[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fMdrdnVrJNacVzE1ureJrJvTimhjuAwfbt7kSiECtnec":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":38,"analysis":116,"fingerprints":252},"subscription-epayco","Subscription ePayco","4.0.2","Saul Morales Pacheco","https:\u002F\u002Fprofiles.wordpress.org\u002Fsaulmorales\u002F","\u003Cp>Subscription ePayco works together with the Woocommerce subscriptions plugin.\u003C\u002Fp>\n\u003Ch3>Additional Info\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Contribute\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsaulmoralespa\u002Fsubscription-epayco\" rel=\"nofollow ugc\">repository on github\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsaulmoralespa.com\" rel=\"nofollow ugc\">Website\u003C\u002Fa> \u003Ca href=\"https:\u002F\u002Fwww.linkedin.com\u002Fin\u002Fsaulmoralespa\u002F\" rel=\"nofollow ugc\">Linkedin\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Receive recurring payments",30,9653,76,4,"2024-03-04T15:57:00.000Z","6.4.8","6.0","8.0",[20,21,22,23],"commerce","e-commerce","store","wordpress-ecommerce","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsubscription-epayco.4.0.2.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":35,"avg_patch_time_days":11,"trust_score":36,"computed_at":37},"saulmorales",11,8180,92,88,"2026-04-04T03:50:44.186Z",[39,53,69,86,101],{"slug":40,"name":41,"version":42,"author":7,"author_profile":8,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":17,"requires_php":18,"tags":51,"homepage":24,"download_link":52,"security_score":35,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"payment-integration-wompi","Payment Integration Wompi","4.0.1","\u003Cp>With Wompi you have different payment alternatives: nequi, PSE, credit card\u003C\u002Fp>\n\u003Ch3>Additional Info\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Contribute\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsaulmoralespa\u002Fwoo-wompi-payment\" rel=\"nofollow ugc\">repository on github\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsaulmoralespa.com\" rel=\"nofollow ugc\">Website\u003C\u002Fa> \u003Ca href=\"https:\u002F\u002Fwww.linkedin.com\u002Fin\u002Fsaulmoralespa\u002F\" rel=\"nofollow ugc\">Linkedin\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Integration of Wompi for Woocommerce",1000,30976,84,5,"2024-08-06T17:47:00.000Z","6.6.5",[20,21,22,23],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpayment-integration-wompi.4.0.1.zip",{"slug":54,"name":55,"version":56,"author":57,"author_profile":58,"description":59,"short_description":60,"active_installs":61,"downloaded":62,"rating":27,"num_ratings":27,"last_updated":63,"tested_up_to":24,"requires_at_least":64,"requires_php":65,"tags":66,"homepage":67,"download_link":68,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"wompi-el-salvador","Payment Integration Wompi – El Salvador","1.2.7","wompisv","https:\u002F\u002Fprofiles.wordpress.org\u002Fwompisv\u002F","\u003Cp>Esta es una extensión para integrar la pasarela de pago de Wompi – El Salvador para el sistema de carrito de compras de WooCommerce de WordPress. Con este Plugin podrá aceptar diferentes formas de pago directamente en su tienda online.\u003C\u002Fp>\n\u003Cp>REQUISITOS\u003Cbr \u002F>\n-PHP version 7.1+\u003Cbr \u002F>\n-WordPress 5.4+\u003Cbr \u002F>\n-WooCommerce 4.3+\u003C\u002Fp>\n\u003Ch3>Additional Info\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Contribuye\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwompisv\u002Fwocommerce-wompi-sv-plugin\" rel=\"nofollow ugc\">Repositorio en github\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.infinitechsv.com\" rel=\"nofollow ugc\">www.infinitechsv.com\u003C\u002Fa> \u003Ca href=\"http:\u002F\u002Fwww.bitworks.com.sv\" rel=\"nofollow ugc\">www.bitworks.com.sv\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Integración para Wompi - El Salvador para Woocommerce",800,13531,"2022-10-11T20:27:00.000Z","5.3","7.1",[20,21,22,23],"https:\u002F\u002Fgithub.com\u002Fwompisv\u002Fwocommerce-wompi-sv-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwompi-el-salvador.1.2.7.zip",{"slug":70,"name":71,"version":72,"author":73,"author_profile":74,"description":75,"short_description":76,"active_installs":77,"downloaded":78,"rating":36,"num_ratings":48,"last_updated":79,"tested_up_to":80,"requires_at_least":81,"requires_php":82,"tags":83,"homepage":24,"download_link":85,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"pay-with-ath-movil-woocommerce-gateway","Pay with ATH Movil (WooCommerce payment gateway)","1.2.2","Roberto Torres","https:\u002F\u002Fprofiles.wordpress.org\u002Frobtorres\u002F","\u003Cp>This is a ATH Movil Payment Gateway for WooCommerce.\u003C\u002Fp>\n\u003Cp>ATH Movil allows you to securely sell your products online allowing the customer to pay you with their ATH Movil account.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>IMPORTANT\u003C\u002Fstrong>: ATH Movil open a pop window every time the user click the “Pay with ATH móvil” button. Make sure your customers don’t use a popup blocker or they won’t be able to make payments through this gateway.\u003C\u002Fp>\n","Accept ATH Movil payments on your WooCommerce store.",100,4787,"2022-09-30T16:54:00.000Z","5.8.13","4.4","7.0",[20,21,84,22,23],"ecommerce","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpay-with-ath-movil-woocommerce-gateway.zip",{"slug":87,"name":88,"version":89,"author":7,"author_profile":8,"description":90,"short_description":91,"active_installs":92,"downloaded":93,"rating":94,"num_ratings":95,"last_updated":96,"tested_up_to":97,"requires_at_least":17,"requires_php":98,"tags":99,"homepage":24,"download_link":100,"security_score":77,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"shipping-servientrega-woocommerce","Shipping Servientrega Woocommerce","7.0.7","\u003Cp>Integración de Servientrega como método de envío para Woocommerce. Actualmente esta versión solo permite calcular el costo de envío. \u003Ca href=\"https:\u002F\u002Fshop.saulmoralespa.com\u002Fproducto\u002Fplugin-shipping-servientrega-woocommerce\u002F\" rel=\"nofollow ugc\">versión completa\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsaulmoralespa.com\" rel=\"nofollow ugc\">Website\u003C\u002Fa> \u003Ca href=\"https:\u002F\u002Fwww.linkedin.com\u002Fin\u002Fsaulmoralespa\u002F\" rel=\"nofollow ugc\">Linkedin\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Servientrega empresa transportadora de Colombia",50,22821,60,2,"2026-02-09T19:34:00.000Z","6.9.4","8.2",[20,21,22,23],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fshipping-servientrega-woocommerce.7.0.7.zip",{"slug":102,"name":103,"version":104,"author":7,"author_profile":8,"description":105,"short_description":106,"active_installs":107,"downloaded":108,"rating":77,"num_ratings":109,"last_updated":110,"tested_up_to":111,"requires_at_least":112,"requires_php":113,"tags":114,"homepage":24,"download_link":115,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"subscription-payu-latam","Subscription Payu Latam","2.0.5","\u003Cp>Subscription Payu Latam works together with the Woocommerce subscriptions plugin.\u003Cbr \u002F>\nReceive recurring payments for the countries Brazil, Colombia, Mexico and Peru\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Note:! Important you must request payu support to activate payment processing using the SDK\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Translations\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>English – default, always included\u003C\u002Fli>\n\u003Cli>English : Spanish, Español de españa, Colombia, México y Perú\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Additional Info\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Contribute\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsaulmoralespa\u002Fsubscription-payu-latam\" rel=\"nofollow ugc\">repository on github\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fsaulmoralespa\" rel=\"nofollow ugc\">Saul Morales Pacheco\u003C\u002Fa> \u003Ca href=\"http:\u002F\u002Ftwitter.com\u002Fsaulmoralespa\" rel=\"nofollow ugc\">@saulmoralespa\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Receive recurring payments for the countries Brazil, Colombia, Mexico and Peru",40,13502,7,"2022-07-18T21:45:00.000Z","6.1.10","5.4","7.1.0",[20,21,22,23],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsubscription-payu-latam.2.0.5.zip",{"attackSurface":117,"codeSignals":208,"taintFlows":240,"riskAssessment":241,"analyzedAt":251},{"hooks":118,"ajaxHandlers":193,"restRoutes":204,"shortcodes":205,"cronEvents":206,"entryPointCount":207,"unprotectedCount":207},[119,125,129,132,137,141,146,150,156,159,164,168,172,177,181,184,186,187,189,191],{"type":120,"name":121,"callback":122,"file":123,"line":124},"action","woocommerce_subscription_status_cancelled","subscription_status_cancelled","includes\\class-gateway-subscription-epayco.php",48,{"type":120,"name":126,"callback":127,"file":123,"line":128},"woocommerce_customer_changed_subscription_to_cancelled","subscription_cancelled",49,{"type":120,"name":130,"callback":131,"file":123,"line":92},"woocommerce_scheduled_subscription_expiration","subscription_expiration",{"type":120,"name":133,"callback":134,"priority":135,"file":123,"line":136},"woocommerce_scheduled_subscription_payment","subscription_payment",20,51,{"type":120,"name":138,"callback":139,"priority":135,"file":123,"line":140},"woocommerce_available_payment_gateways","disable_non_subscription",52,{"type":120,"name":142,"callback":143,"file":144,"line":145},"admin_menu","subscription_epayco_se_menu","includes\\class-subscription-epayco-admin.php",13,{"type":120,"name":147,"callback":148,"file":144,"line":149},"admin_footer","enqueue_scripts_admin",29,{"type":151,"name":152,"callback":153,"file":154,"line":155},"filter","woocommerce_payment_gateways","woocommerce_suscription_epayco_add_gateway","includes\\class-subscription-epayco-plugin.php",87,{"type":151,"name":157,"callback":158,"file":154,"line":36},"woocommerce_checkout_fields","custom_woocommerce_billing_fields",{"type":151,"name":160,"callback":161,"priority":162,"file":154,"line":163},"wcs_get_retry_rule","suscription_epayco_custom_retry_rule",10,89,{"type":120,"name":165,"callback":166,"file":154,"line":167},"wp_enqueue_scripts","enqueue_scripts",90,{"type":120,"name":169,"callback":170,"file":154,"line":171},"woocommerce_subscription_totals_table","add_new_token",91,{"type":120,"name":173,"callback":174,"file":175,"line":176},"plugins_loaded","subscription_epayco_se_init","subscription-epayco.php",22,{"type":120,"name":178,"callback":179,"file":175,"line":180},"before_woocommerce_init","closure",23,{"type":120,"name":182,"callback":179,"file":175,"line":183},"admin_notices",65,{"type":120,"name":182,"callback":179,"file":175,"line":185},78,{"type":120,"name":182,"callback":179,"file":175,"line":167},{"type":120,"name":182,"callback":179,"file":175,"line":188},106,{"type":120,"name":182,"callback":179,"file":175,"line":190},120,{"type":120,"name":182,"callback":179,"file":175,"line":192},134,[194,199,201],{"action":195,"nopriv":196,"callback":197,"hasNonce":196,"hasCapCheck":196,"file":144,"line":198},"subscription_epayco_se",false,"subscription_epayco_se_ajax",14,{"action":200,"nopriv":196,"callback":200,"hasNonce":196,"hasCapCheck":196,"file":154,"line":35},"subscription_epayco_se_add_new_token",{"action":200,"nopriv":202,"callback":200,"hasNonce":196,"hasCapCheck":196,"file":154,"line":203},true,93,[],[],[],3,{"dangerousFunctions":209,"sqlUsage":210,"outputEscaping":216,"fileOperations":48,"externalRequests":27,"nonceChecks":211,"capabilityChecks":27,"bundledLibraries":239},[],{"prepared":109,"raw":211,"locations":212},1,[213],{"file":175,"line":214,"context":215},166,"$wpdb->get_var() with variable interpolation",{"escaped":217,"rawEcho":33,"locations":218},6,[219,222,224,225,226,227,229,231,233,235,237],{"file":123,"line":220,"context":221},71,"raw output",{"file":123,"line":223,"context":221},72,{"file":123,"line":171,"context":221},{"file":123,"line":35,"context":221},{"file":123,"line":203,"context":221},{"file":154,"line":228,"context":221},254,{"file":154,"line":230,"context":221},255,{"file":154,"line":232,"context":221},256,{"file":154,"line":234,"context":221},257,{"file":154,"line":236,"context":221},258,{"file":175,"line":238,"context":221},53,[],[],{"summary":242,"deductions":243},"The \"subscription-epayco\" plugin version 4.0.2 exhibits a concerning security posture due to its unprotected entry points.  While the plugin demonstrates good practices in other areas, such as avoiding dangerous functions, utilizing prepared statements for most SQL queries, and having no recorded vulnerabilities, the presence of three AJAX handlers without any authentication or capability checks is a significant risk. This directly exposes these handlers to potential abuse by unauthenticated users, which could lead to various forms of attacks depending on their functionality.\n\nThe code analysis reveals a notable weakness in output escaping, with only 35% of outputs being properly escaped. This, combined with the unprotected AJAX endpoints, increases the likelihood of cross-site scripting (XSS) vulnerabilities.  Despite the absence of critical taint flows and a clean vulnerability history, the unprotected entry points and insufficient output escaping represent the most immediate threats.  A robust security strategy would prioritize securing these AJAX handlers and improving output sanitization to mitigate these risks.",[244,247,249],{"reason":245,"points":246},"AJAX handlers without auth checks",15,{"reason":248,"points":217},"Low output escaping percentage",{"reason":250,"points":48},"Missing capability checks on AJAX","2026-03-16T22:39:13.729Z",{"wat":253,"direct":262},{"assetPaths":254,"generatorPatterns":257,"scriptPaths":258,"versionParams":259},[255,256],"\u002Fwp-content\u002Fplugins\u002Fsubscription-epayco\u002Fassets\u002Fjs\u002Fsweetalert2.js","\u002Fwp-content\u002Fplugins\u002Fsubscription-epayco\u002Fassets\u002Fjs\u002Fsubscription-epayco-config.js",[],[255,256],[260,261],"subscription-epayco\u002Fassets\u002Fjs\u002Fsweetalert2.js?ver=","subscription-epayco\u002Fassets\u002Fjs\u002Fsubscription-epayco-config.js?ver=",{"cssClasses":263,"htmlComments":264,"htmlAttributes":265,"restEndpoints":266,"jsGlobals":267,"shortcodeOutput":269},[],[],[],[],[268],"subscriptionepayco",[]]