profile":123,"description":124,"short_description":125,"active_installs":126,"downloaded":127,"rating":28,"num_ratings":28,"last_updated":71,"tested_up_to":87,"requires_at_least":128,"requires_php":71,"tags":129,"homepage":133,"download_link":134,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":135},"payment-gateway-for-m-pesa-open-api","Payment Gateway for M-PESA Open API on WooCommerce","1.0.0","demkitech","https:\u002F\u002Fprofiles.wordpress.org\u002Fdennokip\u002F","\u003Cp>The plugin enables the customer to have an option of paying merchants using M-PESA mobile money service from a WordPress site that has WooCommerce plugin installed.\u003Cbr \u002F>\nThe plugin adds an option on the checkout section for paying through M-PESA(A mobile payment platform) Open API which is now available on these counties:\u003Cbr \u002F>\n\u003Cem>Congo, Ghana, Lesotho, Tanzania\u003C\u002Fem>\u003C\u002Fp>\n\u003Ch4>PLUGIN SETUP FOR M-PESA OPEN API SANDBOX\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Testing of the plugin is possible by creating an account in the \u003Ca href=\"https:\u002F\u002Fopenapiportal.m-pesa.com\u002F\" rel=\"nofollow ugc\">M-Pesa Open API Developer Portal\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>After account creation, log in to the account, click on the menu at the top left corner of the portal.\u003C\u002Fli>\n\u003Cli>Click on Applications from the drop down menu.\u003C\u002Fli>\n\u003Cli>On the Applications window, click on New and fill the application details. Make sure you have chosen \u003Cem>C2B Single Payment\u003C\u002Fem> option.\u003C\u002Fli>\n\u003Cli>Once the application has been created, click on View option to check the application details.\u003C\u002Fli>\n\u003Cli>The plugin settings are found here on your website once logged in as WordPress Administrator(WooCommerce ➡ Settings ➡ Payments ➡ M-PESA Open API ➡ Manage)\u003C\u002Fli>\n\u003Cli>Copy the \u003Cem>Sandbox API Key\u003C\u002Fem> value which you will fill in this plugin settings.\u003C\u002Fli>\n\u003Cli>Open the C2B Single Payment documentation \u003Ca href=\"https:\u002F\u002Fopenapiportal.m-pesa.com\u002Fapi-documentation#APIRequests\" rel=\"nofollow ugc\">here\u003C\u002Fa> and copy the \u003Cem>publicKey\u003C\u002Fem> value on the sample code which you will paste in the plugin settings.\u003C\u002Fli>\n\u003Cli>The \u003Cem>Country\u003C\u002Fem> and \u003Cem>Currency\u003C\u002Fem> to be configured on the plugin are in the \u003Cem>API Markets\u003C\u002Fem> table on the \u003Ca href=\"https:\u002F\u002Fopenapiportal.m-pesa.com\u002Fapi-documentation\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa> page.\u003C\u002Fli>\n\u003Cli>Use \u003Cem>000000\u003C\u002Fem> as the Service Code provided for testing on Sandbox\u003C\u002Fli>\n\u003Cli>The endpoints will be prefilled but if not available copy from the documentation page.\u003C\u002Fli>\n\u003Cli>After filling all these items on the plugin settings, click on Save and test purchasing of products on the website.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Note these items when testing in Sandbox:\u003C\u002Fstrong>\u003Cbr \u002F>\n1. You can add test numbers on the M-Pesa Open API Portal.\u003Cbr \u002F>\n2. This number(000000000001) will give a successful response on Sandbox, but there will be no USSD Push received.\u003C\u002Fp>\n\u003Ch4>PLUGIN SETUP FOR M-PESA OPEN API PRODUCTION\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>The plugin settings will need to be changed to use the production details\u003C\u002Fli>\n\u003Cli>Use the Go Live process on the M-Pesa Open API portal in order to get the production details\u003C\u002Fli>\n\u003Cli>Once the Go Live process is successful and you have all the details, replace them on the plugin settings, save and test.\u003C\u002Fli>\n\u003Cli>Remember to update the endpoints too, to the production endpoints provided on the M-Pesa Open API documentation section.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>PLUGIN CUSTOMER JOURNEY\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>When the customer clicks on the Pay button on the payment page, the plugin will initiate a payment authorization request to the customer. \u003C\u002Fli>\n\u003Cli>The customer will then accept or decline the payment from the personal mobile phone.\u003C\u002Fli>\n\u003Cli>The order status in the online shop is then changed depending on the customer’s action(In the Pro Version).\u003C\u002Fli>\n\u003Cli>This  \u003Cstrong>free version\u003C\u002Fstrong> of the plugin does not change order status and does not have the functionality of checking the transaction status of the payments but the Pro Version does.\u003C\u002Fli>\n\u003Cli>The main purpose of the \u003Cstrong>free version\u003C\u002Fstrong> is to test the functionality of how your website will work and it’s compatibility with your website before deciding to use it in production.\u003C\u002Fli>\n\u003Cli>Please check the  \u003Cstrong>DEMO\u003C\u002Fstrong> of the Pro Version of the plugin \u003Ca href=\"https:\u002F\u002Fdemowoompesa.demkitech.com\u002F\" rel=\"nofollow ugc\">HERE\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>The \u003Cstrong>Pro Version\u003C\u002Fstrong> is currently \u003Cem>Free\u003C\u002Fem>, please request for it by sending an email to \u003Cem>info@demkitech.com\u003C\u002Fem> \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Plugin features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Compatible with WordPress themes.\u003C\u002Fli>\n\u003Cli>Easy to use.\u003C\u002Fli>\n\u003Cli>Lightweight.\u003C\u002Fli>\n\u003Cli>Supports all modern browsers.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How to use:\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Make sure you have installed and activated WooCommerce plugin before installing and activating this plugin.\u003C\u002Fli>\n\u003Cli>Upload the Payment Gateway for M-PESA Open API on WooCommerce plugin files to the wordpress plugins directory (\u002Fwp-content\u002Fplugins\u002F), or install the plugin from th WordPress admin plugin screen.\u003C\u002Fli>\n\u003Cli>Activate the plugin.\u003C\u002Fli>\n\u003Cli>On the WordPress admin, navigate to (WooCommerce ➡ Settings ➡ Payments ➡ M-PESA Open API ➡ Manage) and fill in the fields provided in order for the plugin to work.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Demo Video\u003C\u002Fh4>\n\u003Cp>Coming Soon\u003C\u002Fp>\n\u003Ch3>Disclaimer\u003C\u002Fh3>\n\u003Cp>This plugin does not have any relation with WooCommerce or M-PESA. The plugin’s purpose is just to help in linking the WooCommerce plugin with the M-PESA payment method.\u003Cbr \u002F>\nIn the plugin description there is links to other websites which are not under the control of Payment Gateway for M-PESA Open API Plugin. We have no control over the nature,\u003Cbr \u002F>\ncontent and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them.\u003C\u002Fp>\n","The plugin enables the customer to have an option of paying merchants using M-PESA mobile money service from a Wordpress site that has WooCommerce plu &hellip;",30,2058,"2.2",[130,131,132,22,24],"m-pesa","mobile-payments","mpesa","https:\u002F\u002Fdemkitech.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpayment-gateway-for-m-pesa-open-api.zip","2026-03-15T10:48:56.248Z",{"slug":137,"name":138,"version":139,"author":140,"author_profile":141,"description":142,"short_description":143,"active_installs":144,"downloaded":145,"rating":28,"num_ratings":28,"last_updated":146,"tested_up_to":147,"requires_at_least":67,"requires_php":71,"tags":148,"homepage":149,"download_link":150,"security_score":151,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"bd-mobile-payments-gateway","BD Mobile Payments Gateway","1.1","Jabed Shoeb","https:\u002F\u002Fprofiles.wordpress.org\u002Fonnoysomoy\u002F","\u003Cp>This plugin is an extension of Woocommerce which added Bangladeshi Taka BDT symble (৳) at WooCommerce plugin where WooCommerce not yet support Bangladeshi currency\u002Fsymble (BDT ৳) & Bangladeshi Local Payment Gateways (i.e. bKash, DBBL Mobile Banking etc.) into WooCommerce.\u003C\u002Fp>\n\u003Cp>Thank you for using our plugin.\u003Cbr \u002F>\nVist our blog to know more.\u003Cbr \u002F>\nGive a Rating & Write a Review.\u003C\u002Fp>\n","This plugin is an extension of Woocommerce which added Bangladeshi Taka BDT symble (৳) at WooCommerce plugin where WooCommerce not yet support Banglad &hellip;",10,4043,"2015-03-10T14:33:00.000Z","4.1.42",[131,22,24],"http:\u002F\u002Fwww.areuconnected.com\u002Fplugins\u002Fbd-mobile-payment-gateway\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbd-mobile-payments-gateway.zip",85,{"attackSurface":153,"codeSignals":295,"taintFlows":337,"riskAssessment":381,"analyzedAt":394},{"hooks":154,"ajaxHandlers":264,"restRoutes":292,"shortcodes":293,"cronEvents":294,"entryPointCount":50,"unprotectedCount":28},[155,160,163,167,171,175,179,183,187,191,194,199,204,207,210,213,216,220,224,227,231,235,240,244,248,252,255,258,261],{"type":156,"name":157,"callback":158,"file":159,"line":14},"action","init","load_text_domain","bd-payment-gateways.php",{"type":156,"name":161,"callback":157,"priority":27,"file":159,"line":162},"plugins_loaded",89,{"type":156,"name":164,"callback":165,"file":159,"line":166},"before_woocommerce_init","closure",98,{"type":156,"name":168,"callback":169,"file":159,"line":170},"admin_notices","woo_required_notice",144,{"type":156,"name":172,"callback":173,"file":159,"line":174},"woocommerce_payment_gateways","add_payment_gateways",174,{"type":156,"name":176,"callback":177,"file":159,"line":178},"woocommerce_blocks_loaded","init_block_gateways",177,{"type":156,"name":180,"callback":181,"file":159,"line":182},"admin_init","activation_redirect",182,{"type":156,"name":184,"callback":185,"file":159,"line":186},"admin_enqueue_scripts","admin_assets",185,{"type":156,"name":188,"callback":189,"file":159,"line":190},"wp_enqueue_scripts","frontend_assets",195,{"type":156,"name":192,"callback":165,"file":159,"line":193},"woocommerce_blocks_payment_method_type_registration",255,{"type":156,"name":195,"callback":196,"file":197,"line":198},"bdpg_hpos_migration_batch","process_migration_batch","includes\\Activate.php",344,{"type":156,"name":200,"callback":201,"file":202,"line":203},"admin_menu","register_admin_menu","includes\\Admin\\Dashboard.php",46,{"type":156,"name":180,"callback":205,"file":202,"line":206},"register_settings",47,{"type":156,"name":168,"callback":208,"priority":28,"file":202,"line":209},"hide_dashboard_admin_notices",48,{"type":156,"name":168,"callback":211,"file":202,"line":212},"hpos_migration_notice",49,{"type":156,"name":184,"callback":214,"file":202,"line":215},"enqueue_admin_scripts",50,{"type":156,"name":217,"callback":218,"priority":144,"file":219,"line":182},"woocommerce_email_before_order_table","customer_email_instructions","includes\\BDPG_Gateway.php",{"type":156,"name":221,"callback":222,"file":219,"line":223},"woocommerce_checkout_process","payment_process",184,{"type":156,"name":225,"callback":226,"file":219,"line":186},"woocommerce_checkout_update_order_meta","fields_update",{"type":156,"name":228,"callback":229,"file":219,"line":230},"woocommerce_admin_order_data_after_billing_address","admin_order_data",186,{"type":156,"name":232,"callback":233,"priority":144,"file":219,"line":234},"woocommerce_rest_checkout_process_payment_with_context","block_payment_process",189,{"type":156,"name":236,"callback":237,"priority":238,"file":219,"line":239},"woocommerce_cart_calculate_fees","charge_settings",20,194,{"type":156,"name":241,"callback":242,"file":219,"line":243},"woocommerce_order_details_after_customer_details","data_order_review_page",197,{"type":245,"name":246,"callback":247,"priority":238,"file":219,"line":105},"filter","manage_woocommerce_page_wc-orders_columns","admin_register_column",{"type":156,"name":249,"callback":250,"priority":238,"file":219,"line":251},"manage_woocommerce_page_wc-orders_custom_column","admin_column_value",201,{"type":245,"name":253,"callback":247,"priority":238,"file":219,"line":254},"manage_edit-shop_order_columns",204,{"type":156,"name":256,"callback":250,"priority":238,"file":219,"line":257},"manage_shop_order_posts_custom_column",205,{"type":156,"name":180,"callback":156,"file":259,"line":260},"includes\\Review.php",39,{"type":156,"name":168,"callback":262,"file":259,"line":263},"review_notice",40,[265,271,275,279,284,288],{"action":266,"nopriv":267,"callback":268,"hasNonce":269,"hasCapCheck":269,"file":202,"line":270},"bdpg_get_migration_status",false,"ajax_get_migration_status",true,53,{"action":272,"nopriv":267,"callback":273,"hasNonce":269,"hasCapCheck":269,"file":202,"line":274},"bdpg_start_migration","ajax_start_migration",54,{"action":276,"nopriv":267,"callback":277,"hasNonce":269,"hasCapCheck":269,"file":202,"line":278},"bdpg_reset_migration","ajax_reset_migration",55,{"action":280,"nopriv":267,"callback":281,"hasNonce":269,"hasCapCheck":269,"file":282,"line":283},"bdpg_get_stats","ajax_get_stats","includes\\Admin\\Statistics.php",57,{"action":285,"nopriv":267,"callback":286,"hasNonce":269,"hasCapCheck":269,"file":282,"line":287},"bdpg_get_transactions","ajax_get_transactions",58,{"action":289,"nopriv":267,"callback":290,"hasNonce":269,"hasCapCheck":269,"file":282,"line":291},"bdpg_export_transactions","ajax_export_transactions",59,[],[],[],{"dangerousFunctions":296,"sqlUsage":297,"outputEscaping":299,"fileOperations":27,"externalRequests":28,"nonceChecks":332,"capabilityChecks":50,"bundledLibraries":333},[],{"prepared":28,"raw":28,"locations":298},[],{"escaped":300,"rawEcho":301,"locations":302},128,14,[303,306,308,310,312,314,316,318,320,322,324,326,328,330],{"file":282,"line":304,"context":305},352,"raw output",{"file":219,"line":307,"context":305},315,{"file":219,"line":309,"context":305},349,{"file":219,"line":311,"context":305},360,{"file":219,"line":313,"context":305},437,{"file":219,"line":315,"context":305},550,{"file":219,"line":317,"context":305},552,{"file":219,"line":319,"context":305},570,{"file":219,"line":321,"context":305},720,{"file":219,"line":323,"context":305},799,{"file":259,"line":325,"context":305},153,{"file":259,"line":327,"context":305},162,{"file":259,"line":329,"context":305},166,{"file":259,"line":331,"context":305},170,7,[334],{"name":335,"version":37,"knownCves":336},"TCPDF",[],[338,359,369],{"entryPoint":339,"graph":340,"unsanitizedCount":27,"severity":40},"ajax_export_transactions (includes\\Admin\\Statistics.php:271)",{"nodes":341,"edges":356},[342,347,351],{"id":343,"type":344,"label":345,"file":282,"line":346},"n0","source","$_POST",289,{"id":348,"type":349,"label":350,"file":282,"line":346},"n1","transform","→ export_pdf()",{"id":352,"type":353,"label":354,"file":282,"line":304,"wp_function":355},"n2","sink","echo() [XSS]","echo",[357,358],{"from":343,"to":348,"sanitized":267},{"from":348,"to":352,"sanitized":267},{"entryPoint":360,"graph":361,"unsanitizedCount":27,"severity":40},"\u003CStatistics> (includes\\Admin\\Statistics.php:0)",{"nodes":362,"edges":366},[363,364,365],{"id":343,"type":344,"label":345,"file":282,"line":346},{"id":348,"type":349,"label":350,"file":282,"line":346},{"id":352,"type":353,"label":354,"file":282,"line":304,"wp_function":355},[367,368],{"from":343,"to":348,"sanitized":267},{"from":348,"to":352,"sanitized":267},{"entryPoint":370,"graph":371,"unsanitizedCount":28,"severity":380},"\u003CBDPG_Gateway> (includes\\BDPG_Gateway.php:0)",{"nodes":372,"edges":378},[373,376],{"id":343,"type":344,"label":374,"file":219,"line":375},"$_POST (x4)",631,{"id":348,"type":353,"label":354,"file":219,"line":377,"wp_function":355},714,[379],{"from":343,"to":348,"sanitized":269},"low",{"summary":382,"deductions":383},"The \"bangladeshi-payment-gateways\" plugin v4.0.4 exhibits a generally good security posture, largely due to robust implementation of security best practices. The static analysis reveals a significant number of AJAX handlers, all of which appear to have proper authorization checks, and no REST API routes or shortcodes were identified, minimizing the attack surface. Crucially, no dangerous functions were detected, and all SQL queries are properly prepared, indicating a strong defense against common SQL injection attacks. The high percentage of properly escaped outputs further suggests a good understanding of preventing cross-site scripting (XSS) vulnerabilities.\n\nDespite these strengths, there are a few areas for concern. The taint analysis identified two flows with unsanitized paths, which, while not resulting in critical or high-severity vulnerabilities in this version, represent a potential avenue for exploitation if not addressed. The presence of file operations, though only one, warrants careful scrutiny to ensure it's handled securely. The vulnerability history shows one known CVE, which was promptly patched, and the plugin has a history of missing authorization vulnerabilities, suggesting a past area of weakness that, while seemingly addressed now, warrants continued vigilance. The bundled TCPDF library, if outdated, could also pose a risk.\n\nIn conclusion, the plugin has made significant improvements in security, particularly in its handling of AJAX requests and SQL queries. However, the presence of unsanitized paths in the taint analysis and the historical pattern of authorization issues are areas that require ongoing monitoring and diligent security practices to maintain a secure state. The strengths in prepared statements and output escaping are commendable, but the identified taint flows and past vulnerabilities prevent a perfect score.",[384,386,389,391],{"reason":385,"points":144},"Taint analysis found 2 unsanitized paths",{"reason":387,"points":388},"Vulnerability history: 1 known CVE",15,{"reason":390,"points":85},"Bundled library: TCPDF",{"reason":392,"points":393},"Presence of file operations",5,"2026-03-16T18:06:50.869Z",{"wat":396,"direct":410},{"assetPaths":397,"generatorPatterns":403,"scriptPaths":404,"versionParams":405},[398,399,400,401,402],"\u002Fwp-content\u002Fplugins\u002Fbangladeshi-payment-gateways\u002Fdist\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Fbangladeshi-payment-gateways\u002Fdist\u002Fjs\u002Fadmin.js","\u002Fwp-content\u002Fplugins\u002Fbangladeshi-payment-gateways\u002Fdist\u002Fcss\u002Ffrontend.css","\u002Fwp-content\u002Fplugins\u002Fbangladeshi-payment-gateways\u002Fdist\u002Fjs\u002Ffrontend.js","\u002Fwp-content\u002Fplugins\u002Fbangladeshi-payment-gateways\u002Fassets\u002Fimages\u002Fqr-icon.svg",[],[399,401],[406,407,408,409],"\u002Fwp-content\u002Fplugins\u002Fbangladeshi-payment-gateways\u002Fdist\u002Fcss\u002Fadmin.css?ver=","\u002Fwp-content\u002Fplugins\u002Fbangladeshi-payment-gateways\u002Fdist\u002Fjs\u002Fadmin.js?ver=","\u002Fwp-content\u002Fplugins\u002Fbangladeshi-payment-gateways\u002Fdist\u002Fcss\u002Ffrontend.css?ver=","\u002Fwp-content\u002Fplugins\u002Fbangladeshi-payment-gateways\u002Fdist\u002Fjs\u002Ffrontend.js?ver=",{"cssClasses":411,"htmlComments":416,"htmlAttributes":447,"restEndpoints":452,"jsGlobals":454,"shortcodeOutput":456},[412,413,414,415],"bdpg-qr-payment","bdpg-qr-wrapper","bdpg-qr-code","bdpg-qr-instructions",[417,418,419,420,421,422,423,424,425,426,427,428,429,430,431,432,433,434,435,436,437,438,439,440,441,442,443,444,445,446],"\u003C!-- Bangladeshi Payment Gateways - Make Payment Using QR Code -->","\u003C!-- Main Plugin File -->","\u003C!-- Bkash. -->","\u003C!-- Rocket. -->","\u003C!-- Nagad. -->","\u003C!-- Upay. -->","\u003C!-- Gateways. -->","\u003C!-- Constructor -->","\u003C!-- Load text domain on init hook. -->","\u003C!-- Begin execution of the plugin -->","\u003C!-- Plugin Init -->","\u003C!-- Payment Gateways classes. -->","\u003C!-- Assets Manager Class. -->","\u003C!-- Activate. -->","\u003C!-- Review Class. -->","\u003C!-- Dashboard Class. -->","\u003C!-- Statistics Class. -->","\u003C!-- Register block support gateways. -->","\u003C!-- Activation_Redirect. -->","\u003C!-- Admin Assets. -->","\u003C!-- Plugin Action Links. -->","\u003C!-- Review Notice. -->","\u003C!-- Frontend Assets. -->","\u003C!-- Plugin Activation. -->","\u003C!-- Loads a plugin’s translated strings. -->","\u003C!-- Add Payment Gateways to WooCommerce. -->","\u003C!-- Initialize Block Support Gateways. -->","\u003C!-- WooCommerce Required Notice. -->","\u003C!-- Plugin Action Links -->","\u003C!-- Initialize the plugin tracker -->",[448,449,450,451],"data-qr-code-url","data-account-number","data-payment-method","data-order-id",[453],"\u002Fwp-json\u002Fbdpg\u002Fv1\u002Forder-payment-status",[455],"bdpg_ajax_object",[457],"[bdpg_qr_payment_gateway]"]