[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f8ACSDJN82XhUZUYTTd6nslhLHbg0XX_YuJ77P-lfA_0":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":22,"download_link":23,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":36,"analysis":125,"fingerprints":217},"go-dark","Go Dark","1.0.7","George Stephanis","https:\u002F\u002Fprofiles.wordpress.org\u002Fgeorgestephanis\u002F","\u003Cp>This plugin enables websites to ‘go dark’ on January 18th with a customizable message and start\u002Fend times to protest SOPA\u002FPIPA and Internet Censorship\u003C\u002Fp>\n\u003Cp>It enables you to customize the message displayed on the front end, and optionally display either a stylized ‘Censored’ sign or seal.\u003C\u002Fp>\n\u003Cp>When ‘dark’ your website will return a \u003Ccode>503 Service Temporarily Unavailable\u003C\u002Fcode> status code so as to not damage your search engine rankings, as well as specify the length of time for the visitor to try back after.\u003C\u002Fp>\n\u003Ch4>Credits\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Design and Sign\u002FSeal was created by Cheryl Eisenhard ( http:\u002F\u002Fcheryleisenhard.com\u002F )\u003C\u002Fli>\n\u003Cli>Development by George Stephanis ( http:\u002F\u002Fstephanis.info\u002F )\u003C\u002Fli>\n\u003Cli>Wood Grain Background taken from http:\u002F\u002Fwebtreats.mysitemyway.com\u002F8-tileable-dark-wood-texture-patterns\u002F\u003C\u002Fli>\n\u003C\u002Ful>\n","This SEO-Friendly plugin enables websites to 'go dark' on January 18th with a customizable message and start\u002Fend times to protest SOPA\u002FPIPA  …",10,7114,0,"2012-01-18T14:12:00.000Z","3.3.2","2.7","",[4,19,20,21],"internet-censorship","pipa","sopa","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fgo-dark\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgo-dark.1.0.7.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":32,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"georgestephanis",16,15630,86,30,84,"2026-04-04T15:09:04.323Z",[37,54,77,88,110],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":33,"downloaded":45,"rating":13,"num_ratings":13,"last_updated":46,"tested_up_to":15,"requires_at_least":47,"requires_php":17,"tags":48,"homepage":52,"download_link":53,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"sopa-blackout-plugin","SOPA Blackout Plugin","1.0.6","Ben Welch-bolen","https:\u002F\u002Fprofiles.wordpress.org\u002Fbenwb\u002F","\u003Cp>This plugin allows you to set SOPA blackout dates for your WordPress website, as well as a variety of options on who the anti-SOPA is shown too. You can have it shown instead of your site for any visitor, you can only show it the first time then let your visitors continue to the site, plus a lot more. This plugin is SEO friendly with temporary redirects being used.\u003C\u002Fp>\n\u003Cp>By default, this plugin will automatically redirect visitors from your site’s home page to a “Stop SOPA” message on Jan. 18 and 23, 2012. After the visitor has seen the Stop SOPA message, they will be able to continue to your site and will not see the message again during that browser session. There are a number of options available to customize the way the plugin behaves:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Blackout Dates – if you would like to change the dates on which the Stop SOPA message is displayed, you can enter a comma-separated list of dates (in YYYY-MM-DD format)\u003C\u002Fli>\n\u003Cli>Remove backlinks to plugin sponsors – the default configuration of the Stop SOPA message displays a link to the 3 contributors\u002Fsponsors of this plugin. You can disable those by checking this box\u003C\u002Fli>\n\u003Cli>Show the SOPA message to visitors the first time they visit your site, no matter which page they land on? – By default, only the front page and the posts page redirect visitors to the SOPA message. If you check this box, all pages will redirect the first time they visit your site.\u003C\u002Fli>\n\u003Cli>Don’t allow visitors to view the regular site when the SOPA message is active: – With the default configuration, this plugin sets a session cookie when a visitor sees the SOPA message, so that they won’t see the message again until they close their browser. If you check this option, they will see the message every time they visit one of the affected pages, no matter how many times they’ve already seen it.\u003C\u002Fli>\n\u003Cli>Link to the following page with the “Continue to site” link – If the “Continue to site” link is displayed on the SOPA page (in certain configurations, it won’t be), you can choose which page on your site that link leads to (for instance, if you have the plugin configured not to set a cookie, then you should point visitors to a page other than your home page, since they won’t see your site if they try to visit the home page).\u003C\u002Fli>\n\u003Cli>Use the following page for the SOPA message: – By default, the plugin redirects to the actual PHP file that displays the SOPA message. You can choose to create a new page in WordPress to display the SOPA message, or choose to display the SOPA message in place of one of your existing pages.\u003C\u002Fli>\n\u003Cli>Show an admin notice about this plugin – you can choose to show a message with links to more info about SOPA all the time (as long as this plugin is activated) or to show a nag message just when the SOPA message is actively being shown to visitors. The nag message will always include information about how the plugin is configured, so you’ll be aware of when visitors should see the message. You can also choose to turn off the nag message altogether.\u003C\u002Fli>\n\u003Cli>Make the “Continue to site” link lead to the visitor’s original destination, instead of the page indicated above? – If you have the cookie enabled (default setting) so that visitors can continue through to your site after viewing the SOPA message, you can check this option to allow them to continue through to the page they originally tried to visit. Otherwise, they will be redirected to the page you chose in option #5 above (your home page by default).\u003C\u002Fli>\n\u003Cli>Use the following page as a custom SOPA message instead of the one included in this plugin? – If you already have your own SOPA message set up within your site, you can choose it from the dropdown for this option, and the plugin will redirect to it instead of displaying the SOPA message that’s included with this plugin.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>When you deactivate this plugin, all of its settings will be removed. In addition, if you chose to create a new page, this plugin will automatically delete that page.\u003C\u002Fp>\n","This plugin allows you to set SOPA blackout dates for your WordPress website. SEO friendly plus easy options to configure how often it's shown.",13194,"2012-01-17T21:19:00.000Z","2.0.2",[49,50,20,51,21],"blackout","censorship","soap","http:\u002F\u002Fdownagainstsopa.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsopa-blackout-plugin.1.0.6.zip",{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":62,"downloaded":63,"rating":64,"num_ratings":65,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":17,"tags":69,"homepage":74,"download_link":75,"security_score":64,"vuln_count":65,"unpatched_count":13,"last_vuln_date":76,"fetched_at":26},"woo-pensopay","pensopay Payments","7.1.9","pensopay","https:\u002F\u002Fprofiles.wordpress.org\u002Fpensopay\u002F","\u003Cp>With pensopay Payments, you are able to integrate your pensopay gateway to your WooCommerce installation. With a wide list of API features including secure capturing, refunding and cancelling payments directly from your WooCommerce order overview. This is only a part of the many features found in this plugin.\u003C\u002Fp>\n\u003Ch3>Dependencies\u003C\u002Fh3>\n\u003Cp>General:\u003Cbr \u002F>\n1. PHP: >= 7.4\u003Cbr \u002F>\n2. WooCommerce >= 8.2\u003Cbr \u002F>\n3. If WooCommerce Subscriptions is used, the required minimum version is >= 5.0\u003C\u002Fp>\n","Integrates the pensopay payment gateway into your WooCommerce installation.",2000,58961,100,1,"2026-01-09T14:40:00.000Z","6.8.5","6.3",[70,71,58,72,73],"gateway","payment","psp","woocommerce","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpensopay\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwoo-pensopay.7.1.9.zip","2023-09-05 00:00:00",{"slug":78,"name":79,"version":80,"author":58,"author_profile":59,"description":81,"short_description":82,"active_installs":83,"downloaded":84,"rating":13,"num_ratings":13,"last_updated":85,"tested_up_to":67,"requires_at_least":68,"requires_php":17,"tags":86,"homepage":74,"download_link":87,"security_score":64,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"pensopay-payments-v2","pensopay Payments v2","2.0.6","\u003Cp>Important: This plugin supports pensopay v2 payments via app.pensopay.com. If you are not sure it’s the right one, please reach out to us before proceeding.\u003C\u002Fp>\n\u003Cp>With pensopay payments v2 you are able to integrate pensopay v2 gateway with your WooCommerce.\u003Cbr \u002F>\nIn moments you will be able to receive payments via credit card, MobilePay, Apple Pay,  Viabill, Anyday, Swish.\u003C\u002Fp>\n\u003Cp>Capture, refund and cancel payments directly from your WooCommerce Store.\u003C\u002Fp>\n\u003Cp>This plugin is free to use, but you will need a pensopay account to accept payments.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fpensopay.com\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fpensopay.com\u002F\u003C\u002Fa>\u003Cbr \u002F>\nVia pensopay you can apply for an instant Visa\u002FMasterCard agreement, which allows you to accept online payments in a matter of minutes.\u003C\u002Fp>\n\u003Cp>Service Terms: https:\u002F\u002Fpensopay.com\u002Fhandelsbetingelser\u002F\u003C\u002Fp>\n\u003Ch3>Dependencies\u003C\u002Fh3>\n\u003Cp>General:\u003Cbr \u002F>\n1. PHP: >= 7.4\u003Cbr \u002F>\n2. WooCommerce >= 8.2\u003C\u002Fp>\n","Integrates your pensopay V2 payment gateway into your WooCommerce installation.",1000,7461,"2026-01-29T10:05:00.000Z",[70,71,58,72,73],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpensopay-payments-v2.2.0.6.zip",{"slug":89,"name":90,"version":91,"author":92,"author_profile":93,"description":94,"short_description":95,"active_installs":96,"downloaded":97,"rating":64,"num_ratings":98,"last_updated":99,"tested_up_to":100,"requires_at_least":101,"requires_php":102,"tags":103,"homepage":108,"download_link":109,"security_score":64,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"multibanco-e-ou-payshop-by-lusopay","Multibanco \u002F MB Way  \u002F Payshop \u002F Cofidis Pay (by LUSOPAY) for WooCommerce","5.0.0","lusopay","https:\u002F\u002Fprofiles.wordpress.org\u002Flusopay\u002F","\u003Cp>English below\u003C\u002Fp>\n\u003Cp>(PORTUGUÊS)\u003Cbr \u002F>\nPlugin que permite receber pagamentos por referências Multibanco, Payshop, MB Way e Cofidis Pay. Permite também enviar por SMS as referências multibanco e payshop (seja usando o plugin WooCommerce – APG SMS Notifications ou o SMS Orders Alert\u002FNotifications for WooCommerce). As referências multibanco podem ser pagas num ATM ou via homebanking. No caso das referências Payshop, nos repectivos agentes. O MB Way é pago por smartphone, usando a aplicação MB Way ou a aplicação do seu Banco. A Cofidis Pay permite fazer pagamentos em prestações 3 a 12 vezes sem juros. Este plugin permite, de forma automática e em tempo real, alterar os estados das encomendas para pagas no preciso momento em que o cliente paga a referência multibanco ou payshop ou MB Way, bem como permite actualizar automaticamente o stock dos produtos. Desta forma, com este plugin, para além de permitir enviar os produtos de forma mais célere, reduz o trabalho administrativo que tem para gerir o seu negócio, ao mesmo tempo que permite aos seus clientes pagar de uma forma segura, confortável e com a qual estão familiarizados. Mais acrescentamos o nosso plugin usa a funcionalidade HPOS(High Performance Order Storage).\u003C\u002Fp>\n\u003Cp>(ENGLISH)\u003Cbr \u002F>\nPlugin that allows you to receive payments by Multibanco (ATM) references, Payshop, MB Way and Cofidis Pay. It also allows to send SMS messages with multibanco and payshop references (using WooCommerce - APG SMS Notifications plugin or SMS Orders Alert\u002FNotifications for WooCommerce).\u003Cbr \u002F>\nMultibanco references can be paid at ATM network or at customer's homebanking.\u003Cbr \u002F>\nIn the case of Payshop references, they can be paid at Payshop's agents.\u003Cbr \u002F>\nMB Way is paid using MB Way smartphone app or the customer's bank app.\u003Cbr \u002F>\nCofidis Pay allows you to make payments in installments of 3 to 12 times without interest.\u003Cbr \u002F>\nThis plugin allows, automatically and in real time, to change the status of orders paid at the right moment of the payment made by the customer. At the same time it changes the stock of products. This way, with this plugin, you can send your orders faster than usual, with less administrative work to manage your business and, at the same time, allow your customers to pay in a safe and comfortably way. We added that our plugin used the feature HPOS(High Performance Order Storage).\u003C\u002Fp>\n","WooCommerce plugin for MULTIBANCO, PAYSHOP, MB Way and Cofidis Pay. It allows to send SMS and e-mail to the customer with payment details.",400,14930,5,"2025-12-11T15:33:00.000Z","6.9.4","4.4","5.2.4",[104,92,105,106,107],"e-commerce","mb","mbway","multibanco","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmultibanco-e-ou-payshop-by-lusopay\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmultibanco-e-ou-payshop-by-lusopay.5.0.0.zip",{"slug":111,"name":112,"version":113,"author":114,"author_profile":115,"description":116,"short_description":117,"active_installs":11,"downloaded":118,"rating":13,"num_ratings":13,"last_updated":119,"tested_up_to":15,"requires_at_least":120,"requires_php":17,"tags":121,"homepage":123,"download_link":124,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"stop-sopa","Stop SOPA","1.09","ichurakov","https:\u002F\u002Fprofiles.wordpress.org\u002Fichurakov\u002F","\u003Cp>The plugin adds small protest box to your website. By default it’s collapsed, but once clicked, the “Stop SOPA” box appears.\u003C\u002Fp>\n\u003Cp>On settings page you can specify the position of the protest box: either at the right bottom corner or at the middle right edge.\u003Cbr \u002F>\nYou also can turn on\u002Foff “Blackout Day” option. In this case website will show black screen (click demo link below to view the screenshot) and return 503 status (no problems with search engines) on 18th January 2012, 8:00AM – 8:00PM (server time).\u003C\u002Fp>\n\u003Cp>By placing this box on our WordPress websites we are protesting against of SOPA.\u003C\u002Fp>\n\u003Cp>You can see demo here: \u003Ca href=\"http:\u002F\u002Fwww.icprojects.net\u002Fstop-sopa.html\" rel=\"nofollow ugc\">Stop SOPA\u003C\u002Fa>.\u003C\u002Fp>\n","This plugin adds small protest box to your website and switch it to \"Blackout Day\" mode on 18th January 2012.",4051,"2012-02-11T14:05:00.000Z","3.0",[49,122,21],"protest","http:\u002F\u002Fwww.icprojects.net\u002Fstop-sopa.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fstop-sopa.1.09.zip",{"attackSurface":126,"codeSignals":145,"taintFlows":182,"riskAssessment":209,"analyzedAt":216},{"hooks":127,"ajaxHandlers":141,"restRoutes":142,"shortcodes":143,"cronEvents":144,"entryPointCount":13,"unprotectedCount":13},[128,133,136],{"type":129,"name":130,"callback":130,"file":131,"line":132},"action","init","go-dark.php",15,{"type":129,"name":134,"callback":134,"file":131,"line":135},"admin_menu",18,{"type":129,"name":137,"callback":138,"priority":139,"file":131,"line":140},"template_redirect","show_page",99,21,[],[],[],[],{"dangerousFunctions":146,"sqlUsage":147,"outputEscaping":149,"fileOperations":13,"externalRequests":13,"nonceChecks":65,"capabilityChecks":13,"bundledLibraries":181},[],{"prepared":13,"raw":13,"locations":148},[],{"escaped":13,"rawEcho":132,"locations":150},[151,154,156,158,160,162,164,166,168,169,171,173,175,177,179],{"file":131,"line":152,"context":153},43,"raw output",{"file":131,"line":155,"context":153},44,{"file":131,"line":157,"context":153},51,{"file":131,"line":159,"context":153},59,{"file":131,"line":161,"context":153},71,{"file":131,"line":163,"context":153},75,{"file":131,"line":165,"context":153},81,{"file":131,"line":167,"context":153},95,{"file":131,"line":167,"context":153},{"file":131,"line":170,"context":153},144,{"file":131,"line":172,"context":153},145,{"file":131,"line":174,"context":153},151,{"file":131,"line":176,"context":153},159,{"file":131,"line":178,"context":153},171,{"file":131,"line":180,"context":153},172,[],[183,201],{"entryPoint":184,"graph":185,"unsanitizedCount":13,"severity":200},"catch_post (go-dark.php:110)",{"nodes":186,"edges":197},[187,192],{"id":188,"type":189,"label":190,"file":131,"line":191},"n0","source","$_POST[?] (x4)",116,{"id":193,"type":194,"label":195,"file":131,"line":191,"wp_function":196},"n1","sink","update_option() [Settings Manipulation]","update_option",[198],{"from":188,"to":193,"sanitized":199},true,"low",{"entryPoint":202,"graph":203,"unsanitizedCount":13,"severity":200},"\u003Cgo-dark> (go-dark.php:0)",{"nodes":204,"edges":207},[205,206],{"id":188,"type":189,"label":190,"file":131,"line":191},{"id":193,"type":194,"label":195,"file":131,"line":191,"wp_function":196},[208],{"from":188,"to":193,"sanitized":199},{"summary":210,"deductions":211},"The \"go-dark\" plugin version 1.0.7 exhibits a generally good security posture, primarily due to the absence of known vulnerabilities and a well-structured codebase with no identified critical or high severity taint flows. The plugin also demonstrates good practices by utilizing prepared statements for all SQL queries and including a nonce check, which is a positive indicator for preventing certain types of attacks.\n\nHowever, a significant concern is the complete lack of output escaping across all observed outputs. This is a serious oversight that could allow for Cross-Site Scripting (XSS) vulnerabilities if any user-provided data is directly rendered to the page without sanitization. The absence of capability checks on any entry points is also a notable weakness, though currently mitigated by the plugin's limited attack surface. The plugin's vulnerability history being completely clean is a strong positive, suggesting good development practices and thorough testing.\n\nIn conclusion, while \"go-dark\" v1.0.7 benefits from a clean vulnerability record and secure data handling for SQL, the critical deficiency in output escaping presents a substantial risk. This needs immediate attention to prevent potential XSS exploits. The lack of capability checks on its zero-entry-point attack surface is less concerning for now but should be a consideration for future development.",[212,214],{"reason":213,"points":132},"All output is unescaped",{"reason":215,"points":98},"No capability checks on entry points","2026-03-17T00:20:48.380Z",{"wat":218,"direct":226},{"assetPaths":219,"generatorPatterns":223,"scriptPaths":224,"versionParams":225},[220,221,222],"\u002Fwp-content\u002Fplugins\u002Fgo-dark\u002Fblocked.png","\u002Fwp-content\u002Fplugins\u002Fgo-dark\u002Fseal.png","\u002Fwp-content\u002Fplugins\u002Fgo-dark\u002Fwood.jpg",[],[],[],{"cssClasses":227,"htmlComments":232,"htmlAttributes":234,"restEndpoints":236,"jsGlobals":237,"shortcodeOutput":239},[228,229,230,231],"wrap","icon32","add-new-h2","form-table",[233],"\u003C!-- ... -->",[235],"data-editor",[],[238],"window.go_dark",[240],"\u003Cdiv id=\"blocked\">"]