[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fVZgGyaA-4eVlS-j_7gFpoc7LDz0GxtBnNn7MKIu04RY":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":18,"download_link":24,"security_score":13,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":35,"analysis":130,"fingerprints":212},"payment-gateway-via-valitor-for-woocommerce","Payment Gateway via Valitor for WooCommerce","1.9.39","tacticaisdev","https:\u002F\u002Fprofiles.wordpress.org\u002Ftacticaisdev\u002F","\u003Cp>The Valitor Web Payments Page is a simple and secure way to do business on the Internet, both for large online stores and for smaller merchants.\u003C\u002Fp>\n\u003Cp>When using the Web Payments Page, Merchants do not need to ask for or handle card information on their web sites. Merchants who need to attain PCI certification can therefore reduce the scope of the certification process.\u003C\u002Fp>\n\u003Cp>The Payment Page accepts all major credit cards (Visa, MasterCard, JCB, Diners and American Express).\u003C\u002Fp>\n\u003Cp>This plugin is maintained and supported by Tactica\u003C\u002Fp>\n","Get paid via Valitor in your woocommerce shop.",200,11373,100,2,"2025-12-11T15:57:00.000Z","6.9.4","4.4","",[20,21,22,23],"credit-card","gateway","valitor","woocommerce","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpayment-gateway-via-valitor-for-woocommerce.1.9.39.zip",0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":30,"avg_security_score":31,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},300,96,30,91,"2026-04-04T04:38:59.590Z",[36,52,70,87,108],{"slug":37,"name":38,"version":39,"author":7,"author_profile":8,"description":40,"short_description":41,"active_installs":13,"downloaded":42,"rating":25,"num_ratings":25,"last_updated":43,"tested_up_to":44,"requires_at_least":45,"requires_php":46,"tags":47,"homepage":18,"download_link":50,"security_score":51,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"valitorpay-payment-gateway-for-woocommerce","Payment Gateway via ValitorPay for WooCommerce","1.2.21","\u003Cp>ValitorPay is an API driven payment gateway by payment processor Valitor.\u003C\u002Fp>\n\u003Cp>Valitor is an international payment solutions company who helps partners, merchants and consumers to make and receive payments.\u003C\u002Fp>\n\u003Cp>Taking card payments online on checkout page. You can handle with or without 3D secure verification.\u003C\u002Fp>\n\u003Cp>This plugin is maintained and supported by Tactica\u003C\u002Fp>\n","Take payments in your WooCommerce store using the ValitorPay Gateway",4586,"2024-12-24T11:40:00.000Z","6.7.5","5.5","7.0",[20,48,22,49,23],"payment-gateway","valitorpay","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvalitorpay-payment-gateway-for-woocommerce.1.2.21.zip",92,{"slug":53,"name":54,"version":55,"author":56,"author_profile":57,"description":58,"short_description":59,"active_installs":60,"downloaded":61,"rating":62,"num_ratings":63,"last_updated":64,"tested_up_to":44,"requires_at_least":17,"requires_php":46,"tags":65,"homepage":68,"download_link":69,"security_score":13,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"woo-asaas","Asaas Gateway for WooCommerce","2.7.4","Asaas","https:\u002F\u002Fprofiles.wordpress.org\u002Fasaas\u002F","\u003Cp>Use \u003Ca href=\"https:\u002F\u002Fwww.asaas.com\" rel=\"nofollow ugc\">Asaas\u003C\u002Fa> as payment method in your WooCommerce store.\u003C\u002Fp>\n\u003Cp>This plugin is an implementation of \u003Ca href=\"https:\u002F\u002Fasaasv3.docs.apiary.io\" rel=\"nofollow ugc\">Asaas API v3\u003C\u002Fa>. The checkout mechanism is completely transparent. The customer will not go out of your store to finish the order. The data are sent to Asaas service, that process the payment and return its status.\u003C\u002Fp>\n\u003Cp>For any doubt about the plugin installation and integration, please read the FAQ. If it doesn’t solve, use the plugin Support area that we will help you as soon as possible.\u003C\u002Fp>\n","Take transparent credit card and bank ticket payment checkouts on your store using Asaas.",9000,177841,78,17,"2026-03-10T00:36:00.000Z",[66,20,67,48,23],"asaas","payment","https:\u002F\u002Fwww.asaas.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwoo-asaas.2.7.4.zip",{"slug":71,"name":72,"version":73,"author":74,"author_profile":75,"description":76,"short_description":77,"active_installs":78,"downloaded":79,"rating":80,"num_ratings":81,"last_updated":82,"tested_up_to":16,"requires_at_least":17,"requires_php":83,"tags":84,"homepage":85,"download_link":86,"security_score":13,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"payplug","PayPlug for WooCommerce (Official)","2.15.1","Payplug","https:\u002F\u002Fprofiles.wordpress.org\u002Fpayplug\u002F","\u003Cp>\u003Cstrong>What PayPlug does for merchants\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>PayPlug primary goal is to give you the tools you need to sell to your clients, wherever they are.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Simple set up and management\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Safety\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Optimized conversion\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Support\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Our main features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>Accept payments\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>Fastest set up on the market, with no technical skills required\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Plugin developed by PayPlug, configurable with just a few clicks\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Reception of online credit card payments from CB, Visa, Mastercard, without needing an extra merchant account\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Boost your sales\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>Customizable payment page, optimized for mobile devices, integrated or redirected\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>One-click payment with secure card information storage\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Installment payments with Oney. Main benefits: immediately receive the complete amount of the order to enjoy a serene cash flow; Potential frauds and unpaid transactions will be managed by Oney\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Monitor your performances\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>Transaction history and accounting records with one click, using the management interface\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Personalized support, in your preferred language\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Do you want to know more about our features? Visit \u003Ca href=\"https:\u002F\u002Fwww.payplug.com\u002Fonline-payment\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.payplug.com\u002Fonline-payment\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>PayPlug in general\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>PayPlug is a French omnichannel payment solution dedicated to merchants. It allows you to accept credit card payments both online and in-store.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>10 000 merchants trust PayPlug for their payments\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>800 partners recommend us daily\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>PayPlug offers several plans to suit your needs and business requirements. \u003Cstrong>No set-up fees and no commitment;\u003C\u002Fstrong> you can change your offer whenever you want. More details: \u003Ca href=\"https:\u002F\u002Fwww.payplug.com\u002Fpricing\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.payplug.com\u002Fpricing\u003C\u002Fa>\u003C\u002Fp>\n","PlayPlug is a French payment solution allowing small and medium e-commerce companies to accept online payments from Visa, MasterCard and CB cards.",4000,179297,68,5,"2026-01-12T09:34:00.000Z","5.6",[20,21,67,71,23],"https:\u002F\u002Fwww.payplug.com\u002Fmodules\u002Fwoocommerce","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpayplug.2.15.1.zip",{"slug":88,"name":89,"version":90,"author":91,"author_profile":92,"description":93,"short_description":94,"active_installs":95,"downloaded":96,"rating":97,"num_ratings":81,"last_updated":98,"tested_up_to":44,"requires_at_least":99,"requires_php":100,"tags":101,"homepage":104,"download_link":105,"security_score":13,"vuln_count":106,"unpatched_count":25,"last_vuln_date":107,"fetched_at":27},"woocommerce-gateway-eway","Eway Payments for Woo","3.9.2","WooCommerce","https:\u002F\u002Fprofiles.wordpress.org\u002Fwoocommerce\u002F","\u003Cp>The Eway extension for WooCommerce allows you to take credit card payments directly on your store without redirecting your customers to a third party site to make payment. Supports \u003Cstrong>WooCommerce Subscriptions, WooCommerce Refunds API\u003C\u002Fstrong>, as well as \u003Cstrong>token payments\u003C\u002Fstrong>, which allows customers to save credit cards for future purchases. Everything happens on your site without the customer ever leaving.\u003C\u002Fp>\n\u003Cp>The Eway payment gateway for WooCommerce makes use of Eway’s brand new Rapid 3.1 API, it supports \u003Cstrong>3D Secure\u003C\u002Fstrong> and is \u003Cstrong>fully PCI compliant\u003C\u002Fstrong> as per Eway’s specifications and adds support for processing \u003Cstrong>subscription payments\u003C\u002Fstrong> as well as \u003Cstrong>token payments\u003C\u002Fstrong> allowing customers to save credit cards for future purchases.\u003C\u002Fp>\n\u003Cp>By using Eway’s Rapid 3.1 API there is a single endpoint for processing payment, meaning you only need this one extension to take payment through any of Eway’s processing countries, Eway Australia, Eway New Zealand, Eway Singapore, Eway Malaysia, and Eway Hong Kong. Eway uses complex DNS technology to ensure your payment is routed to the correct country.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Ability to host promotional flash sales in real-time\u003C\u002Fli>\n\u003Cli>Generate discount coupons for your customers to help with special promotions\u003C\u002Fli>\n\u003Cli>Product reviews from your customers\u003C\u002Fli>\n\u003Cli>Automatic up-sells and cross-sells\u003C\u002Fli>\n\u003Cli>Intuitive order management suite\u003C\u002Fli>\n\u003C\u002Ful>\n","This is the official WooCommerce extension to take credit card and subscription payments directly on your store with Eway.",3000,156348,64,"2025-10-13T02:29:00.000Z","6.0","7.4",[20,102,21,103,23],"eway","payment-request","https:\u002F\u002Fwoocommerce.com\u002Fproducts\u002Feway\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwoocommerce-gateway-eway.3.9.2.zip",1,"2023-01-04 00:00:00",{"slug":109,"name":110,"version":111,"author":112,"author_profile":113,"description":114,"short_description":115,"active_installs":116,"downloaded":117,"rating":118,"num_ratings":119,"last_updated":120,"tested_up_to":16,"requires_at_least":121,"requires_php":46,"tags":122,"homepage":125,"download_link":126,"security_score":127,"vuln_count":128,"unpatched_count":25,"last_vuln_date":129,"fetched_at":27},"gestpay-for-woocommerce","Gestpay for WooCommerce","20251211","Fabrick Support","https:\u002F\u002Fprofiles.wordpress.org\u002Feasynolo\u002F","\u003Cp>Axerve Free Plugin for Woocommerce allows you to use \u003Ca href=\"https:\u002F\u002Fwww.axerve.com\u002F\" title=\"Axerve Website\" rel=\"nofollow ugc\">Axerve\u003C\u002Fa> on your WooCommerce-powered website.\u003C\u002Fp>\n\u003Cp>There are four operational modes in this plugin, which depends on Axerve version you are using:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Axerve Starter\u003C\u002Fli>\n\u003Cli>Axerve Professional\u003C\u002Fli>\n\u003Cli>Axerve Professional On Site\u003C\u002Fli>\n\u003Cli>Axerve Professional iFrame\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fdocs.axerve.com\u002Fit\u002Fplugin\u002Fwoocommerce\u002F\" title=\"Axerve for WooCommerce - Usage Documentation\" rel=\"nofollow ugc\">Click here to read the full usage documentation on Axerve\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>WooCommerce Blocks Compatibility\u003C\u002Fh4>\n\u003Cp>Starting from version 20251028, the plugin is fully compatible with WooCommerce Blocks checkout. All payment methods are now supported in both classic checkout and blocks checkout modes. There is no need to disable WooCommerce Blocks checkout.\u003C\u002Fp>\n\u003Ch4>Available Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>S2S SOAP (Except callReadTrxS2S and callVerifyCardS2S)\u003C\u002Fli>\n\u003Cli>Tokenization\u003C\u002Fli>\n\u003Cli>3DS1\u003C\u002Fli>\n\u003Cli>3DS2 – Authentication\u003C\u002Fli>\n\u003Cli>3DS2 – Recurring Transactions\u003C\u002Fli>\n\u003Cli>RBA (Risk-Based Authentication)\u003C\u002Fli>\n\u003Cli>PayPal Seller Protection\u003C\u002Fli>\n\u003Cli>WooCommerce Subscriptions support (Recurring payments and subscriptions)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Available Payment Methods\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Credit Cards\u003C\u002Fli>\n\u003Cli>BANCOMAT Pay\u003C\u002Fli>\n\u003Cli>MyBank\u003C\u002Fli>\n\u003Cli>PayPal\u003C\u002Fli>\n\u003Cli>PayPal Billing Agreement\u003C\u002Fli>\n\u003Cli>PayPal Buy Now Pay Later\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Actions and filters list\u003C\u002Fh3>\n\u003Cp>Here is a list of filters and actions used in this plugin:\u003C\u002Fp>\n\u003Ch4>Actions\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>gestpay_before_processing_order\u003C\u002Fli>\n\u003Cli>gestpay_after_order_completed\u003C\u002Fli>\n\u003Cli>gestpay_after_order_failed\u003C\u002Fli>\n\u003Cli>gestpay_after_order_pending\u003C\u002Fli>\n\u003Cli>gestpay_before_order_settle\u003C\u002Fli>\n\u003Cli>gestpay_order_settle_success\u003C\u002Fli>\n\u003Cli>gestpay_order_settle_fail\u003C\u002Fli>\n\u003Cli>gestpay_before_order_refund\u003C\u002Fli>\n\u003Cli>gestpay_order_refund_success\u003C\u002Fli>\n\u003Cli>gestpay_order_refund_fail\u003C\u002Fli>\n\u003Cli>gestpay_before_order_delete\u003C\u002Fli>\n\u003Cli>gestpay_order_delete_success\u003C\u002Fli>\n\u003Cli>gestpay_order_delete_fail\u003C\u002Fli>\n\u003Cli>gestpay_after_s2s_order_failed\u003C\u002Fli>\n\u003Cli>gestpay_on_renewal_payment_failure\u003C\u002Fli>\n\u003Cli>gestpay_my_cards_template_before_table\u003C\u002Fli>\n\u003Cli>gestpay_my_cards_template_after_table\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Filters\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>gestpay_gateway_parameters\u003C\u002Fli>\n\u003Cli>gestpay_encrypt_parameters\u003C\u002Fli>\n\u003Cli>gestpay_settings_tab\u003C\u002Fli>\n\u003Cli>gestpay_my_cards_template\u003C\u002Fli>\n\u003Cli>gestpay_cvv_fancybox\u003C\u002Fli>\n\u003Cli>gestpay_gateway_cards_images\u003C\u002Fli>\n\u003Cli>gestpay_alter_order_id -> this can be used to add, for example, a prefix to the order ID\u003C\u002Fli>\n\u003Cli>gestpay_revert_order_id -> this must be used to revert back the order ID changed with the \u003Ccode>gestpay_alter_order_id\u003C\u002Fcode> filter\u003C\u002Fli>\n\u003Cli>gestpay_s2s_validate_payment_fields\u003C\u002Fli>\n\u003Cli>gestpay_s2s_payment_fields_error_strings\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Third Party Libraries\u003C\u002Fh3>\n\u003Cp>Questo plugin utilizza le seguenti librerie di terze parti:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>SOAP Client – Parte della libreria standard PHP, utilizzata per le comunicazioni con l’API Gestpay\u003C\u002Fli>\n\u003Cli>WooCommerce – Framework e-commerce per WordPress (GPLv3)\u003C\u002Fli>\n\u003Cli>WordPress – CMS principale (GPLv2 o successiva)\u003C\u002Fli>\n\u003Cli>jQuery – Libreria JavaScript per la manipolazione del DOM e la gestione degli eventi (MIT License)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>Questo plugin si connette ai seguenti servizi esterni:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Axerve Payment Gateway (precedentemente Gestpay)\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>– Scopo: Elaborazione dei pagamenti tramite il gateway di Banca Sella\u003Cbr \u002F>\n– Dati inviati: Informazioni sull’ordine, dati del cliente necessari per il pagamento\u003Cbr \u002F>\n– Quando: Durante il processo di pagamento e per le operazioni di gestione degli ordini\u003Cbr \u002F>\n– Privacy Policy: https:\u002F\u002Fwww.axerve.com\u002Fprivacy-policy\u003Cbr \u002F>\n– Termini di servizio: https:\u002F\u002Fwww.axerve.com\u002Fterms-conditions\u003C\u002Fp>\n\u003Col>\n\u003Cli>icanhazip.com\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>– Scopo: Identificazione dell’indirizzo IP del server per la configurazione del gateway di pagamento\u003Cbr \u002F>\n– Dati inviati: Nessun dato viene inviato, il servizio risponde solo con l’indirizzo IP pubblico\u003Cbr \u002F>\n– Quando: Solo nell’area amministrativa durante la configurazione del plugin\u003Cbr \u002F>\n– Privacy Policy: https:\u002F\u002Fmajor.io\u002Ficanhazip-com-faq\u002F\u003Cbr \u002F>\n– Note: Questo servizio viene utilizzato solo per aiutare gli amministratori a configurare correttamente il gateway di pagamento nel backoffice di Axerve\u003C\u002Fp>\n\u003Col>\n\u003Cli>Script JavaScript di verifica\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>– Scopo: Verifica della compatibilità del browser con il gateway di pagamento\u003Cbr \u002F>\n– Dati inviati: Informazioni sul browser dell’utente per verificare la compatibilità TLS\u003Cbr \u002F>\n– Quando: Durante il processo di pagamento\u003Cbr \u002F>\n– Domini: gestpay.net, gestpay.it, ecomm.sella.it\u003Cbr \u002F>\n– Privacy Policy: https:\u002F\u002Fwww.axerve.com\u002Fprivacy-policy\u003C\u002Fp>\n\u003Col>\n\u003Cli>MyBank\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>– Scopo: Integrazione con il sistema di pagamento MyBank\u003Cbr \u002F>\n– Dati inviati: Informazioni necessarie per il pagamento tramite MyBank\u003Cbr \u002F>\n– Quando: Solo quando l’utente sceglie MyBank come metodo di pagamento\u003Cbr \u002F>\n– Privacy Policy: https:\u002F\u002Fwww.mybank.eu\u002Fprivacy-policy\u002F\u003Cbr \u002F>\n– Termini di servizio: https:\u002F\u002Fwww.mybank.eu\u002Fterms-and-conditions\u002F\u003C\u002Fp>\n\u003Cp>Server di test e sviluppo\u003Cbr \u002F>\nNel codice di esempio (directory \u003Ccode>sample\u002F\u003C\u002Fcode>) sono presenti riferimenti a domini fittizi (\u003Ccode>site1.it\u003C\u002Fcode> e \u003Ccode>site2.it\u003C\u002Fcode>) utilizzati solo come esempio per dimostrare la configurazione multi-sito. Questi domini sono puramente dimostrativi e non sono utilizzati nel codice di produzione.\u003C\u002Fp>\n","Axerve Free Plugin for Woocommerce extends WooCommerce providing the payment gateway Axerve.",1000,43366,76,9,"2025-12-11T15:15:00.000Z","4.7",[123,20,124,48,23],"axerve","gestpay","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgestpay-for-woocommerce\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgestpay-for-woocommerce.20251211.zip",99,3,"2024-02-27 00:00:00",{"attackSurface":131,"codeSignals":186,"taintFlows":204,"riskAssessment":205,"analyzedAt":211},{"hooks":132,"ajaxHandlers":182,"restRoutes":183,"shortcodes":184,"cronEvents":185,"entryPointCount":25,"unprotectedCount":25},[133,139,144,147,151,156,160,164,168,171,175,178],{"type":134,"name":135,"callback":136,"file":137,"line":138},"filter","wcml_gateway_text_keys_to_translate","valitor_text_keys_to_translate","includes\\class-wc-gateway-valitor.php",140,{"type":140,"name":141,"callback":142,"file":137,"line":143},"action","woocommerce_api_wc_gateway_valitor","check_valitor_response",147,{"type":140,"name":145,"callback":142,"file":137,"line":146},"woocommerce_thankyou",148,{"type":140,"name":148,"callback":149,"file":137,"line":150},"admin_notices","valitor_held_duration_notice",768,{"type":140,"name":152,"callback":153,"file":154,"line":155},"before_woocommerce_init","closure","valitor.php",24,{"type":140,"name":157,"callback":158,"priority":25,"file":154,"line":159},"plugins_loaded","valitor_init",33,{"type":134,"name":161,"callback":162,"file":154,"line":163},"woocommerce_payment_gateways","valitor_woocommerce_add_gateway",41,{"type":140,"name":165,"callback":166,"file":154,"line":167},"woocommerce_cancelled_order","valitor_cancel_order",48,{"type":140,"name":157,"callback":169,"file":154,"line":170},"valitor_textdomain",65,{"type":140,"name":172,"callback":173,"file":154,"line":174},"woocommerce_blocks_loaded","valitor_woocommerce_blocks_support",104,{"type":140,"name":176,"callback":153,"file":154,"line":177},"woocommerce_blocks_payment_method_type_registration",109,{"type":140,"name":179,"callback":180,"file":154,"line":181},"woocommerce_blocks_checkout_enqueue_data","valitor_blocks_checkout_enqueue_styles",118,[],[],[],[],{"dangerousFunctions":187,"sqlUsage":188,"outputEscaping":190,"fileOperations":25,"externalRequests":25,"nonceChecks":25,"capabilityChecks":25,"bundledLibraries":203},[],{"prepared":25,"raw":25,"locations":189},[],{"escaped":191,"rawEcho":192,"locations":193},12,4,[194,197,199,201],{"file":137,"line":195,"context":196},636,"raw output",{"file":137,"line":198,"context":196},650,{"file":137,"line":200,"context":196},652,{"file":137,"line":202,"context":196},835,[],[],{"summary":206,"deductions":207},"The static analysis of \"payment-gateway-via-valitor-for-woocommerce\" v1.9.39 reveals a generally strong security posture. There are no identified entry points like AJAX handlers, REST API routes, or shortcodes that are unprotected, and no dangerous functions or file operations are utilized. All SQL queries employ prepared statements, which is a significant security advantage. However, a notable concern is the relatively low percentage (75%) of properly escaped output, suggesting a potential for cross-site scripting (XSS) vulnerabilities if the unescaped outputs are dynamic and user-controllable.\n\nThe absence of any recorded CVEs and the clean taint analysis indicate a history of good security practices or a lack of discovery of exploitable flaws. The plugin's attack surface is minimal and appears to be well-protected. The lack of nonce checks and capability checks on entry points is not explicitly concerning given that there are no identified entry points. The main area for improvement lies in ensuring all output is rigorously escaped to mitigate any potential XSS risks.\n\nOverall, the plugin demonstrates a good foundation for security with a minimal attack surface and secure database interactions. The primary weakness identified is the potential for XSS due to incomplete output escaping. The vulnerability history is clean, which is a positive sign, but the unescaped output remains a point of caution that warrants attention.",[208],{"reason":209,"points":210},"Unescaped output detected",6,"2026-03-16T20:12:54.561Z",{"wat":213,"direct":221},{"assetPaths":214,"generatorPatterns":216,"scriptPaths":217,"versionParams":218},[215],"\u002Fwp-content\u002Fplugins\u002Fpayment-gateway-via-valitor-for-woocommerce\u002Fcards.png",[],[],[219,220],"payment-gateway-via-valitor-for-woocommerce\u002Fcards.png?ver=","valitor-styles-frontend",{"cssClasses":222,"htmlComments":224,"htmlAttributes":225,"restEndpoints":227,"jsGlobals":228,"shortcodeOutput":230},[223],"valitor_woocommerce",[],[226],"data-valitor-payment",[],[229],"valitor_woocommerce_params",[]]