[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$feBDDKmU0MO3P0iNb_k3U1_jjNvuEVQJ4CUH_GPKXreo":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":15,"requires_at_least":15,"requires_php":15,"tags":16,"homepage":17,"download_link":18,"security_score":13,"vuln_count":19,"unpatched_count":19,"last_vuln_date":20,"fetched_at":21,"vulnerabilities":22,"developer":23,"crawl_stats":20,"alternatives":31,"analysis":32,"fingerprints":157},"om-dusupay-gateway-woocommerce","Om Dusupay Gateway Woocommerce","01.01.03","Er Siddharth Singh","https:\u002F\u002Fprofiles.wordpress.org\u002Fsiddharthsingh91\u002F","\u003Cp>This plugin just add Dusupay Payment Gateways for WooCommerce. So you can change name Merchant id of Payment Gateways as per your requrements.\u003C\u002Fp>\n\u003Ch4>More\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Thank you for using our plugin.\u003C\u002Fli>\n\u003Cli>[Give a Rating five star rating]\u003C\u002Fli>\n\u003C\u002Ful>\n","Om Dusupay Gateway Woocommerce By: Siddharth Singh Email:siddharthsingh91@gmail.com Contributors: siddharthsingh91 Donate link: http:\u002F\u002Fwww.",10,1416,100,1,"",[],"http:\u002F\u002Fsanditsolution.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fom-dusupay-gateway-woocommerce.zip",0,null,"2026-03-15T10:48:56.248Z",[],{"slug":24,"display_name":7,"profile_url":8,"plugin_count":25,"total_installs":26,"avg_security_score":27,"avg_patch_time_days":28,"trust_score":29,"computed_at":30},"siddharthsingh91",5,40,91,30,88,"2026-04-05T06:25:53.081Z",[],{"attackSurface":33,"codeSignals":78,"taintFlows":107,"riskAssessment":143,"analyzedAt":156},{"hooks":34,"ajaxHandlers":74,"restRoutes":75,"shortcodes":76,"cronEvents":77,"entryPointCount":19,"unprotectedCount":19},[35,41,45,50,54,58,61,65,70],{"type":36,"name":37,"callback":38,"file":39,"line":40},"action","wp_enqueue_scripts","om_stripe_register_style","including_js_css.php",7,{"type":36,"name":42,"callback":43,"file":39,"line":44},"admin_enqueue_scripts","my_admin_theme_style",11,{"type":36,"name":46,"callback":47,"priority":19,"file":48,"line":49},"plugins_loaded","woocommerce_mrova_dusupay_init","index.php",13,{"type":36,"name":51,"callback":52,"file":48,"line":53},"init","check_payu_response",34,{"type":36,"name":55,"callback":56,"file":48,"line":57},"woocommerce_update_options_payment_gateways","process_admin_options",38,{"type":36,"name":59,"callback":60,"file":48,"line":26},"woocommerce_receipt_payu","receipt_page",{"type":36,"name":62,"callback":63,"file":48,"line":64},"the_content","showMessage",262,{"type":66,"name":67,"callback":68,"file":48,"line":69},"filter","woocommerce_payment_gateways","woocommerce_add_mrova_payu_gateway",309,{"type":66,"name":71,"callback":72,"priority":11,"file":48,"line":73},"plugin_action_links","om_dusupay_gateway_add_action_plugin",319,[],[],[],[],{"dangerousFunctions":79,"sqlUsage":80,"outputEscaping":82,"fileOperations":19,"externalRequests":19,"nonceChecks":19,"capabilityChecks":19,"bundledLibraries":106},[],{"prepared":19,"raw":19,"locations":81},[],{"escaped":19,"rawEcho":44,"locations":83},[84,87,89,91,93,94,96,98,100,102,104],{"file":48,"line":85,"context":86},47,"raw output",{"file":48,"line":88,"context":86},81,{"file":48,"line":90,"context":86},82,{"file":48,"line":92,"context":86},94,{"file":48,"line":13,"context":86},{"file":48,"line":95,"context":86},106,{"file":48,"line":97,"context":86},158,{"file":48,"line":99,"context":86},170,{"file":48,"line":101,"context":86},172,{"file":48,"line":103,"context":86},212,{"file":48,"line":105,"context":86},213,[],[108,126,134],{"entryPoint":109,"graph":110,"unsanitizedCount":14,"severity":125},"woocommerce_mrova_dusupay_init (index.php:14)",{"nodes":111,"edges":122},[112,117],{"id":113,"type":114,"label":115,"file":48,"line":116},"n0","source","$_REQUEST",208,{"id":118,"type":119,"label":120,"file":48,"line":103,"wp_function":121},"n1","sink","echo() [XSS]","echo",[123],{"from":113,"to":118,"sanitized":124},false,"medium",{"entryPoint":127,"graph":128,"unsanitizedCount":14,"severity":125},"check_payu_response (index.php:197)",{"nodes":129,"edges":132},[130,131],{"id":113,"type":114,"label":115,"file":48,"line":116},{"id":118,"type":119,"label":120,"file":48,"line":103,"wp_function":121},[133],{"from":113,"to":118,"sanitized":124},{"entryPoint":135,"graph":136,"unsanitizedCount":14,"severity":142},"\u003Cindex> (index.php:0)",{"nodes":137,"edges":140},[138,139],{"id":113,"type":114,"label":115,"file":48,"line":116},{"id":118,"type":119,"label":120,"file":48,"line":103,"wp_function":121},[141],{"from":113,"to":118,"sanitized":124},"low",{"summary":144,"deductions":145},"The plugin \"om-dusupay-gateway-woocommerce\" v01.01.03 presents a concerning security posture despite the absence of known vulnerabilities and a clean history. The static analysis reveals a significant issue with output escaping, where 100% of the 11 identified output points are not properly escaped. This indicates a high likelihood of cross-site scripting (XSS) vulnerabilities, allowing attackers to inject malicious scripts into the website through user-generated content or data processed by the plugin. Additionally, the taint analysis shows 3 flows with unsanitized paths, suggesting potential risks if user input is not adequately validated and cleaned before being processed or displayed, though no critical or high severity issues were flagged here. The plugin lacks any explicit capability checks and nonce checks, which are fundamental security mechanisms for protecting against unauthorized actions and request forgery, especially in WordPress environments. While the plugin demonstrates good practices in using prepared statements for SQL queries and has no recorded CVEs, the pervasive lack of output escaping and missing security checks create a substantial attack surface that could be exploited, especially in conjunction with the identified unsanitized taint flows.",[146,149,152,154],{"reason":147,"points":148},"Output escaping is missing for all outputs",8,{"reason":150,"points":151},"Taint analysis shows unsanitized paths",4,{"reason":153,"points":25},"No nonce checks implemented",{"reason":155,"points":25},"No capability checks implemented","2026-03-16T23:31:52.161Z",{"wat":158,"direct":165},{"assetPaths":159,"generatorPatterns":162,"scriptPaths":163,"versionParams":164},[160,161],"\u002Fwp-content\u002Fplugins\u002Fom-dusupay-gateway-woocommerce\u002Fimg\u002Flogo.png","\u002Fwp-content\u002Fplugins\u002Fom-dusupay-gateway-woocommerce\u002Fimg\u002Fdusupaybtn6.png",[],[],[],{"cssClasses":166,"htmlComments":167,"htmlAttributes":168,"restEndpoints":181,"jsGlobals":182,"shortcodeOutput":183},[],[],[169,170,171,172,173,174,175,176,177,178,179,180],"name=\"dusupay_merchantId\"","name=\"dusupay_amount\"","name=\"dusupay_currency\"","name=\"dusupay_itemId\"","name=\"dusupay_itemName\"","name=\"dusupay_transactionReference\"","name=\"dusupay_environment\"","name=\"dusupay_redirectURL\"","name=\"dusupay_successURL\"","name=\"dusupay_logo\"","src=\"\u002Fimg\u002Flogo.png\"","src=\"\u002Fimg\u002Fdusupaybtn6.png\"",[],[],[184,185,186,187,188,189,190,191,192,193,194,195,196,197],"\u003Cform method=\"post\" action=\"https:\u002F\u002Fwww.dusupay.com\u002Fdusu_payments\u002Fdusupay\" target=\"_self\">","\u003Cinput type=\"hidden\" name=\"dusupay_merchantId\" value=\"","\u003Cinput type=\"hidden\" name=\"dusupay_amount\" value=\"","\u003Cinput type=\"hidden\" name=\"dusupay_currency\" value=\"","\u003Cinput type=\"hidden\" name=\"dusupay_itemId\" value=\"","\u003Cinput type=\"hidden\" name=\"dusupay_itemName\" value=\"","\u003Cinput type=\"hidden\" name=\"dusupay_transactionReference\" value=\"","\u003Cinput type=\"hidden\" name=\"dusupay_environment\" value=\"sandbox\"","\u003Cinput type=\"hidden\" name=\"dusupay_redirectURL\" value=\"","\u003Cinput type=\"hidden\" name=\"dusupay_successURL\" value=\"","\u003Cinput type=\"hidden\" name=\"dusupay_logo\" value=\"","\u003Cinput type=\"image\" name=\"submit\" src=\"","plugins_url('\u002Fimg\u002Fdusupaybtn6.png","plugins_url('\u002Fimg\u002Flogo.png"]