[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fAlyRijlXkpixhT0fHF6pHqqOOIAaUi8CQhPr9OWg0PQ":3,"$f9rb5tB1cHhBqdNY7lZxsje9T9BJ-Xxz8wG3qhogoY20":197,"$f0MccOSvVwNarkQ-a-Ra353CZqiw2u85Yy_KvEc6WZQU":202},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":15,"requires_php":15,"tags":16,"homepage":22,"download_link":23,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"discovery_status":27,"vulnerabilities":28,"developer":29,"crawl_stats":25,"alternatives":35,"analysis":79,"fingerprints":177},"supplemento-contrassegno-woocommerce","Plugin Name: Supplemento Contrassegno WooCommerce","1.1","Giuseppe Manduca","https:\u002F\u002Fprofiles.wordpress.org\u002Fgiuseppe-madnuca\u002F","\u003Cp>Aggiungi un supplemento ai metodi di pagamento di WooCommerce\u003C\u002Fp>\n\u003Cp>Plugin Funzionante con le versioni di WooCommerce 2.1.11 – 2.2.2.\u003C\u002Fp>\n\u003Cp>Per maggiore supporto visita\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fwww.giuseppemanduca.it\" rel=\"nofollow ugc\">Supplemento contrassegno WooCommerce\u003C\u002Fa>\u003C\u002Fp>\n","Aggiungi un supplemento di pagamento ai pagamenti di WooCommerce!",70,3941,0,"2014-11-22T16:30:00.000Z","",[17,18,19,20,21],"carrello","cassa","contrassegno-woocommerce","pagamento-aggiuntivo-woocommerce","supplemento-contrassegno","http:\u002F\u002Fwww.giuseppemanduca.it","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsupplemento-contrassegno-woocommerce.zip",85,null,"2026-04-06T09:54:40.288Z","no_bundle",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":11,"avg_security_score":24,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"giuseppe-madnuca",1,30,84,"2026-05-19T21:22:28.980Z",[36,59],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":31,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":50,"tags":51,"homepage":56,"download_link":57,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":58},"robowoo","RoboWoo — Robokassa payment gateway for WooCommerce","1.0.7","artamonoviv","https:\u002F\u002Fprofiles.wordpress.org\u002Fartamonoviv\u002F","\u003Cp>RoboWoo расширяет платежные способности WooCommerce добавлением шлюза Робокассы. Плагин поддерживает Робочеки – нововведения, обеспечивающие соблюдение закона 54-ФЗ об электронных чеках.\u003C\u002Fp>\n\u003Cp>Кроме основной работы с Робокассой плагин позволяет:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Выбирать стили кнопок оплаты и отмены\u003C\u002Fli>\n\u003Cli>Работать в тестовом режиме (без настоящей оплаты) Робокассы\u003C\u002Fli>\n\u003Cli>Выбирать алгоритм формирования хэша подписи\u003C\u002Fli>\n\u003Cli>Включать \u002F выключать передачу информации о составе заказа, налогах и налогооблажении в Робокассу (54-ФЗ)\u003C\u002Fli>\n\u003Cli>Включать \u002F выключать передачу информации о стоимости доставки в Робокассу\u003C\u002Fli>\n\u003Cli>Выбирать систему налогооблажения для передачи в Робокассу, если нужно\u003C\u002Fli>\n\u003Cli>Выбирать размер ставки НДС для товаров в заказе, если нужно\u003C\u002Fli>\n\u003Cli>Выбирать способ расчета: полный расчет, 100% предоплата, аванс, кредит и пр.\u003C\u002Fli>\n\u003Cli>Выбирать предмет расчета: товар, подакцизный товар, услуга, работа, агентское вознаграждение и пр.\u003C\u002Fli>\n\u003Cli>Формировать второй (итоговый) чек для товаров, которые были оформлены по предоплате или авансу (тестовый режим).\u003C\u002Fli>\n\u003C\u002Ful>\n","Предоставляет интерфейс для оплаты через Робокассу в WooCommerce. Поддерживает Робочеки (закон 54-ФЗ)",60,3854,100,"2019-11-08T12:15:00.000Z","5.2.24","4.0","5.4.0",[52,53,54,55],"mastercard","robocassa","robokassa","visa","https:\u002F\u002Fgithub.com\u002Fartamonoviv\u002Frobowoo","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frobowoo.zip","2026-04-16T10:56:18.058Z",{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":15,"short_description":65,"active_installs":66,"downloaded":67,"rating":46,"num_ratings":31,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":71,"tags":72,"homepage":15,"download_link":78,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"wc-fettario","Italian feature add-on for Woocommerce","1.3","Simone Marcon","https:\u002F\u002Fprofiles.wordpress.org\u002Fsimonemarconbdg\u002F","Plugin che configura correttamente Woocommerce per chi usufruisce del regime forfettario comprensivo di cassa di previdenza",10,1052,"2021-04-22T12:31:00.000Z","5.7.15","5.2","7.0",[73,74,75,76,77],"cassa-previdenza","e-commerce","marca-da-bollo","regime-forfettario","woocommerce","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwc-fettario.zip",{"attackSurface":80,"codeSignals":103,"taintFlows":125,"riskAssessment":162,"analyzedAt":176},{"hooks":81,"ajaxHandlers":99,"restRoutes":100,"shortcodes":101,"cronEvents":102,"entryPointCount":13,"unprotectedCount":13},[82,88,92,96],{"type":83,"name":84,"callback":85,"file":86,"line":87},"action","admin_head","add_form_fields","supplemento-contrassegno-woocommerce.php",39,{"type":83,"name":89,"callback":90,"priority":66,"file":86,"line":91},"woocommerce_calculate_totals","calculate_totals",40,{"type":83,"name":93,"callback":94,"file":86,"line":95},"woocommerce_review_order_before_order_total","add_payment_gateway_extra_charges_row",121,{"type":83,"name":97,"callback":94,"file":86,"line":98},"woocommerce_cart_totals_before_order_total",123,[],[],[],[],{"dangerousFunctions":104,"sqlUsage":105,"outputEscaping":107,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":124},[],{"prepared":13,"raw":13,"locations":106},[],{"escaped":108,"rawEcho":109,"locations":110},2,7,[111,114,115,116,118,120,122],{"file":86,"line":112,"context":113},74,"raw output",{"file":86,"line":112,"context":113},{"file":86,"line":112,"context":113},{"file":86,"line":117,"context":113},80,{"file":86,"line":119,"context":113},134,{"file":86,"line":121,"context":113},136,{"file":86,"line":123,"context":113},138,[],[126,151],{"entryPoint":127,"graph":128,"unsanitizedCount":108,"severity":150},"add_form_fields (supplemento-contrassegno-woocommerce.php:44)",{"nodes":129,"edges":146},[130,135,140,144],{"id":131,"type":132,"label":133,"file":86,"line":134},"n0","source","$_REQUEST[$extra_charges_id]",58,{"id":136,"type":137,"label":138,"file":86,"line":134,"wp_function":139},"n1","sink","update_option() [Settings Manipulation]","update_option",{"id":141,"type":132,"label":142,"file":86,"line":143},"n2","$_REQUEST[$extra_charges_type]",59,{"id":145,"type":137,"label":138,"file":86,"line":143,"wp_function":139},"n3",[147,149],{"from":131,"to":136,"sanitized":148},false,{"from":141,"to":145,"sanitized":148},"low",{"entryPoint":152,"graph":153,"unsanitizedCount":108,"severity":150},"\u003Csupplemento-contrassegno-woocommerce> (supplemento-contrassegno-woocommerce.php:0)",{"nodes":154,"edges":159},[155,156,157,158],{"id":131,"type":132,"label":133,"file":86,"line":134},{"id":136,"type":137,"label":138,"file":86,"line":134,"wp_function":139},{"id":141,"type":132,"label":142,"file":86,"line":143},{"id":145,"type":137,"label":138,"file":86,"line":143,"wp_function":139},[160,161],{"from":131,"to":136,"sanitized":148},{"from":141,"to":145,"sanitized":148},{"summary":163,"deductions":164},"The plugin \"supplemento-contrassegno-woocommerce\" v1.1 exhibits a generally good security posture with no known vulnerabilities or CVEs. The static analysis reveals a commendable lack of dangerous functions, file operations, and external HTTP requests. All SQL queries are properly prepared, indicating a strong defense against SQL injection.  The complete absence of an attack surface through AJAX, REST API, shortcodes, and cron events, and the lack of any recorded vulnerabilities, are significant strengths.\n\nHowever, there are areas for improvement. The low percentage of properly escaped output (22%) is a concern, suggesting potential Cross-Site Scripting (XSS) vulnerabilities. The taint analysis, while not revealing critical or high severity issues, did identify two flows with unsanitized paths, which, although not exploited in this version, represent a potential risk if not addressed. The complete absence of nonce and capability checks, while seemingly justified by the zero attack surface, would be a critical vulnerability if any entry points were to be introduced in future versions without proper authentication and authorization measures.\n\nIn conclusion, the plugin is currently in a secure state due to its limited functionality and robust SQL handling. The primary weakness lies in the inadequate output escaping and the presence of unsanitized taint flows. While no immediate threats are apparent, addressing the output escaping and ensuring any future expansion of the attack surface includes proper security checks are crucial for maintaining this secure posture.",[165,168,171,174],{"reason":166,"points":167},"Low output escaping percentage",6,{"reason":169,"points":170},"Taint flows with unsanitized paths",5,{"reason":172,"points":173},"No nonce checks present",4,{"reason":175,"points":173},"No capability checks present","2026-03-16T21:41:41.318Z",{"wat":178,"direct":184},{"assetPaths":179,"generatorPatterns":181,"scriptPaths":182,"versionParams":183},[180],"\u002Fwp-content\u002Fplugins\u002Fsupplemento-contrassegno-woocommerce\u002Fjs\u002Fapp.js",[],[180],[],{"cssClasses":185,"htmlComments":187,"htmlAttributes":188,"restEndpoints":193,"jsGlobals":194,"shortcodeOutput":196},[186],"payment-extra-charge",[],[189,190,191,192],"name=\"woocommerce_\"","id=\"woocommerce_\"","name=\"woocommerce_\"_type","id=\"woocommerce_\"_type",[],[195],"WP_Supplemento_Contrassegno",[],{"error":198,"url":199,"statusCode":200,"statusMessage":201,"message":201},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fsupplemento-contrassegno-woocommerce\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":13,"versions":203},[]]