[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f1C9QygNbNRn3tVibUEtlNXQEFT3CLVcG4jVXboN9tBE":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":47,"crawl_stats":37,"alternatives":51,"analysis":72,"fingerprints":305},"smsa-shipping-official","SMSA Shipping (official)","2.4","SMSA Express","https:\u002F\u002Fprofiles.wordpress.org\u002Fsmsaexpress\u002F","\u003Cp>Easily integrate SMSA with WooCommerce to handle shipping logistics, generate AWB, and track orders in real-time.\u003C\u002Fp>\n\u003Cp>It’s the golden rule, whether selling online, at a bricks and mortar shop or through a chain of superstores.\u003C\u002Fp>\n\u003Cp>At SMSA, we value clientele the same way, so we understand the link between exceptional service and a loyal customer base. Our first-class service lets you pass on benefits to your patrons.\u003C\u002Fp>\n\u003Cp>Our network of outlets across the world is a simple, fast and cost-effective way of moving goods around the country. Our global partnerships and customs expertise simplifies and speeds up the process of importing the products your customers want.\u003C\u002Fp>\n\u003Cp>We help stores big and small manage the flow of products in from suppliers and out to consumers with automated shipping solutions and supply chain management. These days, more and more sales happen online. Customers expect customized shipping at their virtual checkout. We help strengthen a store’s online brand with built-in shipping and tracking software, adapted to suit your business.\u003C\u002Fp>\n\u003Cp>Some of the ways we serve the retail\u002Fe-commerce sector :\u003C\u002Fp>\n\u003Cul>\n\u003Cli>A worldwide network of outlets for fast, economical delivery.\u003C\u002Fli>\n\u003Cli>Supply chain management.\u003C\u002Fli>\n\u003Cli>In-store logistics.\u003C\u002Fli>\n\u003Cli>Customizable, user-friendly shipping software.\u003C\u002Fli>\n\u003Cli>Real-time tracking and status reports.\u003C\u002Fli>\n\u003Cli>Customs clearance and import expertise for international products.\u003C\u002Fli>\n\u003Cli>The fast, professional shipping service your customers deserve.\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin integrates SMSA Express Shipping for easy shipment tracking and management.",400,7387,60,6,"2025-04-16T13:07:00.000Z","6.8.5","5.3","7.0",[20,21,22,23],"ship-and-print","shipping-solution","smsa-express-shipping","woocommerce-shipping-addon","https:\u002F\u002Fwww.smsaexpress.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsmsa-shipping-official.2.4.zip",98,1,0,"2024-12-20 18:45:53","2026-03-15T15:16:48.613Z",[32],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":6,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":29,"updated_date":43,"references":44,"days_to_patch":46},"CVE-2024-12066","smsa-shippingofficial-authenticated-subscriber-arbitrary-file-deletion","SMSA Shipping(official) \u003C= 2.3 - Authenticated (Subscriber+) Arbitrary File Deletion","The SMSA Shipping(official) plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the smsa_delete_label() function in all versions up to, and including, 2.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). CVE-2024-49249 is likely a duplicate of this issue.",null,"\u003C=2.3","high",8.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","External Control of File Name or Path","2025-01-30 16:44:51",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F29d72347-ba49-45c6-a964-2c75064ac866?source=api-prod",41,{"slug":48,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":46,"trust_score":49,"computed_at":50},"smsaexpress",87,"2026-04-04T10:51:29.611Z",[52],{"slug":53,"name":54,"version":55,"author":56,"author_profile":57,"description":58,"short_description":59,"active_installs":11,"downloaded":60,"rating":61,"num_ratings":62,"last_updated":63,"tested_up_to":16,"requires_at_least":64,"requires_php":18,"tags":65,"homepage":70,"download_link":71,"security_score":61,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"easyparcel-shipping","EasyParcel Shipping– All-in-one Shipping Solution, Real-Time Shipping Rates","1.0.39","EasyParcel","https:\u002F\u002Fprofiles.wordpress.org\u002Feasyparcel\u002F","\u003Ch4>THE #1 ALL-IN-ONE WOOCOMMERCE SHIPPING SOLUTION WITH CHEAPEST COURIER OPTIONS & REAL-TIME SHIPPING RATES FOR MALAYSIA AND SINGAPORE\u003C\u002Fh4>\n\u003Cp>EasyParcel, the leading courier service booking platform in Malaysia and Singapore, makes your delivery easy — Delivery Made Easy!\u003C\u002Fp>\n\u003Ch3>Privacy & Data Collection\u003C\u002Fh3>\n\u003Cp>To provide our shipping services, EasyParcel collects and processes the following information:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Email address:\u003C\u002Fstrong> Used for account management, order notifications, and customer support\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Phone number:\u003C\u002Fstrong> Required for delivery coordination and shipping updates\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Store name:\u003C\u002Fstrong> Used to identify your business account\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Store URL:\u003C\u002Fstrong> Connects your WooCommerce store with EasyParcel services\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Country:\u003C\u002Fstrong> Determines available shipping options and courier services\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This information is necessary to facilitate shipping services, generate shipping labels, and provide tracking updates. For more details on how we handle your data, please refer to our \u003Ca href=\"https:\u002F\u002Feasyparcel.com\u002Fmy\u002Fprivacy\u002F\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Notice: Plugin enhancement in Version 1.0.22\u003C\u002Fh3>\n\u003Cp>✅ If you’re experiencing this issue, please update to the latest version, 1.0.22, which includes a fix and other improvements.\u003Cbr \u002F>\n🚫 We strongly advise against using versions 1.0.18 to 1.0.21 to avoid potential disruptions.\u003C\u002Fp>\n\u003Cp>To update, go to your WordPress Dashboard \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Plugins \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> EasyParcel Shipping \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Update, or download the latest version from the official repository.\u003C\u002Fp>\n\u003Ch3>🗝 Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Cheapest Courier Option:\u003C\u002Fstrong> Showcase affordable courier option at checkout to reduce shipping costs and enhance customer satisfaction.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Real-time Shipping Rates:\u003C\u002Fstrong> Provide live shipping rates from EasyParcel, ensuring accurate pricing at checkout without manual updates.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Custom Shipping Rates:\u003C\u002Fstrong> Empower tailored shipping rates for buyers, ensuring flexibility and control over costs.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Auto Bulk Order Fulfillment:\u003C\u002Fstrong> Streamline bulk order fulfillment with preferred couriers, saving time and effort.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Custom Shipping Zone Setting:\u003C\u002Fstrong> Configure unique shipping settings for different zones to optimize strategies based on location.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Free Shipping Conditions:\u003C\u002Fstrong> Enable specific conditions for free shipping, encouraging larger purchases and boosting loyalty.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🌟 Extra Exclusive Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Feasyparcel.com\u002Fmy\u002F\" rel=\"nofollow ugc\">24\u002F7 Quote and Book\u003C\u002Fa>:\u003C\u002Fstrong> Quote and book deliveries anytime, day or night.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Feasyparcel.com\u002Fmy\u002Fquote\u002F\" rel=\"nofollow ugc\">60+ Instant Rate Comparison\u003C\u002Fa>:\u003C\u002Fstrong> Compare 60+ courier rates instantly for the best deal.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Feasyparcel.com\u002Fmy\u002Feasytrack\u002F\" rel=\"nofollow ugc\">End-to-end Tracking\u003C\u002Fa>:\u003C\u002Fstrong> Track your parcels from start to finish for peace of mind.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fapp.easyparcel.com\u002Fmy\u002Fen\u002Fmarketing-tools\u002Fbranding\u002Fawb\u002F\" rel=\"nofollow ugc\">Custom Branding\u003C\u002Fa>:\u003C\u002Fstrong> Boost brand awareness with personalized shipping labels, tracking page, SMS, and email notifications.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Feasyparcel.com\u002Fmy\u002Fintegration-list\u002F\" rel=\"nofollow ugc\">Seamless Integration\u003C\u002Fa>:\u003C\u002Fstrong> Effortlessly integrates with 40+ platforms for quick setup and easy use.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fapp.easyparcel.com\u002Fmy\u002Fen\u002Faccount\u002Fauto-topup\" rel=\"nofollow ugc\">Auto Topup\u003C\u002Fa>:\u003C\u002Fstrong> Automatically replenishes shipping credits to ensure uninterrupted service.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Feasyparcel.com\u002Fmy\u002Fquote\u002F\" rel=\"nofollow ugc\">Pay As You Go\u003C\u002Fa>:\u003C\u002Fstrong> Start shipping with no minimum spend or subscription fees.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Feasyparcel.com\u002Fmy\u002Ftracking-whatsapp\u002F\" rel=\"nofollow ugc\">Tracking Number Notification\u003C\u002Fa>:\u003C\u002Fstrong> Sends automatic notifications to customers with tracking numbers for enhanced transparency.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Feasyparcel.com\u002Fmy\u002Feasycover\u002F\" rel=\"nofollow ugc\">Extra Parcel Protection\u003C\u002Fa>:\u003C\u002Fstrong> Offers additional coverage for shipments, minimizing the risk of loss.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fapp.easyparcel.com\u002Fmy\u002Fen\u002Fbulk-express\u002F\" rel=\"nofollow ugc\">Bulk Order Express\u003C\u002Fa>:\u003C\u002Fstrong> Accelerates the fulfillment process for large orders, ensuring timely delivery.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Feasyparcel.com\u002Fmy\u002Feasytrack\u002F\" rel=\"nofollow ugc\">Proof of Delivery (ePOD)\u003C\u002Fa>:\u003C\u002Fstrong> Provides verifiable confirmation of successful deliveries, enhancing accountability.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Feasyparcel.com\u002Fmy\u002Fquote\u002F\" rel=\"nofollow ugc\">Auto-generated Shipping Labels\u003C\u002Fa>:\u003C\u002Fstrong> Create shipping labels instantly with minimal effort.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fapp.easyparcel.com\u002Fmy\u002Fen\u002Fcontact-us\u002F\" rel=\"nofollow ugc\">1-on-1 Premium Support\u003C\u002Fa>:\u003C\u002Fstrong> Get expert help whenever you need it.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>❤️ Why EasyParcel?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Enhances Customer Satisfaction:\u003C\u002Fstrong> Access to the cheapest courier options ensures affordable shipping choices at checkout.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Increases Flexibility:\u003C\u002Fstrong> Set custom shipping rates to meet diverse customer needs and preferences.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Saves Time and Effort:\u003C\u002Fstrong> Automate bulk order fulfillment, allowing focus on business growth instead of manual processing.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Optimizes Shipping Strategies:\u003C\u002Fstrong> Customize shipping zone settings to offer competitive rates based on geographic locations.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Encourages Larger Purchases:\u003C\u002Fstrong> Set conditions for free shipping to boost average order value and foster customer loyalty.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Provides Accurate Pricing:\u003C\u002Fstrong> Real-time shipping rates eliminate manual updates, enhancing trust and reducing cart abandonment.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Enhances Customer Satisfaction:\u003C\u002Fstrong> Tracking number notifications keep customers informed, improving transparency and satisfaction.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Expedites Order Processing:\u003C\u002Fstrong> Bulk Order Express accelerates the fulfillment of large orders, ensuring timely delivery for high-volume sales.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Effortless Setup:\u003C\u002Fstrong> Seamless integration with 40+ platforms allow for quick and easy implementation without technical hassles.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Simplifies Account Management:\u003C\u002Fstrong> Auto top-up functionality ensures uninterrupted service by automatically replenishing your shipping credits.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>☎️ Support\u003C\u002Fh3>\n\u003Cp>Visit our \u003Ca href=\"https:\u002F\u002Feasyparcel.com\" rel=\"nofollow ugc\">website\u003C\u002Fa> for more information and promotion.\u003C\u002Fp>\n\u003Cp>For support inquiries, contact our team at \u003Ca href=\"mailto:support@easyparcel.com\" rel=\"nofollow ugc\">support@easyparcel.com\u003C\u002Fa>.\u003C\u002Fp>\n","Seamless WooCommerce shipping solution, cheapeast courier options, real-time shipping rates for Malaysia and Singapore.",6382,100,2,"2026-02-24T03:20:00.000Z","4.7",[66,67,21,68,69],"bulk-shipping","easyparcel","woocommerce","woocommerce-shipping","https:\u002F\u002Feasyparcel.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasyparcel-shipping.1.0.39.zip",{"attackSurface":73,"codeSignals":157,"taintFlows":234,"riskAssessment":290,"analyzedAt":304},{"hooks":74,"ajaxHandlers":138,"restRoutes":153,"shortcodes":154,"cronEvents":155,"entryPointCount":156,"unprotectedCount":62},[75,81,85,90,94,99,103,106,111,115,119,123,127,131,135],{"type":76,"name":77,"callback":78,"file":79,"line":80},"action","admin_menu","register_smsa_shipping_menu_page","smsa-express-shipping-class.php",7,{"type":76,"name":82,"callback":83,"file":79,"line":84},"woocommerce_shipping_init","smsa_shipping_method",116,{"type":86,"name":87,"callback":88,"file":79,"line":89},"filter","woocommerce_shipping_methods","smsa_add_smsa_shipping_method",128,{"type":86,"name":91,"callback":92,"file":79,"line":93},"woocommerce_checkout_fields","smsa_bbloomer_shipping_phone_checkout",134,{"type":76,"name":95,"callback":96,"file":97,"line":98},"activated_plugin","smsa_activation_redirect","smsa-express-shipping.php",30,{"type":76,"name":100,"callback":101,"file":97,"line":102},"admin_enqueue_scripts","smsa_enqueue_assets",72,{"type":76,"name":77,"callback":104,"file":97,"line":105},"smsa_register_hidden_pages",75,{"type":86,"name":107,"callback":108,"priority":109,"file":97,"line":110},"woocommerce_my_account_my_orders_actions","smsa_sv_add_my_account_order_actions",10,296,{"type":76,"name":112,"callback":113,"file":97,"line":114},"woocommerce_after_account_orders","smsa_action_after_account_orders_js",309,{"type":76,"name":116,"callback":117,"priority":109,"file":97,"line":118},"woocommerce_new_order","register_smsa_awb_meta_field",333,{"type":76,"name":120,"callback":121,"file":97,"line":122},"woocommerce_admin_order_data_after_order_details","add_smsa_awb_no_custom_field",342,{"type":76,"name":124,"callback":125,"file":97,"line":126},"woocommerce_process_shop_order_meta","save_smsa_awb_no_custom_field",359,{"type":76,"name":128,"callback":129,"file":97,"line":130},"init","register_shipped_order_status",366,{"type":86,"name":132,"callback":133,"file":97,"line":134},"wc_order_statuses","add_shipped_to_order_statuses",384,{"type":76,"name":100,"callback":136,"file":97,"line":137},"enqueue_admin_scripts_and_styles",419,[139,144,148],{"action":140,"nopriv":141,"callback":142,"hasNonce":141,"hasCapCheck":141,"file":97,"line":143},"print_all_label",false,"smsa_print_all_label",109,{"action":145,"nopriv":141,"callback":146,"hasNonce":141,"hasCapCheck":141,"file":97,"line":147},"generate_label","smsa_generate_label",209,{"action":149,"nopriv":141,"callback":150,"hasNonce":151,"hasCapCheck":151,"file":97,"line":152},"delete_label","smsa_delete_label",true,245,[],[],[],3,{"dangerousFunctions":158,"sqlUsage":159,"outputEscaping":161,"fileOperations":225,"externalRequests":226,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":227},[],{"prepared":28,"raw":28,"locations":160},[],{"escaped":162,"rawEcho":98,"locations":163},235,[164,168,171,173,176,178,180,182,184,186,188,190,192,195,197,199,201,203,205,207,209,211,212,214,215,217,219,221,222,224],{"file":165,"line":166,"context":167},"create_C2Bshipment.php",105,"raw output",{"file":169,"line":170,"context":167},"fpdf\\fpdf.php",1008,{"file":169,"line":172,"context":167},1017,{"file":174,"line":175,"context":167},"fpdf\\makefont\\makefont.php",17,{"file":174,"line":177,"context":167},18,{"file":174,"line":179,"context":167},23,{"file":174,"line":181,"context":167},24,{"file":97,"line":183,"context":167},198,{"file":97,"line":185,"context":167},203,{"file":97,"line":187,"context":167},230,{"file":97,"line":189,"context":167},234,{"file":97,"line":191,"context":167},239,{"file":193,"line":194,"context":167},"track_order.php",34,{"file":193,"line":196,"context":167},46,{"file":193,"line":198,"context":167},65,{"file":193,"line":200,"context":167},78,{"file":193,"line":202,"context":167},82,{"file":193,"line":204,"context":167},83,{"file":193,"line":206,"context":167},84,{"file":193,"line":208,"context":167},85,{"file":193,"line":210,"context":167},86,{"file":193,"line":61,"context":167},{"file":193,"line":213,"context":167},104,{"file":193,"line":166,"context":167},{"file":193,"line":216,"context":167},106,{"file":193,"line":218,"context":167},121,{"file":193,"line":220,"context":167},122,{"file":193,"line":93,"context":167},{"file":193,"line":223,"context":167},141,{"file":193,"line":223,"context":167},28,5,[228,231],{"name":229,"version":37,"knownCves":230},"DataTables",[],{"name":232,"version":37,"knownCves":233},"TCPDF",[],[235,261,278],{"entryPoint":236,"graph":237,"unsanitizedCount":62,"severity":260},"smsa_generate_label (smsa-express-shipping.php:210)",{"nodes":238,"edges":257},[239,244,250,252],{"id":240,"type":241,"label":242,"file":97,"line":243},"n0","source","$_POST",216,{"id":245,"type":246,"label":247,"file":97,"line":248,"wp_function":249},"n1","sink","wp_remote_get() [SSRF]",221,"wp_remote_get",{"id":251,"type":241,"label":242,"file":97,"line":243},"n2",{"id":253,"type":246,"label":254,"file":97,"line":255,"wp_function":256},"n3","file_put_contents() [File Write]",227,"file_put_contents",[258,259],{"from":240,"to":245,"sanitized":141},{"from":251,"to":253,"sanitized":141},"medium",{"entryPoint":262,"graph":263,"unsanitizedCount":27,"severity":260},"\u003Ctrack_order> (track_order.php:0)",{"nodes":264,"edges":275},[265,268,269,271],{"id":240,"type":241,"label":266,"file":193,"line":267},"$_GET",49,{"id":245,"type":246,"label":247,"file":193,"line":13,"wp_function":249},{"id":251,"type":241,"label":270,"file":193,"line":267},"$_GET (x5)",{"id":253,"type":246,"label":272,"file":193,"line":273,"wp_function":274},"echo() [XSS]",91,"echo",[276,277],{"from":240,"to":245,"sanitized":141},{"from":251,"to":253,"sanitized":151},{"entryPoint":279,"graph":280,"unsanitizedCount":28,"severity":289},"\u003Csmsa-express-shipping> (smsa-express-shipping.php:0)",{"nodes":281,"edges":286},[282,283,284,285],{"id":240,"type":241,"label":242,"file":97,"line":243},{"id":245,"type":246,"label":247,"file":97,"line":248,"wp_function":249},{"id":251,"type":241,"label":242,"file":97,"line":243},{"id":253,"type":246,"label":254,"file":97,"line":255,"wp_function":256},[287,288],{"from":240,"to":245,"sanitized":151},{"from":251,"to":253,"sanitized":151},"low",{"summary":291,"deductions":292},"The smsa-shipping-official plugin v2.4 exhibits a mixed security posture.  While it demonstrates good practices in areas like using prepared statements for all SQL queries and a high percentage of properly escaped output, significant concerns arise from its attack surface and historical vulnerability. The presence of three AJAX handlers, two of which lack proper authentication checks, presents a direct avenue for potential exploitation. This, combined with two identified flows with unsanitized paths in the taint analysis, suggests a risk of unauthorized actions or data manipulation if these entry points are not secured. The plugin also has a history of a high-severity vulnerability related to External Control of File Name or Path, even though it is currently patched. This historical pattern, alongside the current lack of robust authorization on two AJAX endpoints, indicates a recurring weakness that requires vigilant monitoring and remediation.",[293,295,297,300,302],{"reason":294,"points":109},"Unprotected AJAX handlers",{"reason":296,"points":109},"Flows with unsanitized paths",{"reason":298,"points":299},"Historical high-severity vulnerability",15,{"reason":301,"points":156},"Bundled library: DataTables",{"reason":303,"points":156},"Bundled library: TCPDF","2026-03-16T19:48:26.275Z",{"wat":306,"direct":324},{"assetPaths":307,"generatorPatterns":313,"scriptPaths":314,"versionParams":318},[308,309,310,311,312],"\u002Fwp-content\u002Fplugins\u002Fsmsa-shipping-official\u002Fcss\u002Fsmsa-style.css","\u002Fwp-content\u002Fplugins\u002Fsmsa-shipping-official\u002Fcss\u002FdataTables.bootstrap5.min.css","\u002Fwp-content\u002Fplugins\u002Fsmsa-shipping-official\u002Fjs\u002Fjquery.dataTables.min.js","\u002Fwp-content\u002Fplugins\u002Fsmsa-shipping-official\u002Fjs\u002FdataTables.bootstrap5.min.js","\u002Fwp-content\u002Fplugins\u002Fsmsa-shipping-official\u002Fjs\u002Fsmsa-script.js",[],[315,316,317],"jquery.dataTables.min.js","dataTables.bootstrap5.min.js","smsa-script.js",[319,320,321,322,323],"smsa-shipping-official\u002Fcss\u002Fsmsa-style.css?ver=","smsa-shipping-official\u002Fcss\u002FdataTables.bootstrap5.min.css?ver=","smsa-shipping-official\u002Fjs\u002Fjquery.dataTables.min.js?ver=","smsa-shipping-official\u002Fjs\u002FdataTables.bootstrap5.min.js?ver=","smsa-shipping-official\u002Fjs\u002Fsmsa-script.js?ver=",{"cssClasses":325,"htmlComments":326,"htmlAttributes":327,"restEndpoints":329,"jsGlobals":331,"shortcodeOutput":333},[],[],[328],"data-nonce",[330],"\u002Fwp-json\u002Fsmsa-shipping-official\u002Fv1\u002Fget_tracking_info",[332],"smsa_vars",[]]