[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fECLrjv8AkWn_Hqdy2tFj_kelqEf-MxMmziSgFxp_3-c":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":36,"analysis":133,"fingerprints":248},"promociones-mercado-pago","Promociones Mercado Pago","0.1","mauriciowyler","https:\u002F\u002Fprofiles.wordpress.org\u002Fmauriciowyler\u002F","\u003Cp>Lists Mercado Pago credit and debit card active promotions using a responsive flex grid.\u003C\u002Fp>\n\u003Cp>This is not an official Mercado Pago plugin.\u003C\u002Fp>\n","Lists Mercado Pago credit and debit card active promotions.",10,2782,60,1,"2018-03-12T13:58:00.000Z","4.9.29","3.5","5.6",[20,21,22,23,24],"mercado-pago","mercadopago","promociones","tarjetas-de-credito","tokio-agency","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fpromociones-mercado-pago\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpromociones-mercado-pago.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},30,84,"2026-04-05T02:55:21.663Z",[37,56,79,103,116],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":14,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":51,"tags":52,"homepage":54,"download_link":55,"security_score":47,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"woo-mercadopago-gateway-checkout","MercadoPago Plus para WooCommerce","2.2.6","CRPlugins","https:\u002F\u002Fprofiles.wordpress.org\u002Fcrplugins\u002F","\u003Cp>Conectá MercadoPago Plus con tu tienda de WooCommerce y desbloqueá funciones extra no disponibles en otros plugins.\u003C\u002Fp>\n\u003Cp>Podes ofrecer cuotas sin interés con recargo personalizado totalmente personalizables.\u003C\u002Fp>\n","Conectá MercadoPago Plus para tu tienda de WooCommerce",50,13542,100,"2026-01-10T06:46:00.000Z","6.9.4","4.8","7.1",[20,21,53],"payments","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwoo-mercadopago-gateway-checkout.2.2.6.zip",{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":66,"num_ratings":67,"last_updated":68,"tested_up_to":49,"requires_at_least":69,"requires_php":70,"tags":71,"homepage":74,"download_link":75,"security_score":76,"vuln_count":77,"unpatched_count":28,"last_vuln_date":78,"fetched_at":30},"woocommerce-mercadopago","Mercado Pago payments for WooCommerce","8.7.14","Mercado Pago","https:\u002F\u002Fprofiles.wordpress.org\u002Fmercadopago\u002F","\u003Cp>The official Mercado Pago plugin allows you to process payments for your online store, allowing users to finalize their purchase with their preferred payment method.\u003C\u002Fp>\n\u003Cp>To install it, \u003Cstrong>you don’t need to have technical knowledge:\u003C\u002Fstrong> you can follow the \u003Ca href=\"https:\u002F\u002Fwww.mercadopago.com.ar\u002Fdevelopers\u002Fes\u002Fguides\u002Fplugins\u002Fwoocommerce\u002Fintroduction\u002F\" rel=\"nofollow ugc\">step by step of how to integrate it\u003C\u002Fa>. from our developer website and start selling today.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Warning about v6.0.0:\u003C\u002Fstrong> when updating, if you have made custom layout changes to your checkout, it is possible that some of those customizations become misconfigured. If you have a separate store environment just for testing, please update there first in order to visualize and test the changes.\u003C\u002Fp>\n\u003Ch3>What to do with the Mercado Pago Plugin?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Activate \u003Cstrong>Checkout Pro\u003C\u002Fstrong> to offer logged-in payments with money in Mercado Pago account, saved cards and off means.\u003C\u002Fli>\n\u003Cli>Offer payments without the need of having a Mercado Pago account, through the \u003Cstrong>Custom Checkout\u003C\u002Fstrong> for cards and off means, such as cash, bank transfer and PIX (only in Brazil).\u003C\u002Fli>\n\u003Cli>Automatically convert the currency of your products: from Mexican pesos to U.S. dollars and vice versa.\u003C\u002Fli>\n\u003Cli>Sell in \u003Cstrong>installments\u003C\u002Fstrong> and offer the current promotions in Checkout Pro or apply your own discount coupon in Custom Checkout.\u003C\u002Fli>\n\u003Cli>Test your store before going into production with our Sandbox environment.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Receive the money\u003C\u002Fstrong> from your sales on the same day.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>IMPORTANT:\u003C\u002Fstrong> At the moment the Mercado Envios service is deactivated.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Mercado Pago customers can use already stored cards\u003C\u002Fstrong> For your customers who use Mercado Pago to buy without having to fill in card details at the store’s checkout.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Adapted to your business\u003C\u002Fh3>\n\u003Cp>Prepared for any type of store and category: electronics, clothing, kitchen, bazaar, whatever you want!\u003Cbr \u002F>\nJust focus on selling and \u003Cstrong>we’ll take care of the security:\u003C\u002Fstrong> keep your store’s payments protected with our fraud prevention and analysis tool.\u003C\u002Fp>\n\u003Cp>Boost your sales with Mercado Pago payments for WooCommerce!\u003C\u002Fp>\n\u003Ch3>Sell more with the paid market\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.mercadopago.com.br\u002Fquero-usar\u002F?utm_campaign=%5BMP%20OP%5D%20Core%20Checkouts%202021&utm_source=plugin-woocommerce&utm_medium=plugin&utm_term=plugin-woocommerce&utm_content=plugin-woocommerce\" rel=\"nofollow ugc\">Leave your details\u003C\u002Fa> to talk to our team of experts and understand how to sell more (for now only available for Brazil).\u003C\u002Fp>\n","Offer to your clients the best experience in e-Commerce by using Mercado Pago as your payment method.",100000,5548746,78,684,"2026-03-03T18:24:00.000Z","6.3","7.4",[72,21,73],"ecommerce","woocommerce","https:\u002F\u002Fgithub.com\u002Fmercadopago\u002Fcart-woocommerce","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwoocommerce-mercadopago.8.7.14.zip",98,3,"2024-07-19 15:14:26",{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":87,"downloaded":88,"rating":13,"num_ratings":89,"last_updated":90,"tested_up_to":91,"requires_at_least":92,"requires_php":54,"tags":93,"homepage":99,"download_link":100,"security_score":101,"vuln_count":14,"unpatched_count":28,"last_vuln_date":102,"fetched_at":30},"pagopar-woocommerce-gateway","Pagopar – WooCommerce Gateway","2.8.13","Pagopar - Grupo M S.A.","https:\u002F\u002Fprofiles.wordpress.org\u002Fpagopar\u002F","\u003Cp>Pagopar es una solución tecnológica que te permite cobrar con los principales medios de pago de Paraguay: tarjeta de crédito y débito locales (con las procesadoras Bancard, Cabal y Panal), tarjetas de crédito y débito internacionales, bocas de cobranza (Aqui Pago, Pago Express, Wepa) y billeteras electrónicas (Tigo Money, Personal, Zimple, Wally), transferencias bancarias y PIX para usuarios de Brasil.\u003C\u002Fp>\n","Vendé a todo el país con los principales medios de pago.",300,25867,2,"2025-07-11T14:32:00.000Z","6.8.5","4.0",[94,95,96,97,98],"bancard","pagopar","pix","tarjetas-de-credito-y-billeteras-electronicas","upay","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpagopar-woocommerce-gateway","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpagopar-woocommerce-gateway.zip",99,"2025-04-09 00:00:00",{"slug":104,"name":105,"version":106,"author":60,"author_profile":61,"description":107,"short_description":108,"active_installs":109,"downloaded":110,"rating":47,"num_ratings":14,"last_updated":111,"tested_up_to":54,"requires_at_least":54,"requires_php":54,"tags":112,"homepage":114,"download_link":115,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"wpecomm-mercado-pago-module","WPeComm Mercado Pago Module Oficial","4.2.5","\u003Cp>This module enables WP-eCommerce to use Mercado Pago as a payment Gateway for purchases made in your e-commerce store.\u003C\u002Fp>\n\u003Ch4>Why chose Mercado Pago\u003C\u002Fh4>\n\u003Cp>Mercado Pago owns the highest security standards with PCI certification level 1 and a specialized internal team working on fraud analysis. With Mercado Pago, you will be able to accept payments from the most common brands of credit card, offer purchase installments options and receive your payment with antecipation. You can also enable your customers to pay in the web or in their mobile devices.\u003C\u002Fp>\n\u003Ch4>Mercado Pago Main Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Online and real-time processment through IPN mechanism;\u003C\u002Fli>\n\u003Cli>High approval rate with a robust fraud analysis;\u003C\u002Fli>\n\u003Cli>Potential new customers with a base of more than 120 millions of users in Latin America;\u003C\u002Fli>\n\u003Cli>PCI Level 1 Certification;\u003C\u002Fli>\n\u003Cli>Support to major credit card brands;\u003C\u002Fli>\n\u003Cli>Payment installments;\u003C\u002Fli>\n\u003Cli>Anticipation of receivables in D+2 or D+14 (According to Mercado Pago terms and conditions);\u003C\u002Fli>\n\u003Cli>Payment in one click with Mercado Pago basic and custom checkouts;\u003C\u002Fli>\n\u003Cli>Payment via tickets;\u003C\u002Fli>\n\u003Cli>Seller’s Protection Program.\u003C\u002Fli>\n\u003C\u002Ful>\n","This is the oficial module of Mercado Pago for WP-eCommerce plugin.",200,21495,"2017-03-24T19:03:00.000Z",[72,21,113],"wpecommerce","https:\u002F\u002Fgithub.com\u002Fmercadopago\u002Fcart-wp-commerce","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpecomm-mercado-pago-module.4.2.5.zip",{"slug":117,"name":118,"version":119,"author":120,"author_profile":121,"description":122,"short_description":123,"active_installs":45,"downloaded":124,"rating":28,"num_ratings":28,"last_updated":125,"tested_up_to":49,"requires_at_least":126,"requires_php":70,"tags":127,"homepage":131,"download_link":132,"security_score":47,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"lknmp-gateway-givewp","Link Nacional Payment Gateway for MercadoPago and GiveWP","1.5.1","linknacional","https:\u002F\u002Fprofiles.wordpress.org\u002Flinknacional\u002F","\u003Cp>The \u003Ca href=\"https:\u002F\u002Fwww.linknacional.com.br\u002Fwordpress\u002Fgivewp\u002Fmercadopago\u002F\" rel=\"nofollow ugc\">MercadoPago Payment Gateway for GiveWP\u003C\u002Fa> seamlessly integrates MercadoPago with the GiveWP donation plugin for WordPress, providing a secure and efficient solution for receiving online donations. This plugin supports multiple payment methods, recurring donations, and customizable donation forms. Enhance your donor’s experience with a trusted payment gateway, boost your fundraising efforts, and manage donations effortlessly with detailed reporting and a user-friendly interface.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.mercadopago.com.br\" rel=\"nofollow ugc\">MercadoPago\u003C\u002Fa> is a leading online payment solution in Latin America, offering a comprehensive suite of services for secure and convenient financial transactions. As the fintech arm of Mercado Libre, one of the region’s largest e-commerce platforms, Mercado Pago provides a reliable and user-friendly payment gateway for businesses and individuals alike.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Dependencies\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This plugin adds Mercado Pago as a payment option for the GiveWP donation plugin. It uses the \u003Ca href=\"https:\u002F\u002Fwww.mercadopago.com.br\u002Fdevelopers\u002Fpt\u002Freference\" rel=\"nofollow ugc\">Mercado Pago API\u003C\u002Fa> to process transactions. To use this plugin, you must have an active Mercado Pago account.\u003C\u002Fp>\n\u003Cp>As a payment gateway, this plugin communicates with an external API to function properly. Specifically, it connects to the following endpoint: \u003Ca href=\"https:\u002F\u002Fapi.mercadopago.com\" rel=\"nofollow ugc\">https:\u002F\u002Fapi.mercadopago.com\u003C\u002Fa>, which is used to process transactions securely.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgive\u002F\" rel=\"ugc\">GiveWP\u003C\u002Fa> is needed for the plugin to work.\u003C\u002Fp>\n\u003Cp>JS Libraries used:\u003Cbr \u002F>\nThe \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fmercadopago\u002Fsdk-js\" rel=\"nofollow ugc\">MercadoPago sdk-js\u003C\u002Fa> is needed for the plugin to work. \u003Ca href=\"https:\u002F\u002Fwww.mercadopago.com.br\u002Fdevelopers\u002Fpt\u002Fdocs\u002Fcheckout-pro\u002Fintegrate-checkout-pro\u002Fweb\" rel=\"nofollow ugc\">Learn more\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>As a Payment Gateway this plugin contacts these external resources to complete the payment:\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fapi.mercadopago.com\u002Fcheckout\u002Fpreferences\" rel=\"nofollow ugc\">Mercado Pago Checkout API\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fsdk.mercadopago.com\u002Fjs\u002Fv2\" rel=\"nofollow ugc\">Mercado Pago Checkout JS SDK\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>User instructions\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>Search the WordPress sidebar for ‘Link Nacional MercadoPago for GiveWP’.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Download and activate the plugin.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>In the GiveWP, navigate to settings, then ‘Payments Gateways’, and activate ‘Mercado Pago’.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Save your settings.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>You have successfully configured the MercadoPago National Link for GiveWP and allowed your customers to choose to pay for donations with Mercado Pago.\u003C\u002Fp>\n","Link Nacional MercadoPago payment option for GiveWP.",1495,"2026-03-05T20:08:00.000Z","5.7",[128,129,21,130],"card","givewp","payment","https:\u002F\u002Fwww.linknacional.com.br\u002Fwordpress\u002Fgivewp\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flknmp-gateway-givewp.1.5.1.zip",{"attackSurface":134,"codeSignals":168,"taintFlows":200,"riskAssessment":235,"analyzedAt":247},{"hooks":135,"ajaxHandlers":161,"restRoutes":162,"shortcodes":163,"cronEvents":167,"entryPointCount":14,"unprotectedCount":28},[136,142,146,151,156],{"type":137,"name":138,"callback":139,"file":140,"line":141},"action","admin_notices","TokioMP_noticePhpVersionWrong","promociones-mercado-pago.php",52,{"type":137,"name":143,"callback":144,"file":140,"line":145},"plugins_loadedi","TokioMP_i18n_init",77,{"type":137,"name":147,"callback":148,"file":149,"line":150},"admin_init","registerSettings","TokioMP_OptionsManager.php",248,{"type":137,"name":152,"callback":153,"file":154,"line":155},"admin_menu","addSettingsSubMenuPage","TokioMP_Plugin.php",86,{"type":137,"name":157,"callback":158,"file":159,"line":160},"wp_footer","addScriptWrapper","TokioMP_ShortCodeScriptLoader.php",40,[],[],[164],{"tag":4,"callback":165,"file":154,"line":166},"render",109,[],{"dangerousFunctions":169,"sqlUsage":170,"outputEscaping":172,"fileOperations":14,"externalRequests":14,"nonceChecks":28,"capabilityChecks":89,"bundledLibraries":199},[],{"prepared":14,"raw":28,"locations":171},[],{"escaped":89,"rawEcho":173,"locations":174},14,[175,178,180,182,184,186,188,189,191,192,194,195,196,198],{"file":140,"line":176,"context":177},41,"raw output",{"file":149,"line":179,"context":177},286,{"file":149,"line":181,"context":177},288,{"file":149,"line":183,"context":177},299,{"file":149,"line":185,"context":177},311,{"file":149,"line":187,"context":177},331,{"file":149,"line":187,"context":177},{"file":149,"line":190,"context":177},362,{"file":149,"line":190,"context":177},{"file":149,"line":193,"context":177},367,{"file":149,"line":193,"context":177},{"file":149,"line":193,"context":177},{"file":149,"line":197,"context":177},377,{"file":149,"line":197,"context":177},[],[201,225],{"entryPoint":202,"graph":203,"unsanitizedCount":14,"severity":224},"settingsPage (TokioMP_OptionsManager.php:264)",{"nodes":204,"edges":220},[205,210,214],{"id":206,"type":207,"label":208,"file":149,"line":209},"n0","source","$_POST[$aOptionKey]",275,{"id":211,"type":212,"label":213,"file":149,"line":209},"n1","transform","→ updateOption()",{"id":215,"type":216,"label":217,"file":149,"line":218,"wp_function":219},"n2","sink","update_option() [Settings Manipulation]",162,"update_option",[221,223],{"from":206,"to":211,"sanitized":222},false,{"from":211,"to":215,"sanitized":222},"low",{"entryPoint":226,"graph":227,"unsanitizedCount":14,"severity":224},"\u003CTokioMP_OptionsManager> (TokioMP_OptionsManager.php:0)",{"nodes":228,"edges":232},[229,230,231],{"id":206,"type":207,"label":208,"file":149,"line":209},{"id":211,"type":212,"label":213,"file":149,"line":209},{"id":215,"type":216,"label":217,"file":149,"line":218,"wp_function":219},[233,234],{"from":206,"to":211,"sanitized":222},{"from":211,"to":215,"sanitized":222},{"summary":236,"deductions":237},"The plugin 'promociones-mercado-pago' v0.1 exhibits a mixed security posture. On the positive side, there are no known vulnerabilities (CVEs) associated with this plugin, and its code signals indicate the absence of dangerous functions and SQL queries that are not properly prepared. Furthermore, the plugin uses capability checks for some operations and performs file operations and external HTTP requests in a controlled manner.\n\nHowever, several areas raise concerns. The low percentage of properly escaped output (13%) suggests a significant risk of Cross-Site Scripting (XSS) vulnerabilities. The taint analysis reveals two flows with unsanitized paths, which, while not categorized as critical or high severity in this analysis, still represent potential attack vectors. The complete lack of nonce checks is another critical omission, particularly for AJAX handlers (even though there are none currently), as it leaves the door open for Cross-Site Request Forgery (CSRF) attacks if such handlers were to be added in the future or if the shortcode were to interact with client-side scripts. The presence of a shortcode is also an entry point, and without specific details on its implementation, it's hard to definitively assess its security, but the lack of overall proper escaping and nonce checks casts doubt.\n\nGiven the absence of historical vulnerabilities, the plugin might be considered low risk by some. However, the static analysis reveals fundamental security weaknesses, particularly in output escaping and nonce usage, that could be exploited. The plugin authors should prioritize addressing the output escaping and implement nonce checks for any future additions of AJAX handlers or potentially for the existing shortcode's functionality. Until these are addressed, a moderate risk remains.",[238,241,244],{"reason":239,"points":240},"Low output escaping percentage (13%)",8,{"reason":242,"points":243},"Taint analysis: 2 flows with unsanitized paths",5,{"reason":245,"points":246},"No nonce checks implemented",7,"2026-03-16T23:59:36.872Z",{"wat":249,"direct":255},{"assetPaths":250,"generatorPatterns":252,"scriptPaths":253,"versionParams":254},[251],"\u002Fwp-content\u002Fplugins\u002Fpromociones-mercado-pago\u002Fcss\u002Fstyles.css",[],[],[],{"cssClasses":256,"htmlComments":257,"htmlAttributes":258,"restEndpoints":259,"jsGlobals":260,"shortcodeOutput":261},[],[],[],[],[],[262],"\u003C!-- Mercado Pago Promos by Tokio Agency -->"]