[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fMzBJroFJgzjhZg67GfDuURaxspJeXvrA8pDdnhTUSo0":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":11,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":36,"analysis":115,"fingerprints":208},"wc-gateway-cib","Payment Gateway via CIB for WooCommerce","1.4","szathmari","https:\u002F\u002Fprofiles.wordpress.org\u002Fszathmari\u002F","\u003Cp>Take payments in your WooCommerce store using the CIB Gateway\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Adds a payment option to the WooCommerce checkout page\u003C\u002Fli>\n\u003Cli>Test mode\u003C\u002Fli>\n\u003Cli>Logging\u003C\u002Fli>\n\u003C\u002Ful>\n","With this plugin customers of CIB can accept instant payments through their online stores using the WooCommerce plugin.",100,4178,86,4,"","6.7.5","4.0","7.4",[20,21,22,23,24],"cib","e-commerce","gateway","payment","woocommerce","https:\u002F\u002Fszathmari.hu\u002Fwordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwc-gateway-cib.zip",0,null,"2026-03-15T10:48:56.248Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":11,"avg_security_score":11,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},1,30,94,"2026-04-04T19:42:51.953Z",[37,57,75,87,105],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":15,"tags":52,"homepage":15,"download_link":55,"security_score":11,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":56},"e-transactions-wc","Up2pay e-Transactions WooCommerce Payment Gateway","3.0.9","Verifone e-commerce","https:\u002F\u002Fprofiles.wordpress.org\u002Fpaybox\u002F","\u003Cp>This module adds a Up2pay e-Transactions Payment Gateway to your Installation of WooCommerce.\u003C\u002Fp>\n\u003Cp>Up2pay e-Transactions is a Payment Services Provider in Europe, part of the Crédit Agricole Bank.\u003C\u002Fp>\n\u003Cp>plugin actions in wordpress:\u003C\u002Fp>\n\u003Cp>this plugin offers an admin panel from the order section to the settings of Woocommerce.\u003Cbr \u002F>\nit adds payment information to the orders details and changes the status of orders (upon reception of an IPN, see below.) and adds payment means on the checkout page.\u003C\u002Fp>\n\u003Cp>This plugin takes information from the order and creates a form containing the details of the payment to be made, including parameters configured in the admin panel of the module that identify the mechant.\u003C\u002Fp>\n\u003Cp>The plugin checks for availability of the Up2pay e-Transactions platform, through a call to our servers.\u003Cbr \u002F>\nIt then submits with javascript the form to the first available server.\u003C\u002Fp>\n\u003Cp>the customer is then presented with a payment page, hosted on the Up2pay e-Transactions Platform (urls above).\u003C\u002Fp>\n\u003Cp>The Up2pay e-Transactions Platform sends an Instant Payment Notification (IPN) to the server when the customer actually made the payment, indicating to the merchant the status of the payment.\u003C\u002Fp>\n\u003Cp>the plugin generates a url that can catch the IPN call from Up2pay e-Transactions’s server, filtering incoming calls to the Up2pay e-Transactions IP address.\u003C\u002Fp>\n\u003Cp>if payment is successfull, then the plugin validates the order though woocommerce.\u003C\u002Fp>\n","This plugin is a Up2pay e-Transactions payment gateway for WooCommerce 4.x",4000,76307,46,13,"2025-05-19T13:31:00.000Z","6.8.5","5.0.0",[21,53,23,54,24],"orders","payment-gateway","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fe-transactions-wc.3.0.9.zip","2026-03-15T15:16:48.613Z",{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":65,"downloaded":66,"rating":27,"num_ratings":27,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":70,"tags":71,"homepage":15,"download_link":74,"security_score":11,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":56},"hyperpay-gateways","HyperPay Payments","6.3.5","HyperPay","https:\u002F\u002Fprofiles.wordpress.org\u002Fhyperpayproducts\u002F","\u003Cp>Payments Gateways provided by Gate2Play, to make you able to add Credit Card, Mada, STCpay and more payments method.\u003Cbr \u002F>\nto be able to use this plugin, you should be one of HyperPay’s customers.\u003Cbr \u002F>\nvisit https:\u002F\u002Fhyperpay.com for more information.\u003C\u002Fp>\n\u003Cp>The data extracted is quite sensitive and contains information that may be used to check the vulnerability of your WordPress site. Be wary of you share this data with.\u003C\u002Fp>\n\u003Ch3>Compatibility\u003C\u002Fh3>\n\u003Cp>The plugin has been tested with\u003Cbr \u002F>\nWC 8.3.1\u003Cbr \u002F>\nwordpress 6.9\u003Cbr \u002F>\nPHP 7.2\u003C\u002Fp>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>This plugin connects to the Hyperpay API to process payments and check transaction status.\u003Cbr \u002F>\n– Data sent: Payment details, order information, and merchant credentials are sent when processing payments.\u003Cbr \u002F>\n– When: Data is sent when a customer initiates a payment or when the plugin checks payment status.\u003Cbr \u002F>\n– Service: Hyperpay https:\u002F\u002Foppwa.com\u003Cbr \u002F>\n– Terms of Service: https:\u002F\u002Fwww.aciworldwide.com\u002Fterms-of-use\u003Cbr \u002F>\n– Privacy Policy: https:\u002F\u002Fwww.aciworldwide.com\u002Fprivacy-policy\u003C\u002Fp>\n\u003Ch3>Third Party Libraries\u003C\u002Fh3>\n\u003Cp>This plugin includes or depends on the following third-party libraries via Composer. All libraries are licensed under GPL-compatible licenses:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>symfony\u002Fpolyfill-php80\u003C\u002Fstrong> (MIT License)\u003Cbr \u002F>\nhttps:\u002F\u002Fgithub.com\u002Fsymfony\u002Fpolyfill-php80\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>psr\u002Flog\u003C\u002Fstrong> (MIT License)\u003Cbr \u002F>\nhttps:\u002F\u002Fgithub.com\u002Fphp-fig\u002Flog\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>guzzlehttp\u002Fguzzle\u003C\u002Fstrong> (MIT License)\u003Cbr \u002F>\nhttps:\u002F\u002Fgithub.com\u002Fguzzle\u002Fguzzle\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>twig\u002Ftwig\u003C\u002Fstrong> (BSD-3-Clause License)\u003Cbr \u002F>\nhttps:\u002F\u002Fgithub.com\u002Ftwigphp\u002FTwig\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For details, see each library’s LICENSE file in the \u003Ccode>vendor\u002F\u003C\u002Fcode> directory or their respective repositories.\u003C\u002Fp>\n\u003Ch3>Source Code\u003C\u002Fh3>\n\u003Cp>The uncompressed source code for compiled assets (e.g., JavaScript and CSS) is available in the \u003Ccode>\u002Fsrc\u002Fassets\u002F\u003C\u002Fcode> directory.\u003C\u002Fp>\n\u003Cp>Build tools used:\u003Cbr \u002F>\n– Node.js\u003Cbr \u002F>\n– Webpack\u003C\u002Fp>\n\u003Cp>To build:\u003Cbr \u002F>\n1. Run \u003Ccode>npm install\u003C\u002Fcode>\u003Cbr \u002F>\n2. Run \u003Ccode>npm run build\u003C\u002Fcode>\u003C\u002Fp>\n","Payments Gateways provided by Gate2Play, to make you able to add Credit Card, Mada, STCpay and more payments method.",600,14087,"2026-02-27T18:09:00.000Z","6.9.4","5.3","7.1",[21,72,73,54,24],"gate2play","merchant","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhyperpay-gateways.6.3.6.zip",{"slug":76,"name":77,"version":78,"author":41,"author_profile":42,"description":79,"short_description":80,"active_installs":81,"downloaded":82,"rating":83,"num_ratings":14,"last_updated":84,"tested_up_to":68,"requires_at_least":51,"requires_php":15,"tags":85,"homepage":15,"download_link":86,"security_score":11,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":56},"paybox-woocommerce-gateway","Paybox WooCommerce Payment Gateway","0.9.9.8","\u003Cp>This module adds a Paybox Payment Gateway to your Installation of WooCommerce.\u003C\u002Fp>\n\u003Cp>Paybox is a Payment Services Provider in Europe, part of the Verifone Group.\u003C\u002Fp>\n\u003Cp>plugin actions in wordpress:\u003C\u002Fp>\n\u003Cp>this plugin offers an admin panel from the order section to the settings of Woocommerce.\u003Cbr \u002F>\nit adds payment information to the orders details and changes the status of orders (upon reception of an IPN, see below.) and adds payment means on the checkout page.\u003C\u002Fp>\n\u003Cp>This plugin takes information from the order and creates a form containing the details of the payment to be made, including parameters configured in the admin panel of the module that identify the mechant.\u003C\u002Fp>\n\u003Cp>The plugin checks for availability of the Paybox platform, through a call to our servers.\u003Cbr \u002F>\nIt then submits with javascript the form to the first available server.\u003C\u002Fp>\n\u003Cp>the customer is then presented with a payment page, hosted on the Paybox Platform (urls above).\u003C\u002Fp>\n\u003Cp>The Paybox Platform sends an Instant Payment Notification (IPN) to the server when the customer actually made the payment, indicating to the merchant the status of the payment.\u003C\u002Fp>\n\u003Cp>the plugin generates a url that can catch the IPN call from Paybox’s server, filtering incoming calls to the Paybox IP address.\u003C\u002Fp>\n\u003Cp>if payment is successfull, then the plugin validates the order though woocommerce.\u003C\u002Fp>\n","This plugin is a Paybox payment gateway for WooCommerce 4.x",500,22232,60,"2026-01-20T14:37:00.000Z",[21,53,23,54,24],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpaybox-woocommerce-gateway.0.9.9.8.zip",{"slug":88,"name":89,"version":90,"author":91,"author_profile":92,"description":93,"short_description":94,"active_installs":95,"downloaded":96,"rating":33,"num_ratings":97,"last_updated":98,"tested_up_to":68,"requires_at_least":99,"requires_php":18,"tags":100,"homepage":103,"download_link":104,"security_score":11,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":56},"kueskipay-gateway","KueskiPay Gateway","2.4.1","edgarnomesque","https:\u002F\u002Fprofiles.wordpress.org\u002Fedgarnomesque\u002F","\u003Cp>Choose how many fortnights to pay with Kueski Pay\u003C\u002Fp>\n\u003Ch3>Requirements\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>WordPress 6.2 or newer.\u003C\u002Fli>\n\u003Cli>WooCommerce 7.6 or newer.\u003C\u002Fli>\n\u003Cli>PHP 7.4 or newer is recommended.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Privacy Notices\u003C\u002Fh3>\n\u003Cp>This plugin connects to a third-party services to perform its functions. Below are the circunstances under wich these connections are made:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>CDN Service for Promotional Widgets\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Service Name:\u003C\u002Fstrong> KueskiPay CDN\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Description:\u003C\u002Fstrong> This plugin uses the CDN service at https:\u002F\u002Fcdn.kueskipay.com\u002F to display promotional widgets on the product and cart pages in WooCommerce.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Sent:\u003C\u002Fstrong> The following data is sent to this service via GET request:\n\u003Cul>\n\u003Cli>\u003Cstrong>Authorization:\u003C\u002Fstrong> The public key provided at the time of integration.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Integration:\u003C\u002Fstrong> The platform being integrated, in this case, WooCommerce.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Version:\u003C\u002Fstrong> The current version of this plugin.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Sandbox:\u003C\u002Fstrong> Indicates whether the current environment is sandbox or production.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Service URL:\u003C\u002Fstrong> https:\u002F\u002Fcdn.kueskipay.com\u002Fwidgets.js\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Example URL:\u003C\u002Fstrong> https:\u002F\u002Fcdn.kueskipay.com\u002Fwidgets.js?authorization=[public_key]&integration=woocommerce&version=[plugin_version]&sandbox[true\u002Ffalse]\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Files Involved:\u003C\u002Fstrong> public\u002Fclass-wc-kuesku-gategay-public.php (Line 227)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms of Use and Policy:\u003C\u002Fstrong> https:\u002F\u002Fpreguntas.frecuentes.kueski.com\u002Fhc\u002Fes\u002Farticles\u002F12385599806747-PRIVACY-NOTICE-FOR-THIRD-PARTIES-AND-COMMERCIAL-ALLIES-OF-KUESKI-SAPI-DE-CV-SOFOM-ENR\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Payment Order Creation and Management\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Service Name:\u003C\u002Fstrong> KueskiPay Payment API\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Description:\u003C\u002Fstrong> This plugin uses the following services to create and manage payment orders:\n\u003Cul>\n\u003Cli>\u003Cstrong>Sandbox:\u003C\u002Fstrong> https:\u002F\u002Fwoocommerce-middleware-go.staging-pay.kueski.codes\u002Fapi\u002Fv1\u002Forder\u002Fcreate\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Production:\u003C\u002Fstrong> https:\u002F\u002Fwoocommerce-middleware-go.production-pay.kueski.com\u002Fapi\u002Fv1\u002Forder\u002Fcreate\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Usage:\u003C\u002Fstrong> The plugin sends the current cart order details to create an order and then redirects the user to the service site to complete their payment.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Sent:\u003C\u002Fstrong> The following data is sent to this service:\n\u003Cul>\n\u003Cli>\u003Cstrong>Order Description\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Order Amounts:\u003C\u002Fstrong> total, shipping, discounts and taxes.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Order Items:\u003C\u002Fstrong> Details of each order item.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Shipping Address:\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Billing Address:\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Files Involved:\u003C\u002Fstrong> includes\u002Fclass-wc-kueski-gateway-api.php (Lines 57, 92, 151, 221)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms of Use and Privacy Policy:\u003C\u002Fstrong> https:\u002F\u002Fpreguntas.frecuentes.kueski.com\u002Fhc\u002Fes\u002Farticles\u002F12385430001563-Aviso-de-privacidad-integral-para-clientes-y-usuarios-de-Kueski-S-A-P-I-de-C-V-SOFOM-E-N-R\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Fol>\n","Add Kueski gateway to buy now and pay later on your store.",200,3906,2,"2026-01-19T17:17:00.000Z","6.2",[21,101,102,54,24],"ecommerce","kueski","https:\u002F\u002Fwww.kueskipay.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkueskipay-gateway.2.4.1.zip",{"slug":106,"name":107,"version":108,"author":41,"author_profile":42,"description":109,"short_description":110,"active_installs":11,"downloaded":111,"rating":27,"num_ratings":27,"last_updated":112,"tested_up_to":68,"requires_at_least":51,"requires_php":15,"tags":113,"homepage":15,"download_link":114,"security_score":11,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":56},"wc-sofinco-3xcb","Sofinco 3XCB","0.9.9.7","\u003Cp>This module adds a Sofinco Payment Gateway to your Installation of WooCommerce.\u003C\u002Fp>\n\u003Cp>Sofinco is a Payment Services Provider in Europe, part of the Verifone Group.\u003C\u002Fp>\n\u003Cp>plugin actions in wordpress:\u003C\u002Fp>\n\u003Cp>this plugin offers an admin panel from the order section to the settings of Woocommerce.\u003Cbr \u002F>\nit adds payment information to the orders details and changes the status of orders (upon reception of an IPN, see below.) and adds payment means on the checkout page.\u003C\u002Fp>\n\u003Cp>This plugin takes information from the order and creates a form containing the details of the payment to be made, including parameters configured in the admin panel of the module that identify the mechant.\u003C\u002Fp>\n\u003Cp>The plugin checks for availability of the Sofinco platform, through a call to our servers.\u003Cbr \u002F>\nIt then submits with javascript the form to the first available server.\u003C\u002Fp>\n\u003Cp>the customer is then presented with a payment page, hosted on the Sofinco Platform (urls above).\u003C\u002Fp>\n\u003Cp>The Sofinco Platform sends an Instant Payment Notification (IPN) to the server when the customer actually made the payment, indicating to the merchant the status of the payment.\u003C\u002Fp>\n\u003Cp>the plugin generates a url that can catch the IPN call from Sofinco’s server, filtering incoming calls to the Sofinco IP address.\u003C\u002Fp>\n\u003Cp>if payment is successfull, then the plugin validates the order though woocommerce.\u003C\u002Fp>\n","This plugin is a Sofinco 3x CB payment gateway for WooCommerce",6615,"2026-01-20T15:04:00.000Z",[21,53,23,54,24],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwc-sofinco-3xcb.0.9.9.7.zip",{"attackSurface":116,"codeSignals":163,"taintFlows":196,"riskAssessment":197,"analyzedAt":207},{"hooks":117,"ajaxHandlers":159,"restRoutes":160,"shortcodes":161,"cronEvents":162,"entryPointCount":27,"unprotectedCount":27},[118,124,128,132,136,141,145,150,155],{"type":119,"name":120,"callback":121,"priority":27,"file":122,"line":123},"action","plugins_loaded","wc_gateway_cib_init","class-wc-gateway-cib.php",35,{"type":119,"name":125,"callback":126,"file":122,"line":127},"woocommerce_thankyou","wc_gateway_cib_thankyou_page",103,{"type":119,"name":129,"callback":130,"priority":11,"file":122,"line":131},"woocommerce_view_order","wc_gateway_cib_view_order",104,{"type":119,"name":133,"callback":134,"file":122,"line":135},"woocommerce_admin_order_data_after_order_details","wc_gateway_cib_after_order_details",105,{"type":119,"name":137,"callback":138,"priority":139,"file":122,"line":140},"woocommerce_email_after_order_table","wc_gateway_cib_email_after_order_table",10,106,{"type":119,"name":142,"callback":143,"file":122,"line":144},"before_woocommerce_init","closure",107,{"type":146,"name":147,"callback":148,"file":122,"line":149},"filter","woocommerce_payment_gateways","wc_add_gateway_cib",326,{"type":119,"name":151,"callback":152,"file":153,"line":154},"woocommerce_api_wc_gateway_cib_return_from_payment","redirect_to_order_received","includes\\class-wc-gateway-cib-ipn-handler.php",15,{"type":119,"name":156,"callback":157,"file":153,"line":158},"woocommerce_api_wc_gateway_cib","check_response",16,[],[],[],[],{"dangerousFunctions":164,"sqlUsage":165,"outputEscaping":167,"fileOperations":14,"externalRequests":97,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":195},[],{"prepared":32,"raw":27,"locations":166},[],{"escaped":14,"rawEcho":168,"locations":169},12,[170,173,175,177,179,181,183,185,187,189,191,193],{"file":122,"line":171,"context":172},127,"raw output",{"file":122,"line":174,"context":172},178,{"file":122,"line":176,"context":172},183,{"file":122,"line":178,"context":172},255,{"file":122,"line":180,"context":172},261,{"file":122,"line":182,"context":172},262,{"file":122,"line":184,"context":172},263,{"file":122,"line":186,"context":172},270,{"file":122,"line":188,"context":172},271,{"file":122,"line":190,"context":172},277,{"file":122,"line":192,"context":172},278,{"file":122,"line":194,"context":172},279,[],[],{"summary":198,"deductions":199},"The plugin \"wc-gateway-cib\" v1.4 demonstrates a generally positive security posture based on the static analysis. The absence of AJAX handlers, REST API routes, shortcodes, and cron events with exposed entry points, combined with no recorded vulnerabilities, suggests a limited attack surface and a history of secure development. The use of prepared statements for its single SQL query is a strong indicator of secure database interaction practices. However, the analysis does raise some concerns.\n\nThe most significant area of concern is the low percentage of properly escaped output (25%). This indicates that a substantial portion of data being outputted by the plugin might not be adequately sanitized, potentially leading to cross-site scripting (XSS) vulnerabilities if user-supplied data is not handled carefully. Additionally, the complete lack of nonce checks and capability checks on any potential entry points, although currently reported as zero, represents a missed opportunity for fundamental WordPress security best practices. This could become a significant risk if new entry points are introduced in future versions without proper security measures.\n\nOverall, the plugin is currently in a good state due to its limited attack surface and clean vulnerability history. However, the significant portion of unescaped output is a notable weakness that requires attention. If this is not addressed, and especially if the plugin's functionality evolves to include more user interaction or data processing, the risk of security vulnerabilities, particularly XSS, could increase.",[200,202,205],{"reason":201,"points":154},"Low percentage of properly escaped output",{"reason":203,"points":204},"No nonce checks implemented",5,{"reason":206,"points":204},"No capability checks implemented","2026-03-16T20:32:01.323Z",{"wat":209,"direct":218},{"assetPaths":210,"generatorPatterns":213,"scriptPaths":214,"versionParams":215},[211,212],"\u002Fwp-content\u002Fplugins\u002Fwc-gateway-cib\u002Fassets\u002Fcss\u002Fwc-gateway-cib-style.css","\u002Fwp-content\u002Fplugins\u002Fwc-gateway-cib\u002Fassets\u002Fjs\u002Fwc-gateway-cib-script.js",[],[212],[216,217],"wc-gateway-cib\u002Fassets\u002Fcss\u002Fwc-gateway-cib-style.css?ver=","wc-gateway-cib\u002Fassets\u002Fjs\u002Fwc-gateway-cib-script.js?ver=",{"cssClasses":219,"htmlComments":221,"htmlAttributes":222,"restEndpoints":223,"jsGlobals":224,"shortcodeOutput":225},[220],"cib-info",[],[],[],[],[]]