[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fndW4EnacZDzWBoH-QCvLQzpES4pHuRZZMiDKZLsGMcE":3,"$fHM8UX_nMXtxcqKIMdKwruBe3PvoiKH5FfE6MMO7d0OY":185,"$fww6A9dnxPzeMRpZ6R7FpvmlFqHGexd4Pkk0RZanPwbs":189},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":21,"download_link":22,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25,"discovery_status":26,"vulnerabilities":27,"developer":28,"crawl_stats":24,"alternatives":34,"analysis":61,"fingerprints":160},"travel-rates-based-on-geo-location","Travel Rates based on geo location","1.0","indiainfotech.com","https:\u002F\u002Fprofiles.wordpress.org\u002Findiainfotechcom\u002F","\u003Cp>This plugin get the distance of the source and the destination address with the help of google map api and then apply the appropriate rate. This plugin uses ajax functionality\u003C\u002Fp>\n\u003Ch3>Shortcode\u003C\u002Fh3>\n\u003Cp>Use shortcode in anywhere in your pages, posts or widget. [ratecalculator]\u003C\u002Fp>\n","This plugin gets the distance from the source and destination address with the google map api. and then apply the appropriate rate.",10,8973,0,"2012-09-12T14:09:00.000Z","3.4.2","3.4.1","",[19,20],"geo-location-distance-and-rates","rates-calculator","http:\u002F\u002Fwww.indiainfotech.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftravel-rates-based-on-geo-location.1.0.1.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":11,"avg_security_score":23,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},"indiainfotechcom",1,30,84,"2026-05-20T03:13:37.284Z",[35],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":45,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":50,"tags":51,"homepage":57,"download_link":58,"security_score":59,"vuln_count":30,"unpatched_count":13,"last_vuln_date":60,"fetched_at":25},"eshipper-commerce","eShipper Commerce","2.16.12","eshipper","https:\u002F\u002Fprofiles.wordpress.org\u002Feshipper\u002F","\u003Cp>Integrate your eCommerce platforms, automate shipping, and save on all carriers with eShipper.\u003C\u002Fp>\n\u003Cp>Get a faster, more seamless shipping experience with complete automation and fully customizable carrier options. Display live, flat, or free shipping rates at checkout and get live tracking updates as soon as your customer’s package ships. Take the guesswork out of choosing the right box size with our 4D boxing algorithm. Showcase your brand with customizable packing slips, and delight your customers with low-priced and fast shipping.\u003C\u002Fp>\n\u003Ch3>How does it work?\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=aRxQKVD1eHs\" rel=\"nofollow ugc\">Watch the video here\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Save up to 70% on shipping from the world’s most trusted carriers. No minimum shipping volume required\u003C\u002Fli>\n\u003Cli>Choose to display flat rates, free shipping or live rates to your customers when they checkout from your store.\u003C\u002Fli>\n\u003Cli>Sync your stores, products, and orders, plus manage all of your inventory – on one account\u003C\u002Fli>\n\u003Cli>Get one point of contact for all your shipping needs, from integration support to scaling your orders and everything in between.\u003C\u002Fli>\n\u003Cli>Get the latest tracking updates at your fingertips, including shipment notifications and search & filter options.\u003C\u002Fli>\n\u003Cli>Get access to exclusive Next-Day, Air Shipping, Cross Border and International Shipping Services.\u003C\u002Fli>\n\u003Cli>Reduce your carbon footprint and packaging costs with our 4D boxing algorithm.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Need Support?\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.eshipper.com\u002Fcontact\u002F\" rel=\"nofollow ugc\">Contact us\u003C\u002Fa>. We’re always happy to help!\u003C\u002Fp>\n\u003Ch3>Pricing\u003C\u002Fh3>\n\u003Cp>Free\u003C\u002Fp>\n","Integrate your eCommerce platforms, automate shipping, and save on all carriers with eShipper.",100,6871,46,3,"2025-04-14T16:11:00.000Z","6.8.5","3.1","7.1",[52,53,54,55,56],"checkout","e-commerce","shipping","shipping-labels","shipping-rates-calculator","https:\u002F\u002Fww2.eshipper.com\u002Fecommerce\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feshipper-commerce.2.16.12.zip",91,"2026-02-23 00:00:00",{"attackSurface":62,"codeSignals":97,"taintFlows":108,"riskAssessment":142,"analyzedAt":159},{"hooks":63,"ajaxHandlers":75,"restRoutes":88,"shortcodes":89,"cronEvents":95,"entryPointCount":96,"unprotectedCount":46},[64,70],{"type":65,"name":66,"callback":67,"file":68,"line":69},"action","admin_menu","address_lat_long_menu","geo-ip.php",17,{"type":71,"name":72,"callback":73,"file":68,"line":74},"filter","widget_text","do_shortcode",129,[76,82,84],{"action":77,"nopriv":78,"callback":79,"hasNonce":80,"hasCapCheck":80,"file":68,"line":81},"address-submit",true,"get_distance_and_rates",false,21,{"action":77,"nopriv":80,"callback":79,"hasNonce":80,"hasCapCheck":80,"file":68,"line":83},22,{"action":85,"nopriv":80,"callback":86,"hasNonce":80,"hasCapCheck":80,"file":68,"line":87},"my_unique_action","calc_rates",127,[],[90],{"tag":91,"callback":92,"file":93,"line":94},"ratecalculator","atoll","common.php",18,[],4,{"dangerousFunctions":98,"sqlUsage":99,"outputEscaping":102,"fileOperations":13,"externalRequests":30,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":107},[],{"prepared":100,"raw":13,"locations":101},5,[],{"escaped":13,"rawEcho":30,"locations":103},[104],{"file":68,"line":105,"context":106},107,"raw output",[],[109,132],{"entryPoint":110,"graph":111,"unsanitizedCount":30,"severity":131},"get_distance_and_rates (geo-ip.php:27)",{"nodes":112,"edges":128},[113,118,122],{"id":114,"type":115,"label":116,"file":68,"line":117},"n0","source","$_POST",39,{"id":119,"type":120,"label":121,"file":68,"line":117},"n1","transform","→ get_total_rates()",{"id":123,"type":124,"label":125,"file":93,"line":126,"wp_function":127},"n2","sink","get_results() [SQLi]",67,"get_results",[129,130],{"from":114,"to":119,"sanitized":80},{"from":119,"to":123,"sanitized":80},"high",{"entryPoint":133,"graph":134,"unsanitizedCount":30,"severity":131},"\u003Cgeo-ip> (geo-ip.php:0)",{"nodes":135,"edges":139},[136,137,138],{"id":114,"type":115,"label":116,"file":68,"line":117},{"id":119,"type":120,"label":121,"file":68,"line":117},{"id":123,"type":124,"label":125,"file":93,"line":126,"wp_function":127},[140,141],{"from":114,"to":119,"sanitized":80},{"from":119,"to":123,"sanitized":80},{"summary":143,"deductions":144},"The \"travel-rates-based-on-geo-location\" v1.0 plugin exhibits a concerning security posture, primarily due to significant gaps in authentication and output sanitization. While the plugin demonstrates good practice by using prepared statements for all SQL queries, this is overshadowed by critical vulnerabilities identified in the taint analysis. The presence of two high-severity taint flows with unsanitized paths indicates a strong possibility of injection vulnerabilities, allowing attackers to potentially manipulate data or execute arbitrary code. Furthermore, the lack of any nonce checks or capability checks on its AJAX handlers, coupled with 100% of its total outputs being unescaped, creates a direct path for Cross-Site Scripting (XSS) and other injection attacks. The plugin's vulnerability history is clean, which might suggest it has not been heavily targeted or reviewed previously, but this does not negate the immediate risks presented by the current code. In conclusion, despite the absence of known CVEs and the proper use of prepared SQL statements, the plugin's unprotected entry points, unescaped outputs, and critical taint flows present a substantial security risk that requires immediate attention.",[145,147,150,153,156],{"reason":146,"points":11},"Unprotected AJAX handlers",{"reason":148,"points":149},"High severity taint flows with unsanitized paths",12,{"reason":151,"points":152},"Unescaped output",6,{"reason":154,"points":155},"Missing nonce checks",8,{"reason":157,"points":158},"Missing capability checks",7,"2026-03-16T23:33:05.968Z",{"wat":161,"direct":167},{"assetPaths":162,"generatorPatterns":164,"scriptPaths":165,"versionParams":166},[163],"\u002Fwp-content\u002Fplugins\u002Ftravel-rates-based-on-geo-location\u002Fjs\u002Fajax.js",[],[],[],{"cssClasses":168,"htmlComments":173,"htmlAttributes":174,"restEndpoints":179,"jsGlobals":181,"shortcodeOutput":183},[169,170,171,172],"calc_container","rate_calculator","source_address","destination_address",[],[175,176,177,178],"data-calc_response_code","data-total_distance","data-rate_per_km","data-total_amount",[180],"\u002Fwp-json\u002Ftravel-rates-based-on-geo-location\u002Fv1\u002Fcalculate",[182],"RateCalc",[184],"\u003Cdiv class=\"calc_container\" id=\"calc_container\">\n\u003Cform name=\"rate_calculator\" id=\"rate_calculator\" method=\"post\" action=\"\">\n\u003Ctable class=\"rate_calculator\">\n\u003Ctr>\u003Ctd>Source Address\u003C\u002Ftd>\u003Ctd>\u003Cinput type=\"text\" name=\"source_address\" id=\"source_address\" class=\"source_address\"\u002F>\u003C\u002Ftd>\u003C\u002Ftr>\n\u003Ctr>\u003Ctd>Destination Address\u003C\u002Ftd>\u003Ctd>\u003Cinput type=\"text\" name=\"destination_address\" id=\"destination_address\" class=\"destination_address\"\u002F>\u003C\u002Ftd>\u003C\u002Ftr>\n\u003Ctr>\u003Ctd colspan=\"2\">\u003Cinput type=\"button\" name=\"calculate_rates\" value=\"Calculate Pricing\" onclick=\"get_distance_and_rates();\"\u002F>\u003C\u002Ftd>\u003C\u002Ftr>\n\u003C\u002Ftable>\n\u003C\u002Fform>\n\u003C\u002Fdiv>",{"error":78,"url":186,"statusCode":187,"statusMessage":188,"message":188},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Ftravel-rates-based-on-geo-location\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":100,"versions":190},[191,197,203,209,216],{"version":192,"download_url":22,"svn_tag_url":193,"released_at":24,"has_diff":80,"diff_files_changed":194,"diff_lines":24,"trac_diff_url":195,"vulnerabilities":196,"is_current":80},"1.0.1","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ftravel-rates-based-on-geo-location\u002Ftags\u002F1.0.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Ftravel-rates-based-on-geo-location%2Ftags%2Fcommon.php&new_path=%2Ftravel-rates-based-on-geo-location%2Ftags%2F1.0.1",[],{"version":93,"download_url":198,"svn_tag_url":199,"released_at":24,"has_diff":80,"diff_files_changed":200,"diff_lines":24,"trac_diff_url":201,"vulnerabilities":202,"is_current":80},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftravel-rates-based-on-geo-location.common.php.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ftravel-rates-based-on-geo-location\u002Ftags\u002Fcommon.php\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Ftravel-rates-based-on-geo-location%2Ftags%2Fgeo-ip.php&new_path=%2Ftravel-rates-based-on-geo-location%2Ftags%2Fcommon.php",[],{"version":68,"download_url":204,"svn_tag_url":205,"released_at":24,"has_diff":80,"diff_files_changed":206,"diff_lines":24,"trac_diff_url":207,"vulnerabilities":208,"is_current":80},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftravel-rates-based-on-geo-location.geo-ip.php.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ftravel-rates-based-on-geo-location\u002Ftags\u002Fgeo-ip.php\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Ftravel-rates-based-on-geo-location%2Ftags%2Fjs&new_path=%2Ftravel-rates-based-on-geo-location%2Ftags%2Fgeo-ip.php",[],{"version":210,"download_url":211,"svn_tag_url":212,"released_at":24,"has_diff":80,"diff_files_changed":213,"diff_lines":24,"trac_diff_url":214,"vulnerabilities":215,"is_current":80},"js","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftravel-rates-based-on-geo-location.js.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ftravel-rates-based-on-geo-location\u002Ftags\u002Fjs\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Ftravel-rates-based-on-geo-location%2Ftags%2Freadme.txt&new_path=%2Ftravel-rates-based-on-geo-location%2Ftags%2Fjs",[],{"version":217,"download_url":218,"svn_tag_url":219,"released_at":24,"has_diff":80,"diff_files_changed":220,"diff_lines":24,"trac_diff_url":24,"vulnerabilities":221,"is_current":80},"readme.txt","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftravel-rates-based-on-geo-location.readme.txt.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ftravel-rates-based-on-geo-location\u002Ftags\u002Freadme.txt\u002F",[],[]]