[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fk0OKPDxXmKBIEVDtI3gOLsZOazOpmT4vzASD_dmCtps":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":13,"vuln_count":11,"unpatched_count":11,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":36,"analysis":124,"fingerprints":370},"ironphantom-antifraud","IronPhantom Antifraud","1.0.12","Fabrizio D.","https:\u002F\u002Fprofiles.wordpress.org\u002Fizioh1979\u002F","\u003Cp>IronPhantom Antifraud brings real-time fraud intelligence to WooCommerce.\u003C\u002Fp>\n\u003Cp>Powered by \u003Cstrong>MGFirewallAI\u003C\u002Fstrong>, the plugin analyzes checkout and login events using multiple security signals such as:\u003C\u002Fp>\n\u003Cp>• IP reputation analysis\u003Cbr \u002F>\n• known credential leaks and data breach intelligence\u003Cbr \u002F>\n• suspicious login or checkout patterns\u003C\u002Fp>\n\u003Cp>Each store connects to a personal \u003Cstrong>MGFirewallAI dashboard\u003C\u002Fstrong>, where merchants can review alerts, transactions and fraud risk indicators.\u003C\u002Fp>\n\u003Cp>IronPhantom does not block WooCommerce checkout and does not modify WordPress or WooCommerce core files.\u003Cbr \u002F>\nInstead, it provides \u003Cstrong>real-time fraud signals\u003C\u002Fstrong> that help merchants identify suspicious activity before it becomes a chargeback or account takeover.\u003C\u002Fp>\n\u003Cp>The plugin requires a \u003Cstrong>personal API key\u003C\u002Fstrong>, which can be automatically generated during the setup wizard.\u003C\u002Fp>\n\u003Cp>IronPhantom is designed with \u003Cstrong>privacy and data minimization in mind\u003C\u002Fstrong> and works only after explicit consent is enabled in the plugin settings.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cp>• \u003Cstrong>IP Risk Analysis\u003C\u002Fstrong> – identifies suspicious IP addresses during checkout or login activity.\u003C\u002Fp>\n\u003Cp>• \u003Cstrong>Data Breach Intelligence\u003C\u002Fstrong> – detects emails associated with known credential leaks and compromised databases.\u003C\u002Fp>\n\u003Cp>• \u003Cstrong>Real-Time Fraud Signals\u003C\u002Fstrong> – checkout and login events are analyzed instantly by the MGFirewallAI engine.\u003C\u002Fp>\n\u003Cp>• \u003Cstrong>Automatic API Key Generation\u003C\u002Fstrong> – the setup wizard can generate a personal API key and connect your store to MGFirewallAI.\u003C\u002Fp>\n\u003Cp>• \u003Cstrong>Merchant Dashboard\u003C\u002Fstrong> – each store connects to a personal dashboard where alerts and transactions can be monitored.\u003C\u002Fp>\n\u003Cp>• \u003Cstrong>GDPR-Friendly Design\u003C\u002Fstrong> – data is processed only after explicit consent and follows a data minimization approach.\u003C\u002Fp>\n\u003Cp>• \u003Cstrong>Safe WooCommerce Integration\u003C\u002Fstrong> – IronPhantom never modifies WooCommerce core files and does not interrupt checkout.\u003C\u002Fp>\n\u003Ch3>Easy install (recommended)\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Go to \u003Cstrong>Plugins \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Add New\u003C\u002Fstrong> in your WordPress admin panel.\u003C\u002Fli>\n\u003Cli>Search for \u003Cstrong>IronPhantom Antifraud\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Click \u003Cstrong>Install Now\u003C\u002Fstrong> and then \u003Cstrong>Activate\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>(WooCommerce must be active.)\u003C\u002Fp>\n\u003Ch3>Manual installation\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Download the plugin ZIP file.\u003C\u002Fli>\n\u003Cli>Go to \u003Cstrong>Plugins \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Add New \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Upload Plugin\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Upload the ZIP file and click \u003Cstrong>Install Now\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Activate the plugin.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Setup\u003C\u002Fh3>\n\u003Cp>After activation the \u003Cstrong>IronPhantom setup wizard\u003C\u002Fstrong> will start automatically.\u003C\u002Fp>\n\u003Cp>The wizard can generate a \u003Cstrong>personal API key\u003C\u002Fstrong> and connect your store to the MGFirewallAI security network.\u003C\u002Fp>\n\u003Cp>If you prefer manual configuration:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Navigate to\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>WooCommerce \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Settings \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> IronPhantom Antifraud\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>Enable the \u003Cstrong>data sending consent\u003C\u002Fstrong> option.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Insert your \u003Cstrong>IronPhantom API key\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Save the settings.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Place a test order or login to verify that the antifraud analysis is active.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Privacy\u003C\u002Fh3>\n\u003Cp>IronPhantom connects your WooCommerce store to the \u003Cstrong>MGFirewallAI\u003C\u002Fstrong> platform to analyze fraud signals and help prevent chargebacks or account abuse.\u003C\u002Fp>\n\u003Cp>The plugin works \u003Cstrong>only after explicit consent is enabled\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>No data is transmitted automatically.\u003C\u002Fp>\n\u003Ch3>Data sent for analysis\u003C\u002Fh3>\n\u003Cp>• customer billing email (order only)\u003Cbr \u002F>\n• public IP address\u003Cbr \u002F>\n• order ID\u003Cbr \u002F>\n• order total\u003Cbr \u002F>\n• timestamp\u003Cbr \u002F>\n• login flow URL after authentication\u003Cbr \u002F>\n• browser metadata (user agent)\u003C\u002Fp>\n\u003Ch3>Data never sent\u003C\u002Fh3>\n\u003Cp>• passwords\u003Cbr \u002F>\n• credit card numbers\u003Cbr \u002F>\n• payment credentials\u003Cbr \u002F>\n• sensitive personal data\u003C\u002Fp>\n\u003Ch3>Endpoint used\u003C\u002Fh3>\n\u003Cp>POST https:\u002F\u002Fredflagai.tech\u002Fapi\u002Fpredict\u003C\u002Fp>\n\u003Ch3>Headers\u003C\u002Fh3>\n\u003Cp>Content-Type: application\u002Fjson\u003Cbr \u002F>\nx-api-key: \u003C\u002Fp>\n\u003Ch3>Data stored locally by the plugin\u003C\u002Fh3>\n\u003Cp>Order metadata\u003C\u002Fp>\n\u003Cp>ironphantom_tx_id\u003Cbr \u002F>\nironphantom_risk_level\u003Cbr \u002F>\nironphantom_motivi\u003Cbr \u002F>\nironphantom_sent\u003C\u002Fp>\n\u003Cp>User metadata\u003C\u002Fp>\n\u003Cp>ironphantom_appena_loggato\u003C\u002Fp>\n\u003Ch3>Uninstall\u003C\u002Fh3>\n\u003Cp>Deleting the plugin automatically removes:\u003C\u002Fp>\n\u003Cp>• plugin options\u003Cbr \u002F>\n• database settings\u003Cbr \u002F>\n• IronPhantom metadata stored on orders and users\u003C\u002Fp>\n\u003Cp>More information:\u003C\u002Fp>\n\u003Cp>Privacy Policy\u003Cbr \u002F>\nhttps:\u002F\u002Fredflagai.tech\u002Fprivacy-policy\u003C\u002Fp>\n\u003Cp>Terms of Use\u003Cbr \u002F>\nhttps:\u002F\u002Fredflagai.tech\u002Fterms\u003C\u002Fp>\n\u003Ch3>Troubleshooting\u003C\u002Fh3>\n\u003Cp>If IronPhantom cannot connect to the MGFirewallAI platform:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Enable \u003Cstrong>Diagnostic Logs\u003C\u002Fstrong> in\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>WooCommerce \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Settings \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> IronPhantom Antifraud\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>Perform a \u003Cstrong>test order\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Navigate to\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>WooCommerce \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Status \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Logs\u003C\u002Fp>\n\u003Col>\n\u003Cli>Select the log file\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>ironphantom-antifraud\u003C\u002Fp>\n\u003Col>\n\u003Cli>Download the log and send it to:\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>security@redflagai.tech\u003C\u002Fp>\n\u003Cp>Common causes of connection issues:\u003C\u002Fp>\n\u003Cp>• API key not activated\u003Cbr \u002F>\n• hosting firewall blocking outbound requests\u003Cbr \u002F>\n• temporary server maintenance\u003C\u002Fp>\n","IronPhantom Antifraud brings real-time fraud intelligence to WooCommerce.",0,541,100,2,"2026-03-08T17:04:00.000Z","6.9.4","6.1","7.4",[20,21,22,23,24],"antifraud","checkout","fraud-detection","security","woocommerce","https:\u002F\u002Fredflagai.tech\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fironphantom-antifraud.1.0.12.zip",null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":11,"avg_security_score":13,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"izioh1979",1,30,94,"2026-04-03T19:22:53.002Z",[37,56,72,89,107],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":13,"num_ratings":32,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":50,"tags":51,"homepage":54,"download_link":55,"security_score":13,"vuln_count":11,"unpatched_count":11,"last_vuln_date":27,"fetched_at":28},"fraud-and-scam-detection-for-woocommerce","Fraud and Scam Detection For WooCommerce","1.1.10","linknacional","https:\u002F\u002Fprofiles.wordpress.org\u002Flinknacional\u002F","\u003Cp>The \u003Cstrong>Fraud and Scam Detection For WooCommerce\u003C\u002Fstrong> plugin helps protect your online store by adding a verification layer to the WooCommerce checkout.\u003Cbr \u002F>\nUsing \u003Cstrong>Google reCAPTCHA\u003C\u002Fstrong>, the plugin automatically analyzes user interactions and blocks suspicious checkout attempts, reducing fraudulent transactions and ensuring safer payments.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Main Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Integration with \u003Cstrong>Google reCAPTCHA\u003C\u002Fstrong>;\u003Cbr \u002F>\n– Protects WooCommerce checkout against automated bots and fraudulent activity;\u003Cbr \u002F>\n– Configurable minimum score threshold for human-like behavior detection;\u003Cbr \u002F>\n– Lightweight and optimized for performance.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Dependencies\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This plugin requires \u003Ca href=\"https:\u002F\u002Fwoocommerce.com\u002F\" rel=\"nofollow ugc\">WooCommerce\u003C\u002Fa> to be installed and active.\u003Cbr \u002F>\nYou also need valid \u003Ca href=\"https:\u002F\u002Fwww.google.com\u002Frecaptcha\u002Fadmin\u002Fcreate\" rel=\"nofollow ugc\">Google reCAPTCHA API keys\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>User instructions\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>Go to WordPress admin panel > WooCommerce > Settings > Anti-Fraud;\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Enable the reCAPTCHA option;\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Enter your Google reCAPTCHA \u003Cstrong>Site Key\u003C\u002Fstrong> and \u003Cstrong>Secret Key\u003C\u002Fstrong>;\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Set the \u003Cstrong>minimum score threshold\u003C\u002Fstrong> (higher values = stricter validation);\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Optionally enable \u003Cstrong>debug mode\u003C\u002Fstrong> to log requests and responses;\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Save the settings. From now on, the WooCommerce checkout will require reCAPTCHA validation.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>This plugin integrates with Google reCAPTCHA v3 service to provide fraud and bot protection for WooCommerce checkout processes.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What the service is and what it is used for:\u003C\u002Fstrong>\u003Cbr \u002F>\nGoogle reCAPTCHA v3 is a security service that analyzes user behavior to determine if a user is likely human or bot. It’s used to protect the WooCommerce checkout process from automated fraud attempts and malicious activities.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What data is sent and when:\u003C\u002Fstrong>\u003Cbr \u002F>\nWhen a customer attempts to complete a checkout on your WooCommerce store, the plugin sends the following data to Google reCAPTCHA servers:\u003Cbr \u002F>\n– User’s IP address\u003Cbr \u002F>\n– Browser and device information\u003Cbr \u002F>\n– User interaction patterns during checkout\u003Cbr \u002F>\n– reCAPTCHA response token\u003C\u002Fp>\n\u003Cp>This data is sent every time a customer loads the checkout page and attempts to place an order.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Service terms and privacy policy:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Google reCAPTCHA Terms of Service: https:\u002F\u002Fdevelopers.google.com\u002Frecaptcha\u002Fdocs\u002Fterms\u003Cbr \u002F>\n– Google Privacy Policy: https:\u002F\u002Fpolicies.google.com\u002Fprivacy\u003C\u002Fp>\n","Add Google reCAPTCHA verification to WooCommerce checkout to prevent fraudulent transactions.",80,608,"2026-02-24T15:51:00.000Z","6.8.5","5.7","7.2",[20,52,53,23,24],"fraud","recaptcha","https:\u002F\u002Fwww.linknacional.com.br\u002Fwordpress\u002Fwoocommerce\u002Fantifraude\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffraud-and-scam-detection-for-woocommerce.1.1.10.zip",{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":33,"downloaded":64,"rating":11,"num_ratings":11,"last_updated":65,"tested_up_to":16,"requires_at_least":66,"requires_php":67,"tags":68,"homepage":70,"download_link":71,"security_score":13,"vuln_count":11,"unpatched_count":11,"last_vuln_date":27,"fetched_at":28},"carticy-checkout-shield-for-woocommerce","Checkout Shield for WooCommerce – Stop Fake Orders, Spam Bots & Card Testing","1.1.0","carticy","https:\u002F\u002Fprofiles.wordpress.org\u002Fcarticy\u002F","\u003Cp>\u003Cstrong>Checkout Shield\u003C\u002Fstrong> stops fake checkout orders and card testing attacks — the kind that bypass your CAPTCHA.\u003C\u002Fp>\n\u003Cp>Card testing bots don’t fill out your checkout form. They hit your store’s checkout API directly, completely skipping any reCAPTCHA or hCaptcha you’ve set up. That’s why CAPTCHA alone doesn’t stop them.\u003C\u002Fp>\n\u003Cp>This plugin verifies that every checkout request comes from a real browser session. Bots that can’t prove they loaded your checkout page get blocked before WooCommerce processes the order.\u003C\u002Fp>\n\u003Ch4>Why Store Owners Choose This Plugin\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Catches what CAPTCHA misses\u003C\u002Fstrong> — blocks bots hitting your checkout API directly\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Works with any caching\u003C\u002Fstrong> — LiteSpeed, Cloudflare, WP Rocket, W3TC — no conflicts\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Zero configuration\u003C\u002Fstrong> — activate and you’re protected\u003C\u002Fli>\n\u003Cli>\u003Cstrong>No external services\u003C\u002Fstrong> — everything runs on your server, no subscriptions\u003C\u002Fli>\n\u003Cli>\u003Cstrong>No performance impact\u003C\u002Fstrong> — validation adds microseconds, not seconds\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Features (Free)\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Automatic bot blocking\u003C\u002Fstrong> — works the moment you activate, no setup needed\u003C\u002Fli>\n\u003Cli>\u003Cstrong>4 protection levels\u003C\u002Fstrong> — Learning, Permissive, Balanced, and Strict — choose how aggressive you want to be\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Dashboard overview\u003C\u002Fstrong> — see blocked vs verified orders at a glance with a 7-day chart\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Order status tracking\u003C\u002Fstrong> — know which orders were flagged, passed, or blocked\u003C\u002Fli>\n\u003Cli>\u003Cstrong>IP whitelist\u003C\u002Fstrong> — let trusted addresses through, supports CIDR notation\u003C\u002Fli>\n\u003Cli>\u003Cstrong>API key authentication\u003C\u002Fstrong> — for headless and custom checkout setups\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Works with all checkout types\u003C\u002Fstrong> — classic, block-based, and all payment gateways\u003C\u002Fli>\n\u003Cli>\u003Cstrong>HPOS compatible\u003C\u002Fstrong> — works with High-Performance Order Storage\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WooCommerce logging\u003C\u002Fstrong> — full integration with WooCommerce Status logs\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Pro Features\u003C\u002Fh4>\n\u003Cp>Take control with advanced tools:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Smart logging\u003C\u002Fstrong> — choose what gets logged: nothing, blocked attempts only, or everything with full details\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Recent blocks feed\u003C\u002Fstrong> — see the last 50 blocked attempts right on your dashboard, with email, payment method, and block reason\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic CDN\u002Fproxy detection\u003C\u002Fstrong> — correctly identifies visitor IPs behind Cloudflare, Sucuri, or Akamai without manual configuration\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Stronger permissive mode\u003C\u002Fstrong> — adds referrer verification on top of session checks for tighter bot detection\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Checkout details in logs\u003C\u002Fstrong> — see exactly which email and payment method bots tried to use\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customer blocklist\u003C\u002Fstrong> — block repeat offenders by email, name, address, phone, IP, or postal code\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Order block metabox\u003C\u002Fstrong> — add customers to the blocklist directly from any order screen\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fcarticy.com\u002Fplugins\u002Fcheckout-shield-for-woocommerce\u002F\" rel=\"nofollow ugc\">Learn more about Pro features\u003C\u002Fa>\u003C\u002Fp>\n","Stops fake checkout orders, card testing attacks, and spam bots that bypass CAPTCHA. Works instantly with all checkout types.",211,"2026-03-08T12:38:00.000Z","6.0","8.0",[69,21,52,23,24],"bot-protection","https:\u002F\u002Fcarticy.com\u002Fcheckout-shield","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcarticy-checkout-shield-for-woocommerce.1.1.0.zip",{"slug":73,"name":74,"version":75,"author":76,"author_profile":77,"description":78,"short_description":79,"active_installs":80,"downloaded":81,"rating":11,"num_ratings":11,"last_updated":82,"tested_up_to":16,"requires_at_least":83,"requires_php":84,"tags":85,"homepage":87,"download_link":88,"security_score":13,"vuln_count":11,"unpatched_count":11,"last_vuln_date":27,"fetched_at":28},"safercheckout-lite","SaferCheckout Lite – Fraud prevention for WooCommerce","1.0.9","nintechnet","https:\u002F\u002Fprofiles.wordpress.org\u002Fnintechnet\u002F","\u003Ch4>Safeguard Your WooCommerce Store.\u003C\u002Fh4>\n\u003Cp>SaferCheckout (Lite) is a powerful security plugin to protect your WooCommerce store from fraudulent activities. It offers several unique and advanced features as well as customizable rules to filter every order on your online store: email address, IP address, IP location, order, customer, payment method and many more.\u003C\u002Fp>\n\u003Cp>As usual with all our WordPress plugins, you can be sure of its robustness, reliability, secure code and its compliance with privacy laws such as the General Data Protection Regulation (GDPR) or the California Consumer Privacy Act (CCPA).\u003C\u002Fp>\n\u003Cp>Protecting your WooCommerce store has never been so easy!\u003C\u002Fp>\n\u003Ch4>Documentation\u003C\u002Fh4>\n\u003Cp>Online documentation: \u003Ca href=\"https:\u002F\u002Fblog.nintechnet.com\u002Fhow-to-secure-woocommerce-checkout-process-and-protect-it-against-attacks\u002F\" rel=\"nofollow ugc\">How to secure WooCommerce checkout process and protect it against attacks\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>High-Performance Order Storage (HPOS) compatibility.\u003C\u002Fli>\n\u003Cli>Block-based checkout compatibility.\u003C\u002Fli>\n\u003Cli>Lightweight plugin: No additional database tables created.\u003C\u002Fli>\n\u003Cli>Customizable fraud risk levels.\u003C\u002Fli>\n\u003Cli>Multiple whitelists: IP address (IPv4, IPv6, AS number), email address, payment method, repeat or recurring customers.\u003C\u002Fli>\n\u003Cli>Multiple blacklists: IP address (IPv4, IPv6, AS number), Reverse DNS (Pro version), email address, shipping & billing address, user & company name.\u003C\u002Fli>\n\u003Cli>Advanced detection (Pro version):  Email MX\u002FA\u002FAAAA records check, email domain registration check, IP address rDNS check, IP address DNSBL check.\u003C\u002Fli>\n\u003Cli>Geolocation.\u003C\u002Fli>\n\u003Cli>Rate limiting to protect against carding and velocity attacks (Pro version).\u003C\u002Fli>\n\u003Cli>Suspicious bot detection (Pro version).\u003C\u002Fli>\n\u003Cli>Configuration import & export (Pro version).\u003C\u002Fli>\n\u003Cli>Simulation mode.\u003C\u002Fli>\n\u003Cli>Caching (Pro version).\u003C\u002Fli>\n\u003Cli>GDPR compliant.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Need more security? Take the time to explore the Pro version: \u003Ca href=\"https:\u002F\u002Fnintechnet.com\u002Fsafercheckout\u002F\" rel=\"nofollow ugc\">SaferCheckout Pro\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Requirements for running SaferCheckout (Lite)\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WordPress 6.0.3 or above.\u003C\u002Fli>\n\u003Cli>PHP 8.1 or above.\u003C\u002Fli>\n\u003Cli>WooCommerce 7.0.0 or above\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Privacy Policy\u003C\u002Fh4>\n\u003Cp>SaferCheckout (Lite) doesn’t collect any private data from you or your visitors, and doesn’t use cookies either. You can install and use it on your website in compliance with privacy laws such as the General Data Protection Regulation (GDPR) or the California Consumer Privacy Act (CCPA).\u003C\u002Fp>\n","Fraud prevention for WooCommerce Stores.",10,1552,"2026-03-04T11:43:00.000Z","6.0.3","8.1",[21,52,86,23,24],"prevention","https:\u002F\u002Fnintechnet.com\u002Fsafercheckout\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsafercheckout-lite.1.0.9.zip",{"slug":90,"name":91,"version":92,"author":93,"author_profile":94,"description":95,"short_description":96,"active_installs":11,"downloaded":97,"rating":13,"num_ratings":98,"last_updated":99,"tested_up_to":16,"requires_at_least":100,"requires_php":18,"tags":101,"homepage":105,"download_link":106,"security_score":13,"vuln_count":11,"unpatched_count":11,"last_vuln_date":27,"fetched_at":28},"aegilock-transaction-guardian-for-woocommerce","Aegilock Transaction Guardian for WooCommerce","1.0.24","Thomas Röhrig","https:\u002F\u002Fprofiles.wordpress.org\u002Faegilockwp544\u002F","\u003Cp>\u003Cstrong>Professional fraud protection for WooCommerce stores with advanced security features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Aegilock Transaction Guardian provides comprehensive fraud protection for WooCommerce stores using intelligent risk assessment and multi-layered security validation. The plugin offers real-time fraud detection, advanced customer trust verification, and configurable protection levels.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Core Security Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Email Blacklist Management\u003C\u002Fstrong> – Block specific emails or entire domains with wildcard support\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Fraud-Resistant Customer Validation\u003C\u002Fstrong> – Multi-factor trust verification prevents gaming attacks\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-Time Order Analysis\u003C\u002Fstrong> – Instant fraud detection with immediate alerts\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Smart Email Pattern Detection\u003C\u002Fstrong> – Advanced Gmail fraud pattern recognition\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Anti-Gaming Protection\u003C\u002Fstrong> – Prevents rapid trust manipulation through security thresholds\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Configurable Risk Actions\u003C\u002Fstrong> – Custom responses for different threat levels\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Admin Security Dashboard\u003C\u002Fstrong> – Real-time fraud statistics and monitoring\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Email Threat Alerts\u003C\u002Fstrong> – Immediate notifications for high-risk orders\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Test Mode\u003C\u002Fstrong> – Safe evaluation without affecting live orders\u003C\u002Fli>\n\u003Cli>\u003Cstrong>HPOS Compatible\u003C\u002Fstrong> – Full WooCommerce High-Performance Order Storage support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Advanced Security Analysis:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Our multi-layered security system evaluates:\u003Cbr \u002F>\n– \u003Cstrong>Customer Trust Verification\u003C\u002Fstrong> – Account age, order history, spending patterns\u003Cbr \u002F>\n– \u003Cstrong>Email Fraud Detection\u003C\u002Fstrong> – Suspicious Gmail patterns and disposable email services\u003Cbr \u002F>\n– \u003Cstrong>Geographic Risk Assessment\u003C\u002Fstrong> – Location consistency and IP analysis\u003Cbr \u002F>\n– \u003Cstrong>Behavioral Pattern Analysis\u003C\u002Fstrong> – Order timing, frequency, and value patterns\u003Cbr \u002F>\n– \u003Cstrong>Payment Method Validation\u003C\u002Fstrong> – Risk assessment based on payment types\u003Cbr \u002F>\n– \u003Cstrong>Address Verification\u003C\u002Fstrong> – Billing\u002Fshipping consistency checks\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Admin Interface\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The plugin provides:\u003Cbr \u002F>\n– Statistics dashboard\u003Cbr \u002F>\n– Risk score monitoring\u003Cbr \u002F>\n– Usage tracking\u003Cbr \u002F>\n– Order review tools\u003Cbr \u002F>\n– Configuration settings\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Configuration Options\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Adjustable risk thresholds\u003C\u002Fli>\n\u003Cli>Customizable response actions\u003C\u002Fli>\n\u003Cli>Geographic filtering options\u003C\u002Fli>\n\u003Cli>Test mode for evaluation\u003C\u002Fli>\n\u003Cli>Detailed activity logging\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Important:\u003C\u002Fstrong> Using the external API service is completely optional. You can request an API key by contacting kontakt@aegilock.de, but the plugin will function localy without any external connection.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Service Details:\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Service:\u003C\u002Fstrong> Aegilock Fraud Detection API (https:\u002F\u002Fapi.aegilock.de)\u003Cbr \u002F>\n– \u003Cstrong>Purpose:\u003C\u002Fstrong> Risk analysis and fraud detection for WooCommerce orders\u003Cbr \u002F>\n– \u003Cstrong>When data is sent:\u003C\u002Fstrong> Only when an API key is configured and orders are placed (completely optional)\u003Cbr \u002F>\n– \u003Cstrong>Data transmitted:\u003C\u002Fstrong> Order metadata including amount, country codes, payment method, and order timing (no personal customer information such as names, addresses, or payment details)\u003Cbr \u002F>\n– \u003Cstrong>Frequency:\u003C\u002Fstrong> Per order when protection is enabled\u003Cbr \u002F>\n– \u003Cstrong>Optional:\u003C\u002Fstrong> This service is entirely optional – the plugin functions locally without an API key\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Legal Information:\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Terms of Service:\u003C\u002Fstrong> https:\u002F\u002Fwww.aegilock.de\u002F\u003Cbr \u002F>\n– \u003Cstrong>Privacy Policy:\u003C\u002Fstrong> https:\u002F\u002Fwww.aegilock.de\u002Fdatenschutz.html\u003Cbr \u002F>\n– \u003Cstrong>Data Protection:\u003C\u002Fstrong> All data transmission uses encrypted HTTPS connections\u003Cbr \u002F>\n– \u003Cstrong>Contact:\u003C\u002Fstrong> kontakt@aegilock.de\u003C\u002Fp>\n\u003Cp>\u003Cstrong>GDPR Compliance:\u003C\u002Fstrong>\u003Cbr \u002F>\nThe plugin is fully GDPR-compliant. No personal customer data (such as names, addresses, or payment details) is transmitted or stored by default. External API usage is strictly optional.\u003C\u002Fp>\n\u003Ch3>Legal Notice\u003C\u002Fh3>\n\u003Cp>Aegilock Fraud Prevention is an independent plugin and is not affiliated with, endorsed by, or sponsored by WooCommerce or Automattic Inc. WooCommerce is a trademark of Automattic Inc.\u003C\u002Fp>\n\u003Cp>This plugin is provided “as is” without warranty of any kind, express or implied. The plugin creators and distributors shall not be liable for any damages arising from the use of this software. Users are responsible for ensuring compliance with applicable laws and regulations in their jurisdiction.\u003C\u002Fp>\n\u003Cp>The fraud detection algorithms are designed to assist merchants in identifying potentially risky transactions but should not be the sole basis for transaction decisions. Merchants should use their own judgment and may wish to implement additional verification procedures.\u003C\u002Fp>\n\u003Cp>All trademarks mentioned are the property of their respective owners.\u003C\u002Fp>\n","Advanced transaction security for WooCommerce stores. Blocks bots, detects fraud patterns, protects revenue. Works instantly, no API key required.",741,3,"2025-12-09T11:22:00.000Z","5.8",[22,102,103,104,24],"order-protection","payment-security","transaction-security","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Faegilock-transaction-guardian-for-woocommerce\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Faegilock-transaction-guardian-for-woocommerce.1.0.24.zip",{"slug":108,"name":109,"version":110,"author":111,"author_profile":112,"description":113,"short_description":114,"active_installs":11,"downloaded":115,"rating":11,"num_ratings":11,"last_updated":116,"tested_up_to":16,"requires_at_least":66,"requires_php":18,"tags":117,"homepage":122,"download_link":123,"security_score":13,"vuln_count":11,"unpatched_count":11,"last_vuln_date":27,"fetched_at":28},"checkout-origin-guard","Checkout Origin Guard","1.7.1","POTAR","https:\u002F\u002Fprofiles.wordpress.org\u002Fpotar\u002F","\u003Cp>\u003Cstrong>Checkout Origin Guard\u003C\u002Fstrong> protects your WooCommerce store from fake, fraudulent, or automated checkout attempts by identifying and blocking abusive origins before they clutter your order table or your logs.\u003C\u002Fp>\n\u003Cp>The plugin runs \u003Cstrong>client-origin heuristics\u003C\u002Fstrong>, \u003Cstrong>IP controls\u003C\u002Fstrong>, and \u003Cstrong>sequence analysis\u003C\u002Fstrong> to detect non-human traffic and suspicious behavior at checkout. It adds \u003Cstrong>Company Shield\u003C\u002Fstrong> for business and email sanity checks and an optional \u003Cstrong>AVS “U” signal handler\u003C\u002Fstrong> for gateways that report “Address not checked \u002F unavailable”.\u003C\u002Fp>\n\u003Cp>All controls live on a \u003Cstrong>single admin screen\u003C\u002Fstrong>; you can adjust sensitivity, manage allowlists and blocklists, and review traffic logs in one place.\u003C\u002Fp>\n\u003Ch3>Three layers of protection\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>Bot Block (traffic level)\u003C\u002Fstrong>\u003Cbr \u002F>\nDetects and throttles abusive requests before they become orders:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Analyzes user agents, referrers, and known bot signatures  \u003C\u002Fli>\n\u003Cli>Watches rapid-fire hits to checkout and wc-ajax endpoints  \u003C\u002Fli>\n\u003Cli>Supports monitor, soft, and hard blocking modes  \u003C\u002Fli>\n\u003Cli>Built-in allowlist for search engines, uptime monitors, and core WordPress services\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Company Shield (checkout level)\u003C\u002Fstrong>\u003Cbr \u002F>\nValidates business identity and email quality at checkout:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Flags suspicious or synthetic business names  \u003C\u002Fli>\n\u003Cli>Detects repeated syllables, odd vowel ratios, and gibberish patterns  \u003C\u002Fli>\n\u003Cli>Identifies disposable email domains and role-based accounts (admin, info, sales, etc.)  \u003C\u002Fli>\n\u003Cli>Can run in:\n\u003Cul>\n\u003Cli>\u003Cstrong>Monitor\u003C\u002Fstrong>; log and annotate orders  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Soft\u003C\u002Fstrong>; create the order and automatically place it on hold or pending  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hard\u003C\u002Fstrong>; block checkout with a user-facing error message\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Payment AVS signals (post-payment; optional)\u003C\u002Fstrong>\u003Cbr \u002F>\nFor gateways that expose AVS results in order meta, Checkout Origin Guard can treat “AVS: U; unavailable \u002F not checked” as a \u003Cstrong>risk signal\u003C\u002Fstrong>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Does not change how your gateway authorizes or captures payments  \u003C\u002Fli>\n\u003Cli>Can be configured to:\n\u003Cul>\n\u003Cli>Ignore the signal  \u003C\u002Fli>\n\u003Cli>Add an order note only  \u003C\u002Fli>\n\u003Cli>Add an order note and bump a risk-score meta field  \u003C\u002Fli>\n\u003Cli>Put the order on hold for manual review  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Uses flexible pattern matching; can scan specific gateway meta keys or fall back to scanning all order meta for common “AVS: U” messages such as the PayPal string  \u003C\u002Fli>\n\u003Cli>Off by default; you opt in and choose the behavior\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>🛡️ \u003Cstrong>Bot Block\u003C\u002Fstrong>; Detects and blocks automated bots by analyzing user agents, referrers, and checkout behavior patterns.\u003C\u002Fli>\n\u003Cli>⚡ \u003Cstrong>Rapid Sequence Detection\u003C\u002Fstrong>; Monitors frequency and timing between checkout attempts to identify scripted attacks and card testing activity.\u003C\u002Fli>\n\u003Cli>🧠 \u003Cstrong>Company Shield\u003C\u002Fstrong>; Flags suspicious or AI-generated business names, email domains, and mixed-character spam entries at checkout.\u003C\u002Fli>\n\u003Cli>🌎 \u003Cstrong>Allowlist Controls\u003C\u002Fstrong>; Preserve access for search engines, uptime monitors, and essential WordPress and WooCommerce services.\u003C\u002Fli>\n\u003Cli>🔒 \u003Cstrong>Hard \u002F Soft \u002F Monitor Modes\u003C\u002Fstrong>; Choose between logging only, soft blocking, or full hard blocking.\u003C\u002Fli>\n\u003Cli>🧾 \u003Cstrong>AVS “U” Risk Signals (optional)\u003C\u002Fstrong>; Treat “Address not checked \u002F unavailable” as a post-payment risk signal; add notes, increase risk score, or hold the order.\u003C\u002Fli>\n\u003Cli>🗂️ \u003Cstrong>Log Viewer\u003C\u002Fstrong>; See activity including timestamps, IPs, user agents, paths, and detection outcomes.\u003C\u002Fli>\n\u003Cli>🧩 \u003Cstrong>One-Page Dashboard\u003C\u002Fstrong>; Configure settings, review logs, and manage allow\u002Fdeny lists from a single screen.\u003C\u002Fli>\n\u003Cli>🚫 \u003Cstrong>Manual Block \u002F Unblock\u003C\u002Fstrong>; Instantly remove or restore access for specific IPs with one click.\u003C\u002Fli>\n\u003Cli>💾 \u003Cstrong>CSV Export\u003C\u002Fstrong>; Download checkout-origin activity logs for security review or record keeping.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Why Online Shops Need it\u003C\u002Fh3>\n\u003Cp>WooCommerce checkouts are frequent targets for:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Card testing and BIN probing  \u003C\u002Fli>\n\u003Cli>Fake business registrations and spam accounts  \u003C\u002Fli>\n\u003Cli>Automated scripts hammering your checkout endpoints  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Checkout Origin Guard focuses on \u003Cstrong>checkout behavior and identity quality\u003C\u002Fstrong>, not just generic firewall rules. It helps you:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Reduce chargeback and fraud risk  \u003C\u002Fli>\n\u003Cli>Keep your order list clean and reviewable  \u003C\u002Fli>\n\u003Cli>Shorten the time spent cleaning up junk orders and bogus signups  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The plugin works alongside any existing firewall, CDN, or WAF; it does not rely on external APIs or subscriptions. All data stays on your server.\u003C\u002Fp>\n\u003Ch3>Use Cases\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Prevent card testing or order spam  \u003C\u002Fli>\n\u003Cli>Stop bots using nonsense or AI-generated company names  \u003C\u002Fli>\n\u003Cli>Detect rapid repeat checkout attempts from the same IP  \u003C\u002Fli>\n\u003Cli>Block suspicious POST requests that hit checkout endpoints  \u003C\u002Fli>\n\u003Cli>Add an extra layer of review for orders where the gateway reports “AVS unavailable \u002F not checked”  \u003C\u002Fli>\n\u003Cli>Maintain cleaner order history and logs for real customers\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Developed by \u003Cstrong>Michael Winchester\u003C\u002Fstrong>\u003Cbr \u002F>\nFor documentation and updates, visit https:\u002F\u002Fmichaelwinchester.com\u003C\u002Fp>\n","One-page WooCommerce checkout hardening; bot blocking, rate\u002Fsequence checks, business\u002Femail heuristics, and optional AVS-based risk signals.",424,"2026-01-27T22:35:00.000Z",[69,118,119,120,121],"fraud-prevention","ip-blocker","spam","woocommerce-checkout-security","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcheckout-origin-guard.1.7.1.zip",{"attackSurface":125,"codeSignals":283,"taintFlows":314,"riskAssessment":364,"analyzedAt":369},{"hooks":126,"ajaxHandlers":212,"restRoutes":280,"shortcodes":281,"cronEvents":282,"entryPointCount":222,"unprotectedCount":98},[127,133,138,141,144,146,151,155,159,162,165,170,173,177,181,184,187,190,194,197,201,204,207,210],{"type":128,"name":129,"callback":130,"file":131,"line":132},"action","admin_enqueue_scripts","closure","inc\\admin_toast_ping.php",16,{"type":128,"name":134,"callback":135,"file":136,"line":137},"admin_menu","register_admin_pages","inc\\system-check.php",13,{"type":128,"name":129,"callback":139,"file":136,"line":140},"enqueue_assets",14,{"type":128,"name":142,"callback":130,"file":136,"line":143},"admin_notices",25,{"type":128,"name":129,"callback":139,"file":145,"line":33},"inc\\toast-admin-notification.php",{"type":128,"name":147,"callback":148,"priority":13,"file":149,"line":150},"wp_footer","ironphantom_render_login_toast","inc\\toast_universal.php",215,{"type":128,"name":152,"callback":153,"file":149,"line":154},"template_redirect","ironphantom_login_toast_controller",218,{"type":128,"name":156,"callback":130,"file":157,"line":158},"plugins_loaded","ironphantom-antifraud.php",19,{"type":128,"name":160,"callback":130,"file":157,"line":161},"admin_init",37,{"type":128,"name":163,"callback":130,"file":157,"line":164},"init",193,{"type":166,"name":167,"callback":168,"file":157,"line":169},"filter","woocommerce_get_settings_general","ironphantom_add_api_key_field",197,{"type":128,"name":171,"callback":130,"file":157,"line":172},"woocommerce_update_options_general",261,{"type":128,"name":174,"callback":175,"priority":80,"file":157,"line":176},"woocommerce_checkout_order_processed","ironphantom_check_api_key_and_send",372,{"type":128,"name":178,"callback":130,"priority":179,"file":157,"line":180},"woocommerce_thankyou",20,420,{"type":128,"name":182,"callback":130,"priority":80,"file":157,"line":183},"woocommerce_payment_complete",423,{"type":128,"name":185,"callback":130,"priority":80,"file":157,"line":186},"woocommerce_order_status_changed",426,{"type":128,"name":188,"callback":130,"priority":80,"file":157,"line":189},"wp_login",434,{"type":128,"name":191,"callback":192,"file":157,"line":193},"wp_enqueue_scripts","ironphantom_enqueue_toast_assets",481,{"type":128,"name":129,"callback":195,"file":157,"line":196},"iron_phn_enqueue_scripts",514,{"type":128,"name":198,"callback":199,"file":157,"line":200},"admin_footer","iron_phn_show_activation_modal",516,{"type":128,"name":134,"callback":202,"file":157,"line":203},"ironphantom_register_resume_menu",562,{"type":128,"name":129,"callback":205,"file":157,"line":206},"ironphantom_resume_assets",617,{"type":128,"name":129,"callback":208,"file":157,"line":209},"ironphantom_dashboard_assets",644,{"type":128,"name":129,"callback":130,"file":157,"line":211},699,[213,217,220,223,228,232,237,239,243,245,248,251,254,257,260,262,265,268,271,274,277],{"action":214,"nopriv":215,"callback":130,"hasNonce":215,"hasCapCheck":215,"file":131,"line":216},"ironphantom_admin_toast_ping",false,92,{"action":218,"nopriv":215,"callback":218,"hasNonce":215,"hasCapCheck":215,"file":219,"line":179},"ironphantom_cerebrusx_status","inc\\ironphantom-cerebrusx.php",{"action":221,"nopriv":215,"callback":221,"hasNonce":215,"hasCapCheck":215,"file":219,"line":222},"ironphantom_cerebrusx_behavior",21,{"action":224,"nopriv":215,"callback":225,"hasNonce":226,"hasCapCheck":215,"file":136,"line":227},"ironphantom_system_check","run_system_check",true,15,{"action":229,"nopriv":215,"callback":230,"hasNonce":226,"hasCapCheck":226,"file":145,"line":231},"ironphantom_check_high_risk","ajax_check_high_risk",31,{"action":233,"nopriv":215,"callback":234,"hasNonce":226,"hasCapCheck":215,"file":235,"line":236},"request_api_key","iron_phn_handle_api_key_request","init\\modal-files.php",11,{"action":233,"nopriv":226,"callback":234,"hasNonce":226,"hasCapCheck":215,"file":235,"line":238},12,{"action":240,"nopriv":215,"callback":241,"hasNonce":226,"hasCapCheck":215,"file":235,"line":242},"verify_api_key","iron_phn_verify_api_key",59,{"action":240,"nopriv":226,"callback":241,"hasNonce":226,"hasCapCheck":215,"file":235,"line":244},60,{"action":246,"nopriv":215,"callback":246,"hasNonce":226,"hasCapCheck":215,"file":235,"line":247},"iron_phn_save_settings",110,{"action":249,"nopriv":215,"callback":246,"hasNonce":226,"hasCapCheck":215,"file":235,"line":250},"ironphantom_on_activation_save_settings",111,{"action":252,"nopriv":215,"callback":252,"hasNonce":226,"hasCapCheck":226,"file":157,"line":253},"ironphantom_on_activation_skip_setup",537,{"action":255,"nopriv":215,"callback":255,"hasNonce":226,"hasCapCheck":226,"file":157,"line":256},"ironphantom_resume_installation",596,{"action":258,"nopriv":215,"callback":258,"hasNonce":226,"hasCapCheck":226,"file":157,"line":259},"ironphantom_get_transactions",759,{"action":258,"nopriv":226,"callback":258,"hasNonce":226,"hasCapCheck":226,"file":157,"line":261},760,{"action":263,"nopriv":215,"callback":263,"hasNonce":226,"hasCapCheck":226,"file":157,"line":264},"ironphantom_get_alerts_live",887,{"action":266,"nopriv":215,"callback":266,"hasNonce":226,"hasCapCheck":226,"file":157,"line":267},"ironphantom_get_system_status",939,{"action":269,"nopriv":215,"callback":269,"hasNonce":226,"hasCapCheck":226,"file":157,"line":270},"ironphantom_get_cerebrusx_status",990,{"action":272,"nopriv":215,"callback":272,"hasNonce":226,"hasCapCheck":226,"file":157,"line":273},"ironphantom_get_suspicious_activity",1082,{"action":275,"nopriv":215,"callback":275,"hasNonce":226,"hasCapCheck":226,"file":157,"line":276},"ironphantom_dismiss_transaction",1153,{"action":278,"nopriv":215,"callback":278,"hasNonce":226,"hasCapCheck":226,"file":157,"line":279},"ironphantom_get_cerebrusx_system",1235,[],[],[],{"dangerousFunctions":284,"sqlUsage":285,"outputEscaping":288,"fileOperations":11,"externalRequests":312,"nonceChecks":312,"capabilityChecks":132,"bundledLibraries":313},[],{"prepared":286,"raw":11,"locations":287},4,[],{"escaped":289,"rawEcho":80,"locations":290},44,[291,295,297,299,301,302,304,306,308,310],{"file":292,"line":293,"context":294},"inc\\ironphantom-dashboard.php",23,"raw output",{"file":292,"line":296,"context":294},26,{"file":292,"line":298,"context":294},32,{"file":292,"line":300,"context":294},34,{"file":292,"line":161,"context":294},{"file":292,"line":303,"context":294},39,{"file":292,"line":305,"context":294},49,{"file":292,"line":307,"context":294},52,{"file":292,"line":309,"context":294},53,{"file":136,"line":311,"context":294},191,17,[],[315,333,344,353],{"entryPoint":316,"graph":317,"unsanitizedCount":11,"severity":332},"iron_phn_verify_api_key (init\\modal-files.php:62)",{"nodes":318,"edges":330},[319,324],{"id":320,"type":321,"label":322,"file":235,"line":323},"n0","source","$_POST",65,{"id":325,"type":326,"label":327,"file":235,"line":328,"wp_function":329},"n1","sink","update_option() [Settings Manipulation]",91,"update_option",[331],{"from":320,"to":325,"sanitized":226},"low",{"entryPoint":334,"graph":335,"unsanitizedCount":11,"severity":332},"iron_phn_save_settings (init\\modal-files.php:113)",{"nodes":336,"edges":342},[337,340],{"id":320,"type":321,"label":338,"file":235,"line":339},"$_POST (x4)",116,{"id":325,"type":326,"label":327,"file":235,"line":341,"wp_function":329},127,[343],{"from":320,"to":325,"sanitized":226},{"entryPoint":345,"graph":346,"unsanitizedCount":11,"severity":332},"\u003Cmodal-files> (init\\modal-files.php:0)",{"nodes":347,"edges":351},[348,350],{"id":320,"type":321,"label":349,"file":235,"line":323},"$_POST (x5)",{"id":325,"type":326,"label":327,"file":235,"line":328,"wp_function":329},[352],{"from":320,"to":325,"sanitized":226},{"entryPoint":354,"graph":355,"unsanitizedCount":11,"severity":332},"\u003Cironphantom-antifraud> (ironphantom-antifraud.php:0)",{"nodes":356,"edges":362},[357,360],{"id":320,"type":321,"label":358,"file":157,"line":359},"$_POST (x3)",270,{"id":325,"type":326,"label":327,"file":157,"line":361,"wp_function":329},271,[363],{"from":320,"to":325,"sanitized":226},{"summary":365,"deductions":366},"The \"ironphantom-antifraud\" plugin v1.0.12 exhibits a generally good security posture, with significant strengths in its handling of SQL queries and output escaping. The plugin effectively utilizes prepared statements for all its SQL queries, which is a critical practice for preventing SQL injection vulnerabilities.  Furthermore, a high percentage of its output is properly escaped, mitigating the risk of cross-site scripting (XSS) attacks. The absence of known CVEs and a clean vulnerability history further contribute to its positive security profile, suggesting a well-maintained and secure codebase.",[367],{"reason":368,"points":80},"AJAX handlers without authentication checks","2026-03-17T06:42:53.655Z",{"wat":371,"direct":382},{"assetPaths":372,"generatorPatterns":375,"scriptPaths":376,"versionParams":378},[373,374],"\u002Fwp-content\u002Fplugins\u002Fironphantom-antifraud\u002Fassets\u002Fjs\u002Fantifraud-backend.js","\u002Fwp-content\u002Fplugins\u002Fironphantom-antifraud\u002Fassets\u002Fcss\u002Fantifraud-backend.css",[],[373,377],"\u002Fwp-content\u002Fplugins\u002Fironphantom-antifraud\u002Fassets\u002Fjs\u002Fantifraud-frontend.js",[379,380,381],"ironphantom-antifraud\u002Fassets\u002Fjs\u002Fantifraud-backend.js?ver=","ironphantom-antifraud\u002Fassets\u002Fcss\u002Fantifraud-backend.css?ver=","ironphantom-antifraud\u002Fassets\u002Fjs\u002Fantifraud-frontend.js?ver=",{"cssClasses":383,"htmlComments":386,"htmlAttributes":395,"restEndpoints":398,"jsGlobals":399,"shortcodeOutput":401},[384,385],"ironphantom-activation-modal","ironphantom-login-modal",[387,388,389,390,391,392,393,394],"🔹 Plugin IronPhantom caricato (init).","🔥 IronPhantom: verifica stato configurazione","✅ IronPhantom: configurazione valida.","❌ IronPhantom: API Key mancante. Mostro wizard...","🔐 IronPhantom: API Key impostata con successo.","IronPhantom Antifraud integration","Antifraud data sharing (consent)","Debug log toggle",[396,397],"data-ironphantom-api-key","data-ironphantom-url",[],[400],"window.ironphantom_settings",[]]