[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f91q7eQbdLa9ANKwDMsHkGVGC1moPjNRYcVK3B-BIVF8":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":49,"crawl_stats":38,"alternatives":53,"analysis":153,"fingerprints":335},"cashbill-payment-method","CashBill.pl – Płatności WooCommerce","3.3.1","CashBill","https:\u002F\u002Fprofiles.wordpress.org\u002Flukaszfirek\u002F","\u003Cp>Dedykowane rozwiązanie integrujące najpopularniejsze metody płatności. Dzięki tej wtyczce możesz w atrakcyjny sposób prezentować siatkę z logotypami banków i innych dostawców bez konieczności odsyłania klienta na stronę operatora (white-label payment gateway). Cały proces płatności odbywa się w Twoim sklepie i Ty decydujesz które kanały płatności wyróżnisz, tak aby Twój klient miał prościej. Dzięki wtyczce kod BLIK również będzie wpisywany na stronie sklepu co podniesie wygodę kupujących i zwiększy zaufanie do sklepu.\u003C\u002Fp>\n\u003Cp>Z tym rozwiązaniem łatwo podłączysz w swoim sklepie metody płatności takie jak:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>BLIK\u003C\u002Fli>\n\u003Cli>BLIK Płacę Później\u003C\u002Fli>\n\u003Cli>przelewy natychmiastowe\u003C\u002Fli>\n\u003Cli>bankowe przelewy elektroniczne\u003C\u002Fli>\n\u003Cli>karty płatnicze\u003C\u002Fli>\n\u003Cli>przekazy pieniężne\u003C\u002Fli>\n\u003Cli>płatności PayPal\u003C\u002Fli>\n\u003Cli>płatności ratalne\u003C\u002Fli>\n\u003Cli>płatności Paysafecard\u003C\u002Fli>\n\u003Cli>płatności odroczone Twisto\u003C\u002Fli>\n\u003Cli>płatności PayPo\u003C\u002Fli>\n\u003Cli>płatności Google Pay\u003C\u002Fli>\n\u003Cli>płatności Apple Pay\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Poza tym zyskujesz:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>samoczynne pojawianie się nowych kanałów płatności\u003C\u002Fli>\n\u003Cli>możliwość ustalenia zakresu niedopłat\u003C\u002Fli>\n\u003Cli>wysoka skuteczność obsługi procesów reklamacyjnych\u003C\u002Fli>\n\u003Cli>wypłaty według zasady D+1\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Dostawcą płatności jest CashBill S.A. Integrator oferujący wiele kanałów płatności oraz usług SMS Premium Rate i Direct Billing. CashBill S.A. działa pod nadzorem KNF jako Krajowa Instytucja Płatnicza.\u003C\u002Fp>\n","Dedykowane rozwiązanie integrujące najpopularniejsze metody płatności. Dzięki tej wtyczce możesz w atrakcyjny sposób prezentować siatkę z logotypami b &hellip;",900,11355,100,2,"2025-11-12T12:07:00.000Z","6.8.5","5.0.0","",[20,21,22,23,24],"cashbill","payment","payment-gateway","platnosci","woocommerce","https:\u002F\u002Fcashbill.pl","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcashbill-payment-method.zip",99,1,0,"2025-09-22 00:00:00","2026-03-15T15:16:48.613Z",[33],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2025-53455","cashbillpl-patnoci-woocommerce-authenticated-administrator-stored-cross-site-scripting","CashBill.pl - Płatności WooCommerce \u003C= 3.2.1 - Authenticated (Administrator+) Stored Cross-Site Scripting","The CashBill.pl - Płatności WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 3.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.",null,"\u003C=3.2.1","3.3.0","medium",4.4,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-09-29 15:58:53",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F94530e50-02ab-4e58-9230-5c6a7b6c13e5?source=api-prod",8,{"slug":50,"display_name":7,"profile_url":8,"plugin_count":28,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":48,"trust_score":51,"computed_at":52},"lukaszfirek",93,"2026-04-04T16:27:17.069Z",[54,73,94,114,136],{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":62,"downloaded":63,"rating":64,"num_ratings":65,"last_updated":66,"tested_up_to":67,"requires_at_least":18,"requires_php":68,"tags":69,"homepage":71,"download_link":72,"security_score":13,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"pay-by-paynow-pl","Pay by paynow.pl","2.5.10","mElements","https:\u002F\u002Fprofiles.wordpress.org\u002Fksadowskime\u002F","\u003Cp>\u003Cstrong>pay\u003C\u002Fstrong>now gives you a free registration and only 0.95% commission.\u003C\u002Fp>\n\u003Cp>Simple configuration for BLIK, quick transfers and cards payments. Pay-out immediately on the bank account. To use paynow, you need to have a business account in mBank.\u003C\u002Fp>\n\u003Cp>If you do not have an account in the Paynow system yet, register in the \u003Ca href=\"https:\u002F\u002Fpaynow.pl\u002Fboarding\" rel=\"nofollow ugc\">Production\u003C\u002Fa> or \u003Ca href=\"https:\u002F\u002Fpanel.sandbox.paynow.pl\u002Fauth\u002Fregister\" rel=\"nofollow ugc\">Sandbox environment\u003C\u002Fa>.\u003C\u002Fp>\n","paynow is a secure online payment by bank transfers, BLIK and card.",6000,89047,84,5,"2025-10-21T10:23:00.000Z","6.4.8","7.2",[21,22,70,23,24],"paynow","https:\u002F\u002Fgithub.com\u002Fpay-now\u002Fpaynow-woocommerce","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpay-by-paynow-pl.2.5.10.zip",{"slug":74,"name":75,"version":76,"author":77,"author_profile":78,"description":79,"short_description":80,"active_installs":81,"downloaded":82,"rating":83,"num_ratings":84,"last_updated":85,"tested_up_to":16,"requires_at_least":86,"requires_php":87,"tags":88,"homepage":92,"download_link":93,"security_score":13,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"woo-paystack","Paystack WooCommerce Payment Gateway","5.8.2","Tunbosun Ayinla","https:\u002F\u002Fprofiles.wordpress.org\u002Ftubiz\u002F","\u003Cp>Paystack makes it easy for businesses in Nigeria, Ghana, Kenya and South Africa to accept secure payments from multiple local and global payment channels. Integrate Paystack with your store today, and let your customers pay you with their choice of methods.\u003C\u002Fp>\n\u003Cp>With Paystack for WooCommerce, you can accept payments via:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Credit\u002FDebit Cards — Visa, Mastercard, Verve (NG, GH, KE), American Express (SA only)\u003C\u002Fli>\n\u003Cli>Bank transfer (Nigeria)\u003C\u002Fli>\n\u003Cli>Mobile money (Ghana)\u003C\u002Fli>\n\u003Cli>Masterpass (South Africa)\u003C\u002Fli>\n\u003Cli>EFT (South Africa)\u003C\u002Fli>\n\u003Cli>USSD (Nigeria)\u003C\u002Fli>\n\u003Cli>Visa QR (Nigeria)\u003C\u002Fli>\n\u003Cli>Many more coming soon\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Why Paystack?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Start receiving payments instantly—go from sign-up to your first real transaction in as little as 15 minutes\u003C\u002Fli>\n\u003Cli>Simple, transparent pricing—no hidden charges or fees\u003C\u002Fli>\n\u003Cli>Modern, seamless payment experience via the Paystack Checkout — \u003Ca href=\"https:\u002F\u002Fpaystack.com\u002Fdemo\u002Fcheckout\" rel=\"nofollow ugc\">Try the demo!\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Advanced fraud detection\u003C\u002Fli>\n\u003Cli>Understand your customers better through a simple and elegant dashboard\u003C\u002Fli>\n\u003Cli>Access to attentive, empathetic customer support 24\u002F7\u003C\u002Fli>\n\u003Cli>Free updates as we launch new features and payment options\u003C\u002Fli>\n\u003Cli>Clearly documented APIs to build your custom payment experiences\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Over 60,000 businesses of all sizes in Nigeria, Ghana, Kenya, and South Africa rely on Paystack’s suite of products to receive payments and make payouts seamlessly. Sign up on \u003Ca href=\"https:\u002F\u002Fpaystack.com\u002Fsignup\" rel=\"nofollow ugc\">Paystack.com\u002Fsignup\u003C\u002Fa> to get started.\u003C\u002Fp>\n\u003Ch4>Note\u003C\u002Fh4>\n\u003Cp>This plugin is meant to be used by merchants in Ghana, Kenya, Nigeria and South Africa.\u003C\u002Fp>\n\u003Ch4>Plugin Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Accept payment\u003C\u002Fstrong> via Mastercard, Visa, Verve, USSD, Mobile Money, Bank Transfer, EFT, Bank Accounts, GTB 737 & Visa QR.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Seamless integration\u003C\u002Fstrong> into the WooCommerce checkout page. Accept payment directly on your site\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Refunds\u003C\u002Fstrong> from the WooCommerce order details page. Refund an order directly from the order details page\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Recurring payment\u003C\u002Fstrong> using \u003Ca href=\"https:\u002F\u002Fwoocommerce.com\u002Fproducts\u002Fwoocommerce-subscriptions\u002F\" rel=\"nofollow ugc\">WooCommerce Subscriptions\u003C\u002Fa> plugin\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WooCommerce Subscriptions Integration\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>The \u003Ca href=\"https:\u002F\u002Fwoocommerce.com\u002Fproducts\u002Fwoocommerce-subscriptions\u002F\" rel=\"nofollow ugc\">WooCommerce Subscriptions\u003C\u002Fa> integration only works with \u003Cstrong>WooCommerce v2.6 and above\u003C\u002Fstrong> and \u003Cstrong>WooCommerce Subscriptions v2.0 and above\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>No subscription plans is created on Paystack. The \u003Ca href=\"https:\u002F\u002Fwoocommerce.com\u002Fproducts\u002Fwoocommerce-subscriptions\u002F\" rel=\"nofollow ugc\">WooCommerce Subscriptions\u003C\u002Fa> plugin handles all the subscription functionality.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>If a customer pays for a subscription using a Mastercard or Visa card, their subscription will renew automatically throughout the duration of the subscription. If an automatic renewal fail their subscription will be put on-hold and they will have to login to their account to renew the subscription.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>For customers paying with a Verve card, their subscription can’t be renewed automatically, once a payment is due their subscription will be on-hold. The customer will have to login to his account to manually renew his subscription.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>If a subscription has a free trial and no signup-fee, automatic renewal is not possible for the first payment because the initial order total will be 0, after the free trial the subscription will be put on-hold. The customer will have to login to his account to renew his subscription. If a Mastercard or Visa card is used to renew the subscription subsequent renewals will be automatic throughout the duration of the subscription, if a Verve card is used automatic renewal isn’t possible.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Suggestions \u002F Feature Request\u003C\u002Fh4>\n\u003Cp>If you have suggestions or a new feature request, feel free to get in touch with me via the contact form on my website \u003Ca href=\"http:\u002F\u002Fbosun.me\u002Fget-in-touch\u002F\" rel=\"nofollow ugc\">here\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>You can also follow me on Twitter! \u003Cstrong>\u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Ftubiz\" rel=\"nofollow ugc\">@tubiz\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n","Paystack for WooCommerce allows your WooCommerce store to accept secure payments from multiple local and global payment channels.",30000,432109,90,24,"2025-04-17T08:26:00.000Z","6.2","7.4",[89,22,90,91,24],"mastercard","paystack","visa","https:\u002F\u002Fpaystack.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwoo-paystack.5.8.2.zip",{"slug":95,"name":96,"version":97,"author":98,"author_profile":99,"description":100,"short_description":101,"active_installs":102,"downloaded":103,"rating":13,"num_ratings":48,"last_updated":104,"tested_up_to":105,"requires_at_least":106,"requires_php":107,"tags":108,"homepage":112,"download_link":113,"security_score":13,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"montonio-for-woocommerce","Montonio for WooCommerce","9.4.1","Montonio","https:\u002F\u002Fprofiles.wordpress.org\u002Fmontonio\u002F","\u003Cp>Montonio is a complete checkout solution for online stores that includes all popular payment methods (local banks, card payments, Apple Pay, Google Pay) plus financing and shipping. Montonio offers you everything you need in your online store checkout.\u003C\u002Fp>\n\u003Ch4>Payments\u003C\u002Fh4>\n\u003Cp>The easiest way to collect payments in your online store. Montonio payment initiation service offers integrations with all major banks in Estonia, Finland, Latvia, Lithuania and Poland, additionally Apple Pay, Google Pay, Revolut (available everywhere) and Blik in Poland.\u003C\u002Fp>\n\u003Cp>All funds are immediately deposited to your bank account and an overview of the transactions can be found in our \u003Ca href=\"https:\u002F\u002Fpartner.montonio.com\" rel=\"nofollow ugc\">partner system\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Card Payments\u003C\u002Fh4>\n\u003Cp>Give your customers more ways to pay. In addition to payment links, Montonio lets your users pay by credit card.\u003C\u002Fp>\n\u003Ch4>Apple Pay, Google Pay\u003C\u002Fh4>\n\u003Cp>Want to offer an even easier way of paying? We also have Apple Pay and Google Pay! You can add these popular mobile wallets to your online store’s checkout. Your customers can pay faster since their credit card info is stored in the digital wallet and they don’t need to enter card details with each purchase.\u003C\u002Fp>\n\u003Ch4>Refunds\u003C\u002Fh4>\n\u003Cp>You can do a partial or full refund with a couple of clicks in the Montonio Partner System. Just open the order, check what items your customer returned and refund the amount needed.\u003C\u002Fp>\n\u003Ch4>Financing (Hire purchase)\u003C\u002Fh4>\n\u003Cp>Montonio Financing is just the right solution for financing larger purchases. You customers can choose a payment schedule that exactly suits their needs. Shoppers pay in equal instalments but you will get the full payment amount upfront. Plus, there’s no service fee for the merchant.\u003C\u002Fp>\n\u003Ch4>Pay Later\u003C\u002Fh4>\n\u003Cp>Give your visitors the most convenient ways to pay – with Montonio ‘Pay later’ your customers can pay later or split purchase into two or three payments. All this without any additional interest or contract fees for them. Shoppers pay in equal instalments but you will get the full payment amount upfront.\u003C\u002Fp>\n\u003Ch4>Shipping\u003C\u002Fh4>\n\u003Cp>Handle everything from one system: automatically generate, edit and print shipping labels without having to ever leave the Montonio dashboard. Labels are automatically retrieved from providers after order creation. You can start printing with just 2 clicks. With Montonio you can add order tracking codes with a link to the providers’ tracking page.\u003C\u002Fp>\n\u003Ch4>How to get started\u003C\u002Fh4>\n\u003Cp>Adding Montonio to your store is only a matter of minutes.\u003Cbr \u002F>\n1. Sign up at \u003Ca href=\"https:\u002F\u002Fmontonio.com\" rel=\"nofollow ugc\">montonio.com\u003C\u002Fa>\u003Cbr \u002F>\n2. Verify your identity and confirm your account with Montonio\u003Cbr \u002F>\n3. Set up the plugin, insert API keys and start using Montonio. More details on how to install and set up the plugin can be found in the Installation tab.\u003C\u002Fp>\n\u003Ch4>Availability\u003C\u002Fh4>\n\u003Cp>Montonio currently offers services in these countries:\u003Cbr \u002F>\n* Payments: Estonia, Finland, Latvia, Lithuania, Poland\u003Cbr \u002F>\n* Card payments: Estonia, Finland, Latvia, Lithuania, Poland\u003Cbr \u002F>\n* Financing: Estonia\u003Cbr \u002F>\n* Pay Later: Estonia\u003Cbr \u002F>\n* Shipping: Estonia, Latvia, Lithuania\u003Cbr \u002F>\nWe are also working on adding new countries.\u003C\u002Fp>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>Any questions? Just drop us an email at support@montonio.com.\u003C\u002Fp>\n\u003Ch4>WANT TO KNOW MORE?\u003C\u002Fh4>\n\u003Cp>More information about our solutions can be found on our \u003Ca href=\"https:\u002F\u002Fmontonio.com\" rel=\"nofollow ugc\">website\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin connects to multiple Montonio services to provide payment processing, shipping management, and service improvements:\u003C\u002Fp>\n\u003Ch4>Montonio Payment Gateway (Stargate)\u003C\u002Fh4>\n\u003Cp>What it does: Processes various payment methods including bank payments, card payments, BLIK payments, hire purchase and pay later options.\u003C\u002Fp>\n\u003Cp>Data transmitted: Order information (total amount, currency, order items), customer details (name, email, billing\u002Fshipping addresses), payment method selection, and merchant identification.\u003C\u002Fp>\n\u003Cp>When transmitted: During checkout when a payment is initiated, when checking payment status, and when processing refunds.\u003C\u002Fp>\n\u003Cp>Service URLs:\u003Cbr \u002F>\n* Production: https:\u002F\u002Fstargate.montonio.com\u002Fapi\u003Cbr \u002F>\n* Sandbox: https:\u002F\u002Fsandbox-stargate.montonio.com\u002Fapi\u003C\u002Fp>\n\u003Cp>Service information: \u003Ca href=\"https:\u002F\u002Fs3.eu-central-1.amazonaws.com\u002Fpublic.montonio.com\u002Fterms_and_conditions\u002Fmontonio_general\u002Fv3.0\u002Fmontonio_general_ee.pdf\" rel=\"nofollow ugc\">Terms of Service\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fmontonio.com\u002Flegal\u002Fprivacy-policy\u002F\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Montonio Shipping API\u003C\u002Fh4>\n\u003Cp>What it does: Manages shipping methods, pickup points, courier services, label generation and shipment tracking.\u003C\u002Fp>\n\u003Cp>Data transmitted: Shipping addresses, order details, selected shipping methods, parcel information (weight, dimensions), and shipment tracking information.\u003C\u002Fp>\n\u003Cp>When transmitted: When retrieving available shipping methods, displaying pickup points, creating shipments, and generating shipping labels.\u003C\u002Fp>\n\u003Cp>Service URLs:\u003Cbr \u002F>\n* Production: https:\u002F\u002Fshipping.montonio.com\u002Fapi\u003Cbr \u002F>\n* Sandbox: https:\u002F\u002Fsandbox-shipping.montonio.com\u002Fapi\u003C\u002Fp>\n\u003Cp>Service information: \u003Ca href=\"https:\u002F\u002Fs3.eu-central-1.amazonaws.com\u002Fpublic.montonio.com\u002Fterms_and_conditions\u002Fshipping\u002Fv3.0\u002Fshipping_international.pdf\" rel=\"nofollow ugc\">Terms of Service\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fmontonio.com\u002Flegal\u002Fprivacy-policy\u002F\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Montonio JavaScript SDK\u003C\u002Fh4>\n\u003Cp>What it does: Client-side library that renders payment forms, handles payment method selection and processes transactions.\u003C\u002Fp>\n\u003Cp>Data transmitted: Payment form inputs, selected payment method details, transaction authentication data.\u003C\u002Fp>\n\u003Cp>When transmitted: During checkout when payment forms are displayed and when customers interact with payment elements.\u003C\u002Fp>\n\u003Cp>Service URLs:\u003Cbr \u002F>\n* Montonio JS: https:\u002F\u002Fjs.montonio.com\u002F1.x.x\u002Fmontonio.umd.js\u003Cbr \u002F>\n* Montonio JS (Legacy): https:\u002F\u002Fpublic.montonio.com\u002Fassets\u002Fmontonio-js\u002F3.x\u002Fmontonio.bundle.js\u003Cbr \u002F>\n* Card payments API (Production): https:\u002F\u002Fapi.card-payments.montonio.com\u002Fpayment-intents\u003Cbr \u002F>\n* Card payments API (Sandbox): https:\u002F\u002Fapi.sandbox-card-payments.montonio.com\u002Fpayment-intents\u003Cbr \u002F>\n* Payment intents API (Production): https:\u002F\u002Fstargate.montonio.com\u002Fapi\u002Fpayment-intents\u003Cbr \u002F>\n* Payment intents API (Sandbox): https:\u002F\u002Fsandbox-stargate.montonio.com\u002Fapi\u002Fpayment-intents\u003C\u002Fp>\n\u003Cp>Service information: \u003Ca href=\"https:\u002F\u002Fs3.eu-central-1.amazonaws.com\u002Fpublic.montonio.com\u002Fterms_and_conditions\u002Fpayment_initiation\u002Fv3.0\u002Fpayment_initiation_international.pdf\" rel=\"nofollow ugc\">Bank Payment Terms of Service\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fs3.eu-central-1.amazonaws.com\u002Fpublic.montonio.com\u002Fterms_and_conditions\u002Fcard_payments\u002Fv3.0\u002Fcard_payments_international.pdf\" rel=\"nofollow ugc\">Card Payment Terms of Service\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fmontonio.com\u002Flegal\u002Fprivacy-policy\u002F\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Montonio Telemetry Service\u003C\u002Fh4>\n\u003Cp>What it does: Sends Store URL, WordPress\u002FWooCommerce version information and plugin configuration settings to offer better customer support when troubleshooting issues. No sensitive or private data is collected.\u003C\u002Fp>\n\u003Cp>Data transmitted: Store URL, WordPress\u002FWooCommerce version information, plugin configuration settings (with sensitive data removed).\u003C\u002Fp>\n\u003Cp>When transmitted: Upon plugin activation, deactivation, settings changes, and periodically (once per day).\u003C\u002Fp>\n\u003Cp>Service URL: https:\u002F\u002Fplugin-telemetry.montonio.com\u002Fapi\u003C\u002Fp>\n\u003Cp>Service information: \u003Ca href=\"https:\u002F\u002Fs3.eu-central-1.amazonaws.com\u002Fpublic.montonio.com\u002Fterms_and_conditions\u002Fmontonio_general\u002Fv3.0\u002Fmontonio_general_ee.pdf\" rel=\"nofollow ugc\">Terms of Service\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fmontonio.com\u002Flegal\u002Fprivacy-policy\u002F\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>\u003C\u002Fp>\n","Montonio is a complete checkout solution for online stores that includes all popular payment methods (local banks, card payments, Apple Pay, Google Pa &hellip;",10000,346076,"2026-03-10T08:35:00.000Z","6.9.4","5.0","7.0",[109,22,110,111,24],"montonio","payments","shipping","https:\u002F\u002Fwww.montonio.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmontonio-for-woocommerce.9.4.1.zip",{"slug":115,"name":116,"version":117,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":102,"downloaded":122,"rating":123,"num_ratings":48,"last_updated":124,"tested_up_to":125,"requires_at_least":126,"requires_php":18,"tags":127,"homepage":133,"download_link":134,"security_score":135,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"netopia-payments-payment-gateway","NETOPIA Payments Payment Gateway","1.4.4","netopiapayments","https:\u002F\u002Fprofiles.wordpress.org\u002Fnetopiapayments\u002F","\u003Cp>NETOPIA Payments Payment Gateway extends WooCommerce payment options by adding NETOPIA’s Payment Gateway options.\u003C\u002Fp>\n\u003Ch4>Features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>100% FREE TO USE\u003C\u002Fstrong> (GPLv2 license).\u003C\u002Fli>\n\u003Cli>Integrates NETOPIA payments’ card and cryptocoin payments service with your WordPress + WooCommerce online shop. SMS and Wire transfer options are still under development.\u003C\u002Fli>\n\u003Cli>Accepts payments with Visa and Mastercard credit\u002Fdebit cards\u003C\u002Fli>\n\u003Cli>Handles IPN responses and automatically changes order status on your shop in real time (confirmed\u002Fpaid or failure messages and refunds).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Requirements:\u003C\u002Fh4>\n\u003Cp>Please note that \u003Cstrong>on first update\u003C\u002Fstrong> your \u003Ccode>private.key\u003C\u002Fcode> and \u003Ccode>public.cer\u003C\u002Fcode> could be removed and \u003Cstrong>the plugin might need to be reconfigured\u003C\u002Fstrong>!\u003Cbr \u002F>\n* PHP 7+\u003Cbr \u002F>\n* openssl and dom extensions\u003C\u002Fp>\n","NETOPIA Payments Payment Gateway extends WooCommerce payment options by adding NETOPIA's Payment Gateway options.",47985,66,"2025-03-13T07:28:00.000Z","6.7.5","4.0.1",[128,129,130,131,132],"mobilpay","netopia","netopia-for-woocommerce","netopia-payment-gateway","netopia-payments","https:\u002F\u002Fwww.netopia-payments.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnetopia-payments-payment-gateway.1.4.4.zip",92,{"slug":137,"name":138,"version":139,"author":140,"author_profile":141,"description":142,"short_description":143,"active_installs":102,"downloaded":144,"rating":145,"num_ratings":146,"last_updated":147,"tested_up_to":125,"requires_at_least":106,"requires_php":68,"tags":148,"homepage":150,"download_link":151,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":152,"fetched_at":31},"sumup-payment-gateway-for-woocommerce","SumUp Payment Gateway For WooCommerce","2.8.2","sumup","https:\u002F\u002Fprofiles.wordpress.org\u002Fsumup\u002F","\u003Cp>Grow your business by accepting payments through SumUp in your WooCommerce store.\u003C\u002Fp>\n\u003Cp>The SumUp plugin for WooCommerce offers consumers a seamless payment experience with their favourite payment methods in just a few steps.  The payments are processed through the SumUp payment platform, so you can see them alongside your in-store sales. It’s affordable, easy to set up and use, and simply a better way to get paid.\u003C\u002Fp>\n\u003Ch4>TAKE PAYMENTS\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsumup.co.uk\u002Fcredit-card-processing-pricing\u002F\" rel=\"nofollow ugc\">No fixed costs. No binding contracts. Just a small % per transaction\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Receive secure payments to your bank account within 3 days\u003C\u002Fli>\n\u003Cli>Find everything in one place in the SumUp Dashboard and App\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>SUPPORTED PAYMENT METHODS\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Accept different debit and credit cards: Visa, VPay, Mastercard, American Express, Diners Club, Discover\u003C\u002Fli>\n\u003Cli>Accept alternative payment methods: Apple Pay, Bancontact, Boleto, iDeal, PayPal & Sofort\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdeveloper.sumup.com\u002Fcontact\" rel=\"nofollow ugc\">Request access to Alternative Payment Methods here\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>STAY SECURE\u003C\u002Fh4>\n\u003Cp>SumUp is authorised as a Payment Institution by the Financial Conduct Authority and is Europay, Mastercard and Visa (EMV) and PCI-DSS certified.\u003Cbr \u002F>\nThis ensures that payments are processed in accordance with the highest security standards.\u003C\u002Fp>\n\u003Ch4>BE FLEXIBLE\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>SumUp processes in 16 currencies: Australian Dollar (AUD), Brazilian Real (BRL), Bulgarian Lev (BGN), Chilean Peso (CLP), Colombian Peso (COP), Czech Koruna (CZK), Danish Krone (DKK), Euro (EUR), Forint (HUF), Norwegian Krone (NOK), Pound Sterling (GBP), Romanian Leu (RON), Swedish Krona (SEK), Swiss Franc (CHF), US Dollar (USD), Zloty (PLZ)\u003C\u002Fli>\n\u003Cli>SumUp supports 22 languages: Bulgarian, Czech, Danish, Dutch, English, Estonian, Finnish, French, German, Greek, Hungarian, Italian, Latvian, Lithuanian, Norwegian, Polish, Portuguese, Romanian, Slovak, Slovenian, Spanish and Swedish\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Want to try it?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>GET STARTED\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Download the plugin\u003C\u002Fli>\n\u003Cli>Create a \u003Ca href=\"https:\u002F\u002Fbuy.sumup.com\u002Fen-gb\u002Fsignup\u002Fcreate-account\" rel=\"nofollow ugc\">free account\u003C\u002Fa> or use \u003Ca href=\"https:\u002F\u002Fme.sumup.com\u002F\" rel=\"nofollow ugc\">your existing one\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Verify your account and connect the plugin by using the “Connect Account” button\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdeveloper.sumup.com\u002Fcontact\" rel=\"nofollow ugc\">Contact our support team\u003C\u002Fa> for a test account or to enable necessary scopes when you are ready to accept payments\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You’re ready to go.\u003C\u002Fp>\n","The SumUp plugin for WooCommerce allows businesses to securely process payments online. Accept payments from customers using a range of payment method &hellip;",259059,46,36,"2026-03-04T18:57:00.000Z",[149,22,110,140,24],"ecommerce","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsumup-payment-gateway-for-woocommerce\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsumup-payment-gateway-for-woocommerce.2.8.2.zip","2026-01-19 00:00:00",{"attackSurface":154,"codeSignals":203,"taintFlows":295,"riskAssessment":324,"analyzedAt":334},{"hooks":155,"ajaxHandlers":199,"restRoutes":200,"shortcodes":201,"cronEvents":202,"entryPointCount":29,"unprotectedCount":29},[156,162,166,170,176,180,184,188,191,195],{"type":157,"name":158,"callback":159,"file":160,"line":161},"action","admin_menu","add_options_page","controller\\CashBillSettings.php",10,{"type":157,"name":163,"callback":164,"file":160,"line":165},"admin_post","save",11,{"type":157,"name":167,"callback":168,"file":160,"line":169},"admin_notices","add_notice",12,{"type":171,"name":172,"callback":173,"file":174,"line":175},"filter","woocommerce_payment_gateways","cashbill_payment_load_class","woocommerce-cashbill.php",26,{"type":157,"name":177,"callback":178,"file":174,"line":179},"woocommerce_blocks_payment_method_type_registration","closure",95,{"type":157,"name":181,"callback":182,"file":174,"line":183},"admin_enqueue_scripts","admin_style",119,{"type":157,"name":185,"callback":186,"file":174,"line":187},"plugins_loaded","cashbill_payment_init",120,{"type":157,"name":185,"callback":189,"file":174,"line":190},"cashbill_settings_init",121,{"type":157,"name":192,"callback":193,"file":174,"line":194},"woocommerce_blocks_loaded","cashbill_payment_woocommerce_blocks_support",122,{"type":157,"name":196,"callback":197,"file":174,"line":198},"woocommerce_api_cashbill_payment","callback",124,[],[],[],[],{"dangerousFunctions":204,"sqlUsage":205,"outputEscaping":207,"fileOperations":29,"externalRequests":29,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":294},[],{"prepared":29,"raw":29,"locations":206},[],{"escaped":165,"rawEcho":208,"locations":209},43,[210,214,217,219,221,223,225,228,230,232,233,235,237,239,241,243,245,247,249,250,252,254,256,258,260,262,264,265,267,269,271,273,275,277,279,281,282,283,285,287,289,291,293],{"file":211,"line":212,"context":213},"payment\\CashBillBasicPayment.php",67,"raw output",{"file":215,"line":216,"context":213},"payment\\CashBillBlikPayment.php",61,{"file":218,"line":28,"context":213},"view\\admin\\notice\\error_save.php",{"file":220,"line":28,"context":213},"view\\admin\\notice\\error_validation.php",{"file":222,"line":28,"context":213},"view\\admin\\notice\\success_save.php",{"file":224,"line":28,"context":213},"view\\admin\\notice\\success_validation.php",{"file":226,"line":227,"context":213},"view\\admin\\option\\basic.php",6,{"file":229,"line":14,"context":213},"view\\admin\\settings.php",{"file":229,"line":231,"context":213},3,{"file":229,"line":161,"context":213},{"file":229,"line":234,"context":213},14,{"file":229,"line":236,"context":213},18,{"file":229,"line":238,"context":213},20,{"file":229,"line":240,"context":213},27,{"file":229,"line":242,"context":213},31,{"file":229,"line":244,"context":213},32,{"file":229,"line":246,"context":213},33,{"file":229,"line":248,"context":213},39,{"file":229,"line":208,"context":213},{"file":229,"line":251,"context":213},44,{"file":229,"line":253,"context":213},45,{"file":229,"line":255,"context":213},51,{"file":229,"line":257,"context":213},55,{"file":229,"line":259,"context":213},56,{"file":229,"line":261,"context":213},57,{"file":229,"line":263,"context":213},59,{"file":229,"line":212,"context":213},{"file":229,"line":266,"context":213},71,{"file":229,"line":268,"context":213},75,{"file":229,"line":270,"context":213},82,{"file":229,"line":272,"context":213},86,{"file":229,"line":274,"context":213},87,{"file":229,"line":276,"context":213},88,{"file":229,"line":278,"context":213},94,{"file":229,"line":280,"context":213},98,{"file":229,"line":27,"context":213},{"file":229,"line":13,"context":213},{"file":229,"line":284,"context":213},106,{"file":229,"line":286,"context":213},110,{"file":229,"line":288,"context":213},111,{"file":229,"line":290,"context":213},115,{"file":229,"line":292,"context":213},117,{"file":229,"line":183,"context":213},[],[296,316],{"entryPoint":297,"graph":298,"unsanitizedCount":227,"severity":315},"save (model\\CashBillSettings.php:65)",{"nodes":299,"edges":312},[300,306],{"id":301,"type":302,"label":303,"file":304,"line":305},"n0","source","$_POST (x6)","model\\CashBillSettings.php",68,{"id":307,"type":308,"label":309,"file":304,"line":310,"wp_function":311},"n1","sink","update_option() [Settings Manipulation]",72,"update_option",[313],{"from":301,"to":307,"sanitized":314},false,"low",{"entryPoint":317,"graph":318,"unsanitizedCount":227,"severity":315},"\u003CCashBillSettings> (model\\CashBillSettings.php:0)",{"nodes":319,"edges":322},[320,321],{"id":301,"type":302,"label":303,"file":304,"line":305},{"id":307,"type":308,"label":309,"file":304,"line":310,"wp_function":311},[323],{"from":301,"to":307,"sanitized":314},{"summary":325,"deductions":326},"The cashbill-payment-method plugin version 3.3.1 exhibits a mixed security posture. On the positive side, the code demonstrates good practices by having no identified dangerous functions, all SQL queries utilizing prepared statements, and no file operations or external HTTP requests. The presence of nonce and capability checks, along with a relatively small attack surface with zero unprotected entry points, are also encouraging signs. However, a significant concern arises from the output escaping. With 54 total outputs and only 20% properly escaped, there's a substantial risk of Cross-Site Scripting (XSS) vulnerabilities, especially given that the plugin's historical vulnerabilities are primarily of this type.\n\nThe taint analysis reveals 2 flows with unsanitized paths, though they are not categorized as critical or high severity. This, combined with the poor output escaping, suggests that while direct critical vulnerabilities might not be immediately apparent in this version, there's a clear pathway for attackers to inject malicious scripts if improperly handled user input is rendered on the frontend. The vulnerability history, while currently showing no unpatched CVEs, indicates a past pattern of XSS issues, which should be a warning sign. The fact that the last vulnerability was dated in the future (2025-09-22) is likely a data anomaly, but the historical trend of XSS is a concern.\n\nIn conclusion, while the plugin has implemented some robust security measures like prepared statements and authorization checks, the widespread lack of proper output escaping poses a significant risk. Coupled with the historical prevalence of XSS, this plugin requires careful monitoring and potential remediation to ensure user data and site integrity are protected. The potential for unpatched vulnerabilities in the future, given past occurrences, also warrants attention.",[327,330,332],{"reason":328,"points":329},"20% proper output escaping",15,{"reason":331,"points":161},"2 flows with unsanitized paths",{"reason":333,"points":48},"History of XSS vulnerabilities","2026-03-16T19:14:25.588Z",{"wat":336,"direct":342},{"assetPaths":337,"generatorPatterns":339,"scriptPaths":340,"versionParams":341},[338],"\u002Fwp-content\u002Fplugins\u002Fcashbill-payment-method\u002Fcss\u002Fadmin.css",[],[],[],{"cssClasses":343,"htmlComments":344,"htmlAttributes":345,"restEndpoints":358,"jsGlobals":360,"shortcodeOutput":362},[4],[],[346,347,348,349,350,351,352,353,354,355,356,357],"data-gateway_id","data-order_id","data-amount","data-customer_id","data-customer_email","data-currency","data-return_url","data-notify_url","data-language","data-api_key","data-hash","data-test_mode",[359],"\u002Fwp-json\u002Fcashbill-payment-method\u002Fv1\u002Fpayment",[361],"cashbill_payment_settings",[]]