[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f5M3ihbCSqv9z6kxvXZNjCxE-fQbCrX2BttQLb0sQuLA":3,"$fEqCw3JrJVKYWiob7kcOdii-CF-EtCGKSsjQMzWZ13lI":469,"$fxiPtrOe_O1l4NDo5qri6bsJPgkoOutTUl7P2yk6xw9U":473},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":16,"download_link":18,"security_score":19,"vuln_count":11,"unpatched_count":11,"last_vuln_date":20,"fetched_at":21,"discovery_status":22,"vulnerabilities":23,"developer":24,"crawl_stats":20,"alternatives":31,"analysis":32,"fingerprints":426},"the-courier-guy-shipping-for-sovtech","Shesha by The Courier Guy","1.0.0","talenttcg","https:\u002F\u002Fprofiles.wordpress.org\u002Ftalenttcg\u002F","\u003Cp>Shesha by The Courier Guy plugin for WooCommerce allows the seller to give live courier quotes and ship your parcels with a click of a button.\u003C\u002Fp>\n\u003Cp>This bypasses manual shipment detail capturing and allows for waybill printing within the website orders page.\u003C\u002Fp>\n\u003Cp>WHY CHOOSE SHESHA by THE COURIER GUY?\u003C\u002Fp>\n\u003Cp>The Courier Guy has built a strong reputation through strong customer relations and effective personal service. Today The Courier Guy is trusted, recognised and the fastest growing courier company in South Africa.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Cem>DISCLAIMER\u003C\u002Fem>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Parcel sizes are based on your packaging structure. The plugin will compare the cart’s total dimensions against “Flyer”, “Medium”, “Large” and “Custom” parcel sizes to determine the best fit. The resulting calculation will be submitted to The Courier Guy as using the parcel’s dimensions. By downloading and using this plugin, you accept that incorrect Product and Parcel Size and Weight settings may cause quotes to be inaccurate, and The Courier Guy will not be responsible for these inaccurate quotes.\u003C\u002Fp>\n","This is the official WooCommerce extension to ship products using Shesha by The Courier Guy.",0,772,"2022-07-12T14:42:00.000Z","6.0.11","5.5","",[],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fthe-courier-guy-shipping-for-sovtech.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":25,"total_installs":26,"avg_security_score":27,"avg_patch_time_days":28,"trust_score":29,"computed_at":30},3,3010,90,30,87,"2026-05-20T05:04:06.050Z",[],{"attackSurface":33,"codeSignals":259,"taintFlows":293,"riskAssessment":412,"analyzedAt":425},{"hooks":34,"ajaxHandlers":245,"restRoutes":255,"shortcodes":256,"cronEvents":257,"entryPointCount":258,"unprotectedCount":258},[35,41,46,50,53,56,58,61,65,70,74,79,83,87,92,95,99,103,107,110,114,118,123,127,129,133,137,141,145,149,153,157,161,164,167,170,174,177,183,184,187,188,192,195,199,203,206,210,213,216,220,224,230,233,236,239,241,243],{"type":36,"name":37,"callback":38,"file":39,"line":40},"action","woocommerce_shipping_init","shipping_init","Core\u002FTCGS_Plugin.php",32,{"type":42,"name":43,"callback":44,"file":39,"line":45},"filter","woocommerce_shipping_methods","shipping_method",33,{"type":36,"name":47,"callback":48,"file":39,"line":49},"admin_enqueue_scripts","registerJavascriptResources",35,{"type":36,"name":51,"callback":48,"file":39,"line":52},"wp_enqueue_scripts",36,{"type":36,"name":51,"callback":54,"file":39,"line":55},"localizeJSVariables",37,{"type":36,"name":47,"callback":54,"file":39,"line":57},38,{"type":36,"name":59,"callback":54,"file":39,"line":60},"login_enqueue_scripts",39,{"type":36,"name":62,"callback":63,"file":39,"line":64},"woocommerce_checkout_update_order_review","updateShippingPropertiesFromCheckout",41,{"type":42,"name":66,"callback":67,"priority":68,"file":39,"line":69},"woocommerce_checkout_fields","addIihtcgFields",10,44,{"type":42,"name":66,"callback":71,"priority":72,"file":39,"line":73},"overrideAddressFields",999,45,{"type":42,"name":75,"callback":76,"priority":77,"file":39,"line":78},"woocommerce_form_field_tcg_place_lookup","getSuburbFormFieldMarkUp",1,48,{"type":36,"name":80,"callback":81,"priority":68,"file":39,"line":82},"admin_post_print_waybill","printWaybillFromOrder",50,{"type":36,"name":84,"callback":85,"priority":68,"file":39,"line":86},"woocommerce_order_actions","addSendCollectionActionToOrderMetaBox",53,{"type":36,"name":88,"callback":89,"priority":90,"file":39,"line":91},"manage_shop_order_posts_custom_column","collectActionAndPrintWaybillOnOrderlistContent",20,56,{"type":36,"name":84,"callback":93,"priority":68,"file":39,"line":94},"addPrintWayBillActionToOrderMetaBox",65,{"type":42,"name":96,"callback":97,"priority":90,"file":39,"line":98},"manage_edit-shop_order_columns","addCollectionActionAndPrintWaybillToOrderList",66,{"type":36,"name":100,"callback":101,"priority":68,"file":39,"line":102},"woocommerce_order_action_tcg_print_waybill","redirectToPrintWaybillUrl",67,{"type":36,"name":104,"callback":105,"file":39,"line":106},"admin_head","addCustomAdimCssForOrderList",70,{"type":36,"name":104,"callback":108,"file":39,"line":109},"addCustomJavascriptForOrderList",71,{"type":42,"name":111,"callback":112,"priority":68,"file":39,"line":113},"woocommerce_admin_shipping_fields","addShippingMetaToOrder",72,{"type":36,"name":115,"callback":116,"priority":68,"file":39,"line":117},"woocommerce_order_action_tcg_send_collection","createShipmentFromOrder",76,{"type":36,"name":119,"callback":120,"priority":121,"file":39,"line":122},"woocommerce_thankyou","getTrackingNo",111,77,{"type":36,"name":124,"callback":125,"priority":68,"file":39,"line":126},"woocommerce_order_status_processing","createShipmentOnOrderProcessing",78,{"type":36,"name":115,"callback":120,"priority":90,"file":39,"line":128},79,{"type":36,"name":130,"callback":131,"priority":68,"file":39,"line":132},"woocommerce_checkout_update_order_meta","updateShippingPropertiesOnOrder",80,{"type":36,"name":134,"callback":135,"priority":90,"file":39,"line":136},"woocommerce_shipping_packages","updateShippingPackages",83,{"type":36,"name":138,"callback":139,"priority":90,"file":39,"line":140},"woocommerce_after_calculate_totals","getCartTotalCost",84,{"type":36,"name":142,"callback":143,"file":39,"line":144},"woocommerce_checkout_billing","add_shipping_selector",86,{"type":36,"name":146,"callback":147,"file":39,"line":148},"admin_notices","addDisclaimer",89,{"type":42,"name":150,"callback":151,"priority":68,"file":39,"line":152},"thecourierguyshippingsovtech_flyer_fits_filter","flyer_fits_flyer_filter",93,{"type":36,"name":154,"callback":155,"file":39,"line":156},"wc_ajax_update_order_review","test_ajax",96,{"type":36,"name":158,"callback":159,"priority":68,"file":39,"line":160},"woocommerce_review_order_before_order_total","shipLogicRateOptins",98,{"type":36,"name":158,"callback":162,"priority":90,"file":39,"line":163},"getselectedOptions",105,{"type":36,"name":165,"callback":165,"priority":72,"file":166,"line":69},"init","Includes\u002Fls-framework-custom\u002FCore\u002FCustomPlugin.php",{"type":36,"name":168,"callback":169,"priority":72,"file":166,"line":73},"admin_init","initAdmin",{"type":36,"name":171,"callback":172,"file":173,"line":40},"activated_plugin","installPluginAfterWoocommerce","Includes\u002Fls-framework-custom\u002FCore\u002FCustomPluginDependencies.php",{"type":36,"name":146,"callback":175,"file":173,"line":176},"addInvalidatedPluginNotice",73,{"type":42,"name":178,"callback":179,"priority":180,"file":181,"line":182},"get_post_metadata","filterPostMetaValue",100,"Includes\u002Fls-framework-custom\u002FCore\u002FCustomPostType.php",27,{"type":42,"name":178,"callback":179,"priority":180,"file":181,"line":73},{"type":36,"name":165,"callback":185,"priority":72,"file":181,"line":186},"anonymous",57,{"type":36,"name":168,"callback":185,"file":181,"line":94},{"type":36,"name":189,"callback":190,"file":181,"line":191},"do_meta_boxes","closure",176,{"type":36,"name":193,"callback":190,"file":181,"line":194},"save_post",467,{"type":36,"name":196,"callback":197,"file":198,"line":78},"template_redirect","public_init","class-the-courier-guy-shipping-for-sovtech.php",{"type":42,"name":200,"callback":201,"file":198,"line":202},"woocommerce_shipping_calculator_enable_city","__return_true",75,{"type":42,"name":204,"callback":205,"file":198,"line":117},"woocommerce_shipping_calculator_enable_postcode","__return_false",{"type":42,"name":207,"callback":208,"file":198,"line":209},"woocommerce_general_settings","general_settings_shop_phone",146,{"type":42,"name":207,"callback":211,"file":198,"line":212},"general_settings_shop_address3",178,{"type":42,"name":207,"callback":214,"file":198,"line":215},"general_settings_shop_address_type",211,{"type":42,"name":217,"callback":218,"file":198,"line":219},"woocommerce_default_address_fields","wdm_override_default_address_fields",243,{"type":36,"name":221,"callback":222,"file":198,"line":223},"woocommerce_init","dimative_shipping_instance_form_fields_filters",766,{"type":36,"name":225,"callback":226,"priority":227,"file":228,"line":229},"woocommerce_checkout_update_user_meta","update_user_meta",99,"module-admin\u002Fcsm-checkout.php",7,{"type":36,"name":130,"callback":231,"priority":227,"file":228,"line":232},"update_order_meta",8,{"type":42,"name":234,"callback":235,"file":228,"line":68},"woocommerce_cart_shipping_packages","parse_shipping_package",{"type":36,"name":146,"callback":237,"file":238,"line":113},"prod_fields_admin_notice__error","module-admin\u002Finit-main.php",{"type":36,"name":146,"callback":240,"file":238,"line":128},"stage_fields_admin_notice__error",{"type":36,"name":146,"callback":242,"file":238,"line":29},"sample_admin_notice__success",{"type":36,"name":146,"callback":244,"file":238,"line":27},"sample_admin_notice__error",[246,251],{"action":247,"nopriv":248,"callback":249,"hasNonce":248,"hasCapCheck":248,"file":39,"line":250},"submit_collection_from_listing_page",false,"setCollectionFromOrderListingPage",49,{"action":252,"nopriv":248,"callback":253,"hasNonce":248,"hasCapCheck":248,"file":39,"line":254},"dismissed_notice_handler","ajax_notice_handler",92,[],[],[],2,{"dangerousFunctions":260,"sqlUsage":270,"outputEscaping":272,"fileOperations":77,"externalRequests":232,"nonceChecks":77,"capabilityChecks":11,"bundledLibraries":289},[261,265],{"fn":262,"file":263,"line":258,"context":264},"ini_set","helper\u002Fclass-customhelper.php","ini_set('allow_url_fopen', 'On');",{"fn":266,"file":267,"line":268,"context":269},"unserialize","module-admin\u002Finit-zones.php",592,"return unserialize($raw[0]->option_value);",{"prepared":77,"raw":11,"locations":271},[],{"escaped":273,"rawEcho":274,"locations":275},175,6,[276,279,281,283,285,287],{"file":39,"line":277,"context":278},1207,"raw output",{"file":39,"line":280,"context":278},1213,{"file":39,"line":282,"context":278},1227,{"file":39,"line":284,"context":278},1236,{"file":39,"line":286,"context":278},1247,{"file":39,"line":288,"context":278},1256,[290],{"name":291,"version":20,"knownCves":292},"Guzzle",[],[294,325,360,373,403],{"entryPoint":295,"graph":296,"unsanitizedCount":258,"severity":324},"printWaybillFromOrder (Core\u002FTCGS_Plugin.php:1267)",{"nodes":297,"edges":320},[298,303,309,312,316],{"id":299,"type":300,"label":301,"file":39,"line":302},"n0","source","$_GET",1269,{"id":304,"type":305,"label":306,"file":39,"line":307,"wp_function":308},"n1","sink","wp_redirect() [Open Redirect]",1287,"wp_redirect",{"id":310,"type":300,"label":301,"file":39,"line":311},"n2",1285,{"id":313,"type":314,"label":315,"file":39,"line":311},"n3","transform","→ get_waybill()",{"id":317,"type":305,"label":318,"file":263,"line":109,"wp_function":319},"n4","wp_remote_get() [SSRF]","wp_remote_get",[321,322,323],{"from":299,"to":304,"sanitized":248},{"from":310,"to":313,"sanitized":248},{"from":313,"to":317,"sanitized":248},"medium",{"entryPoint":326,"graph":327,"unsanitizedCount":359,"severity":324},"\u003CTCGS_Plugin> (Core\u002FTCGS_Plugin.php:0)",{"nodes":328,"edges":352},[329,332,336,337,338,341,346,348,350],{"id":299,"type":300,"label":330,"file":39,"line":331},"$_GET (x2)",1160,{"id":304,"type":305,"label":333,"file":39,"line":334,"wp_function":335},"echo() [XSS]",1206,"echo",{"id":310,"type":300,"label":330,"file":39,"line":331},{"id":313,"type":305,"label":306,"file":39,"line":307,"wp_function":308},{"id":317,"type":300,"label":339,"file":39,"line":340},"$_POST",1523,{"id":342,"type":305,"label":343,"file":39,"line":344,"wp_function":345},"n5","update_option() [Settings Manipulation]",1524,"update_option",{"id":347,"type":300,"label":330,"file":39,"line":311},"n6",{"id":349,"type":314,"label":315,"file":39,"line":311},"n7",{"id":351,"type":305,"label":318,"file":263,"line":109,"wp_function":319},"n8",[353,355,356,357,358],{"from":299,"to":304,"sanitized":354},true,{"from":310,"to":313,"sanitized":248},{"from":317,"to":342,"sanitized":248},{"from":347,"to":349,"sanitized":248},{"from":349,"to":351,"sanitized":248},5,{"entryPoint":361,"graph":362,"unsanitizedCount":77,"severity":324},"init (module-admin\u002Finit-main.php:50)",{"nodes":363,"edges":370},[364,366,368],{"id":299,"type":300,"label":339,"file":238,"line":365},82,{"id":304,"type":314,"label":367,"file":238,"line":365},"→ check_api_valid_or_not()",{"id":310,"type":305,"label":318,"file":263,"line":369,"wp_function":319},23,[371,372],{"from":299,"to":304,"sanitized":248},{"from":304,"to":310,"sanitized":248},{"entryPoint":374,"graph":375,"unsanitizedCount":402,"severity":324},"\u003Cinit-main> (module-admin\u002Finit-main.php:0)",{"nodes":376,"edges":395},[377,378,379,380,383,385,387,389,391],{"id":299,"type":300,"label":339,"file":238,"line":365},{"id":304,"type":314,"label":367,"file":238,"line":365},{"id":310,"type":305,"label":318,"file":263,"line":369,"wp_function":319},{"id":313,"type":300,"label":381,"file":238,"line":382},"$_POST (x2)",177,{"id":317,"type":314,"label":384,"file":238,"line":382},"→ get_shipping_codes()",{"id":342,"type":305,"label":318,"file":263,"line":386,"wp_function":319},52,{"id":347,"type":300,"label":339,"file":238,"line":388},275,{"id":349,"type":314,"label":390,"file":238,"line":388},"→ get_available_shipping_options()",{"id":351,"type":305,"label":392,"file":263,"line":393,"wp_function":394},"wp_remote_post() [SSRF]",106,"wp_remote_post",[396,397,398,399,400,401],{"from":299,"to":304,"sanitized":248},{"from":304,"to":310,"sanitized":248},{"from":313,"to":317,"sanitized":248},{"from":317,"to":342,"sanitized":248},{"from":347,"to":349,"sanitized":248},{"from":349,"to":351,"sanitized":248},4,{"entryPoint":404,"graph":405,"unsanitizedCount":77,"severity":411},"ajax_notice_handler (Core\u002FTCGS_Plugin.php:1520)",{"nodes":406,"edges":409},[407,408],{"id":299,"type":300,"label":339,"file":39,"line":340},{"id":304,"type":305,"label":343,"file":39,"line":344,"wp_function":345},[410],{"from":299,"to":304,"sanitized":248},"low",{"summary":413,"deductions":414},"The plugin \"the-courier-guy-shipping-for-sovtech\" v1.0.0 exhibits a mixed security posture. While it demonstrates good practices in database query handling with 100% prepared statements and a high rate of proper output escaping (97%), it presents significant security concerns due to its unprotected entry points and reliance on potentially dangerous functions.\n\nThe primary risks stem from the presence of two AJAX handlers that lack authentication checks. This directly translates to an exposed attack surface where unauthenticated users could potentially trigger sensitive actions. Furthermore, the use of `ini_set` and `unserialize` are flagged as dangerous functions, which, if not handled with extreme care and robust input validation, can lead to serious vulnerabilities like arbitrary code execution or denial-of-service attacks. The taint analysis, while reporting no critical or high-severity flows, analyzed a limited number of flows (5) and found all of them to have unsanitized paths, which is concerning despite the absence of critical issues.\n\nThe plugin's vulnerability history is clean, with no recorded CVEs. This absence of known exploits could indicate either a lack of widespread targeting or a history of responsible development. However, it does not negate the immediate risks identified in the static and taint analysis. In conclusion, while the plugin has strengths in its database interaction and output handling, the unprotected AJAX endpoints and the use of dangerous functions introduce significant risks that require immediate attention and mitigation.",[415,417,419,421,423],{"reason":416,"points":68},"Unprotected AJAX handlers",{"reason":418,"points":229},"Use of dangerous function: unserialize",{"reason":420,"points":359},"Use of dangerous function: ini_set",{"reason":422,"points":359},"Flows with unsanitized paths",{"reason":424,"points":232},"Lack of capability checks","2026-04-16T13:41:03.560Z",{"wat":427,"direct":438},{"assetPaths":428,"generatorPatterns":433,"scriptPaths":434,"versionParams":435},[429,430,431,432],"\u002Fwp-content\u002Fplugins\u002Fthe-courier-guy-shipping-for-sovtech\u002FAssets\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fthe-courier-guy-shipping-for-sovtech\u002FAssets\u002Fjs\u002Fscript.js","\u002Fwp-content\u002Fplugins\u002Fthe-courier-guy-shipping-for-sovtech\u002FIncludes\u002Fls-framework-custom\u002FAssets\u002Fcss\u002Fcustomplugin.css","\u002Fwp-content\u002Fplugins\u002Fthe-courier-guy-shipping-for-sovtech\u002FIncludes\u002Fls-framework-custom\u002FAssets\u002Fjs\u002Fcustomplugin.js",[],[430,432],[436,437],"the-courier-guy-shipping-for-sovtech\u002FAssets\u002Fcss\u002Fstyle.css?ver=","the-courier-guy-shipping-for-sovtech\u002FAssets\u002Fjs\u002Fscript.js?ver=",{"cssClasses":439,"htmlComments":441,"htmlAttributes":460,"restEndpoints":464,"jsGlobals":465,"shortcodeOutput":468},[440],"dimative-shipping-instance-form-fields-filters",[442,443,444,445,446,447,448,449,450,451,452,453,454,455,456,457,458,459]," exit if accessed directly "," Abort if WooCommerce not installed "," change default "," TODO: due to template_redirect action, Postcode might show up after refresh "," Initiate the needed classes "," Add our custom Shipping method ","filter woocommerce_shipping_init","filter woocommerce_shipping_methods","Created custom field in general setting 'Phone Number'."," @param array $settings for adding new settings. ","Inserting array just after the post code in \"Store Address\" section."," \u003C= The field ID (important)!!","Created custom field in general setting 'Address line 3'.","Created custom field in general setting 'Address Type'.","Added custom field on Checkout."," @param array $address_fields for adding new address fields. "," Shipping Instance form add extra fields. "," @param array $settings Settings. ",[461,462,463],"data-field-id","data-field-type","data-required",[],[466,467],"CSM_Checkout","CSM_Init",[],{"error":354,"url":470,"statusCode":471,"statusMessage":472,"message":472},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fthe-courier-guy-shipping-for-sovtech\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":11,"versions":474},[]]