[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fTvFy9Vg1DH18qDfCfgbLeIpoRU_TmEGAiBXHvDDmbsQ":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":34,"analysis":129,"fingerprints":259},"ipint-payments-gateway","iPint Payment Gateway","1.0","bitfia","https:\u002F\u002Fprofiles.wordpress.org\u002Fbitfia\u002F","\u003Cp>The iPint Crypto Payment Gateway plugin extends WooCommerce allowing you to take payments in crypto directly on your store or website via iPint’s secure APIs with zero coding required to integrate. iPint Payment Gateway is a simple way to accept crypto payments online. With iPint you can accept Bitcoin, ETH, BCH, USDT, DOGE, LTC and many more cryptocurrencies on your platform. iPint is an end to end crypto payment processor handles crypto price fluctuations and freezes price for you so that you receive exact amount without any loss due to volatility as crypto prices changes within minutes.\u003C\u002Fp>\n\u003Cp>The plugin is integrated with the iPint API, allowing users to pay with cryptocurrencies and preferred coins (such as BTC and ETH).\u003Cbr \u002F>\nFirst, you need to sign up for your merchant account with iPint. Once the sign-up process is complete, iPint will complete proper validation of the details. You can then log in and start using your account for various transactions.\u003C\u002Fp>\n\u003Cp>Merchant API credentials can be created from your iPint account. This account also allows you to add payment details based on the options you want to receive payments.\u003C\u002Fp>\n\u003Cp>Check the link for more details: https:\u002F\u002Fipint.io:8010\u002Fdocs\u003C\u002Fp>\n","The iPint Crypto Payment Gateway plugin extends WooCommerce allowing you to take payments in crypto directly on your store or website via iPint's &hellip;",0,735,"2022-06-16T23:28:00.000Z","6.0.11","4.2","7.0",[18,19,20,21,22],"bitcoin","bitcoin-cash","dogecoin","litecoin","usdt","https:\u002F\u002Fipint.io\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fipint-payments-gateway.1.0.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},1,30,84,"2026-04-05T20:39:57.636Z",[35,58,79,97,112],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":45,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":50,"tags":51,"homepage":54,"download_link":55,"security_score":56,"vuln_count":30,"unpatched_count":11,"last_vuln_date":57,"fetched_at":27},"coinpayments-payment-gateway-for-woocommerce","CoinPayments.net Payment Gateway for WooCommerce","1.0.18","CoinPayments","https:\u002F\u002Fprofiles.wordpress.org\u002Fcoinpayments\u002F","\u003Cp>This plugin implements a payment gateway for WooCommerce to let buyers pay with Bitcoin, Litecoin, Ripple, and other cryptocurrencies via CoinPayments.net.\u003C\u002Fp>\n","This plugin implements a payment gateway for WooCommerce to let buyers pay with Bitcoin, Litecoin, Ripple, and other cryptocurrencies via CoinPayments &hellip;",1000,61289,74,6,"2025-05-02T18:03:00.000Z","6.2.9","3.7.0","",[52,53,18,20,21],"altcoin","altcoins","https:\u002F\u002Fwww.coinpayments.net\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcoinpayments-payment-gateway-for-woocommerce.zip",95,"2025-05-07 00:00:00",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":11,"num_ratings":11,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":71,"tags":72,"homepage":75,"download_link":76,"security_score":77,"vuln_count":30,"unpatched_count":30,"last_vuln_date":78,"fetched_at":27},"multi-crypto-currency-payment","Multi CryptoCurrency Payments","2.0.7","Alex Zaytseff","https:\u002F\u002Fprofiles.wordpress.org\u002Fzaytseff\u002F","\u003Cp>Accept the most popular cryptocurrencies (BTC, LTC, BCH, Doge etc.) on your store all around the world. Use any crypto supported by provider to accept coins using the Forwarding payment process.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FevauShnffmk?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Payment automatically forwards from temporarily generated crypto-address directly into your wallet (temp address identify payment to exact order)\u003C\u002Fli>\n\u003Cli>The payment gateway has a fixed fee which does not depend on the amount of the order. Small payments are totally free. \u003Ca href=\"https:\u002F\u002Fapirone.com\u002Fpricing\" rel=\"nofollow ugc\">https:\u002F\u002Fapirone.com\u002Fpricing\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>You do not need to complete a KYC\u002FDocumentation to start using our plugin. Just fill in settings and start your business.\u003C\u002Fli>\n\u003Cli>White label processing (your online store accepts payments on the store side without redirects, iframes, advertisements, logo, etc.)\u003C\u002Fli>\n\u003Cli>This plugin works well all over the world.\u003C\u002Fli>\n\u003Cli>Tor network support.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>How does it work?\u003C\u002Fh3>\n\u003Cp>The Buyer adds items into the cart and prepares the order.\u003Cbr \u002F>\nUsing API requests, the store generates temporary crypto (BTC, LTC, BCH, Doge) address and show a QR code.\u003Cbr \u002F>\nThen, the buyer scans the QR code and pays for the order. This transaction goes to the blockchain.\u003Cbr \u002F>\nThe payment gateway immediately notifies the store about the payment.\u003Cbr \u002F>\nThe store completes the transaction.\u003C\u002Fp>\n\u003Ch3>Supported currencies\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Bitcoin\u003C\u002Fli>\n\u003Cli>Bitcoin (testnet)\u003C\u002Fli>\n\u003Cli>Litecoin\u003C\u002Fli>\n\u003Cli>Bitcoin Cash\u003C\u002Fli>\n\u003Cli>Dogecoin\u003C\u002Fli>\n\u003Cli>TRON\u003C\u002Fli>\n\u003Cli>Ethereum\u003C\u002Fli>\n\u003Cli>BNB SMART CHAIN\u003C\u002Fli>\n\u003Cli>USDC (TRC20), USDC (ERC20), USDC (BEP20)\u003C\u002Fli>\n\u003Cli>USDT (TRC20), USDT (ERC20), USDT (BEP20)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Installation via WordPress Plugin Manager\u003C\u002Fh3>\n\u003Cp>Go to WordPress Admin panel > Plugins > Add New in the admin panel.\u003Cbr \u002F>\nEnter “Multi CryptoCurrency Payments” in the search box.\u003Cbr \u002F>\nClick Install Now.\u003Cbr \u002F>\nFill settings of your crypto addresses into Plugin Settings: WooCommerce > Settings > Payments > Multi CryptoCurrency Payments. Turn the “On” checkbox in the Plugin on the same setting page.\u003C\u002Fp>\n\u003Ch3>Third Party API & License Information\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>API website: \u003Ca href=\"https:\u002F\u002Fapirone.com\" rel=\"nofollow ugc\">https:\u002F\u002Fapirone.com\u003C\u002Fa>   \u003C\u002Fli>\n\u003Cli>API docs: \u003Ca href=\"https:\u002F\u002Fapirone.com\u002Fdocs\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fapirone.com\u002Fdocs\u002F\u003C\u002Fa>  \u003C\u002Fli>\n\u003Cli>Privacy policy: \u003Ca href=\"https:\u002F\u002Fapirone.com\u002Fprivacy-policy\" rel=\"nofollow ugc\">https:\u002F\u002Fapirone.com\u002Fprivacy-policy\u003C\u002Fa>  \u003C\u002Fli>\n\u003Cli>Support: \u003Ca href=\"mailto:support@apirone.com\" rel=\"nofollow ugc\">support@apirone.com\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","WooCommerce plugin - Multi CryptoCurrency Payments Requires at least WooCommerce: 6.0 Tested up to: 9.8.2 License: GPLv2 or later",300,12013,"2025-09-17T08:03:00.000Z","6.8.5","5.6","7.4",[73,18,74,21,22],"accept","crypto","https:\u002F\u002Fgithub.com\u002Fzaytseff\u002Fmccp-woo","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmulti-crypto-currency-payment.zip",76,"2025-06-03 00:00:00",{"slug":80,"name":81,"version":6,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":86,"downloaded":87,"rating":88,"num_ratings":89,"last_updated":90,"tested_up_to":91,"requires_at_least":92,"requires_php":71,"tags":93,"homepage":95,"download_link":96,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"alfacoins-for-woocommerce","ALFAcoins for WooCommerce","ALFAcoins","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebt3ch\u002F","\u003Cp>Accept all major cryptocurrencies like Bitcoin, Ethereum, TRC-20 & ERC-20 Tether, TRX, Litecoin, XRP with ALFAcoins plugin for WooCommerce.\u003C\u002Fp>\n\u003Ch4>ALFAcoins features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Select preferred cryptocurrencies (BTC, ETH, USDT, BNB, XRP, USDC, DOGE, TRX, DOT, BCH, LTC, DAI, ATOM, XLM, DASH) and start accepting cryptocurrency.\u003C\u002Fli>\n\u003Cli>Follow a straightforward set-up process, no technical expertise needed: \u003Ca href=\"https:\u002F\u002Fwww.alfacoins.com\u002Fhelp\u002Ftutorials\u002Fmerchant-how-to-integrate-cryptocurrency-payments-to-wordpress-with-woocommerce\" rel=\"nofollow ugc\">guide\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Every transaction is displayed with an equivalent of your preferred fiat currency.\u003C\u002Fli>\n\u003Cli>Automate withdrawals by setting up preferred period and amount.\u003C\u002Fli>\n\u003Cli>Protect your account with a two-factor authentication (2FA) feature.\u003C\u002Fli>\n\u003Cli>Check your transactions’ history, statuses and fees. Export data and reports on the go.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Why ALFAcoins?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Hassle free account opening process, application review guaranteed within 24 hours.\u003C\u002Fli>\n\u003Cli>Submit your queries about integration, account or transaction management to our support team.\u003C\u002Fli>\n\u003Cli>Open your e-shop to customers worldwide preferring crypto payments.\u003C\u002Fli>\n\u003Cli>Real-time competitive cryptocurrency exchange rates.\u003C\u002Fli>\n\u003Cli>Financial reports about incoming and outgoing operations.\u003C\u002Fli>\n\u003Cli>Secure storage and instant transfers of your crypto assets.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.alfacoins.com\u002Fuser\u002Fregister\" rel=\"nofollow ugc\">Join\u003C\u002Fa> the digital payment revolution and expand your WooCommerce store’s potential with ALFAcoins. Embrace the opportunities of cryptocurrency and set your business up for success.\u003C\u002Fp>\n","Accept all major cryptocurrencies like Bitcoin, Ethereum, TRC-20 & ERC-20 Tether, TRX, Litecoin, XRP with ALFAcoins plugin for WooCommerce.",10,5474,100,3,"2024-02-29T14:31:00.000Z","6.5.8","4.3.1",[18,74,20,94,21],"ethereum","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Falfacoins-for-woocommerce\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falfacoins-for-woocommerce.zip",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":86,"downloaded":105,"rating":11,"num_ratings":11,"last_updated":106,"tested_up_to":107,"requires_at_least":50,"requires_php":50,"tags":108,"homepage":50,"download_link":111,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"live-ticker-cryptocoin","Cryptocoin Live Ticker","1.5.2","coinalyze","https:\u002F\u002Fprofiles.wordpress.org\u002Fcoinalyze\u002F","\u003Cp>Display cryptocoins current price, 24 hours price change and 7 days price change on your website. You can select which coins\u002Fpairs to display. Supported pairs:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>BTC: BTCUSD, BTCEUR, BTCGBP, BTCJPY, BTCCAD, BTCAUD, BTCKRW, BTCZAR, BTCNZD, BTCINR\u003C\u002Fli>\n\u003Cli>BCH: BCHUSD, BCHEUR, BCHBTC, BCHKRW\u003C\u002Fli>\n\u003Cli>ETH: ETHUSD, ETHEUR, ETHJPY, ETHCAD, ETHAUD, ETHBTC, ETHKRW\u003C\u002Fli>\n\u003Cli>ETC: ETCUSD, ETCKRW\u003C\u002Fli>\n\u003Cli>LTC: LTCUSD, LTCEUR, LTCAUD, LTCBTC, LTCKRW\u003C\u002Fli>\n\u003Cli>XMR: XMRUSD, XMREUR, XMRKRW\u003C\u002Fli>\n\u003Cli>XRP: XRPUSD, XRPEUR, XRPKRW\u003C\u002Fli>\n\u003Cli>IOTA: IOTUSD\u003C\u002Fli>\n\u003Cli>DASH: DSHUSD, DSHKRW\u003C\u002Fli>\n\u003Cli>NEO: NEOUSD\u003C\u002Fli>\n\u003Cli>OMG: OMGUSD\u003C\u002Fli>\n\u003Cli>ZEC: ZECUSD, ZECKRW\u003C\u002Fli>\n\u003Cli>XLM: XLMUSD\u003C\u002Fli>\n\u003Cli>QTUM: QTUMKRW\u003C\u002Fli>\n\u003Cli>EOS: EOSUSD, EOSKRW, EOSBTC, EOSETH\u003C\u002Fli>\n\u003Cli>ADA: ADAUSD, ADABTC, ADAETH\u003C\u002Fli>\n\u003Cli>BAT: BATUSD, BATBTC, BATETH\u003C\u002Fli>\n\u003Cli>GNT: GNTUSD, GNTBTC, GNTETH\u003C\u002Fli>\n\u003Cli>TRX: TRXUSD, TRXBTC, TRXETH\u003C\u002Fli>\n\u003Cli>NANO: NANOBTC, NANOETH\u003C\u002Fli>\n\u003Cli>XVG: XVGUSD, XVGBTC, XVGETH\u003C\u002Fli>\n\u003Cli>ONT: ONTBTC, ONTETH\u003C\u002Fli>\n\u003Cli>POWR: POWRBTC, POWRETH \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The widget is highly customizable\u003C\u002Fp>\n\u003Cul>\n\u003Cli>You can change the look and feel of the widget by modifying a CSS file (assets\u002Fstyle.css)\u003C\u002Fli>\n\u003Cli>You can select which pairs to display\u003C\u002Fli>\n\u003Cli>You can customize numbers format: decimals separator, thousands separator\u003C\u002Fli>\n\u003Cli>You can customize header names\u003C\u002Fli>\n\u003Cli>You can specify how long the pairs data are cached\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Pairs data are fetched from \u003Ca href=\"https:\u002F\u002Fcoinalyze.net\" rel=\"nofollow ugc\">Coinalyze\u003C\u002Fa> . A reliable cryptocoin analysis website.\u003C\u002Fp>\n","Display cryptocoins current price, 24 hours price change and 7 days price change on your website. You can select which coins\u002Fpairs to display.",5197,"2018-05-04T06:26:00.000Z","4.9.29",[18,19,109,110,21],"cryptocoin","cryptocurrency","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flive-ticker-cryptocoin.zip",{"slug":113,"name":114,"version":115,"author":116,"author_profile":117,"description":118,"short_description":119,"active_installs":86,"downloaded":120,"rating":88,"num_ratings":30,"last_updated":50,"tested_up_to":121,"requires_at_least":122,"requires_php":50,"tags":123,"homepage":126,"download_link":127,"security_score":88,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":128},"send-a-wow-dogecoin-donation","Send a Wow!","0.2.4","shibyville","https:\u002F\u002Fprofiles.wordpress.org\u002Fshibyville\u002F","\u003Cp>For a full description and a configuration reference visit (http:\u002F\u002Fwww.send-a-wow.org)\u003C\u002Fp>\n\u003Cp>Send a Wow! makes it easy for your visitors to transfer some money in the form of crypto currency as a thank you or as a Wow!-reaction for well written blog articles. It is preconfigured for the famoust digital currency dogecoin but can be also setuped for e.g bitcoin. It do not use any third services! It uses the decentralized way crypto currency is made for: A transfer from wallet to wallet. If you install the Send a Wow!-Plugin there will be a button under each of your blog article.\u003C\u002Fp>\n\u003Cp>If you prefer the button on the left side, add this to your css file:\u003C\u002Fp>\n\u003Cp>.saw-container {\u003C\u002Fp>\n\u003Cpre>\u003Ccode>float: none !important;\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>}\u003C\u002Fp>\n","Send a Wow sets a donation button for cryptocoins like dogecoin, bitcoin and litecoin under every article in your blog.",6583,"3.9.40","3.8.3",[18,20,21,124,125],"send-a-wow","sendawow","http:\u002F\u002Fwww.send-a-wow.org","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsend-a-wow-dogecoin-donation.0.2.4.zip","2026-03-15T10:48:56.248Z",{"attackSurface":130,"codeSignals":188,"taintFlows":208,"riskAssessment":246,"analyzedAt":258},{"hooks":131,"ajaxHandlers":184,"restRoutes":185,"shortcodes":186,"cronEvents":187,"entryPointCount":11,"unprotectedCount":11},[132,138,143,148,152,156,160,164,168,173,176,179,181],{"type":133,"name":134,"callback":135,"priority":86,"file":136,"line":137},"action","woocommerce_scheduled_subscription_payment_ipint","process_subscription_payment","includes\\class-wc-gateway-ipint.php",48,{"type":133,"name":139,"callback":140,"priority":11,"file":141,"line":142},"plugins_loaded","includes","ipint-woocommerce-gateway.php",37,{"type":144,"name":145,"callback":146,"file":141,"line":147},"filter","generate_rewrite_rules","register_ipint_website_url2",39,{"type":144,"name":149,"callback":150,"file":141,"line":151},"query_vars","ipint_register_query_vars",40,{"type":133,"name":153,"callback":154,"file":141,"line":155},"template_redirect","ipint_handle_order_received",41,{"type":144,"name":157,"callback":158,"file":141,"line":159},"woocommerce_payment_gateways","add_gateway",44,{"type":133,"name":161,"callback":162,"file":141,"line":163},"woocommerce_admin_order_data_after_order_details","ipint_display_order_data_in_admin",47,{"type":133,"name":165,"callback":166,"file":141,"line":167},"woocommerce_thankyou","ipint_display_order_data_in_thankyou_page",49,{"type":133,"name":169,"callback":170,"priority":171,"file":141,"line":172},"woocommerce_email_order_details","ipint_mail_order_data",200,51,{"type":144,"name":149,"callback":174,"file":141,"line":175},"closure",198,{"type":133,"name":177,"callback":174,"file":141,"line":178},"template_include",204,{"type":144,"name":177,"callback":174,"file":141,"line":180},212,{"type":133,"name":153,"callback":182,"file":141,"line":183},"prefix_url_rewrite_templates",217,[],[],[],[],{"dangerousFunctions":189,"sqlUsage":190,"outputEscaping":192,"fileOperations":206,"externalRequests":89,"nonceChecks":11,"capabilityChecks":11,"bundledLibraries":207},[],{"prepared":11,"raw":11,"locations":191},[],{"escaped":31,"rawEcho":193,"locations":194},5,[195,198,200,202,204],{"file":141,"line":196,"context":197},106,"raw output",{"file":141,"line":199,"context":197},133,{"file":141,"line":201,"context":197},138,{"file":141,"line":203,"context":197},151,{"file":141,"line":205,"context":197},156,4,[],[209],{"entryPoint":210,"graph":211,"unsanitizedCount":244,"severity":245},"\u003Cipint-website-redirect-url> (templates\\ipint-website-redirect-url.php:0)",{"nodes":212,"edges":238},[213,219,223,230,234,236],{"id":214,"type":215,"label":216,"file":217,"line":218},"n0","source","$_POST","templates\\ipint-website-redirect-url.php",7,{"id":220,"type":221,"label":222,"file":217,"line":218},"n1","transform","→ register_log()",{"id":224,"type":225,"label":226,"file":227,"line":228,"wp_function":229},"n2","sink","file_put_contents() [File Write]","includes\\functions.php",24,"file_put_contents",{"id":231,"type":215,"label":232,"file":217,"line":233},"n3","$_GET",8,{"id":235,"type":221,"label":222,"file":217,"line":233},"n4",{"id":237,"type":225,"label":226,"file":227,"line":228,"wp_function":229},"n5",[239,241,242,243],{"from":214,"to":220,"sanitized":240},false,{"from":220,"to":224,"sanitized":240},{"from":231,"to":235,"sanitized":240},{"from":235,"to":237,"sanitized":240},2,"medium",{"summary":247,"deductions":248},"The \"ipint-payments-gateway\" v1.0 plugin exhibits a generally positive security posture based on the provided static analysis. The absence of any AJAX handlers, REST API routes, shortcodes, or cron events, particularly those without proper authorization, significantly limits the potential attack surface. Furthermore, the code signals indicate a good practice of using prepared statements for all SQL queries, and a high percentage of output escaping is observed. File operations and external HTTP requests are present but are not inherently concerning without further context or observed vulnerabilities.\n\nHowever, several areas warrant attention. The presence of a taint flow with unsanitized paths is a critical finding, despite its classification as not critical or high severity in this analysis. This indicates a potential risk where user-supplied data might be used in a way that could lead to unintended consequences, such as directory traversal or command injection, if exploited. The complete lack of nonce checks and capability checks across all identified entry points (even though there are zero) is a significant concern if any entry points were to be introduced or discovered later. This indicates a reliance on the inherent security of the (currently non-existent) entry points rather than implementing robust security measures.\n\nThe vulnerability history showing zero known CVEs and no past vulnerabilities is a strong positive indicator of the plugin's current security. It suggests a developer who has either been diligent about security or the plugin has not been a significant target. Despite the positive historical data, the presence of an unsanitized path flow in the static analysis is a red flag that needs to be addressed immediately, as historical data does not guarantee future security. The overall assessment is that while the plugin has a minimal attack surface and good SQL practices, the identified taint flow and the absence of fundamental security checks like nonces and capability checks are weaknesses that could be exploited.",[249,252,254,256],{"reason":250,"points":251},"Taint flow with unsanitized paths",15,{"reason":253,"points":86},"0 Nonce checks",{"reason":255,"points":86},"0 Capability checks",{"reason":257,"points":193},"Low percentage of properly escaped output (86%)","2026-03-17T06:38:19.523Z",{"wat":260,"direct":269},{"assetPaths":261,"generatorPatterns":264,"scriptPaths":265,"versionParams":266},[262,263],"\u002Fwp-content\u002Fplugins\u002Fipint-payments-gateway\u002Fassets\u002Fcss\u002Fipint-payment-gateway.css","\u002Fwp-content\u002Fplugins\u002Fipint-payments-gateway\u002Fassets\u002Fjs\u002Fipint-payment-gateway.js",[],[263],[267,268],"ipint-payment-gateway\u002Fassets\u002Fcss\u002Fipint-payment-gateway.css?ver=","ipint-payment-gateway\u002Fassets\u002Fjs\u002Fipint-payment-gateway.js?ver=",{"cssClasses":270,"htmlComments":273,"htmlAttributes":278,"restEndpoints":284,"jsGlobals":285,"shortcodeOutput":287},[271,272],"order_data_column","ipint-payment-gateway-button",[274,275,276,277],"\u003C!-- iPint Payments gateway -->","\u003C!-- Display order meta fields on mail -->","\u003C!-- Display order meta fields on order received page -->","\u003C!-- to display meta fields in admin order detail page -->",[279,280,281,282,283],"data-order-id","data-amount","data-currency","data-order-key","data-api-url",[],[286],"ipint_payment_gateway",[]]