[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fRLnEee0jCKBiwJZmyeq1qh56vr4Cam1HRTZhzFZs1w0":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":14,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":47,"crawl_stats":36,"alternatives":52,"analysis":141,"fingerprints":367},"casso-tu-dong-xac-nhan-thanh-toan-chuyen-khoan-ngan-hang","Casso – Tự động xác nhận thanh toán chuyển khoản ngân hàng","4.1.0","diepmagik","https:\u002F\u002Fprofiles.wordpress.org\u002Fdiepmagik\u002F","\u003Cp>\u003Cstrong>Lưu ý\u003C\u002Fstrong>: Trước khi sử dụng plugin bạn phải đăng kí một tài khoản trên Casso và liên kết ngân hàng vào trước. Link hướng dẫn \u003Ca href=\"https:\u002F\u002Fcasso.vn\u002Fplugin-ket-noi-ngan-hang\u002F?gift=CASSOLOVEWOO\" rel=\"nofollow ugc\">tại đây\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Plugin này được phát triển bởi Casso giúp kết nối các ngân hàng Việt Nam vào Woocommerce, tự động xác nhận  đơn hàng đã thanh toán bằng hình thức chuyển khoản ngân hàng\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Mẹo\u003C\u002Fstrong> : Plugin này hoàn toàn miễn phí. Phần xác nhận thanh toán sẽ miễn phí nếu bạn sử dụng dưới 30 giao dịch \u002F tháng.\u003Cbr \u002F>\nNếu vượt quá 30 giao dịch \u002F tháng. Bạn có thể cân nhắc mua gói trả phí chỉ từ 100k \u002F tháng.\u003C\u002Fp>\n","Kết nối các ngân hàng Việt Nam vào Woocommerce, tự động xác nhận đơn hàng đã thanh toán. Hỗ trợ hơn 10 ngân hàng : VietinBank, OCB, Vietcombank, Techc &hellip;",300,8610,100,1,"2024-08-28T01:33:00.000Z","6.0.11","",[19,20,21,22,23],"gateway","ket-noi-ngan-hang","payment-gateway","vietcombank","woocommerce","https:\u002F\u002Fcasso.vn\u002Fplugin-ket-noi-ngan-hang\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcasso-tu-dong-xac-nhan-thanh-toan-chuyen-khoan-ngan-hang.zip",92,0,"2022-10-03 00:00:00","2026-03-15T15:16:48.613Z",[31],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":38,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":28,"updated_date":43,"references":44,"days_to_patch":46},"WF-edf0760c-356a-4c55-9ccc-9f086dae12b6-casso-tu-dong-xac-nhan-thanh-toan-chuyen-khoan-ngan-hang","casso-t-ng-xc-nhn-thanh-ton-chuyn-khon-ngn-hng-authenticated-admin-cross-site-scripting","Casso – Tự động xác nhận thanh toán chuyển khoản ngân hàng \u003C= 2.8.6 - Authenticated (Admin+) Cross-Site Scripting","The Casso plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's settings in versions up to, and including, 2.8.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with administrative level permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.",null,"\u003C=2.8.6","2.8.7","medium",5.5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-01-22 19:56:02",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fedf0760c-356a-4c55-9ccc-9f086dae12b6?source=api-prod",477,{"slug":7,"display_name":7,"profile_url":8,"plugin_count":48,"total_installs":49,"avg_security_score":26,"avg_patch_time_days":46,"trust_score":50,"computed_at":51},2,4300,73,"2026-04-04T21:19:36.717Z",[53,70,86,98,120],{"slug":54,"name":55,"version":56,"author":57,"author_profile":58,"description":59,"short_description":60,"active_installs":61,"downloaded":62,"rating":13,"num_ratings":48,"last_updated":63,"tested_up_to":64,"requires_at_least":17,"requires_php":17,"tags":65,"homepage":66,"download_link":67,"security_score":68,"vuln_count":48,"unpatched_count":14,"last_vuln_date":69,"fetched_at":29},"bck-tu-dong-xac-nhan-thanh-toan-chuyen-khoan-ngan-hang","Thanh Toán Quét Mã QR Code Tự Động – MoMo, ViettelPay, VNPay và 40 ngân hàng Việt Nam","2.0.1","Hai Ba","https:\u002F\u002Fprofiles.wordpress.org\u002Fhaibasoft\u002F","\u003Cul>\n\u003Cli>Không cần giấy phép kinh doanh.\u003C\u002Fli>\n\u003Cli>Dùng được cho cả Tài khoản thụ hưởng là Số tài khoản doanh nghiệp.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Không yêu cầu nhập user\u002Fpass hay mã OTP, an toàn tuyệt đối !\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Hỗ trợ QR code tự nhập tiền và nội dung đơn hàng (API tiêu chuẩn của Napas)\u003C\u002Fli>\n\u003Cli>Hỗ trợ ví MOMO, ViettelPay, VNPay, Vietcombank, Vietinbank, Techcombank, MB, ACB, VPBank, BIDV, TPBank, HDBank, Agribank, VIB, Sacombank, OCB, MSB, SHB, SCB, ABBank, BAC A Bank, Eximbank, Nam A Bank, NCB, SeABank, LienVietPostBank, Viet Capital Bank, Timo, Cake, TNEX..\u003C\u002Fli>\n\u003Cli>Xác nhận thanh toán tự động & kích hoạt đơn hàng từ 1~5 giây\u003C\u002Fli>\n\u003Cli>Xử lý đa luồng, không giới hạn số lượng giao dịch.\u003C\u002Fli>\n\u003Cli>Thông báo giao dịch qua telegram.\u003C\u002Fli>\n\u003Cli>Thêm tùy chỉnh webhook.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Yêu cầu:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Tải app BCK trên Google Play để xác nhận thanh toán tự động. \u003Ca href=\"https:\u002F\u002Fbck.haibasoft.com\u002Fhelp.html\" rel=\"nofollow ugc\">Xem hướng dẫn\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>👉 Xem \u003Ca href=\"https:\u002F\u002Fdemo-shop.hoangweb.com\u002F\" rel=\"nofollow ugc\">demo\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Với 1 chiếc điện thoại, bạn tích hợp \u003Cstrong>KHÔNG GIỚI HẠN\u003C\u002Fstrong> website, \u003Cstrong>KHÔNG GIỚI HẠN\u003C\u002Fstrong> tài khoản và số lượng giao dịch.\u003C\u002Fp>\n\u003Cp>❤️ Trải nghiệm miễn phí 1 ngày, xem \u003Ca href=\"https:\u002F\u002Fbck.haibasoft.com#banggia\" rel=\"nofollow ugc\">bảng giá\u003C\u002Fa> tại đây!\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FgWEuOxYW_mk?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n","Tích hợp thanh toán quét mã QR Code MoMo, ViettelPay, VNPay, Vietcombank, Vietinbank, Techcombank, MB, ACB, VPBank, TPBank.. cho Woocommerce",500,19720,"2025-08-24T08:19:00.000Z","6.7.5",[19,20,21,22,23],"https:\u002F\u002Fbck.haibasoft.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbck-tu-dong-xac-nhan-thanh-toan-chuyen-khoan-ngan-hang.2.0.1.zip",74,"2024-09-23 18:36:58",{"slug":71,"name":72,"version":73,"author":74,"author_profile":75,"description":76,"short_description":77,"active_installs":13,"downloaded":78,"rating":13,"num_ratings":79,"last_updated":80,"tested_up_to":81,"requires_at_least":17,"requires_php":17,"tags":82,"homepage":83,"download_link":84,"security_score":85,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"qh-testpay","Tích hợp Thanh Toán Quét Mã QR Code – MoMo, ViettelPay, Vietcombank","1.0.2","HOANG WEB","https:\u002F\u002Fprofiles.wordpress.org\u002Fhoangweb\u002F","\u003Cul>\n\u003Cli>Không cần giấy phép kinh doanh.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Không yêu cầu nhập user\u002Fpass hay mã OTP, an toàn 100% !\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Dùng được cho cả Tài khoản thụ hưởng là Số tài khoản doanh nghiệp.\u003C\u002Fli>\n\u003Cli>Xác nhận thanh toán & tự động kích hoạt đơn hàng từ 1~5 giây\u003C\u002Fli>\n\u003Cli>Xử lý đa luồng, không giới hạn số lượng giao dịch & kết nối website.\u003C\u002Fli>\n\u003Cli>Hỗ trợ QR code API tiêu chuẩn của Napas\u003C\u002Fli>\n\u003Cli>Hỗ trợ ví MOMO, ViettelPay, VNPay & các ngân hàng Vietcombank, Vietinbank, Techcombank, MB, ACB, VPBank, BIDV, TPBank, HDBank, Agribank, VIB, Sacombank, OCB, MSB, SHB, SCB, ABBank, BAC A Bank, Eximbank, Nam A Bank, NCB, SeABank, LienVietPostBank, Viet Capital Bank, Timo, Cake, TNEX..\u003C\u002Fli>\n\u003Cli>Thông báo giao dịch qua telegram.\u003C\u002Fli>\n\u003Cli>Thêm tùy chỉnh webhook.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Yêu cầu:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Tải app “Xác nhận thanh toán tự động” trên Google Play. \u003Ca href=\"https:\u002F\u002Fbck.haibasoft.com\u002F\" rel=\"nofollow ugc\">Xem hướng dẫn\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>👉 Xem \u003Ca href=\"https:\u002F\u002Fdemo-shop.hoangweb.net\u002F\" rel=\"nofollow ugc\">demo\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Với 1 điện thoại cá nhân, bạn tích hợp \u003Cstrong>KHÔNG GIỚI HẠN\u003C\u002Fstrong> website, \u003Cstrong>KHÔNG GIỚI HẠN\u003C\u002Fstrong> số lượng giao dịch.\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FgWEuOxYW_mk?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n","Tích hợp thanh toán quét mã QR Code với MoMo, ViettelPay, VNPay, Vietcombank, Vietinbank, Techcombank, MB, ACB, VPBank, TPBank.. cho Woocommerce",12057,3,"2023-10-11T07:15:00.000Z","6.3.0",[19,20,21,22,23],"https:\u002F\u002Fbck.haibasoft.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fqh-testpay.1.0.2.zip",85,{"slug":87,"name":88,"version":89,"author":90,"author_profile":91,"description":92,"short_description":77,"active_installs":93,"downloaded":94,"rating":27,"num_ratings":27,"last_updated":95,"tested_up_to":64,"requires_at_least":17,"requires_php":17,"tags":96,"homepage":83,"download_link":97,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"thanh-toan-chuyen-khoan","Thanh Toán Quét Mã QR Code Tự Động – MoMo, ViettelPay, MB, Vietcombank, Vietinbank, Techcombank, Agribank, ACB, BIDV","1.0.0","OptimizeWP","https:\u002F\u002Fprofiles.wordpress.org\u002Fwp2speed\u002F","\u003Cul>\n\u003Cli>Không cần giấy phép kinh doanh.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Không yêu cầu nhập user\u002Fpass hay mã OTP, an toàn 100% !\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Dùng được cho cả Tài khoản thụ hưởng là Số tài khoản doanh nghiệp.\u003C\u002Fli>\n\u003Cli>Xác nhận thanh toán & tự động kích hoạt đơn hàng từ 1~5 giây\u003C\u002Fli>\n\u003Cli>Xử lý đa luồng, không giới hạn số lượng giao dịch & kết nối website.\u003C\u002Fli>\n\u003Cli>Hỗ trợ QR code API tiêu chuẩn của Napas\u003C\u002Fli>\n\u003Cli>Hỗ trợ ví MOMO, ViettelPay, VNPay & các ngân hàng Vietcombank, Vietinbank, Techcombank, MB, ACB, VPBank, BIDV, TPBank, HDBank, Agribank, VIB, Sacombank, OCB, MSB, SHB, SCB, ABBank, BAC A Bank, Eximbank, Nam A Bank, NCB, SeABank, LienVietPostBank, Viet Capital Bank, Timo, Cake, TNEX..\u003C\u002Fli>\n\u003Cli>Thông báo giao dịch qua telegram.\u003C\u002Fli>\n\u003Cli>Thêm tùy chỉnh webhook.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Yêu cầu:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Tải app “Xác nhận thanh toán tự động” trên Google Play. \u003Ca href=\"https:\u002F\u002Fbck.haibasoft.com\" rel=\"nofollow ugc\">Xem hướng dẫn\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>👉 Xem \u003Ca href=\"https:\u002F\u002Fdemo-shop.hoangweb.com\u002F\" rel=\"nofollow ugc\">demo\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Với 1 điện thoại cá nhân, bạn tích hợp \u003Cstrong>KHÔNG GIỚI HẠN\u003C\u002Fstrong> website, \u003Cstrong>KHÔNG GIỚI HẠN\u003C\u002Fstrong> số lượng giao dịch.\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FgWEuOxYW_mk?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n",80,9660,"2024-12-04T09:39:00.000Z",[19,20,21,22,23],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fthanh-toan-chuyen-khoan.1.0.0.zip",{"slug":99,"name":100,"version":101,"author":102,"author_profile":103,"description":104,"short_description":105,"active_installs":106,"downloaded":107,"rating":108,"num_ratings":109,"last_updated":110,"tested_up_to":111,"requires_at_least":112,"requires_php":113,"tags":114,"homepage":118,"download_link":119,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"woo-paystack","Paystack WooCommerce Payment Gateway","5.8.2","Tunbosun Ayinla","https:\u002F\u002Fprofiles.wordpress.org\u002Ftubiz\u002F","\u003Cp>Paystack makes it easy for businesses in Nigeria, Ghana, Kenya and South Africa to accept secure payments from multiple local and global payment channels. Integrate Paystack with your store today, and let your customers pay you with their choice of methods.\u003C\u002Fp>\n\u003Cp>With Paystack for WooCommerce, you can accept payments via:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Credit\u002FDebit Cards — Visa, Mastercard, Verve (NG, GH, KE), American Express (SA only)\u003C\u002Fli>\n\u003Cli>Bank transfer (Nigeria)\u003C\u002Fli>\n\u003Cli>Mobile money (Ghana)\u003C\u002Fli>\n\u003Cli>Masterpass (South Africa)\u003C\u002Fli>\n\u003Cli>EFT (South Africa)\u003C\u002Fli>\n\u003Cli>USSD (Nigeria)\u003C\u002Fli>\n\u003Cli>Visa QR (Nigeria)\u003C\u002Fli>\n\u003Cli>Many more coming soon\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Why Paystack?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Start receiving payments instantly—go from sign-up to your first real transaction in as little as 15 minutes\u003C\u002Fli>\n\u003Cli>Simple, transparent pricing—no hidden charges or fees\u003C\u002Fli>\n\u003Cli>Modern, seamless payment experience via the Paystack Checkout — \u003Ca href=\"https:\u002F\u002Fpaystack.com\u002Fdemo\u002Fcheckout\" rel=\"nofollow ugc\">Try the demo!\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Advanced fraud detection\u003C\u002Fli>\n\u003Cli>Understand your customers better through a simple and elegant dashboard\u003C\u002Fli>\n\u003Cli>Access to attentive, empathetic customer support 24\u002F7\u003C\u002Fli>\n\u003Cli>Free updates as we launch new features and payment options\u003C\u002Fli>\n\u003Cli>Clearly documented APIs to build your custom payment experiences\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Over 60,000 businesses of all sizes in Nigeria, Ghana, Kenya, and South Africa rely on Paystack’s suite of products to receive payments and make payouts seamlessly. Sign up on \u003Ca href=\"https:\u002F\u002Fpaystack.com\u002Fsignup\" rel=\"nofollow ugc\">Paystack.com\u002Fsignup\u003C\u002Fa> to get started.\u003C\u002Fp>\n\u003Ch4>Note\u003C\u002Fh4>\n\u003Cp>This plugin is meant to be used by merchants in Ghana, Kenya, Nigeria and South Africa.\u003C\u002Fp>\n\u003Ch4>Plugin Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Accept payment\u003C\u002Fstrong> via Mastercard, Visa, Verve, USSD, Mobile Money, Bank Transfer, EFT, Bank Accounts, GTB 737 & Visa QR.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Seamless integration\u003C\u002Fstrong> into the WooCommerce checkout page. Accept payment directly on your site\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Refunds\u003C\u002Fstrong> from the WooCommerce order details page. Refund an order directly from the order details page\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Recurring payment\u003C\u002Fstrong> using \u003Ca href=\"https:\u002F\u002Fwoocommerce.com\u002Fproducts\u002Fwoocommerce-subscriptions\u002F\" rel=\"nofollow ugc\">WooCommerce Subscriptions\u003C\u002Fa> plugin\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WooCommerce Subscriptions Integration\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>The \u003Ca href=\"https:\u002F\u002Fwoocommerce.com\u002Fproducts\u002Fwoocommerce-subscriptions\u002F\" rel=\"nofollow ugc\">WooCommerce Subscriptions\u003C\u002Fa> integration only works with \u003Cstrong>WooCommerce v2.6 and above\u003C\u002Fstrong> and \u003Cstrong>WooCommerce Subscriptions v2.0 and above\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>No subscription plans is created on Paystack. The \u003Ca href=\"https:\u002F\u002Fwoocommerce.com\u002Fproducts\u002Fwoocommerce-subscriptions\u002F\" rel=\"nofollow ugc\">WooCommerce Subscriptions\u003C\u002Fa> plugin handles all the subscription functionality.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>If a customer pays for a subscription using a Mastercard or Visa card, their subscription will renew automatically throughout the duration of the subscription. If an automatic renewal fail their subscription will be put on-hold and they will have to login to their account to renew the subscription.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>For customers paying with a Verve card, their subscription can’t be renewed automatically, once a payment is due their subscription will be on-hold. The customer will have to login to his account to manually renew his subscription.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>If a subscription has a free trial and no signup-fee, automatic renewal is not possible for the first payment because the initial order total will be 0, after the free trial the subscription will be put on-hold. The customer will have to login to his account to renew his subscription. If a Mastercard or Visa card is used to renew the subscription subsequent renewals will be automatic throughout the duration of the subscription, if a Verve card is used automatic renewal isn’t possible.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Suggestions \u002F Feature Request\u003C\u002Fh4>\n\u003Cp>If you have suggestions or a new feature request, feel free to get in touch with me via the contact form on my website \u003Ca href=\"http:\u002F\u002Fbosun.me\u002Fget-in-touch\u002F\" rel=\"nofollow ugc\">here\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>You can also follow me on Twitter! \u003Cstrong>\u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Ftubiz\" rel=\"nofollow ugc\">@tubiz\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n","Paystack for WooCommerce allows your WooCommerce store to accept secure payments from multiple local and global payment channels.",30000,432109,90,24,"2025-04-17T08:26:00.000Z","6.8.5","6.2","7.4",[115,21,116,117,23],"mastercard","paystack","visa","https:\u002F\u002Fpaystack.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwoo-paystack.5.8.2.zip",{"slug":121,"name":122,"version":123,"author":124,"author_profile":125,"description":126,"short_description":127,"active_installs":128,"downloaded":129,"rating":13,"num_ratings":130,"last_updated":131,"tested_up_to":132,"requires_at_least":133,"requires_php":134,"tags":135,"homepage":139,"download_link":140,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"montonio-for-woocommerce","Montonio for WooCommerce","9.4.1","Montonio","https:\u002F\u002Fprofiles.wordpress.org\u002Fmontonio\u002F","\u003Cp>Montonio is a complete checkout solution for online stores that includes all popular payment methods (local banks, card payments, Apple Pay, Google Pay) plus financing and shipping. Montonio offers you everything you need in your online store checkout.\u003C\u002Fp>\n\u003Ch4>Payments\u003C\u002Fh4>\n\u003Cp>The easiest way to collect payments in your online store. Montonio payment initiation service offers integrations with all major banks in Estonia, Finland, Latvia, Lithuania and Poland, additionally Apple Pay, Google Pay, Revolut (available everywhere) and Blik in Poland.\u003C\u002Fp>\n\u003Cp>All funds are immediately deposited to your bank account and an overview of the transactions can be found in our \u003Ca href=\"https:\u002F\u002Fpartner.montonio.com\" rel=\"nofollow ugc\">partner system\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Card Payments\u003C\u002Fh4>\n\u003Cp>Give your customers more ways to pay. In addition to payment links, Montonio lets your users pay by credit card.\u003C\u002Fp>\n\u003Ch4>Apple Pay, Google Pay\u003C\u002Fh4>\n\u003Cp>Want to offer an even easier way of paying? We also have Apple Pay and Google Pay! You can add these popular mobile wallets to your online store’s checkout. Your customers can pay faster since their credit card info is stored in the digital wallet and they don’t need to enter card details with each purchase.\u003C\u002Fp>\n\u003Ch4>Refunds\u003C\u002Fh4>\n\u003Cp>You can do a partial or full refund with a couple of clicks in the Montonio Partner System. Just open the order, check what items your customer returned and refund the amount needed.\u003C\u002Fp>\n\u003Ch4>Financing (Hire purchase)\u003C\u002Fh4>\n\u003Cp>Montonio Financing is just the right solution for financing larger purchases. You customers can choose a payment schedule that exactly suits their needs. Shoppers pay in equal instalments but you will get the full payment amount upfront. Plus, there’s no service fee for the merchant.\u003C\u002Fp>\n\u003Ch4>Pay Later\u003C\u002Fh4>\n\u003Cp>Give your visitors the most convenient ways to pay – with Montonio ‘Pay later’ your customers can pay later or split purchase into two or three payments. All this without any additional interest or contract fees for them. Shoppers pay in equal instalments but you will get the full payment amount upfront.\u003C\u002Fp>\n\u003Ch4>Shipping\u003C\u002Fh4>\n\u003Cp>Handle everything from one system: automatically generate, edit and print shipping labels without having to ever leave the Montonio dashboard. Labels are automatically retrieved from providers after order creation. You can start printing with just 2 clicks. With Montonio you can add order tracking codes with a link to the providers’ tracking page.\u003C\u002Fp>\n\u003Ch4>How to get started\u003C\u002Fh4>\n\u003Cp>Adding Montonio to your store is only a matter of minutes.\u003Cbr \u002F>\n1. Sign up at \u003Ca href=\"https:\u002F\u002Fmontonio.com\" rel=\"nofollow ugc\">montonio.com\u003C\u002Fa>\u003Cbr \u002F>\n2. Verify your identity and confirm your account with Montonio\u003Cbr \u002F>\n3. Set up the plugin, insert API keys and start using Montonio. More details on how to install and set up the plugin can be found in the Installation tab.\u003C\u002Fp>\n\u003Ch4>Availability\u003C\u002Fh4>\n\u003Cp>Montonio currently offers services in these countries:\u003Cbr \u002F>\n* Payments: Estonia, Finland, Latvia, Lithuania, Poland\u003Cbr \u002F>\n* Card payments: Estonia, Finland, Latvia, Lithuania, Poland\u003Cbr \u002F>\n* Financing: Estonia\u003Cbr \u002F>\n* Pay Later: Estonia\u003Cbr \u002F>\n* Shipping: Estonia, Latvia, Lithuania\u003Cbr \u002F>\nWe are also working on adding new countries.\u003C\u002Fp>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>Any questions? Just drop us an email at support@montonio.com.\u003C\u002Fp>\n\u003Ch4>WANT TO KNOW MORE?\u003C\u002Fh4>\n\u003Cp>More information about our solutions can be found on our \u003Ca href=\"https:\u002F\u002Fmontonio.com\" rel=\"nofollow ugc\">website\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin connects to multiple Montonio services to provide payment processing, shipping management, and service improvements:\u003C\u002Fp>\n\u003Ch4>Montonio Payment Gateway (Stargate)\u003C\u002Fh4>\n\u003Cp>What it does: Processes various payment methods including bank payments, card payments, BLIK payments, hire purchase and pay later options.\u003C\u002Fp>\n\u003Cp>Data transmitted: Order information (total amount, currency, order items), customer details (name, email, billing\u002Fshipping addresses), payment method selection, and merchant identification.\u003C\u002Fp>\n\u003Cp>When transmitted: During checkout when a payment is initiated, when checking payment status, and when processing refunds.\u003C\u002Fp>\n\u003Cp>Service URLs:\u003Cbr \u002F>\n* Production: https:\u002F\u002Fstargate.montonio.com\u002Fapi\u003Cbr \u002F>\n* Sandbox: https:\u002F\u002Fsandbox-stargate.montonio.com\u002Fapi\u003C\u002Fp>\n\u003Cp>Service information: \u003Ca href=\"https:\u002F\u002Fs3.eu-central-1.amazonaws.com\u002Fpublic.montonio.com\u002Fterms_and_conditions\u002Fmontonio_general\u002Fv3.0\u002Fmontonio_general_ee.pdf\" rel=\"nofollow ugc\">Terms of Service\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fmontonio.com\u002Flegal\u002Fprivacy-policy\u002F\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Montonio Shipping API\u003C\u002Fh4>\n\u003Cp>What it does: Manages shipping methods, pickup points, courier services, label generation and shipment tracking.\u003C\u002Fp>\n\u003Cp>Data transmitted: Shipping addresses, order details, selected shipping methods, parcel information (weight, dimensions), and shipment tracking information.\u003C\u002Fp>\n\u003Cp>When transmitted: When retrieving available shipping methods, displaying pickup points, creating shipments, and generating shipping labels.\u003C\u002Fp>\n\u003Cp>Service URLs:\u003Cbr \u002F>\n* Production: https:\u002F\u002Fshipping.montonio.com\u002Fapi\u003Cbr \u002F>\n* Sandbox: https:\u002F\u002Fsandbox-shipping.montonio.com\u002Fapi\u003C\u002Fp>\n\u003Cp>Service information: \u003Ca href=\"https:\u002F\u002Fs3.eu-central-1.amazonaws.com\u002Fpublic.montonio.com\u002Fterms_and_conditions\u002Fshipping\u002Fv3.0\u002Fshipping_international.pdf\" rel=\"nofollow ugc\">Terms of Service\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fmontonio.com\u002Flegal\u002Fprivacy-policy\u002F\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Montonio JavaScript SDK\u003C\u002Fh4>\n\u003Cp>What it does: Client-side library that renders payment forms, handles payment method selection and processes transactions.\u003C\u002Fp>\n\u003Cp>Data transmitted: Payment form inputs, selected payment method details, transaction authentication data.\u003C\u002Fp>\n\u003Cp>When transmitted: During checkout when payment forms are displayed and when customers interact with payment elements.\u003C\u002Fp>\n\u003Cp>Service URLs:\u003Cbr \u002F>\n* Montonio JS: https:\u002F\u002Fjs.montonio.com\u002F1.x.x\u002Fmontonio.umd.js\u003Cbr \u002F>\n* Montonio JS (Legacy): https:\u002F\u002Fpublic.montonio.com\u002Fassets\u002Fmontonio-js\u002F3.x\u002Fmontonio.bundle.js\u003Cbr \u002F>\n* Card payments API (Production): https:\u002F\u002Fapi.card-payments.montonio.com\u002Fpayment-intents\u003Cbr \u002F>\n* Card payments API (Sandbox): https:\u002F\u002Fapi.sandbox-card-payments.montonio.com\u002Fpayment-intents\u003Cbr \u002F>\n* Payment intents API (Production): https:\u002F\u002Fstargate.montonio.com\u002Fapi\u002Fpayment-intents\u003Cbr \u002F>\n* Payment intents API (Sandbox): https:\u002F\u002Fsandbox-stargate.montonio.com\u002Fapi\u002Fpayment-intents\u003C\u002Fp>\n\u003Cp>Service information: \u003Ca href=\"https:\u002F\u002Fs3.eu-central-1.amazonaws.com\u002Fpublic.montonio.com\u002Fterms_and_conditions\u002Fpayment_initiation\u002Fv3.0\u002Fpayment_initiation_international.pdf\" rel=\"nofollow ugc\">Bank Payment Terms of Service\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fs3.eu-central-1.amazonaws.com\u002Fpublic.montonio.com\u002Fterms_and_conditions\u002Fcard_payments\u002Fv3.0\u002Fcard_payments_international.pdf\" rel=\"nofollow ugc\">Card Payment Terms of Service\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fmontonio.com\u002Flegal\u002Fprivacy-policy\u002F\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Montonio Telemetry Service\u003C\u002Fh4>\n\u003Cp>What it does: Sends Store URL, WordPress\u002FWooCommerce version information and plugin configuration settings to offer better customer support when troubleshooting issues. No sensitive or private data is collected.\u003C\u002Fp>\n\u003Cp>Data transmitted: Store URL, WordPress\u002FWooCommerce version information, plugin configuration settings (with sensitive data removed).\u003C\u002Fp>\n\u003Cp>When transmitted: Upon plugin activation, deactivation, settings changes, and periodically (once per day).\u003C\u002Fp>\n\u003Cp>Service URL: https:\u002F\u002Fplugin-telemetry.montonio.com\u002Fapi\u003C\u002Fp>\n\u003Cp>Service information: \u003Ca href=\"https:\u002F\u002Fs3.eu-central-1.amazonaws.com\u002Fpublic.montonio.com\u002Fterms_and_conditions\u002Fmontonio_general\u002Fv3.0\u002Fmontonio_general_ee.pdf\" rel=\"nofollow ugc\">Terms of Service\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fmontonio.com\u002Flegal\u002Fprivacy-policy\u002F\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>\u003C\u002Fp>\n","Montonio is a complete checkout solution for online stores that includes all popular payment methods (local banks, card payments, Apple Pay, Google Pa &hellip;",10000,346076,8,"2026-03-10T08:35:00.000Z","6.9.4","5.0","7.0",[136,21,137,138,23],"montonio","payments","shipping","https:\u002F\u002Fwww.montonio.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmontonio-for-woocommerce.9.4.1.zip",{"attackSurface":142,"codeSignals":201,"taintFlows":296,"riskAssessment":353,"analyzedAt":366},{"hooks":143,"ajaxHandlers":184,"restRoutes":197,"shortcodes":198,"cronEvents":199,"entryPointCount":200,"unprotectedCount":200},[144,151,156,161,165,168,173,177,181],{"type":145,"name":146,"callback":147,"priority":148,"file":149,"line":150},"action","woocommerce_email_before_order_table","email_instructions",10,"inc\\banks\\class-casso-base.php",64,{"type":145,"name":152,"callback":153,"file":154,"line":155},"admin_menu","register_submenu_page","inc\\class-casso-admin-page.php",44,{"type":145,"name":157,"callback":158,"file":159,"line":160},"plugins_loaded","casso_load_plugin_textdomain","wc-gateway-casso.php",98,{"type":145,"name":162,"callback":163,"file":159,"line":164},"woocommerce_blocks_loaded","woocommerce_casso_woocommerce_blocks_support",99,{"type":145,"name":166,"callback":166,"file":159,"line":167},"init",101,{"type":169,"name":170,"callback":171,"file":159,"line":172},"filter","wc_order_statuses","add_casso_order_statuses",143,{"type":145,"name":174,"callback":175,"file":159,"line":176},"admin_notices","notice_if_not_woocommerce",168,{"type":169,"name":178,"callback":179,"file":159,"line":180},"woocommerce_payment_gateways","closure",294,{"type":145,"name":182,"callback":179,"file":159,"line":183},"woocommerce_blocks_payment_method_type_registration",361,[185,190,192,195],{"action":186,"nopriv":187,"callback":186,"hasNonce":188,"hasCapCheck":188,"file":159,"line":189},"fetch_order_status_casso",true,false,162,{"action":186,"nopriv":188,"callback":186,"hasNonce":188,"hasCapCheck":188,"file":159,"line":191},163,{"action":193,"nopriv":187,"callback":193,"hasNonce":188,"hasCapCheck":188,"file":159,"line":194},"fetch_sync_order_casso",164,{"action":193,"nopriv":188,"callback":193,"hasNonce":188,"hasCapCheck":188,"file":159,"line":196},165,[],[],[],4,{"dangerousFunctions":202,"sqlUsage":203,"outputEscaping":205,"fileOperations":48,"externalRequests":148,"nonceChecks":14,"capabilityChecks":14,"bundledLibraries":295},[],{"prepared":27,"raw":27,"locations":204},[],{"escaped":206,"rawEcho":155,"locations":207},55,[208,211,213,215,217,219,221,223,225,227,228,230,231,233,235,237,239,241,243,245,247,249,251,253,255,257,259,261,263,265,267,269,271,273,275,277,279,281,283,285,287,289,291,293],{"file":149,"line":209,"context":210},561,"raw output",{"file":154,"line":212,"context":210},152,{"file":154,"line":214,"context":210},156,{"file":154,"line":216,"context":210},161,{"file":154,"line":218,"context":210},166,{"file":154,"line":220,"context":210},171,{"file":154,"line":222,"context":210},176,{"file":154,"line":224,"context":210},179,{"file":154,"line":226,"context":210},185,{"file":154,"line":226,"context":210},{"file":154,"line":229,"context":210},187,{"file":154,"line":229,"context":210},{"file":154,"line":232,"context":210},188,{"file":154,"line":234,"context":210},189,{"file":154,"line":236,"context":210},196,{"file":154,"line":238,"context":210},198,{"file":154,"line":240,"context":210},200,{"file":154,"line":242,"context":210},208,{"file":154,"line":244,"context":210},210,{"file":154,"line":246,"context":210},211,{"file":154,"line":248,"context":210},223,{"file":154,"line":250,"context":210},226,{"file":154,"line":252,"context":210},227,{"file":154,"line":254,"context":210},231,{"file":154,"line":256,"context":210},232,{"file":154,"line":258,"context":210},233,{"file":154,"line":260,"context":210},273,{"file":154,"line":262,"context":210},274,{"file":154,"line":264,"context":210},283,{"file":154,"line":266,"context":210},329,{"file":154,"line":268,"context":210},331,{"file":154,"line":270,"context":210},335,{"file":154,"line":272,"context":210},337,{"file":154,"line":274,"context":210},338,{"file":154,"line":276,"context":210},342,{"file":154,"line":278,"context":210},346,{"file":154,"line":280,"context":210},352,{"file":154,"line":282,"context":210},354,{"file":154,"line":284,"context":210},358,{"file":154,"line":286,"context":210},374,{"file":154,"line":288,"context":210},419,{"file":154,"line":290,"context":210},422,{"file":154,"line":292,"context":210},423,{"file":159,"line":294,"context":210},740,[],[297,327,341],{"entryPoint":298,"graph":299,"unsanitizedCount":14,"severity":326},"save_settings (inc\\class-casso-admin-page.php:50)",{"nodes":300,"edges":322},[301,306,312,315,319],{"id":302,"type":303,"label":304,"file":154,"line":305},"n0","source","$_REQUEST",53,{"id":307,"type":308,"label":309,"file":154,"line":310,"wp_function":311},"n1","sink","update_option() [Settings Manipulation]",84,"update_option",{"id":313,"type":303,"label":304,"file":154,"line":314},"n2",87,{"id":316,"type":317,"label":318,"file":154,"line":314},"n3","transform","→ casso_oauth_process_webhook()",{"id":320,"type":308,"label":309,"file":154,"line":321,"wp_function":311},"n4",603,[323,324,325],{"from":302,"to":307,"sanitized":187},{"from":313,"to":316,"sanitized":188},{"from":316,"to":320,"sanitized":188},"low",{"entryPoint":328,"graph":329,"unsanitizedCount":14,"severity":326},"\u003Cclass-casso-admin-page> (inc\\class-casso-admin-page.php:0)",{"nodes":330,"edges":337},[331,333,334,335,336],{"id":302,"type":303,"label":332,"file":154,"line":305},"$_REQUEST (x4)",{"id":307,"type":308,"label":309,"file":154,"line":310,"wp_function":311},{"id":313,"type":303,"label":304,"file":154,"line":314},{"id":316,"type":317,"label":318,"file":154,"line":314},{"id":320,"type":308,"label":309,"file":154,"line":321,"wp_function":311},[338,339,340],{"from":302,"to":307,"sanitized":187},{"from":313,"to":316,"sanitized":188},{"from":316,"to":320,"sanitized":188},{"entryPoint":342,"graph":343,"unsanitizedCount":48,"severity":326},"\u003Cwc-gateway-casso> (wc-gateway-casso.php:0)",{"nodes":344,"edges":351},[345,347],{"id":302,"type":303,"label":346,"file":159,"line":248},"$_REQUEST (x2)",{"id":307,"type":308,"label":348,"file":159,"line":349,"wp_function":350},"echo() [XSS]",727,"echo",[352],{"from":302,"to":307,"sanitized":188},{"summary":354,"deductions":355},"The plugin \"casso-tu-dong-xac-nhan-thanh-toan-chuyen-khoan-ngan-hang\" v4.1.0 exhibits a mixed security posture. While it demonstrates good practices by utilizing prepared statements for all SQL queries and only one nonce check, significant concerns arise from its attack surface and output escaping. The presence of four AJAX handlers without authentication checks presents a substantial risk, as these can be accessed and potentially exploited by unauthenticated users.\n\nThe static analysis reveals a worrying trend in taint analysis, with three out of three flows showing unsanitized paths. Although no critical or high severity taint flows were identified, this indicates a potential for various vulnerabilities if the data within these flows is not properly handled. The high rate of improperly escaped output (44%) further exacerbates this risk, suggesting a strong possibility of Cross-Site Scripting (XSS) vulnerabilities.\n\nHistorically, the plugin has a known CVE, which was a medium severity Cross-site Scripting vulnerability. The fact that this vulnerability is currently patched is positive, but the pattern of past XSS vulnerabilities, coupled with the current high percentage of unescaped output, suggests that this could be a recurring issue. Overall, the plugin has strengths in its SQL handling but is significantly weakened by its unprotected AJAX endpoints and inadequate output sanitization, making it a moderate risk.",[356,358,360,363],{"reason":357,"points":148},"AJAX handlers without authentication checks",{"reason":359,"points":148},"Unsanitized paths in taint analysis",{"reason":361,"points":362},"High percentage of improperly escaped output",6,{"reason":364,"points":365},"Known CVE (medium severity XSS) in vulnerability history",5,"2026-03-16T20:00:39.707Z",{"wat":368,"direct":375},{"assetPaths":369,"generatorPatterns":371,"scriptPaths":372,"versionParams":373},[370],"\u002Fwp-content\u002Fplugins\u002Fcasso-tu-dong-xac-nhan-thanh-toan-chuyen-khoan-ngan-hang\u002Fassets\u002Fcss\u002Fstyle.css",[],[],[374],"\u002Fassets\u002Fcss\u002Fstyle.css?ver=",{"cssClasses":376,"htmlComments":377,"htmlAttributes":378,"restEndpoints":379,"jsGlobals":380,"shortcodeOutput":381},[],[],[],[],[],[]]