[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fsH1ft_B1n-IhtVTdeuolLGXohBEStNNMdB9B7XI5lho":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":15,"requires_php":15,"tags":16,"homepage":22,"download_link":23,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":34,"analysis":35,"fingerprints":116},"duecom-e-commerce-payment-gateway","Due.com E-Commerce Payment Gateway","1.4.4","Due","https:\u002F\u002Fprofiles.wordpress.org\u002Fdue\u002F","\u003Cp>Be sure to checkout our \u003Ca href=\"https:\u002F\u002Fdue.com\u002Fblog\u002Frequest-access-use-due-payment-gateway-woocommerce\u002F\" rel=\"nofollow ugc\">tutorial\u003C\u002Fa> on using this plugin.\u003C\u002Fp>\n\u003Cp>This plugin adds the Due.com E-Commerce Payment Gateway Support to WooCommerce for accepting \u003Cstrong>Credit Cards Payments\u003C\u002Fstrong> directly on checkout page for your WooCommerce products and subscriptions.\u003Cbr \u002F>\nThis plugin uses Due API \u003Cstrong>v1\u003C\u002Fstrong> to charge credit cards. For better visualization of how it looks & works check screenshots tab.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Accept Credit Card Payments.\u003C\u002Fli>\n\u003Cli>Supports Products and Subscriptions.\u003C\u002Fli>\n\u003Cli>Give your customers the option to store and manage credit cards for future payments.\u003C\u002Fli>\n\u003Cli>Supports Sandbox and Live Integration.\u003C\u002Fli>\n\u003Cli>Need custom checkout experience? Contact \u003Ca href=\"https:\u002F\u002Fsupport.due.com\" rel=\"nofollow ugc\">Due Support\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>This plugin requires SSL.\u003C\u002Fli>\n\u003Cli>This plugin supports refunds \u003Cstrong>(Only in Cents)\u003C\u002Fstrong> in woocommerce interface\u003C\u002Fli>\n\u003Cli>Contribute to future releases by sending us \u003Ca href=\"mailto:chalmers@due.com?subject=Feature%20Request\" rel=\"nofollow ugc\">Feature Requests\u003C\u002Fa>!\u003C\u002Fli>\n\u003C\u002Fol>\n","Be sure to checkout our tutorial on using this plugin.",10,2316,0,"2018-10-10T05:29:00.000Z","",[17,18,19,20,21],"due-alipay-bitcoin-for-woocommerce","due-alipay-for-woocommerce","due-payment-gateway-for-woocommerce","due-woocommerce-plugin","woocommerce-plugin-due-alipay-bitcoin","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fduecom-e-commerce-payment-gateway\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fduecom-e-commerce-payment-gateway.1.4.4.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":24,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},"due",4,30,84,"2026-04-04T13:45:15.770Z",[],{"attackSurface":36,"codeSignals":83,"taintFlows":103,"riskAssessment":104,"analyzedAt":115},{"hooks":37,"ajaxHandlers":79,"restRoutes":80,"shortcodes":81,"cronEvents":82,"entryPointCount":13,"unprotectedCount":13},[38,44,48,52,57,61,65,69,73,75],{"type":39,"name":40,"callback":41,"file":42,"line":43},"action","wp_enqueue_scripts","add_scripts","includes\\class-wc-gateway-duecom.php",69,{"type":39,"name":45,"callback":46,"priority":11,"file":42,"line":47},"woocommerce_payment_complete","add_subscription_token_id",78,{"type":39,"name":49,"callback":50,"priority":11,"file":42,"line":51},"wcs_resubscribe_order_created","delete_resubscribe_meta",93,{"type":53,"name":54,"callback":55,"priority":11,"file":42,"line":56},"filter","woocommerce_subscription_payment_meta","add_subscription_payment_meta",99,{"type":53,"name":58,"callback":59,"priority":11,"file":42,"line":60},"woocommerce_subscription_validate_payment_meta","validate_subscription_payment_meta",104,{"type":53,"name":62,"callback":63,"priority":11,"file":42,"line":64},"woocommerce_my_subscriptions_payment_method","maybe_render_subscription_payment_method",110,{"type":39,"name":66,"callback":67,"file":42,"line":68},"wp_head","closure",285,{"type":39,"name":70,"callback":71,"priority":13,"file":72,"line":31},"plugins_loaded","init","woocommerce-gateway-duecom.php",{"type":39,"name":40,"callback":41,"file":72,"line":74},31,{"type":53,"name":76,"callback":77,"file":72,"line":78},"woocommerce_payment_gateways","register_gateway",32,[],[],[],[],{"dangerousFunctions":84,"sqlUsage":85,"outputEscaping":87,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":102},[],{"prepared":13,"raw":13,"locations":86},[],{"escaped":88,"rawEcho":89,"locations":90},15,5,[91,94,96,98,100],{"file":42,"line":92,"context":93},224,"raw output",{"file":42,"line":95,"context":93},237,{"file":42,"line":97,"context":93},244,{"file":42,"line":99,"context":93},290,{"file":42,"line":101,"context":93},341,[],[],{"summary":105,"deductions":106},"The 'duecom-e-commerce-payment-gateway' plugin version 1.4.4 exhibits a strong security posture based on the provided static analysis.  The absence of identified dangerous functions, external HTTP requests, file operations, and SQL queries that do not use prepared statements indicates good coding practices.  The taint analysis showing zero flows with unsanitized paths further reinforces this positive assessment.  The plugin also has a clean vulnerability history with no recorded CVEs, suggesting a consistent effort towards maintaining security.\n\nHowever, there are areas for improvement. A significant concern is the complete lack of capability checks and nonce checks. This implies that many operations within the plugin might be accessible to users without proper authorization, especially if new entry points are introduced in future versions. While the current attack surface is zero, relying on this without inherent permission checks is a risky assumption. The unescaped output rate, while not critical, also presents a potential area for Cross-Site Scripting (XSS) vulnerabilities if malicious data is not properly handled by the theme or other plugins interacting with these outputs.\n\nIn conclusion, the plugin is currently in a good state with no identified critical vulnerabilities and a history of stability. The developers have employed several good security practices. Nevertheless, the complete absence of capability and nonce checks on all entry points, despite the current zero attack surface, represents a significant oversight that could lead to vulnerabilities if the attack surface expands or if unexpected interactions occur. The unescaped output, while minor, should also be addressed for complete robustness.",[107,110,112],{"reason":108,"points":109},"No nonce checks implemented",8,{"reason":111,"points":11},"No capability checks implemented",{"reason":113,"points":114},"25% of output not properly escaped",6,"2026-03-17T00:47:45.029Z",{"wat":117,"direct":123},{"assetPaths":118,"generatorPatterns":120,"scriptPaths":121,"versionParams":122},[119],"\u002Fwp-content\u002Fplugins\u002Fduecom-e-commerce-payment-gateway\u002Fassets\u002Fcss\u002Fstyle.css",[],[],[],{"cssClasses":124,"htmlComments":125,"htmlAttributes":126,"restEndpoints":127,"jsGlobals":128,"shortcodeOutput":129},[],[],[],[],[],[]]