[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fO4w17r9H1O1fwqhnmNFJ4JeSGlaAYbJzzZdV0C4jXOo":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":61,"crawl_stats":38,"alternatives":65,"analysis":158,"fingerprints":289},"philantro","Philantro – Donations and Donor Management","5.4.1","Philantro Inc.","https:\u002F\u002Fprofiles.wordpress.org\u002Fphilantro\u002F","\u003Cp>\u003Cstrong>This is the official plugin for the \u003Ca href=\"https:\u002F\u002Fwww.philantro.com?utm_source=wordpress&utm_medium=plugin&utm_campaign=wordpress-listing\" title=\"Visit Philantro Donor and Donation Management Platform\" rel=\"nofollow ugc\">Philantro\u003C\u002Fa> platform\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>Philantro is a donation and donor management platform tailored for nonprofits in the United States, Canada and Great Britain. If you are outside of these territories and would like to be added to our BETA program, please drop us an email with your region. For charitable organizations using WordPress that are new to \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.philantro.com?utm_source=wordpress&utm_medium=plugin&utm_campaign=wordpress-listing\" title=\"Visit Philantro Donor and Donation Management Platform\" rel=\"nofollow ugc\">Philantro\u003C\u002Fa>\u003C\u002Fstrong>, our plugin includes a demo account for you to experience the platform without having to register while you research.\u003C\u002Fp>\n\u003Cp>With Philantro, our ever-evolving donation platform places the power of donor lead generation, payment processing, campaign management and more at your fingertips.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cp>Welcome to the better way of accepting online donations; focus more on the mission and less on logistics.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Donor-Centric Donation Forms\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Intelligent and Responsive Donations forms that works with any theme.\u003C\u002Fli>\n\u003Cli>Support International Donors with local and international donor address verification.\u003C\u002Fli>\n\u003Cli>Donation forms that respond to mobile devices – even if your website doesn’t.\u003C\u002Fli>\n\u003Cli>Add donation amount suggestions, fundraising campaigns and more to keep your donors informed and your Board of Directors happy.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Robust Donor Management\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Automated Self-Healing Donor records where you can find everything from donation history to email open activity.\u003C\u002Fli>\n\u003Cli>Follow the activity and set notification triggers for unique donors.\u003C\u002Fli>\n\u003Cli>Track calls, emails and leave notes to keep your team well-informed.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Streamlined Recurring Donations\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Donor Self-Service allows donors to view their donation history and manage their recurring donations.\u003C\u002Fli>\n\u003Cli>Philantro also automatically emails donors who recurring payment methods are approaching expiration or have been declined.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Full-Featured Reporting\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Pull reports on metrics from donation conversions, fundraising campaign performance and donor demographics.\u003C\u002Fli>\n\u003Cli>Gain a 360-degree view of any donor that turns a cold-call into a warm-welcome.\u003C\u002Fli>\n\u003Cli>Gain greater insight with granular filters for donors and transactions.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Plugin Walk-Through\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F4P8cFytfJGQ?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch4>Philantro is perfect for small-to-mid sized nonprofits\u003C\u002Fh4>\n\u003Cblockquote>\n\u003Cul>\n\u003Cli>If you have more than 50,000 donors, drop us an email at \u003Ca href=\"mailto:support@philatro.com\" rel=\"nofollow ugc\">support@philantro.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Accept \u003Ca href=\"https:\u002F\u002Fwww.philantro.com\u002Fdonation-forms.php\" rel=\"nofollow ugc\">one time\u003C\u002Fa>\u002F\u003Ca href=\"https:\u002F\u002Fwww.philantro.com\u002Frecurring-donations.php\" rel=\"nofollow ugc\">recurring donations\u003C\u002Fa> securely.\u003C\u002Fli>\n\u003Cli>Full fledged \u003Ca href=\"https:\u002F\u002Fwww.philantro.com\u002Fevent-ticketing.php\" rel=\"nofollow ugc\">event ticketing\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Manage and track multiple donation campaigns.\u003C\u002Fli>\n\u003Cli>Incredible reporting and analytics from donor conversion rates, gender breakdowns, social network contribution and more.\u003C\u002Fli>\n\u003Cli>Donor records are automatically generated and updated with each transaction so you can see the names used, addresses used, track the largest, first and last gift.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fblockquote>\n\u003Ch4>Secure Processing Powered By Stripe\u003C\u002Fh4>\n\u003Cblockquote>\n\u003Cp>We’ve partnered with \u003Ca href=\"https:\u002F\u002Fstripe.com\" rel=\"nofollow ugc\">Stripe\u003C\u002Fa>, the payment processor behind Twitter, FourSquare and Pinterest to offer nonprofits secure PCI compliant processing, two-day desposits + fraud protection.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>For more information\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.philantro.com\" rel=\"nofollow ugc\">Philantro\u003C\u002Fa>,\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.philantro.com\u002Fsign-up.php\" rel=\"nofollow ugc\">Tour the Philantro Platform\u003C\u002Fa>,\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.philantro.com\u002Fpricing.php\" rel=\"nofollow ugc\">Pricing\u003C\u002Fa>\u003C\u002Fp>\n","Securely accept one-time and recurring donations with automated donor records, analytics and fundraising campaign tracking.",60,8683,84,5,"2025-08-02T09:55:00.000Z","6.6.5","4.1","",[20,21,22,23,24],"charity","donations","event-ticketing","fundraising","nonprofit","http:\u002F\u002Fwww.philantro.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fphilantro.zip",99,2,0,"2025-01-27 00:00:00","2026-03-15T15:16:48.613Z",[33,49],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2024-13527","philantro-donations-and-donor-management-authenticated-contributor-stored-cross-site-scripting-via-donate-shortcode","Philantro – Donations and Donor Management \u003C= 5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via donate Shortcode","The Philantro – Donations and Donor Management plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes like 'donate' in all versions up to, and including, 5.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",null,"\u003C=5.3","5.4","medium",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-01-28 08:21:35",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fbe3c8800-cbef-4d85-a1f3-b5c70ba955b5?source=api-prod",1,{"id":50,"url_slug":51,"title":52,"description":53,"plugin_slug":4,"theme_slug":38,"affected_versions":54,"patched_in_version":55,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":56,"updated_date":57,"references":58,"days_to_patch":60},"CVE-2024-12500","philantro-donations-and-donor-management-authenticated-contributor-stored-cross-site-scripting","Philantro – Donations and Donor Management \u003C= 5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting","The Philantro – Donations and Donor Management plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes like 'donate' in all versions up to, and including, 5.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C=5.2","5.3","2024-12-17 00:00:00","2025-01-17 23:09:44",[59],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F0cd2ad77-c5de-470d-bc17-729233e4ab92?source=api-prod",32,{"slug":4,"display_name":7,"profile_url":8,"plugin_count":48,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":62,"trust_score":63,"computed_at":64},17,93,"2026-04-04T03:47:32.013Z",[66,83,104,125,144],{"slug":67,"name":68,"version":69,"author":70,"author_profile":71,"description":72,"short_description":73,"active_installs":29,"downloaded":74,"rating":29,"num_ratings":29,"last_updated":75,"tested_up_to":76,"requires_at_least":77,"requires_php":78,"tags":79,"homepage":18,"download_link":81,"security_score":82,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"fundcollector","FundCollector – Donations Plugin and Fundraising Platform for WordPress","1.1.4","Bruno Alesiani","https:\u002F\u002Fprofiles.wordpress.org\u002Fbrales\u002F","\u003Ch4>Easy to use WordPress Donation Plugin\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>FundCollector\u003C\u002Fstrong> is a comprehensive donation management plugin for WordPress that enables organizations to collect donations through multiple payment methods including PayPal and bank transfers.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>PayPal Integration\u003C\u002Fstrong>: Secure PayPal payments with REST API\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Bank Transfer Support\u003C\u002Fstrong>: Alternative payment method with automated instructions\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Gutenberg Block\u003C\u002Fstrong>: Native WordPress block editor integration\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Form Builder\u003C\u002Fstrong>: Customizable donation forms with multiple fields\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Email Notifications\u003C\u002Fstrong>: Automated emails to donors and administrators\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Security Features\u003C\u002Fstrong>: Honeypot protection, reCAPTCHA support, and data encryption\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multi-language\u003C\u002Fstrong>: Full translation support for English, Spanish, French, German, Portuguese, and Italian. Additional languages will be added in future versions.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Admin Dashboard\u003C\u002Fstrong>: Complete donation management and reporting\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Pre-built Pages\u003C\u002Fstrong>: Automatic creation of essential pages (Donation, Thank You, Payment Failed, Privacy Policy)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Auto-updates\u003C\u002Fstrong>: Configurable automatic plugin updates\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Payment Methods\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>PayPal\u003C\u002Fstrong>: Complete PayPal REST API integration with sandbox support\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Bank Transfer\u003C\u002Fstrong>: Manual payment method with customizable instructions\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Future Support\u003C\u002Fstrong>: Extensible architecture for additional payment gateways\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Security\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Data encryption for sensitive information\u003C\u002Fli>\n\u003Cli>Honeypot spam protection\u003C\u002Fli>\n\u003Cli>reCAPTCHA integration\u003C\u002Fli>\n\u003Cli>CSRF protection with nonces\u003C\u002Fli>\n\u003Cli>Sanitized input validation\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Compliance\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>GDPR compliant data handling\u003C\u002Fli>\n\u003Cli>Privacy-focused design\u003C\u002Fli>\n\u003Cli>Data retention controls\u003C\u002Fli>\n\u003Cli>Audit trail logging\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Privacy Policy\u003C\u002Fh3>\n\u003Cp>FundCollector takes privacy seriously:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Payment data is processed securely through PayPal’s API\u003C\u002Fli>\n\u003Cli>Sensitive data is encrypted at rest\u003C\u002Fli>\n\u003Cli>No data is shared with third parties without consent\u003C\u002Fli>\n\u003Cli>Users can request data deletion at any time\u003C\u002Fli>\n\u003Cli>Full audit trail is maintained for compliance\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin connects to external third-party services to provide payment processing and security features. Below is a detailed disclosure of each service used:\u003C\u002Fp>\n\u003Cp>\u003Cstrong>PayPal Payment Processing\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>What it is:\u003C\u002Fstrong> PayPal is a payment processing service used to handle online donations via credit cards, debit cards, and PayPal accounts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>When it’s used:\u003C\u002Fstrong> Activated when donors choose PayPal as their payment method. Connections occur during payment creation, authorization, and completion.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data transmitted:\u003C\u002Fstrong> Donor information (name, email), donation amount, currency, and transaction metadata are sent to PayPal’s servers for payment processing.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>API endpoints used:\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Production: \u003Ccode>https:\u002F\u002Fapi-m.paypal.com\u003C\u002Fcode> (live transactions)\u003C\u002Fli>\n\u003Cli>Sandbox: \u003Ccode>https:\u002F\u002Fapi-m.sandbox.paypal.com\u003C\u002Fcode> (testing environment)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy Policy:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwww.paypal.com\u002Fprivacy\" rel=\"nofollow ugc\">PayPal Privacy Statement\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms of Service:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwww.paypal.com\u002Flegal\u002Fua\u002Fuseragreement-full\" rel=\"nofollow ugc\">PayPal User Agreement\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Google reCAPTCHA v3\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>What it is:\u003C\u002Fstrong> Google reCAPTCHA v3 is an anti-spam protection service that helps prevent automated bot submissions.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>When it’s used:\u003C\u002Fstrong> Optional feature (can be disabled). When enabled, reCAPTCHA analyzes user behavior on donation forms to detect potential spam or bot activity.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data transmitted:\u003C\u002Fstrong> User interaction data (mouse movements, typing patterns, IP address) is sent to Google’s servers for spam analysis. The reCAPTCHA token generated is validated server-side.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>API endpoints used:\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Client-side script: \u003Ccode>https:\u002F\u002Fwww.google.com\u002Frecaptcha\u002Fapi.js\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Server-side verification: \u003Ccode>https:\u002F\u002Fwww.google.com\u002Frecaptcha\u002Fapi\u002Fsiteverify\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy Policy:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fpolicies.google.com\u002Fprivacy\" rel=\"nofollow ugc\">Google Privacy Policy\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms of Service:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fpolicies.google.com\u002Fterms\" rel=\"nofollow ugc\">Google reCAPTCHA Terms of Service\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>User Control\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>PayPal integration is optional and can be disabled in plugin settings (bank transfer only mode)\u003C\u002Fli>\n\u003Cli>Google reCAPTCHA is optional and can be disabled in plugin settings\u003C\u002Fli>\n\u003Cli>Users are informed about these integrations during plugin configuration\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Data Protection\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>All communication with external services occurs over encrypted HTTPS connections\u003C\u002Fli>\n\u003Cli>API credentials (PayPal Client ID\u002FSecret, reCAPTCHA keys) are stored encrypted in the WordPress database\u003C\u002Fli>\n\u003Cli>No donor payment card data is stored on your WordPress server – all sensitive payment information is handled directly by PayPal\u003C\u002Fli>\n\u003Cli>reCAPTCHA tokens are temporary and only used for spam verification\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Developer Information\u003C\u002Fh3>\n\u003Cp>FundCollector is built with security and extensibility in mind:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WordPress Coding Standards compliant\u003C\u002Fli>\n\u003Cli>Comprehensive error handling\u003C\u002Fli>\n\u003Cli>Extensive logging system\u003C\u002Fli>\n\u003Cli>Modular architecture\u003C\u002Fli>\n\u003Cli>Action and filter hooks for customization\u003C\u002Fli>\n\u003Cli>Developer-friendly API\u003C\u002Fli>\n\u003C\u002Ful>\n","Easily receive donations on your website. Accept payments made with PayPal. For bank transfers, it automatically sends payment instructions via email.",188,"2025-12-17T17:23:00.000Z","6.9.4","5.0","7.4",[20,21,23,24,80],"paypal","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffundcollector.1.1.4.zip",100,{"slug":84,"name":85,"version":86,"author":87,"author_profile":88,"description":89,"short_description":90,"active_installs":91,"downloaded":92,"rating":93,"num_ratings":94,"last_updated":95,"tested_up_to":96,"requires_at_least":97,"requires_php":18,"tags":98,"homepage":101,"download_link":102,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":103,"fetched_at":31},"donorbox-donation-form","Donorbox – Free Recurring Donation Plugin and Fundraising Platform","7.1.12","rebelidealist","https:\u002F\u002Fprofiles.wordpress.org\u002Frebelidealist\u002F","\u003Cp>Donorbox is a powerful and secure donation management plugin for WordPress. We are the only donation plugin for WordPress that offers a fast feature-filled solution so anyone can raise funds. If you’re looking for the best WordPress donation plugins that can substantially boost donor conversion and online donations, here’s where your search ends.\u003C\u002Fp>\n\u003Ch3>WHY USE DONORBOX\u003C\u002Fh3>\n\u003Cp>The Donorbox free plugin for WordPress will provide you with everything you need to embed a Donorbox donation form into your website. This free WordPress donation plugin will increase your donor conversion rates and recurring donations. We will generate all the embedding code for you.\u003C\u002Fp>\n\u003Cp>Collect donations online with the best WordPress donation plugin now to take your fundraising to the next level. Here’s why you should be using Donorbox for accepting payments.\u003C\u002Fp>\n\u003Ch3>Fully Customizable Donation Forms\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Donorbox forms can be ready to deploy in 15 minutes and are even faster to fill in.\u003C\u002Fli>\n\u003Cli>You can embed the form or use it as a pop-up donation form to accept donations.\u003C\u002Fli>\n\u003Cli>Brand your fundraising campaign page with your own color scheme, styling, and logo.\u003C\u002Fli>\n\u003Cli>Create custom input fields to make your forms quick to complete. You can easily collect necessary info from donors.\u003C\u002Fli>\n\u003Cli>Insert custom donation amounts for donors to select by clicking or allow them to specify their own amount.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Easy Fundraising\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Donorbox accepts multiple currencies via Stripe, PayPal, Apple Pay, Venmo, and Google Pay. ACH payments and direct debit payments are also accepted. It’s a quick and easy checkout process.\u003C\u002Fli>\n\u003Cli>Collect donations and double them with our seamless employer donation matching feature.\u003C\u002Fli>\n\u003Cli>Our custom donation forms are localized in English, Spanish, French, German, Italian, and Portuguese. You can set this manually or let it auto-detect.\u003C\u002Fli>\n\u003Cli>Other than this free WordPress plugin, Donorbox also offers Peer-to-Peer fundraising, Crowdfunding, Text-to-Give, Events, Memberships, and \u003Ca href=\"https:\u002F\u002Fdonorbox.org\u002Ffeatures\" rel=\"nofollow ugc\">more\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Share the Cause\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Embed our donation forms into your website. Or set a Donate button in your web pages and emails to deploy them as pop-ups.\u003C\u002Fli>\n\u003Cli>Accept donations from desktops, mobile phones, and tablets.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Automated Actions\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Monthly recurring donations are easily set up with 1 click.\u003C\u002Fli>\n\u003Cli>Every donation triggers an automatic personalized receipt email that you only need to set up once.\u003C\u002Fli>\n\u003Cli>Our payment gateways, Stripe and PayPal, ensure a swift donation process. Most nonprofits have a PayPal account set up, so it should be easier for them to get started.\u003C\u002Fli>\n\u003Cli>After successful donations, donor records get created on your Donorbox account for easy donor management.\u003C\u002Fli>\n\u003Cli>Recurring donors get donor login details to manage their own details.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Donation Management\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Manage all donations right from the dashboard. Resend receipts, update donations even after they’ve been made, and refund donations, if needed.\u003C\u002Fli>\n\u003Cli>Export donation details as a CSV file, for any time period you want. Think tax season or financial year-end reporting.\u003C\u002Fli>\n\u003Cli>Add offline donations, like cash or checks, to your campaign so your records are accurate.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Optional Integrations\u003C\u002Fh3>\n\u003Cp>Donorbox also offers these optional integrations to add even more awesome features to your fundraising campaign:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>MailChimp: One of the world’s leading email marketing services.\u003C\u002Fli>\n\u003Cli>Employer Gift Matching: Raise double the donations\u003C\u002Fli>\n\u003Cli>Salesforce NPSP 3 Integration: A complete \u003Ca href=\"https:\u002F\u002Fdonorbox.org\u002Fdonor-management\" rel=\"nofollow ugc\">donor management solution\u003C\u002Fa> to easily analyze your donor data and maintain positive relationships.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Security\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Donorbox is fully PCI compliant and our data is protected by SSL\u002FTLS technology.\u003C\u002Fli>\n\u003Cli>All credit card information is encrypted, tokenized, and stored securely by our payment gateway, Stripe. Payments are processed through Stripe and PayPal. We chose these payment gateways because they operate on the most stringent security protocols and are highly regarded for their data protection standards.\u003C\u002Fli>\n\u003Cli>We do not share client or donation information with any third party.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>QUICK INSTALLATION GUIDE – How to Install Donorbox WordPress Donation Plugin\u003C\u002Fh3>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F7tiU_QscluM?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch3>How To Embed Donorbox Donation Forms in your WordPress website\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>To begin, go to your WordPress dashboard, find the “Plugins” tab on the left-hand sidebar and click “Add New”.\u003C\u002Fli>\n\u003Cli>In the WordPress plugin search bar, type “Donorbox” and press enter.\u003C\u002Fli>\n\u003Cli>Once you have found the Donorbox WordPress donation plugin, click “Install Now”.\u003C\u002Fli>\n\u003Cli>Once the plugin has been installed, click to activate it.\u003C\u002Fli>\n\u003Cli>Now, go to Donorbox.org. Click on \u003Ca href=\"https:\u002F\u002Fdonorbox.org\u002Forgs\u002Fnew\" rel=\"nofollow ugc\">https:\u002F\u002Fdonorbox.org\u002Forgs\u002Fnew\u003C\u002Fa> and follow the easy instructions to register an Organisation account.\u003C\u002Fli>\n\u003Cli>Create a campaign form with our easy-to-use form builder.\u003C\u002Fli>\n\u003Cli>In your Donorbox dashboard, find the campaign you wish to embed on your WordPress website using the \u003Ca href=\"https:\u002F\u002Fdonorbox.org\u002Fwordpress-donation-plugin\" rel=\"nofollow ugc\">WordPress donation plugin\u003C\u002Fa> and copy the link to the secure donation page.\u003C\u002Fli>\n\u003Cli>Head back to your WordPress dashboard and, in the left-hand sidebar, click on “Settings” and then “Donorbox”.\u003C\u002Fli>\n\u003Cli>Paste your campaign URL into the appropriate textbox and click “Save Changes”.\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Go back to your WordPress page text editor (not the visual editor) of the donation page that you want to edit. Type in one of the following shortcodes to embed the donation form in your WordPress website using the donation plugin:\u003C\u002Fp>\n\u003Cp>[donate]\u003Cbr \u002F>\n[donate url=”nonprofitcampaign”]\u003Cbr \u002F>\n[donate url=”https:\u002F\u002Fdonorbox.org\u002Fnonprofitcampaign”]\u003Cbr \u002F>\n[donate-with-info]\u003Cbr \u002F>\n[donate-with-info url=”nonprofitcampaign”]\u003Cbr \u002F>\n[donate-with-info url=”https:\u002F\u002Fdonorbox.org\u002Fnonprofitcampaign”]\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Publish your post and wait for your WordPress donations to come in!\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you still need help getting your form embedded, please see this guide: \u003Ca href=\"https:\u002F\u002Fdonorbox.org\u002Fnonprofit-blog\u002Fhow-to-embed-donation-form-using-wordpress-plugin\" rel=\"nofollow ugc\">how to embed donation form using the Donorbox WordPress donation plugin\u003C\u002Fa> or you can contact us at support@donorbox.org. We would love to help get you going.\u003C\u002Fp>\n\u003Ch3>WHO USES DONORBOX\u003C\u002Fh3>\n\u003Cp>Donorbox helps over 50,000 nonprofit organizations from 40 countries accept donations for various causes. Universities, animal rescues, political campaigns, research, the possibilities are endless.\u003C\u002Fp>\n\u003Cp>Our forms are not restricted to any industry or genre. That means anyone can create a Donorbox form. Whether you’re an individual hoping to make a difference or a multinational organization looking to raise funds, Donorbox can be the best WordPress donation plugin for you.\u003C\u002Fp>\n\u003Ch3>HERE’S WHAT OUR CUSTOMERS SAY ABOUT US\u003C\u002Fh3>\n\u003Cp>\u003Cem>“Let’s Encrypt uses DonorBox because it is a convenient way for our supporters to contribute to our mission via credit card and it is affordable for us as a nonprofit. Donorbox has helped us increase the contributions we receive.”\u003C\u002Fem>\u003Cbr \u002F>\n\u003Cstrong>Sarah Gran\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Cstrong>Director of Communications at Let’s Encrypt\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>“Before using Donorbox we were constantly having problems with our online donation processing. Donors contacted us monthly having problems setting up their gifts. Since transitioning to Donorbox we have not had a single donor contact us saying they were having trouble setting up a gift. In fact, we’ve had several donors tell us how easy the new process is. The Donorbox team has been extremely responsive when we need help and have already implemented suggestions for future features. I have no hesitations recommending Donorbox to you.”\u003C\u002Fem>\u003Cbr \u002F>\n\u003Cstrong>Brandon Jernigan\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Cstrong>Grad Resources\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>“We needed a straightforward solution to handle donations on our website and have them sync across to Salesforce. Enter Donorbox – a simple, easy to use and customisable donation solution with Salesforce integration. Set up was as simple as creating an account (and donation campaign), adding a plugin to our WordPress site and configuring the connection to Salesforce. Donorbox handles the rest. Support is always prompt to respond and provide helpful answers to our questions and queries. If you’re after a donation system for your website then we’d recommend you give Donorbox a go.”\u003C\u002Fem>\u003Cbr \u002F>\n\u003Cstrong>Peter Sillar\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Cstrong>Logosdor\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>DONORBOX FEES AND COMMISSION\u003C\u002Fh3>\n\u003Cp>Donorbox fees are the lowest of other funding platforms around. Donorbox is free to start and charges a small platform fee of 1.5% for the month’s donations. We charge no setup fee.\u003C\u002Fp>\n\u003Cp>Check out our \u003Ca href=\"https:\u002F\u002Fdonorbox.org\u002Fpricing\" rel=\"nofollow ugc\">pricing guide\u003C\u002Fa> for details of what your payment processing and Donorbox fees may look like.\u003C\u002Fp>\n\u003Cp>Additionally, Stripe and PayPal merchant accounts charge 2.9% + $0.30 for credit card processing. These rates can be reduced for registered nonprofits by simply letting them know.\u003C\u002Fp>\n\u003Cp>To get the nonprofit discount, please email \u003Ca href=\"mailto:nonprofit@stripe.com\" rel=\"nofollow ugc\">nonprofit@stripe.com\u003C\u002Fa> and apply at \u003Ca href=\"http:\u002F\u002Fwww.paypal.com\u002Fcharities\u002F\" rel=\"nofollow ugc\">PayPal’s Nonprofit Center\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>The optional product integrations are priced as follows:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>MailChimp Integration: $8 \u002F month\u003C\u002Fli>\n\u003Cli>Employer Gift Matching: $40 \u002F month\u003C\u002Fli>\n\u003Cli>Salesforce NPSP 3 Integration: $25 \u002F month\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>CONNECT WITH DONORBOX\u003C\u002Fh3>\n\u003Cp>Stay in touch with us for important plugin news and updates:\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fchannel\u002FUC2u40IQvwpbwzXOXxauGYVA?sub_confirmation=1\" rel=\"nofollow ugc\">YouTube\u003C\u002Fa>,\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fdonorbox\u002F\" rel=\"nofollow ugc\">Facebook\u003C\u002Fa>,\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fdonorbox\" rel=\"nofollow ugc\">Twitter\u003C\u002Fa> and\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.linkedin.com\u002Fcompany\u002Fdonorbox\" rel=\"nofollow ugc\">LinkedIn\u003C\u002Fa>\u003C\u002Fp>\n","Donorbox is a powerful and secure donation management plugin for WordPress. We are the only donation plugin for WordPress that offers a fast feature-f &hellip;",9000,148602,96,34,"2025-06-30T07:52:00.000Z","6.8.5","3.0",[99,21,23,24,100],"donation","nonprofits","https:\u002F\u002Fdonorbox.org","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdonorbox-donation-form.7.1.12.zip","2022-04-20 00:00:00",{"slug":105,"name":106,"version":107,"author":108,"author_profile":109,"description":110,"short_description":111,"active_installs":112,"downloaded":113,"rating":114,"num_ratings":115,"last_updated":116,"tested_up_to":96,"requires_at_least":117,"requires_php":118,"tags":119,"homepage":121,"download_link":122,"security_score":123,"vuln_count":48,"unpatched_count":29,"last_vuln_date":124,"fetched_at":31},"fundpress","FundPress – WordPress Donation Plugin","2.0.8","ThimPress","https:\u002F\u002Fprofiles.wordpress.org\u002Fthimpress\u002F","\u003Ch3>What is FundPress?\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>\u003Ca href=\"\" rel=\"nofollow ugc\">WordPress donation plugin\u003C\u002Fa>\u003C\u002Fstrong> – FundPress is an all in one \u003Cem>WordPress donation plugin\u003C\u002Fem>, helping you create donation and crowdfunding campaigns on your website. By using FundPress, you can make a platform to find the resources and support you need to make your ideas come true.\u003C\u002Fp>\n\u003Cp>FundPress is powerful and easy \u003Cstrong>WordPress donate plugin\u003C\u002Fstrong> to use. This plugin is inspired by Charity WP, a premium \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fthemeforest.net\u002Fitem\u002Fcharity-wordpress-theme-charity-wp\u002F15593989?ref=ThimPress&utm_source=tpdonatewporg&utm_medium=desc\" rel=\"nofollow ugc\">Charity WordPress Theme\u003C\u002Fa>\u003C\u002Fstrong> made by \u003Cstrong>\u003Ca href=\"\" rel=\"nofollow ugc\">ThimPress\u003C\u002Fa>\u003C\u002Fstrong>. Consider using this theme to effectively kick start your charity and fundraising website.\u003C\u002Fp>\n\u003Ch3>Who should use FundPress?\u003C\u002Fh3>\n\u003Cp>FundPress is ideal for charity and nonprofit organizations, donation websites, and especially for websites with fundraising projects. It is easy to use and doesn’t require technical or coding knowledge to use.\u003C\u002Fp>\n\u003Ch3>What options does FundPress offer?\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Multiple payment choices\u003C\u002Fstrong>\u003Cbr \u002F>\nThe WordPress donation plugin is fully compatible with Paypal, Stripe, and AuthorizeNet, giving you the flexibility needed to run a donation website. Your visitors can choose the payment platform as they want, so there would be no obstacle in terms of payment, hence maximizing your project’s success rate.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Donate button widget\u003C\u002Fstrong>\u003Cbr \u002F>\nTo help you build a sustainable website, we even included a donate widget for your site, so that not only campaigns on the site can be donated, even your website can receive donation money.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>All Campaign page\u003C\u002Fstrong>\u003Cbr \u002F>\nListing of all current charity and crowdfunding campaign with detail information of Goals, Raised, Percentage, Estimated Days Left… It is beautifully designed in a grid layout for the best experience.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Compensation plan page\u003C\u002Fstrong>\u003Cbr \u002F>\nYou can easily create compensation plan in the backend of the website. This will tell people what they will get when giving away money for your project. These can be small rewards with a small thank you note, but these can help people feel happier when donating.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Single Campaign page\u003C\u002Fstrong>\u003Cbr \u002F>\nThe single campaign page describes all information regarding a particular project. People can read, donate and interact with the content of donation campaigns in this page.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Send Emails to backers\u003C\u002Fstrong>\u003Cbr \u002F>\nThis features will help you both keep in touch with your audiences, and send a formal thank you note to your backers, the kind people who support your website and your projects.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>SEO Optimized\u003C\u002Fstrong>\u003Cbr \u002F>\nWe know that SEO is an essential issue to everybody to be competitive and to be successful in this world. TP Donation is built in a way that is highly SEO friendly so that your website can thrive with organic users from search engines.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Excerpt, Cover image, and a great design\u003C\u002Fstrong>\u003Cbr \u002F>\nWe not only care about how your system works technically, but also about how your website looks, perform and persuade people. That’s why the plugin’s UI is carefully designed with many elements that will make people stay on your website like Excerpts, Cover images… Your success motivates us.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Powerful backend\u003C\u002Fstrong>\u003Cbr \u002F>\nUnlike many other plugins, FundPress is built to last, just like your website is built to last. The foundation to that is to have a detail and systematic backend. You can easily manage campaigns, backers and settings of the plugin.\u003C\u002Fp>\n\u003Ch3>Connect with us\u003C\u002Fh3>\n\u003Cp>To stay in touch and update about FundPress’s future releases and features, you can connect with us via:\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002FThimPress\u002F\" rel=\"nofollow ugc\">Facebook\u003C\u002Fa>\u003Cbr \u002F>\n– \u003Ca href=\"http:\u002F\u002Ftwitter.com\u002Fthimpress\" rel=\"nofollow ugc\">Twitter\u003C\u002Fa>\u003Cbr \u002F>\n– \u003Ca href=\"http:\u002F\u002Fthimpress.com\u002F\" rel=\"nofollow ugc\">Website\u003C\u002Fa>. On this website, we even have an exclusive support section for premium products. But we always want to help, so feel free to ask.\u003C\u002Fp>\n","Easily build your own crowdfunding platform like Kickstarter with this free WordPress donation plugin in just a few clicks. No coding required.",300,21720,76,4,"2025-07-23T10:37:00.000Z","6.0","7.0",[20,120,99,23,24],"crowdfunding","http:\u002F\u002Fthimpress.com\u002Ffundpress","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffundpress.2.0.8.zip",98,"2025-01-20 00:00:00",{"slug":126,"name":127,"version":128,"author":129,"author_profile":130,"description":131,"short_description":132,"active_installs":82,"downloaded":133,"rating":82,"num_ratings":14,"last_updated":134,"tested_up_to":96,"requires_at_least":135,"requires_php":78,"tags":136,"homepage":139,"download_link":140,"security_score":141,"vuln_count":142,"unpatched_count":29,"last_vuln_date":143,"fetched_at":31},"kudos-donations","Kudos Donations: Easy Donations with Mollie | One-off & Recurring | PDF Invoices | Buttons & Forms","4.1.6","Michael Iseard","https:\u002F\u002Fprofiles.wordpress.org\u002Fiseardmedia\u002F","\u003Ch4>A modern and easy to use donation plugin\u003C\u002Fh4>\n\u003Cp>\u003Cem>Kudos Donations\u003C\u002Fem> is a powerful, easy-to-use WordPress plugin that lets you accept donations effortlessly. Whether you’re running a charity, nonprofit, or a personal project, this plugin provides everything you need to create and manage effective donation campaigns. Fully integrated with Mollie, it supports a wide range of payment methods, allowing your donors to contribute through their preferred option.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Easy Mollie Integration: Accept payments via credit card, PayPal, iDEAL, and more, using the Mollie payment gateway.\u003C\u002Fli>\n\u003Cli>Shortcode & Block Support: Choose between a shortcode or Gutenberg block to easily place donation forms anywhere on your site.\u003C\u002Fli>\n\u003Cli>Campaign Management: Set up and manage multiple donation campaigns with flexible options, including one-off and subscription-based donations.\u003C\u002Fli>\n\u003Cli>Customizable Donation Forms: Personalize the look of your donation forms by adjusting colors, text, and even applying custom CSS for each campaign.\u003C\u002Fli>\n\u003Cli>Campaign Goals & Progress Tracking: Set campaign-specific fundraising goals and show progress bars to your visitors.\u003C\u002Fli>\n\u003Cli>Multi-Currency Support: Accept donations in multiple currencies for a global reach.\u003C\u002Fli>\n\u003Cli>Comprehensive Donor Management: Access detailed insights into donors, transactions, and subscriptions.\u003C\u002Fli>\n\u003Cli>Automated Donation Receipts: Automatically generate and send donation receipts via email, complete with PDF attachments.\u003C\u002Fli>\n\u003Cli>PDF Donation Summaries: Generate downloadable PDFs for every successful donation, providing donors with clear and professional records.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Why Choose Kudos Donations?\u003C\u002Fh4>\n\u003Cp>Kudos Donations is designed to make online fundraising easier than ever. With seamless integration into your WordPress site, customizable options, and real-time tracking of donations, you can focus on growing your cause without the hassle of complicated setups.\u003C\u002Fp>\n\u003Ch4>Source\u003C\u002Fh4>\n\u003Cp>The Git repository for this plugin can be found \u003Ca href=\"https:\u002F\u002Fgitlab.iseard.media\u002Fmichael\u002Fkudos-donations\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n","Add a donation button to any page on your website. Easy & fast setup. Works with Mollie payments.",13146,"2025-11-20T02:07:00.000Z","6.6",[20,99,23,137,138],"mollie","recurring-donations","https:\u002F\u002Fgitlab.iseard.media\u002Fmichael\u002Fkudos-donations","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkudos-donations.4.1.6.zip",97,3,"2024-11-27 00:00:00",{"slug":145,"name":146,"version":147,"author":148,"author_profile":149,"description":150,"short_description":151,"active_installs":82,"downloaded":152,"rating":29,"num_ratings":29,"last_updated":153,"tested_up_to":76,"requires_at_least":77,"requires_php":154,"tags":155,"homepage":156,"download_link":157,"security_score":82,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"mightycause-widgets","Mightycause Donation Forms and Embeds","1.0.5","mightycause","https:\u002F\u002Fprofiles.wordpress.org\u002Fajlardner\u002F","\u003Cp>Mightycause is an all-in-one fundraising platform for nonprofit organizations. Our user-friendly, customizable fundraising software helps nonprofits seamlessly amplify their cause, engage with donors, and manage their fundraising all in one easy-to-use place.\u003C\u002Fp>\n\u003Cp>The Mightycause WordPress plugin allows you to embed the Mightycause donation button, widget, or form directly to your WordPress website, making it easier than ever for your visitors to donate to your cause.\u003C\u002Fp>\n\u003Cp>This free WordPress plugin allows nonprofits to:\u003Cbr \u002F>\n* Add unlimited donation buttons, widgets, or forms to your site – no coding required!\u003Cbr \u002F>\n* Accept secure donations right on your website, without any redirects\u003Cbr \u002F>\n* Build and blend seamlessly with your WordPress theme\u003Cbr \u002F>\n* Collect recurring donations to build sustainable revenue\u003Cbr \u002F>\n* Easily manage and track donor activity with Mightycause’s CRM system, Supporters\u003C\u002Fp>\n\u003Ch4>Why Mightycause?\u003C\u002Fh4>\n\u003Cp>Mightycause’s fundraising platform offers countless fundraising tools and features nonprofits can utilize to take their fundraising to the next level. By bringing your Mightycause campaigns directly to your WordPress site, organizations can create a more cohesive and streamlined fundraising experience. The Mightycause WordPress donation plugin makes giving easier, which means more donors and higher donor conversion rates!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> This plugin interacts with the Mightycause API to retrieve and display fundraising widgets on your website. By using this plugin, your site communicates with the Mightycause service. Please refer to their \u003Ca href=\"https:\u002F\u002Fwww.mightycause.com\u002Fprivacy\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwww.mightycause.com\u002Fterms\" rel=\"nofollow ugc\">Terms of Use\u003C\u002Fa> for more information.\u003C\u002Fp>\n\u003Ch3>Documentation and External Services\u003C\u002Fh3>\n\u003Cp>This plugin integrates with the Mightycause external service to display fundraising widgets. Data is transmitted to Mightycause for widget functionality. For more information, refer to their \u003Ca href=\"https:\u002F\u002Fwww.mightycause.com\u002Fterms\" rel=\"nofollow ugc\">Terms of Use\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>For more information or support, visit our help center or contact our dedicated customer service team.\u003C\u002Fp>\n","Easily embed Mightycause donation buttons, widgets, or forms on your WordPress website with no coding required.",2700,"2025-12-10T18:23:00.000Z","7.2",[20,99,23,148,24],"https:\u002F\u002Fwww.mightycause.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmightycause-widgets.1.0.5.zip",{"attackSurface":159,"codeSignals":248,"taintFlows":274,"riskAssessment":275,"analyzedAt":288},{"hooks":160,"ajaxHandlers":201,"restRoutes":202,"shortcodes":203,"cronEvents":246,"entryPointCount":247,"unprotectedCount":29},[161,167,171,174,178,182,185,189,192,195,198],{"type":162,"name":163,"callback":164,"file":165,"line":166},"action","current_screen","thisScreen","philantro.php",39,{"type":162,"name":168,"callback":169,"file":165,"line":170},"admin_head","admin_css",47,{"type":162,"name":172,"callback":4,"file":165,"line":173},"admin_print_footer_scripts",48,{"type":162,"name":175,"callback":176,"file":165,"line":177},"admin_init","admin_init_philantro",336,{"type":162,"name":179,"callback":180,"file":165,"line":181},"admin_menu","admin_menu_philantro",337,{"type":162,"name":172,"callback":183,"file":165,"line":184},"load_campaigns",338,{"type":162,"name":186,"callback":187,"file":165,"line":188},"enqueue_block_editor_assets","philantro_button_block",346,{"type":162,"name":186,"callback":190,"file":165,"line":191},"philantro_form_block",347,{"type":162,"name":186,"callback":193,"file":165,"line":194},"philantro_event_block",348,{"type":162,"name":186,"callback":196,"file":165,"line":197},"philantro_fundraiser_block",349,{"type":162,"name":199,"callback":4,"file":165,"line":200},"wp_footer",354,[],[],[204,208,212,216,220,224,228,232,234,236,238,240,242,244],{"tag":205,"callback":206,"file":165,"line":207},"donate","donate_shortcode",339,{"tag":209,"callback":210,"file":165,"line":211},"form","form_shortcode",340,{"tag":213,"callback":214,"file":165,"line":215},"donateform","donate_form_shortcode",341,{"tag":217,"callback":218,"file":165,"line":219},"event","event_shortcode",342,{"tag":221,"callback":222,"file":165,"line":223},"fundraise","fundraise_shortcode",343,{"tag":225,"callback":226,"file":165,"line":227},"donatebar","donation_bar_shortcode",344,{"tag":229,"callback":230,"file":165,"line":231},"twobutton","two_button_shortcode",345,{"tag":205,"callback":206,"file":165,"line":233},355,{"tag":209,"callback":210,"file":165,"line":235},356,{"tag":213,"callback":214,"file":165,"line":237},357,{"tag":217,"callback":218,"file":165,"line":239},358,{"tag":225,"callback":226,"file":165,"line":241},359,{"tag":221,"callback":222,"file":165,"line":243},360,{"tag":229,"callback":230,"file":165,"line":245},361,[],14,{"dangerousFunctions":249,"sqlUsage":250,"outputEscaping":252,"fileOperations":29,"externalRequests":29,"nonceChecks":29,"capabilityChecks":29,"bundledLibraries":273},[],{"prepared":29,"raw":29,"locations":251},[],{"escaped":253,"rawEcho":254,"locations":255},12,8,[256,260,262,264,265,267,269,271],{"file":257,"line":258,"context":259},"options.php",45,"raw output",{"file":257,"line":261,"context":259},80,{"file":257,"line":263,"context":259},86,{"file":257,"line":82,"context":259},{"file":165,"line":266,"context":259},233,{"file":165,"line":268,"context":259},263,{"file":165,"line":270,"context":259},264,{"file":165,"line":272,"context":259},277,[],[],{"summary":276,"deductions":277},"The \"philantro\" plugin version 5.4.1 exhibits a mixed security posture. On the positive side, the static analysis reveals a lack of dangerous functions, no file operations, no external HTTP requests, and all SQL queries are properly prepared, indicating good practices in these areas.  However, there are significant concerns regarding output escaping, with only 60% of outputs being properly escaped, leaving the remaining 40% potentially vulnerable to Cross-Site Scripting (XSS) attacks.  Furthermore, the plugin has a history of two medium-severity Cross-Site Scripting vulnerabilities, with the most recent occurring in early 2025. Although currently patched, this history suggests a recurring weakness in input sanitization and output encoding practices, which aligns with the observed partial output escaping.\n\nThe plugin's attack surface is primarily driven by 14 shortcodes, none of which are explicitly flagged as unprotected in the static analysis. However, the absence of explicit nonce and capability checks for these entry points is a significant concern, as it implies that any user, regardless of their role or authentication status, could potentially trigger actions via these shortcodes. This lack of access control, combined with the potential for unescaped output, creates a notable risk profile. While the absence of critical taint flows is reassuring, the documented history of XSS vulnerabilities and the observed lack of comprehensive output escaping and access control on shortcodes indicate that the plugin requires further security hardening to mitigate these risks effectively.",[278,281,283,286],{"reason":279,"points":280},"Medium severity XSS vulnerabilities in history",10,{"reason":282,"points":254},"Incomplete output escaping (40% unescaped)",{"reason":284,"points":285},"No nonce checks on entry points (shortcodes)",7,{"reason":287,"points":285},"No capability checks on entry points (shortcodes)","2026-03-16T21:41:58.572Z",{"wat":290,"direct":297},{"assetPaths":291,"generatorPatterns":294,"scriptPaths":295,"versionParams":296},[292,293],"\u002Fwp-content\u002Fplugins\u002Fphilantro\u002Fcss\u002Fphilantro.css","\u002Fwp-content\u002Fplugins\u002Fphilantro\u002Fcss\u002Fphilantro-editor.css",[],[],[],{"cssClasses":298,"htmlComments":302,"htmlAttributes":303,"restEndpoints":310,"jsGlobals":311,"shortcodeOutput":312},[299,300,301],"philantro-btn","philantro-love","philantro-progress",[],[304,305,306,307,308,309],"data-campaign","data-form","data-color","data-affiliate","data-event","data-button",[],[],[313,314,315,316,317,318],"\u003Ca data-campaign=","\u003Cdiv id=\"ph-root\" data-form=","\u003Cdiv id=\"ph-root\" data-campaign=","\u003Cdiv class=\"philantro-love\">\u003Ca href=\"#_givealways\"","\u003Cdiv id=\"ph-root\" data-event=","\u003Cdiv class=\"philantro-progress\" data-campaign="]