[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fo9YEQoEPZY_4hEskvcR0pg681K6OP_m8UlUjn8OMFOA":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":14,"tags":17,"homepage":23,"download_link":24,"security_score":11,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":36,"analysis":127,"fingerprints":186},"vandar-woocommerce-gateway","Vandar.io Woocommerce Gateway","3.0.1","Vandar","https:\u002F\u002Fprofiles.wordpress.org\u002Fvandarpay\u002F","\u003Cp>\u003Cstrong>Woocommerce Vandar.io Gateway\u003C\u002Fstrong> افزونه اتصال فروشگاه ووکامرسی به درگاه پرداخت متصل به شبکه بانکی کشور – درگاه پرداخت وندار – Vandar.io\u003C\u002Fp>\n\u003Ch4>امکانات\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>پنل تنظیمات ساده\u003C\u002Fli>\n\u003Cli>تنظیم پیام دلخواه در هنگام پرداخت موفقیت آمیز ، انصراف از پرداخت و یا لغو پرداخت\u003C\u002Fli>\n\u003Cli>نمایش خطاهای فرایند پرداخت\u003C\u002Fli>\n\u003C\u002Ful>\n","پرداخت اینترنتی وجه به وسیله درگاه پرداخت واسط وندار",100,5082,0,"","6.3.0","4.5",[18,19,20,21,22],"%d9%88%d9%86%d8%af%d8%a7%d8%b1","vandar","%d8%af%d8%b1%da%af%d8%a7%d9%87","%d8%af%d8%b1%da%af%d8%a7%d9%87-%d9%88%d9%86%d8%af%d8%a7%d8%b1","%d8%af%d8%b1%da%af%d8%a7%d9%87-%d9%be%d8%b1%d8%af%d8%a7%d8%ae%d8%aa-%d9%88%d9%86%d8%af%d8%a7%d8%b1","https:\u002F\u002Fvandar.io","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvandar-woocommerce-gateway.zip",null,"2026-03-15T10:48:56.248Z",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":32,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"vandarpay",4,120,89,30,86,"2026-04-04T14:46:06.487Z",[37,61,75,89,102],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":13,"num_ratings":13,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":50,"tags":51,"homepage":57,"download_link":58,"security_score":59,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":60},"rahrayan-wp-sms","Rahrayan WP SMS PLUGIN","0.5.1","rahrayan","https:\u002F\u002Fprofiles.wordpress.org\u002Frahrayan\u002F","\u003Cp>پلاگینی که پیش رو دارید  توسط شرکت مهندسی ره رایان برای سیستم وردپرس و افزونه ووکامرس نوشته شده است و به شما اجازه می‌دهد پنل پیامک را به وب سایت و فروشگاه اینترنتی خود متصل کنید.\u003Cbr \u002F>\nامکانات پلاگین وردپرس \u002F ووکامرس شرکت مهندسی ره رایان\u003Cbr \u002F>\nتنظیمات عمومی پلاگین\u003Cbr \u002F>\nافزودن شماره موبایل به اطلاعات دریافتی وردپرس و ووکامرس از کاربران هنگام ثبت نام\u003Cbr \u002F>\nافزودن  موبایل های مدیران سایت جهت انجام اطلاع رسانی های پیامکی\u003Cbr \u002F>\nقرار دادن امضا برای پیامک های ارسالی\u003Cbr \u002F>\nتنظیمات وب سرویس.\u003Cbr \u002F>\nانتخاب خط ارسال کننده\u003Cbr \u002F>\nمدیریت اطلاع رسانی ها\u003Cbr \u002F>\nارسال پیامک به اعضای خبرنامه\u003C\u002Fp>\n\u003Cp>ارسال پیامک به :\u003Cbr \u002F>\n1)مدیر هنگام ورود کاربر\u003Cbr \u002F>\n2)مدیر سایت هنگام عضویت کاربر در خبرنامه\u003Cbr \u002F>\n3)مدیر هنگام ثبت دیدگاه جدید\u003Cbr \u002F>\n4)مدیر و کاربران هنگام تکمیل یکی از فرم های افزونه فرم تماس\u003Cbr \u002F>\n5)مدیر هنگام ثبت سفارش\u003Cbr \u002F>\n6)کاربر هنگام ثبت سفارش\u003Cbr \u002F>\nخبرنامه و اشتراک پیامکی\u003Cbr \u002F>\nامکان شخصی سازی فرم عضویت در خبرنامه\u003Cbr \u002F>\nامکان استفاده از پارامترهای مختلف همچون نام و نام خانوادگی خریدار، وضعیت سفارش، آیتم‌های سفارش، مبلغ سفارش و شماره تراکنش هنگام ارسال اس ام اس\u003Cbr \u002F>\nگروه های دفترچه تلفن\u003Cbr \u002F>\nدفترچه تلفن\u003Cbr \u002F>\nفیلتر کاربران دفترچه تلفن بر اساس گروه\u003Cbr \u002F>\nامکان حذف گروهی کاربران\u003C\u002Fp>\n\u003Cp>آمار و گزارش\u003C\u002Fp>\n\u003Cp>The plug-in you have before is written by Ray Ryan Engineering Company for WordPress and WordPress Plugin and allows you to connect the SMS to your website and online store.\u003Cbr \u002F>\nWordPress Plugin \u002F WoKamers WordPress Plugin\u003Cbr \u002F>\nGeneral plugin settings\u003Cbr \u002F>\nAdd mobile number to the received WordPress and WoC templates from users when registering\u003Cbr \u002F>\nAdd mobile managers for SMS messaging\u003Cbr \u002F>\nInsert Signature for SMS\u003Cbr \u002F>\nWeb service settings.\u003Cbr \u002F>\nSelect the sender’s line\u003Cbr \u002F>\nManage Notifications\u003Cbr \u002F>\nSend SMS to members of the newsletter\u003C\u002Fp>\n\u003Cp>Send SMS to:\u003Cbr \u002F>\n1) Administrator when logging in\u003Cbr \u002F>\n2) Site Administrator when subscribing to a newsletter\u003Cbr \u002F>\n3) Administrator when registering a new view\u003Cbr \u002F>\n4) Administrator and users when completing one form of contact form plugin\u003Cbr \u002F>\n5) The manager when ordering\u003Cbr \u002F>\n6) User when ordering\u003Cbr \u002F>\nNewsletter and SMS subscription\u003Cbr \u002F>\nPossibility to customize the newsletter form\u003Cbr \u002F>\nUse of various parameters such as buyer’s name, order status, order items, order amount and transaction number when sending SMS.\u003Cbr \u002F>\nPhone book groups\u003Cbr \u002F>\nPhonebook\u003Cbr \u002F>\nPhonebook user profiles based on group\u003Cbr \u002F>\nAbility to delete group users\u003Cbr \u002F>\nStatistics and Reports\u003C\u002Fp>\n","این پلاگین توسط شرکت مهندسی ره رایان برای وردپرس و  ووکامرس نوشته شده و به شما اجازه می‌دهد پنل پیامک را به وب سایت و فروشگاه اینترنتی خود متصل کنید.",10,1457,"2019-05-12T10:10:00.000Z","4.8.28","4.0","5.4",[52,53,54,55,56],"%d9%be%d9%84%d8%a7%da%af%db%8c%d9%86-%d9%be%db%8c%d8%a7%d9%85%da%a9-%d9%88%d8%b1%d8%af%d9%be%d8%b1%d8%b3","%d8%a7%d9%81%d8%b2%d9%88%d9%86%d9%87-sms","%d8%a7%d9%81%d8%b2%d9%88%d9%86%d9%87-%db%8c-%d8%a7%d8%b1%d8%b3%d8%a7%d9%84-%d9%be%db%8c%d8%a7%d9%85%da%a9","%d8%a7%d9%81%d8%b2%d9%88%d8%af%d9%87-%d8%a7%d8%b1%d8%aa%d8%a8%d8%a7%d8%b7-%d8%a8%d8%a7-%da%a9%d8%a7%d8%b1%d8%a8%d8%b1","%d8%b1%d9%87-%d8%b1%d8%a7%db%8c%d8%a7%d9%86","https:\u002F\u002Frahco.ir","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frahrayan-wp-sms.zip",85,"2026-03-15T14:54:45.397Z",{"slug":62,"name":63,"version":64,"author":7,"author_profile":8,"description":65,"short_description":66,"active_installs":45,"downloaded":67,"rating":13,"num_ratings":13,"last_updated":68,"tested_up_to":15,"requires_at_least":14,"requires_php":14,"tags":69,"homepage":14,"download_link":73,"security_score":59,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":74},"vandar-for-restrict-content-pro","Vandar for Restrict Content Pro (RCP)","1.1.2","\u003Cp>After installing and enabling this plugin, you have the ability of selling membership via \u003Ca href=\"https:\u002F\u002Frestrictcontentpro.com\" rel=\"nofollow ugc\">Restrict Content Pro\u003C\u002Fa> Payment gateway.\u003C\u002Fp>\n\u003Cp>You can obtain an API Key by going to your \u003Ca href=\"https:\u002F\u002Fvandar.io\u002Fdashboard\u002Fweb-services\" rel=\"nofollow ugc\">dashboard\u003C\u002Fa> in your Vandar \u003Ca href=\"https:\u002F\u002Fvandar.io\u002Fuser\" rel=\"nofollow ugc\">account\u003C\u002Fa>.\u003C\u002Fp>\n","Vandar payment gateway for Restrict Content Pro (RCP)",1113,"2023-08-10T15:41:00.000Z",[70,71,72,18,19],"gateway","payment","restrict-content-pro","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvandar-for-restrict-content-pro.zip","2026-03-15T15:16:48.613Z",{"slug":76,"name":77,"version":78,"author":7,"author_profile":8,"description":79,"short_description":10,"active_installs":45,"downloaded":80,"rating":13,"num_ratings":13,"last_updated":81,"tested_up_to":15,"requires_at_least":16,"requires_php":14,"tags":82,"homepage":87,"download_link":88,"security_score":59,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":74},"vandar-gravityform","Vandar.io Gravityform","2.1.1","\u003Cp>\u003Cstrong>Vandar.io for GravityForm\u003C\u002Fstrong> افزونه اتصال گرویتی فرم به درگاه پرداخت متصل به شبکه بانکی کشور – درگاه پرداخت وندار – Vandar.io\u003C\u002Fp>\n\u003Ch4>امکانات\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>پنل تنظیمات ساده\u003C\u002Fli>\n\u003Cli>تنظیم پیام دلخواه در هنگام پرداخت موفقیت آمیز ، انصراف از پرداخت و یا لغو پرداخت\u003C\u002Fli>\n\u003Cli>نمایش خطاهای فرایند پرداخت\u003C\u002Fli>\n\u003C\u002Ful>\n",2002,"2023-08-10T15:33:00.000Z",[83,84,85,19,86],"gravityform","pay","%d9%88%d9%86%d8%af%d8%a7%d8%b1-%d8%8c-%da%af%d8%b1%d9%88%db%8c%d8%aa%db%8c-%d9%81%d8%b1%d9%85-%d9%88%d9%86%d8%af%d8%a7%d8%b1-%d8%8c%da%af%d8%b1%d9%88%db%8c%d8%aa%db%8c-%d9%81%d8%b1%d9%85","vandar-pay","https:\u002F\u002Fvandar.io\u002Fplugins","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvandar-gravityform.zip",{"slug":90,"name":91,"version":92,"author":7,"author_profile":8,"description":93,"short_description":10,"active_installs":13,"downloaded":94,"rating":13,"num_ratings":13,"last_updated":95,"tested_up_to":15,"requires_at_least":16,"requires_php":14,"tags":96,"homepage":14,"download_link":101,"security_score":59,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":74},"vandar-learnpress","Vandar.io learnpress","2.1.3","\u003Cp>**Vandar.io for LearnPress ** افزونه اتصال لرن پرس به درگاه پرداخت متصل به شبکه بانکی کشور – درگاه پرداخت وندار – Vandar.io\u003C\u002Fp>\n\u003Ch4>امکانات\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>پنل تنظیمات ساده\u003C\u002Fli>\n\u003Cli>تنظیم پیام دلخواه در هنگام پرداخت موفقیت آمیز ، انصراف از پرداخت و یا لغو پرداخت\u003C\u002Fli>\n\u003Cli>نمایش خطاهای فرایند پرداخت\u003C\u002Fli>\n\u003C\u002Ful>\n",3706,"2023-08-10T15:47:00.000Z",[97,98,99,100,19],"learn-press","learnpress","%d9%88%d9%86-%d8%af%d8%a7%d8%b1","%d9%88%d9%86%d8%af%d8%a7%d8%b1-%d8%8c-%d9%84%d8%b1%d9%86-%d9%be%d8%b1%d8%b3-%d9%88%d9%86%d8%af%d8%a7%d8%b1-%d8%8c%d9%84%d8%b1%d9%86-%d9%be%d8%b1%d8%b3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvandar-learnpress.zip",{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":110,"downloaded":111,"rating":112,"num_ratings":113,"last_updated":114,"tested_up_to":115,"requires_at_least":116,"requires_php":117,"tags":118,"homepage":122,"download_link":123,"security_score":124,"vuln_count":125,"unpatched_count":13,"last_vuln_date":126,"fetched_at":74},"zarinpal-woocommerce-payment-gateway","Zarinpal Gateway","5.0.17","zarinpal","https:\u002F\u002Fprofiles.wordpress.org\u002Fzarinpal\u002F","\u003Cp>** Zarinpal Gateway** این افزونه شما را قادر می سازد تا براحتی اقدام به ایجاد درگاه پرداخت اینترنتی زرین پال برای پرداخت های محصولات ووکامرس کنید\u003C\u002Fp>\n\u003Ch4>امکانات\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>اضافه شدن خودکار واحد های پولی ریال تومن هزار ریال و هزار تومان به ووکامرس\u003C\u002Fli>\n\u003Cli>سازگار با ووکامرس 2.6 و قدیمی تر\u003C\u002Fli>\n\u003Cli>پنل تنظیمات ساده و کاربرپسند\u003C\u002Fli>\n\u003Cli>تنظیم پیام دلخواه در هنگام پرداخت موفقیت آمیز ، انصراف از پرداخت و یا لغو پرداخت\u003C\u002Fli>\n\u003Cli>قابلیت نمایش کد رهگیری زرین پال همراه با کد میانبر\u003C\u002Fli>\n\u003Cli>نمایش خطاهای درگاه پرداخت\u003C\u002Fli>\n\u003C\u002Ful>\n","پرداخت اینترنتی وجه به وسیله درگاه پرداخت واسطه زرین پال",60000,671571,70,13,"2026-01-24T01:09:00.000Z","6.7.5","5.8","7.0",[119,120,106,20,121],"%d9%88%d9%88%da%a9%d8%a7%d9%85%d8%b1%d8%b3","woocommerce","%d8%b2%d8%b1%db%8c%d9%86-%d9%be%d8%a7%d9%84","https:\u002F\u002Fzarinpal.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fzarinpal-woocommerce-payment-gateway.5.0.17.zip",97,1,"2026-02-16 16:35:00",{"attackSurface":128,"codeSignals":157,"taintFlows":171,"riskAssessment":172,"analyzedAt":185},{"hooks":129,"ajaxHandlers":153,"restRoutes":154,"shortcodes":155,"cronEvents":156,"entryPointCount":13,"unprotectedCount":13},[130,136,140,144,149],{"type":131,"name":132,"callback":133,"file":134,"line":135},"filter","woocommerce_payment_gateways","Woocommerce_Add_Vandario_Gateway","class-wc-gateway-vandario.php",12,{"type":131,"name":137,"callback":138,"file":134,"line":139},"woocommerce_currencies","IR_currency",20,{"type":131,"name":141,"callback":142,"priority":45,"file":134,"line":143},"woocommerce_currency_symbol","IR_currency_symbol",32,{"type":145,"name":146,"callback":147,"file":134,"line":148},"action","woocommerce_update_options_payment_gateways","process_admin_options",80,{"type":145,"name":150,"callback":151,"priority":13,"file":134,"line":152},"plugins_loaded","Load_Vandario_Gateway",480,[],[],[],[],{"dangerousFunctions":158,"sqlUsage":159,"outputEscaping":161,"fileOperations":13,"externalRequests":125,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":170},[],{"prepared":13,"raw":13,"locations":160},[],{"escaped":162,"rawEcho":163,"locations":164},6,2,[165,168],{"file":134,"line":166,"context":167},241,"raw output",{"file":134,"line":169,"context":167},305,[],[],{"summary":173,"deductions":174},"The vandar-woocommerce-gateway v3.0.1 plugin exhibits a generally good security posture based on the provided static analysis.  There are no identified dangerous functions, no raw SQL queries, and a high percentage of properly escaped output. The absence of identified CVEs and a clean vulnerability history further contributes to this positive assessment. The plugin's limited attack surface with no AJAX handlers, REST API routes, shortcodes, or cron events, and notably all entry points having no identified vulnerabilities, is a significant strength.\n\nHowever, a few areas raise concerns. The complete lack of nonce checks and capability checks is a notable weakness, especially considering the presence of an external HTTP request. This means that any unauthenticated or low-privileged user could potentially trigger this external request, leading to unintended actions or information leakage if the HTTP request's target or payload is sensitive. While taint analysis showed no issues, this is likely due to the limited complexity or scope of the analyzed code, and the absence of checks leaves room for potential issues if new functionality is added or existing logic is modified without proper security considerations.\n\nIn conclusion, while the plugin has strengths in its clean code practices and lack of historical vulnerabilities, the absence of fundamental security checks like nonce and capability checks for entry points, particularly in conjunction with external HTTP requests, represents a significant security gap. This plugin should be reviewed and updated to include these essential security measures to mitigate potential risks.",[175,177,179,182],{"reason":176,"points":45},"No nonce checks on entry points",{"reason":178,"points":45},"No capability checks on entry points",{"reason":180,"points":181},"External HTTP request without auth checks",8,{"reason":183,"points":184},"Unescaped output found (25% of outputs)",3,"2026-03-16T20:31:26.218Z",{"wat":187,"direct":193},{"assetPaths":188,"generatorPatterns":190,"scriptPaths":191,"versionParams":192},[189],"\u002Fwp-content\u002Fplugins\u002Fvandar-woocommerce-gateway\u002Fassets\u002FLogo.fb897088.svg",[],[],[],{"cssClasses":194,"htmlComments":195,"htmlAttributes":196,"restEndpoints":198,"jsGlobals":199,"shortcodeOutput":200},[],[],[197],"disabled",[],[],[201,202],"{transaction_id}","{fault}"]