[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$flUTt22oZ3-SfKYhIBLnSBAX44mqinyi6J8xDOADZql8":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":13,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":63,"crawl_stats":36,"alternatives":70,"analysis":136,"fingerprints":592},"small-package-quotes-usps-edition","Small Package Quotes – USPS Edition","1.3.12","enituretechnology","https:\u002F\u002Fprofiles.wordpress.org\u002Fenituretechnology\u002F","\u003Cp>A more connected world means more opportunities. That’s why customers count on our diverse portfolio of transportation, e-commerce, and business solutions. Our air, ground and sea networks cover more than 220 countries and territories, linking more than 99 percent of the world’s GDP.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Includes negotiated shipping rates in the shopping cart and on the checkout page.\u003C\u002Fli>\n\u003Cli>Ability to control which Usps services to display\u003C\u002Fli>\n\u003Cli>Support for variable products.\u003C\u002Fli>\n\u003Cli>Define multiple warehouses and drop ship locations\u003C\u002Fli>\n\u003Cli>Option to include residential delivery surcharge\u003C\u002Fli>\n\u003Cli>Option to mark up shipping rates by a set dollar amount or by a percentage.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Requirements\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WooCommerce 6.4 or newer.\u003C\u002Fli>\n\u003Cli>An API key from Eniture Technology.\u003C\u002Fli>\n\u003C\u002Ful>\n","Real-time small package (parcel) shipping rates from Usps. Fifteen day free trial.",10,2662,0,"2026-01-14T07:35:00.000Z","6.9.4","6.4","",[19,20,21,22,23],"eniture","parcel-quotes","parcel-rates","shipping-estimates","usps","https:\u002F\u002Feniture.com\u002Fproducts\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsmall-package-quotes-usps-edition.1.3.12.zip",97,2,"2025-08-27 00:00:00","2026-03-15T15:16:48.613Z",[31,47],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":38,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":28,"updated_date":43,"references":44,"days_to_patch":46},"CVE-2025-58218","small-package-quotes-usps-edition-authenticated-administrator-php-object-injection","Small Package Quotes – USPS Edition \u003C= 1.3.9 - Authenticated (Administrator+) PHP Object Injection","The Small Package Quotes – USPS Edition plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.3.9 via deserialization of untrusted input. This makes it possible for authenticated attackers, with administrator-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.",null,"\u003C=1.3.9","1.3.10","medium",6.6,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Deserialization of Untrusted Data","2025-09-03 21:03:33",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F17b16fa4-9ea7-4bc5-accb-8249ed7280aa?source=api-prod",8,{"id":48,"url_slug":49,"title":50,"description":51,"plugin_slug":4,"theme_slug":36,"affected_versions":52,"patched_in_version":53,"severity":54,"cvss_score":55,"cvss_vector":56,"vuln_type":57,"published_date":58,"updated_date":59,"references":60,"days_to_patch":62},"CVE-2024-13533","small-package-quotes-usps-edition-unauthenticated-sql-injection","Small Package Quotes – USPS Edition \u003C= 1.3.5 - Unauthenticated SQL Injection","The Small Package Quotes – USPS Edition plugin for WordPress is vulnerable to SQL Injection via the 'edit_id' parameter in all versions up to, and including, 1.3.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.","\u003C=1.3.5","1.3.6","high",7.5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:H\u002FI:N\u002FA:N","Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')","2025-02-18 00:00:00","2025-02-19 11:10:41",[61],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fe0e67883-1f6c-4454-8d51-96fa2d1366d7?source=api-prod",1,{"slug":7,"display_name":7,"profile_url":8,"plugin_count":64,"total_installs":65,"avg_security_score":66,"avg_patch_time_days":67,"trust_score":68,"computed_at":69},29,1090,98,11,93,"2026-04-04T19:08:53.977Z",[71,87,101,112,125],{"slug":72,"name":73,"version":74,"author":7,"author_profile":8,"description":75,"short_description":76,"active_installs":77,"downloaded":78,"rating":79,"num_ratings":62,"last_updated":80,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":81,"homepage":24,"download_link":83,"security_score":84,"vuln_count":85,"unpatched_count":13,"last_vuln_date":86,"fetched_at":29},"small-package-quotes-wwe-edition","Small Package Quotes – Worldwide Express Edition","5.3.8","\u003Cp>Worldwide Express (wwex.com ) is a third party logistics company that gives its customers access\u003Cbr \u002F>\nto UPS and over 60 LTL freight carriers through a single account relationship. The plugin retrieves\u003Cbr \u002F>\nthe UPS rates you negotiated Worldwide Express, takes action on them according to the plugin settings, and displays the\u003Cbr \u002F>\nresult as shipping charges in your WooCommerce shopping cart. To establish a Worldwide Express account call 1-800-758-7447.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Includes negotiated shipping rates in the shopping cart and on the checkout page.\u003C\u002Fli>\n\u003Cli>Ability to control which UPS small package services to display\u003C\u002Fli>\n\u003Cli>Support for variable products.\u003C\u002Fli>\n\u003Cli>Option to include residential delivery surcharge\u003C\u002Fli>\n\u003Cli>Option to mark up shipping rates by a set dollar amount or by a percentage.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Requirements\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WooCommerce 6.4 or newer.\u003C\u002Fli>\n\u003Cli>A Worldwide Express account number.\u003C\u002Fli>\n\u003Cli>Your username and password to Worldwide Express’s online shipping system.\u003C\u002Fli>\n\u003Cli>Your Worldwide Express web services authentication key.\u003C\u002Fli>\n\u003Cli>An API key from Eniture Technology.\u003C\u002Fli>\n\u003C\u002Ful>\n","Real-time small package (parcel) shipping rates from Worldwide Express. Fifteen day free trial.",90,13325,100,"2026-03-11T07:03:00.000Z",[82,20,21,22],"eniture-worldwide-express","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsmall-package-quotes-wwe-edition.5.3.8.zip",95,4,"2025-04-03 00:00:00",{"slug":88,"name":89,"version":90,"author":7,"author_profile":8,"description":91,"short_description":92,"active_installs":93,"downloaded":94,"rating":13,"num_ratings":13,"last_updated":95,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":96,"homepage":24,"download_link":98,"security_score":26,"vuln_count":99,"unpatched_count":13,"last_vuln_date":100,"fetched_at":29},"small-package-quotes-unishippers-edition","Small Package Quotes – Unishippers Edition","2.4.18","\u003Cp>A more connected world means more opportunities. That’s why customers count on our diverse portfolio of transportation, e-commerce, and business solutions. Our air, ground and sea networks cover more than 220 countries and territories, linking more than 99 percent of the world’s GDP.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Includes negotiated shipping rates in the shopping cart and on the checkout page.\u003C\u002Fli>\n\u003Cli>Ability to control which Unishippers services to display\u003C\u002Fli>\n\u003Cli>Support for variable products.\u003C\u002Fli>\n\u003Cli>Define multiple warehouses and drop ship locations\u003C\u002Fli>\n\u003Cli>Option to include residential delivery surcharge\u003C\u002Fli>\n\u003Cli>Option to mark up shipping rates by a set dollar amount or by a percentage.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Requirements\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WooCommerce 6.4 or newer.\u003C\u002Fli>\n\u003Cli>A Unishippers customer number.\u003C\u002Fli>\n\u003Cli>A Unishippers issued UPS account number.\u003C\u002Fli>\n\u003Cli>Your username and password to Unishippers.\u003C\u002Fli>\n\u003Cli>A Unishippers issued Request Key.\u003C\u002Fli>\n\u003Cli>An API key from Eniture Technology.\u003C\u002Fli>\n\u003C\u002Ful>\n","Real-time small package (parcel) shipping rates from Unishippers. Fifteen day free trial.",60,5494,"2026-03-11T06:21:00.000Z",[19,20,21,22,97],"unishippers","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsmall-package-quotes-unishippers-edition.2.4.18.zip",3,"2025-02-23 00:00:00",{"slug":102,"name":103,"version":104,"author":7,"author_profile":8,"description":105,"short_description":106,"active_installs":11,"downloaded":107,"rating":13,"num_ratings":13,"last_updated":108,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":109,"homepage":24,"download_link":111,"security_score":66,"vuln_count":62,"unpatched_count":13,"last_vuln_date":58,"fetched_at":29},"small-package-quotes-fedex-edition","Small Package Quotes – For Customers of FedEx","4.3.14","\u003Cp>ENITURE TECHNOLOGY AND THIS APPLICATION ARE NOT AFFILIATED WITH, ENDORSED, OR SUPPORTED BY FEDEX OR ANY RELATED FEDEX SERVICE.\u003C\u002Fp>\n\u003Cp>This version of Eniture Technology’s Small Package Quotes plugin retrieves your negotiated parcel rates, takes action on them according to the plugin settings, and displays the results as shipping options on the WooCommerce Cart and Checkout pages.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Includes negotiated shipping rates in the shopping cart and on the checkout page.\u003C\u002Fli>\n\u003Cli>Select which shipping services to display.\u003C\u002Fli>\n\u003Cli>Support for variable products.\u003C\u002Fli>\n\u003Cli>Define multiple warehouses and drop ship locations\u003C\u002Fli>\n\u003Cli>Option to include residential delivery surcharge\u003C\u002Fli>\n\u003Cli>Option to mark up shipping rates by a set dollar amount or by a percentage.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Requirements\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WooCommerce 6.4 or newer.\u003C\u002Fli>\n\u003Cli>A carrier provided account number.\u003C\u002Fli>\n\u003Cli>A carrier provided API password.\u003C\u002Fli>\n\u003Cli>A carrier provided Meter Number.\u003C\u002Fli>\n\u003Cli>A carrier provided web services authentication key.\u003C\u002Fli>\n\u003Cli>A license from Eniture Technology.\u003C\u002Fli>\n\u003C\u002Ful>\n","Real-time small package (parcel) shipping rates from Fedex. Fifteen day free trial.",7659,"2026-03-11T06:00:00.000Z",[110,20,21,22],"eniture-fedex","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsmall-package-quotes-fedex-edition.4.3.14.zip",{"slug":113,"name":114,"version":115,"author":7,"author_profile":8,"description":116,"short_description":117,"active_installs":11,"downloaded":118,"rating":13,"num_ratings":13,"last_updated":119,"tested_up_to":120,"requires_at_least":16,"requires_php":17,"tags":121,"homepage":24,"download_link":123,"security_score":66,"vuln_count":62,"unpatched_count":13,"last_vuln_date":124,"fetched_at":29},"small-package-quotes-purolator-edition","Small Package Quotes – Purolator Edition","3.6.7","\u003Cp>Purolator is headquartered in Mississauga, Ontario and is Canada’s premier shipping company. If you don’t have a Purolator account number, contact them at 888-744-7123, or register online( https:\u002F\u002Feshiponline.purolator.com\u002FShipOnline\u002FSecurePages\u002FPublic\u002FRegister.aspx ).\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Includes negotiated shipping rates in the shopping cart and on the checkout page.\u003C\u002Fli>\n\u003Cli>Ability to control which Purolator services to display\u003C\u002Fli>\n\u003Cli>Support for variable products.\u003C\u002Fli>\n\u003Cli>Define multiple warehouses and drop ship locations\u003C\u002Fli>\n\u003Cli>Option to include residential delivery surcharge\u003C\u002Fli>\n\u003Cli>Option to mark up shipping rates by a set dollar amount or by a percentage.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Requirements\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WooCommerce 6.4 or newer.\u003C\u002Fli>\n\u003Cli>A Purolator billing account number.\u003C\u002Fli>\n\u003Cli>A Purolator Registered Account Number.\u003C\u002Fli>\n\u003Cli>A Purolator Registered Address.\u003C\u002Fli>\n\u003Cli>A Purolator Production Key.\u003C\u002Fli>\n\u003Cli>A Purolator Production Key Password.\u003C\u002Fli>\n\u003Cli>An API key from Eniture Technology.\u003C\u002Fli>\n\u003C\u002Ful>\n","Real-time small package (parcel) shipping rates from Purolator. Fifteen day free trial.",3482,"2025-05-07T08:32:00.000Z","6.8.5",[122,20,21,22],"eniture-purolator","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsmall-package-quotes-purolator-edition.3.6.7.zip","2025-02-11 21:31:13",{"slug":126,"name":127,"version":128,"author":7,"author_profile":8,"description":129,"short_description":130,"active_installs":13,"downloaded":131,"rating":13,"num_ratings":13,"last_updated":132,"tested_up_to":15,"requires_at_least":133,"requires_php":17,"tags":134,"homepage":17,"download_link":135,"security_score":79,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":29},"real-time-shipping-quotes-for-woocommerce","Real Time Shipping Quotes for WooCommerce","2.0.0","\u003Cp>The Real Time Shipping Quotes for WooCommerce retrieves your negotiated shipping rates, takes action on them according to the plugin settings, and displays the results as shipping options during checkout. The plugin can be configured to quote parcel and LTL freight shipments. See the Providers tab for a list of supported shipping companies.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Retrieves your negotiated rates for the enabled shipping provider.\u003C\u002Fli>\n\u003Cli>Supported origins: United States and\u002For Canada depending on the capability of the enabled provider.\u003C\u002Fli>\n\u003Cli>Define multiple warehouse locations.\u003C\u002Fli>\n\u003Cli>Identify products that drop ship from vendors.\u003C\u002Fli>\n\u003Cli>Offer an option for in-store pick up based on the customer’s distance from your warehouse.\u003C\u002Fli>\n\u003Cli>Offer local delivery based on the customer’s distance from your warehouse.\u003C\u002Fli>\n\u003Cli>Option to mark up shipping rates by a set dollar amount or by a percentage.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Requirements\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WooCommerce 6.4 or newer.\u003C\u002Fli>\n\u003Cli>An established account with the shipping company or companies you intend to enable in the plugin.\u003C\u002Fli>\n\u003Cli>An API Key from Eniture Technology.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Source Code and Build Instructions\u003C\u002Fh3>\n\u003Cp>The non-minified source code for this plugin is available in our public GitHub repository. You can view, download, and contribute to the source code at the following link:\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Feniture-technology\u002FwooCommerce-real-time-shipping-quotes\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Feniture-technology\u002FwooCommerce-real-time-shipping-quotes\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>The source code directory includes:\u003Cbr \u002F>\n– \u003Cstrong>frontend\u002Fsrc\u002F\u003C\u002Fstrong>: The non-minified JavaScript and CSS files.\u003Cbr \u002F>\n– \u003Cstrong>package.json\u003C\u002Fstrong>: Contains the project dependencies and scripts.\u003Cbr \u002F>\n– \u003Cstrong>package-lock.json\u003C\u002Fstrong>: Lock file for npm dependencies.\u003Cbr \u002F>\n– \u003Cstrong>webpack.config.js\u003C\u002Fstrong>: Configuration file for webpack, used to build the minified assets.\u003C\u002Fp>\n","The Real Time Shipping Quotes for WooCommerce retrieves your negotiated shipping rates",521,"2026-03-10T11:04:00.000Z","6.9",[19,20,21,22],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Freal-time-shipping-quotes-for-woocommerce.2.0.0.zip",{"attackSurface":137,"codeSignals":420,"taintFlows":492,"riskAssessment":576,"analyzedAt":591},{"hooks":138,"ajaxHandlers":362,"restRoutes":407,"shortcodes":416,"cronEvents":417,"entryPointCount":213,"unprotectedCount":99},[139,146,150,156,159,162,164,169,173,176,179,184,189,193,198,202,206,210,214,218,222,225,228,232,236,240,244,248,251,254,259,263,267,271,274,278,282,286,290,294,297,302,306,309,313,317,321,325,329,332,334,337,342,344,348,351,354,357],{"type":140,"name":141,"callback":142,"priority":143,"file":144,"line":145},"action","admin_print_scripts","en_usps_order_script",50,"admin\\order\\en-order-script.php",28,{"type":140,"name":147,"callback":148,"priority":11,"file":149,"line":145},"woocommerce_order_actions","en_order_actions","admin\\order\\en-order-widget.php",{"type":151,"name":152,"callback":153,"file":154,"line":155},"filter","En_Plugins_dropship_filter","en_compatible_other_eniture_plugins","admin\\product\\en-product-detail.php",46,{"type":151,"name":157,"callback":153,"file":154,"line":158},"En_Plugins_variable_freight_classification_filter",47,{"type":151,"name":160,"callback":153,"file":154,"line":161},"en_insurance_filter",48,{"type":151,"name":160,"callback":153,"file":154,"line":163},53,{"type":140,"name":165,"callback":166,"priority":167,"file":154,"line":168},"woocommerce_product_options_shipping","en_show_product_fields",101,58,{"type":140,"name":170,"callback":171,"priority":167,"file":154,"line":172},"woocommerce_process_product_meta","en_save_product_fields",59,{"type":140,"name":174,"callback":166,"priority":167,"file":154,"line":175},"woocommerce_product_after_variable_attributes",62,{"type":140,"name":177,"callback":171,"priority":167,"file":154,"line":178},"woocommerce_save_product_variation",63,{"type":151,"name":180,"callback":180,"priority":181,"file":182,"line":183},"en_usps_reason_quotes_not_returned",99,"admin\\tab\\connection-settings\\en-connection-settings.php",71,{"type":151,"name":185,"callback":186,"priority":143,"file":187,"line":188},"woocommerce_settings_tabs_array","add_settings_tab","admin\\tab\\en-tab.php",26,{"type":151,"name":190,"callback":190,"priority":11,"file":191,"line":192},"en_woo_addons_box_sizing_flat_rate_text_fields_arr","admin\\tab\\sbs\\en-sbs.php",14,{"type":151,"name":194,"callback":195,"priority":11,"file":196,"line":197},"woocommerce_product_export_product_column_en_nickname","en_nickname","common\\en-csv.php",15,{"type":151,"name":199,"callback":200,"priority":11,"file":196,"line":201},"woocommerce_product_export_product_column_en_city","en_city",16,{"type":151,"name":203,"callback":204,"priority":11,"file":196,"line":205},"woocommerce_product_export_product_column_en_state","en_state",17,{"type":151,"name":207,"callback":208,"priority":11,"file":196,"line":209},"woocommerce_product_export_product_column_en_zip","en_zip",18,{"type":151,"name":211,"callback":212,"priority":11,"file":196,"line":213},"woocommerce_product_export_product_column_en_country","en_country",19,{"type":151,"name":215,"callback":216,"priority":11,"file":196,"line":217},"woocommerce_product_export_product_column_en_product_freight_class","en_product_freight_class",22,{"type":151,"name":219,"callback":220,"priority":11,"file":196,"line":221},"woocommerce_product_export_product_column_en_product_freight_class_variation","en_product_freight_class_variation",23,{"type":151,"name":223,"callback":224,"priority":11,"file":196,"line":188},"woocommerce_product_export_column_names","en_add_export_column",{"type":151,"name":226,"callback":224,"priority":11,"file":196,"line":227},"woocommerce_product_export_product_default_columns",27,{"type":140,"name":229,"callback":230,"file":231,"line":155},"admin_notices","en_show_for_notices","common\\en-guard.php",{"type":140,"name":233,"callback":234,"file":231,"line":235},"woocommerce_loaded","en_check_woocommerce_for_version",115,{"type":151,"name":237,"callback":238,"priority":11,"file":239,"line":145},"en_register_activation_hook","en_get_current_plan","common\\en-plans.php",{"type":151,"name":241,"callback":242,"priority":11,"file":239,"line":243},"usps_plans_notification_link","en_notification",30,{"type":151,"name":245,"callback":246,"priority":11,"file":239,"line":247},"usps_plans_suscription_and_features","en_plans",31,{"type":151,"name":237,"callback":249,"priority":11,"file":250,"line":247},"create_table","db\\en-warehouse.php",{"type":151,"name":237,"callback":252,"priority":11,"file":250,"line":253},"create_usps_small_shipping_rules_table",32,{"type":140,"name":255,"callback":256,"file":257,"line":258},"admin_enqueue_scripts","eniture_usps_admin_enqueue_scripts","en-install.php",96,{"type":140,"name":260,"callback":261,"file":257,"line":262},"wp_enqueue_scripts","eniture_usps_frontend_enqueue_scripts",111,{"type":151,"name":264,"callback":265,"priority":11,"file":257,"line":266},"woocommerce_get_settings_pages","eniture_usps_shipping_sections",130,{"type":151,"name":268,"callback":269,"priority":11,"file":257,"line":270},"plugin_action_links","eniture_usps_freight_action_links",157,{"type":140,"name":141,"callback":272,"file":257,"line":273},"eniture_usps_admin_inline_js",174,{"type":151,"name":275,"callback":276,"priority":11,"file":257,"line":277},"woocommerce_shipping_methods","eniture_usps_add_shipping_app",214,{"type":151,"name":279,"callback":280,"file":257,"line":281},"woocommerce_cart_no_shipping_available_html","eniture_none_shipping_rates",229,{"type":151,"name":283,"callback":284,"priority":11,"file":257,"line":285},"en_app_common_plan_status","eniture_usps_plan_status",260,{"type":151,"name":287,"callback":288,"priority":181,"file":257,"line":289},"woocommerce_package_rates","eniture_usps_hide_shipping",328,{"type":151,"name":291,"callback":292,"priority":11,"file":257,"line":293},"en_shipping_applications","eniture_usps_shipping_applications",342,{"type":151,"name":229,"callback":295,"file":257,"line":296},"eniture_usps_admin_notices",362,{"type":140,"name":298,"callback":299,"priority":300,"file":257,"line":301},"woocommerce_proceed_to_checkout","woocommerce_button_proceed_to_checkout",20,386,{"type":151,"name":279,"callback":303,"priority":304,"file":257,"line":305},"eniture_usps_error_message",999,399,{"type":151,"name":307,"callback":303,"priority":304,"file":257,"line":308},"woocommerce_no_shipping_available_html",400,{"type":151,"name":310,"callback":311,"file":257,"line":312},"woocommerce_product_importer_parsed_data","en_import_dropship_location_csv",532,{"type":151,"name":314,"callback":315,"file":257,"line":316},"en_plugins","eniture_usps_plugin",596,{"type":140,"name":318,"callback":319,"priority":11,"file":257,"line":320},"upgrader_process_complete","eniture_usps_update_warehouse_db",633,{"type":140,"name":322,"callback":323,"file":257,"line":324},"rest_api_init","eniture_rest_api_init_status_usps",681,{"type":140,"name":326,"callback":327,"priority":11,"file":328,"line":188},"woocommerce_thankyou","en_woocommerce_thankyou","server\\common\\en-order-export.php",{"type":140,"name":330,"callback":331,"file":328,"line":227},"init","en_orders_ids",{"type":140,"name":333,"callback":333,"file":328,"line":145},"en_async_orders_exporting_process",{"type":151,"name":335,"callback":336,"priority":11,"file":328,"line":64},"cron_schedules","en_async_cron_schedule",{"type":140,"name":338,"callback":339,"file":340,"line":341},"woocommerce_shipping_init","eniture_usps_shipping_rates","server\\en-shipping-rates.php",25,{"type":151,"name":287,"callback":343,"priority":11,"file":340,"line":77},"en_sort_woocommerce_available_shipping_methods",{"type":151,"name":345,"callback":346,"priority":11,"file":340,"line":347},"en_usps_package_converter","en_recently_package_converter",144,{"type":151,"name":349,"callback":349,"file":340,"line":350},"en_eniture_shipment",181,{"type":151,"name":180,"callback":180,"priority":181,"file":352,"line":353},"server\\package\\en-package.php",262,{"type":151,"name":355,"callback":355,"priority":11,"file":352,"line":356},"en_fdo_image_urls_merge",340,{"type":140,"name":358,"callback":359,"file":360,"line":361},"before_woocommerce_init","closure","small-package-quotes-usps-edition.php",21,[363,368,369,372,373,376,378,380,384,385,388,389,393,394,397,398,401,405],{"action":364,"nopriv":365,"callback":364,"hasNonce":366,"hasCapCheck":366,"file":367,"line":227},"en_usps_admin_order_quotes",true,false,"admin\\order\\en-order-rates.php",{"action":364,"nopriv":366,"callback":364,"hasNonce":366,"hasCapCheck":366,"file":367,"line":145},{"action":370,"nopriv":365,"callback":370,"hasNonce":365,"hasCapCheck":365,"file":371,"line":145},"en_usps_test_connection","admin\\tab\\connection-settings\\en-connection-ajax.php",{"action":370,"nopriv":366,"callback":370,"hasNonce":365,"hasCapCheck":365,"file":371,"line":64},{"action":374,"nopriv":366,"callback":374,"hasNonce":365,"hasCapCheck":365,"file":375,"line":213},"en_usps_location_save_form_data","admin\\tab\\location\\includes\\en-location-ajax.php",{"action":377,"nopriv":366,"callback":377,"hasNonce":365,"hasCapCheck":365,"file":375,"line":300},"en_usps_get_location",{"action":379,"nopriv":366,"callback":379,"hasNonce":365,"hasCapCheck":365,"file":375,"line":361},"en_usps_location_delete_row",{"action":381,"nopriv":365,"callback":382,"hasNonce":365,"hasCapCheck":365,"file":383,"line":209},"en_usps_save_shipping_rule","save_shipping_rule_usps_ajax","admin\\tab\\shipping-rules\\shipping-rules-save.php",{"action":381,"nopriv":366,"callback":382,"hasNonce":365,"hasCapCheck":365,"file":383,"line":213},{"action":386,"nopriv":365,"callback":387,"hasNonce":365,"hasCapCheck":365,"file":383,"line":361},"en_usps_edit_shipping_rule","edit_shipping_rule_usps_ajax",{"action":386,"nopriv":366,"callback":387,"hasNonce":365,"hasCapCheck":365,"file":383,"line":217},{"action":390,"nopriv":365,"callback":391,"hasNonce":365,"hasCapCheck":365,"file":383,"line":392},"en_usps_delete_shipping_rule","delete_shipping_rule_usps_ajax",24,{"action":390,"nopriv":366,"callback":391,"hasNonce":365,"hasCapCheck":365,"file":383,"line":341},{"action":395,"nopriv":365,"callback":396,"hasNonce":365,"hasCapCheck":365,"file":383,"line":227},"en_usps_update_shipping_rule_status","update_shipping_rule_status_usps_ajax",{"action":395,"nopriv":366,"callback":396,"hasNonce":365,"hasCapCheck":365,"file":383,"line":145},{"action":399,"nopriv":366,"callback":238,"hasNonce":366,"hasCapCheck":365,"file":239,"line":400},"en_usps_get_current_plan",33,{"action":402,"nopriv":365,"callback":403,"hasNonce":365,"hasCapCheck":365,"file":257,"line":404},"usps_fd","eniture_usps_fd_api",636,{"action":402,"nopriv":366,"callback":403,"hasNonce":365,"hasCapCheck":365,"file":257,"line":406},637,[408],{"namespace":409,"route":410,"methods":411,"callback":413,"permissionCallback":414,"file":257,"line":415},"fdo-company-id","\u002Fupdate-status",[412],"POST","eniture_usps_fdo_data_status","__return_true",684,[],[418],{"hook":333,"callback":333,"file":328,"line":419},117,{"dangerousFunctions":421,"sqlUsage":422,"outputEscaping":433,"fileOperations":13,"externalRequests":27,"nonceChecks":490,"capabilityChecks":213,"bundledLibraries":491},[],{"prepared":253,"raw":85,"locations":423},[424,427,429,431],{"file":425,"line":197,"context":426},"admin\\tab\\shipping-rules\\shipping-rules-template.php","$wpdb->get_results() with variable interpolation",{"file":196,"line":428,"context":426},256,{"file":257,"line":430,"context":426},545,{"file":352,"line":432,"context":426},765,{"escaped":434,"rawEcho":64,"locations":435},211,[436,438,440,442,444,446,447,449,451,453,454,456,458,460,462,464,466,467,469,471,473,475,477,479,481,482,484,486,488],{"file":367,"line":93,"context":437},"raw output",{"file":367,"line":439,"context":437},68,{"file":371,"line":441,"context":437},37,{"file":443,"line":428,"context":437},"admin\\tab\\location\\en-location.php",{"file":443,"line":445,"context":437},257,{"file":375,"line":64,"context":437},{"file":375,"line":448,"context":437},38,{"file":375,"line":450,"context":437},44,{"file":375,"line":452,"context":437},52,{"file":375,"line":168,"context":437},{"file":375,"line":455,"context":437},105,{"file":375,"line":457,"context":437},118,{"file":375,"line":459,"context":437},127,{"file":375,"line":461,"context":437},147,{"file":375,"line":463,"context":437},162,{"file":375,"line":465,"context":437},235,{"file":383,"line":448,"context":437},{"file":383,"line":468,"context":437},76,{"file":383,"line":470,"context":437},87,{"file":383,"line":472,"context":437},102,{"file":383,"line":474,"context":437},113,{"file":383,"line":476,"context":437},121,{"file":383,"line":478,"context":437},132,{"file":383,"line":480,"context":437},145,{"file":425,"line":452,"context":437},{"file":425,"line":483,"context":437},56,{"file":239,"line":485,"context":437},42,{"file":257,"line":487,"context":437},644,{"file":257,"line":489,"context":437},678,9,[],[493,510,518,530,539,555,568],{"entryPoint":494,"graph":495,"unsanitizedCount":62,"severity":509},"save (admin\\tab\\en-tab.php:165)",{"nodes":496,"edges":507},[497,502],{"id":498,"type":499,"label":500,"file":187,"line":501},"n0","source","$_POST[$field]",176,{"id":503,"type":504,"label":505,"file":187,"line":501,"wp_function":506},"n1","sink","update_option() [Settings Manipulation]","update_option",[508],{"from":498,"to":503,"sanitized":366},"low",{"entryPoint":511,"graph":512,"unsanitizedCount":62,"severity":509},"\u003Cen-tab> (admin\\tab\\en-tab.php:0)",{"nodes":513,"edges":516},[514,515],{"id":498,"type":499,"label":500,"file":187,"line":501},{"id":503,"type":504,"label":505,"file":187,"line":501,"wp_function":506},[517],{"from":498,"to":503,"sanitized":366},{"entryPoint":519,"graph":520,"unsanitizedCount":13,"severity":509},"save_shipping_rule_usps_ajax (admin\\tab\\shipping-rules\\shipping-rules-save.php:35)",{"nodes":521,"edges":528},[522,524],{"id":498,"type":499,"label":523,"file":383,"line":155},"$_POST",{"id":503,"type":504,"label":525,"file":383,"line":526,"wp_function":527},"get_results() [SQLi]",49,"get_results",[529],{"from":498,"to":503,"sanitized":365},{"entryPoint":531,"graph":532,"unsanitizedCount":13,"severity":509},"edit_shipping_rule_usps_ajax (admin\\tab\\shipping-rules\\shipping-rules-save.php:84)",{"nodes":533,"edges":537},[534,536],{"id":498,"type":499,"label":523,"file":383,"line":535},92,{"id":503,"type":504,"label":525,"file":383,"line":68,"wp_function":527},[538],{"from":498,"to":503,"sanitized":365},{"entryPoint":540,"graph":541,"unsanitizedCount":13,"severity":509},"\u003Cshipping-rules-save> (admin\\tab\\shipping-rules\\shipping-rules-save.php:0)",{"nodes":542,"edges":552},[543,545,546,548],{"id":498,"type":499,"label":544,"file":383,"line":155},"$_POST (x2)",{"id":503,"type":504,"label":525,"file":383,"line":526,"wp_function":527},{"id":547,"type":499,"label":523,"file":383,"line":155},"n2",{"id":549,"type":504,"label":550,"file":383,"line":472,"wp_function":551},"n3","echo() [XSS]","echo",[553,554],{"from":498,"to":503,"sanitized":365},{"from":547,"to":549,"sanitized":365},{"entryPoint":556,"graph":557,"unsanitizedCount":13,"severity":509},"\u003Cen-install> (en-install.php:0)",{"nodes":558,"edges":566},[559,562],{"id":498,"type":499,"label":560,"file":257,"line":561},"$_SERVER",715,{"id":503,"type":504,"label":563,"file":257,"line":564,"wp_function":565},"get_row() [SQLi]",723,"get_row",[567],{"from":498,"to":503,"sanitized":365},{"entryPoint":569,"graph":570,"unsanitizedCount":62,"severity":54},"eniture_usps_fdo_va_update_status_authenticate (en-install.php:713)",{"nodes":571,"edges":574},[572,573],{"id":498,"type":499,"label":560,"file":257,"line":561},{"id":503,"type":504,"label":563,"file":257,"line":564,"wp_function":565},[575],{"from":498,"to":503,"sanitized":366},{"summary":577,"deductions":578},"The \"small-package-quotes-usps-edition\" v1.3.12 plugin exhibits a mixed security posture. While it generally adheres to good practices with a high percentage of prepared SQL statements and properly escaped output, there are notable concerns. The attack surface is relatively large with 19 entry points, and critically, 3 of these (18% of AJAX handlers and 1 REST API route) lack authentication or permission checks, creating potential access points for unauthorized actions. Taint analysis revealed a high-severity flow with unsanitized data, indicating a potential for exploitation.  The plugin's vulnerability history, with 2 known CVEs including a high and medium severity flaw, suggests a past pattern of security weaknesses, particularly related to deserialization and SQL injection. Although there are currently no unpatched vulnerabilities, the historical context and the findings from the static analysis warrant caution. The plugin demonstrates strengths in its use of prepared statements and output escaping, but the unprotected entry points and past vulnerability trends highlight areas needing immediate attention and ongoing monitoring.",[579,581,584,587,589],{"reason":580,"points":11},"Unprotected AJAX handlers",{"reason":582,"points":583},"Unprotected REST API route",5,{"reason":585,"points":586},"High severity taint flow",12,{"reason":588,"points":197},"Past high severity CVE",{"reason":590,"points":46},"Past medium severity CVE","2026-03-17T00:01:31.169Z",{"wat":593,"direct":622},{"assetPaths":594,"generatorPatterns":607,"scriptPaths":608,"versionParams":609},[595,596,597,598,599,600,601,602,603,604,605,606],"\u002Fwp-content\u002Fplugins\u002Fsmall-package-quotes-usps-edition\u002Fadmin\u002Ftab\u002Flocation\u002Fassets\u002Fjs\u002Fen-usps-tagging.js","\u002Fwp-content\u002Fplugins\u002Fsmall-package-quotes-usps-edition\u002Fadmin\u002Fassets\u002Fen-usps-admin.js","\u002Fwp-content\u002Fplugins\u002Fsmall-package-quotes-usps-edition\u002Fadmin\u002Fassets\u002Fen-wicked-picker.js","\u002Fwp-content\u002Fplugins\u002Fsmall-package-quotes-usps-edition\u002Fadmin\u002Fassets\u002Fen-wicked-picker.css","\u002Fwp-content\u002Fplugins\u002Fsmall-package-quotes-usps-edition\u002Fadmin\u002Ftab\u002Flocation\u002Fassets\u002Fjs\u002Fen-usps-location.js","\u002Fwp-content\u002Fplugins\u002Fsmall-package-quotes-usps-edition\u002Fadmin\u002Ftab\u002Flocation\u002Fassets\u002Fcss\u002Fen-usps-location.css","\u002Fwp-content\u002Fplugins\u002Fsmall-package-quotes-usps-edition\u002Fadmin\u002Fassets\u002Fen-usps-admin.css","\u002Fwp-content\u002Fplugins\u002Fsmall-package-quotes-usps-edition\u002Fadmin\u002Ftab\u002Flogs\u002Fen-json-tree-view\u002Fen-jtv-script.js","\u002Fwp-content\u002Fplugins\u002Fsmall-package-quotes-usps-edition\u002Fadmin\u002Ftab\u002Flogs\u002Fen-json-tree-view\u002Fen-jtv-style.css","\u002Fwp-content\u002Fplugins\u002Fsmall-package-quotes-usps-edition\u002Fadmin\u002Ftab\u002Fshipping-rules\u002Fassets\u002Fjs\u002Fshipping_rules.js","\u002Fwp-content\u002Fplugins\u002Fsmall-package-quotes-usps-edition\u002Fadmin\u002Ftab\u002Fshipping-rules\u002Fassets\u002Fcss\u002Fshipping_rules.css","\u002Fwp-content\u002Fplugins\u002Fsmall-package-quotes-usps-edition\u002Fadmin\u002Fassets\u002Fen-usps-frontend.js",[],[],[610,611,612,613,614,615,616,617,618,619,620,621],"en-usps-tagging.js?ver=","en-usps-admin.js?ver=","en-wicked-picker.js?ver=","en-wicked-picker.css?ver=","en-usps-location.js?ver=","en-usps-location.css?ver=","en-usps-admin.css?ver=","en-jtv-script.js?ver=","en-jtv-style.css?ver=","shipping_rules.js?ver=","shipping_rules.css?ver=","en-usps-frontend.js?ver=",{"cssClasses":623,"htmlComments":625,"htmlAttributes":626,"restEndpoints":628,"jsGlobals":629,"shortcodeOutput":634},[624],"en-usps-shipping-rules",[],[627],"data-en-usps-sr-nonce",[],[630,631,632,633],"en_usps_admin_script","en_usps_location_script","en_usps_sr_script","EN_USPS_DIR_FILE",[]]