[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fiPFFAOPHAwAabvPOAVCCp2-8WSq_Y-XpX0p7VBNGj3M":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":37,"analysis":38,"fingerprints":93},"colored-order-notes-for-woocommerce","WooComerce Colored Order Notes","1.0.2","Prasad Nevase","https:\u002F\u002Fprofiles.wordpress.org\u002Fprasad-nevase\u002F","\u003Cp>WooCommerce Colored Order Notes plugin allows you to to customize order note color for each order status. The plugin is made to work with WooCommerce version 2.5 or higher. Upon activating the plugin you will see “Order Note Colors” tab under “WooCommerce > Settings”.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note\u003C\u002Fstrong>\u003Cbr \u002F>\nThis plugin works only with English (en_US) locale currently.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Important Links\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FItsMePN\u002Fcolored-order-notes-for-woocommerce\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa> – Please mention your wordpress.org username when sending pull requests.\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin allows you to customize order note color for each order status.",60,6849,80,4,"2019-03-06T15:31:00.000Z","5.1.22","",[19,20,21,22,23],"colored-order-note","coloured-order-notes","order-note-color","woocommerce-coloured-order-notes","woocommerce-custom-order-note-color","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoocommerce-colored-order-notes\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcolored-order-notes-for-woocommerce.1.0.2.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"prasad-nevase",1,30,84,"2026-04-04T15:37:34.022Z",[],{"attackSurface":39,"codeSignals":72,"taintFlows":82,"riskAssessment":83,"analyzedAt":92},{"hooks":40,"ajaxHandlers":68,"restRoutes":69,"shortcodes":70,"cronEvents":71,"entryPointCount":27,"unprotectedCount":27},[41,46,50,55,59,62,65],{"type":42,"name":43,"callback":43,"file":44,"line":45},"action","init","woocommerce-colored-order-notes.php",36,{"type":42,"name":47,"callback":48,"file":44,"line":49},"admin_notices","anonymous",47,{"type":51,"name":52,"callback":48,"priority":53,"file":44,"line":54},"filter","woocommerce_settings_tabs_array",50,51,{"type":51,"name":56,"callback":48,"priority":57,"file":44,"line":58},"woocommerce_order_note_class",10,52,{"type":42,"name":60,"callback":48,"file":44,"line":61},"woocommerce_settings_tabs_order_note_color",53,{"type":42,"name":63,"callback":48,"file":44,"line":64},"woocommerce_update_options_order_note_color",54,{"type":42,"name":66,"callback":48,"file":44,"line":67},"admin_head",55,[],[],[],[],{"dangerousFunctions":73,"sqlUsage":74,"outputEscaping":76,"fileOperations":27,"externalRequests":27,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":81},[],{"prepared":27,"raw":27,"locations":75},[],{"escaped":33,"rawEcho":33,"locations":77},[78],{"file":44,"line":79,"context":80},64,"raw output",[],[],{"summary":84,"deductions":85},"The plugin 'colored-order-notes-for-woocommerce' v1.0.2 demonstrates a strong adherence to secure coding practices based on the provided static analysis. The absence of any identified dangerous functions, raw SQL queries, file operations, or external HTTP requests is commendable. Furthermore, the claim of 100% of SQL queries utilizing prepared statements suggests good protection against SQL injection vulnerabilities.\n\nHowever, the analysis does reveal potential areas of concern. A significant weakness is the complete lack of nonce checks and capability checks. This is particularly worrying given that any entry points, even if currently zero, could be exploited without proper authorization checks. The output escaping is also not entirely robust, with only 50% of outputs being properly escaped, which could leave the plugin vulnerable to cross-site scripting (XSS) attacks if any new output functionalities are added or if the existing ones are misused.\n\nThe vulnerability history is clean, with no recorded CVEs. This, combined with the secure coding practices, paints a picture of a generally well-maintained plugin. However, the absence of vulnerability history doesn't negate the risks identified in the static analysis, particularly the missing authorization checks. In conclusion, while the plugin shows strengths in its basic secure coding, the lack of comprehensive authorization checks and incomplete output escaping represent notable weaknesses that should be addressed to ensure a robust security posture.",[86,88,90],{"reason":87,"points":57},"No nonce checks found",{"reason":89,"points":57},"No capability checks found",{"reason":91,"points":14},"50% of outputs are not properly escaped","2026-03-16T21:45:18.763Z",{"wat":94,"direct":99},{"assetPaths":95,"generatorPatterns":96,"scriptPaths":97,"versionParams":98},[],[],[],[],{"cssClasses":100,"htmlComments":103,"htmlAttributes":104,"restEndpoints":105,"jsGlobals":106,"shortcodeOutput":107},[101,102],"note_content","note",[],[],[],[],[]]