[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fWmWsEZHJQs_6VsYvYBPiBdYFt-hCMvO_6JXtyRY5nFw":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":64,"crawl_stats":38,"alternatives":70,"analysis":167,"fingerprints":354},"order-tip-woo","Order Tip for WooCommerce","1.5.6","railmedia","https:\u002F\u002Fprofiles.wordpress.org\u002Frailmedia\u002F","\u003Cp>Order Tip for WooCommerce is a plugin that allows customers to add a tip or donation to a WooCommerce order. The tip is added under the form of a WooCommerce fee.\u003C\u002Fp>\n\u003Cp>It allows the tip to be a percentage of the order total or a fixed custom amount. Cash tip is also available which marks the tip as 0 in value, but you should expect a tip on the delivery of your products or on the pickup of the order by the customer.\u003C\u002Fp>\n\u003Cp>There is also an option for adding a custom tip which brings up a text field where the customer is able to type in a custom amount and which is subsequently added as a fixed amount to the order.\u003C\u002Fp>\n\u003Cp>The tip can also be set to be taxed or not as per your current Tax options set in WooCommerce. It features 6 standard tip rates (5, 10, 15, 20, 25, 30) that can be extended through a filter – see below under the Developers section.\u003C\u002Fp>\n\u003Cp>It features various configuration options in the WooCommerce Settings panel under the tab Order Tip.\u003C\u002Fp>\n\u003Cp>The plugin’s backend is translated in German, Swiss German, Spanish, French, Italian, Romanian.\u003C\u002Fp>\n\u003Cp>Dutch language support was added, thanks to Roel Mehlkopf (@mhlkpf).\u003C\u002Fp>\n\u003Ch4>Check out a demo here:\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Forder-tip-for-woocommerce.tudorache.me\u002F\" rel=\"nofollow ugc\">Live Preview\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Check out a video on installing and using the plugin\u003C\u002Fh4>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F9CskEO7oQV8?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch4>Important Notes\u003C\u002Fh4>\n\u003Cp>The plugin works out of the box, with no coding skills required on basically any theme. However, it uses JavaScript for adding the tip to the order. If for some reason it doesn’t work as expected, please check your browser’s console for any JS errors or drop a line here in the Support tab providing a link to your website.\u003C\u002Fp>\n\u003Cp>Websites using the Astra or Neve theme should avoid using the “After customer details position” to display the tip form. It may break the layout causing the order review sidebar to fall under the customer details one.\u003C\u002Fp>\n\u003Ch4>Developers\u003C\u002Fh4>\n\u003Cp>There are a couple of filters you can hook into should you need to extend or edit the core functionality:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>wc_order_tip_title – takes in 1 string variable which holds the title of the form which appears before the form;\u003C\u002Fli>\n\u003Cli>wc_order_tip_rates – takes in 1 array variable which holds the values of the predefined standard tip rates. You should return a simple array containing the values you wish to add. Eg: array( 10, 15, 30 );\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>And a few other filters for changing various strings dynamically, from a different plugin or the active theme:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>wc_order_tip_title – changes the tip form title;\u003C\u002Fli>\n\u003Cli>wc_order_tip_cash_label – changes the Cash tip button label;\u003C\u002Fli>\n\u003Cli>wc_order_tip_custom_label – changes the Custom tip button label;\u003C\u002Fli>\n\u003Cli>wc_order_tip_custom_enter_tip_placeholder – changes the Custom tip field placeholder;\u003C\u002Fli>\n\u003Cli>wc_order_tip_display_form – prevents the tip form from being displayed on the page.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>And one filter for the backend:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>wc_order_tip_reports_date_time_format – allows changing the date format of the reports order created date\u002Ftime. The format needs to comply with the PHP date format. See more \u003Ca href=\"https:\u002F\u002Fwww.php.net\u002Fmanual\u002Fen\u002Ffunction.date.php\" rel=\"nofollow ugc\">here\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>CSS classes and IDs that allow customization:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>#wooot_order_tip_form – main form container\u003C\u002Fli>\n\u003Cli>#wooot_order_tip_form button.woo_order_tip – regular tip buttons\u003C\u002Fli>\n\u003Cli>#wooot_order_tip_form button#woo_order_tip_cash – cash tip button\u003C\u002Fli>\n\u003Cli>#wooot_order_tip_form button#woo_order_tip_custom – custom tip button\u003C\u002Fli>\n\u003Cli>#wooot_order_tip_form p.woo_order_tip_custom_text_field – row for the custom tip input box\u003C\u002Fli>\n\u003Cli>#wooot_order_tip_form input.woo_order_tip_custom_text – custom tip input box\u003C\u002Fli>\n\u003Cli>#wooot_order_tip_form button.woo_order_tip_apply – tip apply button\u003C\u002Fli>\n\u003Cli>#wooot_order_tip_form button.woo_order_tip_remove – tip remove button\u003C\u002Fli>\n\u003C\u002Ful>\n","Order Tip for WooCommerce adds a form to your cart and checkout pages where your customers will be able to add tips or donations",2000,36828,86,15,"2026-01-02T11:47:00.000Z","6.9.4","3.0","",[20,21,22,23,24],"donation","ecommerce","order","tip","woocommerce","https:\u002F\u002Forder-tip-for-woocommerce.tudorache.me\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Forder-tip-woo.1.5.6.zip",97,2,0,"2025-08-14 13:51:21","2026-03-15T15:16:48.613Z",[33,49],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2025-6025","order-tip-for-woocommerce-unauthenticated-tip-manipulation-to-negative-value-leading-to-unauthorized-discounts","Order Tip for WooCommerce \u003C= 1.5.4 - Unauthenticated Tip Manipulation to Negative Value Leading to Unauthorized Discounts","The Order Tip for WooCommerce plugin for WordPress is vulnerable to Unauthenticated Improper Input Validation in all versions up to, and including, 1.5.4. This is due to lack of server-side validation on the `data-tip` attribute, which makes it possible for unauthenticated attackers to apply an excessive or even negative tip amount, resulting in unauthorized discount up to free orders depending on the value submitted.",null,"\u003C=1.5.4","1.5.5","high",7.5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:N\u002FI:H\u002FA:N","Client-Side Enforcement of Server-Side Security","2025-08-15 02:24:23",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F9bcd18bd-032e-4a97-83aa-a377f9b1f435?source=api-prod",1,{"id":50,"url_slug":51,"title":52,"description":53,"plugin_slug":4,"theme_slug":38,"affected_versions":54,"patched_in_version":55,"severity":56,"cvss_score":57,"cvss_vector":58,"vuln_type":59,"published_date":60,"updated_date":61,"references":62,"days_to_patch":48},"CVE-2024-1119","order-tip-for-woocommerce-missing-authorization-to-unauthenticated-data-export","Order Tip for WooCommerce \u003C= 1.3.1 - Missing Authorization to Unauthenticated Data Export","The Order Tip for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the export_tips_to_csv() function in all versions up to, and including, 1.3.1. This makes it possible for unauthenticated attackers to export the plugin's order fees.","\u003C=1.3.1","1.4.0","medium",5.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:L\u002FI:N\u002FA:N","Missing Authorization","2024-03-19 00:00:00","2024-03-20 06:48:28",[63],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F6f837d6b-d1fa-4019-892a-dca3c0f29ca7?source=api-prod",{"slug":7,"display_name":7,"profile_url":8,"plugin_count":65,"total_installs":66,"avg_security_score":67,"avg_patch_time_days":48,"trust_score":68,"computed_at":69},3,2020,89,92,"2026-04-04T10:37:28.782Z",[71,91,111,127,147],{"slug":72,"name":73,"version":74,"author":75,"author_profile":76,"description":77,"short_description":78,"active_installs":11,"downloaded":79,"rating":80,"num_ratings":81,"last_updated":82,"tested_up_to":16,"requires_at_least":83,"requires_php":18,"tags":84,"homepage":87,"download_link":88,"security_score":89,"vuln_count":48,"unpatched_count":29,"last_vuln_date":90,"fetched_at":31},"order-status-rules-for-woocommerce","Scheduled & Automatic Order Status Controller for WooCommerce","3.9.0","WPFactory","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpcodefactory\u002F","\u003Cp>\u003Cstrong>Scheduled & Automatic Order Status Controller for WooCommerce\u003C\u002Fstrong> plugin lets you schedule automatic WooCommerce order status changes.\u003C\u002Fp>\n\u003Cp>For example: automatically change order status to cancelled, when 24 hours have passed since order status was set to pending.\u003C\u002Fp>\n\u003Ch3>✅ Order Status Rule Options\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Order \u003Cstrong>status from\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Order \u003Cstrong>status to\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Time trigger\u003C\u002Fstrong> (in seconds, minutes, hours, days or weeks).\u003C\u002Fli>\n\u003Cli>Minimum and maximum \u003Cstrong>order amount\u003C\u002Fstrong> and \u003Cstrong>order quantity\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Required \u003Cstrong>payment gateways\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Required \u003Cstrong>shipping methods\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Required billing and shipping \u003Cstrong>countries\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Required \u003Cstrong>products\u003C\u002Fstrong>, product \u003Cstrong>categories\u003C\u002Fstrong>, product \u003Cstrong>tags\u003C\u002Fstrong> or product \u003Cstrong>stock status\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Required \u003Cstrong>users\u003C\u002Fstrong>, user \u003Cstrong>roles\u003C\u002Fstrong> or billing \u003Cstrong>emails\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Required \u003Cstrong>coupons\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>And more…\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🤝 Compatibility\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwoocommerce.com\u002Fdocument\u002Fhigh-performance-order-storage\u002F\" rel=\"nofollow ugc\">High-Performance Order Storage (HPOS)\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwoocommerce.com\u002Fproducts\u002Fwoocommerce-subscriptions\u002F\" rel=\"nofollow ugc\">WooCommerce Subscriptions\u003C\u002Fa> plugin.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🗘 Feedback\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>We are open to your suggestions and feedback. Thank you for using or trying out one of our plugins!\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpfactory.com\u002Fitem\u002Forder-status-rules-for-woocommerce\u002F\" rel=\"nofollow ugc\">Visit plugin site\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n","Automate WooCommerce order statuses. Beautifully.",56976,100,11,"2026-02-23T19:15:00.000Z","4.4",[21,22,85,86,24],"order-status","status","https:\u002F\u002Fwpfactory.com\u002Fitem\u002Forder-status-rules-for-woocommerce\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Forder-status-rules-for-woocommerce.3.9.0.zip",98,"2025-03-27 00:00:00",{"slug":92,"name":93,"version":94,"author":95,"author_profile":96,"description":97,"short_description":98,"active_installs":99,"downloaded":100,"rating":101,"num_ratings":102,"last_updated":103,"tested_up_to":16,"requires_at_least":104,"requires_php":18,"tags":105,"homepage":109,"download_link":110,"security_score":80,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"wpc-order-tip","WPC Order Tip for WooCommerce","3.2.5","WPClever","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpclever\u002F","\u003Cp>WPC Order Tip for WooCommerce is a simple-to-use yet powerful plugin, which adds multiple sets of extra amounts that customers can choose to add to their order value as a tip or donation to the seller or specified recipients. Store owners can offer multiple ways for buyers to show their generosity via order tips for the shop, delivery man or contributions and donations to local charity funds, shelters, organizations, etc.\u003C\u002Fp>\n\u003Ch4>Live demo\u003C\u002Fh4>\n\u003Cp>Visit our \u003Ca href=\"https:\u002F\u002Fdemo.wpclever.net\u002Fwpcot\u002Fcart\u002F?add-to-cart=23\" title=\"live demo\" rel=\"nofollow ugc\">live demo\u003C\u002Fa> here to see how this plugin works.\u003C\u002Fp>\n\u003Cp>Users can set up multiple types of tip and donation options with predefined values (fixed amount or a percentage of the subtotal value) or custom amount with rules for min\u002Fmax\u002Fstep\u002Fdefault value (“Other” option). Customers can easily click on any option, and the extra amount will be added to the subtotal automatically or subtly decline by choosing the “No, thanks” option.\u003C\u002Fp>\n\u003Cp>These options will be displayed on the cart page so that before closing the deal and making the payment, buyers can consider showing their kindness and generosity with some tips or make some contributions to good causes. Knowing that their order could help others somehow boosts the customers’ satisfaction and encourages people to make more referrals to the brand among their community.\u003C\u002Fp>\n\u003Ch4>Benefits\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Contribute to good causes\u003C\u002Fli>\n\u003Cli>Subtle way to raise funds\u003C\u002Fli>\n\u003Cli>Increase the commission\u003C\u002Fli>\n\u003Cli>Boost the customer satisfaction and referrals\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Unlimited values and set of tip options can be added\u003C\u002Fli>\n\u003Cli>Configure the name and description of each set\u003C\u002Fli>\n\u003Cli>Multiple types of values per set: fixed amount, percentage or custom value\u003C\u002Fli>\n\u003Cli>Configure min, max, step, default value for custom amount\u003C\u002Fli>\n\u003Cli>Nice and sleek buttons for tip options in the frontend\u003C\u002Fli>\n\u003Cli>Automatically add up the extra tips to the order subtotal\u003C\u002Fli>\n\u003Cli>Easily add a custom label for each option value\u003C\u002Fli>\n\u003Cli>Drag and drop to change the order of tip sets\u003C\u002Fli>\n\u003Cli>Compatible with most common WordPress themes and plugins\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Flexible Values: Fixed, Percentage or Custom\u003C\u002Fh4>\n\u003Cp>Users can either enter a number to set up a fixed amount or enter a percentage to imply a specific percentage of the subtotal value will be added. The field is so flexible that any of the two input types is applicable.\u003C\u002Fp>\n\u003Cp>To make sure customers won’t feel uncomfortable when their intended amount is different from predefined values, users can enable the Custom amount so that buyers can make their choices. They can still control the custom value by configuring the min\u002Fmax\u002Fstep and default value. This is the “Other” option which is often put last in the list of buttons. When customers click on it, the input field will be opened for them to choose the value, then click Add to apply on the subtotal.\u003C\u002Fp>\n\u003Ch4>Single or Multiple Sets of Options\u003C\u002Fh4>\n\u003Cp>Users can set up single or multiple sets of tip and donation options to be displayed on the cart page at the same time. It depends on the purpose and actual campaigns of their business. WPC Order Tip for WooCommerce allows them to create unlimited sets of options that can be distinguished by name and description and used at the same time on the cart page. Users can also drag and drop these sets easily to rearrange based on their priority level.\u003C\u002Fp>\n\u003Ch4>Need more features?\u003C\u002Fh4>\n\u003Cp>Please try other plugins from us:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoo-smart-compare\u002F\" title=\"WPC Smart Compare\" rel=\"ugc\">WPC Smart Compare\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoo-smart-quick-view\u002F\" title=\"WPC Smart Quick View\" rel=\"ugc\">WPC Smart Quick View\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoo-smart-wishlist\u002F\" title=\"WPC Smart Wishlist\" rel=\"ugc\">WPC Smart Wishlist\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwpc-smart-notification\u002F\" title=\"WPC Smart Notification\" rel=\"ugc\">WPC Smart Notification\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwpc-ajax-add-to-cart\u002F\" title=\"WPC AJAX Add to Cart\" rel=\"ugc\">WPC AJAX Add to Cart\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","WPC Order Tip is a plugin that enables customers to add extra amounts to their order as a tip or donation to the seller or specified recipients.",1000,22698,76,4,"2026-03-15T04:36:00.000Z","4.0",[106,23,107,24,108],"donations","tips","wpc","https:\u002F\u002Fwpclever.net\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpc-order-tip.3.2.5.zip",{"slug":112,"name":113,"version":114,"author":75,"author_profile":76,"description":115,"short_description":116,"active_installs":117,"downloaded":118,"rating":80,"num_ratings":65,"last_updated":119,"tested_up_to":16,"requires_at_least":120,"requires_php":18,"tags":121,"homepage":123,"download_link":124,"security_score":125,"vuln_count":48,"unpatched_count":29,"last_vuln_date":126,"fetched_at":31},"order-status-for-woocommerce","Additional Custom Order Status for WooCommerce","1.9.3","\u003Cp>\u003Cstrong>Additional Custom Order Status for WooCommerce\u003C\u002Fstrong> plugin lets you add and manage \u003Cstrong>default & custom order statuses\u003C\u002Fstrong> in WooCommerce.\u003C\u002Fp>\n\u003Ch3>✅ Main Features\u003C\u002Fh3>\n\u003Cp>You can add any number of statuses and for \u003Cem>each status\u003C\u002Fem> you can set:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Styling options\u003C\u002Fstrong> – status text color, background color.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>General options\u003C\u002Fstrong> – add status to order bulk actions, add status to reports.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Action buttons options\u003C\u002Fstrong> – icon, icon color & background color, add status to order list action buttons and\u002For admin order preview action buttons.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Order options\u003C\u002Fstrong> – is order editable, is order paid, is order valid for payment, download permissions, etc.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can also change \u003Cstrong>order status sorting\u003C\u002Fstrong>, including the default WooCommerce order statuses.\u003C\u002Fp>\n\u003Ch3>🏆 Premium Version\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpfactory.com\u002Fitem\u002Forder-status-for-woocommerce\u002F\" rel=\"nofollow ugc\">Additional Custom Order Status for WooCommerce Pro\u003C\u002Fa> version also has an option to send \u003Cstrong>emails\u003C\u002Fstrong> on custom order status change. For each custom status email you can set: email address, subject, heading and content.\u003C\u002Fp>\n\u003Ch3>🗘 Feedback\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>We are open to your suggestions and feedback. Thank you for using or trying out one of our plugins!\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpfactory.com\u002Fitem\u002Forder-status-for-woocommerce\u002F\" rel=\"nofollow ugc\">Visit plugin site\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>ℹ More\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>The plugin is \u003Cstrong>“High-Performance Order Storage (HPOS)”\u003C\u002Fstrong> compatible.\u003C\u002Fli>\n\u003C\u002Ful>\n","Manage order statuses in WooCommerce. Beautifully.",800,12956,"2025-12-26T20:58:00.000Z","4.7",[122,21,85,86,24],"custom-order-status","https:\u002F\u002Fwpfactory.com\u002Fitem\u002Forder-status-for-woocommerce\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Forder-status-for-woocommerce.1.9.3.zip",99,"2024-12-03 21:03:42",{"slug":128,"name":129,"version":130,"author":131,"author_profile":132,"description":133,"short_description":134,"active_installs":135,"downloaded":136,"rating":80,"num_ratings":65,"last_updated":137,"tested_up_to":138,"requires_at_least":139,"requires_php":140,"tags":141,"homepage":145,"download_link":146,"security_score":80,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"gazchaps-woocommerce-purchase-order-payment-gateway","GazChap's WooCommerce Purchase Order Payment Gateway","3.2","gazchap","https:\u002F\u002Fprofiles.wordpress.org\u002Fgazchap\u002F","\u003Cp>This plugin adds a new offline payment gateway to WooCommerce that allows your customers to request an invoice with a Purchase Order.\u003C\u002Fp>\n\u003Cp>There are a number of options:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>You can set the plugin to ask the customer for a Purchase Order Number, and dictate whether this is mandatory or can be left blank.\u003C\u002Fli>\n\u003Cli>You can set the plugin to ask the customer for a postal address for the invoice.\u003C\u002Fli>\n\u003Cli>You can set the plugin to pre-fill this address with the customer’s existing billing address (if they are logged in, and have one set in WooCommerce)\u003C\u002Fli>\n\u003Cli>You can set the plugin to add supplied Purchase Order information to order notification emails\u003C\u002Fli>\n\u003Cli>You can set the plugin to add supplied Purchase Order information to order objects in the WooCommerce REST API\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>When an order is received, the plugin will add all of the submitted information on to the WooCommerce View Order screen.\u003C\u002Fp>\n\u003Cp>As of version 2.0, you can also add Purchase Order information to orders created through the WooCommerce Admin screens, and edit Purchase Order information saved against an existing order.\u003C\u002Fp>\n\u003Cp>As of version 3.0, you can also add Purchase Order information to orders in the WooCommerce REST API. There are two settings to control this behaviour, allowing you to choose to add just the PO Number as well as the address if needed.\u003Cbr \u002F>\nThe two fields in the Order objects are \u003Ccode>gazchap_purchase_order_number\u003C\u002Fcode> and \u003Ccode>gazchap_purchase_order_address\u003C\u002Fcode> respectively.\u003Cbr \u002F>\nThe number is just a string, or \u003Ccode>null\u003C\u002Fcode> if no number was provided (or the payment method was not the Purchase Order gateway)\u003Cbr \u002F>\nThe address is an array of strings: \u003Ccode>contact\u003C\u002Fcode>, \u003Ccode>company\u003C\u002Fcode>, \u003Ccode>address1\u003C\u002Fcode>, \u003Ccode>address2\u003C\u002Fcode>, \u003Ccode>city\u003C\u002Fcode>, \u003Ccode>county\u003C\u002Fcode>, \u003Ccode>postcode\u003C\u002Fcode>. These fields can be null if not given.\u003C\u002Fp>\n\u003Cp>Note: This plugin does not (currently, at least) generate the actual invoices – it is only used to collect the Purchase Order information.\u003C\u002Fp>\n\u003Ch3>Requirements\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwoocommerce.com\" rel=\"nofollow ugc\">WooCommerce\u003C\u002Fa>, at least version 3.0.\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>Once installed and activated, you need to enable the Payment Gateway in \u003Cem>WooCommerce > Settings > Checkout\u003C\u002Fem> (or via the plugin’s Settings link on the WordPress Plugins page) – you can then set the various options for the plugin at the same time.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>Licensed under the \u003Ca href=\"http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\" rel=\"nofollow ugc\">GNU General Public License v2.0\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>ljgm3nx0kwytf9opbjjzhyradusy600x\u003C\u002Fp>\n","Adds a Purchase Order offline payment gateway to WooCommerce.",200,6096,"2025-11-06T16:20:00.000Z","6.7.5","4.2.0","5.3",[21,142,143,144,24],"gateway","payment","purchase-order","https:\u002F\u002Fwww.gazchap.com\u002Fposts\u002Fwoocommerce-purchase-order-payment-gateway","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgazchaps-woocommerce-purchase-order-payment-gateway.zip",{"slug":148,"name":149,"version":150,"author":151,"author_profile":152,"description":153,"short_description":154,"active_installs":155,"downloaded":156,"rating":68,"num_ratings":157,"last_updated":158,"tested_up_to":159,"requires_at_least":83,"requires_php":18,"tags":160,"homepage":164,"download_link":165,"security_score":166,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"multi-order-for-woocommerce","Multi Order for WooCommerce","1.5.1","WP Wham","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpwham\u002F","\u003Cp>\u003Cstrong>Multi Order for WooCommerce\u003C\u002Fstrong> creates a sub-order for each item in a order.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Free version\u003C\u002Fstrong>\u003Cbr \u002F>\nThe \u003Cem>free version\u003C\u002Fem> of this plugin only allows to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Create suborders for each different order item\u003C\u002Fli>\n\u003Cli>Setup the main order and the suborder status when orders are placed\u003C\u002Fli>\n\u003Cli>Display a new column on admin\u002Ffrontend regarding Suborder IDs\u003C\u002Fli>\n\u003Cli>Display intuitive numbers to your suborders. E.g If your main order ID is 100, your suborders numbers will be 100-1, 100-2, and so on.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwpwham.com\u002Fproducts\u002Fmulti-order-for-woocommerce\u002F\" title=\"Multi Order for WooCommerce Pro\" rel=\"nofollow ugc\">Premium Version\u003C\u002Fa>\u003C\u002Fstrong>\u003Cbr \u002F>\nBesides free version features, the \u003Cstrong>premium version\u003C\u002Fstrong> of this plugin allows to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Setup if order item quantity is considered as suborder or not\u003C\u002Fli>\n\u003Cli>Deduct \u002F Undeduct suborders from main order, i.e If you get your suborder paid, subtract its value from main order automatically\u003C\u002Fli>\n\u003Cli>Choose what order status will deduct\u002Fundeduct suborders from main order\u003C\u002Fli>\n\u003Cli>Sync orders. i.e Whenever you change a suborder item price or tax, the correspondent item on main order gets updated, and vice-versa\u003C\u002Fli>\n\u003Cli>Display a remaining column on both frontend and admin order screens, showing how much is left to pay\u003C\u002Fli>\n\u003Cli>Setup if emails will be sent to main order \u002F suborders\u003C\u002Fli>\n\u003Cli>Organize orders with a new taxonomy called Payment Status. e.g Orders will be considered as Payed \u002F Not paid \u002F Partial\u003C\u002Fli>\n\u003C\u002Ful>\n","Split your orders into suborders.",80,9906,9,"2023-07-15T10:28:00.000Z","6.2.9",[161,22,162,163,24],"multiple","split","suborder","https:\u002F\u002Fwpwham.com\u002Fproducts\u002Fmulti-order-for-woocommerce\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmulti-order-for-woocommerce.1.5.1.zip",85,{"attackSurface":168,"codeSignals":290,"taintFlows":314,"riskAssessment":341,"analyzedAt":353},{"hooks":169,"ajaxHandlers":267,"restRoutes":282,"shortcodes":283,"cronEvents":288,"entryPointCount":289,"unprotectedCount":29},[170,176,181,185,190,194,198,201,207,211,215,218,220,224,227,229,232,235,238,241,244,247,250,253,257,261,263],{"type":171,"name":172,"callback":173,"priority":80,"file":174,"line":175},"action","admin_enqueue_scripts","scripts","admin\\controllers\\config.class.php",22,{"type":177,"name":178,"callback":178,"priority":179,"file":174,"line":180},"filter","plugin_action_links",10,23,{"type":171,"name":182,"callback":183,"file":174,"line":184},"admin_init","consistent_options",24,{"type":177,"name":186,"callback":187,"file":188,"line":189},"woocommerce_admin_reports","tip_reports","admin\\controllers\\reports.class.php",45,{"type":171,"name":191,"callback":192,"file":188,"line":193},"order_tip_settings_reports","display_orders_list_reports",46,{"type":171,"name":195,"callback":196,"file":188,"line":197},"woocommerce_checkout_update_order_meta","purge_fee_names",47,{"type":171,"name":182,"callback":199,"file":188,"line":200},"export_tips_to_csv",59,{"type":177,"name":202,"callback":203,"priority":204,"file":205,"line":206},"woocommerce_settings_tabs_array","add_settings_page",20,"admin\\controllers\\settings.class.php",37,{"type":171,"name":208,"callback":209,"file":205,"line":210},"woocommerce_admin_field_order_tip_reports","display_synchronize_products_field",41,{"type":177,"name":212,"callback":213,"priority":14,"file":205,"line":214},"woocommerce_get_settings_pages","woo_order_tip_admin_add_settings",612,{"type":171,"name":216,"callback":173,"priority":80,"file":217,"line":175},"wp_enqueue_scripts","frontend\\controllers\\config.class.php",{"type":171,"name":219,"callback":183,"file":217,"line":180},"wp",{"type":171,"name":221,"callback":222,"file":223,"line":210},"woocommerce_before_cart","tip_form","frontend\\controllers\\main.class.php",{"type":171,"name":225,"callback":222,"file":223,"line":226},"woocommerce_cart_coupon",44,{"type":171,"name":228,"callback":222,"file":223,"line":197},"woocommerce_after_cart_table",{"type":171,"name":230,"callback":222,"file":223,"line":231},"woocommerce_before_cart_totals",50,{"type":171,"name":233,"callback":222,"file":223,"line":234},"woocommerce_after_cart",53,{"type":171,"name":236,"callback":222,"file":223,"line":237},"woocommerce_before_checkout_form",63,{"type":171,"name":239,"callback":222,"file":223,"line":240},"woocommerce_before_order_notes",66,{"type":171,"name":242,"callback":222,"file":223,"line":243},"woocommerce_checkout_after_customer_details",69,{"type":171,"name":245,"callback":222,"file":223,"line":246},"woocommerce_checkout_order_review",72,{"type":171,"name":248,"callback":222,"file":223,"line":249},"woocommerce_after_checkout_form",75,{"type":171,"name":251,"callback":252,"file":223,"line":13},"init","init_session",{"type":171,"name":254,"callback":255,"priority":179,"file":223,"line":256},"woocommerce_cart_calculate_fees","add_tip_to_cart",87,{"type":171,"name":258,"callback":259,"file":223,"line":260},"woocommerce_new_order","remove_tip_on_order_placed",88,{"type":171,"name":262,"callback":259,"file":223,"line":67},"woocommerce_thankyou",{"type":171,"name":264,"callback":265,"file":266,"line":234},"before_woocommerce_init","closure","order-tip-for-woocommerce.php",[268,274,276,280],{"action":269,"nopriv":270,"callback":271,"hasNonce":272,"hasCapCheck":270,"file":223,"line":273},"apply_tip",false,"add_tip_to_session",true,81,{"action":269,"nopriv":272,"callback":271,"hasNonce":272,"hasCapCheck":270,"file":223,"line":275},82,{"action":277,"nopriv":270,"callback":278,"hasNonce":272,"hasCapCheck":270,"file":223,"line":279},"remove_tip","remove_tip_from_session",83,{"action":277,"nopriv":272,"callback":278,"hasNonce":272,"hasCapCheck":270,"file":223,"line":281},84,[],[284],{"tag":285,"callback":286,"file":223,"line":287},"order_tip_form","tip_form_shortcode",91,[],5,{"dangerousFunctions":291,"sqlUsage":304,"outputEscaping":309,"fileOperations":28,"externalRequests":29,"nonceChecks":312,"capabilityChecks":48,"bundledLibraries":313},[292,296,299,302],{"fn":293,"file":223,"line":294,"context":295},"unserialize",113,"$session_tip = WOO_Order_Tip_Service::should_use_php_session() ? ( isset( $_SESSION['tip'] ) && ! em",{"fn":293,"file":223,"line":297,"context":298},238,"$session_tip = isset( $_SESSION ) && isset( $_SESSION['tip'] ) && ! empty( $_SESSION['tip'] ) ? unse",{"fn":293,"file":300,"line":166,"context":301},"frontend\\services\\order-tip-woo.service.php","$tip = isset( $_SESSION ) && isset( $_SESSION['tip'] ) && ! empty( $_SESSION['tip'] ) ? unserialize(",{"fn":293,"file":300,"line":303,"context":298},171,{"prepared":29,"raw":48,"locations":305},[306],{"file":188,"line":307,"context":308},77,"$wpdb->get_results() with variable interpolation",{"escaped":310,"rawEcho":29,"locations":311},168,[],6,[],[315,333],{"entryPoint":316,"graph":317,"unsanitizedCount":29,"severity":332},"export_tips_to_csv (admin\\controllers\\reports.class.php:515)",{"nodes":318,"edges":330},[319,324],{"id":320,"type":321,"label":322,"file":188,"line":323},"n0","source","$_POST",521,{"id":325,"type":326,"label":327,"file":188,"line":328,"wp_function":329},"n1","sink","header() [Header Injection]",539,"header",[331],{"from":320,"to":325,"sanitized":272},"low",{"entryPoint":334,"graph":335,"unsanitizedCount":29,"severity":332},"\u003Creports.class> (admin\\controllers\\reports.class.php:0)",{"nodes":336,"edges":339},[337,338],{"id":320,"type":321,"label":322,"file":188,"line":323},{"id":325,"type":326,"label":327,"file":188,"line":328,"wp_function":329},[340],{"from":320,"to":325,"sanitized":272},{"summary":342,"deductions":343},"The 'order-tip-woo' plugin v1.5.6 presents a mixed security posture. On the positive side, the static analysis reveals a strong adherence to output escaping practices, with 100% of outputs being properly sanitized. The plugin also demonstrates good use of nonce and capability checks for its entry points, with no directly unprotected AJAX handlers or REST API routes identified. Taint analysis shows no unsanitized paths, indicating a lack of common injection vulnerabilities from this perspective.\n\nHowever, significant concerns arise from the plugin's historical vulnerability data. It has a history of known CVEs, with one high and one medium severity vulnerability in the past. The common types of vulnerabilities found, such as 'Client-Side Enforcement of Server-Side Security' and 'Missing Authorization,' are particularly worrying, as they often indicate fundamental flaws in how security is implemented. The presence of four dangerous 'unserialize' functions without explicit context about their usage or sanitization is also a potential risk, as unserialization can lead to arbitrary code execution if not handled with extreme care, especially when dealing with untrusted input.\n\nIn conclusion, while the current version exhibits some good security practices in output sanitization and entry point protection, the past vulnerability history, coupled with the use of dangerous functions like 'unserialize,' suggests that a thorough review of authorization and input validation, particularly around unserialization, is warranted. The plugin has potential weaknesses that have been exploited in the past and require ongoing vigilance.",[344,346,349,351],{"reason":345,"points":289},"Raw SQL queries without prepared statements",{"reason":347,"points":348},"Dangerous function 'unserialize' used",8,{"reason":350,"points":14},"Past high severity vulnerability",{"reason":352,"points":179},"Past medium severity vulnerability","2026-03-16T18:36:06.905Z",{"wat":355,"direct":368},{"assetPaths":356,"generatorPatterns":361,"scriptPaths":362,"versionParams":363},[357,358,359,360],"\u002Fwp-content\u002Fplugins\u002Forder-tip-woo\u002Fadmin\u002Fcss\u002Freports-orders-list.css","\u002Fwp-content\u002Fplugins\u002Forder-tip-woo\u002Fadmin\u002Fcss\u002Fadmin-blockui.css","\u002Fwp-content\u002Fplugins\u002Forder-tip-woo\u002Fadmin\u002Fjs\u002Freports-orders-list.js","\u002Fwp-content\u002Fplugins\u002Forder-tip-woo\u002Fadmin\u002Fjs\u002Fadmin-blockui.js",[],[],[364,365,366,367],"order-tip-woo\u002Fadmin\u002Fcss\u002Freports-orders-list.css?ver=","order-tip-woo\u002Fadmin\u002Fcss\u002Fadmin-blockui.css?ver=","order-tip-woo\u002Fadmin\u002Fjs\u002Freports-orders-list.js?ver=","order-tip-woo\u002Fadmin\u002Fjs\u002Fadmin-blockui.js?ver=",{"cssClasses":369,"htmlComments":375,"htmlAttributes":377,"restEndpoints":383,"jsGlobals":384,"shortcodeOutput":391},[370,371,372,373,374],"woot_tip_amount","woot_order_id","woot_tip_date","woot_order_total","woot_tip_percentage",[376],"Soon these reports will be removed. For the time being they can still be accessed at the above URL",[378,379,380,381,382],"data-tip-amount","data-order-id","data-tip-date","data-order-total","data-tip-percentage",[],[385,386,387,388,389,390],"WOOTIPVER","WOOOTIPPATH","WOOOTIPBASE","WOOOTIPURL","WOOOTIPSUB","wootip_uninstall",[]]