[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fV--I8fM77SZz-FKaJXWk0EmOL8i4CE-RiXvp0SwwmlU":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":77,"crawl_stats":37,"alternatives":81,"analysis":179,"fingerprints":532},"cardgate","CardGate Payments for WooCommerce","4.1.1","CardGate","https:\u002F\u002Fprofiles.wordpress.org\u002Fcardgate\u002F","\u003Cp>This plug-in contains the following payment methods from CardGate for WooCommerce:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Afterpay\u003C\u002Fli>\n\u003Cli>Bancontact\u003C\u002Fli>\n\u003Cli>Banktransfer\u003C\u002Fli>\n\u003Cli>Billink\u003C\u002Fli>\n\u003Cli>Bitcoin\u003C\u002Fli>\n\u003Cli>Creditcard\u003C\u002Fli>\n\u003Cli>DirectDebit\u003C\u002Fli>\n\u003Cli>Gift Card\u003C\u002Fli>\n\u003Cli>iDEAL\u003C\u002Fli>\n\u003Cli>iDEAL QR\u003C\u002Fli>\n\u003Cli>Klarna\u003C\u002Fli>\n\u003Cli>OnlineÜberweisen\u003C\u002Fli>\n\u003Cli>PayPal\u003C\u002Fli>\n\u003Cli>Paysafecard\u003C\u002Fli>\n\u003Cli>Paysafecash\u003C\u002Fli>\n\u003Cli>Przelewy24\u003C\u002Fli>\n\u003Cli>Sofortbanking\u003C\u002Fli>\n\u003Cli>SprayPay\u003C\u002Fli>\n\u003C\u002Ful>\n","CardGate Payment methods for WooCommerce",200,19629,70,4,"2026-01-26T15:51:00.000Z","6.9.4","4.4","",[4,20,21,22,23],"creditcard","ideal","payment","woocommerce","http:\u002F\u002Fcardgate.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcardgate.4.1.1.zip",96,3,0,"2025-04-07 00:00:00","2026-03-15T15:16:48.613Z",[32,48,61],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":39,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":29,"updated_date":44,"references":45,"days_to_patch":47},"CVE-2025-32119","cardgate-payments-for-woocommerce-authenticated-administrator-sql-injection","CardGate Payments for WooCommerce \u003C= 3.2.1 - Authenticated (Administrator+) SQL Injection","The CardGate Payments for WooCommerce plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 3.2.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for authenticated attackers, with administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.",null,"\u003C=3.2.1","3.2.2","medium",4.9,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:H\u002FUI:N\u002FS:U\u002FC:H\u002FI:N\u002FA:N","Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')","2025-04-15 12:48:03",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Febffe466-0fd7-4110-bd2f-730978711087?source=api-prod",9,{"id":49,"url_slug":50,"title":51,"description":52,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":39,"severity":40,"cvss_score":53,"cvss_vector":54,"vuln_type":55,"published_date":56,"updated_date":57,"references":58,"days_to_patch":60},"CVE-2024-12257","cardgate-payments-for-woocommerce-reflected-cross-site-scripting","CardGate Payments for WooCommerce \u003C= 3.2.1 - Reflected Cross-Site Scripting","The CardGate Payments for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 3.2.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-12-06 00:00:00","2024-12-07 01:45:51",[59],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F9f8de5a9-2279-4b84-b1f6-fdb293aa6017?source=api-prod",1,{"id":62,"url_slug":63,"title":64,"description":65,"plugin_slug":4,"theme_slug":37,"affected_versions":66,"patched_in_version":67,"severity":68,"cvss_score":69,"cvss_vector":70,"vuln_type":71,"published_date":72,"updated_date":73,"references":74,"days_to_patch":76},"CVE-2020-8819","cardgate-payments-for-woocommerce-lack-of-origin-validation","CardGate Payments for WooCommerce \u003C= 3.1.15 - Lack of Origin Validation","An issue was discovered in the CardGate Payments plugin through 3.1.15 for WooCommerce. Lack of origin authentication in the IPN callback processing function in cardgate\u002Fcardgate.php allows an attacker to remotely replace critical plugin settings (merchant ID, secret key, etc.) and therefore bypass the payment process (e.g., spoof an order status by manually sending an IPN callback request with a valid signature but without real payment) and\u002For receive all of the subsequent payments.","\u003C3.1.16","3.1.16","high",8.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:N","Origin Validation Error","2020-02-22 00:00:00","2024-01-22 19:56:02",[75],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F24aadf0c-0266-4c39-ac7b-d6f09053d903?source=api-prod",1431,{"slug":4,"display_name":7,"profile_url":8,"plugin_count":60,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":78,"trust_score":79,"computed_at":80},480,76,"2026-04-04T07:26:25.126Z",[82,104,122,141,159],{"slug":83,"name":84,"version":85,"author":86,"author_profile":87,"description":88,"short_description":89,"active_installs":90,"downloaded":91,"rating":92,"num_ratings":93,"last_updated":94,"tested_up_to":16,"requires_at_least":95,"requires_php":96,"tags":97,"homepage":100,"download_link":101,"security_score":102,"vuln_count":60,"unpatched_count":28,"last_vuln_date":103,"fetched_at":30},"makecommerce","MakeCommerce for WooCommerce","4.0.6","MakeCommerce.net","https:\u002F\u002Fprofiles.wordpress.org\u002Fmakecommerce\u002F","\u003Cp>MakeCommerce is a payment service provider for e-commerce businesses in the Baltics and Finland.\u003Cbr \u002F>\nIt is the international brand of Maksekeskus AS.\u003C\u002Fp>\n\u003Cp>The MakeCommerce plugin enables to accept Estonian, Latvian, Lithuanian and Finnish bank payments, credit card payments, Revolut and N26 payments, and buy-now-pay-later (BNPL) payment options.\u003Cbr \u002F>\nIn addition, it can also be used to send out shipments via the most popular carriers in the Baltics, including Omniva, DPD, SmartPosti, Venipak, Unisend and others.\u003C\u002Fp>\n\u003Cp>To start using the services, please sign up at https:\u002F\u002Fmerchant.maksekeskus.ee\u002Fsign-up.html?locale=en and then complete the setup guide in the plugin.\u003C\u002Fp>\n\u003Cp>No multiple bank contracts needed, all you need is one bank account for your regular payouts.\u003C\u002Fp>\n\u003Cp>Installing the plugin is free of charge.\u003Cbr \u002F>\nA transaction fee is charged by MakeCommerce separately.\u003Cbr \u002F>\nSee our pricing at https:\u002F\u002Fmakecommerce.net\u002Fpricing\u002F.\u003C\u002Fp>\n\u003Cp>Overview of functionality:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Bank-links of all major banks in Estonia, Latvia, Lithuania, Finland\u003C\u002Fli>\n\u003Cli>Credit-card payments (Visa, Mastercard, Apple Pay, Google Pay) through MakeCommerce PCI DSS compliant card dialog (removes compliancy requirement from merchant)\u003C\u002Fli>\n\u003Cli>Pay later payments\u003C\u002Fli>\n\u003Cli>Recurring payments with credit cards for subscriptions\u003C\u002Fli>\n\u003Cli>Payment country selector independent of billing\u002Fshipping address\u003C\u002Fli>\n\u003Cli>Make full or partial refunds right within shop Admin (order view)\u003C\u002Fli>\n\u003Cli>Omniva, Smartpost, DPD, Venipak & Unisend\u002FLP Express automated parcel terminals as shipment methods\u003C\u002Fli>\n\u003Cli>Omniva, Smartpost, Venipak & DPD courier service as shipment method\u003C\u002Fli>\n\u003Cli>Automatic registration of shipments\u003C\u002Fli>\n\u003Cli>Printing parcel labels right within shop Admin\u003C\u002Fli>\n\u003Cli>Supports multilingual shops (WPML and Polylang). The plugin is fully translated to English, Estonian, Latvian and Lithuanian\u003C\u002Fli>\n\u003Cli>Supports WordPress multi-site\u003C\u002Fli>\n\u003C\u002Ful>\n","Payment Gateway for Estonian, Latvian, Lithuanian and Finnish banks and Visa\u002FMasterCard payments with single contract (by Maksekeskus). And more...",3000,63542,72,8,"2026-01-27T09:52:00.000Z","6.8.1","8.1",[98,20,22,99,23],"banklink","shipping","https:\u002F\u002Fmakecommerce.net\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmakecommerce.4.0.6.zip",99,"2024-07-04 00:00:00",{"slug":105,"name":106,"version":107,"author":108,"author_profile":109,"description":110,"short_description":111,"active_installs":112,"downloaded":113,"rating":28,"num_ratings":28,"last_updated":114,"tested_up_to":16,"requires_at_least":115,"requires_php":116,"tags":117,"homepage":119,"download_link":120,"security_score":121,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"cashflows-payments-by-ideal-checkout","Cashflows for WooCommerce","2.3.6.4","Cashflows","https:\u002F\u002Fprofiles.wordpress.org\u002Fcashflowsgateway2021\u002F","\u003Cp>\u003Cstrong>Why choose the Cashflow payments Gateway?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Cashflows is a simple and secure way to take payments online. When connecting Cashflows Gateway to WooCommerce, you will connect into all of the functionality that comes with our extension. Shoppers are directed to a customisable Hosted Payment Page where they securely complete their payment and we take care of the rest. Once the payment is successfully completed, the shopper is directed automatically back to your WooCommerce site.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Light touch integration to get your payments up and running faster\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Pre-integration between the Cashflows proprietary platform and WooCommerce means faster setup, lower costs. greater control and more secure data\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Smart data and reporting to unlock insight and optimise performance\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Track performance at-a-glance, with control over remittance, smart reconciliation and reporting built to deliver actionable insight for optimisation.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Friendly service and expert support, at every interaction\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Our UK based team is always on hand and ready to act. We’ve got your back through implementation, we’ll keep your payments moving and make sure your data is handled securely.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What our customers say\u003C\u002Fstrong>\u003Cbr \u002F>\n“With Cashflows we have a true partnership. Our suggestions and concerns are always taken seriously and addressed. We have been delighted with the level of support we have experienced, and the team resolves any issues very quickly.”\u003C\u002Fp>\n\u003Cp>SplitPay\u003C\u002Fp>\n\u003Ch3>Arbitrary section\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Stay in control:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Understand business performance, real-time\u003Cbr \u002F>\nCreate a personalised dashboard, compare performance over time, manage your account, all through a simple online portal.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Keep your payments data safe and secure\u003Cbr \u002F>\nWith robust fraud prevention technology, our hosted payment pages include free PCI compliance. Plus 3DS 2.2 authentication as standard\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Deliver a frictionless experience for your customers:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>A simple, intuitive checkout experience\u003Cbr \u002F>\nPayment details can be securely stored and automatically filled in to make checkout fast and easy next time.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Maximise every sale\u003Cbr \u002F>\nReduce abandoned shopping carts by accepting the most popular payment types, including Visa, Mastercard, Amex and mobile wallets such as Apple Pay, Google Pay and PayPal.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Take payments from anywhere\u003Cbr \u002F>\nOur gateway comes with a virtual terminal so you can take payments by phone or by email, to help you offer alternatives to customers where they want to pay”\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Security\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Safe, stable, secure checkouts\u003C\u002Fp>\n\u003Cul>\n\u003Cli>PSD2 ready with built in security including 3DS2.2 authentication\u003C\u002Fli>\n\u003Cli>Built and managed in the cloud for ultimate stability\u003C\u002Fli>\n\u003Cli>Lightning-fast customer checkout \u003C\u002Fli>\n\u003Cli>In-built SSL for safer communications\u003C\u002Fli>\n\u003C\u002Ful>\n","Cashflows Payments Gateway for WooCommerce",700,13797,"2026-01-19T09:46:00.000Z","5.8","7.4",[118,20,22,23],"cashflows","https:\u002F\u002Fwww.ideal-checkout.nl\u002Fpayment-providers\u002Fcashflows","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcashflows-payments-by-ideal-checkout.2.3.6.4.zip",100,{"slug":123,"name":124,"version":39,"author":125,"author_profile":126,"description":127,"short_description":128,"active_installs":129,"downloaded":130,"rating":28,"num_ratings":28,"last_updated":131,"tested_up_to":132,"requires_at_least":133,"requires_php":134,"tags":135,"homepage":139,"download_link":140,"security_score":121,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"paypro-gateways-woocommerce","PayPro Gateways – WooCommerce","PayPro","https:\u002F\u002Fprofiles.wordpress.org\u002Fpaypro\u002F","\u003Cp>This plugin is the official PayPro plugin for WooCommerce. It is easy to use, quick to install and actively maintained by PayPro.\u003C\u002Fp>\n\u003Cp>Currently the plugin supports the following payment methods:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>iDEAL\u003C\u002Fli>\n\u003Cli>PayPal\u003C\u002Fli>\n\u003Cli>Bancontact\u003C\u002Fli>\n\u003Cli>Sofort\u003C\u002Fli>\n\u003Cli>Riverty\u003C\u002Fli>\n\u003Cli>SEPA Credit Transfer\u003C\u002Fli>\n\u003Cli>Credit card (Visa and Mastercard)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Support for all PayPro payment methods\u003C\u002Fli>\n\u003Cli>Settings for each payment method\u003C\u002Fli>\n\u003Cli>WordPress Multisite support\u003C\u002Fli>\n\u003Cli>Translations for English and Dutch\u003C\u002Fli>\n\u003Cli>Test mode support\u003C\u002Fli>\n\u003Cli>Debug mode for easy debugging\u003C\u002Fli>\n\u003Cli>Automatic status changes\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Note\u003C\u002Fh4>\n\u003Cp>In order to use this plugin you need to have an approved PayPro account.\u003C\u002Fp>\n","With this plugin you easily add all PayPro payment gateways to your WooCommerce webshop.",400,14222,"2025-09-25T14:18:00.000Z","6.8.5","5.0","7.2",[136,21,137,138,23],"gateways","payments","paypro","https:\u002F\u002Fwww.paypro.nl\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpaypro-gateways-woocommerce.3.2.2.zip",{"slug":142,"name":143,"version":144,"author":145,"author_profile":146,"description":147,"short_description":148,"active_installs":149,"downloaded":150,"rating":28,"num_ratings":28,"last_updated":18,"tested_up_to":16,"requires_at_least":151,"requires_php":116,"tags":152,"homepage":156,"download_link":157,"security_score":121,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":158},"professional-payment-portal-for-woocommerce","Professional Payment Portal for WooCommerce","1.0.6","CodeBrain BV","https:\u002F\u002Fprofiles.wordpress.org\u002Fcodebrainbv\u002F","\u003Cp>You want a lot of freedom and the possibility to integrate iDEAL in your webshop or your own online checkout. In addition, you receive a lot of payments in your webshop or you want to have your online services paid for with iDEAL. Then Rabo iDEAL Professional is ideal.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What is Rabo iDEAL Professional?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>You can seamlessly integrate iDEAL Professional into your webshop or your own online checkout. Ideal if you receive many payments through your webshop or if you want your customers to pay for your online services. The customer is recognized via an iDEAL profile, which means that your customers can quickly and easily make the payment via their own trusted bank. You immediately receive a payment guarantee (push) and you receive the payment quickly, usually the same day on your account.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>The advantages of Rabo iDEAL Professional\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Most used online payment method in the Netherlands\u003C\u002Fli>\n\u003Cli>The money is quickly in your account\u003C\u002Fli>\n\u003Cli>The customer can specify a preferred account via an iDEAL profile. When making a payment, the customer is recognized and immediately forwarded to their own payment environment.\u003C\u002Fli>\n\u003Cli>Use of iDEAL Professional Dashboard\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>What do you need?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>A Rabo iDEAL Professional contract. You can easily request this via https:\u002F\u002Fideal.rabobank.nl\u002F\u003C\u002Fli>\n\u003Cli>The WooCommerce Rabo Professional plugin\u003C\u002Fli>\n\u003Cli>A free CodeBrain PPP account, this can be created at: https:\u002F\u002Fcodebrain-ppp.nl\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>This plugin uses a 3rd party for the API connection.\u003C\u002Fstrong>\u003Cbr \u002F>\nWe communicate with the Professional Payment Portal to process the payments. This is a secure connection and we use the latest encryption methods to ensure that your data is safe. No user data is stored on our servers, we only use the data to process the payment and to check the status of the payment.\u003Cbr \u002F>\nMore information is found at https:\u002F\u002Fcodebrain-ppp.nl.\u003Cbr \u002F>\nPrivacy Policy: https:\u002F\u002Fcodebrain-ppp.nl\u002Fprivacy-policy\u003C\u002Fp>\n\u003Ch3>Configuration\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Enter the API Key provided by Professional Payment Portal https:\u002F\u002Fcodebrain-ppp.nl.\u003C\u002Fli>\n\u003Cli>Enable the iDEAL payment method.\u003C\u002Fli>\n\u003Cli>Save\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>iDEAL Dashboard Configuration – Certificate\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Download the Certificate found on the Professional Payment Portal https:\u002F\u002Fcodebrain-ppp.nl.\u003C\u002Fli>\n\u003Cli>Navigate to https:\u002F\u002Fideal.rabobank.nl and login with your credentials.\u003C\u002Fli>\n\u003Cli>Click on “Merchant data” -> “iDEAL Service data” and then scroll down to “Certificates”.\u003C\u002Fli>\n\u003Cli>Click on “Certificates” and upload the downloaded certificate from step 1.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>iDEAL Dashboard Configuration – Webhook\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Navigate to https:\u002F\u002Fideal.rabobank.nl and login with your credentials.\u003C\u002Fli>\n\u003Cli>Click on “Merchant data” -> “iDEAL Service data” and then scroll down to “Specific details”.\u003C\u002Fli>\n\u003Cli>There are 2 fields on the right that we need to fill out, these are called the “Status Notification URL” and “Notification BearerToken”.\u003C\u002Fli>\n\u003Cli>In field “Status Notification URL” enter your webshop URL and add \u002Fv3 to the end (example: https:\u002F\u002Fwebshop.nl\u002Fv3).\u003C\u002Fli>\n\u003Cli>In field “Notification BearerToken” you need to enter the API key that you have also placed in the plug-in.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Arbitrary section\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Payment Methods: iDEAL\u003C\u002Fli>\n\u003Cli>Easy to use dashboard\u003C\u002Fli>\n\u003Cli>Automatic webhook messages for processing transactions\u002Forders\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Security\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Uses Rabobank SHA256 encryption method\u003C\u002Fli>\n\u003Cli>SSL\u002FTLS supported\u003C\u002Fli>\n\u003Cli>Signs and checks every message to and from Rabobank\u003C\u002Fli>\n\u003Cli>Secure webhook supported\u003C\u002Fli>\n\u003Cli>oAuth implemented\u003C\u002Fli>\n\u003C\u002Ful>\n","One of the easiest and best ways to integration Rabobank in your WooCommerce webshop!",10,1448,"6.4",[153,22,154,155,23],"ideal-2","professional","rabobank","https:\u002F\u002Fbitbucket.org\u002Fcodebrainbv\u002Fppp-woocommerce\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fprofessional-payment-portal-for-woocommerce.1.0.6.zip","2026-03-15T10:48:56.248Z",{"slug":160,"name":161,"version":162,"author":163,"author_profile":164,"description":165,"short_description":166,"active_installs":149,"downloaded":167,"rating":168,"num_ratings":169,"last_updated":170,"tested_up_to":171,"requires_at_least":133,"requires_php":172,"tags":173,"homepage":176,"download_link":177,"security_score":178,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"wc-mobilpayments-card","LivePayments – mobilPay Card WooCommerce Payment Gateway","0.1.6","Alexandru BOIA","https:\u002F\u002Fprofiles.wordpress.org\u002Falexandruboia\u002F","\u003Cp>Is this plug-in a good fit for you?\u003C\u002Fp>\n\u003Cp>For end users:\u003Cbr \u002F>\nThis plug-in is good for you if you are any kind of merchant running a WooCommerce-powered store and want accept credit or debit card payment using the romanian mobilPay™ payment processing gateway.\u003C\u002Fp>\n\u003Cp>For WooCommerce developers:\u003Cbr \u002F>\nIf you are a WordPress solution developer and  working on implementing a WooCommerce-based store powered by this payment processing gateway, then this is the only such plug-in that allows you to customize your implementation, due to a wealth of action and filter hooks.\u003C\u002Fp>\n\u003Cp>Features\u003C\u002Fp>\n\u003Cul>\n\u003Cli>easy to setup and run using a friendly configuration interface, which does not require of you to perform any kind of FTP operation: just install the plug-in, fetch your assets from mobilPay and configure your plug-in.\u003C\u002Fli>\n\u003Cli>customizable and extensible via a wealth of action and filter hooks;\u003C\u002Fli>\n\u003Cli>supports all mobilPay™ transaction statuses, including partial refunds and partially completed payments;\u003C\u002Fli>\n\u003Cli>extremely detailed reporting on transaction history and lifecycle;\u003C\u002Fli>\n\u003Cli>dashboard widget for a quick outlook on overall transaction statuses;\u003C\u002Fli>\n\u003Cli>detailed transaction details are reported for each order, for both admin staff and your clients;\u003C\u002Fli>\n\u003Cli>multi-language support (romanian translation included);\u003C\u002Fli>\n\u003Cli>advanced diagnosis and monitoring of plugin configuration;\u003C\u002Fli>\n\u003Cli>detailed journaling.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Supported transaction statuses (actions)\u003C\u002Fp>\n\u003Cul>\n\u003Cli>confirmed (the amount has been transfered and is entering the settlement process) – if the amount reported as confirmed is the same as the amount initially paid, the order may be fulfilled. Otherwise, it is placed on hold.\u003C\u002Fli>\n\u003Cli>confirmed_pending (the transaction’s fraud risk is being assessed. The amount is being transfered. If everything checks out, the transaction moves to confirmed state.) – the order is placed on hold.\u003C\u002Fli>\n\u003Cli>paid_pending (the transaction’s fraud risk is being assessed. No transfer has occured at this stage, but the amount is being reserved on the client’s card.) – the order is placed on hold.\u003C\u002Fli>\n\u003Cli>canceled (the amount reserved on the client’s card is being released.) – the order is marked as cancelled.\u003C\u002Fli>\n\u003Cli>credit (amount refunded to client – partially or in full) – the refunded amount is recorded in the order state. If the entire amount has been refunded, the order is marked as refunded.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Supported languages\u003C\u002Fp>\n\u003Cp>Available in English and Romanian.\u003C\u002Fp>\n","LivePayments is a Credit & Debit Card WooCommerce Payment Gateway that uses the Romanian mobilPay payment processor.",1679,84,5,"2021-08-27T19:31:00.000Z","5.8.0","5.6.2",[174,20,175,22,23],"card","mobilpay","https:\u002F\u002Fgithub.com\u002Falexboia\u002FLivePayments-MP-WC","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwc-mobilpayments-card.0.1.6.zip",85,{"attackSurface":180,"codeSignals":240,"taintFlows":338,"riskAssessment":518,"analyzedAt":531},{"hooks":181,"ajaxHandlers":236,"restRoutes":237,"shortcodes":238,"cronEvents":239,"entryPointCount":28,"unprotectedCount":28},[182,187,189,193,196,200,204,207,211,215,219,223,228,231],{"type":183,"name":184,"callback":185,"priority":28,"file":186,"line":168},"action","plugins_loaded","includes","cardgate.php",{"type":183,"name":184,"callback":188,"file":186,"line":178},"initiate_payment_classes",{"type":183,"name":190,"callback":191,"file":186,"line":192},"before_woocommerce_init","closure",86,{"type":183,"name":194,"callback":195,"file":186,"line":26},"admin_head","add_cgform_fields",{"type":183,"name":197,"callback":198,"priority":60,"file":186,"line":199},"woocommerce_cart_calculate_fees","calculate_fees",97,{"type":183,"name":201,"callback":202,"priority":149,"file":186,"line":203},"wp_enqueue_scripts","load_cg_script",98,{"type":183,"name":205,"callback":206,"file":186,"line":102},"admin_menu","cgp_admin_menu",{"type":183,"name":208,"callback":209,"priority":210,"file":186,"line":121},"init","cardgate_callback",20,{"type":183,"name":212,"callback":213,"file":186,"line":214},"woocommerce_blocks_loaded","woocommerce_cardgate_blocks_support",101,{"type":183,"name":216,"callback":217,"file":186,"line":218},"woocommerce_cancelled_order","capture_payment_failed",108,{"type":183,"name":220,"callback":221,"file":186,"line":222},"admin_notices","my_error_notice",111,{"type":224,"name":225,"callback":226,"file":186,"line":227},"filter","woocommerce_payment_gateways","woocommerce_cardgate_add_gateways",723,{"type":183,"name":229,"callback":191,"file":186,"line":230},"woocommerce_blocks_payment_method_type_registration",926,{"type":224,"name":232,"callback":233,"priority":210,"file":234,"line":235},"woocommerce_gateway_icon","modify_icon","classes\\CGP_Common_Gateway.php",57,[],[],[],[],{"dangerousFunctions":241,"sqlUsage":242,"outputEscaping":245,"fileOperations":28,"externalRequests":60,"nonceChecks":60,"capabilityChecks":60,"bundledLibraries":337},[],{"prepared":243,"raw":28,"locations":244},14,[],{"escaped":13,"rawEcho":246,"locations":247},44,[248,251,253,255,257,259,261,263,265,267,269,271,273,275,277,279,281,283,285,287,289,291,293,295,297,299,301,303,305,306,308,310,312,314,316,318,320,323,325,327,329,331,333,335],{"file":186,"line":249,"context":250},272,"raw output",{"file":186,"line":252,"context":250},281,{"file":186,"line":254,"context":250},285,{"file":186,"line":256,"context":250},286,{"file":186,"line":258,"context":250},292,{"file":186,"line":260,"context":250},299,{"file":186,"line":262,"context":250},306,{"file":186,"line":264,"context":250},313,{"file":186,"line":266,"context":250},320,{"file":186,"line":268,"context":250},324,{"file":186,"line":270,"context":250},325,{"file":186,"line":272,"context":250},347,{"file":186,"line":274,"context":250},353,{"file":186,"line":276,"context":250},378,{"file":186,"line":278,"context":250},380,{"file":186,"line":280,"context":250},587,{"file":186,"line":282,"context":250},594,{"file":186,"line":284,"context":250},599,{"file":186,"line":286,"context":250},602,{"file":186,"line":288,"context":250},603,{"file":186,"line":290,"context":250},604,{"file":186,"line":292,"context":250},609,{"file":186,"line":294,"context":250},612,{"file":186,"line":296,"context":250},613,{"file":186,"line":298,"context":250},614,{"file":186,"line":300,"context":250},619,{"file":186,"line":302,"context":250},622,{"file":186,"line":304,"context":250},623,{"file":186,"line":304,"context":250},{"file":186,"line":307,"context":250},774,{"file":186,"line":309,"context":250},776,{"file":186,"line":311,"context":250},783,{"file":186,"line":313,"context":250},786,{"file":186,"line":315,"context":250},789,{"file":186,"line":317,"context":250},797,{"file":186,"line":319,"context":250},803,{"file":321,"line":322,"context":250},"classes\\Cardgate_PaymentsListTable.php",221,{"file":321,"line":324,"context":250},228,{"file":321,"line":326,"context":250},235,{"file":321,"line":328,"context":250},248,{"file":321,"line":330,"context":250},255,{"file":321,"line":332,"context":250},372,{"file":321,"line":334,"context":250},434,{"file":234,"line":336,"context":250},118,[],[339,391,404,425,476,495,507],{"entryPoint":340,"graph":341,"unsanitizedCount":28,"severity":390},"cardgate_config_page (cardgate.php:213)",{"nodes":342,"edges":382},[343,348,353,357,359,363,365,368,370,374,376,380],{"id":344,"type":345,"label":346,"file":186,"line":347},"n0","source","$_POST['cgp_mode']",225,{"id":349,"type":350,"label":351,"file":186,"line":347,"wp_function":352},"n1","sink","update_option() [Settings Manipulation]","update_option",{"id":354,"type":345,"label":355,"file":186,"line":356},"n2","$_POST['cgp_siteid']",226,{"id":358,"type":350,"label":351,"file":186,"line":356,"wp_function":352},"n3",{"id":360,"type":345,"label":361,"file":186,"line":362},"n4","$_POST['cgp_hashkey']",227,{"id":364,"type":350,"label":351,"file":186,"line":362,"wp_function":352},"n5",{"id":366,"type":345,"label":367,"file":186,"line":324},"n6","$_POST['cgp_merchant_id']",{"id":369,"type":350,"label":351,"file":186,"line":324,"wp_function":352},"n7",{"id":371,"type":345,"label":372,"file":186,"line":373},"n8","$_POST['cgp_merchant_api_key']",229,{"id":375,"type":350,"label":351,"file":186,"line":373,"wp_function":352},"n9",{"id":377,"type":345,"label":378,"file":186,"line":379},"n10","$_POST['cgp_checkoutdisplay']",230,{"id":381,"type":350,"label":351,"file":186,"line":379,"wp_function":352},"n11",[383,385,386,387,388,389],{"from":344,"to":349,"sanitized":384},true,{"from":354,"to":358,"sanitized":384},{"from":360,"to":364,"sanitized":384},{"from":366,"to":369,"sanitized":384},{"from":371,"to":375,"sanitized":384},{"from":377,"to":381,"sanitized":384},"low",{"entryPoint":392,"graph":393,"unsanitizedCount":28,"severity":390},"get_config_html (cardgate.php:264)",{"nodes":394,"edges":402},[395,398],{"id":344,"type":345,"label":396,"file":186,"line":397},"$_SERVER",265,{"id":349,"type":350,"label":399,"file":186,"line":400,"wp_function":401},"echo() [XSS]",268,"echo",[403],{"from":344,"to":349,"sanitized":384},{"entryPoint":405,"graph":406,"unsanitizedCount":27,"severity":390},"add_cgform_fields (cardgate.php:742)",{"nodes":407,"edges":420},[408,411,412,415,416,419],{"id":344,"type":345,"label":409,"file":186,"line":410},"$_REQUEST[$extra_charges_id]",760,{"id":349,"type":350,"label":351,"file":186,"line":410,"wp_function":352},{"id":354,"type":345,"label":413,"file":186,"line":414},"$_REQUEST[$extra_charges_type]",761,{"id":358,"type":350,"label":351,"file":186,"line":414,"wp_function":352},{"id":360,"type":345,"label":417,"file":186,"line":418},"$_REQUEST[$extra_charges_label]",763,{"id":364,"type":350,"label":351,"file":186,"line":418,"wp_function":352},[421,423,424],{"from":344,"to":349,"sanitized":422},false,{"from":354,"to":358,"sanitized":422},{"from":360,"to":364,"sanitized":422},{"entryPoint":426,"graph":427,"unsanitizedCount":28,"severity":390},"\u003Ccardgate> (cardgate.php:0)",{"nodes":428,"edges":464},[429,430,431,432,433,434,435,436,437,438,439,440,441,443,445,449,452,454,456,458,460,462],{"id":344,"type":345,"label":346,"file":186,"line":347},{"id":349,"type":350,"label":351,"file":186,"line":347,"wp_function":352},{"id":354,"type":345,"label":355,"file":186,"line":356},{"id":358,"type":350,"label":351,"file":186,"line":356,"wp_function":352},{"id":360,"type":345,"label":361,"file":186,"line":362},{"id":364,"type":350,"label":351,"file":186,"line":362,"wp_function":352},{"id":366,"type":345,"label":367,"file":186,"line":324},{"id":369,"type":350,"label":351,"file":186,"line":324,"wp_function":352},{"id":371,"type":345,"label":372,"file":186,"line":373},{"id":375,"type":350,"label":351,"file":186,"line":373,"wp_function":352},{"id":377,"type":345,"label":378,"file":186,"line":379},{"id":381,"type":350,"label":351,"file":186,"line":379,"wp_function":352},{"id":442,"type":345,"label":396,"file":186,"line":397},"n12",{"id":444,"type":350,"label":399,"file":186,"line":400,"wp_function":401},"n13",{"id":446,"type":345,"label":447,"file":186,"line":448},"n14","$_REQUEST",499,{"id":450,"type":350,"label":351,"file":186,"line":451,"wp_function":352},"n15",681,{"id":453,"type":345,"label":409,"file":186,"line":410},"n16",{"id":455,"type":350,"label":351,"file":186,"line":410,"wp_function":352},"n17",{"id":457,"type":345,"label":413,"file":186,"line":414},"n18",{"id":459,"type":350,"label":351,"file":186,"line":414,"wp_function":352},"n19",{"id":461,"type":345,"label":417,"file":186,"line":418},"n20",{"id":463,"type":350,"label":351,"file":186,"line":418,"wp_function":352},"n21",[465,466,467,468,469,470,471,472,473,474,475],{"from":344,"to":349,"sanitized":384},{"from":354,"to":358,"sanitized":384},{"from":360,"to":364,"sanitized":384},{"from":366,"to":369,"sanitized":384},{"from":371,"to":375,"sanitized":384},{"from":377,"to":381,"sanitized":384},{"from":442,"to":444,"sanitized":384},{"from":446,"to":450,"sanitized":384},{"from":453,"to":455,"sanitized":384},{"from":457,"to":459,"sanitized":384},{"from":461,"to":463,"sanitized":384},{"entryPoint":477,"graph":478,"unsanitizedCount":28,"severity":390},"\u003CCardgate_PaymentsListTable> (classes\\Cardgate_PaymentsListTable.php:0)",{"nodes":479,"edges":492},[480,483,487,488],{"id":344,"type":345,"label":481,"file":321,"line":482},"$_REQUEST (x3)",49,{"id":349,"type":350,"label":484,"file":321,"line":485,"wp_function":486},"query() [SQLi]",71,"query",{"id":354,"type":345,"label":447,"file":321,"line":482},{"id":358,"type":350,"label":489,"file":321,"line":490,"wp_function":491},"get_results() [SQLi]",103,"get_results",[493,494],{"from":344,"to":349,"sanitized":384},{"from":354,"to":358,"sanitized":384},{"entryPoint":496,"graph":497,"unsanitizedCount":506,"severity":68},"prepare_items (classes\\Cardgate_PaymentsListTable.php:37)",{"nodes":498,"edges":503},[499,500,501,502],{"id":344,"type":345,"label":447,"file":321,"line":482},{"id":349,"type":350,"label":484,"file":321,"line":485,"wp_function":486},{"id":354,"type":345,"label":447,"file":321,"line":482},{"id":358,"type":350,"label":489,"file":321,"line":490,"wp_function":491},[504,505],{"from":344,"to":349,"sanitized":422},{"from":354,"to":358,"sanitized":422},2,{"entryPoint":508,"graph":509,"unsanitizedCount":506,"severity":68},"process_bulk_action (classes\\Cardgate_PaymentsListTable.php:271)",{"nodes":510,"edges":516},[511,514],{"id":344,"type":345,"label":512,"file":321,"line":513},"$_REQUEST (x2)",277,{"id":349,"type":350,"label":484,"file":321,"line":515,"wp_function":486},278,[517],{"from":344,"to":349,"sanitized":422},{"summary":519,"deductions":520},"The \"cardgate\" plugin version 4.1.1 exhibits a mixed security posture. On the positive side, it demonstrates good practices with 100% of its SQL queries utilizing prepared statements and the presence of nonce and capability checks. The absence of a large attack surface from unprotected AJAX handlers, REST API routes, shortcodes, and cron events is also commendable. However, concerns arise from the taint analysis, which reveals 3 flows with unsanitized paths, including 2 of high severity. This indicates potential vulnerabilities where user input is not properly validated or sanitized before being used in sensitive operations.\n\nThe plugin's vulnerability history, with 3 known CVEs including one high and two medium severity issues, further reinforces these concerns. The common vulnerability types point to persistent issues with improper neutralization of special elements, leading to SQL injection and cross-site scripting, as well as origin validation errors. While there are currently no unpatched vulnerabilities, the history suggests a pattern of susceptibility to these common web application security flaws.\n\nIn conclusion, while \"cardgate\" 4.1.1 has implemented some robust security measures, the presence of high-severity taint flows and a history of critical vulnerability types necessitate caution. The developer should prioritize addressing the identified unsanitized flows and continue to focus on secure coding practices to mitigate the risk of future exploits.",[521,524,527,529],{"reason":522,"points":523},"High severity taint flows found",15,{"reason":525,"points":526},"Medium severity CVEs historically",12,{"reason":528,"points":93},"Flows with unsanitized paths",{"reason":530,"points":169},"Inconsistent output escaping (61%)","2026-03-16T20:13:44.874Z",{"wat":533,"direct":542},{"assetPaths":534,"generatorPatterns":537,"scriptPaths":538,"versionParams":539},[535,536],"\u002Fwp-content\u002Fplugins\u002Fcardgate\u002Fassets\u002Fcss\u002Fcardgate.css","\u002Fwp-content\u002Fplugins\u002Fcardgate\u002Fassets\u002Fjs\u002Fcardgate.js",[],[536],[540,541],"cardgate\u002Fassets\u002Fcss\u002Fcardgate.css?ver=","cardgate\u002Fassets\u002Fjs\u002Fcardgate.js?ver=",{"cssClasses":543,"htmlComments":545,"htmlAttributes":546,"restEndpoints":567,"jsGlobals":569,"shortcodeOutput":570},[544],"cardgate-checkout-display",[],[547,548,549,550,551,552,553,554,555,556,557,558,559,560,561,562,563,564,565,566],"data-cg-mode","data-cg-siteid","data-cg-merchantid","data-cg-merchantapikey","data-cg-hashkey","data-cg-checkoutdisplay","data-cg-returnurl","data-cg-cancelurl","data-cg-paymentmethod","data-cg-amount","data-cg-currency","data-cg-language","data-cg-description","data-cg-customer-firstname","data-cg-customer-lastname","data-cg-customer-address","data-cg-customer-postalcode","data-cg-customer-city","data-cg-customer-country","data-cg-customer-email",[568],"\u002Fwp-json\u002Fcardgate\u002Fv1\u002Fpayment",[4],[]]