[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fqLdDbYz8Pnb-q4ewm1PkxcBQLRnrcpgSeGizkeWQVSY":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":75,"crawl_stats":36,"alternatives":80,"analysis":178,"fingerprints":670},"payu-india","PayU CommercePro Plugin","3.8.8","PayU India","https:\u002F\u002Fprofiles.wordpress.org\u002Fpayuplugin\u002F","\u003Cp>Caution: Always keep backup of your existing WooCommerce installation including Mysql Database, before installing a new module.\u003C\u002Fp>\n\u003Cp>The plugin zip can be easily installed using WordPress’s upload plugin feature.\u003C\u002Fp>\n","CommercePro payment plugin by PayU Payment Gateway (India) for WooCommerce (tested from 5.3 to 9.8.1).",7000,70762,100,1,"2025-07-15T10:35:00.000Z","6.8.5","5.3","7.4",[20,21,22],"gateway","payment","payu","https:\u002F\u002Fpayu.in\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpayu-india.3.8.8.zip",89,3,0,"2025-06-05 00:00:00","2026-03-15T15:16:48.613Z",[31,46,59],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":6,"severity":38,"cvss_score":39,"cvss_vector":40,"vuln_type":41,"published_date":28,"updated_date":42,"references":43,"days_to_patch":45},"CVE-2025-31022","payu-commercepro-plugin-authentication-bypass","PayU CommercePro Plugin \u003C= 3.8.7 - Authentication Bypass","The PayU CommercePro Plugin plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 3.8.7. This is due to the plugin not properly verifying a user's identity through the update_cart_data() function. This makes it possible for unauthenticated attackers to log in as an administrator.",null,"\u003C=3.8.7","critical",9.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Authentication Bypass Using an Alternate Path or Channel","2025-07-07 13:06:54",[44],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F4ce039cd-2662-4cc3-9d38-932be7b7726d?source=api-prod",33,{"id":47,"url_slug":48,"title":49,"description":50,"plugin_slug":4,"theme_slug":36,"affected_versions":51,"patched_in_version":52,"severity":38,"cvss_score":39,"cvss_vector":40,"vuln_type":53,"published_date":54,"updated_date":55,"references":56,"days_to_patch":58},"CVE-2024-12264","payu-commercepro-plugin-unauthenticated-privilege-escalation","PayU CommercePro Plugin \u003C= 3.8.3 - Unauthenticated Privilege Escalation","The PayU CommercePro Plugin plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.8.3. This is due to \u002Fwp-json\u002Fpayu\u002Fv1\u002Fgenerate-user-token and \u002Fwp-json\u002Fpayu\u002Fv1\u002Fget-shipping-cost  REST API endpoints not properly verifying a user's identity prior to setting the users ID and auth cookies. This makes it possible for unauthenticated attackers to create new administrative user accounts.","\u003C=3.8.3","3.8.4","Improper Authentication","2025-01-06 16:09:55","2025-03-13 20:25:18",[57],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fbf037e4a-2dd7-4296-b86b-635901d2d68f?source=api-prod",66,{"id":60,"url_slug":61,"title":62,"description":63,"plugin_slug":4,"theme_slug":36,"affected_versions":64,"patched_in_version":65,"severity":66,"cvss_score":67,"cvss_vector":68,"vuln_type":69,"published_date":70,"updated_date":71,"references":72,"days_to_patch":74},"CVE-2024-27193","payu-india-reflected-cross-site-scripting-via-type","PayU India \u003C= 3.8.8 - Reflected Cross-Site Scripting via type","The PayU India plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘type’ parameter in versions up to, and including, 3.8.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.","\u003C=3.8.8","3.8.9","medium",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-02-26 00:00:00","2026-03-17 21:18:39",[73],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fe4a5dc4f-3eb6-410e-af3d-e3b0639319f3?source=api-prod",751,{"slug":76,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":77,"trust_score":78,"computed_at":79},"payuplugin",283,71,"2026-04-05T09:13:40.707Z",[81,102,120,141,161],{"slug":82,"name":83,"version":84,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":89,"downloaded":90,"rating":91,"num_ratings":92,"last_updated":93,"tested_up_to":94,"requires_at_least":95,"requires_php":18,"tags":96,"homepage":100,"download_link":101,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"woo-payu-payment-gateway","PayU GPO Payment for WooCommerce","2.9.1","PayU GPO","https:\u002F\u002Fprofiles.wordpress.org\u002Fpayusa\u002F","\u003Cp>\u003Cstrong>PayU payment module for WooCommerce\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The plugin offers the following payment methods:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>PayU – standard – payer will be redirected to PayU’s hosted payment page where any available payment type configured on your POS can be chosen\u003C\u002Fli>\n\u003Cli>PayU – bank list – payment type list will be displayed, depending on chosen type the payer will be either redirected directly to the bank or to PayU’s hosted payment page\u003C\u002Fli>\n\u003Cli>PayU – payment card – payer will be redirected to PayU’s hosted card form where credit, debit or prepaid card data can be securely entered\u003C\u002Fli>\n\u003Cli>PayU – secure form – a secure form collecting credit, debit or prepaid card data will be displayed\u003C\u002Fli>\n\u003Cli>PayU – Blik – payer will be redirected to Blik’s page\u003C\u002Fli>\n\u003Cli>PayU – installments – payer will be redirected to installment payment form\u003C\u002Fli>\n\u003Cli>PayU – Klarna – payer will be redirected to Klarna payment form\u003C\u002Fli>\n\u003Cli>PayU – PayPo – payer will be redirected to PayPo payment form\u003C\u002Fli>\n\u003Cli>PayU – Twisto – payer will be redirected to Twisto payment form\u003C\u002Fli>\n\u003Cli>PayU – Twisto pay in 3 – payer will be redirected to Twisto pay in 3 payment form\u003C\u002Fli>\n\u003Cli>PayU – PragmaPay – payer will be redirected to PragmaPay payment form (only for business clients)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Detailed information about each method and its configuration \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FPayU-EMEA\u002Fwoo-payu-payment-gateway\" rel=\"nofollow ugc\">can be found here\u003C\u002Fa>.\u003C\u002Fp>\n","PayU fast online payments for WooCommerce. Banks, BLIK, credit or debit cards, Installments, Apple Pay, Google Pay.",10000,379872,74,6,"2026-02-05T10:13:00.000Z","6.9.4","5.0",[97,21,98,22,99],"credit-card","payment-gateway","platnosci","https:\u002F\u002Fgithub.com\u002FPayU\u002Fwoo-payu-payment-gateway","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwoo-payu-payment-gateway.2.9.1.zip",{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":110,"downloaded":111,"rating":27,"num_ratings":27,"last_updated":112,"tested_up_to":16,"requires_at_least":113,"requires_php":18,"tags":114,"homepage":118,"download_link":119,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"wpbr-payuni-payment","Pay with PAYUNi","1.8.1","WPBrewer","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpbrewer\u002F","\u003Cp>Pay with PAYUNi(統一金流) plugin allows you to provide PAYUNi payment gateway for your WooCommerce store.\u003Cbr \u002F>\nThis plugin integrates with PAYUNi’s UNiPaypage (UPP\u002F整合式支付頁) service, which redirects the customer to the payment page when the customer places an order.\u003C\u002Fp>\n\u003Ch3>Major features include\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Integrate with PAYUNi’s UNiPaypage(UPP) service\u003C\u002Fli>\n\u003Cli>Support Language setting for UNiPaypage\u003C\u002Fli>\n\u003Cli>Support refund on backend (Credit Payment、Installment payment、Apple Pay、Google Pay、Samsung Pay)\u003C\u002Fli>\n\u003Cli>Support E-Invoice feature\u003C\u002Fli>\n\u003Cli>Compatible with High-Performance Order Storage (HPOS)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Supported Payment Methods\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Credit Card payment\u003C\u002Fli>\n\u003Cli>Credit Card installment payment (Could enable\u002Fdisable for different installments)\u003C\u002Fli>\n\u003Cli>Apple Pay、Google Pay、Samsung Pay\u003C\u002Fli>\n\u003Cli>LINE Pay\u003C\u002Fli>\n\u003Cli>AFTEE payment (AFTEE先享後付)\u003C\u002Fli>\n\u003Cli>ATM Virtual Account payment\u003C\u002Fli>\n\u003Cli>CVS payment\u003C\u002Fli>\n\u003Cli>UnionPay\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Get started with PAYUNi\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.payuni.com.tw\u002Fsignup\" rel=\"nofollow ugc\">Apply PAYUNi’s seller member\u003C\u002Fa>. If you want to test the payment service in sandbox mode, please register seller member in \u003Ca href=\"https:\u002F\u002Fsandbox.payuni.com.tw\u002Fsignup\" rel=\"nofollow ugc\">Sandbox\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Install & Activate Pay with PAYUNi plugin on your WordPress website.\u003C\u002Fli>\n\u003Cli>Setup the Merchant ID、Hash Key and Hash IV\u003C\u002Fli>\n\u003Cli>Go to the WordPress Admin Panel. Open WooCommerce > Settings > Payments to enable your preferred payment methods.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Once your PAYUNi seller member account and your store has been approved, you can start accepting payments.\u003Cbr \u002F>\nThe pricing is always per transaction. No startup fees, no monthly fees.\u003C\u002Fp>\n\u003Ch3>About PAYUNi\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"\u002F\u002Fwww.payuni.com.tw\u002F)\" rel=\"nofollow ugc\">PAYUNi (統一金流)\u003C\u002Fa> is a third-party payment service provider based in Taiwan.\u003Cbr \u002F>\nIt offers a wide range of secure and efficient payment solutions for businesses of all sizes.\u003C\u002Fp>\n\u003Cp>PAYUNi’s services include credit card payment, ATM virtual account payment, CVS payment, and mobile payment options,\u003Cbr \u002F>\nmaking it easy for merchants to accept payments from their customers.\u003C\u002Fp>\n\u003Cp>Additionally, PAYUNi provides shipping services such as 7-11 C2C shipping and TCat Home Delivery.\u003C\u002Fp>\n\u003Cp>For more information, please refer to the \u003Ca href=\"https:\u002F\u002Fwww.payuni.com.tw\u002F\" rel=\"nofollow ugc\">PAYUNi website\u003C\u002Fa>.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.payuni.com.tw\u002Fterms\" rel=\"nofollow ugc\">PAYUNi Terms of Service\u003C\u002Fa>.\u003C\u002Fp>\n","Accept payments via PAYUNi(統一金流) payment for your WooCommerce store.",500,3560,"2026-02-27T01:01:00.000Z","5.9",[21,98,115,116,117],"payuni","taiwan","woocommerce","https:\u002F\u002Fwpbrewer.com\u002Fproduct\u002Fwpbr-payuni-payment","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpbr-payuni-payment.1.8.1.zip",{"slug":121,"name":122,"version":123,"author":124,"author_profile":125,"description":126,"short_description":127,"active_installs":128,"downloaded":129,"rating":130,"num_ratings":131,"last_updated":132,"tested_up_to":133,"requires_at_least":134,"requires_php":135,"tags":136,"homepage":135,"download_link":139,"security_score":140,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"woo-payu-paisa","PayU Paisa – Woocommerce","2.1","nilesh0308","https:\u002F\u002Fprofiles.wordpress.org\u002Fnilesh0308\u002F","\u003Cp>This is PayU Paisa payment gateway for WooCommerce with currency conversion feature which allows you to use PayU Paisa payment gateway with the WooCommerce plugin and empowering any business to collect money online within minutes.\u003C\u002Fp>\n\u003Ch4>PayU Paisa payment gateway Needs Your Support\u003C\u002Fh4>\n\u003Cp>It is hard to continue development and support for this free plugin without contributions from users like you. If you enjoy using PayU Paisa payment gateway and find it useful, then please rate it on wordpress. Your rating will help encourage and support the plugin’s continued development and better user support.\u003C\u002Fp>\n\u003Ch3>Configuration\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Visit the \u003Ccode>WooCommerce > Settings > Checkout\u003C\u002Fcode> tab.\u003C\u002Fli>\n\u003Cli>Click on \u003Cem>PayU Money\u003C\u002Fem> to edit the settings. If you do not see \u003Cem>PayUPaisa\u003C\u002Fem> in the list at the top of the screen make sure you have activated the plugin in the WordPress Plugin Manager.\u003C\u002Fli>\n\u003Cli>Enable the Payment Method, name it \u003Ccode>Credit Card \u002F Debit Card \u002F Internet Banking\u003C\u002Fcode> (this will show up on the payment page your customer sees).\u003C\u002Fli>\n\u003Cli>Add in your \u003Ccode>Merchant Key\u003C\u002Fcode> and \u003Ccode>Merchant Salt\u003C\u002Fcode> as provided by the PayUPaisa Team.\u003C\u002Fli>\n\u003Cli>Choose if you want to show the \u003Ccode>PayUPaisa\u003C\u002Fcode> Logo to the customer (You may also insert a custom logo in your description via \u003Ccode>\u003Cimg ...\u003C\u002Fcode> tag).\u003C\u002Fli>\n\u003Cli>Select \u003Ccode>Redirect url\u003C\u002Fcode> (URL you want PayUPaisa to redirect after payment).\u003C\u002Fli>\n\u003Cli>Click Save.\u003C\u002Fli>\n\u003C\u002Fol>\n","PayU Money Payment Gateway for WooCommerce. Start your eStore without an SETUP cost and get the payment from PayUPaisa.",30,7010,60,2,"2021-04-08T20:17:00.000Z","5.7.15","3.5.1","",[98,4,137,138,117],"payu-money","payu-paisa","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwoo-payu-paisa.zip",85,{"slug":142,"name":143,"version":144,"author":145,"author_profile":146,"description":147,"short_description":148,"active_installs":149,"downloaded":150,"rating":151,"num_ratings":92,"last_updated":152,"tested_up_to":133,"requires_at_least":153,"requires_php":154,"tags":155,"homepage":135,"download_link":160,"security_score":140,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"edd-payu-gateway","Payment Gateway for PayUmoney on Easy Digital Downloads","1.0.3","WP ALL SUPPORT","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpallsupport\u002F","\u003Ch4>PayUmoney gateway supports INR currency and this plugin is meant to be used by merchants in India.\u003C\u002Fh4>\n\u003Cp>After checkout on the website it redirects the user to the PayUmoney payment screen where the customer can make the payment.\u003C\u002Fp>\n\u003Cp>The plugin requires a test or live API key which can be found from the PayUmoney account settings at https:\u002F\u002Fwww.payumoney.com\u003C\u002Fp>\n\u003Cp>This add on is 100% translatable.\u003C\u002Fp>\n\u003Ch4>More plugins by WP ALL SUPPORT\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fhide-admin-bar-by-wp-all-support\u002F\" rel=\"ugc\">Hide WP Admin Bar by WP ALL SUPPORT\u003C\u002Fa> – Hide admin bar based on user roles and conditional logic\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fedd-payu-latam-gateway\u002F\" rel=\"ugc\">PayUmoney Latam\u003C\u002Fa> – PayUmoney payment gateway for Easy Digital Downloads\u003C\u002Fp>\n\u003Ch4>Suggestions \u002F Feature Request\u003C\u002Fh4>\n\u003Cp>If you have suggestions or a new feature request, feel free to get in touch with me via the contact form on our website \u003Ca href=\"https:\u002F\u002Fwpallsupport.com\u002Fcontact-us\u002F\" rel=\"nofollow ugc\">here\u003C\u002Fa>\u003C\u002Fp>\n","This is a simple addon for the Easy Digital Downloads WordPress plugin to use the PayUmoney india payment gateway.",10,9972,80,"2021-05-08T09:05:00.000Z","4.9","5.2.4",[156,157,98,158,159],"easy-digital-downloads","online-payments","payuindia","payumoney","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fedd-payu-gateway.1.0.3.zip",{"slug":162,"name":163,"version":164,"author":165,"author_profile":166,"description":167,"short_description":168,"active_installs":149,"downloaded":169,"rating":27,"num_ratings":27,"last_updated":170,"tested_up_to":171,"requires_at_least":172,"requires_php":135,"tags":173,"homepage":135,"download_link":177,"security_score":140,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"simple-payu-romania","Simple PayU Romania","1.0","softpill.eu","https:\u002F\u002Fprofiles.wordpress.org\u002Fsoftpilleu\u002F","\u003Cp>Simple PayU Romania features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Fixed or Custom payment amount options. You can have a product with a fixed price or can allow users to enter the amount, in example they pay for an invoice.\u003C\u002Fli>\n\u003Cli>Invoice field. Allow your customer to specify the invoice number they are paying for, the invoice number appearing in your payment gateway transaction.\u003C\u002Fli>\n\u003Cli>Product description. Add product description before the payment button and on the pop-up form.\u003C\u002Fli>\n\u003Cli>Customize button texts. Easily change the text shown on the buttons, in example “Click here to pay”, “Buy for only 19.99” etc.\u003C\u002Fli>\n\u003Cli>Transaction details get saved for later use.\u003C\u002Fli>\n\u003Cli>Template function ready\u003C\u002Fli>\n\u003Cli>Shortcode ready\u003C\u002Fli>\n\u003C\u002Ful>\n","Sell products online, process invoices, accept donations etc. using PayU Romania",1699,"2015-10-07T07:25:00.000Z","4.3.34","4.0.0",[174,98,22,175,176],"invoices","payu-romania","process-invoices","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-payu-romania.zip",{"attackSurface":179,"codeSignals":548,"taintFlows":625,"riskAssessment":652,"analyzedAt":669},{"hooks":180,"ajaxHandlers":494,"restRoutes":505,"shortcodes":536,"cronEvents":537,"entryPointCount":547,"unprotectedCount":547},[181,187,190,195,199,203,207,212,216,219,223,226,230,234,238,242,245,249,252,255,258,262,265,269,273,277,280,284,288,291,294,297,301,305,307,310,313,317,320,324,327,330,333,337,340,343,346,349,352,355,357,361,364,367,371,373,376,380,383,386,389,393,396,400,403,406,409,412,416,418,419,421,422,423,424,426,427,428,429,430,431,432,433,434,436,438,439,440,441,442,443,445,446,447,448,449,451,452,453,454,455,456,457,458,459,460,461,462,463,464,465,467,468,469,470,471,472,473,474,475,476,477,478,480,481,482,483,484,485,487,488,489,490,491,492,493],{"type":182,"name":183,"callback":184,"file":185,"line":186},"action","rest_api_init","getPaymentSuccessUpdate","includes\\admin\\payu-webhook-calls.php",13,{"type":182,"name":183,"callback":188,"file":185,"line":189},"getPaymentFailedUpdate",15,{"type":182,"name":191,"callback":192,"file":193,"line":194},"admin_footer","closure","includes\\buy_now\\buy-now-payu.php",20,{"type":182,"name":196,"callback":197,"file":193,"line":198},"woocommerce_after_add_to_cart_button","custom_button_after_add_to_cart",99,{"type":182,"name":200,"callback":201,"file":193,"line":202},"wp_enqueue_scripts","enqueue_buy_now_script",147,{"type":182,"name":204,"callback":205,"file":193,"line":206},"wp","restore_previous_cart_if_needed",304,{"type":182,"name":208,"callback":209,"priority":14,"file":210,"line":211},"woocommerce_after_save_address_validation","schedule_account_address_push","includes\\class-payu-account-address-sync.php",28,{"type":182,"name":213,"callback":214,"priority":149,"file":210,"line":215},"pass_arguments_to_save_address","payu_save_address_callback",29,{"type":182,"name":217,"callback":218,"priority":149,"file":210,"line":128},"pass_arguments_to_update_address","payu_update_address_callback",{"type":182,"name":220,"callback":221,"file":210,"line":222},"woocommerce_created_customer","custom_save_shipping_phone",31,{"type":182,"name":224,"callback":221,"file":210,"line":225},"woocommerce_save_account_details",32,{"type":227,"name":228,"callback":229,"priority":14,"file":210,"line":45},"filter","woocommerce_shipping_fields","custom_woocommerce_shipping_fields",{"type":182,"name":231,"callback":232,"priority":149,"file":210,"line":233},"wp_login","payu_address_sync_after_login",34,{"type":182,"name":235,"callback":236,"priority":14,"file":210,"line":237},"woocommerce_receipt_payubiz","payu_address_sync_brefore_payment",35,{"type":227,"name":239,"callback":240,"file":210,"line":241},"woocommerce_default_address_fields","make_billing_postcode_required",36,{"type":182,"name":183,"callback":188,"file":243,"line":244},"includes\\class-payu-shipping-tax-api-calculation.php",16,{"type":227,"name":246,"callback":247,"file":248,"line":222},"cron_schedules","cron_add_one_min","includes\\class-payu-verify-payment.php",{"type":182,"name":250,"callback":251,"priority":149,"file":248,"line":233},"check_payment_status_after_every_five_min","verify_payment",{"type":182,"name":253,"callback":254,"priority":149,"file":248,"line":237},"pass_arguments_to_verify","passArgumentstoVerify",{"type":182,"name":256,"callback":257,"priority":149,"file":248,"line":241},"clear_scheduled_task","clearScheduledTask",{"type":182,"name":259,"callback":260,"file":248,"line":261},"woocommerce_checkout_order_processed","schedulePaymentStatusCheck",39,{"type":182,"name":263,"callback":260,"file":248,"line":264},"woocommerce_new_order",40,{"type":182,"name":266,"callback":267,"file":268,"line":78},"init","check_payubiz_response","includes\\class-wc-gateway-payu.php",{"type":182,"name":270,"callback":271,"file":268,"line":272},"wp_head","payu_scripts",72,{"type":182,"name":274,"callback":275,"file":268,"line":276},"valid-payubiz-request","SUCCESS",76,{"type":182,"name":235,"callback":278,"file":268,"line":279},"receipt_page",77,{"type":182,"name":281,"callback":282,"file":268,"line":283},"woocommerce_update_options_payment_gateways","process_admin_options",83,{"type":227,"name":285,"callback":286,"priority":149,"file":287,"line":222},"woocommerce_get_order_item_totals","add_custom_order_total_row","includes\\payu-cart-express-checkout.php",{"type":227,"name":289,"callback":290,"priority":149,"file":287,"line":225},"woocommerce_order_get_formatted_shipping_address","woocommerce_order_get_formatted_shipping_email_added",{"type":182,"name":292,"callback":293,"file":287,"line":237},"woocommerce_pay_order_before_submit","payu_woocommerce_pay_order_before_submit",{"type":227,"name":295,"callback":296,"file":287,"line":241},"woocommerce_coupons_enabled","disable_coupon_field_on_checkout",{"type":227,"name":298,"callback":299,"file":287,"line":300},"woocommerce_product_needs_shipping","woocommerce_product_needs_shipping_enable",37,{"type":182,"name":302,"callback":303,"file":287,"line":304},"woocommerce_proceed_to_checkout","add_payu_buy_now_button",38,{"type":182,"name":306,"callback":303,"priority":194,"file":287,"line":261},"woocommerce_widget_shopping_cart_buttons",{"type":182,"name":308,"callback":309,"file":287,"line":264},"template_redirect","cart_page_checkout_callback",{"type":182,"name":200,"callback":311,"file":287,"line":312},"checkout_nonce_enqueue_custom_scripts",41,{"type":227,"name":314,"callback":315,"file":287,"line":316},"woocommerce_billing_fields","payu_remove_required_fields_checkout",42,{"type":227,"name":239,"callback":318,"priority":194,"file":287,"line":319},"filter_default_address_fields",43,{"type":182,"name":321,"callback":322,"file":287,"line":323},"woocommerce_before_cart","update_cart_address_on_load",44,{"type":182,"name":266,"callback":325,"file":287,"line":326},"payu_remove_checkout_button",46,{"type":182,"name":308,"callback":328,"file":287,"line":329},"payu_redirect_checkout_to_cart",47,{"type":182,"name":266,"callback":331,"priority":194,"file":287,"line":332},"remove_proceed_to_checkout_action",48,{"type":182,"name":334,"callback":335,"file":336,"line":300},"woocommerce_order_details_after_order_table","custom_refund_form","includes\\payu-refund-process.php",{"type":182,"name":338,"callback":339,"priority":149,"file":336,"line":264},"woocommerce_order_item_meta_end","payu_item_display_refund_links",{"type":182,"name":341,"callback":342,"priority":14,"file":336,"line":319},"woocommerce_order_details_before_order_table","payu_partial_refund_submit",{"type":182,"name":341,"callback":344,"priority":14,"file":336,"line":345},"process_custom_refund",49,{"type":182,"name":341,"callback":347,"file":336,"line":348},"check_custom_refund_status",52,{"type":182,"name":341,"callback":350,"file":336,"line":351},"payu_refund_time_message",55,{"type":182,"name":183,"callback":353,"file":336,"line":354},"refund_status_callback",58,{"type":182,"name":266,"callback":356,"file":336,"line":130},"register_refund_in_progress_order_status",{"type":227,"name":358,"callback":359,"priority":14,"file":336,"line":360},"wc_order_statuses","add_refund_in_progress_to_order_statuses",61,{"type":227,"name":246,"callback":362,"priority":149,"file":336,"line":363},"payu_check_refund_status_custom_schedule",63,{"type":182,"name":204,"callback":365,"file":336,"line":366},"payu_check_refund_status_scheduled_event",64,{"type":182,"name":368,"callback":369,"file":336,"line":370},"payu_check_refund_status_check_next_scheduled","payu_check_refund_status_update_data_according_to_cron",65,{"type":182,"name":191,"callback":192,"file":372,"line":244},"includes\\payu_affordability_widget\\payu-affordability-widget.php",{"type":182,"name":200,"callback":374,"file":372,"line":375},"custom_scripts",143,{"type":182,"name":377,"callback":378,"file":372,"line":379},"woocommerce_before_add_to_cart_form","display_payu_affordability_widget",153,{"type":182,"name":381,"callback":378,"file":372,"line":382},"woocommerce_before_cart_table",154,{"type":182,"name":384,"callback":378,"file":372,"line":385},"woocommerce_review_order_before_payment",155,{"type":182,"name":387,"callback":378,"file":372,"line":388},"woocommerce_blocks_loaded",156,{"type":182,"name":390,"callback":391,"priority":27,"file":392,"line":354},"plugins_loaded","woocommercePayubizInit","index.php",{"type":182,"name":394,"callback":395,"file":392,"line":272},"the_content","showpayubizMessage",{"type":227,"name":397,"callback":398,"file":392,"line":399},"woocommerce_payment_gateways","addGateways",134,{"type":182,"name":200,"callback":401,"file":392,"line":402},"enqueue_custom_block_cart_script",189,{"type":182,"name":404,"callback":192,"file":392,"line":405},"before_woocommerce_init",196,{"type":182,"name":387,"callback":407,"file":392,"line":408},"payu_woocommerce_block_support",205,{"type":182,"name":410,"callback":192,"file":392,"line":411},"woocommerce_blocks_payment_method_type_registration",214,{"type":227,"name":413,"callback":414,"priority":149,"file":392,"line":415},"plugin_action_links","custom_plugin_action_links_all",235,{"type":182,"name":183,"callback":184,"file":417,"line":186},"trunk\\includes\\admin\\payu-webhook-calls.php",{"type":182,"name":183,"callback":188,"file":417,"line":189},{"type":182,"name":191,"callback":192,"file":420,"line":194},"trunk\\includes\\buy_now\\buy-now-payu.php",{"type":182,"name":196,"callback":197,"file":420,"line":198},{"type":182,"name":200,"callback":201,"file":420,"line":202},{"type":182,"name":204,"callback":205,"file":420,"line":206},{"type":182,"name":208,"callback":209,"priority":14,"file":425,"line":211},"trunk\\includes\\class-payu-account-address-sync.php",{"type":182,"name":213,"callback":214,"priority":149,"file":425,"line":215},{"type":182,"name":217,"callback":218,"priority":149,"file":425,"line":128},{"type":182,"name":220,"callback":221,"file":425,"line":222},{"type":182,"name":224,"callback":221,"file":425,"line":225},{"type":227,"name":228,"callback":229,"priority":14,"file":425,"line":45},{"type":182,"name":231,"callback":232,"priority":149,"file":425,"line":233},{"type":182,"name":235,"callback":236,"priority":14,"file":425,"line":237},{"type":227,"name":239,"callback":240,"file":425,"line":241},{"type":182,"name":183,"callback":188,"file":435,"line":244},"trunk\\includes\\class-payu-shipping-tax-api-calculation.php",{"type":227,"name":246,"callback":247,"file":437,"line":222},"trunk\\includes\\class-payu-verify-payment.php",{"type":182,"name":250,"callback":251,"priority":149,"file":437,"line":233},{"type":182,"name":253,"callback":254,"priority":149,"file":437,"line":237},{"type":182,"name":256,"callback":257,"priority":149,"file":437,"line":241},{"type":182,"name":259,"callback":260,"file":437,"line":261},{"type":182,"name":263,"callback":260,"file":437,"line":264},{"type":182,"name":266,"callback":267,"file":444,"line":78},"trunk\\includes\\class-wc-gateway-payu.php",{"type":182,"name":270,"callback":271,"file":444,"line":272},{"type":182,"name":274,"callback":275,"file":444,"line":276},{"type":182,"name":235,"callback":278,"file":444,"line":279},{"type":182,"name":281,"callback":282,"file":444,"line":283},{"type":227,"name":285,"callback":286,"priority":149,"file":450,"line":222},"trunk\\includes\\payu-cart-express-checkout.php",{"type":227,"name":289,"callback":290,"priority":149,"file":450,"line":225},{"type":182,"name":292,"callback":293,"file":450,"line":237},{"type":227,"name":295,"callback":296,"file":450,"line":241},{"type":227,"name":298,"callback":299,"file":450,"line":300},{"type":182,"name":302,"callback":303,"file":450,"line":304},{"type":182,"name":306,"callback":303,"priority":194,"file":450,"line":261},{"type":182,"name":308,"callback":309,"file":450,"line":264},{"type":182,"name":200,"callback":311,"file":450,"line":312},{"type":227,"name":314,"callback":315,"file":450,"line":316},{"type":227,"name":239,"callback":318,"priority":194,"file":450,"line":319},{"type":182,"name":321,"callback":322,"file":450,"line":323},{"type":182,"name":266,"callback":325,"file":450,"line":326},{"type":182,"name":308,"callback":328,"file":450,"line":329},{"type":182,"name":266,"callback":331,"priority":194,"file":450,"line":332},{"type":182,"name":334,"callback":335,"file":466,"line":300},"trunk\\includes\\payu-refund-process.php",{"type":182,"name":338,"callback":339,"priority":149,"file":466,"line":264},{"type":182,"name":341,"callback":342,"priority":14,"file":466,"line":319},{"type":182,"name":341,"callback":344,"priority":14,"file":466,"line":345},{"type":182,"name":341,"callback":347,"file":466,"line":348},{"type":182,"name":341,"callback":350,"file":466,"line":351},{"type":182,"name":183,"callback":353,"file":466,"line":354},{"type":182,"name":266,"callback":356,"file":466,"line":130},{"type":227,"name":358,"callback":359,"priority":14,"file":466,"line":360},{"type":227,"name":246,"callback":362,"priority":149,"file":466,"line":363},{"type":182,"name":204,"callback":365,"file":466,"line":366},{"type":182,"name":368,"callback":369,"file":466,"line":370},{"type":182,"name":191,"callback":192,"file":479,"line":244},"trunk\\includes\\payu_affordability_widget\\payu-affordability-widget.php",{"type":182,"name":200,"callback":374,"file":479,"line":375},{"type":182,"name":377,"callback":378,"file":479,"line":379},{"type":182,"name":381,"callback":378,"file":479,"line":382},{"type":182,"name":384,"callback":378,"file":479,"line":385},{"type":182,"name":387,"callback":378,"file":479,"line":388},{"type":182,"name":390,"callback":391,"priority":27,"file":486,"line":354},"trunk\\index.php",{"type":182,"name":394,"callback":395,"file":486,"line":272},{"type":227,"name":397,"callback":398,"file":486,"line":399},{"type":182,"name":200,"callback":401,"file":486,"line":402},{"type":182,"name":404,"callback":192,"file":486,"line":405},{"type":182,"name":387,"callback":407,"file":486,"line":408},{"type":182,"name":410,"callback":192,"file":486,"line":411},{"type":227,"name":413,"callback":414,"priority":149,"file":486,"line":415},[495,500,503,504],{"action":496,"nopriv":497,"callback":498,"hasNonce":497,"hasCapCheck":497,"file":193,"line":499},"custom_buy_now",false,"custom_buy_now_function",150,{"action":496,"nopriv":501,"callback":498,"hasNonce":497,"hasCapCheck":497,"file":193,"line":502},true,151,{"action":496,"nopriv":497,"callback":498,"hasNonce":497,"hasCapCheck":497,"file":420,"line":499},{"action":496,"nopriv":501,"callback":498,"hasNonce":497,"hasCapCheck":497,"file":420,"line":502},[506,513,517,522,528,530,532,534],{"namespace":507,"route":508,"methods":509,"callback":511,"permissionCallback":512,"file":185,"line":225},"payu\u002Fv1","\u002Fget-payment-success-update",[510],"GET","payuGetPaymentSuccessUpdateCallback","__return_true",{"namespace":507,"route":514,"methods":515,"callback":516,"permissionCallback":512,"file":185,"line":345},"\u002Fget-payment-failed-update",[510],"payuGetPaymentFailedUpdateCallback",{"namespace":507,"route":518,"methods":519,"callback":520,"permissionCallback":512,"file":243,"line":521},"\u002Fget-shipping-cost",[510],"payuShippingCostCallback",23,{"namespace":507,"route":523,"methods":524,"callback":526,"permissionCallback":512,"file":336,"line":527},"\u002Frefund-status-update",[525],"POST","refund_status_update",303,{"namespace":507,"route":508,"methods":529,"callback":511,"permissionCallback":512,"file":417,"line":225},[510],{"namespace":507,"route":514,"methods":531,"callback":516,"permissionCallback":512,"file":417,"line":345},[510],{"namespace":507,"route":518,"methods":533,"callback":520,"permissionCallback":512,"file":435,"line":521},[510],{"namespace":507,"route":523,"methods":535,"callback":526,"permissionCallback":512,"file":466,"line":527},[525],[],[538,540,542,544,545,546],{"hook":213,"callback":213,"file":210,"line":539},198,{"hook":253,"callback":253,"file":248,"line":541},57,{"hook":368,"callback":368,"file":336,"line":543},512,{"hook":213,"callback":213,"file":425,"line":539},{"hook":253,"callback":253,"file":437,"line":541},{"hook":368,"callback":368,"file":466,"line":543},12,{"dangerousFunctions":549,"sqlUsage":554,"outputEscaping":602,"fileOperations":27,"externalRequests":194,"nonceChecks":623,"capabilityChecks":27,"bundledLibraries":624},[550,553],{"fn":551,"file":248,"line":58,"context":552},"unserialize","$order = unserialize($order);",{"fn":551,"file":437,"line":58,"context":552},{"prepared":547,"raw":555,"locations":556},26,[557,560,563,567,568,569,571,573,575,577,579,581,583,586,587,588,590,591,592,593,594,596,597,599,600,601],{"file":210,"line":558,"context":559},45,"$wpdb->get_row() with variable interpolation",{"file":210,"line":561,"context":562},115,"$wpdb->get_results() with variable interpolation",{"file":564,"line":565,"context":566},"includes\\class-payu-activator.php",22,"$wpdb->get_var() with variable interpolation",{"file":564,"line":319,"context":566},{"file":564,"line":58,"context":566},{"file":564,"line":570,"context":566},90,{"file":564,"line":572,"context":566},109,{"file":574,"line":502,"context":562},"includes\\helper.php",{"file":574,"line":576,"context":566},271,{"file":578,"line":264,"context":566},"includes\\payu-payment-gateway-api.php",{"file":578,"line":580,"context":566},121,{"file":336,"line":582,"context":562},531,{"file":336,"line":584,"context":585},560,"$wpdb->query() with variable interpolation",{"file":425,"line":558,"context":559},{"file":425,"line":561,"context":562},{"file":589,"line":565,"context":566},"trunk\\includes\\class-payu-activator.php",{"file":589,"line":319,"context":566},{"file":589,"line":58,"context":566},{"file":589,"line":570,"context":566},{"file":589,"line":572,"context":566},{"file":595,"line":502,"context":562},"trunk\\includes\\helper.php",{"file":595,"line":576,"context":566},{"file":598,"line":264,"context":566},"trunk\\includes\\payu-payment-gateway-api.php",{"file":598,"line":580,"context":566},{"file":466,"line":582,"context":562},{"file":466,"line":584,"context":585},{"escaped":603,"rawEcho":547,"locations":604},482,[605,608,610,612,613,615,617,618,619,620,621,622],{"file":268,"line":606,"context":607},130,"raw output",{"file":268,"line":609,"context":607},131,{"file":268,"line":611,"context":607},133,{"file":268,"line":202,"context":607},{"file":268,"line":614,"context":607},158,{"file":268,"line":616,"context":607},159,{"file":444,"line":606,"context":607},{"file":444,"line":609,"context":607},{"file":444,"line":611,"context":607},{"file":444,"line":202,"context":607},{"file":444,"line":614,"context":607},{"file":444,"line":616,"context":607},4,[],[626,644],{"entryPoint":627,"graph":628,"unsanitizedCount":27,"severity":643},"\u003Cpayu-refund-process> (includes\\payu-refund-process.php:0)",{"nodes":629,"edges":641},[630,635],{"id":631,"type":632,"label":633,"file":336,"line":634},"n0","source","$_POST",213,{"id":636,"type":637,"label":638,"file":336,"line":639,"wp_function":640},"n1","sink","echo() [XSS]",472,"echo",[642],{"from":631,"to":636,"sanitized":501},"low",{"entryPoint":645,"graph":646,"unsanitizedCount":27,"severity":643},"\u003Cpayu-refund-process> (trunk\\includes\\payu-refund-process.php:0)",{"nodes":647,"edges":650},[648,649],{"id":631,"type":632,"label":633,"file":466,"line":634},{"id":636,"type":637,"label":638,"file":466,"line":639,"wp_function":640},[651],{"from":631,"to":636,"sanitized":501},{"summary":653,"deductions":654},"The \"payu-india\" plugin v3.8.9 exhibits a concerning security posture, primarily due to a significant number of unprotected entry points.  With all 4 AJAX handlers and all 8 REST API routes lacking authentication checks, there is a substantial attack surface exposed to unauthenticated users. While taint analysis shows no critical or high severity flows, the presence of the `unserialize` function in the code, coupled with a high volume of external HTTP requests, could potentially be exploited if input is not rigorously validated. The plugin's vulnerability history, including 3 known CVEs (2 critical and 1 medium), with one critical vulnerability still unpatched, strongly suggests recurring security weaknesses. The common vulnerability types also highlight issues with authentication and input sanitization, which align with the findings in the static analysis.\n\nDespite the critical security concerns related to unprotected entry points and the unpatched critical vulnerability, the plugin does demonstrate some positive security practices. The vast majority of output (98%) is properly escaped, and the SQL query usage shows a reasonable percentage (32%) utilizing prepared statements, which helps mitigate SQL injection risks. However, these strengths are overshadowed by the critical deficiencies in authentication and the unresolved security flaws from past vulnerabilities, making this version of the plugin a high risk for deployment.",[655,657,659,661,664,666],{"reason":656,"points":194},"Unpatched critical CVE",{"reason":658,"points":149},"All AJAX handlers lack auth checks",{"reason":660,"points":149},"All REST API routes lack permission callbacks",{"reason":662,"points":663},"Presence of unserialize function",8,{"reason":665,"points":189},"Critical CVE found in history",{"reason":667,"points":668},"Medium CVE found in history",7,"2026-03-16T18:00:51.081Z",{"wat":671,"direct":677},{"assetPaths":672,"generatorPatterns":674,"scriptPaths":675,"versionParams":676},[673],"\u002Fwp-content\u002Fplugins\u002Fpayu-india\u002Fassets\u002Fjs\u002Fcustom-block-cart.js",[],[673],[],{"cssClasses":678,"htmlComments":683,"htmlAttributes":698,"restEndpoints":701,"jsGlobals":704,"shortcodeOutput":706},[679,680,681,682],"info-box","success-box","error-box","warning-box",[684,685,686,685,687,688,689,690,691,692,693,694,695,696,697],"Added File For Buy Now","Added by SM","Added File For Affordability Widget","The *Singleton* instance of this class","Returns the *Singleton* instance of this class.","The *Singleton* instance.","Init the plugin after plugins_loaded so environment variables are set.","Add the gateways to WooCommerce.","Payu Support Block Based Cart","Only working in a Commerce pro mode","Enqueu Js Script","Payu Support Block Based Checkout","Plugin Activation Show Menu in plugin page","call this wc_payu_block in includes>checkoutblock>checkout_block.php file",[699,700],"data-payu-nonce","data-payu-payid",[702,703],"\u002Fwp-json\u002Fpayu-india\u002Fv1\u002Fprocess","\u002Fwp-json\u002Fpayu-india\u002Fv1\u002Fwebhook",[705],"payu_payment_params",[707,708,709],"\u003Cdiv class=\"box ","-box\">","\u003C\u002Fdiv>"]