[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f1a4JyWClkghUHAI80xb4C6bg0HcpSuMLBp6SWaQYtTQ":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":37,"analysis":124,"fingerprints":226},"nlb-payment-gateway-for-woocommerce","NLB Payment Gateway For Woocommerce","2.0.1","m1tk00","https:\u002F\u002Fprofiles.wordpress.org\u002Fm1tk00\u002F","\u003Cblockquote>\n\u003Cp>\u003Cstrong>Requires: WooCommerce 2.1+\u003C\u002Fstrong>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>This plugin allows your store to make payments via NLB payment service.\u003C\u002Fp>\n\u003Cp>If the transaction is successful the order status will be changed to “processing”. If the payment charge failed the order status will be changed to “cancelled”. If something is wrong with the connection between your server and the NLB server the order status will be changed to “on-hold”. After successful transaction the customer is redirected to the default WP thank you page.\u003C\u002Fp>\n","Implements the Tebank payment gateway.",40,3235,100,6,"2020-01-15T13:40:00.000Z","5.3.21","3.8","",[20,21,22,23],"gateway","manual-payment","payment-gateway","woocommerce","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fnlb-payment-gateway-for-woocommerce\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnlb-payment-gateway-for-woocommerce.2.0.1.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":26,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},2,140,30,84,"2026-04-04T07:49:14.981Z",[38,59,76,90,106],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":53,"tags":54,"homepage":57,"download_link":58,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"advance-bank-payment-transfer-gateway","Advance Bank Payment Transfer Gateway","1.0.0","Ramesh Kumar","https:\u002F\u002Fprofiles.wordpress.org\u002Fdeveloperramesh\u002F","\u003Cblockquote>\n\u003Cp>\u003Cstrong>Requires: WooCommerce 2.1+\u003C\u002Fstrong>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>This plugin clones the Direct Bank Transfer gateway to create another offline payment method. This can be used to create a testing payment method if you use the Advance Bank Transfer gateway.\u003Cbr \u002F>\nFor example, this could be used for manual invoices or other offline payment methods.\u003C\u002Fp>\n\u003Cp>Upload the Bank Payment Receipt is require on the checkout page before submit the page, When an order is submitted the order will be placed “on-hold” after reviewing order by admin then order status will be changed.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fcapsquery.com\u002F\" rel=\"nofollow ugc\"> Visit Our Website \u003C\u002Fa>\u003C\u002Fp>\n","Short Description: This plugin clones the Direct Bank Transfer gateway to create another offline payment method. License: GPLv2 or later",1000,24215,90,10,"2026-01-08T13:10:00.000Z","6.8.5","5.8","7.4",[55,21,56,22,23],"bank-transfer","offline-payment","https:\u002F\u002Fgithub.com\u002Fdeveloper-ramesh","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvance-bank-payment-transfer-gateway.1.0.0.zip",{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":67,"downloaded":68,"rating":13,"num_ratings":32,"last_updated":69,"tested_up_to":70,"requires_at_least":71,"requires_php":72,"tags":73,"homepage":18,"download_link":75,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"wc-paybox-payment-gateway","Payment Gateway for Paybox on Woocommerce","1.0","adielbm","https:\u002F\u002Fprofiles.wordpress.org\u002Fadiel987654554\u002F","\u003Cp>Payment Gateway for Paybox by Israel Discount Bank.\u003C\u002Fp>\n","Payment Gateway for Paybox by Israel Discount Bank.",300,1941,"2021-03-03T05:35:00.000Z","5.7.15","4.6","5.6",[20,21,74,22,23],"paybox","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwc-paybox-payment-gateway.zip",{"slug":77,"name":78,"version":79,"author":7,"author_profile":8,"description":80,"short_description":81,"active_installs":13,"downloaded":82,"rating":13,"num_ratings":83,"last_updated":84,"tested_up_to":85,"requires_at_least":17,"requires_php":86,"tags":87,"homepage":88,"download_link":89,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"woo-halkbank-payment-gateway","Halk Bank Payment Gateway For Woocommerce  – not functional after 15.03.2024","1.2.1","\u003Cblockquote>\n\u003Cp>\u003Cstrong>Notice of Code Deprecation\u003C\u002Fstrong>\u003Cbr \u002F>\n  Due to change in the hash version, we regret to inform you that the code within this plugin will no longer be functional after 15.03.2024.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Requires: WooCommerce 2.1+\u003C\u002Fstrong>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>This plugin allows your store to make payments via Halk Bank payment service.\u003C\u002Fp>\n","Implements the Halk bank payment gateway.",3501,9,"2024-03-07T16:25:00.000Z","6.4.8","5.2.4",[20,21,22,23],"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoo-halkbank-payment-gateway\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwoo-halkbank-payment-gateway.1.2.1.zip",{"slug":91,"name":92,"version":93,"author":94,"author_profile":95,"description":96,"short_description":97,"active_installs":98,"downloaded":99,"rating":27,"num_ratings":27,"last_updated":18,"tested_up_to":85,"requires_at_least":100,"requires_php":101,"tags":102,"homepage":103,"download_link":104,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":105},"qr-pay-gateway","QR Payments Gateway","1.1.9","Suresh Ramasamy","https:\u002F\u002Fprofiles.wordpress.org\u002Fsureshramasamy\u002F","\u003Cp>QR Payments For Woocommerce Payment Gateway for the following e-wallets\u003Cbr \u002F>\n– Touch N Go\u003Cbr \u002F>\n– DuitNow\u003Cbr \u002F>\n– Grab\u003Cbr \u002F>\n– Shopee Pay\u003Cbr \u002F>\n– Boost\u003C\u002Fp>\n\u003Cp>This plugin is compatible with WooCommerce HPOS\u003C\u002Fp>\n\u003Cp>Please do take note that this plugin is a manual upload, no api to payment gateway, you are required to use your own QR code.\u003C\u002Fp>\n\u003Ch4>More Details\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>For Support Kindly Email to support@equilibrium.my\u003C\u002Fli>\n\u003C\u002Ful>\n","QR Payments For Woocommerce Payment Gateway for the following e-wallets",60,2730,"6.4","8.0",[20,21,22,23],"https:\u002F\u002Fwww.equilibrium.my\u002Fqr-pay-gateway\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fqr-pay-gateway.1.1.9.zip","2026-03-15T10:48:56.248Z",{"slug":107,"name":108,"version":109,"author":110,"author_profile":111,"description":112,"short_description":113,"active_installs":49,"downloaded":114,"rating":27,"num_ratings":27,"last_updated":115,"tested_up_to":116,"requires_at_least":117,"requires_php":53,"tags":118,"homepage":121,"download_link":122,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":123},"bangladeshi-bank-payment-method","Bangladeshi Bank Payment Method","1.0.6","Raisul Islam Shagor","https:\u002F\u002Fprofiles.wordpress.org\u002Fshagor447\u002F","\u003Cp>This plugin adds a secure \u003Cstrong>Bank Payment with Receipt Upload\u003C\u002Fstrong> option to your WooCommerce store, specially designed for merchants and customers in Bangladesh.\u003Cbr \u002F>\nInstead of just entering a transaction ID, customers can \u003Cstrong>upload a screenshot or photo of their bank payment receipt\u003C\u002Fstrong> (e.g., mobile banking confirmation) directly on the checkout page. The uploaded image is securely stored and displayed in the order details for easy manual verification by the store admin.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Perfect for businesses that require visual proof of payment before processing orders.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Accept bank transfer payments from any Bangladeshi bank (City Bank, IFIC BANK, UCB Bank, Islami Bank etc.).\u003Cbr \u002F>\n* Customers upload a \u003Cstrong>payment receipt image\u003C\u002Fstrong> (PNG\u002FJPG) during checkout.\u003Cbr \u002F>\n* Automatic file validation (max 1MB, only images allowed).\u003Cbr \u002F>\n* Uploaded receipt is visible in the \u003Cstrong>WooCommerce order details\u003C\u002Fstrong> in the admin dashboard.\u003Cbr \u002F>\n* Displays your bank account details clearly on the checkout page.\u003Cbr \u002F>\n* Fully compatible with WooCommerce emails, order statuses, and cart flow.\u003Cbr \u002F>\n* You can change your bank icon, it will make it visually clear and easier for customers to understand.\u003Cbr \u002F>\n* No sensitive data stored — secure and lightweight.\u003C\u002Fp>\n\u003Ch3>Update Notice\u003C\u002Fh3>\n\u003Cp>= 1.0.6 =\u003Cbr \u002F>\nVersion 1.0.6 has been released as a stable version.\u003C\u002Fp>\n","WooCommerce gateway for Bangladeshi businesses allowing customers to upload bank payment receipts at checkout.",253,"2025-12-19T12:37:00.000Z","6.9.4","6.0",[119,120,21,22,23],"bangladesh-bank-transfer","bangladeshi-bank-payment-gateway","https:\u002F\u002Fraisul.dev\u002Fprojects\u002Fbangladeshi-bank-payment-method-for-woocommerce-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbangladeshi-bank-payment-method.1.0.6.zip","2026-03-15T14:54:45.397Z",{"attackSurface":125,"codeSignals":190,"taintFlows":214,"riskAssessment":215,"analyzedAt":225},{"hooks":126,"ajaxHandlers":170,"restRoutes":171,"shortcodes":187,"cronEvents":188,"entryPointCount":189,"unprotectedCount":189},[127,134,140,145,149,153,157,161,163,165,166,167,168,169],{"type":128,"name":129,"callback":130,"priority":131,"file":132,"line":133},"action","wp_head","handle_errors",1,"classes\\class-woocomemrce-nlb-payment-bankart.php",45,{"type":135,"name":136,"callback":137,"file":138,"line":139},"filter","woocommerce_payment_gateways","wc_tebank_add_to_gateways","nlb-payment-gateway-for-woocommerce.php",53,{"type":128,"name":141,"callback":142,"priority":143,"file":138,"line":144},"plugins_loaded","wc_tebank_gateway_init",11,75,{"type":128,"name":146,"callback":147,"file":138,"line":148},"rest_api_init","closure",116,{"type":128,"name":150,"callback":151,"file":138,"line":152},"valid_tebank_response","valid_response",170,{"type":128,"name":154,"callback":155,"file":138,"line":156},"woocommerce_api_wc_gateway_tebank","check_tebank_response",348,{"type":128,"name":158,"callback":159,"priority":49,"file":138,"line":160},"woocommerce_email_before_order_table","email_instructions",356,{"type":128,"name":129,"callback":130,"priority":131,"file":162,"line":133},"trunk\\classes\\class-woocomemrce-nlb-payment-bankart.php",{"type":135,"name":136,"callback":137,"file":164,"line":139},"trunk\\nlb-payment-gateway-for-woocommerce.php",{"type":128,"name":141,"callback":142,"priority":143,"file":164,"line":144},{"type":128,"name":146,"callback":147,"file":164,"line":148},{"type":128,"name":150,"callback":151,"file":164,"line":152},{"type":128,"name":154,"callback":155,"file":164,"line":156},{"type":128,"name":158,"callback":159,"priority":49,"file":164,"line":160},[],[172,178,183,185],{"namespace":173,"route":174,"methods":175,"callback":155,"permissionCallback":28,"file":138,"line":177},"tebank_payment_gateway\u002Fv1","\u002Forder\u002F(?P\u003Cid>\\d+)",[176],"POST",117,{"namespace":173,"route":174,"methods":179,"callback":181,"permissionCallback":28,"file":138,"line":182},[180],"GET","check_tebank_response_redirect",123,{"namespace":173,"route":174,"methods":184,"callback":155,"permissionCallback":28,"file":164,"line":177},[176],{"namespace":173,"route":174,"methods":186,"callback":181,"permissionCallback":28,"file":164,"line":182},[180],[],[],4,{"dangerousFunctions":191,"sqlUsage":192,"outputEscaping":194,"fileOperations":212,"externalRequests":189,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":213},[],{"prepared":27,"raw":27,"locations":193},[],{"escaped":195,"rawEcho":195,"locations":196},8,[197,200,202,204,207,208,209,210],{"file":138,"line":198,"context":199},147,"raw output",{"file":138,"line":201,"context":199},165,{"file":138,"line":203,"context":199},302,{"file":205,"line":206,"context":199},"tebank-files\\SecureResource.php",125,{"file":164,"line":198,"context":199},{"file":164,"line":201,"context":199},{"file":164,"line":203,"context":199},{"file":211,"line":206,"context":199},"trunk\\tebank-files\\SecureResource.php",18,[],[],{"summary":216,"deductions":217},"The \"nlb-payment-gateway-for-woocommerce\" plugin version 2.0.1 exhibits a concerning security posture due to a significant number of unprotected entry points into the application. All four identified REST API routes lack permission callbacks, meaning any user, regardless of their role or authentication status, could potentially interact with these endpoints. This creates a wide attack surface.  While the plugin demonstrates good practices in its use of prepared statements for SQL queries and appears to have no recorded vulnerabilities or critical taint flows, the lack of authorization checks on its REST API endpoints is a major oversight. The static analysis also indicates that 50% of its output is not properly escaped, which could lead to Cross-Site Scripting (XSS) vulnerabilities if user-supplied data is not handled carefully. The absence of nonce checks further exacerbates the risk of CSRF attacks. The plugin's clean vulnerability history is a positive sign, suggesting a generally well-maintained codebase, but this should not overshadow the critical security gaps identified in the current version's entry point handling and output sanitization.",[218,220,222],{"reason":219,"points":49},"REST API routes without permission callbacks",{"reason":221,"points":14},"Output escaping issues",{"reason":223,"points":224},"Missing nonce checks",5,"2026-03-16T22:06:25.780Z",{"wat":227,"direct":236},{"assetPaths":228,"generatorPatterns":231,"scriptPaths":232,"versionParams":233},[229,230],"\u002Fwp-content\u002Fplugins\u002Fnlb-payment-gateway-for-woocommerce\u002Fbankar-files\u002FinitClientAutoload.php","\u002Fwp-content\u002Fplugins\u002Fnlb-payment-gateway-for-woocommerce\u002Fclasses\u002Fclass-woocomemrce-nlb-payment-bankart.php",[],[],[234,235],"nlb-payment-gateway-for-woocommerce\u002Fstyle.css?ver=","nlb-payment-gateway-for-woocommerce\u002Fscript.js?ver=",{"cssClasses":237,"htmlComments":238,"htmlAttributes":239,"restEndpoints":240,"jsGlobals":242,"shortcodeOutput":244},[],[],[],[241],"\u002Ftebank_payment_gateway\u002Fv1\u002Forder\u002F(?P\u003Cid>\\d+)",[243],"WC_Gateway_tebank",[]]