[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fWj3Y7o_Ps5vEq4IhEnl0YeI17WAJKsIhdV9UsTa8RtY":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":38,"analysis":138,"fingerprints":213},"shuftipro-kyc-identity-verification","Shuftipro KYC","1.1.6","Shuftipro","https:\u002F\u002Fprofiles.wordpress.org\u002Fshuftipro\u002F","\u003Cp>Automatically verify users with ease from anywhere in the world in real-time. From ID document verification to face verification, you can easily perform advanced ID authentication checks to ensure your users are who they claim to be. Add the Shufti KYC plugin to ensure your website is safe from imposters and comply with stringent KYC and AML compliance rules.\u003C\u002Fp>\n\u003Cp>Shufti KYC plugin connects your wordpress site with the Shufti Pro’s configurable real-time Identity verification and AML screening platform where you can verify your user identity using different IDV checks. To use this for user verification, you need to activate your subscription with Shufti KYC. You can also use it right away with a \u003Ca href=\"https:\u002F\u002Fshuftipro.com\u002Ftry-now\u002F\" rel=\"nofollow ugc\">trial account\u003C\u002Fa> by getting the trial key from Shufti Pro. Once you are ready to integrate, our experts will facilitate the efficient configuration of Shufti KYC that best fits your needs.\u003C\u002Fp>\n\u003Ch4>TOP FEATURES\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Verifies users in real-time without having them leave your website.\u003C\u002Fli>\n\u003Cli>Multiple automated ID verification checks to choose from.\u003C\u002Fli>\n\u003Cli>Is GDPR and PCI-compliant and secures your user data through proper data protection protocols.\u003C\u002Fli>\n\u003Cli>Supports 3000+ ID document types in 150+ languages globally.\u003C\u002Fli>\n\u003Cli>Instant AML Screening against 1700+ global watchlists.\u003C\u002Fli>\n\u003Cli>Has thousands of AI models incorporated for instant verification.\u003C\u002Fli>\n\u003Cli>Hybrid verification model that provides 98.67% accuracy rate.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>ADDITIONAL FEATURES YOU CAN COUNT ON\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Responsive design with simplistic UI\u002FUX.\u003C\u002Fli>\n\u003Cli>Integrated workflows for convenient user journey.\u003C\u002Fli>\n\u003Cli>Frequent updates and new features.\u003C\u002Fli>\n\u003Cli>Customised verification flows as per your business needs.\u003C\u002Fli>\n\u003Cli>Detailed verification reports with image and video proof of verifications.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>HOW IT WORTKS\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Install the Shufti KYC plugin and add it to your wordpress site.\u003C\u002Fli>\n\u003Cli>Get the active subscription of the plugin or start trial mode.\u003C\u002Fli>\n\u003Cli>Enter your client ID and secret key to activate your account.\u003C\u002Fli>\n\u003Cli>Select general parameters against which you want your users to perform verification.\u003C\u002Fli>\n\u003Cli>If you agree with the settings we’ll provide you a short-code and save your settings.\u003C\u002Fli>\n\u003Cli>Copy the shortcode and paste it anywhere on the site to start verification.\u003C\u002Fli>\n\u003Cli>Users perform verification without leaving the website.\u003C\u002Fli>\n\u003Cli>Shufti KYC verifies the user in real-time and stores the verification result in compliance with data protection regulation.\u003C\u002Fli>\n\u003Cli>Verification results are stored in the admin dashboard (Shufti Pro’s \u003Ca href=\"https:\u002F\u002Fbackoffice.shuftipro.com\u002Freports\" rel=\"nofollow ugc\">back-office\u003C\u002Fa>) with proper image and video proof.  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Languages\u003C\u002Fh4>\n\u003Cp>Shufti KYC plugin is available in English and can verify the users in 150+ languages.\u003C\u002Fp>\n\u003Ch4>Help us improve\u003C\u002Fh4>\n\u003Cp>We at Shufti Pro are always open to receiving feedback from our customers. If you have any suggestion or query do write us \u003Ca href=\"tech@shuftipro.com\" rel=\"nofollow ugc\">here\u003C\u002Fa>. Our team will get in touch with you.\u003C\u002Fp>\n\u003Ch4>Expert Support\u003C\u002Fh4>\n\u003Cp>We have a global team of Happiness Engineers ready to provide incredible support. Ask your questions in the support forum or contact us directly \u003Ca href=\"tech@shuftipro.com\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n","Add Shuftipro identity verification process to WordPress websites.",40,5128,100,2,"2024-09-19T11:57:00.000Z","6.4.8","3.0.1","",[20,21,22,23,24],"document-verification","face-verification","id-verification","identity-verification-service","kyc-onboarding","https:\u002F\u002Fshuftipro.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fshuftipro-kyc-identity-verification.1.1.6.zip",92,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"shuftipro",1,30,88,"2026-04-05T09:50:11.898Z",[39,58,79,101,119],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":13,"downloaded":47,"rating":13,"num_ratings":34,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":18,"tags":51,"homepage":56,"download_link":57,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"24tt-document-verifier","24TT Document Verifier","2.0.0","24 Tech Time (U) Ltd","https:\u002F\u002Fprofiles.wordpress.org\u002F24techtime\u002F","\u003Cp>The \u003Cstrong>24TT Document Verifier\u003C\u002Fstrong> is a powerful, enterprise-grade solution designed for institutions, universities, businesses, and government bodies globally to prove the authenticity of their issued documents.\u003C\u002Fp>\n\u003Cp>By embedding a secure verification portal directly into your WordPress website, you instantly protect your institution’s credibility and prevent the dissemination of counterfeit certificates, fake ID cards, and forged official letters.\u003C\u002Fp>\n\u003Ch3>🚀 What’s New in Version 2.0.0? (The Architecture Overhaul)\u003C\u002Fh3>\n\u003Cp>Version 2.0.0 represents a massive leap forward in security, performance, and user experience, completely rebuilding the engine to meet global enterprise standards.\u003Cbr \u002F>\n* \u003Cstrong>The “Kill Switch” (Global Settings):\u003C\u002Fstrong> Instant, granular control over your data. Easily toggle which document categories (e.g., hiding internal ‘Receipts’ while keeping ‘Certificates’ public) are accessible via the public search portal.\u003Cbr \u002F>\n* \u003Cstrong>Native File Uploads:\u003C\u002Fstrong> Ditch the manual URLs. V2.0.0 integrates directly with the native WordPress Media Library, allowing you to visually upload and attach PDF or JPG files to any document record.\u003Cbr \u002F>\n* \u003Cstrong>Dynamic UI Customizer:\u003C\u002Fstrong> Change the frontend search label (e.g., from “Enter Document ID:” to “Enter Employee ID:”) instantly from the Settings dashboard, without touching a single line of code.\u003Cbr \u002F>\n* \u003Cstrong>The “Clean Workspace” Engine:\u003C\u002Fstrong> A brand new, Elementor-style premium admin dashboard that actively suppresses third-party marketing banners and popups, giving you a pristine, professional workspace.\u003Cbr \u002F>\n* \u003Cstrong>Smart Front-End Rendering:\u003C\u002Fstrong> The verification results panel has been completely redesigned into a beautiful, modern success card that intelligently hides empty data fields for a flawless user presentation.\u003Cbr \u002F>\n* \u003Cstrong>Bulletproof Shortcode Tools:\u003C\u002Fstrong> Re-engineered JavaScript ensures your shortcode copy buttons work flawlessly across all modern browsers and aggressive caching environments.\u003Cbr \u002F>\n* \u003Cstrong>Strict Security:\u003C\u002Fstrong> Upgraded Role-Based Access Control (RBAC) ensures only authorized administrators (\u003Ccode>manage_ttdvr_documents\u003C\u002Fcode>) can access the verification database.\u003C\u002Fp>\n\u003Ch3>Core Features:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Custom Verification Database:\u003C\u002Fstrong> Easily manage thousands of verifiable documents (Certificates, Transcripts, MOUs, Invoices) directly within a secure WordPress interface.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Comprehensive Data Fields:\u003C\u002Fstrong> Store exact details including Verification ID, Recipient Name, Grade\u002FPerformance, Issuing Authority, Expiration Dates, and PDF links.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Bulk Upload Tool:\u003C\u002Fstrong> Massively accelerate your workflow. Add 10, 50, or 100 documents to the database simultaneously with dynamic, auto-expanding data rows.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Frontend Verification Portal:\u003C\u002Fstrong> Paste the \u003Ccode>[ttdvr_verify_document]\u003C\u002Fcode> shortcode on any page to instantly deploy a beautiful, responsive search form for your users.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Category Segmentation:\u003C\u002Fstrong> Organize records effortlessly (e.g., 2024 Graduates, Staff IDs, Corporate Contracts) using custom taxonomy tags.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Empower your stakeholders, employers, and partners to confirm the legitimacy of your documents with absolute confidence.\u003C\u002Fp>\n\u003Ch3>Short Description\u003C\u002Fh3>\n\u003Cp>The ultimate enterprise-grade document verification system. Securely issue and verify certificates, ID cards, letters, and receipts directly on your WordPress website.\u003C\u002Fp>\n","The 24TT Document Verifier is a powerful, enterprise-grade solution designed for institutions, universities, businesses, and government bodies globall &hellip;",883,"2026-03-09T02:09:00.000Z","6.9.4","5.8",[52,53,20,54,55],"authenticity","certificate-validation","enterprise-security","portal","https:\u002F\u002Fwordpress.24techtime.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002F24tt-document-verifier.2.0.0.zip",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":13,"downloaded":66,"rating":13,"num_ratings":67,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":71,"tags":72,"homepage":77,"download_link":78,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"identity-verification-for-woocommerce","Identity Verification for WooCommerce","1.33.1","Verdict","https:\u002F\u002Fprofiles.wordpress.org\u002Fverdictapps\u002F","\u003Cp>Real ID proves your customers’ real identities using their physical or digital ID and facial biometrics, allowing you to fulfill any order with confidence. It’s designed to support use cases such as:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Age-restricted products compliance\u003C\u002Fli>\n\u003Cli>Preventing real or fake chargebacks for high-cost goods\u003C\u002Fli>\n\u003Cli>Vetting customers for rentals\u003C\u002Fli>\n\u003Cli>Providing frictionless KYC for regulated markets\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F5Z0FJCTSUgw?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>Real ID’s document verification helps remove friction during fulfillment by quickly and easily detecting whether a government-issued ID is genuine or fraudulent. All the user needs to do is take a photo of their ID and a selfie on their mobile device.\u003C\u002Fp>\n\u003Cp>Real ID uses cutting-edge A.I. to verify the authenticity of the ID and instantly match the face on the ID to the selfie submitted by the customer.\u003C\u002Fp>\n\u003Cp>Quickly and simply require ID verification before, during, or after checkout—or even during account registration for members-only sites or wholesale accounts.\u003C\u002Fp>\n\u003Cp>Check out our \u003Ca href=\"https:\u002F\u002Freal-id-demo-checkout-ui.myshopify.com?utm_source=wc_listing&utm_campaign=demo_store_cta\" title=\"The Real ID demo store which showcases our during-checkout ID verification option.\" rel=\"nofollow ugc\">demo site\u003C\u002Fa> to see an example of how it works in action.\u003C\u002Fp>\n\u003Ch4>How does ID verification help your business?\u003C\u002Fh4>\n\u003Cp>With your customers’ verified ID and selfie photos, you’re able to prove their shipping address. This gives you far more weight on your side during chargeback disputes and effectively eliminates “friendly fraud” losses.\u003C\u002Fp>\n\u003Cp>And if you need to perform age verification checks for purchases of restricted goods, Real ID’s document verification takes care of that too. We’ll confirm a user’s date of birth by verifying their ID to help you manage and reduce risk at checkout.\u003C\u002Fp>\n\u003Ch4>Verify once per account, not per order\u003C\u002Fh4>\n\u003Cp>After a customer verifies their ID, their account on your store will be remembered for future purchases, increasing your conversion rate and lowering friction because it’s a trusted account.\u003C\u002Fp>\n\u003Ch4>IDs stored on your private cloud\u003C\u002Fh4>\n\u003Cp>No customer PII (Personally Identifiable Information) is stored on your WordPress site. We securely store all IDs on your behalf and respect all data deletion requests.\u003C\u002Fp>\n\u003Ch4>Control when ID verification is required\u003C\u002Fh4>\n\u003Cp>Require ID verification at any point during your customer’s purchasing journey. Real ID can be set up without code to verify IDs:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Before checkout\u003C\u002Fli>\n\u003Cli>After checkout\u003C\u002Fli>\n\u003Cli>During account registration\u003C\u002Fli>\n\u003Cli>On custom pages using our \u003Ca href=\"https:\u002F\u002Fgetverdict.com\u002Fhelp\u002Fdocs\u002Fjs\" title=\"The Real ID JavaScript SDK documentation\" rel=\"nofollow ugc\">JavaScript SDK\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can even limit ID verification to specific shipping addresses or products. For custom use cases, you can use our REST API to trigger an ID verification.\u003C\u002Fp>\n\u003Ch4>International support\u003C\u002Fh4>\n\u003Cp>Expand your market with confidence, knowing that Real ID can verify IDs from hundreds of countries, including:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>United States\u003C\u002Fli>\n\u003Cli>Canada\u003C\u002Fli>\n\u003Cli>Great Britain\u003C\u002Fli>\n\u003Cli>Mexico\u003C\u002Fli>\n\u003Cli>France\u003C\u002Fli>\n\u003Cli>Australia\u003C\u002Fli>\n\u003Cli>Germany\u003C\u002Fli>\n\u003Cli>And hundreds more\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Real ID can verify documents such as:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Passports\u003C\u002Fli>\n\u003Cli>Driver’s Licenses\u003C\u002Fli>\n\u003Cli>National IDs\u003C\u002Fli>\n\u003Cli>Visas\u003C\u002Fli>\n\u003Cli>And more\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>See our \u003Ca href=\"https:\u002F\u002Fgetverdict.com\u002Fsupported-id-documents?utm_source=wc_listing&utm_campaign=description\" title=\"The full list of supported IDs by the Real ID plugin\" rel=\"nofollow ugc\">full list of supported countries and documents\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Customize to your brand\u003C\u002Fh4>\n\u003Cp>Control your theme and branding within the plugin itself, without code. You can even override the messaging for each step to fit your tone and brand.\u003C\u002Fp>\n\u003Cp>Build trust with your customers by using your own email address to deliver ID verification links.\u003C\u002Fp>\n\u003Ch4>Flexible for any flow\u003C\u002Fh4>\n\u003Cp>We also provide a robust REST API, JS SDK, Webhooks, and WordPress hooks for your developers to build a custom experience or for advanced logic.\u003C\u002Fp>\n","Eliminate fraud & verify customer age with real ID checks",35529,12,"2026-02-16T18:38:00.000Z","6.8.5","4.8","7.4",[73,74,75,22,76],"age-verification","fraud","id-check","woocommerce","https:\u002F\u002Fgetverdict.com\u002Freal-id","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fidentity-verification-for-woocommerce.1.33.1.zip",{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":87,"downloaded":88,"rating":13,"num_ratings":34,"last_updated":89,"tested_up_to":90,"requires_at_least":91,"requires_php":18,"tags":92,"homepage":97,"download_link":98,"security_score":99,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":100},"advertsafe","advertSAFE Site Seal","1.1","weptile","https:\u002F\u002Fprofiles.wordpress.org\u002Fweptile\u002F","\u003Cp>The dedicated plugin site: \u003Ca href=\"http:\u002F\u002Fwww.plugin-site-seal.com\u002F\" title=\"advertSAFE dedicated plugin site\" rel=\"nofollow ugc\">Plugin-Site-Seal.com\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Our main website: \u003Ca href=\"http:\u002F\u002FadvertSAFE.com\u002F\" title=\"advertSAFE main website\" rel=\"nofollow ugc\">advertSAFE.com\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>The advertSAFE site seal plugin is a simple and perfect FREE solution to add instant trust to a website and users. We also pay 25% commission from any new member sign ups through your seal.\u003C\u002Fp>\n\u003Cp>We verify the identity of ordinary internet users and advertisers across the globe. Are users who they say they are? Are they a scammer? Criminal? Really a man or woman? If you don’t ask yourself these questions, your site visitors and potential members certainly do!\u003C\u002Fp>\n\u003Cp>What if you can dispel these fears in one easy step? What if you could provide peace of mind for your site visitors and users?\u003C\u002Fp>\n\u003Cp>Display the advertSAFE partner site seal on your website. This naturally gains more trust and encourages people to become advertSAFE verified. Watch general user confidence, trust and your site’s reputation grow.\u003C\u002Fp>\n\u003Cp>Who can use this site seal?\u003Cbr \u002F>\nThe site seal is perfect for community and listings based websites to promote trust for the site and users. Ideal for forums, classified ad sites, online dating, holiday home rental and any site where users can advertise or create a user profile.\u003C\u002Fp>\n\u003Cp>How do I earn money from the site seal?\u003Cbr \u002F>\nOnce you have installed the plugin and the site seal is clearly visible throughout your site. Complete a short form in the plugin settings and we will email you a code to place in a field within settings.\u003C\u002Fp>\n\u003Cp>advertSAFE pays 25% commission on sales with no cookie expiry. This includes membership fees or upgrades. Any partner site joining us through your site seal will also earn you 10% override commission from their sales, so make sure your site seal is positioned well throughout your website.\u003C\u002Fp>\n","Add trust to your website and users with the advertSAFE site seal plugin. Plus earn 25% commission from any new member sign ups through your seal.",10,4272,"2013-10-01T09:18:00.000Z","3.6.1","3.3",[93,94,22,95,96],"check-id","free-site-seal","security","site-seal","http:\u002F\u002Fwww.weptile.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvertsafe.1.1.2.zip",85,"2026-03-15T14:54:45.397Z",{"slug":102,"name":103,"version":104,"author":105,"author_profile":106,"description":107,"short_description":108,"active_installs":87,"downloaded":109,"rating":28,"num_ratings":28,"last_updated":110,"tested_up_to":111,"requires_at_least":112,"requires_php":18,"tags":113,"homepage":18,"download_link":118,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"awareid-wc-integration","AwareID – Biometric Identity Authentication","3.1.1","jhicksaware","https:\u002F\u002Fprofiles.wordpress.org\u002Fjhicksaware\u002F","\u003Cp>\u003Cstrong>Secure More Revenue with Seamless Biometric Enrollment & Authentication\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>For robust, multi-layered security for all users, integrate AwareID’s Identity Verification plugin for biometric enrollment & authentication. Verify user identities using advanced facial biometrics and document verification, helping ensure compliance and fraud prevention from login to checkout. Protect your app and profits and give users an experience they’ll love!\u003C\u002Fp>\n\u003Cp>Note: Please reach out to \u003Ca href=\"https:\u002F\u002Fwww.aware.com\u002Fawareid-wordpress-contact\u002F\" rel=\"nofollow ugc\">Aware\u003C\u002Fa> or \u003Ca href=\"sales@aware.com\" rel=\"nofollow ugc\">email us\u003C\u002Fa> if you have not yet registered with our organization for biometric authentication. This is crucial as the plugin will not be able to operate without an AwareID login.\u003C\u002Fp>\n\u003Ch3>Strengthen Security and Compliance\u003C\u002Fh3>\n\u003Cp>Designed for WooCommerce implementations that demand high-security identity verification, this plugin ensures only enrolled, verified individuals can complete purchases.\u003C\u002Fp>\n\u003Cp>AwareID (https:\u002F\u002Fwww.aware.com\u002Fbiometric-identity-management-as-a-service\u002F) integrates seamlessly with WooCommerce, offering:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Support for KYC Compliance\u003C\u002Fli>\n\u003Cli>ID Document Verification \u003C\u002Fli>\n\u003Cli>Multi-Modal Biometric Authentication\u003C\u002Fli>\n\u003Cli>Biometric Face Matching & Face Liveness\u003C\u002Fli>\n\u003Cli>Geofencing, Device Risk, and Fraud Prevention \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Create customizable workflows, intuitive point-and-click configuration, and advanced biometric security settings. This plugin empowers you to tailor verification processes to align with your specific business needs, ensuring safe and compliant transactions.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Secure Customer Enrollment and Authentication\u003C\u002Fstrong>: Integrates with the WooCommerce cart or checkout flow to add an enhanced layer of security. \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Seamless Checkout\u003C\u002Fstrong>: Enable identity verification via face and document for both guests and registered users. \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Age Restriction & ID Document Verification\u003C\u002Fstrong>: Set age restrictions to prevent access to the site with sophisticated document reading capabilities.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Location-based Security\u003C\u002Fstrong>: Set states from which the customer will be denied access to checkout and logging in depending on geographic location.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>User Workflow\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Guest Checkout\u003C\u002Fstrong>: Guests are prompted to verify their identity via face and document recognition during their first checkout. This verification may not be required on subsequent visits, depending on the settings.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Registered User Checkout\u003C\u002Fstrong>: Users logged in but not verified are required to verify their identity before proceeding with checkout. Restrictions based on age and geographic location are enforced.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Why Aware?\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>30 Years of Innovation\u003C\u002Fstrong>: Established over three decades ago, Aware holds over 80 patents in biometric technologies and a proven track record of excellence.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Trusted by Industry Leaders\u003C\u002Fstrong>: Our technology safeguards critical systems for clients such as NASA, government agencies, and over 150 law enforcement agencies worldwide.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>In-House Expertise, Developed in the USA\u003C\u002Fstrong>: All solutions are developed by Aware’s expert team in the United States, ensuring the highest standards of quality, security, and innovation.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Inclusive Biometric Solutions\u003C\u002Fstrong>: Aware trains all  biometric systems with diverse data sets to minimize racial bias. We also empower users to have control over identities through clear, easy opt-in and opt-out features, helping them feel secure and improving their lives.\u003C\u002Fp>\n\u003Cp>Whether you require white-labeled apps, native SDKs, or API integrations, AwareID offers flexible deployment options, including low-code and OpenID Connect integration. This adaptability guarantees robust protection without compromising on ease of use or customer satisfaction.\u003C\u002Fp>\n\u003Ch3>How to Get Started:\u003C\u002Fh3>\n\u003Cp>Before installing the plugin, ensure you meet the following requirements:\u003Cbr \u002F>\n– An active WooCommerce installation on your WordPress site.\u003Cbr \u002F>\n– An active AwareID account with appropriate credentials.\u003C\u002Fp>\n\u003Cp>Please reach out to \u003Ca href=\"https:\u002F\u002Fwww.aware.com\u002Fcontact\u002F\" rel=\"nofollow ugc\">Aware\u003C\u002Fa> or \u003Ca href=\"sales@aware.com\" rel=\"nofollow ugc\">email us\u003C\u002Fa> if you have not registered with our organization for biometric authentication. This is crucial as the plugin will not be able to operate without an AwareID login.\u003C\u002Fp>\n\u003Ch3>Configuring AwareID into WooCommerce\u003C\u002Fh3>\n\u003Cp>To set up the plugin, configure it with your AwareID account details to enable authentication requests.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note\u003C\u002Fstrong>: This section will detail configuration of AwareID into WooCommerce only and will serve to make sure your WordPress site can connect to AwareID to authenticate consumers when configured. When you become an Aware customer, your Customer Onboarding includes configuration of the AwareID product to meet your use case and business objectives. This is a critical step to receiving successful authentication results and should be done prior to configuring AwareID on your WordPress site.\u003C\u002Fp>\n\u003Cp>Once you are logged into your WordPress Admin Account, navigate to the Aware Verification Settings Panel. On this menu page, please input the following details:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Cstrong>AwareID Domain\u003C\u002Fstrong>: Input the base URL for your AwareID service.\u003Cbr \u002F>\nExample: https:\u002F\u002Fawareid-yourdomain.aware-apis.com\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Realm Name\u003C\u002Fstrong>: Specify the account name associated with your AwareID environment. \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Client Secret\u003C\u002Fstrong>: Enter the client secret key provided by AwareID. Note: This key is unique to your configuration and a vital component of securing your instance and the sensitive personal information of your customers. Please keep it confidential.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>API Key\u003C\u002Fstrong>: Enter the API key which is another critical credential for connecting with AwareID. Note: This key is unique to your configuration and a vital component of securing your instance and the sensitive personal information of your customers. Please keep it confidential. \u003C\u002Fli>\n\u003Cli>\u003Cstrong>GeoCode Earth API Key\u003C\u002Fstrong>: If your configuration will be utilizing Aware’s GeoFencing feature, you need to have a GeoCode earth API key. This will be supplied to you by our Customer Onboarding Team if you are using this functionality. \u003C\u002Fli>\n\u003Cli>\u003Cstrong>IP Info API Key\u003C\u002Fstrong>: If your configuration will be utilizing Aware’s GeoFencing feature, and you wish to utilize the geolocation functionality, you need to have a IpInfo API Key. This will be supplied to you by our Customer Onboarding Team if you are utilizing this functionality. \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Update Public Key\u003C\u002Fstrong>: Press update public key button to update public key for encrypted face capture.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Admin Functionality\u003C\u002Fh3>\n\u003Cp>Through the AwareID Settings panel, you can configure:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>GeoFencing Settings\u003C\u002Fstrong>: Define states or regions where access should be restricted.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Age Restrictions\u003C\u002Fstrong>: Set a minimum age requirement for checkout.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Document Authentication\u003C\u002Fstrong>: Verify document authenticity using OCR and security checks to prevent fraud. \u003C\u002Fli>\n\u003Cli>\u003Cstrong>ReValidation Settings\u003C\u002Fstrong>: Choose intervals at which users must revalidate their identity.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Identity Verification\u003C\u002Fstrong>: Confirm user identities through multimodal biometrics or document checks.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Biometric Authentication\u003C\u002Fstrong>: Secure access with biometrics reducing the risk of breaches and improving user experience.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Detailed Service Integration Points\u003C\u002Fh3>\n\u003Cp>This section provides specific details about the integration points where our plugin communicates with external services, particularly the AwareID SaaS platform. Understanding these points will help users ensure compliance with relevant legal and data protection standards.\u003C\u002Fp>\n\u003Ch3>Authentication with AwareID using OpenID Connect\u003C\u002Fh3>\n\u003Cp>Purpose: Utilizes OpenID Connect protocol to authenticate users securely by generating JSON Web Tokens (JWTs). This method verifies user identities with high integrity.\u003Cbr \u002F>\nEndpoint Usage: The plugin constructs $openid_url for token generation, essential for user sessions:\u003C\u002Fp>\n\u003Cp>Examples:\u003Cbr \u002F>\n$openid_url = $awareIDConfig[‘domain’] . ‘auth\u002Frealms\u002F’ . $awareIDConfig[‘realm’] . ‘\u002Fprotocol\u002Fopenid-connect\u002Ftoken’\u003Cbr \u002F>\n$openid_url = $domain . ‘auth\u002Frealms\u002F’ . $realm . ‘\u002Fprotocol\u002Fopenid-connect\u002Ftoken’;\u003C\u002Fp>\n\u003Cp>Security Note: URLs and realm identifiers are set during configuration to ensure custom, secure environments per customer.\u003C\u002Fp>\n\u003Ch3>Third-Party Services and Libraries\u003C\u002Fh3>\n\u003Cp>This plugin uses a hybrid architecture, combining WordPress functionality with external services and client-side components for enhanced security and performance. It relies on the following third-party services and libraries:\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Server-Side Processing\u003C\u002Fstrong>:\u003Cbr \u002F>\nAwareID (Managed by Final Customers)\u003C\u002Fp>\n\u003Cp>This plugin utilizes AwareID, a SaaS platform developed by Aware, Inc., which facilitates biometric verification. Below, you’ll find general details about Aware, Inc. and a note on the AwareID platform’s specific usage.\u003C\u002Fp>\n\u003Cp>Purpose: AwareID is used to accurately and securely process biometrics including face, document, voice, and device profiling.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>General Website\u003C\u002Fstrong>: https:\u002F\u002Faware.com\u002F\u003Cbr \u002F>\n\u003Cstrong>General Terms of Service\u003C\u002Fstrong>: https:\u002F\u002Fwww.aware.com\u002Fterms-and-conditions\u002F\u003Cbr \u002F>\n\u003Cstrong>General Privacy Policy\u003C\u002Fstrong>: https:\u002F\u002Fwww.aware.com\u002Fdataprivacy\u002F\u003C\u002Fp>\n\u003Cp>– Note: The specific terms of service and privacy policies for AwareID services are managed and provided by each Aware Business Client. Users of this plugin must consult the specific AwareID environment managed by the service provider they are interacting with to review applicable terms and privacy policies.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>GeoCode Earth\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Purpose\u003C\u002Fstrong>: Used for geofencing functionality to determine user location.\u003Cbr \u002F>\n\u003Cstrong>Website: https\u003C\u002Fstrong>:\u002F\u002Fgeocode.earth\u002F\u003Cbr \u002F>\n\u003Cstrong>Terms of Service\u003C\u002Fstrong>: https:\u002F\u002Fgeocode.earth\u002Fterms\u002F\u003Cbr \u002F>\n\u003Cstrong>Privacy Policy\u003C\u002Fstrong>: https:\u002F\u002Fgeocode.earth\u002Fprivacy\u002F\u003C\u002Fp>\n\u003Cp>\u003Cstrong>IPInfo.io\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Purpose\u003C\u002Fstrong>: Used as a fallback for geolocation when HTML5 geolocation is unavailable or denied.\u003Cbr \u002F>\n\u003Cstrong>Website\u003C\u002Fstrong>: https:\u002F\u002Fipinfo.io\u002F\u003Cbr \u002F>\n\u003Cstrong>Terms of Service\u003C\u002Fstrong>: https:\u002F\u002Fipinfo.io\u002Fterms-of-service\u003Cbr \u002F>\n\u003Cstrong>Privacy Policy\u003C\u002Fstrong>: https:\u002F\u002Fipinfo.io\u002Fprivacy-policy\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Client-Side Components\u003C\u002Fstrong>:\u003Cbr \u002F>\n\u003Cstrong>KnomiWeb\u003C\u002Fstrong> (Non-GPL)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Purpose\u003C\u002Fstrong>: Used for face capture during the biometric verification process.\u003Cbr \u002F>\n\u003Cstrong>Hosting\u003C\u002Fstrong>: Hosted on Aware Inc.’s CDN\u003Cbr \u002F>\n\u003Cstrong>License\u003C\u002Fstrong>: Proprietary (non-GPL)\u003Cbr \u002F>\n\u003Cstrong>Note\u003C\u002Fstrong>: This library is loaded from our CDN and is not included in the plugin files.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Regula Document Reader SDK\u003C\u002Fstrong> (Non-GPL)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Purpose\u003C\u002Fstrong>: Used for document capture and verification during the authentication process.\u003Cbr \u002F>\n\u003Cstrong>License\u003C\u002Fstrong>: Proprietary (non-GPL)\u003Cbr \u002F>\n\u003Cstrong>Website\u003C\u002Fstrong>: https:\u002F\u002Fregulaforensics.com\u002Fproducts\u002Fdocument-reader-sdk\u002F\u003C\u002Fp>\n\u003Cp>This architecture allows us to leverage secure cloud processing while maintaining the responsiveness needed for biometric capture and initial verification.\u003C\u002Fp>\n\u003Ch3>User Consent and Control\u003C\u002Fh3>\n\u003Cp>We are committed to transparency in our use of biometric authentication:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Consent\u003C\u002Fstrong>: Clear user consent is required before any biometric data is collected in most jurisdictions. The Aware Business Client is required to obtain these consents from consumers in advance of biometric data collection and ensure users are fully informed about the data collection process before they proceed.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Core Functionality\u003C\u002Fstrong>: Biometric verification is an integral part of this plugin’s security measures. Users who do not wish to use biometric verification should not install or should uninstall this plugin.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Deletion\u003C\u002Fstrong>: Users can request complete deletion of their biometric data by contacting the site administrator.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Transparency\u003C\u002Fstrong>: We provide clear information about data collection, processing, and storage practices in our privacy policy. For questions or concerns regarding our privacy policy, please contact us at privacy@aware.com\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>For technical support or further assistance, please contact support@aware.com.\u003C\u002Fp>\n\u003Ch3>Data Handling and Privacy\u003C\u002Fh3>\n\u003Cp>Our plugin facilitates the secure authentication process by connecting your WordPress site with AwareID’s backend services. It’s important to note that this plugin does not store sensitive data itself:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Data Processed: The plugin helps collect facial biometrics, document images, and geolocation data for verification purposes.\u003C\u002Fli>\n\u003Cli>Data Transmission: Collected data is securely transmitted to AwareID’s servers for processing.\u003C\u002Fli>\n\u003Cli>Backend Processing and Storage: All data processing and storage occur on AwareID’s secure servers, not within WordPress or this plugin.\u003C\u002Fli>\n\u003Cli>Data Policies: Retention periods, user rights, and compliance measures are managed by the individual AwareID service provider (your company or contracted service).\u003C\u002Fli>\n\u003Cli>Plugin’s Role: This plugin acts as a facilitator, enabling the connection between your WordPress site and the AwareID backend. It does not store or manage the sensitive data itself.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Important Note: Important Note: As the site administrator and as the Aware Business Client, you are responsible for ensuring that your use of AwareID services, including data handling and retention policies, complies with relevant regulations such as GDPR and CCPA. Please review your internal policies and procedures to ensure appropriate consult with your specific AwareID service provider for details on their data handling practices and to set up appropriate privacy policies for your users.\u003C\u002Fp>\n","Secure app logins without passwords, facilitate trusted transactions & reduce chargebacks by enabling easy biometric enrollment & authentication.",1003,"2025-06-19T21:51:00.000Z","6.6.5","5.0",[114,115,116,20,117],"authentication","awareid","biometrics","enrollment","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fawareid-wc-integration.zip",{"slug":120,"name":121,"version":122,"author":123,"author_profile":124,"description":125,"short_description":126,"active_installs":87,"downloaded":127,"rating":13,"num_ratings":14,"last_updated":128,"tested_up_to":129,"requires_at_least":130,"requires_php":131,"tags":132,"homepage":136,"download_link":137,"security_score":99,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"konfirmi","Konfirmi Plugin","2.1.3","konfirmillc","https:\u002F\u002Fprofiles.wordpress.org\u002Fkonfirmillc\u002F","\u003Cp>\u003Cstrong>Verify your customers automatically!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>KONFIRMI provides an easy and affordable way to automatically verify your customer’s identity and other information — in any e-commerce store, registration form, contact form or survey, webform, or online application.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Set up takes less than 5 minutes!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>For example, this video shows KONFIRMI being set up in about 4 minutes:\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fkonfirmi.com\u002F#howitworks\" rel=\"nofollow ugc\">Click Here for Set Up Example Video\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>KONFIRMI goes beyond just providing a popup asking a user or customer to provide their information or state their age.  KONFIRMI also goes beyond fraud prevention and CAPTCHA-like functionalty.  In addition, KONFIRMI avoids many problems often present in other customer verification systems.\u003C\u002Fp>\n\u003Cp>Our easy-to-use app allows you to select from a variety of ways to automatically verify your customer’s information, such as:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Age\u003C\u002Fli>\n\u003Cli>Photo ID\u003C\u002Fli>\n\u003Cli>Mailing Address\u003C\u002Fli>\n\u003Cli>Phone number\u003C\u002Fli>\n\u003Cli>Email Address\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>before any services are provided, before any access is granted, and before any products are sold or delivered.\u003C\u002Fp>\n\u003Cp>+++++++++++++++++\u003C\u002Fp>\n\u003Cp>\u003Cstrong>USE KONFIRMI TO AVOID VIOLATING THE LAW\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Our app provides an easy and affordable way to comply with various laws affecting e-commerce and other online businesses:\u003C\u002Fp>\n\u003Cp>\u003Cstrong>True Age Verification:\u003C\u002Fstrong>  KONFIRMI lets you automatically verify your customer’s age!  Online sellers of age restricted products — like certain kinds of video games, liquor and alcoholic beverages, tobacco and vaping products, marijuana sales, pornography, and gambling services — must check the buyer’s government-issued photo ID, or in some cases at least verify the buyer’s information against consumer databases, to ensure that the buyer is old enough. In most cases, you also need a clear audit trail to prove the verifications were being done properly.  KONFIRMI handles all of this automatically!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>No Facial Recognition.\u003C\u002Fstrong>  Studies have shown that facial recognition is unreliable with non-Caucasians — just search the internet, and you will find several reputable studies and articles on this issue.  In addition, facial recognition is disfavored and highly problematic in many places, including in the European Economic Area (EEA) and in several states in the United States.  In some cases, you even need a written release from your customer to use facial recognition or other biometrics, and written disclosure of the specific purpose and duration of time for which the facial recognition or biometric information is being collected, stored, and used.  KONFIRMI lets you avoid all of this!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>“Behind the Scenes” Verification.\u003C\u002Fstrong>  KONFIRMI gets the consents you need to verify your customers!  In many countries, including in the United States, it is often illegal to identify individuals without their knowledge and consent, especially using biometrics of any kind.  This is easy with KONFIRMI!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>GDPR Compliance:\u003C\u002Fstrong>  KONFIRMI allows you to easily comply with the GDPR!  Under the European Union’s General Data Protection Regulation (GDPR), EU residents have the right to request information you have about them, and have you delete or correct this information.  However, you first have to verify that the request is actually from your customer.  KONFIRMI handles this for you!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>CCPA Compliance:\u003C\u002Fstrong>  KONFIRMI also lets you easily comply with the CCPA!  Under the new California Consumer Privacy Act (CCPA), businesses have to provide California customers with a copy of their personal information held by the business, and delete or correct their information upon request.  However, you first have to verify that the request is from the customer.  KONFIRMI handles this for you automatically!\u003C\u002Fp>\n\u003Cp>+++++++++++++++++\u003C\u002Fp>\n\u003Cp>KONFIRMI allows you to easily get Single- or Multi-Factor Authentication for your customers.\u003C\u002Fp>\n\u003Cp>You can easily pick and choose from many simple or sophisticated verification methods.\u003C\u002Fp>\n\u003Cp>In addition, you can easily swap out one verification method for another, stack or layer various verifications methods together, and ‘mix and match’ different verification methods for use in various parts of your website.\u003C\u002Fp>\n\u003Cp>For example, our most popular combination of verification methods is “SMS\u002FText Code” authentication, combined with “Knowledge Based” or “Information Check” authentication.\u003C\u002Fp>\n\u003Cp>This combination allows you to automatically verify your customer’s phone number or email address with third-party data sources, and then have your customer enter a code sent that same phone number or email address.\u003C\u002Fp>\n\u003Cp>This combination is very hard to spoof, but also is very fast and easy for your customers!\u003C\u002Fp>\n\u003Cp>KONFIRMI works with WooCommerce, as well as various popular contact form plugins.\u003C\u002Fp>\n\u003Cp>For more information, please visit:\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fkonfirmi.com\" rel=\"nofollow ugc\">Konfirmi Website\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>+++++++++++++++++\u003C\u002Fp>\n\u003Cp>\u003Cstrong>NEW FEATURES:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Works Internationally:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Your customers can easily change the language they see.  In addition, our app allows you to select the language that your customers will see first.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Easy to Customize:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>You can easily change the appearance of the parts of our app that your customers see.  You can also add your own company logo for consistent branding on your website.\u003C\u002Fp>\n","KONFIRMI allows you to easily and automatically verify your customer's age, ID, address, and other information.",3317,"2023-03-12T20:11:00.000Z","6.1.10","4.9","7.0",[73,22,133,134,135],"identity-verification","verify-age","verify-id","https:\u002F\u002Flogin.konfirmi.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkonfirmi.2.1.3.zip",{"attackSurface":139,"codeSignals":170,"taintFlows":200,"riskAssessment":201,"analyzedAt":212},{"hooks":140,"ajaxHandlers":163,"restRoutes":164,"shortcodes":165,"cronEvents":169,"entryPointCount":34,"unprotectedCount":28},[141,148,153,156,158,161],{"type":142,"name":143,"callback":144,"priority":145,"file":146,"line":147},"action","admin_menu","addPluginAdminMenu",9,"admin\\class-shuftipro-kyc-admin.php",51,{"type":142,"name":149,"callback":150,"file":151,"line":152},"plugins_loaded","anonymous","includes\\class-shuftipro-kyc.php",148,{"type":142,"name":154,"callback":150,"file":151,"line":155},"admin_enqueue_scripts",163,{"type":142,"name":154,"callback":150,"file":151,"line":157},164,{"type":142,"name":159,"callback":150,"file":151,"line":160},"wp_enqueue_scripts",195,{"type":142,"name":159,"callback":150,"file":151,"line":162},196,[],[],[166],{"tag":167,"callback":150,"file":151,"line":168},"kyc_live",204,[],{"dangerousFunctions":171,"sqlUsage":172,"outputEscaping":175,"fileOperations":34,"externalRequests":194,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":195},[],{"prepared":173,"raw":28,"locations":174},15,[],{"escaped":176,"rawEcho":177,"locations":178},103,5,[179,183,186,189,191],{"file":180,"line":181,"context":182},"admin\\partials\\add-update.php",17,"raw output",{"file":184,"line":185,"context":182},"admin\\partials\\data-update.php",13,{"file":187,"line":188,"context":182},"admin\\partials\\info.php",46,{"file":187,"line":190,"context":182},52,{"file":192,"line":193,"context":182},"admin\\partials\\shuftipro-kyc-admin-display.php",1213,3,[196],{"name":197,"version":198,"knownCves":199},"jQuery","3.7.1",[],[],{"summary":202,"deductions":203},"The shuftipro-kyc-identity-verification plugin version 1.1.6 exhibits a generally strong security posture based on the provided static analysis. The plugin demonstrates excellent practices by utilizing prepared statements for all SQL queries and ensuring a high percentage of output is properly escaped, significantly mitigating common risks like SQL injection and cross-site scripting. The absence of known CVEs and a clean vulnerability history further reinforces this positive outlook, indicating a well-maintained and secure plugin over time.  However, several critical areas warrant attention. The complete lack of nonce checks and capability checks across its entry points, particularly the single shortcode, represents a significant security weakness. This means that any user, regardless of their role or permissions, could potentially trigger the shortcode's functionality, leading to unauthorized actions or information disclosure. While no critical taint flows were identified, the absence of these checks on core entry points could inadvertently enable them. The presence of an external HTTP request also introduces a potential vector for information leakage or reliance on an insecure external service, though this risk is mitigated by the lack of identified vulnerabilities.",[204,206,208,210],{"reason":205,"points":87},"Missing nonce checks on entry points",{"reason":207,"points":87},"Missing capability checks on entry points",{"reason":209,"points":177},"Potential for unescaped output (5% unescaped)",{"reason":211,"points":194},"External HTTP requests present","2026-03-16T22:18:48.394Z",{"wat":214,"direct":224},{"assetPaths":215,"generatorPatterns":219,"scriptPaths":220,"versionParams":221},[216,217,218],"\u002Fwp-content\u002Fplugins\u002Fshuftipro-kyc-identity-verification\u002Fadmin\u002Fcss\u002Fshuftipro-kyc-admin.css","\u002Fwp-content\u002Fplugins\u002Fshuftipro-kyc-identity-verification\u002Fadmin\u002Fjs\u002Fshuftipro-kyc-admin.js","\u002Fwp-content\u002Fplugins\u002Fshuftipro-kyc-identity-verification\u002Fadmin\u002Fjs\u002Fjquery.validate.min.js",[],[217,218],[222,223],"shuftipro-kyc-identity-verification\u002Fadmin\u002Fjs\u002Fshuftipro-kyc-admin.js?ver=","shuftipro-kyc-identity-verification\u002Fadmin\u002Fjs\u002Fjquery.validate.min.js?ver=",{"cssClasses":225,"htmlComments":226,"htmlAttributes":227,"restEndpoints":228,"jsGlobals":229,"shortcodeOutput":230},[],[],[],[],[],[]]