[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$feCHH2On0HqBFlxJi2ek_ebZcXJN71JkT0RAgihg90q8":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":14,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":47,"crawl_stats":37,"alternatives":54,"analysis":144,"fingerprints":380},"click-pledge-wpjobboard","Click & Pledge WPJobBoard","25.09000000-WP6.8.2-JB5.12.0","ClickandPledge","https:\u002F\u002Fprofiles.wordpress.org\u002Fclickandpledge\u002F","\u003Cp>The Click & Pledge WBJobBoard plugin is a 3rd party add-on to the WPJobBoard plugin.  The plugin allows the Site Owner to embed a payment form to process payments via Visa, American Express, Discover, and Mastercard through their Click & Pledge Merchant Account.\u003C\u002Fp>\n\u003Cp>Payment form data posts via an encrypted connection from your SSL-secured site to\u003Cbr \u002F>\n\u003Ca href=”https:\u002F\u002Fpaas.cloud.clickandpledge.com\u002FPaymentService.svc?wsdl target=”_blank”>https:\u002F\u002Fpaas.cloud.clickandpledge.com\u002FPaymentService.svc?wsdl,\u003Cbr \u002F>\nClick & Pledge’s Payment Application Interface (PAI) for the Trio payment and administrative engine.\u003C\u002Fp>\n\u003Cp>Available posting methods are\u003Cbr \u002F>\n* Operation\u003Cbr \u002F>\n* OperationBase64Encode\u003Cbr \u002F>\n* Echo\u003C\u002Fp>\n\u003Cp>Security Details are available at:\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fclickandpledge.com\u002Fabout\u002Four-security\u002F\" rel=\"nofollow ugc\">\u003Cbr \u002F>\nhttps:\u002F\u002Fclickandpledge.com\u002Fabout\u002Four-security\u002F \u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Review the Click & Pledge Privacy Statement at:\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fclickandpledge.com\u002Fprivacy\u002F\" rel=\"nofollow ugc\">\u003Cbr \u002F>\nhttps:\u002F\u002Fclickandpledge.com\u002Fprivacy\u002F \u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ch4>About Click & Pledge\u003C\u002Fh4>\n\u003C\u002Fp>\n\u003Cp>Click & Pledge is a Level 1 PCI DSS-certified payment services provider offering products to over 20,000 clients worldwide.\u003C\u002Fp>\n\u003Ch3>Required Settings\u003C\u002Fh3>\n\u003Cp>* Account Number\u003Cbr \u002F>\n* Account GUID\u003Cbr \u002F>\n* Account Type (USD, EUR, CAD, GBP, or HKD)\u003C\u002Fp>\n\u003Cp>To locate Account Number and API Account GUID:\u003Cbr \u002F>\n   Login into Click & Pledge Connect, the online interface for a Click & Pledge account\u003Cbr \u002F>\n   Navigate to \u003Ca href=\"https:\u002F\u002Flogin.connect.clickandpledge.com\u002FSettings\" rel=\"nofollow ugc\"> Settings \u003C\u002Fa> – API Information.\u003C\u002Fp>\n\u003Ch4>Minimum Requirements\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WordPress 3.3 (it will work with WordPress 3.0 but 3.3 version is recommended)PHP 5.2.4 or greater\u003C\u002Fli>\n\u003Cli>PHP 5.2.0\u003C\u002Fli>\n\u003Cli>MySQL 5.0+\u003C\u002Fli>\n\u003Cli>Hosting Site secured via SSL\u003C\u002Fli>\n\u003Cli>Click & Pledge Account\u003C\u002Fli>\n\u003C\u002Ful>\n","Click & Pledge payment gateway integration for WPJobBoard with Salesforce support.",40,8339,80,1,"2025-09-11T08:09:00.000Z","6.8.5","5.0","",[20,21,22,23,24],"click-and-pledge","online-payments","payment-gateway","salesforce","wpjobboard","http:\u002F\u002Fmanual.clickandpledge.com\u002FWPJobBoard.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fclick-pledge-wpjobboard.25.09000000-WP6.8.2-JB5.12.0.zip",98,0,"2025-07-11 00:00:00","2026-03-15T15:16:48.613Z",[32],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":6,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":29,"updated_date":43,"references":44,"days_to_patch":46},"WF-e1334ab5-515c-4bce-b437-ee68a3315b78-click-pledge-wpjobboard","wordpress-wpjobboard-wp6-jb5-unauthenticated-sql-injection","WordPress-WPJobBoard \u003C= 25.07010000-WP6.8.1-JB5.11.5 - Unauthenticated SQL Injection","The WordPress-WPJobBoard plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 25.07010000-WP6.8.1-JB5.11.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.",null,"\u003C=25.07010000-WP6.8.1-JB5.11.5","high",7.5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:H\u002FI:N\u002FA:N","Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')","2025-09-11 14:53:56",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fe1334ab5-515c-4bce-b437-ee68a3315b78?source=api-prod",63,{"slug":48,"display_name":7,"profile_url":8,"plugin_count":49,"total_installs":50,"avg_security_score":27,"avg_patch_time_days":51,"trust_score":52,"computed_at":53},"clickandpledge",5,190,27,93,"2026-04-04T03:55:03.649Z",[55,72,88,111,128],{"slug":56,"name":57,"version":58,"author":7,"author_profile":8,"description":59,"short_description":60,"active_installs":61,"downloaded":62,"rating":28,"num_ratings":28,"last_updated":63,"tested_up_to":64,"requires_at_least":18,"requires_php":65,"tags":66,"homepage":69,"download_link":70,"security_score":71,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"gravity-forms-click-pledge","Click & Pledge for Gravity Forms","26.02000000-WP6.9.1-GF2.9.27","\u003Cp>Click & Pledge adds a credit card payment gateway to the \u003Ca href=\"http:\u002F\u002Fwww.gravityforms.com\u002F\" rel=\"nofollow ugc\">Gravity Forms\u003C\u002Fa> plugin so you can:\u003Cbr \u002F>\n* build online donation & Payment forms\u003Cbr \u002F>\n* build online booking forms\u003Cbr \u002F>\n* build simple Buy Now forms\u003Cbr \u002F>\n* accept recurring payment\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>NB: this plugin extends \u003Ca href=\"http:\u002F\u002Fwww.gravityforms.com\u002F\" rel=\"nofollow ugc\">Gravity Forms\u003C\u002Fa> functionalities; you still need to install and activate Gravity Forms!\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>Requirements:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Click & Pledge account\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.gravityforms.com\u002F\" rel=\"nofollow ugc\">Gravity Forms\u003C\u002Fa> plugin\u003C\u002Fli>\n\u003Cli>SSL certificate for your hosting account\u003C\u002Fli>\n\u003Cli>Addition of re-CAPTCHA\u003C\u002Fli>\n\u003C\u002Ful>\n","Add a credit card payment gateway for Click & Pledge to the Gravity Forms plugin",30,10975,"2026-02-18T12:05:00.000Z","6.9.4","5.6",[20,67,68,21,22],"ecommerce","gravity-forms","http:\u002F\u002Fclickandpledge.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgravity-forms-click-pledge.26.02000000-WP6.9.1-GF2.9.27.zip",100,{"slug":73,"name":74,"version":75,"author":7,"author_profile":8,"description":76,"short_description":77,"active_installs":78,"downloaded":79,"rating":28,"num_ratings":28,"last_updated":80,"tested_up_to":64,"requires_at_least":81,"requires_php":18,"tags":82,"homepage":86,"download_link":87,"security_score":71,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"click-pledge-paid-memberships-pro","Click & Pledge – Paid Memberships Pro","25.12000000-WP6.9-PMP3.6.3","\u003Cp>The Paid Memberships Pro Click & Pledge Gateway plugin enables seamless online payment processing for your WordPress Paid Memberships Pro site. With this integration, you can securely accept payments through your Click & Pledge account, including all major credit card brands: Visa, American Express, Discover, and MasterCard.\u003C\u002Fp>\n\u003Ch4>Paid Memberships Pro plugin\u003C\u002Fh4>\n\u003Cp>Paid Memberships Pro allows you to create unlimited membership levels and control access to premium content across your site. Restrict pages, posts, categories, videos, forums, downloads, support resources, or offer single “à la carte” access, all from one powerful platform.\u003Cbr \u002F>\nWhether you’re managing an online community, nonprofit membership program, or subscription-based business, Paid Memberships Pro works right out of the box while remaining highly customizable for developers with advanced needs.\u003Cbr \u002F>\nTogether, Paid Memberships Pro and Click & Pledge deliver a reliable, secure, and scalable membership and payment solution—making it easy to manage memberships, collect payments, and grow your organization with confidence.\u003C\u002Fp>\n\u003Ch4>About Click & Pledge\u003C\u002Fh4>\n\u003Cp>Click & Pledge began on May 30, 2000, with a simple but powerful question:\u003Cbr \u002F>\nWhat if online fundraising could be easier for everyone?\u003Cbr \u002F>\nWhat started as a small side project to help our local community, quickly sparked a vision much larger than we ever imagined. We saw an opportunity not just to build software, but to transform the way nonprofits and donors connect.\u003Cbr \u002F>\nMore than 25 years later, that vision has grown into a global platform serving over 20,000 organizations and powering more than $1 billion in charitable contributions.\u003Cbr \u002F>\nAt Click & Pledge, we believe fundraising isn’t just a transaction, but moment of human connection. That’s why we’re committed to reimagining the giving experience from the donor’s perspective, ensuring every interaction is intuitive, meaningful, and effective.\u003Cbr \u002F>\nFrom innovative fundraising tools to our comprehensive Academy, we empower nonprofits and partners to master both the technology and the human behavior behind successful giving.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Please note:\u003C\u002Fstrong> This addon requires a Click & Pledge Account to accept credit and debit card payments. You can apply for an account at \u003Ca href=\"https:\u002F\u002Fclickandpledge.com\u002Fsign-up\u002F\" rel=\"nofollow ugc\">Click & Pledge\u003C\u002Fa>. Please contact \u003Ca href=\"https:\u002F\u002Fsupport.clickandpledge.com\u002Fhc\u002Fen-us\u002Frequests\u002Fnew?ticket_form_id=36546115502619\" rel=\"nofollow ugc\">Support\u003C\u002Fa> with any questions.\u003C\u002Fp>\n","Click & Pledge payment gateway integration for Paid Memberships Pro with Salesforce support.",10,5045,"2025-12-17T14:12:00.000Z","5.2",[20,83,84,22,85],"membership-payments","paid-memberships-pro","salesforce-integration","https:\u002F\u002Fsupport.clickandpledge.com\u002Fhc\u002Fen-us\u002Farticles\u002F40827837803291-PaidMembershipsPro","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fclick-pledge-paid-memberships-pro.25.12000000-WP6.9-PMP3.6.3.zip",{"slug":89,"name":90,"version":91,"author":92,"author_profile":93,"description":94,"short_description":95,"active_installs":96,"downloaded":97,"rating":98,"num_ratings":99,"last_updated":100,"tested_up_to":101,"requires_at_least":81,"requires_php":102,"tags":103,"homepage":108,"download_link":109,"security_score":110,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"bykea-cash-online-payments","Bykea.Cash – Online Payments","3.2","dizyn","https:\u002F\u002Fprofiles.wordpress.org\u002Fdizyn\u002F","\u003Cp>The Bykea Cash plugin is a universal payment collection method for the Pakistani market which is extremely easy to install on any WordPress WooCommerce website.\u003C\u002Fp>\n\u003Cp>Using Bykea Cash plugin, you can accept payments securely for the products you are selling online without compromising the security requirements and without causing your theme to suffer. Give your customers their preferred ways to pay with one simple payment integration!\u003C\u002Fp>\n\u003Cp>Using this latest Bykea Cash extension, any WooCommerce shop can start accepting cash and digital payments in Pakistan immediately using these two options:\u003Cbr \u002F>\n1. Cash Pickups on Doorstep\u003Cbr \u002F>\n2. Credit\u002FDebit Card (Visa\u002FMasterCard)\u003C\u002Fp>\n\u003Cp>We will soon introduce the following payment collection methods:\u003Cbr \u002F>\n1. UnionPay debit cards (Coming Soon)\u003Cbr \u002F>\n2. PayPak debit cards (Coming Soon)\u003Cbr \u002F>\n3. Easypaisa Wallet (Coming Soon)\u003Cbr \u002F>\n4. Easypaisa OTC (Coming Soon)\u003Cbr \u002F>\n5. JazzCash Wallet (Coming Soon)\u003Cbr \u002F>\n6. JazzCash OTC (Coming Soon)\u003Cbr \u002F>\n7. Bank transfer for the following banks (Coming Soon)\u003Cbr \u002F>\n    7.1 Allied Bank Limited – ABL\u003Cbr \u002F>\n    7.2 Habib Bank Ltd – HBL\u003Cbr \u002F>\n    7.3 Bank Alfalah Limited\u003Cbr \u002F>\n    7.4 United Bank Limited – UBL\u003Cbr \u002F>\n    7.5 Standard Chartered Bank – SCB\u003Cbr \u002F>\n    7.6 JS Bank\u003Cbr \u002F>\n    7.7 Muslim Commercial Bank Limited – MCB\u003Cbr \u002F>\n    7.8 Meezan Bank limited\u003Cbr \u002F>\n    7.9 Askari Commercial Bank Limited\u003Cbr \u002F>\n    7.10 Faysal Bank Limited\u003Cbr \u002F>\n    7.11 Bank Al Habib Limited\u003Cbr \u002F>\n    7.12 Habib Metropolitan Bank Limited\u003Cbr \u002F>\n    7.13 Al Baraka Islamic Bank Limited\u003Cbr \u002F>\n    7.14 Bank Islami Pakistan Limited\u003Cbr \u002F>\n    7.15 Bank of Punjab\u003Cbr \u002F>\n    7.16 Dubai islamic Bank Pakistan Limited\u003Cbr \u002F>\n    7.17 First Women Bank\u003Cbr \u002F>\n    7.18 ICBC\u003Cbr \u002F>\n    7.19 MCB Islamic\u003Cbr \u002F>\n    7.20 National Bank of Pakistan – NBP\u003Cbr \u002F>\n    7.21 Samba Bank\u003Cbr \u002F>\n    7.22 Silk Bank\u003Cbr \u002F>\n    7.23 Sindh Bank\u003Cbr \u002F>\n    7.24 Soneri Bank Limited\u003Cbr \u002F>\n    7.25 Summit Bank\u003Cbr \u002F>\n    7.26 SadaPay\u003Cbr \u002F>\n    7.27 Apna Microfinance Bank\u003Cbr \u002F>\n    7.28 Finca Microfinance Bank\u003Cbr \u002F>\n    7.29 NRSP Microfinance Bank\u003Cbr \u002F>\n    7.30 Upaisa \u002F Ubank\u003Cbr \u002F>\n8. NIFT Payment Gateway (Coming Soon)\u003Cbr \u002F>\n9. Avanza APPS payment gateway (Coming Soon)\u003Cbr \u002F>\n10. HBL Konnect (Coming Soon)\u003Cbr \u002F>\n11. HBL Pay (Coming Soon)\u003Cbr \u002F>\n12. Direct operator billing\u003Cbr \u002F>\n    12.1 Jazz \u002F Warid – Mobilink\u003Cbr \u002F>\n    12.2 Telenor\u003Cbr \u002F>\n    12.3 Zong\u003Cbr \u002F>\n    12.4 Ufone\u003C\u002Fp>\n","The Bykea Cash plugin allows you to collect payments on your WordPress WooCommerce website instantly using Credit\u002FDebit Cards (VISA, MasterCard, PayPa &hellip;",200,16265,60,4,"2022-08-04T08:05:00.000Z","6.0.11","7.4",[104,105,106,22,107],"bykea-cash","cash-pickup","online-payments-visa-mastercard","payments","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbykea-cash-online-payments","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbykea-cash-online-payments.3.2.zip",85,{"slug":112,"name":113,"version":114,"author":115,"author_profile":116,"description":117,"short_description":118,"active_installs":71,"downloaded":119,"rating":28,"num_ratings":28,"last_updated":120,"tested_up_to":121,"requires_at_least":122,"requires_php":123,"tags":124,"homepage":18,"download_link":127,"security_score":71,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"paystation-woocommerce-payment-gateway","Paystation Payment Gateway for woocommerce","1.3.1","paystationNZ","https:\u002F\u002Fprofiles.wordpress.org\u002Fpaystationnz\u002F","\u003Cp>Accept credit card payments with \u003Ca href=\"http:\u002F\u002Fwww.paystation.co.nz\" rel=\"nofollow ugc\">Paystation\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>With our secure hosted payment pages you can take payments via multiple card types\u003C\u002Fp>\n\u003Cul>\n\u003Cli>VISA\u003C\u002Fli>\n\u003Cli>Mastercard\u003C\u002Fli>\n\u003Cli>American Express\u003C\u002Fli>\n\u003Cli>Diners Club\u003C\u002Fli>\n\u003Cli>Q Card\u003C\u002Fli>\n\u003Cli>POLi\u003C\u002Fli>\n\u003Cli>MasterPass\u003C\u002Fli>\n\u003Cli>UnionPay\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Requirements:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>An account with \u003Ca href=\"https:\u002F\u002Fpaystation.co.nz\u002Fpricing\u002F\" rel=\"nofollow ugc\">Paystation\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>An HMAC key for your Paystation account, contact our support team \u003Ca href=\"mailto:support@paystation.co.nz\" rel=\"nofollow ugc\">via email\u003C\u002Fa> if you do not already have this.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Installation\u003C\u002Fh4>\n\u003Col>\n\u003Cli>From the WooCommerce menu on the admin menu, select the ‘Settings’ link.\u003C\u002Fli>\n\u003Cli>Select ‘Payments’ tab from the top menu bar.\u003C\u002Fli>\n\u003Cli>Scroll down to the Paystation payment method and click ‘Manage’ for using Paystation Payment Gateway’.\u003C\u002Fli>\n\u003Cli>Click ‘Enable Paystation Payment Module’ checkbox to turn on plugin.\u003C\u002Fli>\n\u003Cli>Enter Paystation Id as provided by Paystation.\u003C\u002Fli>\n\u003Cli>Enter Gateway Id as provided by Paystation.\u003C\u002Fli>\n\u003Cli>Enter HMAC key as provided by Paystation.\u003C\u002Fli>\n\u003Cli>Select the ‘Enable test mode’ box if required.\u003C\u002Fli>\n\u003Cli>Click ‘Save changes’ button.\u003C\u002Fli>\n\u003Cli>Email our support team \u003Ca href=\"mailto:support@paystation.co.nz\" rel=\"nofollow ugc\">via email\u003C\u002Fa> if you have any issues with the details: Your Paystation ID, Gateway ID, confirming that you are using the Paystation WooCommerce plugin, the website link.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Testing Payments\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Ensure your Paystation settings have ‘Enable test mode’ selected.\u003C\u002Fli>\n\u003Cli>Make sure that you have at least one product added to your store.\u003C\u002Fli>\n\u003Cli>Set up a product with any amount to check successful or unsuccessful transaction testing respectively.\u003C\u002Fli>\n\u003Cli>Add product to cart and proceed to the checkout screen.\u003C\u002Fli>\n\u003Cli>Select Paystation credit card payments as payment method and continue.\u003C\u002Fli>\n\u003Cli>Fill the test card details of hosted payment form with one of our VISA or Mastercard \u003Ca href=\"https:\u002F\u002Fpaystation.co.nz\u002Fdevelopers\u002Ftest-cards\u002F\" rel=\"nofollow ugc\">test cards\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Upon successful transaction orders will be shown at your website backend store.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Taking Live Credit Payments\u003C\u002Fh4>\n\u003Cp>Once the site is working as expected you will need to fill in the \u003Ca href=\"https:\u002F\u002Fpaystation.co.nz\u002Fgolive\" rel=\"nofollow ugc\">Go live\u003C\u002Fa> form so that Paystation can test and set your account into Production Mode.\u003C\u002Fp>\n\u003Cp>Your account will be confirmed by Paystation when it’s live, and after that you need to go back to the Woocommerce checkout settings, and uncheck the ‘Enable test mode’ box in the Paystation method settings.\u003C\u002Fp>\n\u003Cp>Congratulations – you’re now setup to take credit card Payments!\u003C\u002Fp>\n","Take credit card payments on your store via Paystation.",8420,"2026-02-09T02:12:00.000Z","6.9.0","4.1","7.0",[125,67,21,22,126],"credit-card","woocommerce","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpaystation-woocommerce-payment-gateway.1.3.1.zip",{"slug":129,"name":130,"version":131,"author":130,"author_profile":132,"description":133,"short_description":134,"active_installs":11,"downloaded":135,"rating":98,"num_ratings":136,"last_updated":137,"tested_up_to":138,"requires_at_least":81,"requires_php":123,"tags":139,"homepage":142,"download_link":143,"security_score":110,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"pay-advantage","Pay Advantage","3.3.1","https:\u002F\u002Fprofiles.wordpress.org\u002Fpayadvantage\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.payadvantage.com.au\" rel=\"nofollow ugc\">Pay Advantage\u003C\u002Fa> is Australia’s #1 solution for accepting Visa, Mastercard, American Express, BPAY and Direct Debit.\u003C\u002Fp>\n\u003Cp>This plugin allows you to add widgets to your website so you can:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Instantly accept all \u003Ca href=\"https:\u002F\u002Fwww.payadvantage.com.au\u002Faccept-credit-card-payments\u002F\" rel=\"nofollow ugc\">major credit cards\u003C\u002Fa> including Visa, Mastercard and American Express from your site\u003C\u002Fli>\n\u003Cli>Automatically on-charge credit card processing fee’s\u003C\u002Fli>\n\u003Cli>Reduce card acceptance fraud with the latest \u003Ca href=\"https:\u002F\u002Fhelp.payadvantage.com.au\u002Fhc\u002Fen-us\u002Farticles\u002F4411360257167\" rel=\"nofollow ugc\">3D Secure v2\u002FPayer Authentication\u003C\u002Fa> system which verifies the cardholder authenticity\u003C\u002Fli>\n\u003Cli>Generate \u003Ca href=\"https:\u002F\u002Fwww.payadvantage.com.au\u002Fbpay-biller\u002F\" rel=\"nofollow ugc\">BPAY CRNs\u003C\u002Fa> allowing you to accept BPAY payments\u003C\u002Fli>\n\u003Cli>Integrates with \u003Ca href=\"https:\u002F\u002Fwoocommerce.com\" rel=\"nofollow ugc\">WooCommerce\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Awards\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>CIO Top 10 APAC Payment Solution Companies (2019)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Easy online application with fast account approvals and next business day settlement of most payment types\u003C\u002Fli>\n\u003Cli>Australia based telephone and email support\u003C\u002Fli>\n\u003Cli>Instant online credit card payments through Visa, Mastercard and American Express\u003C\u002Fli>\n\u003Cli>Generate BPAY compatible CRN’s allowing you to accept payments through BPAY\u003C\u002Fli>\n\u003Cli>WooCommerce payments\u003C\u002Fli>\n\u003C\u002Fol>\n","Instantly accept Visa, Mastercard and American Express from your site with fast settlement to any Australian bank account.",3892,2,"2023-11-22T23:21:00.000Z","6.4.8",[140,141,21,22],"credit-cards","e-commerce","https:\u002F\u002Fwww.payadvantage.com.au\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpay-advantage.3.3.1.zip",{"attackSurface":145,"codeSignals":236,"taintFlows":281,"riskAssessment":363,"analyzedAt":379},{"hooks":146,"ajaxHandlers":166,"restRoutes":233,"shortcodes":234,"cronEvents":235,"entryPointCount":192,"unprotectedCount":192},[147,153,157,162],{"type":148,"name":149,"callback":150,"file":151,"line":152},"filter","getext","theme_change_label_names","clickandpledge_admin_controll.php",11,{"type":148,"name":154,"callback":155,"file":156,"line":78},"wpjb_payment_render_response","script","clickandpledge_front_controll.php",{"type":148,"name":158,"callback":159,"file":160,"line":161},"gform_currency_setting_message","gformCurrencySettingMessage","clickandpledge_payment.class.php",17,{"type":148,"name":163,"callback":164,"file":165,"line":61},"wpjb_payments_list","wpjb_payment_clickandpledge","clickandpledge_payment.php",[167,172,175,179,181,185,187,191,193,197,199,202,204,207,209,212,214,217,219,222,224,227,228,231],{"action":168,"nopriv":169,"callback":170,"hasNonce":169,"hasCapCheck":169,"file":160,"line":171},"render",false,"processTransaction",15,{"action":168,"nopriv":173,"callback":170,"hasNonce":169,"hasCapCheck":169,"file":160,"line":174},true,16,{"action":176,"nopriv":169,"callback":177,"hasNonce":169,"hasCapCheck":169,"file":160,"line":178},"cnp_WPJBgetcode","cnp_wpjbgetconnectcode",19,{"action":176,"nopriv":173,"callback":177,"hasNonce":169,"hasCapCheck":169,"file":160,"line":180},20,{"action":182,"nopriv":169,"callback":183,"hasNonce":169,"hasCapCheck":169,"file":160,"line":184},"cnp_WPJBgetAccounts","cnp_wpjbgetcnpaccounts",21,{"action":182,"nopriv":173,"callback":183,"hasNonce":169,"hasCapCheck":169,"file":160,"line":186},22,{"action":188,"nopriv":169,"callback":189,"hasNonce":169,"hasCapCheck":169,"file":160,"line":190},"getCnPUserconectAccountList","cnp_getCnPUserConnectAccountList",23,{"action":188,"nopriv":173,"callback":189,"hasNonce":169,"hasCapCheck":169,"file":160,"line":192},24,{"action":194,"nopriv":169,"callback":195,"hasNonce":169,"hasCapCheck":169,"file":160,"line":196},"getWPJBCnPAccountList","cnp_getWPJBCnPAccountList",25,{"action":194,"nopriv":173,"callback":195,"hasNonce":169,"hasCapCheck":169,"file":160,"line":198},26,{"action":200,"nopriv":169,"callback":201,"hasNonce":169,"hasCapCheck":169,"file":160,"line":51},"getWPJBCnPDeleteAccountList","cnp_getWPJBCnPDeleteAccountList",{"action":200,"nopriv":173,"callback":201,"hasNonce":169,"hasCapCheck":169,"file":160,"line":203},28,{"action":205,"nopriv":169,"callback":205,"hasNonce":169,"hasCapCheck":169,"file":160,"line":206},"cnp_jbcnppaymentintent",31,{"action":205,"nopriv":173,"callback":205,"hasNonce":169,"hasCapCheck":169,"file":160,"line":208},32,{"action":210,"nopriv":169,"callback":210,"hasNonce":169,"hasCapCheck":169,"file":160,"line":211},"cnp_jbcnpgettotal",33,{"action":210,"nopriv":173,"callback":210,"hasNonce":169,"hasCapCheck":169,"file":160,"line":213},34,{"action":215,"nopriv":169,"callback":215,"hasNonce":169,"hasCapCheck":169,"file":160,"line":216},"cnp_jbcnpbapaymentintent",35,{"action":215,"nopriv":173,"callback":215,"hasNonce":169,"hasCapCheck":169,"file":160,"line":218},36,{"action":220,"nopriv":169,"callback":220,"hasNonce":169,"hasCapCheck":169,"file":160,"line":221},"cnp_jbcnpcreateorder",37,{"action":220,"nopriv":173,"callback":220,"hasNonce":169,"hasCapCheck":169,"file":160,"line":223},38,{"action":225,"nopriv":169,"callback":225,"hasNonce":169,"hasCapCheck":169,"file":160,"line":226},"cnp_jbCreateBillingAgreement",39,{"action":225,"nopriv":173,"callback":225,"hasNonce":169,"hasCapCheck":169,"file":160,"line":11},{"action":229,"nopriv":169,"callback":229,"hasNonce":169,"hasCapCheck":169,"file":160,"line":230},"cnp_jbCreateAmazonPayPaymentIntent",42,{"action":229,"nopriv":173,"callback":229,"hasNonce":169,"hasCapCheck":169,"file":160,"line":232},43,[],[],[],{"dangerousFunctions":237,"sqlUsage":238,"outputEscaping":251,"fileOperations":28,"externalRequests":78,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":280},[],{"prepared":239,"raw":99,"locations":240},50,[241,244,247,249],{"file":151,"line":242,"context":243},1400,"$wpdb->get_results() with variable interpolation",{"file":151,"line":245,"context":246},1876,"$wpdb->query() with variable interpolation",{"file":151,"line":248,"context":246},1896,{"file":160,"line":250,"context":246},117,{"escaped":252,"rawEcho":253,"locations":254},121,12,[255,258,260,262,264,266,268,270,272,274,276,278],{"file":151,"line":256,"context":257},791,"raw output",{"file":151,"line":259,"context":257},938,{"file":151,"line":261,"context":257},1138,{"file":151,"line":263,"context":257},1252,{"file":151,"line":265,"context":257},1679,{"file":151,"line":267,"context":257},1787,{"file":151,"line":269,"context":257},1801,{"file":151,"line":271,"context":257},1843,{"file":151,"line":273,"context":257},1933,{"file":151,"line":275,"context":257},2003,{"file":156,"line":277,"context":257},56,{"file":156,"line":279,"context":257},1644,[],[282,299,309,318,330,345,355],{"entryPoint":283,"graph":284,"unsanitizedCount":14,"severity":298},"cnp_getCnPUserConnectAccountList (clickandpledge_admin_controll.php:1925)",{"nodes":285,"edges":296},[286,291],{"id":287,"type":288,"label":289,"file":151,"line":290},"n0","source","$_REQUEST",1926,{"id":292,"type":293,"label":294,"file":151,"line":273,"wp_function":295},"n1","sink","echo() [XSS]","echo",[297],{"from":287,"to":292,"sanitized":169},"medium",{"entryPoint":300,"graph":301,"unsanitizedCount":14,"severity":298},"clickandpledgepaymentmethods (clickandpledge_front_controll.php:178)",{"nodes":302,"edges":307},[303,306],{"id":287,"type":288,"label":304,"file":156,"line":305},"$_POST",1531,{"id":292,"type":293,"label":294,"file":156,"line":279,"wp_function":295},[308],{"from":287,"to":292,"sanitized":169},{"entryPoint":310,"graph":311,"unsanitizedCount":14,"severity":317},"\u003Cclickandpledge_front_controll> (clickandpledge_front_controll.php:0)",{"nodes":312,"edges":315},[313,314],{"id":287,"type":288,"label":304,"file":156,"line":305},{"id":292,"type":293,"label":294,"file":156,"line":279,"wp_function":295},[316],{"from":287,"to":292,"sanitized":169},"low",{"entryPoint":319,"graph":320,"unsanitizedCount":14,"severity":39},"cnp_jbcnpcreateorder (clickandpledge_admin_controll.php:947)",{"nodes":321,"edges":328},[322,324],{"id":287,"type":288,"label":304,"file":151,"line":323},992,{"id":292,"type":293,"label":325,"file":151,"line":326,"wp_function":327},"get_row() [SQLi]",1061,"get_row",[329],{"from":287,"to":292,"sanitized":169},{"entryPoint":331,"graph":332,"unsanitizedCount":344,"severity":39},"\u003Cclickandpledge_admin_controll> (clickandpledge_admin_controll.php:0)",{"nodes":333,"edges":341},[334,336,337,339],{"id":287,"type":288,"label":335,"file":151,"line":323},"$_POST (x2)",{"id":292,"type":293,"label":325,"file":151,"line":326,"wp_function":327},{"id":338,"type":288,"label":289,"file":151,"line":290},"n2",{"id":340,"type":293,"label":294,"file":151,"line":273,"wp_function":295},"n3",[342,343],{"from":287,"to":292,"sanitized":169},{"from":338,"to":340,"sanitized":169},3,{"entryPoint":346,"graph":347,"unsanitizedCount":136,"severity":39},"render (clickandpledge_payment.class.php:246)",{"nodes":348,"edges":353},[349,351],{"id":287,"type":288,"label":335,"file":160,"line":350},264,{"id":292,"type":293,"label":325,"file":160,"line":352,"wp_function":327},882,[354],{"from":287,"to":292,"sanitized":169},{"entryPoint":356,"graph":357,"unsanitizedCount":136,"severity":39},"\u003Cclickandpledge_payment.class> (clickandpledge_payment.class.php:0)",{"nodes":358,"edges":361},[359,360],{"id":287,"type":288,"label":335,"file":160,"line":350},{"id":292,"type":293,"label":325,"file":160,"line":352,"wp_function":327},[362],{"from":287,"to":292,"sanitized":169},{"summary":364,"deductions":365},"The \"click-pledge-wpjobboard\" plugin exhibits a mixed security posture. While it shows strengths in its use of prepared statements for SQL queries and proper output escaping, significant concerns are raised by the lack of authentication and capability checks on all identified AJAX handlers. The presence of 24 unprotected AJAX entry points is a substantial risk, as it means any unauthenticated user could potentially trigger these functions, leading to unintended actions or information disclosure.\n\nTaint analysis reveals 7 flows with unsanitized paths, 4 of which are of high severity. This, coupled with the complete absence of nonce checks on AJAX actions, strongly suggests a vulnerability to cross-site request forgery (CSRF) or similar attacks that could exploit these unprotected entry points. The plugin's history of a high severity SQL injection vulnerability, although currently patched, also indicates a past weakness in how user-supplied data was handled, reinforcing the concern about unsanitized input in the current version.\n\nIn conclusion, the plugin has adopted some good security practices like prepared statements and output escaping. However, the massive attack surface exposed through unprotected AJAX handlers and the critical findings in taint analysis present a clear and present danger. The historical SQL injection vulnerability further highlights the need for rigorous input validation and authorization checks on all entry points. Until these critical authorization and sanitization issues are addressed, the plugin remains a significant security risk.",[366,368,370,372,374,377],{"reason":367,"points":171},"All 24 AJAX handlers are unprotected",{"reason":369,"points":253},"4 High severity taint flows with unsanitized paths",{"reason":371,"points":78},"No nonce checks on AJAX handlers",{"reason":373,"points":78},"No capability checks on AJAX handlers",{"reason":375,"points":376},"7 flows with unsanitized paths",7,{"reason":378,"points":171},"History of a high severity SQL Injection CVE","2026-03-16T22:19:56.998Z",{"wat":381,"direct":390},{"assetPaths":382,"generatorPatterns":385,"scriptPaths":386,"versionParams":387},[383,384],"\u002Fwp-content\u002Fplugins\u002Fclick-pledge-wpjobboard\u002Fclickandpledge-admin.js","\u002Fwp-content\u002Fplugins\u002Fclick-pledge-wpjobboard\u002Fclickandpledge.css",[],[383],[388,389],"click-pledge-wpjobboard\u002Fclickandpledge.css?ver=","click-pledge-wpjobboard\u002Fclickandpledge-admin.js?ver=",{"cssClasses":391,"htmlComments":395,"htmlAttributes":405,"restEndpoints":412,"jsGlobals":413,"shortcodeOutput":416},[392,393,394],"cnpwpjblogin","cnpwpjblogintitle","cnpwpjbsettings",[396,397,397,398,399,400,401,402,403,404],"\u003C!-- Click & Pledge [you are logged in as: ","translators: %s is the username of the logged-in Click & Pledge account","Click & Pledge","C&P Account Id","Test Mode","Live Mode","Order Mode:","Connect Campaign URL Alias","Payment Methods",[406,407,408,409,410,411],"wpjobboard_clickandpledge_register","wpjobboard_clickandpledge_Settings","wpjobboard_clickandpledge_AccountID","wpjobboard_clickandpledge_OrderMode","wpjobboard_clickandpledge_ConnectCampaignAlias","wpjobboard_clickandpledge_apiSettings",[],[414,415],"Payment_ClickandPledge","Wpjb_Form_Abstract_Payment",[]]