[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fqpj8QWauJVvOD-4Xmb9BchFlUNzORLp50vT1p19JPCs":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":38,"analysis":141,"fingerprints":251},"beyond-pay-for-woocommerce","Beyond Pay for WooCommerce","1.7.2","Beyond Pay","https:\u002F\u002Fprofiles.wordpress.org\u002Fbeyondpay\u002F","\u003Cp>\u003Cstrong>Warning: This plugin has been discontinued and should not be used for new installations. For additional information please refer to this \u003Ca href=\"https:\u002F\u002Fwww.globalpayments.com\u002Finsights\u002F2024\u002F11\u002F01\u002Fbeyond-developer-portal-retirement\" rel=\"nofollow ugc\">FAQ\u003C\u002Fa>. If further assistance is needed please contact Client Support at 888-480-1571, option 2.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Securely accept credit cards directly on your \u003Ca href=\"https:\u002F\u002Fwoocommerce.com\" rel=\"nofollow ugc\">WooCommerce\u003C\u002Fa> store using \u003Ca href=\"https:\u002F\u002Fgetbeyond.com\" rel=\"nofollow ugc\">Beyond\u003C\u002Fa> with this \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002F\" rel=\"ugc\">WordPress\u003C\u002Fa> plugin.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Accept Visa, MasterCard, American Express, Discover, JCB, and Diners Club brand cards directly on your website\u003C\u002Fli>\n\u003Cli>No redirect to a third-party hosted payment page, reducing checkout friction and cart abandonment\u003C\u002Fli>\n\u003Cli>Card data is securely captured with Beyond Pay Gateway’s hosted payment fields presented via inline frame (iframe) and tokenized before reaching your server\u003C\u002Fli>\n\u003Cli>Recurring billing integration with the \u003Ca href=\"https:\u002F\u002Fwoocommerce.com\u002Fproducts\u002Fwoocommerce-subscriptions\u002F\" rel=\"nofollow ugc\">WooCommerce Subscriptions Extension\u003C\u002Fa>. Beyond Pay for WooCommerce subscription features include the ability for customers to store or change their cards on file, cancel\u002Fsuspend\u002Freactivate subscriptions, and modify subscription amounts and due dates.\u003C\u002Fli>\n\u003Cli>Simplifies merchant PCI compliance obligations to the shorter \u003Ca href=\"https:\u002F\u002Fwww.pcisecuritystandards.org\u002Fpci_security\u002Fcompleting_self_assessment\" rel=\"nofollow ugc\">Self-Assessment Questionnaire “A” (SAQ-A)\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Support either pre-authorization and later capture when WooCommerce order status changes, or authorization and capture at once (the combined “sale” transaction type)\u003C\u002Fli>\n\u003Cli>Optimize B2B card acceptance costs by automatically sending additional transaction data elements (also known as \u003Ca href=\"https:\u002F\u002Fwww.getbeyond.com\u002Fb2b-payments\u002F\" rel=\"nofollow ugc\">“Level II” and “Level III” information\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Issue refunds directly from the Order Details screen\u003C\u002Fli>\n\u003Cli>Custom CSS styling support for the hosted payment fields so you can create your ideal checkout experience\u003C\u002Fli>\n\u003Cli>Customizable gateway response and error messaging\u003C\u002Fli>\n\u003Cli>Test\u002Fsandbox mode for development and staging\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Configuration\u003C\u002Fh3>\n\u003Col>\n\u003Cli>From your WordPress \u003Cstrong>\u002Fwp-admin\u003C\u002Fstrong> page, navigate to \u003Cstrong>WooCommerce > Settings\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Select the \u003Cstrong>Payments\u003C\u002Fstrong> tab at the top of the screen.\u003C\u002Fli>\n\u003Cli>Click the \u003Cstrong>Manage\u003C\u002Fstrong> button for the Beyond Pay Gateway payment method.\u003C\u002Fli>\n\u003Cli>Proceed to configure payment method options available on this page:\n\u003Cul>\n\u003Cli>\u003Cstrong>Enable\u002FDisable\u003C\u002Fstrong> – toggle to control whether this payment method is enabled or disabled\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Title\u003C\u002Fstrong> – this controls how this payment method is listed to the consumer during checkout; defaults to “Credit\u002FDebit Card”\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Description\u003C\u002Fstrong> – expanded description of this payment method when selected by consumer; defaults to “Pay with your credit or debit card.”\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Detailed Error Messages\u003C\u002Fstrong> – controls the message returned to the consumer when there is a problem with their payment; defaults to “Something went wrong: %S. Please try again.” where \u003Cstrong>%S\u003C\u002Fstrong> represents the \u003Ca href=\"https:\u002F\u002Fdeveloper.getbeyond.com\u002F#gateway-result-codes\" rel=\"nofollow ugc\">raw response or error message\u003C\u002Fa> returned by the gateway\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Enable Test Mode\u003C\u002Fstrong> – controls whether transactions are sent to the Test\u002FSandbox or the Live\u002FProduction Beyond Pay Gateway environment and which type of API keys are expected; defaults to Live\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Username, Password, PublicKey, PrivateKey, MerchantCode,\u003C\u002Fstrong> and \u003Cstrong>MerchantAccountCode\u003C\u002Fstrong> – these are the credentials by which the plugin authenticates to the Beyond Pay Gateway in order to process payments; for Test Mode, you can \u003Ca href=\"https:\u002F\u002Fforms.office.com\u002Fpages\u002Fresponsepage.aspx?id=Q9V6UxGq3USJSkGsz2Jk7yRG7q939HJFkFXKp4lfZo1UMVBQWVNYSFBBNzJEV1k4Uko5WUU2NllBSCQlQCN0PWcu\" rel=\"nofollow ugc\">request Beyond Pay Gateway sandbox API keys\u003C\u002Fa> while live credentials are provided by Beyond once the merchant processing account is approved\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Transaction Mode\u003C\u002Fstrong> – controls how authorizations and payment captures are managed\u003C\u002Fli>\n\u003Cli>Set this to \u003Cstrong>\u003Cem>Authorization\u003C\u002Fem>\u003C\u002Fstrong> to perform only an authorization (“pre-auth”) when an order is placed which requires the Order Status to be changed to \u003Cstrong>Completed\u003C\u002Fstrong> in order for the payment to be captured (usually when an order is shipped)\u003C\u002Fli>\n\u003Cli>Set this to \u003Cstrong>\u003Cem>Sale\u003C\u002Fem>\u003C\u002Fstrong> to authorize and capture the payment immediately (usually used for digital products)\u003C\u002Fli>\n\u003Cli>Learn more about best practices for authorization and capture\u002Fsettlement from the \u003Ca href=\"https:\u002F\u002Fusa.visa.com\u002Fdam\u002FVCOM\u002Fdownload\u002Fmerchants\u002Fvisa-risk-management-guide-ecommerce.pdf\" rel=\"nofollow ugc\">Visa E-Commerce Risk Management Best Practices document\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Level II\u002FIII Data\u003C\u002Fstrong> – controls which extended data elements are automatically sent with transaction requests in order to \u003Ca href=\"https:\u002F\u002Fwww.getbeyond.com\u002Fb2b-payments\u002F\" rel=\"nofollow ugc\">optimize interchange rates on B2B cards\u003C\u002Fa>; Level II includes reference number and tax amount, while Level III includes line-item details. Set to Level III to ensure you always qualify for the best rates on eligible corporate purchasing cards. (Tax-exempt transactions are not eligible for Level II interchange rates but may be eligibile for Level III.)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced Styling\u003C\u002Fstrong> – allows for customized styling of the Beyond Pay card collection iframe via CSS\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Verbose Logging\u003C\u002Fstrong> – enable for troubleshooting or development in order to log the gateway request and response messages on the Order Detail page; sensitive authentication details are not logged nor is any card data ever stored\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Click the \u003Cstrong>Save Changes\u003C\u002Fstrong> button once you have completed configuration; the page will refresh and a message reading “Your settings have been saved” will display at the top.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>You are now ready to accept payments through Beyond Pay Gateway on your WooCommerce store!\u003C\u002Fp>\n\u003Ch3>WooCommerce Subscriptions Integration\u003C\u002Fh3>\n\u003Cp>Beyond Pay for WooCommerce offers automated recurring billing functionality through integration with the official \u003Ca href=\"https:\u002F\u002Fwoocommerce.com\u002Fproducts\u002Fwoocommerce-subscriptions\u002F\" rel=\"nofollow ugc\">WooCommerce Subscriptions Extension\u003C\u002Fa>. The Subscriptions Extension must be purchased from WooCommerce before recurring payments can be accepted with Beyond Pay for WooCommerce.\u003C\u002Fp>\n\u003Cp>Setting up your subscriptions is simple:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Create a subscription product in the Products module of WooCommerce and define the price and terms: e.g., “$5.90 every 2nd month”.\u003C\u002Fli>\n\u003Cli>As customers purchase subscription products on your store, they will be prompted to create a user account and save their payment method on file.\u003C\u002Fli>\n\u003Cli>When the payment is due, Beyond Pay for WooCommerce will automatically charge the card on file without you having to do anything.\u003C\u002Fli>\n\u003Cli>The status of each scheduled payment is reported back to your WooCommerce Subscription extension in WooCommerce, whether successful or failed.\u003C\u002Fli>\n\u003Cli>Your customers can change their payment method on the WooCommerce “my-account”  page. Here, customers can also click the “Renew Now” button and pay their subscription ahead of the due date.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>All card on file data is securely tokenized by Beyond Pay and never touches your server.\u003C\u002Fp>\n","Securely accept credit card payments using Beyond Pay gateway and optimize your cost of acceptance on B2B\u002Fcorporate cards.",40,3017,100,2,"2024-11-07T16:22:00.000Z","6.1.10","4.7","7.0",[20,21,22,23,24],"credit-card","payment","payment-gateway","subscriptions","woocommerce","https:\u002F\u002Fdeveloper.getbeyond.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbeyond-pay-for-woocommerce.zip",92,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"beyondpay",1,30,88,"2026-04-04T14:45:12.690Z",[39,63,83,101,120],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":28,"num_ratings":28,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":58,"download_link":59,"security_score":60,"vuln_count":61,"unpatched_count":28,"last_vuln_date":62,"fetched_at":30},"payplus-payment-gateway","PayPlus Payment Gateway","8.1.5","PayPlus Tech Team","https:\u002F\u002Fprofiles.wordpress.org\u002Fpayplus\u002F","\u003Cp>PayPlus Payment Gateway for WooCommerce\u003Cbr \u002F>\nAccept debit and credit cards on your WooCommerce store in a secure way with the ability to design your own payment page and add high functionalities to it. SSL is not required.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Supported PHP Versions:\u003C\u002Fstrong>\u003Cbr \u002F>\nThis plugin is compatible with PHP versions from 7.4 up to 8.3.\u003C\u002Fp>\n\u003Cp>Before installation:\u003Cbr \u002F>\nYou need your account credentials. For that, you have to contact PayPlus and to join the service.\u003C\u002Fp>\n\u003Cp>Plugin Disclaimer:\u003Cbr \u002F>\nPayPlus does not accept liability for any damage, loss, cost (including legal costs), expenses, indirect losses or consequential damage of any kind which may be suffered or incurred by the user from the use of this service.\u003C\u002Fp>\n\u003Cp>It is important to know that this plugin relies on third-party services.\u003Cbr \u002F>\nHowever, the third-party so mentioned is the PayPlus core engine at their servers – the providers of this plugin.\u003C\u002Fp>\n\u003Cp>By being a payment processor, just like many of its kind, it must send some transaction details to the third-party server (itself) for token generation and transaction logging statistics and connecting to invoices.\u003C\u002Fp>\n\u003Cp>It is this transfer back and forth of data between your WooCommerce and the PayPlus servers that we would like to bring to your attention clearly and plainly.\u003C\u002Fp>\n\u003Cp>The main links to PayPlus, its terms and conditions, and privacy policy are as listed:\u003Cbr \u002F>\n– Home Page: https:\u002F\u002Fwww.payplus.co.il\u003Cbr \u002F>\n– Plugin Instruction page: https:\u002F\u002Fwww.payplus.co.il\u002Fwordpress\u003Cbr \u002F>\n– Terms and Conditions: https:\u002F\u002Fwww.payplus.co.il\u002Fprivacy\u003C\u002Fp>\n\u003Cp>The above records, the transaction details, are not treated as belonging to PayPlus and are never used for any other purposes.\u003C\u002Fp>\n\u003Cp>The external files referenced by this plugin, due to WordPress policy recommendations, are all included in the plugin directory.\u003C\u002Fp>\n\u003Ch3>8.1.5  – 15-03-2026\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Feature   – Added VAT selection prompt for partial refunds, allowing admins to choose whether the refunded amount includes VAT or is VAT-exempt.\u003C\u002Fli>\n\u003Cli>Fix       – Resolved an issue where saved payment tokens could override the PayPlus Embedded selection, causing the checkout to revert to a previously saved card instead of using newly entered card details.\u003C\u002Fli>\n\u003Cli>Fix       – Fixed token saving failure when the optional “Name for Invoice” or “Alternative ID\u002FVAT” fields were filled during PayPlus Embedded checkout.\u003C\u002Fli>\n\u003Cli>Feature   – PRUID history tracking: all payment page request UIDs are now stored with timestamps, enabling recovery of orders where the UID changed. The “Get PayPlus Data” button shows a selection popup with a “Try All” option.\u003C\u002Fli>\n\u003Cli>Feature   – Optional order total display inside PayPlus Embedded payment form for both Classic and Blocks checkout, with automatic updates on coupon\u002Fshipping changes.\u003C\u002Fli>\n\u003Cli>Tweak     – Reduced checkout order-status polling frequency to prevent excessive server load on slower sites.\u003C\u002Fli>\n\u003Cli>Fix       – Fixed Hebrew character corruption (appearing as raw Unicode escapes) in PayPlus API payloads for certain server configurations.\u003C\u002Fli>\n\u003Cli>Tweak     – PRUID history is now used by the cron job and the Orders Validator for more reliable order status recovery.\u003C\u002Fli>\n\u003Cli>Fix       – Fixed expiry field order in PayPlus Embedded for LTR locales.\u003C\u002Fli>\n\u003Cli>Fix       – The “Include Apple Pay Script” setting now correctly loads the Apple Pay script on Blocks checkout for all iframe display modes.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>8.1.4  – 10-03-2026\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Fix       – Fixed an issue where redirect URLs after payment could be malformed (& converted to &), potentially causing broken thank-you page loads or missing order details.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>8.1.3  – 25-02-2026\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Fix       – Resolved “Redirect” and “Next page iframe” display issues on the order-pay page for specific customer environments caused by an unnecessary static flag preventing proper rendering.\u003C\u002Fli>\n\u003Cli>Feature   – Added inline loader to PayPlus Embedded “Place Order” button, providing immediate visual feedback during payment processing for improved user experience. \u003C\u002Fli>\n\u003Cli>Tweak     – Addressed WordPress Plugin Check (PCP) compliance requirements.\u003C\u002Fli>\n\u003Cli>Fix       – Improved Invoice+ error message handling on the orders page to properly display API error details.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>8.1.2  – 24-02-2026\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Feature   – Full PW Gift Cards integration for Blocks Checkout across all PayPlus payment methods, including correct discount handling, order totals, and debit timing.\u003C\u002Fli>\n\u003Cli>Fix       – PW Gift Cards discount now applied correctly in Iframe (next page) and Redirect modes in Blocks Checkout, consistent with Popup and Same-Page Iframe behavior.\u003C\u002Fli>\n\u003Cli>Feature   – Added option to mark the Customer Invoice Name field as required in both Classic and Blocks Checkout.\u003C\u002Fli>\n\u003Cli>Feature   – Added option to set a custom label and placeholder for the Customer Invoice Name field in both Classic and Blocks Checkout.\u003C\u002Fli>\n\u003Cli>Tweak     – PayPlus Embedded loader: when “Hide PayPlus logo when showing loader” is enabled, “Processing Payment…” (or its Hebrew translation) is now always centered in the loader and displayed clearly.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>8.1.1  – 23-02-2026\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Fix       – TV power-down effect in Blocks Checkout is now driven by the plugin setting rather than CSS positioning, ensuring it triggers reliably regardless of theme styles.\u003C\u002Fli>\n\u003Cli>Tweak     – Blocks Checkout popup and same-page iframe modes now open instantly — the PayPlus payment page link is fetched asynchronously after checkout submission instead of blocking the Store API response.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>8.1.0  – 22-02-2026\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Fix       – Improved redirect handling across all browsers with a unified solution, eliminating the need for browser-specific settings and checkboxes.\u003C\u002Fli>\n\u003Cli>Tweak     – Added translated “Payment received – redirecting…” screen that appears briefly when using fallback redirect method.\u003C\u002Fli>\n\u003Cli>Fix       – Resolved issue where changing delivery method in classic checkout would incorrectly switch the selected payment method in the payment list.\u003C\u002Fli>\n\u003Cli>Tweak     – Callback handler now processes orders in “failed” status (in addition to “pending”) since callbacks occur after order creation and payment.\u003C\u002Fli>\n\u003Cli>Added     – Optional TV power-down effect for popup iframe mode. When enabled via plugin settings, displays a classic CRT television shutdown animation before redirecting to thank you page.\u003C\u002Fli>\n\u003Cli>Fix       – Order payment method now reflects the actual payment method used (e.g., credit card, Google Pay, Bit) rather than the initially selected gateway, ensuring accuracy in WooCommerce order details and invoices.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>8.0.9  – 18-02-2026\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Fix       – Fixed default setting for Firefox-compatible redirect mode – polling fallback is now enabled by default as intended.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>8.0.7  – 18-02-2026\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Tweak     – Added automatic polling fallback for iframe payment redirects in both blocks and classic checkouts. This ensures reliable redirects for Firefox users and other scenarios where the iframe cannot communicate via postMessage. The system polls the server for order completion status and redirects to the thank-you page automatically.\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Fix       – Fixed EMV POS device functionality issue when only one admin user was configured.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Tweak – Improved the \u003Ccode>payPlusRemote()\u003C\u002Fcode> function to better handle \u003Ccode>$payload\u003C\u002Fcode> issues.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>Tweak – Removed outdated logs and deprecated API calls.\u003C\u002Fli>\n\u003Cli>Tweak – Optimized payment page logic to reuse existing pages when possible, reducing unnecessary API requests.\u003C\u002Fli>\n\u003Cli>Tweak – Corrected inaccurate status reporting in “Orders Reports\u002FValidator”.\u003C\u002Fli>\n\u003Cli>Tweak – Streamlined \u003Ccode>callback_response\u003C\u002Fcode> by removing redundant functions and passing data directly instead of using SQL.\u003C\u002Fli>\n\u003Cli>Added – When “Update status in IPN” is enabled, the callback function will skip status updates and related checks.\u003C\u002Fli>\n\u003Cli>Added – Disallow voucher payment for shipping – Enforce a minimum amount for non-voucher payments: voucher payments can no longer be used to pay for shipping, preventing customers from covering delivery costs with vouchers.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpayplus-payment-gateway\u002Ftrunk\u002FCHANGELOG.md\" rel=\"nofollow ugc\">See changelog for all versions\u003C\u002Fa>.\u003C\u002Fp>\n","Accept credit\u002Fdebit card payments or other methods such as bit, Apple Pay, Google Pay in one page. Create digitally signed invoices & much more!",1000,79632,"2026-03-15T06:09:00.000Z","6.9.4","6.2","7.4",[54,55,23,56,57],"charges-and-refunds","credit-cards","tokenization","woocommerce-payment-gateway","https:\u002F\u002Fwww.payplus.co.il\u002Fwordpress","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpayplus-payment-gateway.8.1.5.zip",93,3,"2024-07-09 00:00:00",{"slug":64,"name":65,"version":66,"author":67,"author_profile":68,"description":69,"short_description":70,"active_installs":71,"downloaded":72,"rating":73,"num_ratings":74,"last_updated":75,"tested_up_to":50,"requires_at_least":76,"requires_php":77,"tags":78,"homepage":81,"download_link":82,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"woo-authorize-net-gateway-aim","Pledged Plugins Secure Gateway for Authorize.net and WooCommerce","6.1.24","mohsin.id","https:\u002F\u002Fprofiles.wordpress.org\u002Fmohsinoffline\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.authorize.net\u002F\" rel=\"nofollow ugc\">Authorize.net\u003C\u002Fa> Payment Gateway for \u003Ca href=\"https:\u002F\u002Fwoocommerce.com\u002F\" rel=\"nofollow ugc\">WooCommerce\u003C\u002Fa> allows you to accept credit cards payments into your Authorize.net merchant account from all over the world on your websites.\u003C\u002Fp>\n\u003Cp>WooCommerce is one of the oldest and most powerful e-commerce solutions for WordPress. This platform is very widely supported in the WordPress community which makes it easy for even an entry level e-commerce entrepreneur to learn to use and modify.\u003C\u002Fp>\n\u003Ch4>FREE Pro Version Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Easy Install\u003C\u002Fstrong>: Like all Pledged Plugins add-ons, this plugin installs with one click. After installing, you will have only a few fields to fill out before you are ready to accept credit cards on your store.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Secure Credit Card Processing\u003C\u002Fstrong>: Uses \u003Ca href=\"https:\u002F\u002Fdeveloper.authorize.net\u002Fapi\u002Freference\u002Ffeatures\u002Facceptjs.html\" rel=\"nofollow ugc\">Accept.js\u003C\u002Fa> library to send secure payment data directly to Authorize.net to reduce the PCI scope.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Refund via Dashboard\u003C\u002Fstrong>: Process full or partial refunds, directly from your WordPress dashboard! No need to search order in your Authorize.net account.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Authorize Now, Capture Later\u003C\u002Fstrong>: Optionally choose only to authorize transactions, and capture at a later date.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Restrict Card Types\u003C\u002Fstrong>: Optionally choose to restrict certain card types and the plugin will hide its icon and provide a proper error message on checkout.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Gateway Receipts\u003C\u002Fstrong>: Optionally choose to send receipts from your Authorize.net merchant account.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Logging\u003C\u002Fstrong>: Enable logging so you can debug issues that arise if any.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cblockquote>\n\u003Ch4>Enterprise Version Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Process Subscriptions:\u003C\u002Fstrong>  Use with  \u003Ca href=\"https:\u002F\u002Fwoocommerce.com\u002Fproducts\u002Fwoocommerce-subscriptions\u002F\" rel=\"nofollow ugc\">WooCommerce Subscriptions\u003C\u002Fa>  extension to \u003Cstrong>create and manage products with recurring payments\u003C\u002Fstrong>  — payments that will give you residual revenue you can track and count on.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Setup Pre-Orders:\u003C\u002Fstrong>  Use with  \u003Ca href=\"https:\u002F\u002Fwoocommerce.com\u002Fproducts\u002Fwoocommerce-pre-orders\u002F\" rel=\"nofollow ugc\">WooCommerce Pre-Orders\u003C\u002Fa>  extension so customers can order products before they’re available by submitting their card details. The card is then automatically charged when the pre-order is available.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Pay via Saved Cards:\u003C\u002Fstrong> Enable option to use saved card details on the gateway servers for quicker checkout. No sensitive card data is stored on the website!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>ACH Payments:\u003C\u002Fstrong> Fully supports eCheck payments via ACH network.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>One Click Upsells:\u003C\u002Fstrong> Compatible with \u003Ca href=\"https:\u002F\u002Ffunnelkit.com\u002Fwoocommerce-one-click-upsells-upstroke\u002F\" rel=\"nofollow ugc\">FunnelKit (formerly WooFunnels) One Click Upsells\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fpledgedplugins.com\u002Fproducts\u002Fauthorize-net-payment-gateway-woocommerce\u002F\" rel=\"nofollow ugc\">Click here\u003C\u002Fa> for Pricing details.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Active  \u003Ca href=\"https:\u002F\u002Fwww.authorize.net\u002F\" rel=\"nofollow ugc\">Authorize.net\u003C\u002Fa>  account – Sign up for a sandbox account  \u003Ca href=\"https:\u002F\u002Fdeveloper.authorize.net\u002Fhello_world\u002Fsandbox.html\" rel=\"nofollow ugc\">here\u003C\u002Fa>  if you need to test.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwoocommerce.com\u002F\" rel=\"nofollow ugc\">\u003Cstrong>WooCommerce\u003C\u002Fstrong>\u003C\u002Fa>  version 3.3 or later.\u003C\u002Fli>\n\u003Cli>A valid SSL certificate is required to ensure your customer credit card details are safe and make your site PCI DSS compliant. This plugin does not store the customer credit card numbers or sensitive information on your website.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Extend, Contribute, Integrate\u003C\u002Fh4>\n\u003Cp>Visit the \u003Ca href=\"https:\u002F\u002Fpledgedplugins.com\u002Fproducts\u002Fauthorize-net-payment-gateway-woocommerce\u002F\" rel=\"nofollow ugc\">plugin page\u003C\u002Fa> for more details. Contributors are welcome to send pull requests via \u003Ca href=\"https:\u002F\u002Fbitbucket.org\u002Fpledged\u002Fwc-authorize.net-pro\u002F\" rel=\"nofollow ugc\">Bitbucket repository\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>For custom payment gateway integration with your WordPress website, please \u003Ca href=\"https:\u002F\u002Fwpgateways.com\u002Fsupport\u002Fcustom-payment-gateway-integration\u002F\" rel=\"nofollow ugc\">contact us here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Disclaimer\u003C\u002Fh4>\n\u003Cp>This plugin is not affiliated with or supported by Authorize.net, WooCommerce.com or Automattic. All logos and trademarks are the property of their respective owners.\u003C\u002Fp>\n","Authorize.net payment gateway integration for WooCommerce to accept credit cards directly on WordPress e-commerce websites.",10000,397626,98,33,"2026-01-09T05:37:00.000Z","4.4","5.6",[79,22,80,23,24],"authorize-net","pci","https:\u002F\u002Fpledgedplugins.com\u002Fproducts\u002Fauthorize-net-payment-gateway-woocommerce\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwoo-authorize-net-gateway-aim.6.1.24.zip",{"slug":84,"name":85,"version":86,"author":87,"author_profile":88,"description":89,"short_description":90,"active_installs":91,"downloaded":92,"rating":93,"num_ratings":94,"last_updated":95,"tested_up_to":96,"requires_at_least":76,"requires_php":18,"tags":97,"homepage":99,"download_link":100,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"woo-asaas","Asaas Gateway for WooCommerce","2.7.4","Asaas","https:\u002F\u002Fprofiles.wordpress.org\u002Fasaas\u002F","\u003Cp>Use \u003Ca href=\"https:\u002F\u002Fwww.asaas.com\" rel=\"nofollow ugc\">Asaas\u003C\u002Fa> as payment method in your WooCommerce store.\u003C\u002Fp>\n\u003Cp>This plugin is an implementation of \u003Ca href=\"https:\u002F\u002Fasaasv3.docs.apiary.io\" rel=\"nofollow ugc\">Asaas API v3\u003C\u002Fa>. The checkout mechanism is completely transparent. The customer will not go out of your store to finish the order. The data are sent to Asaas service, that process the payment and return its status.\u003C\u002Fp>\n\u003Cp>For any doubt about the plugin installation and integration, please read the FAQ. If it doesn’t solve, use the plugin Support area that we will help you as soon as possible.\u003C\u002Fp>\n","Take transparent credit card and bank ticket payment checkouts on your store using Asaas.",9000,177841,78,17,"2026-03-10T00:36:00.000Z","6.7.5",[98,20,21,22,24],"asaas","https:\u002F\u002Fwww.asaas.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwoo-asaas.2.7.4.zip",{"slug":102,"name":103,"version":104,"author":105,"author_profile":106,"description":107,"short_description":108,"active_installs":47,"downloaded":109,"rating":110,"num_ratings":111,"last_updated":112,"tested_up_to":50,"requires_at_least":17,"requires_php":18,"tags":113,"homepage":116,"download_link":117,"security_score":118,"vuln_count":61,"unpatched_count":28,"last_vuln_date":119,"fetched_at":30},"gestpay-for-woocommerce","Gestpay for WooCommerce","20251211","Fabrick Support","https:\u002F\u002Fprofiles.wordpress.org\u002Feasynolo\u002F","\u003Cp>Axerve Free Plugin for Woocommerce allows you to use \u003Ca href=\"https:\u002F\u002Fwww.axerve.com\u002F\" title=\"Axerve Website\" rel=\"nofollow ugc\">Axerve\u003C\u002Fa> on your WooCommerce-powered website.\u003C\u002Fp>\n\u003Cp>There are four operational modes in this plugin, which depends on Axerve version you are using:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Axerve Starter\u003C\u002Fli>\n\u003Cli>Axerve Professional\u003C\u002Fli>\n\u003Cli>Axerve Professional On Site\u003C\u002Fli>\n\u003Cli>Axerve Professional iFrame\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fdocs.axerve.com\u002Fit\u002Fplugin\u002Fwoocommerce\u002F\" title=\"Axerve for WooCommerce - Usage Documentation\" rel=\"nofollow ugc\">Click here to read the full usage documentation on Axerve\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>WooCommerce Blocks Compatibility\u003C\u002Fh4>\n\u003Cp>Starting from version 20251028, the plugin is fully compatible with WooCommerce Blocks checkout. All payment methods are now supported in both classic checkout and blocks checkout modes. There is no need to disable WooCommerce Blocks checkout.\u003C\u002Fp>\n\u003Ch4>Available Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>S2S SOAP (Except callReadTrxS2S and callVerifyCardS2S)\u003C\u002Fli>\n\u003Cli>Tokenization\u003C\u002Fli>\n\u003Cli>3DS1\u003C\u002Fli>\n\u003Cli>3DS2 – Authentication\u003C\u002Fli>\n\u003Cli>3DS2 – Recurring Transactions\u003C\u002Fli>\n\u003Cli>RBA (Risk-Based Authentication)\u003C\u002Fli>\n\u003Cli>PayPal Seller Protection\u003C\u002Fli>\n\u003Cli>WooCommerce Subscriptions support (Recurring payments and subscriptions)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Available Payment Methods\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Credit Cards\u003C\u002Fli>\n\u003Cli>BANCOMAT Pay\u003C\u002Fli>\n\u003Cli>MyBank\u003C\u002Fli>\n\u003Cli>PayPal\u003C\u002Fli>\n\u003Cli>PayPal Billing Agreement\u003C\u002Fli>\n\u003Cli>PayPal Buy Now Pay Later\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Actions and filters list\u003C\u002Fh3>\n\u003Cp>Here is a list of filters and actions used in this plugin:\u003C\u002Fp>\n\u003Ch4>Actions\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>gestpay_before_processing_order\u003C\u002Fli>\n\u003Cli>gestpay_after_order_completed\u003C\u002Fli>\n\u003Cli>gestpay_after_order_failed\u003C\u002Fli>\n\u003Cli>gestpay_after_order_pending\u003C\u002Fli>\n\u003Cli>gestpay_before_order_settle\u003C\u002Fli>\n\u003Cli>gestpay_order_settle_success\u003C\u002Fli>\n\u003Cli>gestpay_order_settle_fail\u003C\u002Fli>\n\u003Cli>gestpay_before_order_refund\u003C\u002Fli>\n\u003Cli>gestpay_order_refund_success\u003C\u002Fli>\n\u003Cli>gestpay_order_refund_fail\u003C\u002Fli>\n\u003Cli>gestpay_before_order_delete\u003C\u002Fli>\n\u003Cli>gestpay_order_delete_success\u003C\u002Fli>\n\u003Cli>gestpay_order_delete_fail\u003C\u002Fli>\n\u003Cli>gestpay_after_s2s_order_failed\u003C\u002Fli>\n\u003Cli>gestpay_on_renewal_payment_failure\u003C\u002Fli>\n\u003Cli>gestpay_my_cards_template_before_table\u003C\u002Fli>\n\u003Cli>gestpay_my_cards_template_after_table\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Filters\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>gestpay_gateway_parameters\u003C\u002Fli>\n\u003Cli>gestpay_encrypt_parameters\u003C\u002Fli>\n\u003Cli>gestpay_settings_tab\u003C\u002Fli>\n\u003Cli>gestpay_my_cards_template\u003C\u002Fli>\n\u003Cli>gestpay_cvv_fancybox\u003C\u002Fli>\n\u003Cli>gestpay_gateway_cards_images\u003C\u002Fli>\n\u003Cli>gestpay_alter_order_id -> this can be used to add, for example, a prefix to the order ID\u003C\u002Fli>\n\u003Cli>gestpay_revert_order_id -> this must be used to revert back the order ID changed with the \u003Ccode>gestpay_alter_order_id\u003C\u002Fcode> filter\u003C\u002Fli>\n\u003Cli>gestpay_s2s_validate_payment_fields\u003C\u002Fli>\n\u003Cli>gestpay_s2s_payment_fields_error_strings\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Third Party Libraries\u003C\u002Fh3>\n\u003Cp>Questo plugin utilizza le seguenti librerie di terze parti:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>SOAP Client – Parte della libreria standard PHP, utilizzata per le comunicazioni con l’API Gestpay\u003C\u002Fli>\n\u003Cli>WooCommerce – Framework e-commerce per WordPress (GPLv3)\u003C\u002Fli>\n\u003Cli>WordPress – CMS principale (GPLv2 o successiva)\u003C\u002Fli>\n\u003Cli>jQuery – Libreria JavaScript per la manipolazione del DOM e la gestione degli eventi (MIT License)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>Questo plugin si connette ai seguenti servizi esterni:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Axerve Payment Gateway (precedentemente Gestpay)\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>– Scopo: Elaborazione dei pagamenti tramite il gateway di Banca Sella\u003Cbr \u002F>\n– Dati inviati: Informazioni sull’ordine, dati del cliente necessari per il pagamento\u003Cbr \u002F>\n– Quando: Durante il processo di pagamento e per le operazioni di gestione degli ordini\u003Cbr \u002F>\n– Privacy Policy: https:\u002F\u002Fwww.axerve.com\u002Fprivacy-policy\u003Cbr \u002F>\n– Termini di servizio: https:\u002F\u002Fwww.axerve.com\u002Fterms-conditions\u003C\u002Fp>\n\u003Col>\n\u003Cli>icanhazip.com\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>– Scopo: Identificazione dell’indirizzo IP del server per la configurazione del gateway di pagamento\u003Cbr \u002F>\n– Dati inviati: Nessun dato viene inviato, il servizio risponde solo con l’indirizzo IP pubblico\u003Cbr \u002F>\n– Quando: Solo nell’area amministrativa durante la configurazione del plugin\u003Cbr \u002F>\n– Privacy Policy: https:\u002F\u002Fmajor.io\u002Ficanhazip-com-faq\u002F\u003Cbr \u002F>\n– Note: Questo servizio viene utilizzato solo per aiutare gli amministratori a configurare correttamente il gateway di pagamento nel backoffice di Axerve\u003C\u002Fp>\n\u003Col>\n\u003Cli>Script JavaScript di verifica\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>– Scopo: Verifica della compatibilità del browser con il gateway di pagamento\u003Cbr \u002F>\n– Dati inviati: Informazioni sul browser dell’utente per verificare la compatibilità TLS\u003Cbr \u002F>\n– Quando: Durante il processo di pagamento\u003Cbr \u002F>\n– Domini: gestpay.net, gestpay.it, ecomm.sella.it\u003Cbr \u002F>\n– Privacy Policy: https:\u002F\u002Fwww.axerve.com\u002Fprivacy-policy\u003C\u002Fp>\n\u003Col>\n\u003Cli>MyBank\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>– Scopo: Integrazione con il sistema di pagamento MyBank\u003Cbr \u002F>\n– Dati inviati: Informazioni necessarie per il pagamento tramite MyBank\u003Cbr \u002F>\n– Quando: Solo quando l’utente sceglie MyBank come metodo di pagamento\u003Cbr \u002F>\n– Privacy Policy: https:\u002F\u002Fwww.mybank.eu\u002Fprivacy-policy\u002F\u003Cbr \u002F>\n– Termini di servizio: https:\u002F\u002Fwww.mybank.eu\u002Fterms-and-conditions\u002F\u003C\u002Fp>\n\u003Cp>Server di test e sviluppo\u003Cbr \u002F>\nNel codice di esempio (directory \u003Ccode>sample\u002F\u003C\u002Fcode>) sono presenti riferimenti a domini fittizi (\u003Ccode>site1.it\u003C\u002Fcode> e \u003Ccode>site2.it\u003C\u002Fcode>) utilizzati solo come esempio per dimostrare la configurazione multi-sito. Questi domini sono puramente dimostrativi e non sono utilizzati nel codice di produzione.\u003C\u002Fp>\n","Axerve Free Plugin for Woocommerce extends WooCommerce providing the payment gateway Axerve.",43366,76,9,"2025-12-11T15:15:00.000Z",[114,20,115,22,24],"axerve","gestpay","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgestpay-for-woocommerce\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgestpay-for-woocommerce.20251211.zip",99,"2024-02-27 00:00:00",{"slug":121,"name":122,"version":123,"author":124,"author_profile":125,"description":126,"short_description":127,"active_installs":128,"downloaded":129,"rating":130,"num_ratings":131,"last_updated":132,"tested_up_to":133,"requires_at_least":134,"requires_php":135,"tags":136,"homepage":139,"download_link":140,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"wc-moneris-payment-gateway","WC Moneris Payment Gateway","3.6","akshayaswaroop","https:\u002F\u002Fprofiles.wordpress.org\u002Fakshayaswaroop\u002F","\u003Cp>Moneris is Canada’s leading processor of Debit and credit card payments. This WooCommerce extension \u003Cstrong>automatically\u003C\u002Fstrong> adds moneris payment gateway to your woocommerce website and allows you to keep the customer on your site for the checkout process.\u003C\u002Fp>\n\u003Ch4>Key Features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>API based credit card payment method which allows a user to enter a credit card on the WooCommerce checkout page and capture payment to the Moneris account without leaving the WooCommerce website.\u003C\u002Fli>\n\u003Cli>Switch between \u003Cstrong>Sandbox\u003C\u002Fstrong> and \u003Cstrong>Live\u003C\u002Fstrong> environments.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you enjoyed this plugin then please put a review, that will encourage me to bring some more …\u003C\u002Fp>\n","A simple plugin that easily add moneris payment gateway to your WooCommerce website.",900,22531,84,5,"2025-08-13T17:29:00.000Z","6.8.5","4.9","",[20,137,22,121,138],"moneris","woocommerce-moneris-payment-gateway","https:\u002F\u002Fwww.wpheka.com\u002Fproduct\u002Fwc-moneris-payment-gateway","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwc-moneris-payment-gateway.3.6.zip",{"attackSurface":142,"codeSignals":212,"taintFlows":238,"riskAssessment":239,"analyzedAt":250},{"hooks":143,"ajaxHandlers":200,"restRoutes":209,"shortcodes":210,"cronEvents":211,"entryPointCount":14,"unprotectedCount":14},[144,149,154,158,162,167,171,175,179,183,187,191,195],{"type":145,"name":146,"callback":147,"file":148,"line":35},"filter","woocommerce_payment_gateways","beyond_pay_add_gateway_class","beyondpay-gateway.php",{"type":150,"name":151,"callback":152,"file":148,"line":153},"action","woocommerce_update_order","beyond_pay_order_update",31,{"type":150,"name":155,"callback":156,"file":148,"line":157},"plugins_loaded","beyond_pay_init_gateway_class",59,{"type":150,"name":159,"callback":160,"file":148,"line":161},"admin_notices","beyond_pay_no_wc",68,{"type":150,"name":163,"callback":164,"priority":165,"file":148,"line":166},"woocommerce_scheduled_subscription_payment_beyondpay","beyond_pay_process_sub_payment",10,74,{"type":145,"name":168,"callback":169,"file":148,"line":170},"woocommerce_register_shop_order_post_statuses","beyond_pay_add_saved_card_status",82,{"type":145,"name":172,"callback":173,"file":148,"line":174},"wc_order_statuses","beyond_pay_add_saved_card_to_order_statuses",102,{"type":145,"name":176,"callback":177,"file":148,"line":178},"woocommerce_order_is_pending_statuses","beyond_pay_mark_saved_card_as_pending_status",112,{"type":150,"name":180,"callback":181,"file":148,"line":182},"woocommerce_order_actions_end","beyond_pay_add_process_order_button",121,{"type":150,"name":184,"callback":185,"file":148,"line":186},"admin_enqueue_scripts","beyond_pay_enqueue_woocommerce_scripts",162,{"type":150,"name":188,"callback":189,"file":148,"line":190},"woocommerce_admin_order_data_after_billing_address","beyond_pay_display_update_payment_status_button",174,{"type":145,"name":192,"callback":193,"file":148,"line":194},"cron_schedules","beyond_pay_cron_schedules",305,{"type":150,"name":196,"callback":197,"file":198,"line":199},"wp_enqueue_scripts","payment_scripts","includes\\wc-beyond-pay-gateway.php",125,[201,206],{"action":202,"nopriv":203,"callback":204,"hasNonce":203,"hasCapCheck":203,"file":148,"line":205},"beyond_pay_process_tokenized_order",false,"beyond_pay_handle_saved_card_processing",142,{"action":207,"nopriv":203,"callback":207,"hasNonce":203,"hasCapCheck":203,"file":148,"line":208},"beyond_pay_update_payment_status",293,[],[],[],{"dangerousFunctions":213,"sqlUsage":214,"outputEscaping":216,"fileOperations":14,"externalRequests":14,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":237},[],{"prepared":28,"raw":28,"locations":215},[],{"escaped":217,"rawEcho":111,"locations":218},19,[219,222,224,226,228,230,232,234,236],{"file":148,"line":220,"context":221},133,"raw output",{"file":148,"line":223,"context":221},207,{"file":148,"line":225,"context":221},245,{"file":148,"line":227,"context":221},287,{"file":148,"line":229,"context":221},289,{"file":198,"line":231,"context":221},318,{"file":198,"line":233,"context":221},351,{"file":198,"line":235,"context":221},365,{"file":198,"line":235,"context":221},[],[],{"summary":240,"deductions":241},"The 'beyond-pay-for-woocommerce' v1.7.2 plugin exhibits a mixed security posture, with some positive signs but significant areas of concern. The absence of known vulnerabilities and the use of prepared statements for all SQL queries are strong indicators of good development practices in those specific areas. However, the static analysis reveals a concerningly small attack surface that is entirely unprotected.  Specifically, the plugin exposes two AJAX handlers without any form of authentication or capability checks. This is a critical oversight that could allow unauthorized users to trigger potentially sensitive actions within the plugin.\n\nThe taint analysis shows no identified flows, which is a positive sign, suggesting no immediately apparent complex vulnerabilities related to data flow manipulation.  The plugin also does not appear to bundle external libraries, reducing the risk of known vulnerabilities within third-party code. Despite the lack of historical CVEs, the presence of unprotected entry points represents a clear and present risk that needs immediate attention.  The plugin's strengths lie in its SQL handling and lack of historical issues, but its weaknesses are amplified by the direct exposure of AJAX endpoints without any security hardening.",[242,244,246,248],{"reason":243,"points":165},"AJAX handlers without auth checks",{"reason":245,"points":131},"No nonce checks on AJAX",{"reason":247,"points":131},"No capability checks",{"reason":249,"points":131},"Unescaped output (32% of outputs)","2026-03-16T22:08:26.341Z",{"wat":252,"direct":261},{"assetPaths":253,"generatorPatterns":256,"scriptPaths":257,"versionParams":258},[254,255],"\u002Fwp-content\u002Fplugins\u002Fbeyond-pay-for-woocommerce\u002Fassets\u002Fjs\u002Fbeyondpay-admin-order.js","\u002Fwp-content\u002Fplugins\u002Fbeyond-pay-for-woocommerce\u002Fassets\u002Fcss\u002Fadmin-styling.css",[],[],[259,260],"beyond-pay-for-woocommerce\u002Fassets\u002Fjs\u002Fbeyondpay-admin-order.js?ver=","beyond-pay-for-woocommerce\u002Fassets\u002Fcss\u002Fadmin-styling.css?ver=",{"cssClasses":262,"htmlComments":265,"htmlAttributes":266,"restEndpoints":269,"jsGlobals":270,"shortcodeOutput":273},[263,264],"beyond-pay-cc-brand","beyond-pay-icon",[],[267,268],"onclick","id",[],[271,207,272],"beyondPayProcessTokenizedOrder","ajaxurl",[]]