[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fzvcipUYQ-KYkEAh04KasY3J14m7qfBJBrssWnWOoIg4":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":34,"analysis":126,"fingerprints":175},"donation-qr-block","Donation QR Block","1.0.1","remotedots","https:\u002F\u002Fprofiles.wordpress.org\u002Fremotedots\u002F","\u003Cp>Donation QR Block adds a Gutenberg block that displays an EPC\u002FGiroCode QR code for accepting SEPA bank donations. When scanned with a banking app, the QR code pre-fills all transfer details (recipient, IBAN, BIC, reference) – making it easy for supporters to donate.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Native Gutenberg block\u003C\u002Fstrong> – No shortcodes, works seamlessly with the block editor\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Live preview\u003C\u002Fstrong> – QR code updates in real-time as you edit bank details\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Fully customizable\u003C\u002Fstrong> – Edit recipient name, bank, IBAN, BIC, amount, and payment reference\u003C\u002Fli>\n\u003Cli>\u003Cstrong>No external services\u003C\u002Fstrong> – QR codes are generated locally, your bank details never leave your server\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy-friendly\u003C\u002Fstrong> – No tracking, no API calls, no external dependencies\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customizable appearance\u003C\u002Fstrong> – Change background color to match your theme\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Graceful fallback\u003C\u002Fstrong> – Shows bank details even if QR generation is unavailable\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>What is an EPC QR Code?\u003C\u002Fh4>\n\u003Cp>The EPC QR code (European Payments Council Quick Response Code) is a standard for encoding SEPA credit transfer data. In Germany, it’s known as “GiroCode”. When scanned with a compatible banking app, it automatically fills in all payment details, reducing errors and making donations effortless.\u003C\u002Fp>\n\u003Cp>Supported in 36 SEPA countries including: Germany, Austria, Belgium, Netherlands, France, Spain, Italy, and more.\u003C\u002Fp>\n\u003Ch4>Use Cases\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Non-profit organizations accepting donations\u003C\u002Fli>\n\u003Cli>Churches and religious organizations\u003C\u002Fli>\n\u003Cli>Sports clubs and associations\u003C\u002Fli>\n\u003Cli>Crowdfunding campaigns\u003C\u002Fli>\n\u003Cli>Event organizers collecting fees\u003C\u002Fli>\n\u003Cli>Any organization accepting SEPA bank transfers\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Source Code & Development\u003C\u002Fh3>\n\u003Cp>The full source code for this plugin is available on GitHub:\u003Cbr \u002F>\nhttps:\u002F\u002Fgithub.com\u002Fremotedots\u002Fdonation-qr-block\u003C\u002Fp>\n\u003Cp>The \u003Ccode>\u002Fbuild\u003C\u002Fcode> directory contains compiled JavaScript and CSS assets generated from source files in the \u003Ccode>\u002Fsrc\u003C\u002Fcode> directory using \u003Ccode>@wordpress\u002Fscripts\u003C\u002Fcode>.\u003C\u002Fp>\n\u003Ch4>Building from Source\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Clone the repository: \u003Ccode>git clone https:\u002F\u002Fgithub.com\u002Fremotedots\u002Fdonation-qr-block.git\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Install dependencies: \u003Ccode>npm install\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Build assets: \u003Ccode>npm run build\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Install PHP dependencies: \u003Ccode>composer install --no-dev\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Source Files\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ccode>\u002Fsrc\u002Findex.js\u003C\u002Fcode> – Block registration\u003C\u002Fli>\n\u003Cli>\u003Ccode>\u002Fsrc\u002Fedit.js\u003C\u002Fcode> – Editor component (React)\u003C\u002Fli>\n\u003Cli>\u003Ccode>\u002Fsrc\u002Feditor.scss\u003C\u002Fcode> – Editor styles\u003C\u002Fli>\n\u003Cli>\u003Ccode>\u002Fsrc\u002Fstyle.scss\u003C\u002Fcode> – Frontend styles\u003C\u002Fli>\n\u003Cli>\u003Ccode>\u002Fsrc\u002Fblock.json\u003C\u002Fcode> – Block metadata\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Privacy Policy\u003C\u002Fh3>\n\u003Cp>This plugin does not collect, store, or transmit any personal data. All QR code generation happens locally on your server and in users’ browsers. No external API calls are made.\u003C\u002Fp>\n\u003Ch3>Disclaimer\u003C\u002Fh3>\n\u003Cp>This plugin is provided as-is without any warranty. The author is not responsible for any financial losses, incorrect transfers, or other damages resulting from the use of this plugin. Users are solely responsible for verifying that all bank details (IBAN, BIC, recipient name, amount) are correct before publishing. Always test QR codes with your banking app before making them publicly available.\u003C\u002Fp>\n","Display an EPC\u002FGiroCode QR code for SEPA bank donations. Scannable by banking apps to pre-fill transfer details.",0,147,"2026-02-24T10:02:00.000Z","6.9.4","6.0","8.1",[18,19,20,21,22],"bank-transfer","donation","girocode","qr-code","sepa","https:\u002F\u002Fgithub.com\u002Fremotedots\u002Fdonation-qr-block","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdonation-qr-block.1.0.1.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},1,30,94,"2026-04-04T01:10:33.360Z",[35,54,72,91,110],{"slug":20,"name":36,"version":37,"author":38,"author_profile":39,"description":40,"short_description":41,"active_installs":42,"downloaded":43,"rating":11,"num_ratings":11,"last_updated":44,"tested_up_to":45,"requires_at_least":46,"requires_php":47,"tags":48,"homepage":51,"download_link":52,"security_score":53,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"GiroCode","1.0.6","documentid","https:\u002F\u002Fprofiles.wordpress.org\u002Fdocumentid\u002F","\u003Cp>This plugin displays GiroCodes for easy bank transfers. A GiroCode is a QR code with data for a transfer which can be scanned into a banking app.\u003C\u002Fp>\n\u003Cp>GiroCode is a European standard for transfers in the SEPA (Single Euro Payments Area) currently covering 36 countries and territories.\u003C\u002Fp>\n\u003Cp>Shortcode examples:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[girocode beneficiary=\"Deutsches Rotes Kreuz e. V.\" iban=\"DE63370205000005023307\" amount=\"10.00\" purpose=\"Internationale Soforthilfe\"]\n[girocode beneficiary=\"Deutsches Rotes Kreuz e. V.\" iban=\"DE63370205000005023307\" amount=\"10.00\" purpose=\"Internationale Soforthilfe\" type=\"CHAR\"]\n[girocode beneficiary=\"Deutsches Rotes Kreuz e. V.\" iban=\"DE63370205000005023307\" amount=\"10.00\" purpose=\"Internationale Soforthilfe\" size=\"100\"]\n[girocode beneficiary=\"Deutsches Rotes Kreuz e. V.\" IBAN=\"DE63370205000005023307\" amount=\"1.00\" purpose=\"Internationale Soforthilfe\" size=\"200\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>The amount is specified in Euro, standard size is 150.\u003C\u002Fp>\n\u003Cp>For a charity donation, type “CHAR” should be specified, marking the transfer as a such in the banking data.\u003C\u002Fp>\n\u003Ch3>Use of External Services\u003C\u002Fh3>\n\u003Cp>This plugin uses the external service \u003Ca href=\"https:\u002F\u002Fdocumentid.net\u002Fgirocode\" rel=\"nofollow ugc\">documentid.net\u002Fgirocode\u003C\u002Fa>.\u003Cbr \u002F>\nThe \u003Ca href=\"https:\u002F\u002Fdocumentid.net\u002Fterms-of-service\u002Fgirocode\" rel=\"nofollow ugc\">Terms of Service\u003C\u002Fa> also include information on how your data is handled.\u003C\u002Fp>\n","This plugin displays GiroCodes for easy bank transfers. A GiroCode is a QR code with data for a transfer which can be scanned into a banking app.",20,2385,"2024-11-03T16:58:00.000Z","6.6.5","4.7","7.0",[49,50,20,21,22],"banking","epc-qr-code","https:\u002F\u002Fdocumentid.net\u002Fgirocode","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgirocode.1.0.7.zip",92,{"slug":55,"name":55,"version":56,"author":57,"author_profile":58,"description":59,"short_description":60,"active_installs":11,"downloaded":61,"rating":11,"num_ratings":11,"last_updated":62,"tested_up_to":63,"requires_at_least":64,"requires_php":65,"tags":66,"homepage":69,"download_link":70,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":71},"scan2payme","1.0.4","awaldherr","https:\u002F\u002Fprofiles.wordpress.org\u002Fawaldherr\u002F","\u003Cp>This plugin generates QR-Codes containing the banking details of your shop and displays them in the WooCommerce order status page. Your customers can scan this code with their banking app to initiate a SEPA bank transfer without typing.\u003C\u002Fp>\n\u003Ch3>European Payment Council (EPC) QR-Code\u003C\u002Fh3>\n\u003Cp>More information on the EPC QR-Code: \u003Ca href=\"https:\u002F\u002Fwww.europeanpaymentscouncil.eu\u002Fdocument-library\u002Fguidance-documents\u002Fstandardisation-qr-codes-mscts\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.europeanpaymentscouncil.eu\u002Fdocument-library\u002Fguidance-documents\u002Fstandardisation-qr-codes-mscts\u003C\u002Fa>\u003C\u002Fp>\n","Plugin for displaying payment QR-Codes in WooCommerce order pages.",1263,"","6.7.5","6.4","8.0",[18,20,67,21,68],"payment","woocommerce","https:\u002F\u002Fgithub.com\u002Fawaldherr\u002Fscan2payme","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fscan2payme.1.0.5.zip","2026-03-15T10:48:56.248Z",{"slug":73,"name":74,"version":75,"author":76,"author_profile":77,"description":78,"short_description":79,"active_installs":80,"downloaded":81,"rating":25,"num_ratings":82,"last_updated":13,"tested_up_to":14,"requires_at_least":83,"requires_php":84,"tags":85,"homepage":62,"download_link":88,"security_score":89,"vuln_count":30,"unpatched_count":11,"last_vuln_date":90,"fetched_at":27},"checkout-gateway-iris","Checkout Gateway for IRIS","1.5","vgdevsolutions","https:\u002F\u002Fprofiles.wordpress.org\u002Fvgdevsolutions\u002F","\u003Cp>\u003Cstrong>Checkout Gateway for IRIS\u003C\u002Fstrong> allows store owners to accept direct IRIS payments through WooCommerce. After the customer places an order, it is set to “on hold” until the payment is manually verified.\u003C\u002Fp>\n\u003Cp>This is ideal for Greek businesses using IRIS payments and bank transfers, allowing them to present payment instructions, QR code, VAT number, and account holder info right at checkout.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>ℹ️ This plugin is developed by VGDEV and is \u003Cstrong>not affiliated with or endorsed by IRIS or any bank\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Adds a new payment method for IRIS at WooCommerce Checkout.\u003Cbr \u002F>\n* Displays bank details, reference instructions, and a QR code after order.\u003Cbr \u002F>\n* Fully customizable payment labels (e.g., VAT, account name).\u003Cbr \u002F>\n* Designed specifically for Greek market needs.\u003Cbr \u002F>\n* Compatible with latest WooCommerce and WordPress versions.\u003C\u002Fp>\n","Unofficial IRIS checkout payment gateway for WooCommerce. Accept payments via IRIS and manage order statuses efficiently.",1000,55491,2,"5.2","7.2",[18,86,87,21,68],"greek-payments","iris","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcheckout-gateway-iris.1.5.zip",99,"2026-02-05 00:00:00",{"slug":92,"name":93,"version":94,"author":95,"author_profile":96,"description":97,"short_description":98,"active_installs":99,"downloaded":100,"rating":25,"num_ratings":30,"last_updated":101,"tested_up_to":102,"requires_at_least":103,"requires_php":47,"tags":104,"homepage":107,"download_link":108,"security_score":109,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"mxp-sepa-qr-code-addon-for-woocommerce","SEPA QR-Code for Woocommerce (GDPR-compliant)","1.1.0","thedoctorcoernel","https:\u002F\u002Fprofiles.wordpress.org\u002Fthedoctorcoernel\u002F","\u003Cp>Adds a SEPA-QR Code for bank transfer payments (bacs) in the WooCommerce Thankyou page and Woocommerce emails. The QR-Code can be hooked into other plugins.\u003C\u002Fp>\n\u003Ch3>Before you start\u003C\u002Fh3>\n\u003Cp>The plugin comes as is and free. However a real person has put real work into it. So if you use it please do s.th. good. Use your efforts, your time for beneficial projects or whatever!\u003C\u002Fp>\n\u003Ch3>Prerequisite\u003C\u002Fh3>\n\u003Cp>php GD2 extension must be installed as the QR-Code generator by \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ffellwell5\u002Fbezahlcode\u002F\" rel=\"nofollow ugc\">fellwell15\u003C\u002Fa> requires this.\u003C\u002Fp>\n\u003Ch3>Hooking into other plugins\u003C\u002Fh3>\n\u003Cp>I use a plugin for \u003Ca href=\"https:\u002F\u002Fdocs.wpovernight.com\u002Fhome\u002Fwoocommerce-pdf-invoices-packing-slips\u002Fpdf-template-action-hooks\u002F\" rel=\"nofollow ugc\">PDF-invoices and packaging slips\u003C\u002Fa>.  Refer to this sample to hook the QR-Code into whatever you like:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u002Fwp-content\u002Fthemes\u002FYour(Child)Theme\u002Ffunctions.php\n\n\n\u002F* QR-Code in invoices *\u002F\nadd_action( 'wpo_wcpdf_after_order_details', 'wpo_wcpdf_qr_code', 10, 2 );\nfunction wpo_wcpdf_qr_code ($document_type, $order) {\n    require_once WP_PLUGIN_DIR . '\u002Fmxp-sepa-qr-code-addon-for-woocommerce\u002Fmuxp-sepaqr.php';\n    $muxp_order = wc_get_order( $order);\n    $order_id  = $order->get_id();\n    if ( !empty($muxp_order->get_total()) && (float)$order->get_total() > 0 ) {\n        echo '\u003Ch1>QR-Code for your online banking app\u003Ch1>';\n        echo '\u003Cimg class=\"muxp-bacs-qrcode\" src=\"' . esc_attr(muxp_get_qrcode($order->get_total(), $order_id)) . '\" alt=\"qr-code\">\u003C\u002Fp>';\n    } \n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>What happens in the backend:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>the QR code generator creates the QR-code locally. There is \u003Cstrong>no Google-API nor external server in use\u003C\u002Fstrong>!\u003C\u002Fli>\n\u003Cli>the QR code generator is from \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ffellwell5\u002Fbezahlcode\u002F\" rel=\"nofollow ugc\">fellwell15\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>plugin registers a get-parameter (configurable, default mxp_qr) for testing purposes and, if desired, to create links to the cached QR codes.\u003C\u002Fli>\n\u003Cli>the prefix mxp is used throghout the plugin to avoid collisions with other plugins and functions. mxp stands for www.musicalexperten.de (musical experts). Remember where you’ve seen it first! 😉\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Testing and troubleshooting\u003C\u002Fh3>\n\u003Ch3>Simple way\u003C\u002Fh3>\n\u003Cp>Install the plugin and order s.th. in your shop using BACS (direct bank transfer).\u003C\u002Fp>\n\u003Ch3>To test if the QR-Code generator is working\u003C\u002Fh3>\n\u003Cp>www.yourwebpage.de\u002F?mxp_qr=something  = creates a real QR with dummyvalues 11-11\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.musicalexperten.de\u002F?mxp_qr=something\" rel=\"nofollow ugc\">Working example\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>To find an existing cached QR-Code, query for a valid md5 string == If it does not exist in cache or transients, a sad smiley will appear.\u003C\u002Fh3>\n\u003Cp>www.yourwebpage.de\u002F?mxp_qr=351436ef4b279e1811a6c68a2dd58b1b\u003Cbr \u002F>\nresults in a sad smiley. \u003Ca href=\"https:\u002F\u002Fwww.musicalexperten.de\u002F?mxp_qr=351436ef4b279e1811a6c68a2dd58b1b\" rel=\"nofollow ugc\">Working example\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Remarks\u003C\u002Fh3>\n\u003Cp>Storing the QR code in cache or transients is only needed if you want to use a link instead of a picture inside the email. Details in the program code.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>The program has been written by a professional programmer – however fully free of charge and without detailed knowledge about WooCommerce. I try to assist you in the support forum or on GitHub the best I can but my knowledge is limited.\u003C\u002Fp>\n\u003Ch3>Full integration in Woocommerce\u003C\u002Fh3>\n\u003Cp>I am more then happy if someone integrates the code into the Woocommerce core! The topic is discussed here: https:\u002F\u002Fgithub.com\u002Fwoocommerce\u002Fwoocommerce\u002Fissues\u002F27661\u003C\u002Fp>\n","Adds a SEPA-QR Code for bank transfer payments (bacs) in the WooCommerce Thankyou page and Woocommerce emails. The QR-Code can be hooked into other pl &hellip;",200,3004,"2023-08-03T08:48:00.000Z","6.3.8","5.0",[105,67,21,106,68],"bacs","sepa-qr","https:\u002F\u002Fgithub.com\u002FCoernel82\u002FSEPA-QR-for-Woocommerce","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmxp-sepa-qr-code-addon-for-woocommerce.1.1.0.zip",85,{"slug":111,"name":112,"version":113,"author":114,"author_profile":115,"description":116,"short_description":117,"active_installs":25,"downloaded":118,"rating":11,"num_ratings":11,"last_updated":119,"tested_up_to":14,"requires_at_least":62,"requires_php":62,"tags":120,"homepage":124,"download_link":125,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"czech-qr-code-bank-transfer-payment-for-woocommerce","Czech QR Payments for WooCommerce","1.0.7","Miroslav Novák","https:\u002F\u002Fprofiles.wordpress.org\u002Fmirnovak\u002F","\u003Cp>Payment method for fast QR code bank payment from Czech banking mobile apps.\u003Cbr \u002F>\nConvenient bank transfer without having to type the account number data and just scanning the QR code in customer’s mobile banking app.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Displays the QR code on the order confirmation page\u003C\u002Fli>\n\u003Cli>Sets the bank transfer variable symbol as the order number\u003C\u002Fli>\n\u003Cli>Also sends email with the QR code to the client\u003C\u002Fli>\n\u003Cli>Besides the QR code it shows also the bank account number and the variable symbol for manual bank transfers\u003C\u002Fli>\n\u003Cli>Supports instant payments\u003C\u002Fli>\n\u003Cli>Supports Gutenberg checkout blocks as well as classic shortcodes layout\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>There are also premium plugins available:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.platiti.cz\u002Fen\u002FWooCommerce\u002FBankwireFio\" rel=\"nofollow ugc\">Automated payment pairing for FIO bank\u003C\u002Fa> – Works just like this QR code payment plugin, but also automatically marks orders as paid when incoming payments are detected via the Fio Bank API. Unlike the payment gateways, there are no transaction fees.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.platiti.cz\u002Fen\u002FWooCommerce\" rel=\"nofollow ugc\">Payment plugins for the payment gateways\u003C\u002Fa> – Comgate, ThePay, PayU, GP webpay, ČSOB, GoPay, CCBill, Barion, TrustPay, Twisto, SkipPay, HomeCredit, Essox, Cofidis, Cetelem\u003C\u002Fli>\n\u003C\u002Ful>\n","Payment method for fast QR code bank transfer payment from Czech banking mobile apps",1011,"2026-01-22T15:09:00.000Z",[18,121,122,21,123],"checkout-blocks","czech-bank","woocommerce-payment","https:\u002F\u002Fwww.platiti.cz\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fczech-qr-code-bank-transfer-payment-for-woocommerce.1.0.7.zip",{"attackSurface":127,"codeSignals":139,"taintFlows":162,"riskAssessment":163,"analyzedAt":174},{"hooks":128,"ajaxHandlers":135,"restRoutes":136,"shortcodes":137,"cronEvents":138,"entryPointCount":11,"unprotectedCount":11},[129],{"type":130,"name":131,"callback":132,"file":133,"line":134},"action","init","donation_qr_block_init","donation-qr-block.php",46,[],[],[],[],{"dangerousFunctions":140,"sqlUsage":141,"outputEscaping":143,"fileOperations":11,"externalRequests":11,"nonceChecks":11,"capabilityChecks":11,"bundledLibraries":161},[],{"prepared":11,"raw":11,"locations":142},[],{"escaped":144,"rawEcho":145,"locations":146},16,7,[147,150,152,154,156,157,159],{"file":133,"line":148,"context":149},69,"raw output",{"file":133,"line":151,"context":149},82,{"file":133,"line":153,"context":149},91,{"file":133,"line":155,"context":149},95,{"file":133,"line":89,"context":149},{"file":133,"line":158,"context":149},103,{"file":133,"line":160,"context":149},110,[],[],{"summary":164,"deductions":165},"The \"donation-qr-block\" plugin v1.0.1 demonstrates a strong security posture based on the provided static analysis. The absence of AJAX handlers, REST API routes, shortcodes, and cron events, particularly those without authentication or permission checks, significantly limits the attack surface.  Furthermore, the code signals indicate good practices such as the exclusive use of prepared statements for SQL queries and a substantial portion of output being properly escaped. The absence of dangerous functions, file operations, external HTTP requests, and the lack of recorded vulnerabilities further reinforce this positive assessment.  However, a notable concern is the complete absence of nonce checks and capability checks. While the current attack surface is minimal, if functionality were to be added in the future without these crucial security measures, it could introduce significant vulnerabilities. The 70% proper escaping on output, while good, also implies that 30% of outputs are not escaped, which could lead to cross-site scripting (XSS) vulnerabilities if the unescaped data is user-controlled or originates from an untrusted source.  Overall, the plugin is currently very secure due to its limited functionality, but future development should prioritize implementing nonce and capability checks to maintain this security.",[166,169,171],{"reason":167,"points":168},"No nonce checks implemented",10,{"reason":170,"points":168},"No capability checks implemented",{"reason":172,"points":173},"30% of outputs not properly escaped",6,"2026-03-17T07:00:25.732Z",{"wat":176,"direct":185},{"assetPaths":177,"generatorPatterns":180,"scriptPaths":181,"versionParams":182},[178,179],"\u002Fwp-content\u002Fplugins\u002Fdonation-qr-block\u002Fbuild\u002Findex.js","\u002Fwp-content\u002Fplugins\u002Fdonation-qr-block\u002Fbuild\u002Fstyle-index.css",[],[178],[183,184],"donation-qr-block\u002Fbuild\u002Findex.js?ver=","donation-qr-block\u002Fbuild\u002Fstyle-index.css?ver=",{"cssClasses":186,"htmlComments":194,"htmlAttributes":195,"restEndpoints":197,"jsGlobals":198,"shortcodeOutput":199},[4,187,188,189,190,191,192,193],"donation-qr-block__inner","donation-qr-block__title","donation-qr-block__description","donation-qr-block__qr-wrapper","donation-qr-block__details","donation-qr-block__detail","donation-qr-block__hint",[],[196],"data-block-name=\"donation-qr-block\u002Fdonation-qr-block\"",[],[],[200,201,202,203,204,205,206,207,208,209,210],"\u003Csection class=\"donation-qr-block\">","\u003Cdiv class=\"donation-qr-block__inner\"","\u003Ch2 class=\"donation-qr-block__title\">","\u003Cp class=\"donation-qr-block__description\">","\u003Cdiv class=\"donation-qr-block__qr-wrapper\">","\u003Cimg src=","\u003Cdl class=\"donation-qr-block__details\">","\u003Cdiv class=\"donation-qr-block__detail\">","\u003Cdt>","\u003Cdd>","\u003Cp class=\"donation-qr-block__hint\">"]