[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fbzFLr0nEM0wDL9oDjjohveWbfsRrkywCk388F0UoJ14":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":21,"download_link":22,"security_score":23,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":33,"analysis":34,"fingerprints":243},"facto-facturacioacuten-electroacutenica","FACTO – Facturación Electrónica","3.0.4","factocl","https:\u002F\u002Fprofiles.wordpress.org\u002Ffactocl\u002F","\u003Cp>Con este plugin Integra el módulo FACTO con tu sitio web y automatiza la emisión de documentos electrónicos cada vez que recibes una compra. Paga de acuerdo a tu monto de documentos emitidos a través de la API.\u003C\u002Fp>\n\u003Ch3>Descripción de la Integración Facto & Woocommerce\u003C\u002Fh3>\n\u003Cp>Conoce las Ventajas:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Ahorra tiempo  emitiendo el documento tributario simultáneamente al momento de la compra en tu tienda online.\u003C\u002Fli>\n\u003Cli>Mejora la atención  al cliente, entregando la boleta o factura de manera inmediata por email.\u003C\u002Fli>\n\u003Cli>Evita errores por doble digitación de las ventas realizadas.\u003C\u002Fli>\n\u003Cli>Ahorra costos, ya que esto reemplaza el sistema tradicional de impresoras térmicas certificadas con el envío físico de timbres a SII.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Información Técnica:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Desarrollado por Facto.cl facturación electrónica.\u003C\u002Fli>\n\u003Cli>Probado en WordPress versión: 6.7.1\u003C\u002Fli>\n\u003Cli>Probado en Woocommerce versión: 9.4.2\u003C\u002Fli>\n\u003Cli>Versión actual: 3.0.4\u003C\u002Fli>\n\u003Cli>Para mayor información visitar: \u003Ca href=\"https:\u002F\u002Fwww.facto.cl\u002Fproducto\u002Fintegracion-facto-woocommerce\u002F\" rel=\"nofollow ugc\">Facto.cl\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Preguntas frecuentes\u003C\u002Fh3>\n\u003Cp>¿El plugin es gratuito?\u003C\u002Fp>\n\u003Cp>Para conocer los valores, por favor visitar: \u003Ca href=\"https:\u002F\u002Fwww.facto.cl\u002Fproducto\u002Fintegracion-facto-api\u002F\" rel=\"nofollow ugc\">Facto.cl\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>¿Hay algún cobro adicional?\u003C\u002Fp>\n\u003Cp>Existe un cobro adicional por concepto de habilitación y certificación de boleta electrónica. Esto en caso de que se requiera emitir boletas electrónicas a través de tu tienda (Si ya eres cliente FACTO y actualmente ya emites boletas electrónicas desde nuestra plataforma FACTO, este cobro no aplica)\u003C\u002Fp>\n\u003Cp>¿Que documentos soporta el plugin?\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Factura electrónica afecta\u003C\u002Fli>\n\u003Cli>Boleta electrónica afecta\u003C\u002Fli>\n\u003Cli>Factura electrónica exenta\u003C\u002Fli>\n\u003Cli>Boleta electrónica exenta\u003C\u002Fli>\n\u003Cli>Factura de exportación electrónica\u003C\u002Fli>\n\u003C\u002Ful>\n","Con este plugin Integra el módulo FACTO con tu sitio web y automatiza la emisión de documentos electrónicos cada vez que recibes una compra.",400,16429,90,2,"2025-07-09T01:08:00.000Z","6.7.5","5.1","5.6",[20],"plugins-de-integracion-con-factura-electronica","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffacto-facturacioacuten-electroacutenica.3.0.4.zip",100,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":11,"avg_security_score":23,"avg_patch_time_days":30,"trust_score":31,"computed_at":32},1,30,94,"2026-04-04T15:16:26.070Z",[],{"attackSurface":35,"codeSignals":112,"taintFlows":190,"riskAssessment":228,"analyzedAt":242},{"hooks":36,"ajaxHandlers":108,"restRoutes":109,"shortcodes":110,"cronEvents":111,"entryPointCount":24,"unprotectedCount":24},[37,43,47,51,54,57,60,63,67,71,75,77,83,87,91,95,100,104],{"type":38,"name":39,"callback":40,"file":41,"line":42},"action","admin_menu","facto_fe_register_admin_page","factofacturacionelectronica_admin.php",8,{"type":38,"name":44,"callback":45,"file":41,"line":46},"admin_init","facto_fe_register_facto_settings",12,{"type":38,"name":48,"callback":49,"file":41,"line":50},"admin_notices","facto_fe_errorordertable",824,{"type":38,"name":48,"callback":52,"file":41,"line":53},"facto_fe_errorlogtable",832,{"type":38,"name":48,"callback":55,"file":41,"line":56},"facto_fe_errornosetup",873,{"type":38,"name":48,"callback":58,"file":41,"line":59},"facto_fe_errornombstring",878,{"type":38,"name":48,"callback":61,"file":41,"line":62},"facto_fe_errornowoocommerce",896,{"type":38,"name":64,"callback":65,"file":41,"line":66},"woocommerce_admin_order_data_after_billing_address","facto_fe_facto_factura_admin",1268,{"type":38,"name":68,"callback":69,"file":41,"line":70},"woocommerce_order_details_after_order_table","facto_fe_facto_factura",1362,{"type":38,"name":64,"callback":72,"priority":73,"file":41,"line":74},"facto_fe_custom_checkout_field_display_admin_order_meta",10,1426,{"type":38,"name":68,"callback":72,"priority":73,"file":41,"line":76},1427,{"type":78,"name":79,"callback":80,"file":81,"line":82},"filter","woocommerce_checkout_fields","facto_fe_checkout_fields","factofacturacionelectronica_checkout.php",41,{"type":38,"name":84,"callback":85,"file":81,"line":86},"woocommerce_after_order_notes","facto_fe_custom_checkout_field",64,{"type":38,"name":88,"callback":89,"file":81,"line":90},"woocommerce_checkout_process","facto_fe_custom_checkout_field_process",269,{"type":38,"name":92,"callback":93,"file":81,"line":94},"woocommerce_checkout_update_order_meta","facto_fe_custom_checkout_field_update_order_meta",323,{"type":38,"name":96,"callback":97,"priority":98,"file":81,"line":99},"woocommerce_thankyou","facto_fe_display_order_data",20,366,{"type":38,"name":101,"callback":102,"priority":98,"file":81,"line":103},"woocommerce_order_status_processing","facto_fe_estado_procesando",367,{"type":38,"name":105,"callback":106,"priority":98,"file":81,"line":107},"woocommerce_order_status_completed","facto_fe_estado_completado",368,[],[],[],[],{"dangerousFunctions":113,"sqlUsage":119,"outputEscaping":122,"fileOperations":188,"externalRequests":14,"nonceChecks":24,"capabilityChecks":24,"bundledLibraries":189},[114],{"fn":115,"file":116,"line":117,"context":118},"unserialize","nusoap\\class.wsdlcache.php",111,"return (!is_null($s)) ? unserialize($s) : null;",{"prepared":120,"raw":24,"locations":121},22,[],{"escaped":123,"rawEcho":30,"locations":124},85,[125,128,130,132,134,136,138,140,142,144,146,148,150,152,154,156,158,160,162,164,166,168,170,173,175,177,179,182,184,186],{"file":41,"line":126,"context":127},244,"raw output",{"file":41,"line":129,"context":127},583,{"file":41,"line":131,"context":127},584,{"file":41,"line":133,"context":127},671,{"file":41,"line":135,"context":127},672,{"file":41,"line":137,"context":127},683,{"file":41,"line":139,"context":127},684,{"file":41,"line":141,"context":127},738,{"file":41,"line":143,"context":127},1293,{"file":41,"line":145,"context":127},1443,{"file":41,"line":147,"context":127},1448,{"file":41,"line":149,"context":127},1453,{"file":41,"line":151,"context":127},1458,{"file":41,"line":153,"context":127},1463,{"file":41,"line":155,"context":127},1467,{"file":41,"line":157,"context":127},1468,{"file":41,"line":159,"context":127},1473,{"file":41,"line":161,"context":127},1477,{"file":41,"line":163,"context":127},1481,{"file":41,"line":165,"context":127},1482,{"file":41,"line":167,"context":127},1487,{"file":41,"line":169,"context":127},1502,{"file":171,"line":172,"context":127},"nusoap\\class.soap_server.php",287,{"file":171,"line":174,"context":127},291,{"file":171,"line":176,"context":127},300,{"file":171,"line":178,"context":127},817,{"file":180,"line":181,"context":127},"nusoap\\nusoap.php",3780,{"file":180,"line":183,"context":127},3784,{"file":180,"line":185,"context":127},3793,{"file":180,"line":187,"context":127},4310,15,[],[191,210],{"entryPoint":192,"graph":193,"unsanitizedCount":29,"severity":209},"facto_fe_submenu_settings_logs (factofacturacionelectronica_admin.php:505)",{"nodes":194,"edges":206},[195,200],{"id":196,"type":197,"label":198,"file":41,"line":199},"n0","source","$_REQUEST",540,{"id":201,"type":202,"label":203,"file":41,"line":204,"wp_function":205},"n1","sink","get_results() [SQLi]",555,"get_results",[207],{"from":196,"to":201,"sanitized":208},false,"high",{"entryPoint":211,"graph":212,"unsanitizedCount":227,"severity":209},"\u003Cfactofacturacionelectronica_admin> (factofacturacionelectronica_admin.php:0)",{"nodes":213,"edges":224},[214,215,216,219],{"id":196,"type":197,"label":198,"file":41,"line":199},{"id":201,"type":202,"label":203,"file":41,"line":204,"wp_function":205},{"id":217,"type":197,"label":218,"file":41,"line":199},"n2","$_REQUEST (x4)",{"id":220,"type":202,"label":221,"file":41,"line":222,"wp_function":223},"n3","echo() [XSS]",1339,"echo",[225,226],{"from":196,"to":201,"sanitized":208},{"from":217,"to":220,"sanitized":208},5,{"summary":229,"deductions":230},"The plugin \"facto-facturacioacuten-electroacutenica\" v3.0.4 exhibits a mixed security posture. On one hand, it demonstrates good practices by utilizing prepared statements for all SQL queries and performing a majority of output escaping. The absence of known CVEs and common vulnerability types in its history is a positive indicator, suggesting a generally stable codebase regarding publicly known exploits.\n\nHowever, significant concerns arise from the static analysis. The presence of the `unserialize` function, especially without any apparent nonce or capability checks, represents a critical potential for remote code execution if an attacker can control the serialized data. Furthermore, the taint analysis revealed two high-severity flows with unsanitized paths, directly linked to this `unserialize` function, indicating that external input could be used in a dangerous manner. The complete lack of nonce and capability checks across all identified entry points, though currently zero in number, leaves the plugin vulnerable if new entry points are introduced or if existing ones are overlooked in the future.\n\nIn conclusion, while the plugin benefits from a clean vulnerability history and good SQL practices, the identified use of `unserialize` with unsanitized input and a complete absence of authorization checks on potential entry points poses a substantial risk. The lack of specific protections for the `unserialize` function is the most pressing concern, potentially allowing for severe security breaches.",[231,233,235,237,239],{"reason":232,"points":188},"Unsanitized path flows (High severity)",{"reason":234,"points":73},"Dangerous function: unserialize used",{"reason":236,"points":227},"No nonce checks on entry points",{"reason":238,"points":227},"No capability checks on entry points",{"reason":240,"points":241},"Less than 100% output escaping",3,"2026-03-16T19:47:07.691Z",{"wat":244,"direct":255},{"assetPaths":245,"generatorPatterns":249,"scriptPaths":250,"versionParams":251},[246,247,248],"\u002Fwp-content\u002Fplugins\u002Ffacto-facturacioacuten-electroacutenica\u002Fjs\u002Ffacto_fe_checkout.js","\u002Fwp-content\u002Fplugins\u002Ffacto-facturacioacuten-electroacutenica\u002Fcss\u002Ffacto_fe_admin.css","\u002Fwp-content\u002Fplugins\u002Ffacto-facturacioacuten-electroacutenica\u002Fjs\u002Ffacto_fe_admin.js",[],[246,248],[252,253,254],"facto-facturacioacuten-electroacutenica\u002Fjs\u002Ffacto_fe_checkout.js?ver=","facto-facturacioacuten-electroacutenica\u002Fcss\u002Ffacto_fe_admin.css?ver=","facto-facturacioacuten-electroacutenica\u002Fjs\u002Ffacto_fe_admin.js?ver=",{"cssClasses":256,"htmlComments":258,"htmlAttributes":259,"restEndpoints":277,"jsGlobals":278,"shortcodeOutput":280},[257],"forminp-text-facto",[],[260,261,262,263,264,265,266,267,268,269,270,271,272,273,274,275,276],"id=\"facto_formulario\"","name=\"facto_webservice_mode\"","id=\"facto_webservice_mode\"","name=\"facto_webservice_user\"","id=\"facto_webservice_user\"","name=\"facto_webservice_pass\"","id=\"facto_webservice_pass\"","name=\"facto_checkbox_fe\"","id=\"facto_checkbox_fe\"","name=\"facto_checkbox_fee\"","id=\"facto_checkbox_fee\"","name=\"facto_checkbox_be\"","id=\"facto_checkbox_be\"","name=\"facto_checkbox_bee\"","id=\"facto_checkbox_bee\"","name=\"facto_checkbox_fex\"","id=\"facto_checkbox_fex\"",[],[279],"facto_changemode",[]]