[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fUA_rxyk8s6s7sSiiogYHRelpoWf_LeoJ-jO3m3PBvbk":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":9,"requires_at_least":9,"requires_php":9,"tags":15,"homepage":16,"download_link":17,"security_score":18,"vuln_count":13,"unpatched_count":13,"last_vuln_date":19,"fetched_at":20,"vulnerabilities":21,"developer":22,"crawl_stats":19,"alternatives":27,"analysis":28,"fingerprints":259},"fermopoint-for-woocommerce","Fermo!Point Woocommerce","1.3.1","digitalissimo","https:\u002F\u002Fprofiles.wordpress.org\u002Fdigitalissimo\u002F","","Tags: woocommerce, fermopoint, shipping Version: 1.3.1 Requires at least: 3.0.1 Tested up to: 4.9.6 Stable tag: 4.9.6 License: GPLv2 or later Licens …",10,1808,0,"2018-06-20T15:30:00.000Z",[],"http:\u002F\u002Fplugin.digitalissimoweb.it\u002Ffermopoint","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffermopoint-for-woocommerce.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":23,"total_installs":24,"avg_security_score":18,"avg_patch_time_days":24,"trust_score":25,"computed_at":26},3,30,84,"2026-04-04T14:18:10.267Z",[],{"attackSurface":29,"codeSignals":173,"taintFlows":246,"riskAssessment":247,"analyzedAt":258},{"hooks":30,"ajaxHandlers":151,"restRoutes":169,"shortcodes":170,"cronEvents":171,"entryPointCount":172,"unprotectedCount":172},[31,36,41,45,49,53,57,61,65,67,68,69,70,71,72,73,74,77,79,81,85,89,92,95,98,100,102,104,108,112,115,120,125,128,130,133,135,140,144,148],{"type":32,"name":33,"callback":33,"priority":11,"file":34,"line":35},"filter","plugin_row_meta","admin\\class-fermopoint-admin - Copia.php",135,{"type":37,"name":38,"callback":39,"priority":11,"file":34,"line":40},"action","woocommerce_admin_order_data_after_shipping_address","fermopoint_datafield",139,{"type":37,"name":42,"callback":43,"priority":11,"file":34,"line":44},"woocommerce_order_status_changed","fermopoint_order_status",143,{"type":37,"name":46,"callback":47,"priority":11,"file":34,"line":48},"woocommerce_email_before_order_table","add_order_email_fermopoint",147,{"type":37,"name":50,"callback":51,"file":34,"line":52},"admin_menu","register_menuFermopoint",151,{"type":37,"name":54,"callback":55,"file":34,"line":56},"woocommerce_after_mini_cart","fermopoint_page",381,{"type":37,"name":58,"callback":59,"file":34,"line":60},"woocommerce_shipping_init","fermopoint_shipping_method_init",761,{"type":32,"name":62,"callback":63,"file":34,"line":64},"woocommerce_shipping_methods","add_FermoPoint_shipping_method",781,{"type":32,"name":33,"callback":33,"priority":11,"file":66,"line":35},"admin\\class-fermopoint-admin-legacy.php",{"type":37,"name":38,"callback":39,"priority":11,"file":66,"line":40},{"type":37,"name":42,"callback":43,"priority":11,"file":66,"line":44},{"type":37,"name":46,"callback":47,"priority":11,"file":66,"line":48},{"type":37,"name":50,"callback":51,"file":66,"line":52},{"type":37,"name":54,"callback":55,"file":66,"line":56},{"type":37,"name":58,"callback":59,"file":66,"line":60},{"type":32,"name":62,"callback":63,"file":66,"line":64},{"type":32,"name":33,"callback":33,"priority":11,"file":75,"line":76},"admin\\class-fermopoint-admin.php",77,{"type":37,"name":38,"callback":39,"priority":11,"file":75,"line":78},81,{"type":37,"name":46,"callback":47,"priority":11,"file":75,"line":80},83,{"type":37,"name":82,"callback":83,"priority":11,"file":75,"line":84},"woocommerce_order_status_failed","fermopoint_order_cancel",89,{"type":37,"name":86,"callback":87,"priority":11,"file":75,"line":88},"woocommerce_order_status_processing","order_fermopoint_book",91,{"type":37,"name":90,"callback":87,"priority":11,"file":75,"line":91},"woocommerce_order_status_completed",93,{"type":37,"name":93,"callback":83,"priority":11,"file":75,"line":94},"woocommerce_order_status_refunded",95,{"type":37,"name":96,"callback":83,"priority":11,"file":75,"line":97},"woocommerce_order_status_cancelled",97,{"type":37,"name":54,"callback":55,"file":75,"line":99},474,{"type":37,"name":58,"callback":59,"file":75,"line":101},635,{"type":32,"name":62,"callback":63,"file":75,"line":103},649,{"type":37,"name":50,"callback":105,"file":106,"line":107},"FERMOPOINT_add_admin_menu","admin\\includes\\settings-general-fermopoint.php",5,{"type":37,"name":109,"callback":110,"file":106,"line":111},"admin_init","FERMOPOINT_settings_init",9,{"type":37,"name":109,"callback":113,"file":106,"line":114},"fermopoint_mysettings",13,{"type":37,"name":116,"callback":117,"file":118,"line":119},"woocommerce_before_order_notes","fermopoint_maps_cart","function.php",69,{"type":37,"name":121,"callback":122,"file":123,"line":124},"plugins_loaded","anonymous","includes\\class-fermopoint.php",313,{"type":37,"name":126,"callback":122,"file":123,"line":127},"admin_enqueue_scripts",343,{"type":37,"name":126,"callback":122,"file":123,"line":129},345,{"type":37,"name":131,"callback":122,"file":123,"line":132},"wp_enqueue_scripts",375,{"type":37,"name":131,"callback":122,"file":123,"line":134},377,{"type":37,"name":136,"callback":137,"file":138,"line":139},"woocommerce_checkout_fields","checkfermopoint_book","public\\class-fermopoint-public-legacy.php",129,{"type":37,"name":141,"callback":142,"priority":11,"file":138,"line":143},"woocommerce_checkout_update_order_meta","checkfermopoint_book_fieldupdate",131,{"type":32,"name":145,"callback":146,"file":138,"line":147},"woocommerce_ship_to_different_address_checked","__return_true",601,{"type":37,"name":141,"callback":142,"priority":11,"file":149,"line":150},"public\\class-fermopoint-public.php",213,[152,157,159,162,164,167],{"action":153,"nopriv":154,"callback":153,"hasNonce":155,"hasCapCheck":155,"file":138,"line":156},"callfermopointapi",true,false,111,{"action":153,"nopriv":155,"callback":153,"hasNonce":155,"hasCapCheck":155,"file":138,"line":158},113,{"action":160,"nopriv":155,"callback":160,"hasNonce":155,"hasCapCheck":155,"file":138,"line":161},"resetfermopoint",115,{"action":160,"nopriv":154,"callback":160,"hasNonce":155,"hasCapCheck":155,"file":138,"line":163},117,{"action":165,"nopriv":155,"callback":165,"hasNonce":155,"hasCapCheck":155,"file":138,"line":166},"currentpage",121,{"action":165,"nopriv":154,"callback":165,"hasNonce":155,"hasCapCheck":155,"file":138,"line":168},123,[],[],[],6,{"dangerousFunctions":174,"sqlUsage":175,"outputEscaping":178,"fileOperations":13,"externalRequests":244,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":245},[],{"prepared":176,"raw":13,"locations":177},1,[],{"escaped":179,"rawEcho":180,"locations":181},18,33,[182,185,187,189,191,193,194,195,196,197,198,200,202,204,206,208,210,212,214,216,218,220,222,224,226,228,230,232,234,236,238,240,242],{"file":34,"line":183,"context":184},805,"raw output",{"file":34,"line":186,"context":184},1003,{"file":34,"line":188,"context":184},1215,{"file":34,"line":190,"context":184},1217,{"file":34,"line":192,"context":184},1247,{"file":66,"line":183,"context":184},{"file":66,"line":186,"context":184},{"file":66,"line":188,"context":184},{"file":66,"line":190,"context":184},{"file":66,"line":192,"context":184},{"file":75,"line":199,"context":184},671,{"file":75,"line":201,"context":184},701,{"file":106,"line":203,"context":184},312,{"file":106,"line":205,"context":184},356,{"file":106,"line":207,"context":184},396,{"file":106,"line":209,"context":184},436,{"file":106,"line":211,"context":184},472,{"file":106,"line":213,"context":184},500,{"file":106,"line":215,"context":184},1088,{"file":106,"line":217,"context":184},1131,{"file":106,"line":219,"context":184},1135,{"file":106,"line":221,"context":184},1175,{"file":106,"line":223,"context":184},1185,{"file":106,"line":225,"context":184},1187,{"file":106,"line":227,"context":184},1189,{"file":106,"line":229,"context":184},1191,{"file":106,"line":231,"context":184},1207,{"file":106,"line":233,"context":184},1209,{"file":118,"line":235,"context":184},90,{"file":118,"line":237,"context":184},106,{"file":118,"line":239,"context":184},138,{"file":138,"line":241,"context":184},229,{"file":138,"line":243,"context":184},437,12,[],[],{"summary":248,"deductions":249},"The \"fermopoint-for-woocommerce\" plugin version 1.3.1 exhibits a concerning security posture primarily due to its unprotected entry points. While the plugin demonstrates good practices in SQL query handling by exclusively using prepared statements and does not appear to bundle any libraries, its static analysis reveals a significant vulnerability.  All six identified AJAX handlers lack authentication checks, presenting a wide attack surface for unauthenticated users.  Furthermore, the output escaping is only at 35%, indicating a high likelihood of cross-site scripting (XSS) vulnerabilities in the outputs of these unprotected AJAX handlers. The absence of any recorded historical vulnerabilities is a positive sign, suggesting the developers may be diligent, but it does not negate the critical flaws identified in the current code analysis. The lack of nonce checks on AJAX handlers compounds the risk, making it easier for attackers to trigger these endpoints with malicious intent. The plugin's strength lies in its clean SQL handling, but this is heavily overshadowed by the numerous unprotected entry points and poor output sanitization.",[250,252,255],{"reason":251,"points":11},"AJAX handlers without authentication checks",{"reason":253,"points":254},"Low percentage of properly escaped output",8,{"reason":256,"points":257},"AJAX handlers without nonce checks",7,"2026-03-17T00:37:28.459Z",{"wat":260,"direct":269},{"assetPaths":261,"generatorPatterns":264,"scriptPaths":265,"versionParams":266},[262,263],"\u002Fwp-content\u002Fplugins\u002Ffermopoint-for-woocommerce\u002Fcss\u002Ffermopoint-admin.css","\u002Fwp-content\u002Fplugins\u002Ffermopoint-for-woocommerce\u002Fjs\u002Ffermopoint-admin.js",[],[263],[267,268],"fermopoint-admin.css?ver=","fermopoint-admin.js?ver=",{"cssClasses":270,"htmlComments":272,"htmlAttributes":273,"restEndpoints":275,"jsGlobals":276,"shortcodeOutput":278},[271],"fermopoint-admin-css",[],[274],"data-fermopoint-checkout",[],[277],"fermopoint_php_var",[279],"[fermopoint_checkout]"]