[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fx_gTij8UWq24VS_xkAwOvbLNZpuHlj2-ZeDCO1AKI_A":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":22,"download_link":23,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":36,"analysis":119,"fingerprints":300},"ourivesweb-api","OurivesWeb Api","1.1.1","Ponto25","https:\u002F\u002Fprofiles.wordpress.org\u002Fponto25\u002F","\u003Cp>Com quase 20 anos de experiência, a PONTO 25 é uma empresa especializada no desenvolvimento de soluções informáticas.\u003C\u002Fp>\n\u003Cp>Através da utilização de tecnologias de informação interativas, a PONTO 25 disponibiliza um vasto leque de soluções de gestão desktop e na cloud para diversas áreas do mercado.\u003Cbr \u002F>\nSedeada em Braga, a PONTO 25 está presente em todo o país, Espanha, Moçambique, Angola, Brasil, Polónia e França.\u003C\u002Fp>\n\u003Cp>Certificado pela Autoridade Tributária sob o número 1541, o OurivesWeb está sempre de acordo com a lei em vigor.\u003C\u002Fp>\n\u003Ch3>Através do plugin é possível:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Sincronizar artigos e stocks entre as duas plataformas\u003C\u002Fli>\n\u003Cli>Emissão automática ou manual de documentos\u003C\u002Fli>\n\u003Cli>Seleccionar a secção da empresa.\u003C\u002Fli>\n\u003Cli>Criação automática de clientes e artigos\u003C\u002Fli>\n\u003Cli>Aceder aos documentos emitidos sem sair do WordPress\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Todo o suporte técnico e comercial dado aos utilizadores do plugin é prestado pela equipa de Apoio a Clientes do OurivesWeb.\u003C\u002Fp>\n\u003Ch3>Legal Notice\u003C\u002Fh3>\n\u003Cp>Toda a informação legal está disponivel no nosso website ( https:\u002F\u002Fwww.ponto25.com\u002Fcookies ).\u003Cbr \u002F>\nEsta informação engloba todos os produtos da Ponto25.\u003C\u002Fp>\n","O Ourives Web é um produto com a qualidade da PONTO 25 – informática lda.",0,1577,"","6.0.11","5.2","7.3",[18,19,20,21],"encomendas","faturacao","invoicing","orders","https:\u002F\u002Fwordpress.org\u002Fplugins\u002FOurivesWeb-api\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fourivesweb-api.1.1.1.zip",100,null,"2026-03-15T10:48:56.248Z",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":32,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"ponto25",3,10,90,30,87,"2026-04-04T08:39:21.518Z",[37,51,72,89,105],{"slug":38,"name":39,"version":40,"author":7,"author_profile":8,"description":41,"short_description":42,"active_installs":31,"downloaded":43,"rating":11,"num_ratings":11,"last_updated":44,"tested_up_to":45,"requires_at_least":15,"requires_php":16,"tags":46,"homepage":47,"download_link":48,"security_score":49,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":50},"marvinerp-api","Marvinerp","1.1.0","\u003Cp>Com quase 20 anos de experiência, a PONTO 25 é uma empresa especializada no desenvolvimento de soluções informáticas.\u003C\u002Fp>\n\u003Cp>Através da utilização de tecnologias de informação interativas, a PONTO 25 disponibiliza um vasto leque de soluções de gestão desktop e na cloud para diversas áreas do mercado.\u003Cbr \u002F>\nSedeada em Braga, a PONTO 25 está presente em todo o país, Espanha, Moçambique, Angola, Brasil, Polónia e França.\u003C\u002Fp>\n\u003Cp>Certificado pela Autoridade Tributária sob o número 1539, o Marvinerp está sempre de acordo com a lei em vigor.\u003C\u002Fp>\n\u003Ch3>Através do plugin é possível:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Sincronizar artigos e stocks entre as duas plataformas\u003C\u002Fli>\n\u003Cli>Emissão automática ou manual de documentos\u003C\u002Fli>\n\u003Cli>Seleccionar a secção da empresa.\u003C\u002Fli>\n\u003Cli>Criação automática de clientes e artigos\u003C\u002Fli>\n\u003Cli>Aceder aos documentos emitidos sem sair do WordPress\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Todo o suporte técnico e comercial dado aos utilizadores do plugin é prestado pela equipa de Apoio a Clientes do Marvinerp.\u003C\u002Fp>\n\u003Ch3>Legal Notice\u003C\u002Fh3>\n\u003Cp>Toda a informação legal está disponivel no nosso website ( https:\u002F\u002Fwww.ponto25.com\u002Fcookies ).\u003Cbr \u002F>\nEsta informação engloba todos os produtos da Ponto25.\u003C\u002Fp>\n","O Marvin ERP é um produto com a qualidade da PONTO 25 – informática lda.",4895,"2021-03-30T15:00:00.000Z","5.6.17",[18,19,20,21],"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmarvinerp-api\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmarvinerp-api.1.1.0.zip",85,"2026-03-15T15:16:48.613Z",{"slug":52,"name":53,"version":54,"author":53,"author_profile":55,"description":56,"short_description":57,"active_installs":58,"downloaded":59,"rating":60,"num_ratings":61,"last_updated":62,"tested_up_to":63,"requires_at_least":64,"requires_php":65,"tags":66,"homepage":67,"download_link":68,"security_score":69,"vuln_count":70,"unpatched_count":11,"last_vuln_date":71,"fetched_at":50},"moloni","Moloni","5.0.04","https:\u002F\u002Fprofiles.wordpress.org\u002Fmolonidevteam\u002F","\u003Cp>O Moloni é um inovador software de faturação e POS online que inclui acesso a inúmeras ferramentas úteis e funcionais que permitem a cada empresa gerir a sua faturação, controlar stocks, automatizar processos e emitir documentos de forma rápida, simples e intuitiva.\u003C\u002Fp>\n\u003Cp>Certificado com o n.º 2860 da Autoridade Tributária, o Moloni está sempre atualizado e de acordo com a lei em vigor!\u003C\u002Fp>\n\u003Ch3>Através do plugin é possível:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Sincronizar artigos e stocks entre as duas plataformas\u003C\u002Fli>\n\u003Cli>Emissão automática ou manual de documentos\u003C\u002Fli>\n\u003Cli>Selecionar o estado dos documentos emitidos\u003C\u002Fli>\n\u003Cli>Selecionar de uma grande variedade de tipos de documentos\u003C\u002Fli>\n\u003Cli>Selecionar o armazém de saída dos artigos\u003C\u002Fli>\n\u003Cli>Envio automático do documento para o cliente\u003C\u002Fli>\n\u003Cli>Criação automática de clientes e artigos\u003C\u002Fli>\n\u003Cli>Personalizar os seus detalhes de faturação\u003C\u002Fli>\n\u003Cli>Aceder aos documentos emitidos sem sair do WordPress\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Todo o suporte técnico e comercial dado aos utilizadores do plugin é prestado pela equipa de Apoio a Clientes do Moloni.\u003C\u002Fp>\n","Software de faturação inovador que se adapta ao seu negócio! Destinado a profissionais liberais, micro, pequenas e médias empresas.",2000,93890,96,6,"2025-12-22T12:46:00.000Z","6.7.5","4.6","7.2",[20,21],"https:\u002F\u002Fplugins.moloni.com\u002Fwoocommerce\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmoloni.5.0.04.zip",99,1,"2024-07-11 00:00:00",{"slug":73,"name":74,"version":75,"author":53,"author_profile":55,"description":76,"short_description":77,"active_installs":78,"downloaded":79,"rating":24,"num_ratings":70,"last_updated":80,"tested_up_to":63,"requires_at_least":81,"requires_php":82,"tags":83,"homepage":13,"download_link":87,"security_score":69,"vuln_count":70,"unpatched_count":11,"last_vuln_date":88,"fetched_at":50},"contribuinte-checkout","Contribuinte Checkout","2.0.04","\u003Cp>With this plugin you can add VAT and VIES support to your WooCommerce store. The VAT field will be saved as ‘_billing_vat’.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Important:\u003C\u002Fstrong> this plugin requires WooCommerce 3.0.0 or higher.\u003Cbr \u002F>\n\u003Cstrong>Warning:\u003C\u002Fstrong> to enable and use VIES information you need to have SOAP extension enabled (SoapClient PHP class).\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Adds VAT field to billing form.\u003C\u002Fli>\n\u003Cli>Adds VAT field to outgoing email.\u003C\u002Fli>\n\u003Cli>Adds VAT field to checkout billing information.\u003C\u002Fli>\n\u003Cli>Adds VAT field to admin orders page.\u003C\u002Fli>\n\u003Cli>Change VAT field label and description.\u003C\u002Fli>\n\u003Cli>Validate Portuguese VAT numbers.\u003C\u002Fli>\n\u003Cli>Choose how to handle vat field validation errors.\u003C\u002Fli>\n\u003Cli>You can make VAT field required.\u003C\u002Fli>\n\u003Cli>You can add VIES information to admin order page, checkout and user billing page.\u003C\u002Fli>\n\u003Cli>Adds settings page under WooCommerce menu so you manage all the features.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Translations\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>English.\u003C\u002Fli>\n\u003Cli>Portuguese.\u003C\u002Fli>\n\u003C\u002Ful>\n","With this plugin you can add VAT and VIES support to your WooCommerce store. The VAT field will be saved as '_billing_vat'.",1000,16804,"2025-05-19T10:50:00.000Z","5.0","5.6",[84,20,21,85,86],"customers","vat","woocommerce","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcontribuinte-checkout.2.0.04.zip","2025-05-07 00:00:00",{"slug":90,"name":91,"version":92,"author":91,"author_profile":93,"description":94,"short_description":95,"active_installs":24,"downloaded":96,"rating":11,"num_ratings":11,"last_updated":97,"tested_up_to":98,"requires_at_least":99,"requires_php":82,"tags":100,"homepage":103,"download_link":104,"security_score":49,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":50},"vendus","Vendus","2.0","https:\u002F\u002Fprofiles.wordpress.org\u002Fvendus\u002F","\u003Cp>O Vendus é um Software de Faturação Online e POS, que permite faturar e controlar as suas vendas em segundos, através de funcionalidades simples, rápidas e intuitivas. Ideal para Profissionais Independentes e Negócios de sucesso, que procuram soluções tecnológicas robustas, acessíveis e com suporte gratuito e ilimitado. Software Certificado Nº 2230\u002FAT, 100% na Cloud e sempre atualizado, de acordo com a lei em vigor.\u003C\u002Fp>\n\u003Ch4>Funcionalidades\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Emissão de Faturas diretamente no Menu Encomendas do Woocommerce\u003C\u002Fli>\n\u003Cli>Criação de notas de crédito\u003C\u002Fli>\n\u003Cli>Consulta e download de faturas emitidas\u003C\u002Fli>\n\u003Cli>Envio do documento para o cliente via email\u003C\u002Fli>\n\u003Cli>Criação de Produtos com IVA diferenciado\u003C\u002Fli>\n\u003Cli>Criação e sincronização automática de produtos entre plataformas\u003C\u002Fli>\n\u003Cli>Validação automática de NIFs \u003C\u002Fli>\n\u003Cli>Sincronização do histórico de compras do Cliente entre plataformas\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>A equipa de Suporte do Vendus presta apoio técnico a todos os utilizadores do plugin gratuitamente.\u003C\u002Fp>\n","Faturação 100% online, sem dores de cabeça e sem sair da sua loja online! Programa nº 2230 certificado pela AT a partir de 4€ \u002F mês.",5300,"2023-04-18T15:39:00.000Z","6.2.9","4.5",[101,102,20,21],"billing","invoice","https:\u002F\u002Fwww.vendus.pt\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvendus.2.2.zip",{"slug":106,"name":107,"version":108,"author":109,"author_profile":110,"description":111,"short_description":112,"active_installs":113,"downloaded":114,"rating":11,"num_ratings":11,"last_updated":115,"tested_up_to":116,"requires_at_least":81,"requires_php":65,"tags":117,"homepage":13,"download_link":118,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":50},"moloni-es","Moloni España","2.1.4","Moloni, lda","https:\u002F\u002Fprofiles.wordpress.org\u002Fmolonies\u002F","\u003Cp>Moloni is an innovative online billing and POS software that includes access to numerous useful and functional tools that allow each company to manage their billing, control stocks, automate processes and issue documents quickly, simply and intuitively.\u003C\u002Fp>\n\u003Cp>Moloni is always updated with the latest features and tax changes according to the law in Spain!\u003C\u002Fp>\n\u003Ch3>Through the plugin it is possible to:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Synchronize products and stocks between the two platforms\u003C\u002Fli>\n\u003Cli>Automatic or manual document issuance\u003C\u002Fli>\n\u003Cli>Select the status of issued documents\u003C\u002Fli>\n\u003Cli>Select from a wide variety of document types\u003C\u002Fli>\n\u003Cli>Select the outbound item warehouse\u003C\u002Fli>\n\u003Cli>Automatic sending of the document to the customer\u003C\u002Fli>\n\u003Cli>Automatic creation of customers and articles\u003C\u002Fli>\n\u003Cli>Customize your billing details\u003C\u002Fli>\n\u003Cli>Access issued documents without leaving WordPress\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>All technical and commercial support given to users of the plugin is provided by the Moloni Customer Support team.\u003C\u002Fp>\n","Innovative billing software that fits your business.! Intended for professionals, micro, small and medium enterprises.",20,4879,"2025-07-24T10:05:00.000Z","6.8.5",[20,21],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmoloni-es.2.1.4.zip",{"attackSurface":120,"codeSignals":175,"taintFlows":263,"riskAssessment":288,"analyzedAt":299},{"hooks":121,"ajaxHandlers":169,"restRoutes":170,"shortcodes":171,"cronEvents":172,"entryPointCount":11,"unprotectedCount":11},[122,128,132,138,142,146,149,152,155,159,161,165],{"type":123,"name":124,"callback":125,"file":126,"line":127},"action","plugins_loaded","Start","ourivesweb.php",58,{"type":123,"name":129,"callback":130,"file":126,"line":131},"admin_enqueue_scripts","\\OurivesWeb\\Plugin::defines",60,{"type":123,"name":133,"callback":134,"priority":135,"file":136,"line":137},"admin_menu","OurivesWeb_admin_menu",56.6,"src\\Activators\\Admin.php",12,{"type":123,"name":139,"callback":140,"priority":24,"file":136,"line":141},"admin_bar_menu","add_toolbar_items",13,{"type":123,"name":143,"callback":144,"priority":31,"file":145,"line":113},"product_cat_edit_form_fields","anonymous","src\\Helper\\Cat_meta_data.php",{"type":123,"name":147,"callback":144,"priority":31,"file":145,"line":148},"product_cat_add_form_fields",21,{"type":123,"name":150,"callback":144,"priority":31,"file":145,"line":151},"edited_product_cat",22,{"type":123,"name":153,"callback":144,"priority":31,"file":145,"line":154},"create_product_cat",23,{"type":123,"name":156,"callback":144,"file":157,"line":158},"woocommerce_update_product","src\\Plugin.php",144,{"type":123,"name":156,"callback":144,"file":157,"line":160},170,{"type":123,"name":162,"callback":163,"file":157,"line":164},"ourivesweb_woocommerce_products_sync","\\OurivesWeb\\Plugin::syncProductCron",172,{"type":123,"name":166,"callback":167,"priority":31,"file":157,"line":168},"woocommerce_order_status_changed","\\OurivesWeb\\Plugin::autoDoc",180,[],[],[],[173],{"hook":162,"callback":162,"file":157,"line":174},176,{"dangerousFunctions":176,"sqlUsage":177,"outputEscaping":198,"fileOperations":260,"externalRequests":11,"nonceChecks":11,"capabilityChecks":261,"bundledLibraries":262},[],{"prepared":178,"raw":179,"locations":180},56,5,[181,185,188,190,194],{"file":182,"line":183,"context":184},"src\\Controller\\Orders\\OrderCustomer.php",121,"$wpdb->get_row() with variable interpolation",{"file":145,"line":186,"context":187},39,"$wpdb->get_col() with variable interpolation",{"file":145,"line":189,"context":187},77,{"file":191,"line":192,"context":193},"src\\Helper\\Tokens.php",44,"$wpdb->query() with variable interpolation",{"file":195,"line":196,"context":197},"src\\Model.php",82,"$wpdb->get_results() with variable interpolation",{"escaped":199,"rawEcho":33,"locations":200},89,[201,205,208,210,211,213,215,217,218,220,222,224,226,228,230,231,233,235,237,239,241,243,245,246,248,250,252,254,256,258],{"file":202,"line":203,"context":204},"src\\Controller\\Connection.php",40,"raw output",{"file":206,"line":207,"context":204},"src\\Views\\MainContainer.php",47,{"file":206,"line":209,"context":204},83,{"file":206,"line":34,"context":204},{"file":206,"line":212,"context":204},92,{"file":206,"line":214,"context":204},136,{"file":206,"line":216,"context":204},138,{"file":206,"line":216,"context":204},{"file":206,"line":219,"context":204},143,{"file":206,"line":221,"context":204},150,{"file":206,"line":223,"context":204},151,{"file":206,"line":225,"context":204},152,{"file":206,"line":227,"context":204},153,{"file":206,"line":229,"context":204},162,{"file":206,"line":174,"context":204},{"file":206,"line":232,"context":204},192,{"file":234,"line":141,"context":204},"src\\Views\\report.php",{"file":234,"line":236,"context":204},25,{"file":234,"line":238,"context":204},48,{"file":234,"line":240,"context":204},50,{"file":242,"line":154,"context":204},"src\\Views\\settings.php",{"file":242,"line":244,"context":204},27,{"file":242,"line":186,"context":204},{"file":242,"line":247,"context":204},46,{"file":242,"line":249,"context":204},57,{"file":242,"line":251,"context":204},64,{"file":242,"line":253,"context":204},276,{"file":242,"line":255,"context":204},320,{"file":242,"line":257,"context":204},329,{"file":242,"line":259,"context":204},365,15,2,[],[264],{"entryPoint":265,"graph":266,"unsanitizedCount":261,"severity":287},"\u003Creport> (src\\Views\\report.php:0)",{"nodes":267,"edges":283},[268,272,277,279],{"id":269,"type":270,"label":271,"file":234,"line":207},"n0","source","$_REQUEST",{"id":273,"type":274,"label":275,"file":234,"line":238,"wp_function":276},"n1","sink","echo() [XSS]","echo",{"id":278,"type":270,"label":271,"file":234,"line":207},"n2",{"id":280,"type":274,"label":281,"file":234,"line":238,"wp_function":282},"n3","file_get_contents() [SSRF\u002FLFI]","file_get_contents",[284,286],{"from":269,"to":273,"sanitized":285},false,{"from":278,"to":280,"sanitized":285},"medium",{"summary":289,"deductions":290},"The ouivresweb-api plugin version 1.1.1 demonstrates a generally strong security posture with some notable areas for improvement. The plugin excels in limiting its attack surface, with no unprotected AJAX handlers, REST API routes, or shortcodes. Its extensive use of prepared statements for SQL queries (92%) and proper output escaping (75%) are positive indicators of secure coding practices. Furthermore, the absence of any recorded vulnerabilities or CVEs suggests a history of reliable security.\n\nHowever, the analysis does reveal potential weaknesses. The presence of a single cron event without explicit mention of authentication checks raises a flag. More significantly, a taint analysis identified one flow with an unsanitized path. While no critical or high severity issues were detected in the taint analysis, this indicates a potential for path traversal or similar vulnerabilities if not handled carefully. The plugin also lacks nonce checks on any entry points, which is a common security control for WordPress plugins. The limited number of capability checks (2) alongside the cron event and unsanitized path could potentially allow unauthorized access or execution if combined with other weaknesses or misconfigurations.\n\nIn conclusion, ouivresweb-api v1.1.1 is a relatively secure plugin, particularly in its handling of database interactions and output. Its clean vulnerability history is a significant strength. Nevertheless, the identified unsanitized path flow and the absence of nonce checks warrant attention to prevent potential security incidents, especially concerning the cron event's security.",[291,293,295,297],{"reason":292,"points":31},"Unsanitized path flow detected",{"reason":294,"points":179},"No nonce checks on entry points",{"reason":296,"points":179},"Potential risk with cron event security",{"reason":298,"points":30},"Output escaping is not fully robust (25% not properly escaped)","2026-03-17T05:43:21.991Z",{"wat":301,"direct":310},{"assetPaths":302,"generatorPatterns":305,"scriptPaths":306,"versionParams":307},[303,304],"\u002Fwp-content\u002Fplugins\u002Fourivesweb-api\u002Fassets\u002Fcss\u002FError.css","\u002Fwp-content\u002Fplugins\u002Fourivesweb-api\u002Fassets\u002FIncludes\u002Fsweetalert2.all.min.js",[],[304],[308,309],"ourivesweb-api\u002Fassets\u002Fcss\u002FError.css?ver=","ourivesweb-api\u002Fassets\u002FIncludes\u002Fsweetalert2.all.min.js?ver=",{"cssClasses":311,"htmlComments":312,"htmlAttributes":313,"restEndpoints":314,"jsGlobals":315,"shortcodeOutput":317},[],[],[],[],[316],"Swal",[]]