[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$futoTAzRO_g_GPqZnTmpgN6TfLpf1Qf9z17rJmhdS_so":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":62,"crawl_stats":38,"alternatives":67,"analysis":154,"fingerprints":203},"donorbox-donation-form","Donorbox – Free Recurring Donation Plugin and Fundraising Platform","7.1.12","rebelidealist","https:\u002F\u002Fprofiles.wordpress.org\u002Frebelidealist\u002F","\u003Cp>Donorbox is a powerful and secure donation management plugin for WordPress. We are the only donation plugin for WordPress that offers a fast feature-filled solution so anyone can raise funds. If you’re looking for the best WordPress donation plugins that can substantially boost donor conversion and online donations, here’s where your search ends.\u003C\u002Fp>\n\u003Ch3>WHY USE DONORBOX\u003C\u002Fh3>\n\u003Cp>The Donorbox free plugin for WordPress will provide you with everything you need to embed a Donorbox donation form into your website. This free WordPress donation plugin will increase your donor conversion rates and recurring donations. We will generate all the embedding code for you.\u003C\u002Fp>\n\u003Cp>Collect donations online with the best WordPress donation plugin now to take your fundraising to the next level. Here’s why you should be using Donorbox for accepting payments.\u003C\u002Fp>\n\u003Ch3>Fully Customizable Donation Forms\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Donorbox forms can be ready to deploy in 15 minutes and are even faster to fill in.\u003C\u002Fli>\n\u003Cli>You can embed the form or use it as a pop-up donation form to accept donations.\u003C\u002Fli>\n\u003Cli>Brand your fundraising campaign page with your own color scheme, styling, and logo.\u003C\u002Fli>\n\u003Cli>Create custom input fields to make your forms quick to complete. You can easily collect necessary info from donors.\u003C\u002Fli>\n\u003Cli>Insert custom donation amounts for donors to select by clicking or allow them to specify their own amount.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Easy Fundraising\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Donorbox accepts multiple currencies via Stripe, PayPal, Apple Pay, Venmo, and Google Pay. ACH payments and direct debit payments are also accepted. It’s a quick and easy checkout process.\u003C\u002Fli>\n\u003Cli>Collect donations and double them with our seamless employer donation matching feature.\u003C\u002Fli>\n\u003Cli>Our custom donation forms are localized in English, Spanish, French, German, Italian, and Portuguese. You can set this manually or let it auto-detect.\u003C\u002Fli>\n\u003Cli>Other than this free WordPress plugin, Donorbox also offers Peer-to-Peer fundraising, Crowdfunding, Text-to-Give, Events, Memberships, and \u003Ca href=\"https:\u002F\u002Fdonorbox.org\u002Ffeatures\" rel=\"nofollow ugc\">more\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Share the Cause\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Embed our donation forms into your website. Or set a Donate button in your web pages and emails to deploy them as pop-ups.\u003C\u002Fli>\n\u003Cli>Accept donations from desktops, mobile phones, and tablets.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Automated Actions\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Monthly recurring donations are easily set up with 1 click.\u003C\u002Fli>\n\u003Cli>Every donation triggers an automatic personalized receipt email that you only need to set up once.\u003C\u002Fli>\n\u003Cli>Our payment gateways, Stripe and PayPal, ensure a swift donation process. Most nonprofits have a PayPal account set up, so it should be easier for them to get started.\u003C\u002Fli>\n\u003Cli>After successful donations, donor records get created on your Donorbox account for easy donor management.\u003C\u002Fli>\n\u003Cli>Recurring donors get donor login details to manage their own details.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Donation Management\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Manage all donations right from the dashboard. Resend receipts, update donations even after they’ve been made, and refund donations, if needed.\u003C\u002Fli>\n\u003Cli>Export donation details as a CSV file, for any time period you want. Think tax season or financial year-end reporting.\u003C\u002Fli>\n\u003Cli>Add offline donations, like cash or checks, to your campaign so your records are accurate.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Optional Integrations\u003C\u002Fh3>\n\u003Cp>Donorbox also offers these optional integrations to add even more awesome features to your fundraising campaign:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>MailChimp: One of the world’s leading email marketing services.\u003C\u002Fli>\n\u003Cli>Employer Gift Matching: Raise double the donations\u003C\u002Fli>\n\u003Cli>Salesforce NPSP 3 Integration: A complete \u003Ca href=\"https:\u002F\u002Fdonorbox.org\u002Fdonor-management\" rel=\"nofollow ugc\">donor management solution\u003C\u002Fa> to easily analyze your donor data and maintain positive relationships.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Security\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Donorbox is fully PCI compliant and our data is protected by SSL\u002FTLS technology.\u003C\u002Fli>\n\u003Cli>All credit card information is encrypted, tokenized, and stored securely by our payment gateway, Stripe. Payments are processed through Stripe and PayPal. We chose these payment gateways because they operate on the most stringent security protocols and are highly regarded for their data protection standards.\u003C\u002Fli>\n\u003Cli>We do not share client or donation information with any third party.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>QUICK INSTALLATION GUIDE – How to Install Donorbox WordPress Donation Plugin\u003C\u002Fh3>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F7tiU_QscluM?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch3>How To Embed Donorbox Donation Forms in your WordPress website\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>To begin, go to your WordPress dashboard, find the “Plugins” tab on the left-hand sidebar and click “Add New”.\u003C\u002Fli>\n\u003Cli>In the WordPress plugin search bar, type “Donorbox” and press enter.\u003C\u002Fli>\n\u003Cli>Once you have found the Donorbox WordPress donation plugin, click “Install Now”.\u003C\u002Fli>\n\u003Cli>Once the plugin has been installed, click to activate it.\u003C\u002Fli>\n\u003Cli>Now, go to Donorbox.org. Click on \u003Ca href=\"https:\u002F\u002Fdonorbox.org\u002Forgs\u002Fnew\" rel=\"nofollow ugc\">https:\u002F\u002Fdonorbox.org\u002Forgs\u002Fnew\u003C\u002Fa> and follow the easy instructions to register an Organisation account.\u003C\u002Fli>\n\u003Cli>Create a campaign form with our easy-to-use form builder.\u003C\u002Fli>\n\u003Cli>In your Donorbox dashboard, find the campaign you wish to embed on your WordPress website using the \u003Ca href=\"https:\u002F\u002Fdonorbox.org\u002Fwordpress-donation-plugin\" rel=\"nofollow ugc\">WordPress donation plugin\u003C\u002Fa> and copy the link to the secure donation page.\u003C\u002Fli>\n\u003Cli>Head back to your WordPress dashboard and, in the left-hand sidebar, click on “Settings” and then “Donorbox”.\u003C\u002Fli>\n\u003Cli>Paste your campaign URL into the appropriate textbox and click “Save Changes”.\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Go back to your WordPress page text editor (not the visual editor) of the donation page that you want to edit. Type in one of the following shortcodes to embed the donation form in your WordPress website using the donation plugin:\u003C\u002Fp>\n\u003Cp>[donate]\u003Cbr \u002F>\n[donate url=”nonprofitcampaign”]\u003Cbr \u002F>\n[donate url=”https:\u002F\u002Fdonorbox.org\u002Fnonprofitcampaign”]\u003Cbr \u002F>\n[donate-with-info]\u003Cbr \u002F>\n[donate-with-info url=”nonprofitcampaign”]\u003Cbr \u002F>\n[donate-with-info url=”https:\u002F\u002Fdonorbox.org\u002Fnonprofitcampaign”]\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Publish your post and wait for your WordPress donations to come in!\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you still need help getting your form embedded, please see this guide: \u003Ca href=\"https:\u002F\u002Fdonorbox.org\u002Fnonprofit-blog\u002Fhow-to-embed-donation-form-using-wordpress-plugin\" rel=\"nofollow ugc\">how to embed donation form using the Donorbox WordPress donation plugin\u003C\u002Fa> or you can contact us at support@donorbox.org. We would love to help get you going.\u003C\u002Fp>\n\u003Ch3>WHO USES DONORBOX\u003C\u002Fh3>\n\u003Cp>Donorbox helps over 50,000 nonprofit organizations from 40 countries accept donations for various causes. Universities, animal rescues, political campaigns, research, the possibilities are endless.\u003C\u002Fp>\n\u003Cp>Our forms are not restricted to any industry or genre. That means anyone can create a Donorbox form. Whether you’re an individual hoping to make a difference or a multinational organization looking to raise funds, Donorbox can be the best WordPress donation plugin for you.\u003C\u002Fp>\n\u003Ch3>HERE’S WHAT OUR CUSTOMERS SAY ABOUT US\u003C\u002Fh3>\n\u003Cp>\u003Cem>“Let’s Encrypt uses DonorBox because it is a convenient way for our supporters to contribute to our mission via credit card and it is affordable for us as a nonprofit. Donorbox has helped us increase the contributions we receive.”\u003C\u002Fem>\u003Cbr \u002F>\n\u003Cstrong>Sarah Gran\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Cstrong>Director of Communications at Let’s Encrypt\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>“Before using Donorbox we were constantly having problems with our online donation processing. Donors contacted us monthly having problems setting up their gifts. Since transitioning to Donorbox we have not had a single donor contact us saying they were having trouble setting up a gift. In fact, we’ve had several donors tell us how easy the new process is. The Donorbox team has been extremely responsive when we need help and have already implemented suggestions for future features. I have no hesitations recommending Donorbox to you.”\u003C\u002Fem>\u003Cbr \u002F>\n\u003Cstrong>Brandon Jernigan\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Cstrong>Grad Resources\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>“We needed a straightforward solution to handle donations on our website and have them sync across to Salesforce. Enter Donorbox – a simple, easy to use and customisable donation solution with Salesforce integration. Set up was as simple as creating an account (and donation campaign), adding a plugin to our WordPress site and configuring the connection to Salesforce. Donorbox handles the rest. Support is always prompt to respond and provide helpful answers to our questions and queries. If you’re after a donation system for your website then we’d recommend you give Donorbox a go.”\u003C\u002Fem>\u003Cbr \u002F>\n\u003Cstrong>Peter Sillar\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Cstrong>Logosdor\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>DONORBOX FEES AND COMMISSION\u003C\u002Fh3>\n\u003Cp>Donorbox fees are the lowest of other funding platforms around. Donorbox is free to start and charges a small platform fee of 1.5% for the month’s donations. We charge no setup fee.\u003C\u002Fp>\n\u003Cp>Check out our \u003Ca href=\"https:\u002F\u002Fdonorbox.org\u002Fpricing\" rel=\"nofollow ugc\">pricing guide\u003C\u002Fa> for details of what your payment processing and Donorbox fees may look like.\u003C\u002Fp>\n\u003Cp>Additionally, Stripe and PayPal merchant accounts charge 2.9% + $0.30 for credit card processing. These rates can be reduced for registered nonprofits by simply letting them know.\u003C\u002Fp>\n\u003Cp>To get the nonprofit discount, please email \u003Ca href=\"mailto:nonprofit@stripe.com\" rel=\"nofollow ugc\">nonprofit@stripe.com\u003C\u002Fa> and apply at \u003Ca href=\"http:\u002F\u002Fwww.paypal.com\u002Fcharities\u002F\" rel=\"nofollow ugc\">PayPal’s Nonprofit Center\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>The optional product integrations are priced as follows:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>MailChimp Integration: $8 \u002F month\u003C\u002Fli>\n\u003Cli>Employer Gift Matching: $40 \u002F month\u003C\u002Fli>\n\u003Cli>Salesforce NPSP 3 Integration: $25 \u002F month\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>CONNECT WITH DONORBOX\u003C\u002Fh3>\n\u003Cp>Stay in touch with us for important plugin news and updates:\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fchannel\u002FUC2u40IQvwpbwzXOXxauGYVA?sub_confirmation=1\" rel=\"nofollow ugc\">YouTube\u003C\u002Fa>,\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fdonorbox\u002F\" rel=\"nofollow ugc\">Facebook\u003C\u002Fa>,\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fdonorbox\" rel=\"nofollow ugc\">Twitter\u003C\u002Fa> and\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.linkedin.com\u002Fcompany\u002Fdonorbox\" rel=\"nofollow ugc\">LinkedIn\u003C\u002Fa>\u003C\u002Fp>\n","Donorbox is a powerful and secure donation management plugin for WordPress. We are the only donation plugin for WordPress that offers a fast feature-f &hellip;",9000,148602,96,34,"2025-06-30T07:52:00.000Z","6.8.5","3.0","",[20,21,22,23,24],"donation","donations","fundraising","nonprofit","nonprofits","https:\u002F\u002Fdonorbox.org","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdonorbox-donation-form.7.1.12.zip",99,2,0,"2022-04-20 00:00:00","2026-03-15T15:16:48.613Z",[33,49],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2022-1396","donorbox-free-recurring-donation-form-cross-site-scripting","Donorbox – Free Recurring Donation Form \u003C= 7.1.6 - Cross-Site Scripting","The Donorbox WordPress plugin before 7.1.7 does not sanitise and escape its Campaign URL settings before outputting it in an attribute, leading to a Stored Cross-Site Scripting issue even when the unfiltered_html capability is disallowed",null,"\u003C=7.1.6","7.1.7","medium",5.5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-01-22 19:56:02",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fa4aea6ac-0b36-481c-aa22-db96665404f6?source=api-prod",643,{"id":50,"url_slug":51,"title":52,"description":53,"plugin_slug":4,"theme_slug":38,"affected_versions":54,"patched_in_version":55,"severity":41,"cvss_score":56,"cvss_vector":57,"vuln_type":44,"published_date":58,"updated_date":45,"references":59,"days_to_patch":61},"WF-a660b7b8-550e-42d7-b15a-0ab2aa501623-donorbox-donation-form","donorbox-authenticated-stored-cross-site-scripting","Donorbox \u003C= 7.1.1 - Authenticated Stored Cross-Site Scripting","The Donorbox plugin for WordPress is vulnerable to Cross-Site Scripting in versions up to, and including, 7.1.1 via storing shortcodes due to insufficient input sanitization and output escaping. This makes it possible for privileged attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C7.1.2","7.1.2",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2019-12-19 00:00:00",[60],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fa660b7b8-550e-42d7-b15a-0ab2aa501623?source=api-prod",1496,{"slug":7,"display_name":7,"profile_url":8,"plugin_count":63,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":64,"trust_score":65,"computed_at":66},1,1070,78,"2026-04-04T15:38:29.858Z",[68,89,108,123,139],{"slug":69,"name":70,"version":71,"author":72,"author_profile":73,"description":74,"short_description":75,"active_installs":76,"downloaded":77,"rating":78,"num_ratings":79,"last_updated":80,"tested_up_to":81,"requires_at_least":82,"requires_php":18,"tags":83,"homepage":86,"download_link":87,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":88,"fetched_at":31},"philantro","Philantro – Donations and Donor Management","5.4.1","Philantro Inc.","https:\u002F\u002Fprofiles.wordpress.org\u002Fphilantro\u002F","\u003Cp>\u003Cstrong>This is the official plugin for the \u003Ca href=\"https:\u002F\u002Fwww.philantro.com?utm_source=wordpress&utm_medium=plugin&utm_campaign=wordpress-listing\" title=\"Visit Philantro Donor and Donation Management Platform\" rel=\"nofollow ugc\">Philantro\u003C\u002Fa> platform\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>Philantro is a donation and donor management platform tailored for nonprofits in the United States, Canada and Great Britain. If you are outside of these territories and would like to be added to our BETA program, please drop us an email with your region. For charitable organizations using WordPress that are new to \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.philantro.com?utm_source=wordpress&utm_medium=plugin&utm_campaign=wordpress-listing\" title=\"Visit Philantro Donor and Donation Management Platform\" rel=\"nofollow ugc\">Philantro\u003C\u002Fa>\u003C\u002Fstrong>, our plugin includes a demo account for you to experience the platform without having to register while you research.\u003C\u002Fp>\n\u003Cp>With Philantro, our ever-evolving donation platform places the power of donor lead generation, payment processing, campaign management and more at your fingertips.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cp>Welcome to the better way of accepting online donations; focus more on the mission and less on logistics.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Donor-Centric Donation Forms\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Intelligent and Responsive Donations forms that works with any theme.\u003C\u002Fli>\n\u003Cli>Support International Donors with local and international donor address verification.\u003C\u002Fli>\n\u003Cli>Donation forms that respond to mobile devices – even if your website doesn’t.\u003C\u002Fli>\n\u003Cli>Add donation amount suggestions, fundraising campaigns and more to keep your donors informed and your Board of Directors happy.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Robust Donor Management\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Automated Self-Healing Donor records where you can find everything from donation history to email open activity.\u003C\u002Fli>\n\u003Cli>Follow the activity and set notification triggers for unique donors.\u003C\u002Fli>\n\u003Cli>Track calls, emails and leave notes to keep your team well-informed.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Streamlined Recurring Donations\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Donor Self-Service allows donors to view their donation history and manage their recurring donations.\u003C\u002Fli>\n\u003Cli>Philantro also automatically emails donors who recurring payment methods are approaching expiration or have been declined.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Full-Featured Reporting\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Pull reports on metrics from donation conversions, fundraising campaign performance and donor demographics.\u003C\u002Fli>\n\u003Cli>Gain a 360-degree view of any donor that turns a cold-call into a warm-welcome.\u003C\u002Fli>\n\u003Cli>Gain greater insight with granular filters for donors and transactions.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Plugin Walk-Through\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F4P8cFytfJGQ?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch4>Philantro is perfect for small-to-mid sized nonprofits\u003C\u002Fh4>\n\u003Cblockquote>\n\u003Cul>\n\u003Cli>If you have more than 50,000 donors, drop us an email at \u003Ca href=\"mailto:support@philatro.com\" rel=\"nofollow ugc\">support@philantro.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Accept \u003Ca href=\"https:\u002F\u002Fwww.philantro.com\u002Fdonation-forms.php\" rel=\"nofollow ugc\">one time\u003C\u002Fa>\u002F\u003Ca href=\"https:\u002F\u002Fwww.philantro.com\u002Frecurring-donations.php\" rel=\"nofollow ugc\">recurring donations\u003C\u002Fa> securely.\u003C\u002Fli>\n\u003Cli>Full fledged \u003Ca href=\"https:\u002F\u002Fwww.philantro.com\u002Fevent-ticketing.php\" rel=\"nofollow ugc\">event ticketing\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Manage and track multiple donation campaigns.\u003C\u002Fli>\n\u003Cli>Incredible reporting and analytics from donor conversion rates, gender breakdowns, social network contribution and more.\u003C\u002Fli>\n\u003Cli>Donor records are automatically generated and updated with each transaction so you can see the names used, addresses used, track the largest, first and last gift.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fblockquote>\n\u003Ch4>Secure Processing Powered By Stripe\u003C\u002Fh4>\n\u003Cblockquote>\n\u003Cp>We’ve partnered with \u003Ca href=\"https:\u002F\u002Fstripe.com\" rel=\"nofollow ugc\">Stripe\u003C\u002Fa>, the payment processor behind Twitter, FourSquare and Pinterest to offer nonprofits secure PCI compliant processing, two-day desposits + fraud protection.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>For more information\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.philantro.com\" rel=\"nofollow ugc\">Philantro\u003C\u002Fa>,\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.philantro.com\u002Fsign-up.php\" rel=\"nofollow ugc\">Tour the Philantro Platform\u003C\u002Fa>,\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.philantro.com\u002Fpricing.php\" rel=\"nofollow ugc\">Pricing\u003C\u002Fa>\u003C\u002Fp>\n","Securely accept one-time and recurring donations with automated donor records, analytics and fundraising campaign tracking.",60,8683,84,5,"2025-08-02T09:55:00.000Z","6.6.5","4.1",[84,21,85,22,23],"charity","event-ticketing","http:\u002F\u002Fwww.philantro.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fphilantro.zip","2025-01-27 00:00:00",{"slug":90,"name":91,"version":92,"author":93,"author_profile":94,"description":95,"short_description":96,"active_installs":29,"downloaded":97,"rating":29,"num_ratings":29,"last_updated":18,"tested_up_to":98,"requires_at_least":99,"requires_php":100,"tags":101,"homepage":104,"download_link":105,"security_score":106,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":107},"crowded-collect-dues-fundraising","Crowded Collect — Dues & Fundraising","1.0.1","shaycrowded","https:\u002F\u002Fprofiles.wordpress.org\u002Fshaycrowded\u002F","\u003Cp>Easily embed your fundraising, dues, and event payment collections into your WordPress site with \u003Ca href=\"https:\u002F\u002Fcrowdedfinance.com\" rel=\"nofollow ugc\">Crowded\u003C\u002Fa> Collect.\u003C\u002Fp>\n\u003Cp>Built for all kinds of nonprofits, from associations to charities, nonprofits embed their payment collections created on the Crowded platform to their websites to keep their donors and payers on their site, while processing payments to fund their activities. \u003Ca href=\"https:\u002F\u002Fapp.bankingcrowded.com\u002Fsignup?utm_source=wordpress_plugin\" rel=\"nofollow ugc\">Create a Crowded account\u003C\u002Fa> to create payment collections for your organization or \u003Ca href=\"https:\u002F\u002Fapp.bankingcrowded.com\u002Flogin\" rel=\"nofollow ugc\">log in\u003C\u002Fa> to your account to get started.\u003C\u002Fp>\n\u003Ch4>Embedded Forms\u003C\u002Fh4>\n\u003Cp>Display a full donation form directly on your page as an inline embed. Customize the height for desktop and mobile to ensure a seamless experience for your donors.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[crowded-collect-widget index=\"0\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Donation Buttons with Pop-Up\u003C\u002Fh4>\n\u003Cp>Add a donation button anywhere on your site. When clicked, it opens your collection in a pop-up overlay – keeping payers and donors on your page.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[crowded-collect-button index=\"0\" label=\"Donate Now\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>No coding required\u003C\u002Fstrong> — paste your Collection ID, and you’re good to go\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multiple collections\u003C\u002Fstrong> — add as many as you need\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Two embed styles\u003C\u002Fstrong> — inline iframe or button-triggered pop-up\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Responsive\u003C\u002Fstrong> — set separate heights for desktop and mobile\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How It Works\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Install and activate\u003C\u002Fli>\n\u003Cli>Go to \u003Cstrong>Settings \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Crowded Collect\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Paste your Collection ID from the \u003Ca href=\"https:\u002F\u002Fapp.bankingcrowded.com\u002F\" rel=\"nofollow ugc\">Crowded platform\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Copy the generated shortcode\u003C\u002Fli>\n\u003Cli>Paste it into any page, post, or widget area\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Links\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fbankingcrowded.com\u002F\" rel=\"nofollow ugc\">Crowded Website\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fapp.bankingcrowded.com\u002F\" rel=\"nofollow ugc\">Crowded Platform\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Embed your Crowded collection directly into your WordPress site with no coding required!",122,"6.9.4","5.8","8.0",[102,21,22,23,103],"crowdfunding","payments","https:\u002F\u002Fapp.bankingcrowded.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcrowded-collect-dues-fundraising.1.0.1.zip",100,"2026-03-15T10:48:56.248Z",{"slug":109,"name":110,"version":111,"author":112,"author_profile":113,"description":114,"short_description":115,"active_installs":29,"downloaded":116,"rating":29,"num_ratings":29,"last_updated":117,"tested_up_to":98,"requires_at_least":118,"requires_php":119,"tags":120,"homepage":18,"download_link":122,"security_score":106,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"fundcollector","FundCollector – Donations Plugin and Fundraising Platform for WordPress","1.1.4","Bruno Alesiani","https:\u002F\u002Fprofiles.wordpress.org\u002Fbrales\u002F","\u003Ch4>Easy to use WordPress Donation Plugin\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>FundCollector\u003C\u002Fstrong> is a comprehensive donation management plugin for WordPress that enables organizations to collect donations through multiple payment methods including PayPal and bank transfers.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>PayPal Integration\u003C\u002Fstrong>: Secure PayPal payments with REST API\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Bank Transfer Support\u003C\u002Fstrong>: Alternative payment method with automated instructions\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Gutenberg Block\u003C\u002Fstrong>: Native WordPress block editor integration\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Form Builder\u003C\u002Fstrong>: Customizable donation forms with multiple fields\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Email Notifications\u003C\u002Fstrong>: Automated emails to donors and administrators\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Security Features\u003C\u002Fstrong>: Honeypot protection, reCAPTCHA support, and data encryption\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multi-language\u003C\u002Fstrong>: Full translation support for English, Spanish, French, German, Portuguese, and Italian. Additional languages will be added in future versions.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Admin Dashboard\u003C\u002Fstrong>: Complete donation management and reporting\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Pre-built Pages\u003C\u002Fstrong>: Automatic creation of essential pages (Donation, Thank You, Payment Failed, Privacy Policy)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Auto-updates\u003C\u002Fstrong>: Configurable automatic plugin updates\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Payment Methods\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>PayPal\u003C\u002Fstrong>: Complete PayPal REST API integration with sandbox support\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Bank Transfer\u003C\u002Fstrong>: Manual payment method with customizable instructions\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Future Support\u003C\u002Fstrong>: Extensible architecture for additional payment gateways\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Security\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Data encryption for sensitive information\u003C\u002Fli>\n\u003Cli>Honeypot spam protection\u003C\u002Fli>\n\u003Cli>reCAPTCHA integration\u003C\u002Fli>\n\u003Cli>CSRF protection with nonces\u003C\u002Fli>\n\u003Cli>Sanitized input validation\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Compliance\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>GDPR compliant data handling\u003C\u002Fli>\n\u003Cli>Privacy-focused design\u003C\u002Fli>\n\u003Cli>Data retention controls\u003C\u002Fli>\n\u003Cli>Audit trail logging\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Privacy Policy\u003C\u002Fh3>\n\u003Cp>FundCollector takes privacy seriously:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Payment data is processed securely through PayPal’s API\u003C\u002Fli>\n\u003Cli>Sensitive data is encrypted at rest\u003C\u002Fli>\n\u003Cli>No data is shared with third parties without consent\u003C\u002Fli>\n\u003Cli>Users can request data deletion at any time\u003C\u002Fli>\n\u003Cli>Full audit trail is maintained for compliance\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin connects to external third-party services to provide payment processing and security features. Below is a detailed disclosure of each service used:\u003C\u002Fp>\n\u003Cp>\u003Cstrong>PayPal Payment Processing\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>What it is:\u003C\u002Fstrong> PayPal is a payment processing service used to handle online donations via credit cards, debit cards, and PayPal accounts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>When it’s used:\u003C\u002Fstrong> Activated when donors choose PayPal as their payment method. Connections occur during payment creation, authorization, and completion.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data transmitted:\u003C\u002Fstrong> Donor information (name, email), donation amount, currency, and transaction metadata are sent to PayPal’s servers for payment processing.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>API endpoints used:\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Production: \u003Ccode>https:\u002F\u002Fapi-m.paypal.com\u003C\u002Fcode> (live transactions)\u003C\u002Fli>\n\u003Cli>Sandbox: \u003Ccode>https:\u002F\u002Fapi-m.sandbox.paypal.com\u003C\u002Fcode> (testing environment)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy Policy:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwww.paypal.com\u002Fprivacy\" rel=\"nofollow ugc\">PayPal Privacy Statement\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms of Service:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwww.paypal.com\u002Flegal\u002Fua\u002Fuseragreement-full\" rel=\"nofollow ugc\">PayPal User Agreement\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Google reCAPTCHA v3\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>What it is:\u003C\u002Fstrong> Google reCAPTCHA v3 is an anti-spam protection service that helps prevent automated bot submissions.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>When it’s used:\u003C\u002Fstrong> Optional feature (can be disabled). When enabled, reCAPTCHA analyzes user behavior on donation forms to detect potential spam or bot activity.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data transmitted:\u003C\u002Fstrong> User interaction data (mouse movements, typing patterns, IP address) is sent to Google’s servers for spam analysis. The reCAPTCHA token generated is validated server-side.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>API endpoints used:\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Client-side script: \u003Ccode>https:\u002F\u002Fwww.google.com\u002Frecaptcha\u002Fapi.js\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Server-side verification: \u003Ccode>https:\u002F\u002Fwww.google.com\u002Frecaptcha\u002Fapi\u002Fsiteverify\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy Policy:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fpolicies.google.com\u002Fprivacy\" rel=\"nofollow ugc\">Google Privacy Policy\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms of Service:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fpolicies.google.com\u002Fterms\" rel=\"nofollow ugc\">Google reCAPTCHA Terms of Service\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>User Control\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>PayPal integration is optional and can be disabled in plugin settings (bank transfer only mode)\u003C\u002Fli>\n\u003Cli>Google reCAPTCHA is optional and can be disabled in plugin settings\u003C\u002Fli>\n\u003Cli>Users are informed about these integrations during plugin configuration\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Data Protection\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>All communication with external services occurs over encrypted HTTPS connections\u003C\u002Fli>\n\u003Cli>API credentials (PayPal Client ID\u002FSecret, reCAPTCHA keys) are stored encrypted in the WordPress database\u003C\u002Fli>\n\u003Cli>No donor payment card data is stored on your WordPress server – all sensitive payment information is handled directly by PayPal\u003C\u002Fli>\n\u003Cli>reCAPTCHA tokens are temporary and only used for spam verification\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Developer Information\u003C\u002Fh3>\n\u003Cp>FundCollector is built with security and extensibility in mind:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WordPress Coding Standards compliant\u003C\u002Fli>\n\u003Cli>Comprehensive error handling\u003C\u002Fli>\n\u003Cli>Extensive logging system\u003C\u002Fli>\n\u003Cli>Modular architecture\u003C\u002Fli>\n\u003Cli>Action and filter hooks for customization\u003C\u002Fli>\n\u003Cli>Developer-friendly API\u003C\u002Fli>\n\u003C\u002Ful>\n","Easily receive donations on your website. Accept payments made with PayPal. For bank transfers, it automatically sends payment instructions via email.",188,"2025-12-17T17:23:00.000Z","5.0","7.4",[84,21,22,23,121],"paypal","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffundcollector.1.1.4.zip",{"slug":124,"name":125,"version":126,"author":127,"author_profile":128,"description":129,"short_description":130,"active_installs":29,"downloaded":131,"rating":29,"num_ratings":29,"last_updated":132,"tested_up_to":98,"requires_at_least":133,"requires_php":119,"tags":134,"homepage":137,"download_link":138,"security_score":106,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"suredonation","SureDonation","0.0.1","Brainstorm Force","https:\u002F\u002Fprofiles.wordpress.org\u002Fbrainstormforce\u002F","\u003Cp>SureDonation is a comprehensive donation management solution for WordPress.\u003C\u002Fp>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>This plugin relies on the following third-party and external services:\u003C\u002Fp>\n\u003Ch4>Stripe\u003C\u002Fh4>\n\u003Cp>This plugin uses \u003Ca href=\"https:\u002F\u002Fstripe.com\" rel=\"nofollow ugc\">Stripe\u003C\u002Fa> to process donation payments. Stripe’s JavaScript SDK is loaded on pages that contain a donation form, and payment data (amount, currency, donor email) is sent directly from the donor’s browser to Stripe’s servers when a donation is submitted.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fstripe.com\u002Flegal\" rel=\"nofollow ugc\">Stripe Terms of Service\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fstripe.com\u002Fprivacy\" rel=\"nofollow ugc\">Stripe Privacy Policy\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>SureForms Middleware API\u003C\u002Fh4>\n\u003Cp>This plugin communicates with the SureForms middleware API (api.sureforms.com) to securely create and capture Stripe payment intents with platform fee handling, and to validate webhook signatures. When a donor submits a donation, the plugin sends the donation amount, currency, donor email, Stripe customer ID, and payment metadata to this middleware.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsureforms.com\u002Fterms-and-conditions\" rel=\"nofollow ugc\">SureForms Terms of Service\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsureforms.com\u002Fprivacy-policy\u002F\" rel=\"nofollow ugc\">SureForms Privacy Policy\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","A powerful donation management plugin for WordPress with campaign tracking, Stripe payment processing, and donor management.",141,"2026-03-04T10:31:00.000Z","6.4",[135,21,22,23,136],"campaigns","stripe","https:\u002F\u002Fsuredonation.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsuredonation.0.0.1.zip",{"slug":140,"name":141,"version":142,"author":143,"author_profile":144,"description":145,"short_description":146,"active_installs":29,"downloaded":147,"rating":29,"num_ratings":29,"last_updated":18,"tested_up_to":98,"requires_at_least":148,"requires_php":119,"tags":149,"homepage":152,"download_link":153,"security_score":106,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":107},"youbehero","Add Donation to Cart","1.3.5","YouBeHero","https:\u002F\u002Fprofiles.wordpress.org\u002Fyoubehero\u002F","\u003Cp>\u003Cstrong>Add Donation to Cart\u003C\u002Fstrong> by YouBeHero adds a donation widget to your WooCommerce checkout, allowing customers to support nonprofit organizations during purchase. The widget is optional and seamlessly integrates without disrupting the checkout flow.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Benefits:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Increase customer loyalty and conversions\u003Cbr \u002F>\n* Differentiate your brand as socially responsible\u003Cbr \u002F>\n* Build trust through transparent impact reporting\u003C\u002Fp>\n\u003Cp>Currently available for Greek e-commerce stores with English locale support.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Seamless checkout integration featuring configurable positioning options\u003Cbr \u002F>\n* Comprehensive integration with Gutenberg blocks, Elementor widgets, WP Bakery, and shortcode support\u003Cbr \u002F>\n* Administrative dashboard providing real-time statistics and comprehensive transaction history\u003Cbr \u002F>\n* Extensive styling and appearance customization capabilities\u003Cbr \u002F>\n* Support for multiple nonprofit organizations (up to 7 organizations)\u003Cbr \u002F>\n* Thank you page widget functionality and email integration capabilities\u003Cbr \u002F>\n* Translation-ready with support for Greek and English languages\u003C\u002Fp>\n\u003Ch3>Video tutorials\u003C\u002Fh3>\n\u003Cp>Step-by-step video guides (in Greek) to get you started:\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Installation guide\u003C\u002Fstrong> – How to install and configure the Add Donation to Cart plugin on your WordPress store\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fpa3H92HXAi4?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Gutenberg\u003C\u002Fstrong> – How to add the donation widget to checkout using the Gutenberg block editor\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FXwpa1gcUgmw?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Elementor\u003C\u002Fstrong> – How to add the donation widget to checkout using Elementor editor\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F46m8FOV26Ko?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Shortcodes\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Donation Form:\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Ccode>[youbehero_donation_form]\u003C\u002Fcode> – Main donation form widget\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Statistics:\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Ccode>[total-donations]\u003C\u002Fcode> – Total amount of donations (formatted with currency)\u003Cbr \u002F>\n* \u003Ccode>[total-number-of-donations]\u003C\u002Fcode> – Total number of donations made\u003Cbr \u002F>\n* \u003Ccode>[total-number-supported-non-profits]\u003C\u002Fcode> – Number of supported organizations\u003C\u002Fp>\n\u003Cp>Works with Elementor, WP Bakery, Gutenberg, and any theme that supports shortcodes.\u003C\u002Fp>\n\u003Ch3>Admin Dashboard\u003C\u002Fh3>\n\u003Cp>The dashboard provides:\u003Cbr \u002F>\n* Account management (API key, status, balance)\u003Cbr \u002F>\n* Statistics (total donations, sales, average cart value, order count, supported organizations)\u003Cbr \u002F>\n* Transaction history with links to WooCommerce orders\u003Cbr \u002F>\n* Widget configuration (positioning, styling, organizations, donation amounts)\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Privacy and Data Handling\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This plugin integrates with the YouBeHero platform. The following data is shared:\u003Cbr \u002F>\n* API key, order ID, purchase amount, donation amount, selected organization\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Why:\u003C\u002Fstrong> To process donations, display widgets, and provide analytics. No payment details are shared. All data transmitted via HTTPS.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Callback URL:\u003C\u002Fstrong> YouBeHero may redirect administrators to automatically configure API tokens. Only administrators can access, and tokens are sanitized before storage.\u003C\u002Fp>\n\u003Cp>External service: \u003Cstrong>YouBeHero\u003C\u002Fstrong>\u003Cbr \u002F>\n* Website: \u003Ca href=\"https:\u002F\u002Fyoubehero.com\" rel=\"nofollow ugc\">https:\u002F\u002Fyoubehero.com\u003C\u002Fa>\u003Cbr \u002F>\n* Terms: \u003Ca href=\"https:\u002F\u002Fyoubehero.com\u002Fgr\u002Ftermsbusiness\" rel=\"nofollow ugc\">https:\u002F\u002Fyoubehero.com\u002Fgr\u002Ftermsbusiness\u003C\u002Fa>\u003Cbr \u002F>\n* Privacy: \u003Ca href=\"https:\u002F\u002Fyoubehero.com\u002Fgr\u002Fprivacy\" rel=\"nofollow ugc\">https:\u002F\u002Fyoubehero.com\u002Fgr\u002Fprivacy\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Contributing\u003C\u002Fh3>\n\u003Cp>Open source contributions welcome! Submit pull requests at \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FYouBeHero\u002FYBH-WP-Plugin\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002FYouBeHero\u002FYBH-WP-Plugin\u003C\u002Fa>\u003C\u002Fp>\n","Add Donation to Cart by YouBeHero is a powerful WordPress plugin that adds a donation widget to your WooCommerce checkout.",501,"5.7",[150,21,22,23,151],"checkout","woocommerce","https:\u002F\u002Fyoubehero.com\u002Fgr\u002Fsignup-eshop","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fyoubehero.1.3.5.zip",{"attackSurface":155,"codeSignals":184,"taintFlows":192,"riskAssessment":193,"analyzedAt":202},{"hooks":156,"ajaxHandlers":173,"restRoutes":174,"shortcodes":175,"cronEvents":183,"entryPointCount":28,"unprotectedCount":29},[157,163,167],{"type":158,"name":159,"callback":160,"file":161,"line":162},"action","admin_menu","donorbox_add_options_page_function","donorbox_embed_campaign.php",190,{"type":158,"name":164,"callback":165,"file":161,"line":166},"admin_init","donorbox_initiate_class",191,{"type":168,"name":169,"callback":170,"priority":171,"file":161,"line":172},"filter","plugin_row_meta","donorbox_embed_campaign_set_plugin_meta",10,192,[],[],[176,179],{"tag":177,"callback":178,"file":161,"line":116},"donate","display_donorbox_iframe",{"tag":180,"callback":181,"file":161,"line":182},"donate-with-info","display_donorbox_iframe_with_info",189,[],{"dangerousFunctions":185,"sqlUsage":186,"outputEscaping":188,"fileOperations":29,"externalRequests":29,"nonceChecks":29,"capabilityChecks":29,"bundledLibraries":191},[],{"prepared":29,"raw":29,"locations":187},[],{"escaped":189,"rawEcho":29,"locations":190},3,[],[],[],{"summary":194,"deductions":195},"The donorbox-donation-form plugin v7.1.12 exhibits a mixed security posture.  The static analysis reveals good practices in several key areas.  There are no dangerous functions, all SQL queries use prepared statements, and all identified outputs are properly escaped.  The absence of file operations and external HTTP requests further contributes positively to its security.  Furthermore, the attack surface, while consisting of two shortcodes, is noted as having no unprotected entry points.  The taint analysis also shows no identified flows with unsanitized paths, indicating a lack of evident code-level vulnerabilities in this version.\n\nHowever, the plugin's vulnerability history presents a significant concern.  With two known medium-severity CVEs, both historically related to Cross-site Scripting (XSS), and a last vulnerability recorded in April 2022, there's an indication of past weaknesses in input sanitization or output encoding.  While there are currently no unpatched vulnerabilities, the recurring nature of XSS issues suggests a potential for these to reappear if not rigorously addressed in future development.  The lack of explicit nonce checks and capability checks in the static analysis, while not directly flagged as vulnerabilities due to the absence of unprotected entry points, could represent a potential area for concern if the attack surface were to expand or change in future versions.\n\nIn conclusion, while the current version of donorbox-donation-form v7.1.12 appears to be free of critical or high-severity code-level vulnerabilities based on the static and taint analysis, its past history of medium-severity XSS vulnerabilities warrants careful consideration.  Users should ensure they are running the absolute latest version, as the absence of unpatched CVEs is a positive sign.  However, the historical pattern should prompt ongoing vigilance.",[196,198,200],{"reason":197,"points":171},"Past medium severity XSS vulnerabilities",{"reason":199,"points":79},"Missing nonce checks",{"reason":201,"points":79},"Missing capability checks","2026-03-16T17:54:10.511Z",{"wat":204,"direct":211},{"assetPaths":205,"generatorPatterns":207,"scriptPaths":208,"versionParams":210},[206],"\u002Fwp-content\u002Fplugins\u002Fdonorbox-donation-form\u002Fdonorbox_embed_campaign.php",[],[209],"https:\u002F\u002Fdonorbox.org\u002Fwidget.js",[],{"cssClasses":212,"htmlComments":214,"htmlAttributes":215,"restEndpoints":217,"jsGlobals":218,"shortcodeOutput":219},[213],"description",[],[216],"name=\"donorbox_embed_campaign_options[donorbox_embed_campaign_id]\"",[],[],[220,221,222,223,224,225,226,227,228,229],"\u003Cscript src=\"https:\u002F\u002Fdonorbox.org\u002Fwidget.js\" type=\"text\u002Fjavascript\">\u003C\u002Fscript>","\u003Ciframe src=\"https:\u002F\u002Fdonorbox.org\u002Fembed\u002F","style=\"max-width:500px; min-width:310px;\"","style=\"max-width:100%; min-width:100%;\"","seamless=\"seamless\"","id=\"dbox-form-embed\"","name=\"donorbox\"","frameborder=\"0\"","scrolling=\"no\"","allowpaymentrequest>"]