[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fWKP_Es8rvykhORVCW8_JxJaO81gLcGJeoREuLprdAMA":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":17,"download_link":22,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25,"vulnerabilities":26,"developer":27,"crawl_stats":24,"alternatives":32,"analysis":33,"fingerprints":249},"easy-woocommerce-zoho-crm-integration","Easy Woocommerce ZOHO CRM Integration","1.0.0","smartkcoders","https:\u002F\u002Fprofiles.wordpress.org\u002Fsmartkcoders\u002F","\u003Cp>WooCommerce – Zoho CRM Integration plugin can integrates your WooCommerce Orders and Customers with Zoho CRM as Contacts or Leads. Easily add\u002Fupdate automatically order as a Contacts or Leads into Zoho CRM when add new order or update order on your site. Easily add\u002Fupdate automatically Contacts or Leads into Zoho CRM when customer add\u002Fupdate\u002Fregister on your site.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Automatically add new WooCommerce orders to Zoho CRM as Contacts or Leads\u003C\u002Fli>\n\u003Cli>Integrated WooCommerce order automatically update into Zoho CRM as a Contacts or 3. Leads when an order update on your site\u003C\u002Fli>\n\u003Cli>Bulk orders integration\u003C\u002Fli>\n\u003Cli>Easily integrates WooCommerce customer to Zoho CRM as a Contacts or Leads\u003C\u002Fli>\n\u003Cli>Add\u002FUpdate automatically Contacts or Leads into Zoho CRM when customer \u003C\u002Fli>\n\u003Cli>add\u002Fupdate\u002Fregister on your site\u003C\u002Fli>\n\u003Cli>Bulk customers integration\u003C\u002Fli>\n\u003Cli>Easily map your WooCommerce order and customer fields to Zoho CRM Contacts or Leads fields\u003C\u002Fli>\n\u003Cli>Also, support Zoho CRM custom fields.\u003C\u002Fli>\n\u003Cli>Making customer relationship management simple\u003C\u002Fli>\n\u003Cli>Integrates unlimited WooCommerce customers and orders\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Upcoming Features\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Custom Module\u003C\u002Fli>\n\u003Cli>Custom layout\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Help\u003C\u002Fh3>\n\u003Cp>In case, you are not sure on how to proceed with the Easy Woocommerce ZOHO CRM Integration, feel free to contact smartcoderslab@gmail.com.\u003C\u002Fp>\n","WooCommerce – Zoho CRM Integration plugin can integrates your WooCommerce Orders and Customers with Zoho CRM as Contacts or Leads.",10,1323,0,"2018-08-10T13:52:00.000Z","4.9.29","3.3","",[19,20,21],"woocommerce-customers-zoho-crm-contact-generation","woocommerce-customers-zoho-crm-integration","woocommerce-customers-zoho-crm-lead-capture","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-woocommerce-zoho-crm-integration.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":28,"total_installs":11,"avg_security_score":23,"avg_patch_time_days":29,"trust_score":30,"computed_at":31},1,30,84,"2026-04-04T09:16:51.476Z",[],{"attackSurface":34,"codeSignals":70,"taintFlows":156,"riskAssessment":233,"analyzedAt":248},{"hooks":35,"ajaxHandlers":66,"restRoutes":67,"shortcodes":68,"cronEvents":69,"entryPointCount":13,"unprotectedCount":13},[36,41,46,49,52,55,58,63],{"type":37,"name":38,"callback":39,"file":40,"line":11},"action","admin_menu","easy_wc_zohocrm_main_menu","includes\\admin\\admin-core.php",{"type":37,"name":42,"callback":43,"priority":11,"file":44,"line":45},"user_register","easy_wc_zohocrm_customer_on_hooks","includes\\functions.php",11,{"type":37,"name":47,"callback":43,"priority":11,"file":44,"line":48},"edit_user_profile_update",12,{"type":37,"name":50,"callback":43,"priority":11,"file":44,"line":51},"profile_update",13,{"type":37,"name":53,"callback":43,"priority":11,"file":44,"line":54},"woocommerce_customer_save_address",14,{"type":37,"name":56,"callback":43,"priority":11,"file":44,"line":57},"woocommerce_save_account_details",15,{"type":37,"name":59,"callback":60,"priority":61,"file":44,"line":62},"woocommerce_new_order","easy_wc_zohocrm_order_on_hooks",90,41,{"type":37,"name":64,"callback":60,"priority":61,"file":44,"line":65},"woocommerce_update_order",42,[],[],[],[],{"dangerousFunctions":71,"sqlUsage":79,"outputEscaping":87,"fileOperations":80,"externalRequests":154,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":155},[72,77],{"fn":73,"file":74,"line":75,"context":76},"unserialize","includes\\admin\\admin-integration-settings.php",65,"$modules = unserialize( get_option( 'easy_wc_zohocrm_modules' ) );",{"fn":73,"file":74,"line":78,"context":76},289,{"prepared":28,"raw":80,"locations":81},2,[82,85],{"file":74,"line":83,"context":84},147,"$wpdb->get_results() with variable interpolation",{"file":74,"line":86,"context":84},209,{"escaped":88,"rawEcho":89,"locations":90},23,37,[91,95,97,98,99,101,102,103,105,107,109,110,112,114,115,117,119,121,123,125,127,128,129,131,133,135,136,137,138,139,140,142,144,147,148,150,152],{"file":92,"line":93,"context":94},"includes\\admin\\admin-bulk-integration.php",64,"raw output",{"file":92,"line":96,"context":94},82,{"file":92,"line":96,"context":94},{"file":92,"line":96,"context":94},{"file":92,"line":100,"context":94},99,{"file":92,"line":100,"context":94},{"file":92,"line":100,"context":94},{"file":92,"line":104,"context":94},116,{"file":92,"line":106,"context":94},151,{"file":92,"line":108,"context":94},153,{"file":92,"line":108,"context":94},{"file":92,"line":111,"context":94},199,{"file":92,"line":113,"context":94},201,{"file":92,"line":113,"context":94},{"file":92,"line":116,"context":94},241,{"file":92,"line":118,"context":94},264,{"file":92,"line":120,"context":94},281,{"file":92,"line":122,"context":94},282,{"file":92,"line":124,"context":94},283,{"file":74,"line":126,"context":94},72,{"file":74,"line":126,"context":94},{"file":74,"line":126,"context":94},{"file":74,"line":130,"context":94},246,{"file":74,"line":132,"context":94},248,{"file":74,"line":134,"context":94},259,{"file":74,"line":134,"context":94},{"file":74,"line":134,"context":94},{"file":74,"line":134,"context":94},{"file":74,"line":118,"context":94},{"file":74,"line":118,"context":94},{"file":74,"line":141,"context":94},333,{"file":74,"line":143,"context":94},347,{"file":145,"line":146,"context":94},"includes\\admin\\admin-zohocrm-config.php",25,{"file":145,"line":65,"context":94},{"file":145,"line":149,"context":94},55,{"file":145,"line":151,"context":94},88,{"file":145,"line":153,"context":94},94,5,[],[157,175,194,203,214,222],{"entryPoint":158,"graph":159,"unsanitizedCount":173,"severity":174},"easy_wc_zohocrm_integration_callback (includes\\admin\\admin-bulk-integration.php:10)",{"nodes":160,"edges":170},[161,165],{"id":162,"type":163,"label":164,"file":92,"line":48},"n0","source","$_REQUEST (x3)",{"id":166,"type":167,"label":168,"file":92,"line":120,"wp_function":169},"n1","sink","echo() [XSS]","echo",[171],{"from":162,"to":166,"sanitized":172},false,3,"medium",{"entryPoint":176,"graph":177,"unsanitizedCount":193,"severity":174},"easy_wc_zohocrm_configuration_callback (includes\\admin\\admin-zohocrm-config.php:10)",{"nodes":178,"edges":190},[179,181,185,188],{"id":162,"type":163,"label":180,"file":145,"line":51},"$_REQUEST (x4)",{"id":166,"type":167,"label":182,"file":145,"line":183,"wp_function":184},"update_option() [Settings Manipulation]",16,"update_option",{"id":186,"type":163,"label":164,"file":145,"line":187},"n2",33,{"id":189,"type":167,"label":168,"file":145,"line":65,"wp_function":169},"n3",[191,192],{"from":162,"to":166,"sanitized":172},{"from":186,"to":189,"sanitized":172},7,{"entryPoint":195,"graph":196,"unsanitizedCount":173,"severity":202},"\u003Cadmin-bulk-integration> (includes\\admin\\admin-bulk-integration.php:0)",{"nodes":197,"edges":200},[198,199],{"id":162,"type":163,"label":164,"file":92,"line":48},{"id":166,"type":167,"label":168,"file":92,"line":120,"wp_function":169},[201],{"from":162,"to":166,"sanitized":172},"low",{"entryPoint":204,"graph":205,"unsanitizedCount":213,"severity":202},"easy_wc_zohocrm_integration_settings_callback (includes\\admin\\admin-integration-settings.php:9)",{"nodes":206,"edges":211},[207,209],{"id":162,"type":163,"label":180,"file":74,"line":208},19,{"id":166,"type":167,"label":182,"file":74,"line":210,"wp_function":184},29,[212],{"from":162,"to":166,"sanitized":172},4,{"entryPoint":215,"graph":216,"unsanitizedCount":213,"severity":202},"\u003Cadmin-integration-settings> (includes\\admin\\admin-integration-settings.php:0)",{"nodes":217,"edges":220},[218,219],{"id":162,"type":163,"label":180,"file":74,"line":208},{"id":166,"type":167,"label":182,"file":74,"line":210,"wp_function":184},[221],{"from":162,"to":166,"sanitized":172},{"entryPoint":223,"graph":224,"unsanitizedCount":193,"severity":202},"\u003Cadmin-zohocrm-config> (includes\\admin\\admin-zohocrm-config.php:0)",{"nodes":225,"edges":230},[226,227,228,229],{"id":162,"type":163,"label":180,"file":145,"line":51},{"id":166,"type":167,"label":182,"file":145,"line":183,"wp_function":184},{"id":186,"type":163,"label":164,"file":145,"line":187},{"id":189,"type":167,"label":168,"file":145,"line":65,"wp_function":169},[231,232],{"from":162,"to":166,"sanitized":172},{"from":186,"to":189,"sanitized":172},{"summary":234,"deductions":235},"The \"easy-woocommerce-zoho-crm-integration\" plugin v1.0.0 exhibits several concerning security practices despite a seemingly clean vulnerability history. The static analysis reveals a significant lack of fundamental security checks, particularly the absence of any nonce checks or capability checks across its entry points. This is further exacerbated by the presence of the dangerous `unserialize` function, which is a well-known vector for remote code execution if used with untrusted input. The taint analysis indicates that all analyzed flows have unsanitized paths, though currently without critical or high severity findings, this still represents a substantial risk given the other identified weaknesses.\n\nWhile the plugin has no recorded CVEs and a low percentage of SQL queries are not prepared, these positive aspects are overshadowed by the critical deficiencies in input validation and authorization. The plugin's reliance on `unserialize` and the complete absence of nonce and capability checks create a broad attack surface, even with zero identified entry points in the initial analysis. This suggests a potential for undiscovered vulnerabilities or a very limited functionality scope. Given these factors, the plugin presents a moderate to high security risk due to potential for severe vulnerabilities like Remote Code Execution or Cross-Site Scripting if attacker-controlled data can reach the `unserialize` function or if output is not properly escaped.\n\nIn conclusion, while the plugin boasts no known CVEs and a small number of file operations and external HTTP requests, its security posture is weakened by critical omissions in basic security implementations such as nonce and capability checks, alongside the risky use of `unserialize`. The taint analysis, while not showing immediate critical threats, highlights potential pathways for exploitation. Further investigation into how `unserialize` is used and what data it processes is highly recommended.",[236,238,240,242,244,246],{"reason":237,"points":57},"Dangerous function: unserialize used",{"reason":239,"points":11},"No nonce checks found",{"reason":241,"points":11},"No capability checks found",{"reason":243,"points":57},"All taint flows have unsanitized paths",{"reason":245,"points":154},"Low output escaping percentage",{"reason":247,"points":154},"Low percentage of prepared SQL statements","2026-03-17T00:21:24.871Z",{"wat":250,"direct":255},{"assetPaths":251,"generatorPatterns":252,"scriptPaths":253,"versionParams":254},[],[],[],[],{"cssClasses":256,"htmlComments":257,"htmlAttributes":262,"restEndpoints":267,"jsGlobals":268,"shortcodeOutput":269},[],[258,259,260,261],"\u003C!-- This is a constant variable for plugin path. -->","\u003C!-- This is a file for includes core functionality. -->","\u003C!-- This is a function that run when plugin activation. -->","\u003C!-- This is a function for integration. -->",[263,264,265,266],"name=\"easy_wc_zohocrm_type\"","name=\"easy_wc_zohocrm_record_per_page\"","name=\"filter\"","name=\"records\"",[],[],[]]