[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$ftTwq3hrIdpG8T5AeSVauc1BXrhPZm_AEWiAJlDSC3Wo":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":36,"analysis":117,"fingerprints":328},"flexible-invoices-gtu","GTU dla Faktur WooCommerce","1.0.21","wpdesk","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpdesk\u002F","\u003Cp>GTU is an abbreviation for “goods and services groups”. The GTU code defines 13 groups of goods or services. Active VAT taxpayers who sell goods or services requiring a GTU code designation are obliged to provide the GTU code.\u003C\u002Fp>\n\u003Cp>The plugin adds support for goods and services designations (GTU codes) on documents created by \u003Ca href=\"https:\u002F\u002Fwww.wpdesk.pl\u002Fsk\u002Fflexible-invoices-gtu-fi-pro\" rel=\"nofollow ugc\">\u003Cstrong>Flexible Invoices for WooCommerce PRO\u003C\u002Fstrong>\u003C\u002Fa> ⭐.\u003C\u002Fp>\n\u003Cp>It also works great with the \u003Ca href=\"https:\u002F\u002Fwww.wpdesk.pl\u002Fsk\u002Fflexible-invoices-gtu-adv-rep\" rel=\"nofollow ugc\">\u003Cstrong>Advanced Reports\u003C\u002Fstrong>\u003C\u002Fa> plugin, which allows exporting invoices to CSV files \u003Cstrong>along with GTU codes\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch3>Invoicing in WooCommerce with GTU codes\u003C\u002Fh3>\n\u003Cp>After installing Flexible Invoices for WooCommerce PRO and GTU for Flexible Invoices WooCommerce, follow the steps below to display GTU codes on generated invoices.\u003C\u002Fp>\n\u003Ch4>Configuration\u003C\u002Fh4>\n\u003Cp>The following configuration applies to sites where the Flexible Invoices for WooCommerce PRO plugin is already installed.\u003C\u002Fp>\n\u003Col>\n\u003Cli>Go to the product edit screen,\u003C\u002Fli>\n\u003Cli>Find the GTU Code selection field in the WooCommerce tabs (see screenshots),\u003C\u002Fli>\n\u003Cli>Select the GTU code that should be displayed on the invoice,\u003C\u002Fli>\n\u003Cli>Update the product.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>The code will be visible on invoices that include a product with a set GTU code, and on the invoice edit screen.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.wpdesk.pl\u002Fsk\u002Fflexible-invoices-gtu-pro-docs\" rel=\"nofollow ugc\">\u003Cstrong>Visit the Flexible Invoices for WooCommerce PRO plugin documentation\u003C\u002Fstrong>\u003C\u002Fa> to learn more about the settings and advanced invoicing capabilities in WooCommerce.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>The plugin requires the PRO version of the\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwww.wpdesk.pl\u002Fsk\u002Fflexible-invoices-gtu-fi-pro\" rel=\"nofollow ugc\">\u003Cstrong>Flexible Invoices for WooCommerce\u003C\u002Fstrong>\u003C\u002Fa> ⭐ \u003Cstrong>plugin to work correctly\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch4>Key features of the Flexible Invoices for WooCommerce PRO plugin\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Automatic and secure issuing of invoices\u003C\u002Fstrong>, proformas, and correction invoices compliant with Polish and European law 🪙.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Invoices for VAT payers and companies exempt from VAT\u003C\u002Fstrong> 📑.\u003C\u002Fli>\n\u003Cli>Bulk download of invoices, reports, and advanced invoicing options in WooCommerce 📩.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Manual creation of invoices in WordPress and WooCommerce\u003C\u002Fstrong> and easy document editing 📝.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Issuing invoices with reverse charge, OSS, MOSS, and with automatic validation of VAT numbers in the VIES database\u003C\u002Fstrong> 🏴.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Currency conversion of the VAT amount\u003C\u002Fstrong> for sales in other currencies 💶.\u003C\u002Fli>\n\u003Cli>Automatic sending of invoices to customers, customization of invoice data, and modification of document templates ⏩.\u003C\u002Fli>\n\u003Cli>Support for WPML, WooCommerce Subscriptions, \u003Ca href=\"https:\u002F\u002Fwww.wpdesk.pl\u002Fsk\u002Fflexible-invoices-gtu-ap\" rel=\"nofollow ugc\">\u003Cstrong>Active Payments\u003C\u002Fstrong>\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwww.wpdesk.pl\u002Fsk\u002Fflexible-invoices-gtu-allegro\" rel=\"nofollow ugc\">\u003Cstrong>Allegro WooCommerce\u003C\u002Fstrong>\u003C\u002Fa> and other \u003Ca href=\"https:\u002F\u002Fwww.wpdesk.pl\u002Fsk\u002Fflexible-invoices-gtu-plugins\" rel=\"nofollow ugc\">\u003Cstrong>WP Desk plugins\u003C\u002Fstrong>\u003C\u002Fa> ✅.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Professional technical support and plugin updates\u003C\u002Fstrong> 🏆.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Installation\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Upload the plugin files to the \u003Ccode>\u002Fwp-content\u002Fplugins\u002F\u003C\u002Fcode> directory, or install the plugin through the WordPress plugins screen directly.\u003C\u002Fli>\n\u003Cli>Activate the plugin through the ‘Plugins’ screen in WordPress.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Demo\u003C\u002Fh3>\n\u003Cp>You can test GTU for Flexible Invoices WooCommerce in our free \u003Ca href=\"https:\u002F\u002Fwpdesk.link\u002Fflexible-invoices-gtu-demo\" rel=\"nofollow ugc\">\u003Cstrong>WP Desk plugins demo\u003C\u002Fstrong>\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Data use policy\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.wpdesk.pl\u002Fsk\u002Fflexible-invoices-gtu-privacy\" rel=\"nofollow ugc\">Data processing policy for WP Desk plugins\u003C\u002Fa>\u003C\u002Fp>\n","Support for goods and services designations (GTU codes) on documents created by the Flexible Invoices for WooCommerce PRO plugin.",10,4318,0,"2026-03-07T03:09:00.000Z","6.9.4","6.4","7.4",[19,20,21,22],"faktury","gtu","gtu-na-fakturze","jpk","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fflexible-invoices-gtu","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fflexible-invoices-gtu.1.0.21.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":32,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},23,126710,99,135,78,"2026-04-04T00:43:58.930Z",[37,58,79,98],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":25,"downloaded":45,"rating":13,"num_ratings":13,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":49,"tags":50,"homepage":55,"download_link":56,"security_score":57,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"ing-ksiegowosc","ING Księgowość","1.0.5","radoslawlyzniak","https:\u002F\u002Fprofiles.wordpress.org\u002Fradoslawlyzniak\u002F","\u003Cp>ING Księgowość to aplikacja pozwalająca na rejestrowanie faktur zakupu i sprzedaży oraz ich zaksięgowanie – dzięki temu masz wszystkie sprawy firmy w jednym miejscu. Jeśli dodatkowo posiadasz rachunek firmowy w ING, możesz zlecać płatności za dokumenty kosztowe.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.ing.pl\u002Flp\u002Fkonto-dla-firmy-otworz?site=1&utm_source=udb&utm_medium=ksiegowosc&utm_campaign=WordPress_appstore\" rel=\"nofollow ugc\">Załóż rachunek dla firmy w ING Banku\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Nasza wtyczka działa w powiązaniu z wtyczką WooCommerce.\u003Cbr \u002F>\nPo dokonaniu zakupu w Twoim sklepie informacja na temat zrealizowanej płatności trafia do ING Księgowość, gdzie automatycznie jest tworzona faktura dla klienta.\u003C\u002Fp>\n\u003Cp>Jeżeli prowadzisz sprzedaż także dla firm, zalecamy dodatkowo zainstalowanie wtyczki Flexible Chechout Fields for WooCommerce – pozwala ona na dodanie do formularza płatności pola na numer NIP.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.ingksiegowosc.pl\u002F_fileserver\u002Fitem\u002Fqz7baiy\" rel=\"nofollow ugc\">Sprawdź, jak powiązać WooCommerce z ING Księgowość krok po kroku\u003C\u002Fa>\u003C\u002Fp>\n","Niech faktury za zakupy Twoich klientów wystawiają się automatycznie! Wtyczka pozwala na powiązanie sklepu z kontem firmy w aplikacji ING Księgowość",2202,"2025-03-19T12:57:00.000Z","6.7.5","4.7","5.6.0",[19,51,52,53,54],"ing","ingksiegowosc","invoices","ksiegowosc","https:\u002F\u002Fwww.ingksiegowosc.pl\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fing-ksiegowosc.1.0.5.zip",92,{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":13,"downloaded":66,"rating":13,"num_ratings":13,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":70,"tags":71,"homepage":76,"download_link":77,"security_score":78,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"estrx-payu-purchase","PayU Purchase","1.0","kamilmucik","https:\u002F\u002Fprofiles.wordpress.org\u002Fkamilmucik\u002F","\u003Cp>Plug-in do a purchase in case you have PayU account\u003C\u002Fp>\n\u003Ch4>Contributions\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>This plugin was originally developed by \u003Ca href=\"http:\u002F\u002Fwww.e-strix.pl\u002F\" rel=\"nofollow ugc\">e-Strix Kamil Mucik\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Upload plug-in to wp-content\u002Fplugins\u003C\u002Fli>\n\u003C\u002Fol>\n","Plug-in do a purchase in case you have PayU account",1132,"2018-05-25T10:35:00.000Z","4.9.29","4.0","5.6",[72,19,73,74,75],"e-strix","payu","purchase","platnosci","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Festrx-payu-purchase.zip",85,{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":13,"downloaded":87,"rating":25,"num_ratings":88,"last_updated":89,"tested_up_to":90,"requires_at_least":91,"requires_php":92,"tags":93,"homepage":96,"download_link":97,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"kpir","KPiR","1.1.3","Marcin Pietrzak","https:\u002F\u002Fprofiles.wordpress.org\u002Fiworks\u002F","\u003Cp>\u003Cstrong>KPiR\u003C\u002Fstrong> streamlines small business bookkeeping for entrepreneurs in Poland. It’s designed for simplicity, compliance, and seamless integration with your WordPress website.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Manage small business bookkeeping tailored to Polish regulations.\u003C\u002Fli>\n\u003Cli>Generate JPK V7M and JPK-VAT XML reports for Polish tax compliance.\u003C\u002Fli>\n\u003Cli>Track expenses, assets, and VAT rates, including car-related expenses with customizable rates (20%, 75%, 100%).\u003C\u002Fli>\n\u003Cli>Annual and monthly financial reporting.\u003C\u002Fli>\n\u003Cli>Input sanitization and validation for data integrity and security.\u003C\u002Fli>\n\u003Cli>Localization support (Polish translation included).\u003C\u002Fli>\n\u003Cli>Regular updates for compatibility with the latest WordPress and Polish tax law changes.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Who Is It For?\u003C\u002Fstrong>\u003Cbr \u002F>\nKPiR is perfect for small business owners, freelancers, and sole proprietors in Poland who need a straightforward, WordPress-integrated solution for managing their accounting records and fulfilling local tax obligations.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Open Source & Development:\u003C\u002Fstrong>\u003Cbr \u002F>\nKPiR is open source and actively maintained, with contributions from the community and regular updates reflecting changes in Polish tax regulations. The plugin is available also on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fiworks\u002Fkpir\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n","Effortless Polish bookkeeping for small businesses—track expenses, manage VAT, and generate JPK reports directly from your WordPress dashboard.",2548,1,"2026-02-21T07:18:00.000Z","6.8.5","6.0","8.0",[94,22,80,54,95],"faktura","vat","http:\u002F\u002Fiworks.pl\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkpir.1.1.3.zip",{"slug":99,"name":100,"version":101,"author":102,"author_profile":103,"description":104,"short_description":105,"active_installs":13,"downloaded":106,"rating":13,"num_ratings":13,"last_updated":107,"tested_up_to":108,"requires_at_least":69,"requires_php":70,"tags":109,"homepage":76,"download_link":115,"security_score":78,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":116},"pagtur-woocommerce","PagTur for WooCommerce","1.1","Grupo Pagtur - Soluções em Meios de Pagamentos","https:\u002F\u002Fprofiles.wordpress.org\u002Fpagtur\u002F","\u003Cp>Accept Brazilian credit cards with installments up to 12x.\u003Cbr \u002F>\nAutomatic exchange USD x BRL and EUR x BRL.\u003C\u002Fp>\n\u003Ch3>Security section\u003C\u002Fh3>\n\u003Cp>We are a PCI compliant company.\u003C\u002Fp>\n","PagTur Payment Plugin for WooCommerce",3997,"2019-11-08T13:31:00.000Z","5.1.22",[110,111,112,113,114],"brazil","brazilian-payment","pagtur","payment-gateway","woocommerce","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpagtur-woocommerce.zip","2026-03-15T14:54:45.397Z",{"attackSurface":118,"codeSignals":217,"taintFlows":288,"riskAssessment":314,"analyzedAt":327},{"hooks":119,"ajaxHandlers":208,"restRoutes":214,"shortcodes":215,"cronEvents":216,"entryPointCount":88,"unprotectedCount":13},[120,126,130,134,138,142,146,149,153,157,162,165,168,174,177,182,185,188,191,194,199,201,204],{"type":121,"name":122,"callback":123,"file":124,"line":125},"action","woocommerce_product_options_general_product_data","render_select","src\\Plugin\\Flexible_Invoices_Integration.php",36,{"type":121,"name":127,"callback":128,"file":124,"line":129},"woocommerce_process_product_meta","save_product_meta_value",37,{"type":121,"name":131,"callback":132,"priority":11,"file":124,"line":133},"fi\u002Fcore\u002Fdocument\u002Fsave","save_document_post_meta",38,{"type":121,"name":135,"callback":136,"priority":11,"file":124,"line":137},"fi\u002Fcore\u002Ftemplate\u002Finvoice\u002Fafter_notes","after_invoice_notes",39,{"type":121,"name":139,"callback":140,"priority":11,"file":124,"line":141},"fi\u002Fcore\u002Flayout\u002Fmetabox\u002Fpayment\u002Fafter","after_meta_box_payment",40,{"type":121,"name":143,"callback":143,"file":144,"line":145},"admin_enqueue_scripts","vendor_prefixed\\wpdesk\\wp-builder\\src\\Plugin\\AbstractPlugin.php",148,{"type":121,"name":147,"callback":147,"file":144,"line":148},"wp_enqueue_scripts",149,{"type":121,"name":143,"callback":150,"file":151,"line":152},"enqueueAdminScripts","vendor_prefixed\\wpdesk\\wp-notice\\src\\WPDesk\\Notice\\AjaxHandler.php",41,{"type":121,"name":154,"callback":155,"file":151,"line":156},"admin_head","addScriptToAdminHead",43,{"type":121,"name":158,"callback":159,"file":160,"line":161},"admin_notices","showNotice","vendor_prefixed\\wpdesk\\wp-notice\\src\\WPDesk\\Notice\\Notice.php",155,{"type":121,"name":163,"callback":159,"file":160,"line":164},"admin_footer",156,{"type":121,"name":154,"callback":166,"file":160,"line":167},"addGutenbergScript",157,{"type":169,"name":170,"callback":171,"file":172,"line":173},"filter","wp_autoloader_loader_loaders_to_load","anonymous","vendor_prefixed\\wpdesk\\wp-plugin-flow-common\\src\\Initialization\\PluginDisablerByFileTrait.php",45,{"type":169,"name":175,"callback":171,"file":172,"line":176},"wp_autoloader_loader_loaders_to_create",46,{"type":121,"name":178,"callback":179,"file":180,"line":181},"plugins_loaded","closure","vendor_prefixed\\wpdesk\\wp-plugin-flow-common\\src\\Initialization\\Simple\\SimplePaidStrategy.php",58,{"type":121,"name":178,"callback":179,"file":183,"line":184},"vendor_prefixed\\wpdesk\\wp-plugin-flow-common\\src\\PluginBootstrap.php",81,{"type":121,"name":186,"callback":179,"file":183,"line":187},"before_woocommerce_init",88,{"type":121,"name":189,"callback":179,"file":183,"line":190},"activated_plugin",102,{"type":121,"name":143,"callback":143,"file":192,"line":193},"vendor_prefixed\\wpdesk\\wp-wpdesk-tracker\\src\\PSR\\WPDesk\\Tracker\\Assets.php",28,{"type":121,"name":195,"callback":196,"file":197,"line":198},"admin_menu","add_submenu_page","vendor_prefixed\\wpdesk\\wp-wpdesk-tracker\\src\\PSR\\WPDesk\\Tracker\\OptInPage.php",35,{"type":121,"name":200,"callback":200,"file":197,"line":125},"admin_init",{"type":121,"name":158,"callback":202,"file":203,"line":193},"handle_opt_out","vendor_prefixed\\wpdesk\\wp-wpdesk-tracker\\src\\PSR\\WPDesk\\Tracker\\OptOut.php",{"type":169,"name":205,"callback":206,"priority":11,"file":207,"line":125},"plugin_row_meta","append_plugin_action_links_to_row_meta","vendor_prefixed\\wpdesk\\wp-wpdesk-tracker\\src\\PSR\\WPDesk\\Tracker\\PluginActionLinks.php",[209],{"action":210,"nopriv":211,"callback":212,"hasNonce":213,"hasCapCheck":213,"file":151,"line":173},"wpdesk_notice_dismiss",false,"processAjaxNoticeDismiss",true,[],[],[],{"dangerousFunctions":218,"sqlUsage":234,"outputEscaping":243,"fileOperations":141,"externalRequests":88,"nonceChecks":255,"capabilityChecks":286,"bundledLibraries":287},[219,224,229],{"fn":220,"file":221,"line":222,"context":223},"proc_open","vendor_prefixed\\monolog\\monolog\\src\\Monolog\\Handler\\ProcessHandler.php",104,"$this->process = proc_open($this->command, static::DESCRIPTOR_SPEC, $this->pipes, $this->cwd);",{"fn":225,"file":226,"line":227,"context":228},"passthru","vendor_prefixed\\wpdesk\\wp-codeception\\src\\WPDesk\\Composer\\Commands\\BaseCommand.php",20,"passthru($command);",{"fn":230,"file":231,"line":232,"context":233},"unserialize","vendor_prefixed\\wpdesk\\wp-persistence\\src\\Decorator\\SerializedPersistentContainer.php",24,"return unserialize($this->container->get($id));",{"prepared":13,"raw":235,"locations":236},2,[237,241],{"file":238,"line":239,"context":240},"vendor_prefixed\\wpdesk\\wp-wpdesk-tracker\\src\\data_provider\\class-wpdesk-tracker-data-provider-orders-country.php",31,"$wpdb->get_results() with variable interpolation",{"file":242,"line":239,"context":240},"vendor_prefixed\\wpdesk\\wp-wpdesk-tracker\\src\\data_provider\\class-wpdesk-tracker-data-provider-orders-month.php",{"escaped":30,"rawEcho":244,"locations":245},18,[246,249,251,253,256,259,262,265,267,270,272,273,275,278,280,281,284,285],{"file":124,"line":247,"context":248},57,"raw output",{"file":124,"line":250,"context":248},113,{"file":124,"line":252,"context":248},125,{"file":254,"line":255,"context":248},"src\\templates\\after-invoice-notes.php",4,{"file":257,"line":258,"context":248},"src\\templates\\meta-box-payment.php",7,{"file":260,"line":261,"context":248},"vendor_prefixed\\monolog\\monolog\\src\\Monolog\\Handler\\BrowserConsoleHandler.php",114,{"file":263,"line":264,"context":248},"vendor_prefixed\\wpdesk\\wp-basic-requirements\\src\\Basic_Requirement_Checker.php",598,{"file":160,"line":266,"context":248},250,{"file":268,"line":269,"context":248},"vendor_prefixed\\wpdesk\\wp-wpdesk-tracker\\src\\PSR\\WPDesk\\Tracker\\views\\tracker-connect.php",19,{"file":268,"line":271,"context":248},33,{"file":268,"line":133,"context":248},{"file":268,"line":274,"context":248},89,{"file":276,"line":277,"context":248},"vendor_prefixed\\wpdesk\\wp-wpdesk-tracker\\src\\views\\tracker-connect.php",25,{"file":276,"line":279,"context":248},30,{"file":276,"line":184,"context":248},{"file":282,"line":283,"context":248},"vendor_prefixed\\wpdesk\\wp-wpdesk-tracker\\src\\views\\tracker-notice.php",22,{"file":282,"line":277,"context":248},{"file":282,"line":271,"context":248},3,[],[289,306],{"entryPoint":290,"graph":291,"unsanitizedCount":13,"severity":305},"processAjaxNoticeDismiss (vendor_prefixed\\wpdesk\\wp-notice\\src\\WPDesk\\Notice\\AjaxHandler.php:67)",{"nodes":292,"edges":303},[293,298],{"id":294,"type":295,"label":296,"file":151,"line":297},"n0","source","$_POST",70,{"id":299,"type":300,"label":301,"file":151,"line":184,"wp_function":302},"n1","sink","update_option() [Settings Manipulation]","update_option",[304],{"from":294,"to":299,"sanitized":213},"low",{"entryPoint":307,"graph":308,"unsanitizedCount":13,"severity":305},"\u003CAjaxHandler> (vendor_prefixed\\wpdesk\\wp-notice\\src\\WPDesk\\Notice\\AjaxHandler.php:0)",{"nodes":309,"edges":312},[310,311],{"id":294,"type":295,"label":296,"file":151,"line":297},{"id":299,"type":300,"label":301,"file":151,"line":184,"wp_function":302},[313],{"from":294,"to":299,"sanitized":213},{"summary":315,"deductions":316},"The flexible-invoices-gtu plugin v1.0.21 exhibits a generally positive security posture with a small attack surface and a complete absence of known vulnerabilities. The static analysis shows a commendable effort in implementing nonce and capability checks on its entry points, particularly the AJAX handler, which is crucial for preventing unauthorized actions. The plugin also demonstrates good practices regarding output escaping, with over half of the identified outputs being properly secured.\n\nHowever, there are notable concerns. The presence of dangerous functions like `proc_open` and `passthru` raises a red flag, as these functions can be exploited for arbitrary code execution if not handled with extreme care and robust sanitization, which is not explicitly detailed in the provided taint analysis results. Furthermore, the execution of SQL queries without prepared statements is a significant risk, leaving the plugin vulnerable to SQL injection attacks. The high number of file operations also warrants attention, as improper handling could lead to directory traversal or unauthorized file modification.\n\nDespite the lack of historical vulnerabilities, the presence of dangerous functions and raw SQL queries points to potential weaknesses that could be exploited. The plugin's strengths lie in its limited attack surface and the presence of authentication checks. However, the identified risky coding practices, particularly around dangerous functions and SQL execution, introduce significant potential risks that need to be addressed.",[317,320,322,325],{"reason":318,"points":319},"Dangerous functions: proc_open, passthru detected",15,{"reason":321,"points":11},"SQL queries without prepared statements",{"reason":323,"points":324},"Significant number of file operations",5,{"reason":326,"points":324},"Unescaped output found","2026-03-16T23:49:08.453Z",{"wat":329,"direct":343},{"assetPaths":330,"generatorPatterns":335,"scriptPaths":336,"versionParams":338},[331,332,333,334],"\u002Fwp-content\u002Fplugins\u002Fflexible-invoices-gtu\u002Fassets\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Fflexible-invoices-gtu\u002Fassets\u002Fcss\u002Ffrontend.css","\u002Fwp-content\u002Fplugins\u002Fflexible-invoices-gtu\u002Fassets\u002Fjs\u002Fadmin.js","\u002Fwp-content\u002Fplugins\u002Fflexible-invoices-gtu\u002Fassets\u002Fjs\u002Ffrontend.js",[],[337],"\u002Fwp-content\u002Fplugins\u002Fflexible-invoices-gtu\u002Fvendor_prefixed\u002Fwpdesk\u002Fwp-plugin-flow-common\u002Fsrc\u002Fplugin-init-php52-free.php",[339,340,341,342],"flexible-invoices-gtu\u002Fassets\u002Fcss\u002Fadmin.css?ver=","flexible-invoices-gtu\u002Fassets\u002Fcss\u002Ffrontend.css?ver=","flexible-invoices-gtu\u002Fassets\u002Fjs\u002Fadmin.js?ver=","flexible-invoices-gtu\u002Fassets\u002Fjs\u002Ffrontend.js?ver=",{"cssClasses":344,"htmlComments":345,"htmlAttributes":346,"restEndpoints":347,"jsGlobals":348,"shortcodeOutput":349},[],[],[],[],[],[]]