[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fT3KTZaPjfm2I_eJlC6V2EUmnyhtjev2-bghwVcCTKh8":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":47,"crawl_stats":38,"alternatives":50,"analysis":143,"fingerprints":349},"bitcoin-lightning-publisher","Bitcoin Lightning Publisher for WordPress","1.4.2","getalby","https:\u002F\u002Fprofiles.wordpress.org\u002Fgetalby\u002F","\u003Cp>Bitcoin Lightning Publisher is a Paywall, Donation and Value 4 Value plugin for WordPress to accept instant Bitcoin Lightning payments.\u003Cbr \u002F>\nIt allows you to monetize any digital content with instant microtransactions and receive payments from your visitors directly to your preferred wallet – no need for expensive service providers.\u003C\u002Fp>\n\u003Cp>The plugin is the easiest and most flexible plugin to sell your digital content and to receive donations or Value 4 Value payments.\u003Cbr \u002F>\nUsing the Bitcoin Lightning Network you can create the best visitor experience with seamless one-click payments.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Benefits for you, the publisher:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Monetize any digital content with instant microtransactions\u003Cbr \u002F>\n– Create custom paywalls according to your needs\u003Cbr \u002F>\n– Best and fastest checkout payment experience\u003Cbr \u002F>\n– Superior paywall user experience\u003Cbr \u002F>\n– Save payment fees by using the inexpensive Bitcoin Lightning Network – no need to payment service providers\u003Cbr \u002F>\n– Receive payments directly in your preferred wallet (see “Lightning node connections”)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Benefits for your vistors\u002Fcustomers:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Seamless one-click payments and quick access to the content\u003Cbr \u002F>\n– Global availability – let customers from around the world send you payments through the open Bitcoin payment network\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Use Case Examples:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Accept donations \u002F Value 4 Value payments from your visitors\u003Cbr \u002F>\n– Monetize any digital content on your website: Articles, pages, file, videos, music, podcasts\u003Cbr \u002F>\n– Receive payments (boosts and boostagrams) from podcasting apps via the Podcasting 2.0 \u003Ccode>podcast:value\u003C\u002Fcode> RSS standard\u003Cbr \u002F>\n– Integrate payments with your website functionality\u003Cbr \u002F>\n– many more\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Ch3>Paywall to sell content\u003C\u002Fh3>\n\u003Cp>Sell any digital content (pay-per-post, pay-per-view, pay-per-download, etc.) with a highly configurable paywall\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WebLN enabled by default for easy on-click payments\u003C\u002Fli>\n\u003Cli>Add a paywall to posts and pages to easily charge for any published content\u003C\u002Fli>\n\u003Cli>Crowdfund option: make the content freely available after a certain amount is received\u003C\u002Fli>\n\u003Cli>Time-in option: keep the article freely available for a certain time and then enable the paywall after that\u003C\u002Fli>\n\u003Cli>Time-out option: make the article freely available after a certain time\u003C\u002Fli>\n\u003Cli>Configure the price in Satoshis, EUR, USD, or GBP (with real-time exchange rate)\u003C\u002Fli>\n\u003Cli>Configure the paywall with a shortcode ([lnpaywall])\u003C\u002Fli>\n\u003Cli>Or configure the paywall with a Gutenberg Block\u003C\u002Fli>\n\u003Cli>Integrate with other tools and plugins like membership tools to control if the paywall should be enabled (see Paywall Hook section)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Donation \u002F Value 4 Value payments\u003C\u002Fh3>\n\u003Cp>The plugin comes with various options to receive donations and Value 4 Value payments.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Gutenberg block for a donation widget\u003C\u002Fli>\n\u003Cli>Donation widget for themes\u003C\u002Fli>\n\u003Cli>Enable the Lightning meta tag to allow users to send payments (Value 4 Value)\u003C\u002Fli>\n\u003Cli>Enable the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FPodcastindex-org\u002Fpodcast-namespace\u002Fblob\u002Fmain\u002Fvalue\u002Fvalue.md\" rel=\"nofollow ugc\">\u003Ccode>podcast:value\u003C\u002Fcode> tag\u003C\u002Fa> in your RSS feed to receive payments for your podcast\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Lightning Node connections\u003C\u002Fh3>\n\u003Cp>Connect to your existing Bitcoin Lightning node or simply create a new Alby account to instantly receive Lightning payments.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgetalby.com\u002F\" rel=\"nofollow ugc\">Alby\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>LND\u003C\u002Fli>\n\u003Cli>LNDHub (e.g. BlueWallet)\u003C\u002Fli>\n\u003Cli>LNBits\u003C\u002Fli>\n\u003Cli>BTCPay Server\u003C\u002Fli>\n\u003Cli>Lightning Address\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>REST-API for full advanced custom usage\u003C\u002Fh3>\n\u003Cp>For more advanced, custom Lightning integrations you can use the REST API to create and verify invoices. The API also provides a LNURL-pay endpoint. See the REST-API section for details.\u003C\u002Fp>\n\u003Ch3>Documentation\u003C\u002Fh3>\n\u003Cp>Refer to the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FgetAlby\u002Flightning-publisher-wordpress#readme\" rel=\"nofollow ugc\">readme on GitHub\u003C\u002Fa> for documentation and more details on how to use the plugin.\u003C\u002Fp>\n\u003Ch3>Additional Info\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Contributing\u003C\u002Fstrong>\u003Cbr \u002F>\nThis plugin is free and open source. We welcome and appreciate new contributions.\u003Cbr \u002F>\nVisit the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FgetAlby\u002Flightning-publisher-wordpress\" rel=\"nofollow ugc\">code repository\u003C\u002Fa> and help us to improve the plugin.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Donations\u003C\u002Fstrong>\u003Cbr \u002F>\nWant to support the work on this plugin?\u003Cbr \u002F>\nSupport the team behind it and send some sats to this Bitcoin Lightning Address hello@getalby.com\u003C\u002Fp>\n","Bitcoin Lightning Publisher is a Paywall, Donation and Value 4 Value plugin to accept instant Bitcoin payments directly to your favorit wallet.",100,6224,80,4,"2024-12-21T15:24:00.000Z","6.7.5","5.6.0","7.4",[20,21,22,23,24],"bitcoin","donation","lightning","payment","paywall","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbitcoin-lightning-publisher.1.4.2.zip",91,1,0,"2024-12-23 16:50:10","2026-03-15T15:16:48.613Z",[33],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":6,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":30,"updated_date":44,"references":45,"days_to_patch":28},"CVE-2024-12100","bitcoin-lightning-publisher-for-wordpress-reflected-cross-site-scripting","Bitcoin Lightning Publisher for WordPress \u003C= 1.4.1 - Reflected Cross-Site Scripting","The Bitcoin Lightning Publisher for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.4.1. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",null,"\u003C=1.4.1","medium",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-12-24 05:23:45",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fd204ed58-efb2-4383-aa0f-cbad0bae4d02?source=api-prod",{"slug":7,"display_name":7,"profile_url":8,"plugin_count":28,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":28,"trust_score":48,"computed_at":49},94,"2026-04-05T04:24:33.248Z",[51,70,87,108,125],{"slug":52,"name":53,"version":54,"author":55,"author_profile":56,"description":57,"short_description":58,"active_installs":59,"downloaded":60,"rating":29,"num_ratings":29,"last_updated":61,"tested_up_to":62,"requires_at_least":63,"requires_php":17,"tags":64,"homepage":67,"download_link":68,"security_score":69,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"lightning-publisher","Lightning Publisher for WordPress","0.1.8","nadaviv","https:\u002F\u002Fprofiles.wordpress.org\u002Fnadaviv\u002F","\u003Cp>Lightning Publisher for WordPress allows you to offer previews of your blog posts and require a Lightning Network payment to release the rest.\u003C\u002Fp>\n\u003Cp>More information and installation instructions are available at\u003Cbr \u002F>\nhttps:\u002F\u002Fgithub.com\u002FElementsProject\u002Fwordpress-lightning-publisher\u003C\u002Fp>\n","Lightning Publisher for WordPress allows you to offer previews of your blog posts and require a Lightning Network payment to release the rest.",10,1305,"2018-07-14T10:59:00.000Z","4.9.29","4.0.0",[20,22,65,66,24],"lightning-charge","micropayments","https:\u002F\u002Fgithub.com\u002FElementsProject\u002Fwordpress-lightning-publisher","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flightning-publisher.zip",85,{"slug":71,"name":72,"version":73,"author":74,"author_profile":75,"description":76,"short_description":77,"active_installs":29,"downloaded":78,"rating":29,"num_ratings":29,"last_updated":79,"tested_up_to":80,"requires_at_least":81,"requires_php":18,"tags":82,"homepage":25,"download_link":86,"security_score":11,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"icpay-payments","Instant Crypto Payments","1.3.8","icpay","https:\u002F\u002Fprofiles.wordpress.org\u002Fkristijanzivcec\u002F","\u003Cp>Why icpay?\u003C\u002Fp>\n\u003Cp>Instant settlement to your wallet with no intermediaries or withdrawal delays. Customers pay, you receive – that simple.\u003Cbr \u002F>\n0.5% transaction fees. Free to use. Start earning crypto in minutes.\u003Cbr \u002F>\nMulti-chain support including Base, x402, and Internet Computer means your customers can pay using their preferred network and token.\u003C\u002Fp>\n\u003Cp>Perfect for:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>E-commerce stores wanting to tap into crypto-native customers\u003C\u002Fli>\n\u003Cli>Digital products and services\u003C\u002Fli>\n\u003Cli>SaaS businesses\u003C\u002Fli>\n\u003Cli>International payments without currency conversion fees\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Key Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Seamless WooCommerce integration\u003C\u002Fli>\n\u003Cli>Support for 50+ cryptocurrencies and tokens\u003C\u002Fli>\n\u003Cli>Real-time payment confirmations\u003C\u002Fli>\n\u003Cli>Developer-friendly with extensive documentation\u003C\u002Fli>\n\u003Cli>Secure, non-custodial – funds go directly to your wallet\u003C\u002Fli>\n\u003Cli>Optional X402 (Coinbase) payment support enabled\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Built for developers, loved by merchants.\u003Cbr \u002F>\nGet started in minutes at icpay.org\u003C\u002Fp>\n\u003Cp>This plugin:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Provides a Gutenberg block and shortcodes for all icpay payment widgets (Pay Button, Amount Input, Tip Jar, Premium Content, Article Paywall, Donation Thermometer, Coffee Shop)\u003C\u002Fli>\n\u003Cli>Enqueues the ICPay payments widget script locally\u003C\u002Fli>\n\u003Cli>Adds admin settings for publishable and secret keys\u003C\u002Fli>\n\u003Cli>Receives icpay payments webhooks to update local data\u003C\u002Fli>\n\u003Cli>Syncs payments from icpay payments (manual and cron)\u003C\u002Fli>\n\u003Cli>Stores payments in a local table with enriched data (amountUsd, amountUnits, ledgerSymbol (token), pluginSource, wp user)\u003C\u002Fli>\n\u003Cli>Shows an admin list with filters, pagination, and detail view\u003C\u002Fli>\n\u003Cli>Adds Tools action to clear local ICPay payment history (with confirmation)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Requires an icpay account and API keys.\u003C\u002Fp>\n\u003Cp>Frontend widgets use the publishable key; server tasks use the secret key.\u003C\u002Fp>\n\u003Cp>To obtain keys, create an account on https:\u002F\u002Ficpay.org and generate them in your dashboard.\u003C\u002Fp>\n\u003Ch3>Source code and build\u003C\u002Fh3>\n\u003Cp>This plugin includes a minified frontend script for the widget: assets\u002Fjs\u002Ficpay-embed.min.js.\u003C\u002Fp>\n\u003Cp>Widget source (primary): https:\u002F\u002Fgithub.com\u002Ficpay\u002Ficpay-widget\u003Cbr \u002F>\nSDK source (dependency): https:\u002F\u002Fgithub.com\u002Ficpay\u002Ficpay-sdk\u003Cbr \u002F>\nBuild notes (recommended): The minified icpay-embed.min.js is built from the open-source icpay-widget repository.\u003C\u002Fp>\n\u003Cp>To reproduce:\u003Cbr \u002F>\n1. Clone icpay-widget and install deps (pnpm\u002Fyarn\u002Fnpm supported): pnpm install\u003Cbr \u002F>\n2. Build: pnpm build\u003Cbr \u002F>\n3. Copy the generated minified widget bundle to this plugin at assets\u002Fjs\u002Ficpay-embed.min.js.\u003C\u002Fp>\n\u003Ch3>External service disclosure\u003C\u002Fh3>\n\u003Cp>This plugin connects to the ICPay service operated by icpay, Inc. to process payments:\u003Cbr \u002F>\n– What: Payment creation and status updates.\u003Cbr \u002F>\n– When: When rendering the widget (publishable key) and when receiving webhooks; when syncing payments from your dashboard.\u003Cbr \u002F>\n– Data sent: Payment amounts, selected crypto asset, and optional metadata you configure (e.g., order ID). Webhook payloads contain payment status updates.\u003Cbr \u002F>\nPrivacy Policy: https:\u002F\u002Ficpay.org\u002Fprivacy\u003Cbr \u002F>\nTerms of Service: https:\u002F\u002Ficpay.org\u002Fterms\u003C\u002Fp>\n\u003Ch4>Additional third-party services used by the widget (optional)\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Identity (authentication): \u003Ccode>https:\u002F\u002Fidentity.ic0.app\u003C\u002Fcode> — opened only when a user chooses Internet Identity. No static assets are offloaded; it is an external login service.\u003C\u002Fli>\n\u003Cli>On-ramp provider: \u003Ccode>https:\u002F\u002Fglobal.transak.com\u003C\u002Fcode> (or \u003Ccode>https:\u002F\u002Fglobal-stg.transak.com\u003C\u002Fcode> in non-production) — used only when the on-ramp modal is triggered. No static assets are offloaded; it is a payment service.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>No JS\u002FCSS\u002Fimages are loaded from remote CDNs by this plugin. All static assets (scripts, styles, and images) used by the plugin UI are bundled and served locally within the plugin. The build script enforces this by rejecting known disallowed remote asset references.\u003C\u002Fp>\n","Accept crypto payments (ICP, Bitcoin, stablecoins) with Instant Crypto Payments. Charity, donations, paywall, tips, webhooks, sync, reports.",463,"2026-02-08T20:30:00.000Z","6.9.4","6.0",[20,83,84,85,24],"crypto","donations","payments","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ficpay-payments.1.3.8.zip",{"slug":88,"name":89,"version":90,"author":91,"author_profile":92,"description":93,"short_description":94,"active_installs":95,"downloaded":96,"rating":11,"num_ratings":97,"last_updated":98,"tested_up_to":16,"requires_at_least":99,"requires_php":100,"tags":101,"homepage":106,"download_link":107,"security_score":11,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"btcpay-greenfield-for-woocommerce","BTCPay Server – Accept Bitcoin payments in WooCommerce","2.7.2","ndeet","https:\u002F\u002Fprofiles.wordpress.org\u002Fndeet\u002F","\u003Ch4>Accept Bitcoin payments in your WooCommerce powered WordPress site with BTCPay Server\u003C\u002Fh4>\n\u003Cp>BTCPay Server for WooCommerce is a revolutionary, self-hosted, open-source payment gateway to accept Bitcoin payments. Our \u003Cstrong>seamless integration\u003C\u002Fstrong> with WooCommerce allows you to connect your self-hosted \u003Ca href=\"https:\u002F\u002Fbtcpayserver.org\" rel=\"nofollow ugc\">BTCPay Server\u003C\u002Fa> and start accepting Bitcoin payments in \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fdocs.btcpayserver.org\u002FWooCommerce\" rel=\"nofollow ugc\">just a few simple steps\u003C\u002Fa>\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch4>Features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Zero fees\u003C\u002Fstrong>: Enjoy a payment gateway with no fees. Yes, really!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Fully automated system\u003C\u002Fstrong>: BTCPay takes care of payments, invoice management and refunds automatically.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Display Bitcoin QR code at checkout\u003C\u002Fstrong>: Enhance customer experience with an easy and secure payment option.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>No middlemen or KYC\u003C\u002Fstrong>:\n\u003Cul>\n\u003Cli>Direct, P2P payments (going directly to your wallet)\u003C\u002Fli>\n\u003Cli>Say goodbye to intermediaries and tedious paperwork\u003C\u002Fli>\n\u003Cli>Transaction information is only shared between you and your customer\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Self-hosted infrastructure\u003C\u002Fstrong>: Maintain full control over your payment gateway.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Direct wallet payments\u003C\u002Fstrong>: Be your own bank with a self-custodial service.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Lightning Network\u003C\u002Fstrong> integrated out of the box – instant, fast and low cost payments and payouts\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Reporting and accounting\u003C\u002Fstrong> – CSV exports\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced invoice management\u003C\u002Fstrong> and refunding integrated in the WooCommerce UI\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-time exchange price tracking\u003C\u002Fstrong> for correct payment amounts\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Versatile plugin system\u003C\u002Fstrong>:\n\u003Cul>\n\u003Cli>Extend functionality according to your needs\u003C\u002Fli>\n\u003Cli>Accept payments in altcoins through various plugins\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Elegant checkout design\u003C\u002Fstrong>: Compatible with all Bitcoin wallets and enhanced with your store’s logo and branding for a unique UX.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Point-of-sale\u003C\u002Fstrong> integration – Accept payments in your physical shops\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multilingual ready\u003C\u002Fstrong>: Serve a global audience right out of the box.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Top-notch privacy and security\u003C\u002Fstrong>: Protect your and your customers’ data.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Community-driven support\u003C\u002Fstrong>: Get responsive assistance from our dedicated community (\u003Ca href=\"http:\u002F\u002Fchat.btcpayserver.org\" rel=\"nofollow ugc\">Mattermost\u003C\u002Fa> or \u003Ca href=\"https:\u002F\u002Ft.me\u002Fbtcpayserver\" rel=\"nofollow ugc\">Telegram\u003C\u002Fa>).\u003C\u002Fli>\n\u003Cli>Extensive \u003Ca href=\"https:\u002F\u002Fdocs.btcpayserver.org\u002FWooCommerce\" rel=\"nofollow ugc\">documentation\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fc\u002Fbtcpayserver\" rel=\"nofollow ugc\">video\u003C\u002Fa> tutorials\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The non-profit \u003Ca href=\"https:\u002F\u002Ffoundation.btcpayserver.org\" rel=\"nofollow ugc\">BTCPay Server Foundation \u003C\u002Fa>is committed to keeping this powerful payment gateway free forever. Our mission is to enable anyone to accept bitcoin regardless of financial, technical, social or political barriers.\u003C\u002Fp>\n","BTCPay Server is a free and open-source bitcoin payment processor which allows you to receive payments in Bitcoin and altcoins directly, with no fees, &hellip;",1000,40606,19,"2025-04-10T13:21:00.000Z","6.2","8.0",[20,102,103,104,105],"btcpay-server","lightning-network","payment-gateway","woocommerce","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbtcpay-greenfield-for-woocommerce\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbtcpay-greenfield-for-woocommerce.2.7.2.zip",{"slug":109,"name":110,"version":111,"author":112,"author_profile":113,"description":114,"short_description":115,"active_installs":116,"downloaded":117,"rating":11,"num_ratings":118,"last_updated":119,"tested_up_to":80,"requires_at_least":120,"requires_php":25,"tags":121,"homepage":123,"download_link":124,"security_score":11,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"opennode-for-woocommerce","Accept Bitcoin instantly via OpenNode","1.5.7","opennode","https:\u002F\u002Fprofiles.wordpress.org\u002Fopennode\u002F","\u003Cp>Start accepting Bitcoin instantly through Lightning Network today. Powered by OpenNode\u003C\u002Fp>\n\u003Ch3>OpenNode for WooCommerce\u003C\u002Fh3>\n\u003Cp>This plugin allows stores that use WordPress WooCommerce shopping cart system to accept Bitcoin and Bitcoin through Lightning Network via OpenNode.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Payment amount is calculated using real-time exchange rates.\u003C\u002Fli>\n\u003Cli>Allows for fee-less and instant Bitcoin payments through Lightning Network.\u003C\u002Fli>\n\u003Cli>Supports traditional on-chain transactions using the new native SegWit addresses (bech32)\u003C\u002Fli>\n\u003Cli>No setup or recurring fees.\u003C\u002Fli>\n\u003Cli>Free Lightning Network and scheduled withdrawals.\u003C\u002Fli>\n\u003Cli>Compatible with WooCommerce 8.3+ and Cart and Checkout blocks.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>In order to use this plugin you have to create an account on \u003Ca href=\"https:\u002F\u002Fopennode.com\" rel=\"nofollow ugc\">https:\u002F\u002Fopennode.com\u003C\u002Fa>\u003C\u002Fem>\u003C\u002Fp>\n","Start accepting Bitcoin instantly through Lightning Network today. Powered by OpenNode",400,11269,5,"2025-12-29T16:10:00.000Z","4.0",[20,122,103,104,105],"cryptocurrency","https:\u002F\u002Fopennode.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fopennode-for-woocommerce.1.5.7.zip",{"slug":126,"name":127,"version":128,"author":129,"author_profile":130,"description":131,"short_description":132,"active_installs":133,"downloaded":134,"rating":11,"num_ratings":14,"last_updated":135,"tested_up_to":136,"requires_at_least":137,"requires_php":138,"tags":139,"homepage":140,"download_link":141,"security_score":142,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"blink-for-woocommerce","Blink For WooCommerce","0.1.3","Blink","https:\u002F\u002Fprofiles.wordpress.org\u002Fblinksv\u002F","\u003Cp>Blink For WooCommerce is a plugin that allows WooCommerce merchants to accept Bitcoin payments through the Lightning Network using \u003Ca href=\"https:\u002F\u002Fwww.blink.sv\u002F\" rel=\"nofollow ugc\">Blink\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Key features of Blink For WooCommerce include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Instant Payments: Leveraging the Lightning Network, \u003Ca href=\"https:\u002F\u002Fwww.blink.sv\u002F\" rel=\"nofollow ugc\">Blink\u003C\u002Fa> ensures that Bitcoin payments are processed instantly, providing a smooth checkout experience for customers.\u003C\u002Fli>\n\u003Cli>Low Transaction Fees: Enjoy significantly lower transaction fees compared to traditional payment methods, helping you save on processing costs.\u003C\u002Fli>\n\u003Cli>Stablesats Integration: Offers the ability to receive payments in Bitcoin while maintaining a stable value pegged to the US Dollar, reducing volatility risks.\u003C\u002Fli>\n\u003Cli>Easy Integration: Simple setup and configuration within WooCommerce, allowing you to start accepting Bitcoin payments quickly and easily.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For more information please visit \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fblinkbitcoin\u002Fblink-for-woocommerce\u002F\" rel=\"nofollow ugc\">Plugin Repository\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Important Notice\u003C\u002Fh3>\n\u003Cp>This plugin relies on third-party APIs to function correctly. Specifically, it interacts with the following endpoints:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Blink API\u003C\u002Fstrong>: Used for processing payments through the Blink wallet.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Service URL\u003C\u002Fstrong>: \u003Ca href=\"https:\u002F\u002Fapi.blink.sv\u002Fgraphql\" rel=\"nofollow ugc\">https:\u002F\u002Fapi.blink.sv\u002Fgraphql\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms of Use\u003C\u002Fstrong>: \u003Ca href=\"https:\u002F\u002Fwww.blink.sv\u002Fen\u002Fterms-conditions\" rel=\"nofollow ugc\">Blink Terms of Use\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy Policy\u003C\u002Fstrong>: \u003Ca href=\"https:\u002F\u002Fwww.blink.sv\u002Fen\u002Fprivacy-policy\" rel=\"nofollow ugc\">Blink Privacy Policy\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Galoy API (Staging Environment)\u003C\u002Fstrong>: Used during development and testing phases.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Service URL\u003C\u002Fstrong>: \u003Ca href=\"https:\u002F\u002Fapi.staging.galoy.io\u002Fgraphql\" rel=\"nofollow ugc\">https:\u002F\u002Fapi.staging.galoy.io\u002Fgraphql\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms of Use\u003C\u002Fstrong>: \u003Ca href=\"https:\u002F\u002Fwww.galoy.io\u002Fterms-conditions\" rel=\"nofollow ugc\">Galoy Terms of Use\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy Policy\u003C\u002Fstrong>: \u003Ca href=\"https:\u002F\u002Fwww.galoy.io\u002Fprivacy-policy\" rel=\"nofollow ugc\">Galoy Privacy Policy\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Please review these links to ensure that you are compliant with all legal requirements related to data transmission and usage.\u003C\u002Fp>\n\u003Ch3>Additional Information\u003C\u002Fh3>\n\u003Cp>For more details and support, visit \u003Ca href=\"https:\u002F\u002Fwww.blink.sv\u002F\" rel=\"nofollow ugc\">Blink\u003C\u002Fa>.\u003C\u002Fp>\n","A simple, fast and secure Bitcoin payment gateway for WooCommerce using Blink.",60,1357,"2024-11-29T15:19:00.000Z","6.6.5","4.5","8.1",[20,103,104,105],"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fblink-for-woocommerce\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblink-for-woocommerce.0.1.3.zip",92,{"attackSurface":144,"codeSignals":234,"taintFlows":286,"riskAssessment":335,"analyzedAt":348},{"hooks":145,"ajaxHandlers":223,"restRoutes":224,"shortcodes":225,"cronEvents":232,"entryPointCount":233,"unprotectedCount":29},[146,153,157,162,167,170,172,174,177,181,184,187,189,192,195,198,201,204,207,210,215,218],{"type":147,"name":148,"callback":149,"priority":150,"file":151,"line":152},"action","admin_menu","init_page",20,"admin\\settings\\class-abstract-settings.php",32,{"type":147,"name":154,"callback":155,"file":151,"line":156},"admin_init","init_fields",33,{"type":147,"name":158,"callback":159,"file":160,"line":161},"admin_notices","get_ln_node_info","admin\\settings\\class-connections.php",21,{"type":147,"name":163,"callback":164,"file":165,"line":166},"plugins_loaded","anonymous","includes\\class-bln-publisher.php",254,{"type":147,"name":168,"callback":164,"file":165,"line":169},"admin_enqueue_scripts",349,{"type":147,"name":168,"callback":164,"file":165,"line":171},351,{"type":147,"name":148,"callback":164,"file":165,"line":173},353,{"type":147,"name":175,"callback":164,"file":165,"line":176},"init",355,{"type":178,"name":179,"callback":164,"file":165,"line":180},"filter","user_contactmethods",357,{"type":178,"name":182,"callback":164,"file":165,"line":183},"plugin_action_links",358,{"type":147,"name":185,"callback":164,"file":165,"line":186},"wp_enqueue_scripts",371,{"type":147,"name":185,"callback":164,"file":165,"line":188},373,{"type":147,"name":190,"callback":164,"file":165,"line":191},"wp_head",375,{"type":178,"name":193,"callback":164,"file":165,"line":194},"script_loader_tag",377,{"type":147,"name":196,"callback":164,"file":165,"line":197},"rss2_item",382,{"type":147,"name":199,"callback":164,"file":165,"line":200},"rss2_head",386,{"type":147,"name":202,"callback":164,"file":165,"line":203},"rss2_ns",388,{"type":178,"name":205,"callback":164,"file":165,"line":206},"no_texturize_shortcodes",393,{"type":178,"name":208,"callback":164,"file":165,"line":209},"the_content",394,{"type":147,"name":211,"callback":212,"file":213,"line":214},"rest_api_init","register_rest_routes","includes\\rest-api\\class-rest-server.php",63,{"type":147,"name":211,"callback":216,"file":213,"line":217},"rest_send_cors_headers",64,{"type":178,"name":219,"callback":220,"priority":221,"file":213,"line":222},"rest_pre_serve_request","closure",1001,128,[],[],[226,229],{"tag":227,"callback":164,"file":165,"line":228},"ln_v4v",406,{"tag":230,"callback":164,"file":165,"line":231},"ln_simple_boost",407,[],2,{"dangerousFunctions":235,"sqlUsage":236,"outputEscaping":253,"fileOperations":28,"externalRequests":28,"nonceChecks":29,"capabilityChecks":233,"bundledLibraries":282},[],{"prepared":118,"raw":118,"locations":237},[238,242,244,246,249],{"file":239,"line":240,"context":241},"includes\\db\\database-handler.php",99,"$wpdb->get_var() with variable interpolation",{"file":239,"line":243,"context":241},115,{"file":239,"line":245,"context":241},117,{"file":239,"line":247,"context":248},127,"$wpdb->get_results() with variable interpolation",{"file":250,"line":251,"context":252},"uninstall.php",18,"$wpdb->query() with variable interpolation",{"escaped":254,"rawEcho":59,"locations":255},113,[256,259,262,265,267,270,272,275,278,280],{"file":151,"line":257,"context":258},279,"raw output",{"file":260,"line":261,"context":258},"admin\\settings\\class-dashboard.php",86,{"file":263,"line":264,"context":258},"admin\\templates\\settings\\page-dashboard.php",31,{"file":165,"line":266,"context":258},334,{"file":268,"line":269,"context":258},"includes\\clients\\class-bln-publisher-alby-client.php",23,{"file":271,"line":269,"context":258},"includes\\clients\\class-bln-publisher-btcpay-client.php",{"file":273,"line":274,"context":258},"includes\\clients\\class-bln-publisher-lnaddress-client.php",27,{"file":276,"line":277,"context":258},"includes\\clients\\class-bln-publisher-lnbits-client.php",22,{"file":279,"line":269,"context":258},"includes\\clients\\class-bln-publisher-lndhub-client.php",{"file":281,"line":269,"context":258},"includes\\clients\\class-bln-publisher-nwc-client.php",[283],{"name":284,"version":38,"knownCves":285},"Guzzle",[],[287,312],{"entryPoint":288,"graph":289,"unsanitizedCount":28,"severity":311},"prepare_items (includes\\db\\transactions.php:33)",{"nodes":290,"edges":307},[291,297,301],{"id":292,"type":293,"label":294,"file":295,"line":296},"n0","source","$_REQUEST","includes\\db\\transactions.php",47,{"id":298,"type":299,"label":300,"file":295,"line":296},"n1","transform","→ total_payment_count()",{"id":302,"type":303,"label":304,"file":239,"line":305,"wp_function":306},"n2","sink","get_var() [SQLi]",101,"get_var",[308,310],{"from":292,"to":298,"sanitized":309},false,{"from":298,"to":302,"sanitized":309},"high",{"entryPoint":313,"graph":314,"unsanitizedCount":28,"severity":311},"\u003Ctransactions> (includes\\db\\transactions.php:0)",{"nodes":315,"edges":329},[316,317,318,319,321,324],{"id":292,"type":293,"label":294,"file":295,"line":296},{"id":298,"type":299,"label":300,"file":295,"line":296},{"id":302,"type":303,"label":304,"file":239,"line":305,"wp_function":306},{"id":320,"type":293,"label":294,"file":295,"line":245},"n3",{"id":322,"type":299,"label":323,"file":295,"line":245},"n4","→ get_payments()",{"id":325,"type":303,"label":326,"file":239,"line":327,"wp_function":328},"n5","get_results() [SQLi]",89,"get_results",[330,331,332,333],{"from":292,"to":298,"sanitized":309},{"from":298,"to":302,"sanitized":309},{"from":320,"to":322,"sanitized":309},{"from":322,"to":325,"sanitized":334},true,{"summary":336,"deductions":337},"The bitcoin-lightning-publisher plugin version 1.4.2 exhibits a mixed security posture. On the positive side, it demonstrates good practices with a high percentage of properly escaped outputs and a decent proportion of SQL queries using prepared statements. The attack surface is relatively small, consisting solely of shortcodes, and importantly, none of the identified entry points are directly unprotected.  The plugin also includes capability checks, which is a positive security control.\n\nHowever, there are notable concerns. The taint analysis reveals two flows with unsanitized paths, both rated as high severity. This indicates potential vulnerabilities where user-supplied data could be processed in an unsafe manner, leading to risks such as cross-site scripting or other input-based attacks. The absence of nonce checks is another significant weakness, especially given that shortcodes can be invoked via various means, including direct requests. While there are no currently unpatched CVEs, the plugin has a history of medium-severity vulnerabilities, specifically Cross-site Scripting. This pattern suggests a recurring need for diligent input sanitization and output escaping, particularly around user-controllable data.\n\nIn conclusion, while the plugin implements some strong security measures, the high-severity taint flows and the lack of nonce checks present immediate risks. The historical pattern of XSS vulnerabilities further underscores the need for ongoing vigilance. Addressing the identified taint flows and implementing nonce checks on shortcodes would significantly improve the plugin's security.",[338,341,344,346],{"reason":339,"points":340},"High severity taint flows (2)",12,{"reason":342,"points":343},"No nonce checks on entry points",8,{"reason":345,"points":118},"50% SQL queries not using prepared statements",{"reason":347,"points":343},"1 Medium CVE in history","2026-03-16T21:07:52.943Z",{"wat":350,"direct":361},{"assetPaths":351,"generatorPatterns":355,"scriptPaths":356,"versionParams":357},[352,353,354],"\u002Fwp-content\u002Fplugins\u002Fbitcoin-lightning-publisher\u002Fadmin\u002Fcss\u002Fbln-publisher-admin.css","\u002Fwp-content\u002Fplugins\u002Fbitcoin-lightning-publisher\u002Fadmin\u002Fjs\u002Fbln-publisher-admin.js","\u002Fwp-content\u002Fplugins\u002Fbitcoin-lightning-publisher\u002Fpublic\u002Fjs\u002Fbln-publisher-public.js",[],[353,354],[358,359,360],"bitcoin-lightning-publisher\u002Fadmin\u002Fcss\u002Fbln-publisher-admin.css?ver=","bitcoin-lightning-publisher\u002Fadmin\u002Fjs\u002Fbln-publisher-admin.js?ver=","bitcoin-lightning-publisher\u002Fpublic\u002Fjs\u002Fbln-publisher-public.js?ver=",{"cssClasses":362,"htmlComments":366,"htmlAttributes":369,"restEndpoints":377,"jsGlobals":379,"shortcodeOutput":381},[363,364,365],"wp-lnp-twentyuno-widget","wp-lnp-webln-button-wrapper","wp-lnp-webln-button",[367,368],"\u003C!-- Gutenberg is not active. -->","\u003C!-- Path to Js that handles block functionality -->",[370,371,372,373,374,375,376],"data-amount","data-currency","data-success","accent","to","image","name",[378],"\u002Fwp-json\u002Flnp-alby\u002Fv1\u002Flnurlp",[380],"wp_lnp_donate_params",[382],"[lnpaywall"]