[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fiYOIdYhC4oWGEofTRcon3FZmksuQcBbdYA6m-6SktZE":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":38,"analysis":139,"fingerprints":623},"vandar-gravityform","Vandar.io Gravityform","2.1.1","Vandar","https:\u002F\u002Fprofiles.wordpress.org\u002Fvandarpay\u002F","\u003Cp>\u003Cstrong>Vandar.io for GravityForm\u003C\u002Fstrong> افزونه اتصال گرویتی فرم به درگاه پرداخت متصل به شبکه بانکی کشور – درگاه پرداخت وندار – Vandar.io\u003C\u002Fp>\n\u003Ch4>امکانات\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>پنل تنظیمات ساده\u003C\u002Fli>\n\u003Cli>تنظیم پیام دلخواه در هنگام پرداخت موفقیت آمیز ، انصراف از پرداخت و یا لغو پرداخت\u003C\u002Fli>\n\u003Cli>نمایش خطاهای فرایند پرداخت\u003C\u002Fli>\n\u003C\u002Ful>\n","پرداخت اینترنتی وجه به وسیله درگاه پرداخت واسط وندار",10,2002,0,"2023-08-10T15:33:00.000Z","6.3.0","4.5","",[19,20,21,22,23],"gravityform","pay","%d9%88%d9%86%d8%af%d8%a7%d8%b1-%d8%8c-%da%af%d8%b1%d9%88%db%8c%d8%aa%db%8c-%d9%81%d8%b1%d9%85-%d9%88%d9%86%d8%af%d8%a7%d8%b1-%d8%8c%da%af%d8%b1%d9%88%db%8c%d8%aa%db%8c-%d9%81%d8%b1%d9%85","vandar","vandar-pay","https:\u002F\u002Fvandar.io\u002Fplugins","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvandar-gravityform.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":34,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"vandarpay",4,120,89,30,86,"2026-04-04T11:45:31.027Z",[39,63,84,102,122],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":49,"num_ratings":50,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":17,"tags":54,"homepage":60,"download_link":61,"security_score":62,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"razorpay-gravity-forms","Razorpay for Gravity Forms","1.3.7","Razorpay","https:\u002F\u002Fprofiles.wordpress.org\u002Frazorpay\u002F","\u003Cp>This is the official Razorpay payment gateway plugin for Gravity Forms. Allows you to accept credit cards, debit cards, netbanking and wallets with the gravity forms plugin. It uses a seamles integration, allowing the customer to pay on your website without being redirected away from your website.\u003C\u002Fp>\n\u003Cp>This is compatible with version greater than 1.9.3 gravity forms.\u003C\u002Fp>\n\u003Ch3>Dependencies\u003C\u002Fh3>\n\u003Col>\n\u003Cli>WordPress v3.9.2 and later\u003C\u002Fli>\n\u003Cli>Gravity Forms v1.9.3 and later\u003C\u002Fli>\n\u003Cli>PHP v7.3 and later\u003C\u002Fli>\n\u003Cli>php-curl\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Configuration\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Visit the Gravity Forms settings page, and click on the Razorpay tab.\u003C\u002Fli>\n\u003Cli>Add in your Key Id and Key Secret.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>Visit \u003Ca href=\"https:\u002F\u002Frazorpay.com\" rel=\"nofollow ugc\">razorpay.com\u003C\u002Fa> for support requests or email us at \u003Ca href=\"mailto:integrations@razorpay.com\" rel=\"nofollow ugc\">integrations@razorpay.com\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>The Razorpay Gravity Forms plugin is released under the GPLv2 license, same as that\u003Cbr \u002F>\nof WordPress. See the LICENSE file for the complete LICENSE text.\u003C\u002Fp>\n","Allows you to use Razorpay payment gateway with the gravity forms plugin.",600,13642,20,2,"2025-01-23T12:22:00.000Z","6.1.10","3.9.2",[55,56,57,58,59],"ecommerce","gravityforms","india","payments","razorpay","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Frazorpay-gravity-forms","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frazorpay-gravity-forms.1.3.7.zip",92,{"slug":64,"name":65,"version":66,"author":67,"author_profile":68,"description":69,"short_description":70,"active_installs":47,"downloaded":71,"rating":72,"num_ratings":73,"last_updated":74,"tested_up_to":75,"requires_at_least":16,"requires_php":76,"tags":77,"homepage":82,"download_link":83,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"zibal-payment-gateway-for-gravity-forms","Zibal Payment Gateway for Gravity Forms","1.0.0","Mohammad Zamanzadeh","https:\u002F\u002Fprofiles.wordpress.org\u002Fmzamanzadah\u002F","\u003Cp>افزونه Zibal Payment Gateway for Gravity Forms امکان فروش اینترنتی و آنلاین از طریق درگاه پرداخت زیبال به افزونه گرویتی فرم اضافه می کند.\u003C\u002Fp>\n","با نصب این پلاگین می توانید از خدمات درگاه پرداخت واسط و مستقیم و یا اختصاصی زیبال برروی افزونه گرویتی فرم استفاده کنید!",5545,100,1,"2022-06-20T09:48:00.000Z","6.0.11","5.4",[78,56,79,80,81],"gateway","payment","zibal","%d8%b2%db%8c%d8%a8%d8%a7%d9%84","http:\u002F\u002Fzibal.ir\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fzibal-payment-gateway-for-gravity-forms.zip",{"slug":85,"name":86,"version":87,"author":88,"author_profile":89,"description":90,"short_description":91,"active_installs":92,"downloaded":93,"rating":94,"num_ratings":50,"last_updated":95,"tested_up_to":96,"requires_at_least":97,"requires_php":17,"tags":98,"homepage":100,"download_link":101,"security_score":72,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"paystack-add-on-for-gravity-forms","Paystack Add-On for Gravity Forms","2.0.6","paystack","https:\u002F\u002Fprofiles.wordpress.org\u002Fpaystack\u002F","\u003Cp>The Paystack Addon for Gravity Forms allows you to quickly and easily implement credit card payments with WordPress. With the Paystack Add-On you can capture one time credit card payments or setup recurring payment subscriptions.\u003C\u002Fp>\n","The Paystack Addon for Gravity Forms allows you to quickly and easily implement credit card payments with WordPress. With the Paystack Add-On you can  &hellip;",400,8400,60,"2025-07-23T21:13:00.000Z","6.8.5","5.1",[56,58,99],"subscriptions","https:\u002F\u002Fpaystack.com\u002Fdocs\u002Flibraries-and-plugins\u002Fplugins#wordpress","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpaystack-add-on-for-gravity-forms.2.0.7.zip",{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":110,"downloaded":111,"rating":72,"num_ratings":112,"last_updated":113,"tested_up_to":96,"requires_at_least":114,"requires_php":115,"tags":116,"homepage":120,"download_link":121,"security_score":72,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"pronamic-pay-with-mollie-for-gravity-forms","Pronamic Pay with Mollie for Gravity Forms","1.11.0","Pronamic","https:\u002F\u002Fprofiles.wordpress.org\u002Fpronamic\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.pronamicpay.com\u002F\" rel=\"nofollow ugc\">Pronamic Pay\u003C\u002Fa> · \u003Ca href=\"https:\u002F\u002Fwww.pronamic.eu\u002F\" rel=\"nofollow ugc\">Pronamic\u003C\u002Fa> · \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fpronamic\u002Fwp-pronamic-pay-with-mollie-for-gravity-forms\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>The installation is as easy as creating a form. Just add your form fields, choose a payment amount and add a list of the available payment methods from Mollie. You can choose which payment methods you want to embed in your form.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FpZk1EFN8vv8?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cp>This plugin is developed from the idea that online payments should be easy. Some of the features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Easy install\u003C\u002Fli>\n\u003Cli>Support for most major payment methods\u003C\u002Fli>\n\u003Cli>Payment status pages\u003C\u002Fli>\n\u003Cli>Automatic payment status updates via Mollie webhooks and the WordPress REST API\u003C\u002Fli>\n\u003Cli>High quality support\u003C\u002Fli>\n\u003Cli>Built by Pronamic\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Recurring payments\u003C\u002Fh3>\n\u003Cp>Pronamic Pay with Mollie for Gravity Forms supports recurring payments. Set your custom schedule like, a week, month or year to receive automatic payments. If you want to sell subscriptions or receive recurring donations this could be the great solution for you. You can also set subscription renewal notification for the recurring payments, which will be send one week before the next payment.\u003C\u002Fp>\n\u003Ch3>Pronamic Pay Premium\u003C\u002Fh3>\n\u003Cp>With a Pronamic Pay Premium license, you get access to exceptional support and a range of exclusive benefits that take your payment experience to the next level.\u003C\u002Fp>\n\u003Ch4>Premium support\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Fast and expert help\u003C\u002Fstrong> from our team of specialists.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Priority treatment\u003C\u002Fstrong> for your support tickets.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Premium add-ons\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Pronamic Pay Fundraising Add-On\u003C\u002Fstrong>\u003Cbr \u002F>\nEasily create online fundraising and crowdfunding campaigns.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Pronamic Pay Notification Add-On\u003C\u002Fstrong>\u003Cbr \u002F>\nSet up extensive notifications for payers and administrators.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Pronamic Pay WP All Export Add-On\u003C\u002Fstrong>\u003Cbr \u002F>\nExport all your payment data with a few clicks.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>And much more!\u003C\u002Fp>\n\u003Cp>Discover all the benefits of Pronamic Pay Premium at \u003Ca href=\"https:\u002F\u002Fwww.pronamicpay.com\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.pronamicpay.com\u002F\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Upgrade to Pronamic Pay Premium now and take advantage of all the benefits!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>Links\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.pronamicpay.com\u002Fconnections\u002Fmollie-for-gravity-forms\u002F\" rel=\"nofollow ugc\">Pronamic Pay with Mollie for Gravity Forms\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.pronamicpay.com\u002Fmanual-category\u002Fmollie\u002F\" rel=\"nofollow ugc\">Pronamic Pay manuals for Mollie\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.pronamicpay.com\u002Fmanual-category\u002Fgravity-forms\u002F\" rel=\"nofollow ugc\">Pronamic Pay manuals for Gravity Forms\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.pronamic.eu\u002F\" rel=\"nofollow ugc\">Pronamic\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Connect Mollie to Gravity Forms with Pronamic Pay. This free plugin is all that you need to start selling with Gravity Forms.",300,6399,3,"2026-01-27T11:05:00.000Z","5.9","8.2",[117,56,118,20,119],"gravity","mollie","pronamic","https:\u002F\u002Fwww.pronamic.eu\u002Fplugins\u002Fpronamic-pay-with-mollie-for-gravity-forms\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpronamic-pay-with-mollie-for-gravity-forms.1.11.0.zip",{"slug":123,"name":124,"version":125,"author":126,"author_profile":127,"description":128,"short_description":129,"active_installs":72,"downloaded":130,"rating":72,"num_ratings":73,"last_updated":131,"tested_up_to":132,"requires_at_least":53,"requires_php":133,"tags":134,"homepage":137,"download_link":138,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"cashfree-gravity-forms","Cashfree Gravity Forms","1.3.0","Cashfree","https:\u002F\u002Fprofiles.wordpress.org\u002Fdevcashfree\u002F","\u003Cp>Cashfree Payments is an Indian payment aggregator helping you cater to all your customers’ payment needs. Cashfree Payments seamlessly integrates with Gravity Forms to let you accept payments for your Indian business on your WordPress website. With a Cashfree Payments hosted checkout and an intuitive dashboard you can be up and running in no time.\u003C\u002Fp>\n\u003Cp>This is compatible with version greater than 1.9.3 gravity forms.\u003C\u002Fp>\n\u003Ch3>Dependencies\u003C\u002Fh3>\n\u003Col>\n\u003Cli>WordPress v3.9.2 and later\u003C\u002Fli>\n\u003Cli>Gravity Forms v1.9.3 and later\u003C\u002Fli>\n\u003Cli>PHP v5.6.0 and later\u003C\u002Fli>\n\u003Cli>php-curl\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Configuration\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Visit the Gravity Forms settings page, and click on the Cashfree tab.\u003C\u002Fli>\n\u003Cli>Add in your App ID and Secret Key.\u003C\u002Fli>\n\u003Cli>Add a form using gravity form and add fields to the form and save it.\u003C\u002Fli>\n\u003Cli>Click on setting of that form and click on Cashfree.\u003C\u002Fli>\n\u003Cli>Add a Cashfree feed to support Cashfree payment to the particular form.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>Visit \u003Ca href=\"https:\u002F\u002Fcashfree.com\" rel=\"nofollow ugc\">cashfree.com\u003C\u002Fa> for support requests or email us at \u003Ca href=\"mailto:techsupport@cashfree.com\" rel=\"nofollow ugc\">techsupport@cashfree.com\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>The Cashfree Gravity Forms plugin is released under the GPLv2 license, same as that\u003Cbr \u002F>\nof WordPress. See the LICENSE file for the complete LICENSE text.\u003C\u002Fp>\n","Allows you to use Cashfree payment gateway with the gravity forms plugin.",4309,"2024-03-01T10:32:00.000Z","6.4.8","7.0",[135,136,56],"cashfree-payments","e-commerce","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcashfree-gravity-forms","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcashfree-gravity-forms.1.3.0.zip",{"attackSurface":140,"codeSignals":217,"taintFlows":570,"riskAssessment":613,"analyzedAt":622},{"hooks":141,"ajaxHandlers":207,"restRoutes":214,"shortcodes":215,"cronEvents":216,"entryPointCount":73,"unprotectedCount":13},[142,147,151,153,157,161,165,169,173,177,181,185,189,194,199,203],{"type":143,"name":144,"callback":144,"file":145,"line":146},"action","init","vandar.php",6,{"type":143,"name":148,"callback":149,"file":145,"line":150},"admin_notices","admin_notice_persian_gf",24,{"type":143,"name":148,"callback":152,"file":145,"line":35},"admin_notice_gf_support",{"type":154,"name":155,"callback":155,"file":145,"line":156},"filter","members_get_capabilities",35,{"type":154,"name":158,"callback":159,"file":145,"line":160},"gform_tooltips","tooltips",39,{"type":154,"name":162,"callback":163,"file":145,"line":164},"gform_addon_navigation","menu",40,{"type":143,"name":166,"callback":167,"priority":32,"file":145,"line":168},"gform_entry_info","payment_entry_detail",41,{"type":143,"name":170,"callback":171,"priority":32,"file":145,"line":172},"gform_after_update_entry","update_payment_entry",42,{"type":154,"name":174,"callback":175,"priority":11,"file":145,"line":176},"gform_form_settings_menu","toolbar",45,{"type":143,"name":178,"callback":179,"file":145,"line":180},"gform_form_settings_page_vandar","feed_page",46,{"type":154,"name":182,"callback":183,"priority":11,"file":145,"line":184},"gform_disable_post_creation","delay_posts",67,{"type":154,"name":186,"callback":187,"priority":11,"file":145,"line":188},"gform_is_delayed_pre_process_feed","delay_addons",68,{"type":154,"name":190,"callback":191,"priority":192,"file":145,"line":193},"gform_confirmation","Request",1000,70,{"type":143,"name":195,"callback":196,"priority":197,"file":145,"line":198},"wp","Verify",5,71,{"type":154,"name":200,"callback":201,"file":145,"line":202},"gform_logging_supported","set_logging_supported",74,{"type":154,"name":204,"callback":205,"priority":50,"file":145,"line":206},"gf_payment_gateways","gravityformsvandar",77,[208],{"action":209,"nopriv":210,"callback":211,"hasNonce":212,"hasCapCheck":210,"file":145,"line":213},"gf_vandar_update_feed_active",false,"update_feed_active",true,64,[],[],[],{"dangerousFunctions":218,"sqlUsage":219,"outputEscaping":289,"fileOperations":13,"externalRequests":50,"nonceChecks":568,"capabilityChecks":13,"bundledLibraries":569},[],{"prepared":220,"raw":221,"locations":222},16,31,[223,227,229,231,233,235,237,239,241,243,245,247,249,251,253,255,257,259,261,263,265,267,269,271,273,275,277,279,281,285,288],{"file":224,"line":225,"context":226},"chart.php",758,"$wpdb->get_results() with variable interpolation",{"file":224,"line":228,"context":226},769,{"file":224,"line":230,"context":226},780,{"file":224,"line":232,"context":226},791,{"file":224,"line":234,"context":226},906,{"file":224,"line":236,"context":226},917,{"file":224,"line":238,"context":226},929,{"file":224,"line":240,"context":226},940,{"file":224,"line":242,"context":226},1113,{"file":224,"line":244,"context":226},1124,{"file":224,"line":246,"context":226},1135,{"file":224,"line":248,"context":226},1146,{"file":224,"line":250,"context":226},1358,{"file":224,"line":252,"context":226},1369,{"file":224,"line":254,"context":226},1380,{"file":224,"line":256,"context":226},1391,{"file":224,"line":258,"context":226},1507,{"file":224,"line":260,"context":226},1517,{"file":224,"line":262,"context":226},1528,{"file":224,"line":264,"context":226},1539,{"file":224,"line":266,"context":226},1648,{"file":224,"line":268,"context":226},1659,{"file":224,"line":270,"context":226},1670,{"file":224,"line":272,"context":226},1681,{"file":224,"line":274,"context":226},1834,{"file":224,"line":276,"context":226},1845,{"file":224,"line":278,"context":226},1856,{"file":224,"line":280,"context":226},1867,{"file":282,"line":283,"context":284},"database.php",17,"$wpdb->get_var() with variable interpolation",{"file":282,"line":286,"context":287},18,"$wpdb->query() with variable interpolation",{"file":282,"line":94,"context":287},{"escaped":290,"rawEcho":291,"locations":292},61,146,[293,295,297,299,301,303,305,307,309,311,313,315,317,319,321,323,325,327,329,331,333,335,337,339,341,343,345,347,349,351,353,355,356,358,360,362,364,366,368,370,372,374,376,378,380,382,384,386,388,390,392,394,396,398,400,402,404,406,408,410,412,414,416,418,420,422,424,426,427,429,430,432,434,435,437,438,440,442,443,445,446,448,450,451,453,454,456,458,460,461,462,464,466,468,470,472,474,476,478,479,481,483,485,487,489,491,493,495,497,499,500,502,504,506,508,510,512,514,516,518,520,522,524,526,528,530,532,534,536,537,538,540,542,544,546,548,550,552,554,556,558,560,561,563,565,566],{"file":224,"line":33,"context":294},"raw output",{"file":224,"line":296,"context":294},135,{"file":224,"line":298,"context":294},139,{"file":224,"line":300,"context":294},143,{"file":224,"line":302,"context":294},147,{"file":224,"line":304,"context":294},151,{"file":224,"line":306,"context":294},155,{"file":224,"line":308,"context":294},158,{"file":224,"line":310,"context":294},161,{"file":224,"line":312,"context":294},165,{"file":224,"line":314,"context":294},169,{"file":224,"line":316,"context":294},173,{"file":224,"line":318,"context":294},177,{"file":224,"line":320,"context":294},181,{"file":224,"line":322,"context":294},184,{"file":224,"line":324,"context":294},187,{"file":224,"line":326,"context":294},190,{"file":224,"line":328,"context":294},193,{"file":224,"line":330,"context":294},197,{"file":224,"line":332,"context":294},344,{"file":224,"line":334,"context":294},366,{"file":224,"line":336,"context":294},370,{"file":224,"line":338,"context":294},371,{"file":224,"line":340,"context":294},375,{"file":224,"line":342,"context":294},376,{"file":224,"line":344,"context":294},380,{"file":224,"line":346,"context":294},381,{"file":224,"line":348,"context":294},385,{"file":224,"line":350,"context":294},386,{"file":224,"line":352,"context":294},390,{"file":224,"line":354,"context":294},391,{"file":224,"line":92,"context":294},{"file":224,"line":357,"context":294},424,{"file":224,"line":359,"context":294},428,{"file":224,"line":361,"context":294},430,{"file":224,"line":363,"context":294},434,{"file":224,"line":365,"context":294},436,{"file":224,"line":367,"context":294},440,{"file":224,"line":369,"context":294},441,{"file":224,"line":371,"context":294},445,{"file":224,"line":373,"context":294},447,{"file":224,"line":375,"context":294},451,{"file":224,"line":377,"context":294},453,{"file":224,"line":379,"context":294},482,{"file":224,"line":381,"context":294},486,{"file":224,"line":383,"context":294},488,{"file":224,"line":385,"context":294},492,{"file":224,"line":387,"context":294},494,{"file":224,"line":389,"context":294},498,{"file":224,"line":391,"context":294},499,{"file":224,"line":393,"context":294},503,{"file":224,"line":395,"context":294},505,{"file":224,"line":397,"context":294},509,{"file":224,"line":399,"context":294},511,{"file":224,"line":401,"context":294},539,{"file":224,"line":403,"context":294},543,{"file":224,"line":405,"context":294},545,{"file":224,"line":407,"context":294},549,{"file":224,"line":409,"context":294},550,{"file":224,"line":411,"context":294},553,{"file":224,"line":413,"context":294},554,{"file":224,"line":415,"context":294},558,{"file":224,"line":417,"context":294},560,{"file":224,"line":419,"context":294},564,{"file":224,"line":421,"context":294},565,{"file":224,"line":423,"context":294},590,{"file":224,"line":425,"context":294},591,{"file":224,"line":425,"context":294},{"file":224,"line":428,"context":294},593,{"file":224,"line":428,"context":294},{"file":224,"line":431,"context":294},603,{"file":224,"line":433,"context":294},604,{"file":224,"line":433,"context":294},{"file":224,"line":436,"context":294},606,{"file":224,"line":436,"context":294},{"file":224,"line":439,"context":294},616,{"file":224,"line":441,"context":294},617,{"file":224,"line":441,"context":294},{"file":224,"line":444,"context":294},619,{"file":224,"line":444,"context":294},{"file":224,"line":447,"context":294},629,{"file":224,"line":449,"context":294},630,{"file":224,"line":449,"context":294},{"file":224,"line":452,"context":294},632,{"file":224,"line":452,"context":294},{"file":224,"line":455,"context":294},663,{"file":145,"line":457,"context":294},484,{"file":145,"line":459,"context":294},533,{"file":145,"line":403,"context":294},{"file":145,"line":407,"context":294},{"file":145,"line":463,"context":294},551,{"file":145,"line":465,"context":294},556,{"file":145,"line":467,"context":294},561,{"file":145,"line":469,"context":294},570,{"file":145,"line":471,"context":294},571,{"file":145,"line":473,"context":294},576,{"file":145,"line":475,"context":294},581,{"file":145,"line":477,"context":294},586,{"file":145,"line":425,"context":294},{"file":145,"line":480,"context":294},596,{"file":145,"line":482,"context":294},621,{"file":145,"line":484,"context":294},623,{"file":145,"line":486,"context":294},656,{"file":145,"line":488,"context":294},875,{"file":145,"line":490,"context":294},876,{"file":145,"line":492,"context":294},877,{"file":145,"line":494,"context":294},878,{"file":145,"line":496,"context":294},879,{"file":145,"line":498,"context":294},922,{"file":145,"line":238,"context":294},{"file":145,"line":501,"context":294},934,{"file":145,"line":503,"context":294},939,{"file":145,"line":505,"context":294},946,{"file":145,"line":507,"context":294},1069,{"file":145,"line":509,"context":294},1095,{"file":145,"line":511,"context":294},1097,{"file":145,"line":513,"context":294},1099,{"file":145,"line":515,"context":294},1103,{"file":145,"line":517,"context":294},1106,{"file":145,"line":519,"context":294},1162,{"file":145,"line":521,"context":294},1197,{"file":145,"line":523,"context":294},1279,{"file":145,"line":525,"context":294},1281,{"file":145,"line":527,"context":294},1335,{"file":145,"line":529,"context":294},1340,{"file":145,"line":531,"context":294},1357,{"file":145,"line":533,"context":294},1370,{"file":145,"line":535,"context":294},1383,{"file":145,"line":535,"context":294},{"file":145,"line":535,"context":294},{"file":145,"line":539,"context":294},1457,{"file":145,"line":541,"context":294},1475,{"file":145,"line":543,"context":294},1623,{"file":145,"line":545,"context":294},1690,{"file":145,"line":547,"context":294},1693,{"file":145,"line":549,"context":294},1694,{"file":145,"line":551,"context":294},1699,{"file":145,"line":553,"context":294},1700,{"file":145,"line":555,"context":294},1712,{"file":145,"line":557,"context":294},1729,{"file":145,"line":559,"context":294},1855,{"file":145,"line":278,"context":294},{"file":145,"line":562,"context":294},1857,{"file":145,"line":564,"context":294},1858,{"file":145,"line":564,"context":294},{"file":145,"line":567,"context":294},1905,8,[],[571,588,600],{"entryPoint":572,"graph":573,"unsanitizedCount":13,"severity":587},"settings_page (vandar.php:1058)",{"nodes":574,"edges":585},[575,580],{"id":576,"type":577,"label":578,"file":145,"line":579},"n0","source","$_POST['gf_vandar_configured']",1082,{"id":581,"type":582,"label":583,"file":145,"line":579,"wp_function":584},"n1","sink","update_option() [Settings Manipulation]","update_option",[586],{"from":576,"to":581,"sanitized":212},"low",{"entryPoint":589,"graph":590,"unsanitizedCount":13,"severity":587},"config_page (vandar.php:1239)",{"nodes":591,"edges":598},[592,595],{"id":576,"type":577,"label":593,"file":145,"line":594},"$_GET",1353,{"id":581,"type":582,"label":596,"file":145,"line":539,"wp_function":597},"echo() [XSS]","echo",[599],{"from":576,"to":581,"sanitized":212},{"entryPoint":601,"graph":602,"unsanitizedCount":13,"severity":587},"\u003Cvandar> (vandar.php:0)",{"nodes":603,"edges":610},[604,605,606,608],{"id":576,"type":577,"label":578,"file":145,"line":579},{"id":581,"type":582,"label":583,"file":145,"line":579,"wp_function":584},{"id":607,"type":577,"label":593,"file":145,"line":594},"n2",{"id":609,"type":582,"label":596,"file":145,"line":539,"wp_function":597},"n3",[611,612],{"from":576,"to":581,"sanitized":212},{"from":607,"to":609,"sanitized":212},{"summary":614,"deductions":615},"The vandar-gravityform plugin v2.1.1 exhibits a generally positive security posture based on the provided static analysis and vulnerability history. The plugin has no known vulnerabilities or CVEs, which is a strong indicator of good development practices and diligent security auditing.  The attack surface is also minimal, with only one AJAX handler, and importantly, it has no unprotected entry points. The absence of critical or high severity taint flows further reinforces the idea that sensitive data is likely being handled with appropriate safeguards.  However, there are areas for improvement. A significant concern is the relatively low percentage of SQL queries using prepared statements (34%) and output escaping (29%). This suggests a potential for SQL injection and cross-site scripting (XSS) vulnerabilities, respectively, especially in the numerous SQL queries and output operations present. The presence of capability checks (0) is also notable; while there are no unprotected entry points, robust capability checks on AJAX handlers could further harden the plugin against privilege escalation or unauthorized access attempts.\n\nIn conclusion, the plugin's lack of historical vulnerabilities and a small, protected attack surface are commendable strengths. Nevertheless, the static analysis reveals clear areas of concern regarding data sanitization and validation, particularly for SQL queries and output. Addressing these would significantly enhance the plugin's security, moving it from a \"good\" to an \"excellent\" security standing.",[616,618,620],{"reason":617,"points":568},"Low percentage of SQL queries using prepared statements",{"reason":619,"points":146},"Low percentage of properly escaped output",{"reason":621,"points":197},"No capability checks on AJAX handlers","2026-03-16T23:45:43.383Z",{"wat":624,"direct":637},{"assetPaths":625,"generatorPatterns":630,"scriptPaths":631,"versionParams":632},[626,627,628,629],"\u002Fwp-content\u002Fplugins\u002Fvandar-gravityform\u002Fassets\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Fvandar-gravityform\u002Fassets\u002Fcss\u002Fvandar.css","\u002Fwp-content\u002Fplugins\u002Fvandar-gravityform\u002Fassets\u002Fjs\u002Fshamsi_chart.js","\u002Fwp-content\u002Fplugins\u002Fvandar-gravityform\u002Fassets\u002Fjs\u002Fvandar.js",[],[628,629],[633,634,635,636],"vandar-gravityform\u002Fassets\u002Fcss\u002Fadmin.css?ver=","vandar-gravityform\u002Fassets\u002Fcss\u002Fvandar.css?ver=","vandar-gravityform\u002Fassets\u002Fjs\u002Fshamsi_chart.js?ver=","vandar-gravityform\u002Fassets\u002Fjs\u002Fvandar.js?ver=",{"cssClasses":638,"htmlComments":649,"htmlAttributes":651,"restEndpoints":653,"jsGlobals":654,"shortcodeOutput":657},[639,640,641,642,643,644,645,646,647,648],"vandar_graph_container","vandar_message_container","vandar_summary_container","vandar_summary_item","vandar_summary_value","vandar_summary_title","tooltipbox_blue","tooltipbox_green","tooltipbox_orang","tooltipbox_red",[650],"\u003C!-- ------------------------GravityForms.IR------------------------- -->",[652],"gf_vandar_chart",[],[655,656],"GFPersian_payments","rgget",[]]