[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fk3tIvIN1p2qWs52-RCfxTOBTkmD6bDo9pjB-eNvY0NI":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":17,"download_link":23,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":36,"analysis":37,"fingerprints":248},"date-price-calendar","Date Price Calendar for WooCommerce","1.0.0","Pektsekye","https:\u002F\u002Fprofiles.wordpress.org\u002Fpektsekye\u002F","\u003Cp>This plugin requires \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fproduct-options-for-woocommerce\u002F\" rel=\"ugc\">Simple Product Options for WooCommerce\u003C\u002Fa> plugin to display calendar as product option.\u003Cbr \u002F>\nIt is possible to modify this plugin to make it work with other “Product Options” plugins for WooCommerce that have a Text Field option.\u003C\u002Fp>\n\u003Cp>This plugin uses a Text Field product option to display a popup calendar for WooCommerce products.\u003Cbr \u002F>\nSo customer can select date as product option before adding the product to the shopping cart.\u003Cbr \u002F>\nThe store administrator can specify available date ranges on the edit product page.\u003Cbr \u002F>\nHe can set price for each date range or a single day and make the option required “mandatory” for selection.\u003Cbr \u002F>\nSo the customer will not be able to add the product the shopping cart without selecting a date.\u003Cbr \u002F>\nThe selected date is saved as product option. So it is displayed on the checkout pages and in the order complete emails.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Main Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Displays a popup calendar as product option.\u003C\u002Fli>\n\u003Cli>Set price for a date range or a single day.\u003C\u002Fli>\n\u003Cli>Make the date option mandatory for selection.\u003C\u002Fli>\n\u003Cli>Display the selected date on checkout, order info pages and in the order emails.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Main Limitations:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Requires another plugin to display the calendar as product option.\u003C\u002Fli>\n\u003Cli>Can add just one calendar per product.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can check a demo page here:\u003Cbr \u002F>\n\u003Cstrong>\u003Ca href=\"http:\u002F\u002Fhottons.com\u002Fdemo\u002Fwp\u002Fodp\u002Fproduct\u002Fdayton-dt30d\u002F\" rel=\"nofollow ugc\">DEMO Page\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>You can read the installation instructions here:\u003Cbr \u002F>\n\u003Cstrong>\u003Ca href=\"http:\u002F\u002Fhottons.com\u002Fdemo\u002Fwp\u002Fodp\u002FREADME.html\" rel=\"nofollow ugc\">README\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Simple Code Idea:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The idea of this plugin is to keep the base version as simple as possible.\u003Cbr \u002F>\nAnd to add the new features as modifications.\u003C\u002Fp>\n\u003Cp>This plugin has just 35 files to make it easy to use and customize. If you need more features check the modifications page \u003Ca href=\"http:\u002F\u002Fhottons.com\u002Fodp_modifications\" rel=\"nofollow ugc\">hottons.com\u002Fodp_modifications\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Contact me by email \u003Ca href=\"mailto:pektsekye@gmail.com\" rel=\"nofollow ugc\">pektsekye@gmail.com\u003C\u002Fa> if you have questions or need help.\u003C\u002Fp>\n\u003Ch3>Other plugins\u003C\u002Fh3>\n\u003Ch4>If you like this plugin check also:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fhottons.com\u002Fwp-ofr.html\" rel=\"nofollow ugc\">Fixed Range Calendar\u003C\u002Fa> (PAID)\u003Cbr \u002F>\nTo select range of days. To put something up for rent like dresses.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fhottons.com\u002Fwp-ocl.html\" rel=\"nofollow ugc\">Time Slots Calendar\u003C\u002Fa> (PAID)\u003Cbr \u002F>\nTo select time slots. Customer can select available time slot for a certain date.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Translators\u003C\u002Fh3>\n\u003Ch4>Available Languages\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>English (Default)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Documentation\u003C\u002Fh3>\n\u003Cp>Full documentation is available \u003Ca href=\"http:\u002F\u002Fhottons.com\u002Fdemo\u002Fwp\u002Fodp\u002FREADME.html\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n","It displays a jQuery popup calendar as product option on the front-end product page.",70,2625,0,"2025-11-09T09:12:00.000Z","6.8.5","4.7","",[19,20,21,22],"available-date-ranges","calendar-product-option","date-product-option","price-per-date","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdate-price-calendar.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":32,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"pektsekye",14,6390,98,8,93,"2026-04-05T03:02:55.798Z",[],{"attackSurface":38,"codeSignals":102,"taintFlows":203,"riskAssessment":238,"analyzedAt":247},{"hooks":39,"ajaxHandlers":98,"restRoutes":99,"shortcodes":100,"cronEvents":101,"entryPointCount":13,"unprotectedCount":13},[40,47,53,57,61,64,69,73,77,83,87,91,95],{"type":41,"name":42,"callback":43,"priority":44,"file":45,"line":46},"action","admin_enqueue_scripts","enqueue_admin_scripts",15,"Controller\\Adminhtml\\Product.php",9,{"type":48,"name":49,"callback":50,"priority":51,"file":45,"line":52},"filter","woocommerce_product_data_tabs","add_product_tab",99,11,{"type":41,"name":54,"callback":55,"file":45,"line":56},"woocommerce_product_data_panels","add_tab_fields",12,{"type":41,"name":58,"callback":59,"file":60,"line":33},"wp_enqueue_scripts","enqueue_frontend_scripts","Controller\\Product.php",{"type":41,"name":62,"callback":63,"priority":52,"file":60,"line":46},"woocommerce_before_add_to_cart_button","display_options_on_product_page",{"type":41,"name":65,"callback":66,"priority":11,"file":67,"line":68},"admin_menu","set_admin_menu","date-price-calendar.php",62,{"type":41,"name":70,"callback":71,"file":67,"line":72},"init","execute",78,{"type":41,"name":74,"callback":75,"file":67,"line":76},"before_woocommerce_init","closure",129,{"type":41,"name":78,"callback":79,"priority":80,"file":81,"line":82},"woocommerce_add_to_cart_validation","validate_selected_options",10,"Model\\Observer.php",27,{"type":41,"name":84,"callback":85,"priority":80,"file":81,"line":86},"woocommerce_add_cart_item_data","save_selected_options",28,{"type":41,"name":88,"callback":89,"priority":52,"file":81,"line":90},"woocommerce_before_calculate_totals","add_option_price_on_checkout",29,{"type":41,"name":92,"callback":93,"file":81,"line":94},"woocommerce_process_product_meta","save_product_calendar",30,{"type":41,"name":96,"callback":96,"file":81,"line":97},"delete_post",31,[],[],[],[],{"dangerousFunctions":103,"sqlUsage":104,"outputEscaping":126,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":201,"bundledLibraries":202},[],{"prepared":105,"raw":80,"locations":106},4,[107,110,112,114,116,118,119,121,123,125],{"file":108,"line":90,"context":109},"Model\\Product.php","$wpdb->query() with variable interpolation",{"file":108,"line":111,"context":109},37,{"file":108,"line":113,"context":109},39,{"file":108,"line":115,"context":109},54,{"file":117,"line":111,"context":109},"Model\\Range.php",{"file":117,"line":113,"context":109},{"file":117,"line":120,"context":109},42,{"file":117,"line":122,"context":109},86,{"file":124,"line":33,"context":109},"uninstall.php",{"file":124,"line":46,"context":109},{"escaped":56,"rawEcho":115,"locations":127},[128,131,133,136,137,139,141,143,145,146,147,148,149,151,152,154,155,157,158,160,162,164,166,169,170,171,172,173,174,175,176,177,178,179,180,181,182,183,184,185,186,187,188,189,190,191,192,193,194,195,196,197,198,199],{"file":129,"line":105,"context":130},"view\\adminhtml\\templates\\odp\\settings.php","raw output",{"file":129,"line":132,"context":130},22,{"file":134,"line":135,"context":130},"view\\adminhtml\\templates\\product\\edit\\tab\\optioncalendar.php",6,{"file":134,"line":33,"context":130},{"file":134,"line":138,"context":130},13,{"file":134,"line":140,"context":130},19,{"file":134,"line":142,"context":130},20,{"file":134,"line":144,"context":130},21,{"file":134,"line":94,"context":130},{"file":134,"line":94,"context":130},{"file":134,"line":97,"context":130},{"file":134,"line":97,"context":130},{"file":134,"line":150,"context":130},32,{"file":134,"line":150,"context":130},{"file":134,"line":153,"context":130},34,{"file":134,"line":153,"context":130},{"file":134,"line":156,"context":130},35,{"file":134,"line":156,"context":130},{"file":134,"line":159,"context":130},36,{"file":134,"line":161,"context":130},41,{"file":134,"line":163,"context":130},49,{"file":134,"line":165,"context":130},50,{"file":167,"line":168,"context":130},"view\\frontend\\templates\\product\\optioncalendar.php",7,{"file":167,"line":33,"context":130},{"file":167,"line":46,"context":130},{"file":167,"line":80,"context":130},{"file":167,"line":52,"context":130},{"file":167,"line":52,"context":130},{"file":167,"line":52,"context":130},{"file":167,"line":52,"context":130},{"file":167,"line":52,"context":130},{"file":167,"line":52,"context":130},{"file":167,"line":52,"context":130},{"file":167,"line":52,"context":130},{"file":167,"line":52,"context":130},{"file":167,"line":52,"context":130},{"file":167,"line":52,"context":130},{"file":167,"line":52,"context":130},{"file":167,"line":56,"context":130},{"file":167,"line":56,"context":130},{"file":167,"line":56,"context":130},{"file":167,"line":56,"context":130},{"file":167,"line":56,"context":130},{"file":167,"line":56,"context":130},{"file":167,"line":56,"context":130},{"file":167,"line":138,"context":130},{"file":167,"line":138,"context":130},{"file":167,"line":138,"context":130},{"file":167,"line":138,"context":130},{"file":167,"line":138,"context":130},{"file":167,"line":138,"context":130},{"file":167,"line":138,"context":130},{"file":167,"line":30,"context":130},{"file":167,"line":200,"context":130},17,1,[],[204,228],{"entryPoint":205,"graph":206,"unsanitizedCount":201,"severity":227},"execute (Controller\\Adminhtml\\Odp\\Settings.php:16)",{"nodes":207,"edges":223},[208,213,217],{"id":209,"type":210,"label":211,"file":212,"line":132},"n0","source","$_POST['date_format']","Controller\\Adminhtml\\Odp\\Settings.php",{"id":214,"type":215,"label":216,"file":212,"line":132},"n1","transform","→ saveDateformat()",{"id":218,"type":219,"label":220,"file":221,"line":115,"wp_function":222},"n2","sink","update_option() [Settings Manipulation]","Model\\Dateformat.php","update_option",[224,226],{"from":209,"to":214,"sanitized":225},false,{"from":214,"to":218,"sanitized":225},"low",{"entryPoint":229,"graph":230,"unsanitizedCount":201,"severity":227},"\u003CSettings> (Controller\\Adminhtml\\Odp\\Settings.php:0)",{"nodes":231,"edges":235},[232,233,234],{"id":209,"type":210,"label":211,"file":212,"line":132},{"id":214,"type":215,"label":216,"file":212,"line":132},{"id":218,"type":219,"label":220,"file":221,"line":115,"wp_function":222},[236,237],{"from":209,"to":214,"sanitized":225},{"from":214,"to":218,"sanitized":225},{"summary":239,"deductions":240},"The \"date-price-calendar\" plugin version 1.0.0 presents a mixed security posture.  On the positive side, it boasts zero known CVEs and no direct attack surface through shortcodes, AJAX, or REST API routes without authentication.  The absence of file operations and external HTTP requests further reduces potential attack vectors. However, significant concerns arise from the code analysis. A low percentage of SQL queries are properly prepared, indicating a potential for SQL injection vulnerabilities.  Furthermore, the output escaping is alarmingly low, with only 18% of outputs properly escaped, raising risks of Cross-Site Scripting (XSS) attacks.  The taint analysis, while limited, shows flows with unsanitized paths, which, coupled with the low output escaping, could be exploited if a path is ever introduced through other means.\n\nThe vulnerability history is positive, with no recorded CVEs. This could indicate a well-developed and secure plugin, or it could be due to its limited adoption or a lack of comprehensive security audits.  The strengths lie in its lack of obvious entry points and a clean vulnerability history. The weaknesses are concentrated in the potential for SQL injection due to unprepared queries and XSS due to insufficient output escaping.  While the current attack surface appears minimal, the identified code-level weaknesses represent significant risks if any of these code paths become exposed or if malicious input is processed without proper sanitization and escaping.",[241,243,245],{"reason":242,"points":33},"Low percentage of prepared SQL statements",{"reason":244,"points":168},"Low percentage of properly escaped output",{"reason":246,"points":135},"Taint analysis shows unsanitized paths","2026-03-16T21:33:47.003Z",{"wat":249,"direct":264},{"assetPaths":250,"generatorPatterns":256,"scriptPaths":257,"versionParams":258},[251,252,253,254,255],"\u002Fwp-content\u002Fplugins\u002Fdate-price-calendar\u002Fview\u002Fadminhtml\u002Fweb\u002Fproduct\u002Fedit\u002Fmain.js","\u002Fwp-content\u002Fplugins\u002Fdate-price-calendar\u002Fview\u002Fadminhtml\u002Fweb\u002Fproduct\u002Fedit\u002Fmain.css","\u002Fwp-content\u002Fplugins\u002Fdate-price-calendar\u002Fview\u002Ffrontend\u002Fweb\u002Fmain.js","\u002Fwp-content\u002Fplugins\u002Fdate-price-calendar\u002Fview\u002Ffrontend\u002Fweb\u002Fmain.css","\u002Fwp-content\u002Fplugins\u002Fdate-price-calendar\u002Fview\u002Ffrontend\u002Fweb\u002Fodp-ui-datepicker.css",[],[251,253],[259,260,261,262,263],"date-price-calendar\u002Fview\u002Fadminhtml\u002Fweb\u002Fproduct\u002Fedit\u002Fmain.js?ver=","date-price-calendar\u002Fview\u002Fadminhtml\u002Fweb\u002Fproduct\u002Fedit\u002Fmain.css?ver=","date-price-calendar\u002Fview\u002Ffrontend\u002Fweb\u002Fmain.js?ver=","date-price-calendar\u002Fview\u002Ffrontend\u002Fweb\u002Fmain.css?ver=","date-price-calendar\u002Fview\u002Ffrontend\u002Fweb\u002Fodp-ui-datepicker.css?ver=",{"cssClasses":265,"htmlComments":268,"htmlAttributes":269,"restEndpoints":272,"jsGlobals":273,"shortcodeOutput":275},[266,267],"odp_product_data","odp-calendar-wrapper",[],[270,271],"data-product_id","data-odp_options",[],[274],"odp_product_view_params",[]]