[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fIBvmntWciivftFfBHb0bHysdrHFggwx85xVLM61k4Fk":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":49,"crawl_stats":38,"alternatives":53,"analysis":135,"fingerprints":234},"wc-purchase-orders","Purchase Orders for WooCommerce","1.0.4","Ahmad Wael","https:\u002F\u002Fprofiles.wordpress.org\u002Fbbioon\u002F","\u003Cp>Purchase Orders for WooCommerce is a plugin that seamlessly integrates with WooCommerce, empowering your store to accept purchase orders as a payment method. This plugin creates a new payment gateway that facilitates the submission of purchase orders by allowing customers to upload necessary document files.\u003C\u002Fp>\n\u003Cp>Shop managers can then review the uploaded documents and approve the order, streamlining the purchasing process. The uploaded documents are accessible on the order page in the customer profile, admin order pages, and are included in order detail emails.\u003C\u002Fp>\n\u003Cp>This plugin is compatible with WooCommerce versions greater than 3.0, ensuring a smooth and efficient integration with the latest WooCommerce features and updates.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Introduces a purchase order payment gateway in WooCommerce.\u003C\u002Fli>\n\u003Cli>Allows customers to upload document files for purchase orders.\u003C\u002Fli>\n\u003Cli>Securily storing files.\u003C\u002Fli>\n\u003Cli>Enables shop managers to review and approve orders.\u003C\u002Fli>\n\u003Cli>Select users that will be able to use the purchase orders.\u003C\u002Fli>\n\u003Cli>Documents are accessible on order pages, customer profiles, and in order detail emails.\u003C\u002Fli>\n\u003Cli>Compatibility with WooCommerce versions greater than 3.0.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Development\u003C\u002Fh3>\n\u003Cp>This plugin is open source, and you can contribute to its development on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FBbioon\u002Fwc-purchase-orders\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under the GNU General Public License v2 or later.\u003C\u002Fp>\n\u003Ch3>Contact\u003C\u002Fh3>\n\u003Cp>For any inquiries, issues, or suggestions, please contact Ahmad Wael:\u003Cbr \u002F>\n– Twitter: \u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fdevwael\" rel=\"nofollow ugc\">@devwael\u003C\u002Fa>\u003Cbr \u002F>\n– Hire me on Codeable: \u003Ca href=\"https:\u002F\u002Fwww.codeable.io\u002Fdevelopers\u002Fahmad-wael?ref=MzT5A\" rel=\"nofollow ugc\">Ahmad Wael on Codeable\u003C\u002Fa>\u003Cbr \u002F>\n– Get to know Ahmad Wael: \u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=sBlZoJ9apTw\" rel=\"nofollow ugc\">YouTube – Meet Ahmad Wael\u003C\u002Fa>\u003Cbr \u002F>\n– Website: \u003Ca href=\"https:\u002F\u002Fwww.bbioon.com\" rel=\"nofollow ugc\">bbioon.com\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>This plugin was created by Ahmad Wael, inspired by the needs of WooCommerce stores requiring purchase order functionalities.\u003C\u002Fp>\n","Enable purchase orders! WooCommerce plugin lets you accept Purchase Orders at checkout, streamlining B2B orders.",30,1278,100,2,"2025-09-16T16:47:00.000Z","6.8.5","4.7","",[20,21,22,23,24],"documents","orders","payment-gateway","purchase-orders","woocommerce","https:\u002F\u002Fgithub.com\u002FBbioon\u002Fwc-purchase-orders","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwc-purchase-orders.1.0.4.zip",98,1,0,"2025-08-11 13:49:35","2026-03-15T15:16:48.613Z",[33],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2025-5391","woocommerce-purchase-orders-authenticated-subscriber-arbitrary-file-deletion","WooCommerce Purchase Orders \u003C= 1.0.2 - Authenticated (Subscriber+) Arbitrary File Deletion","The WooCommerce Purchase Orders plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_file() function in all versions up to, and including, 1.0.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).",null,"\u003C=1.0.2","1.0.3","high",8.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:N\u002FI:H\u002FA:H","Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')","2025-09-05 15:39:31",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F05a27a34-b324-4968-937e-2c0d24175d2a?source=api-prod",25,{"slug":50,"display_name":7,"profile_url":8,"plugin_count":28,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":48,"trust_score":51,"computed_at":52},"bbioon",93,"2026-04-05T02:42:30.894Z",[54,77,95,109,119],{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":62,"downloaded":63,"rating":64,"num_ratings":65,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":69,"tags":70,"homepage":75,"download_link":76,"security_score":13,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"atum-stock-manager-for-woocommerce","ATUM WooCommerce Inventory Management and Stock Tracking","1.9.54.1","Stock Management Labs","https:\u002F\u002Fprofiles.wordpress.org\u002Fstockmanagementlabs\u002F","\u003Cp>\u003Cstrong>✨ NEW IMPROVED ATUM v1.9 ✨\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FuAUXj4vUYRs?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>\u003Cstrong>💻 NEW \u003Ca href=\"https:\u002F\u002Fstockmanagementlabs.github.io\u002Fatum-rest-api-docs\u002F\" rel=\"nofollow ugc\">ATUM REST API\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>📖 NEW \u003Ca href=\"https:\u002F\u002Fstockmanagementlabs.crunch.help\u002F\" rel=\"nofollow ugc\">ATUM’s KNOWLEDGE BASE\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>💬 \u003Ca href=\"https:\u002F\u002Fforum.stockmanagementlabs.com\" title=\"Visit the official ATUM forum\" rel=\"nofollow ugc\">FOR ANY QUESTIONS, VISIT OUR OFFICIAL FORUMS\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>DESCRIPTION\u003C\u002Fh4>\n\u003Cp>If you have an online store, you need ATUM, the most \u003Cstrong>powerful stock management solution\u003C\u002Fstrong> for Woocommerce.\u003C\u002Fp>\n\u003Cp>ATUM is now the most advanced FREE WooCommerce inventory management tool in the WordPress plugins repository. Good WooCommerce inventory solution is an absolute must for every serious shop owner. The Dashboard Statistics or the breath-taking Stock Central, the heart of ATUM, gives you the full control of your WooCommerce stock. Get the ability to quickly edit every aspect of your WooCommerce inventory, suppliers, SKUs, locations, weight, or even prices. Beautifully carved into the WordPress interface, the system feels very familiar and \u003Cstrong>user-friendly\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>ATUM Dashboard creates an entirely new, and we felt a necessary connection between the creators and users. The dashboard aims to become an everyday screen with a quick link to support, documentation, and most importantly, business stats. We have developed a brand-new widget section that can be personalized from every corner.\u003C\u002Fp>\n\u003Cp>Each section of ATUM has an \u003Cstrong>intuitive layout\u003C\u002Fstrong> to favor the experience of store owners, facilitating stock management, and contributing to the optimization of time and resources. We understand that shop owners need to focus their efforts on growing their online business, so our aim is to help our clients through our add-ons to \u003Cstrong>get to the top\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Stock Management Labs™\u003C\u002Fstrong>, creators that have combined over 25 years of experience in inventory management, working very closely with a bunch of professional WordPress developers since October 2016. The aim is to create the complete WooCommerce solution that will take care of all your business needs.\u003C\u002Fp>\n\u003Cp>In addition, in the preparation process for the development stage, we have tested and tried the most popular WooCommerce inventory management and cloud inventory management plugins in the world. With full confidence, we believe that ATUM will become unrivalled in every category.\u003C\u002Fp>\n\u003Ch4>AVAILABLE FEATURES\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwpml.org\u002Fplugin\u002Fatum-inventory-management-for-woocommerce\u002F\" title=\"Visit the WPML compatibility page\" rel=\"nofollow ugc\">WPML FULLY COMPATIBLE\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Most Advanced FREE WooCommerce Inventory Management – Inventory Statistics (Periodical Sales, Inventory Levels, Lost Sales, Promo Sales), Stock Central with Data Export, Inventory Logs (Reserved Stock, Lost In Post, Customer Returns, Inbound Stock, Warehouse Damages), One Page Updating, Quick Price Changes, Stock Levels Indicators, Suppliers, Purchase Orders, and Premium Add-ons.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>ATUM ground-breaking Stock Control system.\u003C\u002Fli>\n\u003Cli>All WooCommerce products on one screen with a smooth mouse wheel or touchpad scrolling.\u003C\u002Fli>\n\u003Cli>Image thumbnails for easier identification of your WooCommerce Inventory.\u003C\u002Fli>\n\u003Cli>Short product names overview including the products’ ID and SKU. Change SKUs on the fly from one screen. Now with direct edit links.\u003C\u002Fli>\n\u003Cli>Purchase prices are now included with direct edit from the Stock Central page. WooCommerce inventory management was never easier.\u003C\u002Fli>\n\u003Cli>Suppliers column and fully filtered product list by Suppliers name.\u003C\u002Fli>\n\u003Cli>Quickly edit the Product Price and Product Sale Price, including the date ranges of your sales. Now bulk editing is available.\u003C\u002Fli>\n\u003Cli>Change, edit, or update the inventory of every WooCommerce product in your database. Changes immediately reflect the front-end of your site.\u003C\u002Fli>\n\u003Cli>Weekly and Fortnightly Sales, Lost Sales, and Inventory Level Indicators to help you with re-ordering plan.\u003C\u002Fli>\n\u003Cli>Customise the visual appearance of Stock Central with the ability to add or remove any columns according to your business needs.\u003C\u002Fli>\n\u003Cli>Complete “HELP” sections with the detailed explanation of every feature.\u003C\u002Fli>\n\u003Cli>Advanced search with an autofill feature and fine-tuned performance.\u003C\u002Fli>\n\u003Cli>Inventory \u002F Stock filters, new product category filters, extra drop-down filters and new column sorting.\u003C\u002Fli>\n\u003Cli>Intelligent settings for easy inventory\u002Fstock management.\u003C\u002Fli>\n\u003Cli>Advanced WooCommerce inventory controlling and monitoring features.\u003C\u002Fli>\n\u003Cli>Faultless approach to all product types, including WooCommerce subscriptions.\u003C\u002Fli>\n\u003Cli>Full support for WooCommerce variable products.\u003C\u002Fli>\n\u003Cli>Bulk product Actions to activate or deactivate WooCommerce stock management at product level.\u003C\u002Fli>\n\u003Cli>Bulk Actions within Stock Central to Control\u002FUncontrol products in bulk.\u003C\u002Fli>\n\u003Cli>Full inventory PDF export directly from Stock Central.\u003C\u002Fli>\n\u003Cli>Complete WPML compatibility for all WooCommerce inventory.\u003C\u002Fli>\n\u003Cli>Clear, effective, and branded ATUM fields.\u003C\u002Fli>\n\u003Cli>See inventory count totals for selected products.\u003C\u002Fli>\n\u003Cli>Complete location hierarchy tracking.\u003C\u002Fli>\n\u003Cli>URL hash navigation for filters in Stock Central.\u003C\u002Fli>\n\u003Cli>Navigating through filters history with the browser’s back\u002Fforward buttons.\u003C\u002Fli>\n\u003Cli>Easy page reload without losing filters.\u003C\u002Fli>\n\u003Cli>Sticky header in Stock Central to stay always in control even when scrolling through hundreds of WooCommerce products.\u003C\u002Fli>\n\u003Cli>WooCommerce business statistics of revenue and product sales. The user can filter the performance per period and choose from three graphical views.\u003C\u002Fli>\n\u003Cli>Widgets for Sales, Lost Sales, Orders, and Promo Sales.\u003C\u002Fli>\n\u003Cli>Stock Control Widget for a better WooCommerce summary of In Stock, Low Stock, and Out of Stock Products.\u003C\u002Fli>\n\u003Cli>Latest News – direct link to our new blog where we discuss functions and new features coming to ATUM.\u003C\u002Fli>\n\u003Cli>Full feed of our YouTube channel and video Tutorials that can be viewed directly in your WP admin.\u003C\u002Fli>\n\u003Cli>Build for unlimited widget additions. Our team will develop widgets for every feature, so the user has the full freedom.\u003C\u002Fli>\n\u003Cli>Inventory logs now allow you to increase or reduce WooCommerce stock.\u003C\u002Fli>\n\u003Cli>Product Locations feature lets you create several storage locations per item.\u003C\u002Fli>\n\u003Cli>Location hierarchy available too – create custom storage places within a location.\u003C\u002Fli>\n\u003Cli>Add Suppliers feature – add new suppliers and save their data for more natural inventory management and ordering.\u003C\u002Fli>\n\u003Cli>Set default and assign users or locations to individual suppliers.\u003C\u002Fli>\n\u003Cli>Pair products with suppliers for quick selling stock re-ordering.\u003C\u002Fli>\n\u003Cli>Set different suppliers to each variation.\u003C\u002Fli>\n\u003Cli>Add decimals to your WooCommerce stock quantities.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Purchase orders with PDF export\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Add Purchase Orders – create purchase orders for your sellable WooCommerce inventory.\u003C\u002Fli>\n\u003Cli>Easy Supplier locking feature – a quick search for products has never been easier.\u003C\u002Fli>\n\u003Cli>Add products to stock when you receive them at storage locations. Be notified if another user has already stocked selected WooCommerce products.\u003C\u002Fli>\n\u003Cli>Purchase Order notes to control the change log of each PO.\u003C\u002Fli>\n\u003Cli>Add Purchase Prices – add individual purchase prices and prepare your shop for monitoring of your gross profits.\u003C\u002Fli>\n\u003Cli>Purchase prices can be attached to the Purchase Orders directly. No need to jump back to product edit.\u003C\u002Fli>\n\u003Cli>Inbound Stock overview – keep an eye on all your inbound WooCommerce products.\u003C\u002Fli>\n\u003Cli>Pending incoming stock reflects in Stock Central.\u003C\u002Fli>\n\u003Cli>Direct Purchase Order editing from the inbound stock page.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Every user may create an account on our website \u003Ca href=\"https:\u002F\u002Fstockmanagementlabs.com\" title=\"Stock Management Labs\" rel=\"nofollow ugc\">stockmanagementlabs.com\u003C\u002Fa>. To get the most out of ATUM\u003C\u002Fstrong>\u003C\u002Fp>\n","WooCommerce Full Inventory Management, Purchase Orders, Suppliers, Inbound Stock, Inventory Logs, WooCommerce Sales Statistics, and More.",10000,1132704,94,127,"2026-02-03T09:11:00.000Z","6.9.0","5.9","7.4",[71,72,23,73,74],"inbound-stock","inventory-logs","suppliers","woocommerce-stock-management","https:\u002F\u002Fstockmanagementlabs.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fatum-stock-manager-for-woocommerce.1.9.54.1.zip",{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":85,"downloaded":86,"rating":87,"num_ratings":88,"last_updated":89,"tested_up_to":16,"requires_at_least":90,"requires_php":18,"tags":91,"homepage":18,"download_link":94,"security_score":13,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"e-transactions-wc","Up2pay e-Transactions WooCommerce Payment Gateway","3.0.9","Verifone e-commerce","https:\u002F\u002Fprofiles.wordpress.org\u002Fpaybox\u002F","\u003Cp>This module adds a Up2pay e-Transactions Payment Gateway to your Installation of WooCommerce.\u003C\u002Fp>\n\u003Cp>Up2pay e-Transactions is a Payment Services Provider in Europe, part of the Crédit Agricole Bank.\u003C\u002Fp>\n\u003Cp>plugin actions in wordpress:\u003C\u002Fp>\n\u003Cp>this plugin offers an admin panel from the order section to the settings of Woocommerce.\u003Cbr \u002F>\nit adds payment information to the orders details and changes the status of orders (upon reception of an IPN, see below.) and adds payment means on the checkout page.\u003C\u002Fp>\n\u003Cp>This plugin takes information from the order and creates a form containing the details of the payment to be made, including parameters configured in the admin panel of the module that identify the mechant.\u003C\u002Fp>\n\u003Cp>The plugin checks for availability of the Up2pay e-Transactions platform, through a call to our servers.\u003Cbr \u002F>\nIt then submits with javascript the form to the first available server.\u003C\u002Fp>\n\u003Cp>the customer is then presented with a payment page, hosted on the Up2pay e-Transactions Platform (urls above).\u003C\u002Fp>\n\u003Cp>The Up2pay e-Transactions Platform sends an Instant Payment Notification (IPN) to the server when the customer actually made the payment, indicating to the merchant the status of the payment.\u003C\u002Fp>\n\u003Cp>the plugin generates a url that can catch the IPN call from Up2pay e-Transactions’s server, filtering incoming calls to the Up2pay e-Transactions IP address.\u003C\u002Fp>\n\u003Cp>if payment is successfull, then the plugin validates the order though woocommerce.\u003C\u002Fp>\n","This plugin is a Up2pay e-Transactions payment gateway for WooCommerce 4.x",4000,76307,46,13,"2025-05-19T13:31:00.000Z","5.0.0",[92,21,93,22,24],"e-commerce","payment","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fe-transactions-wc.3.0.9.zip",{"slug":96,"name":97,"version":98,"author":81,"author_profile":82,"description":99,"short_description":100,"active_installs":101,"downloaded":102,"rating":103,"num_ratings":104,"last_updated":105,"tested_up_to":106,"requires_at_least":90,"requires_php":18,"tags":107,"homepage":18,"download_link":108,"security_score":13,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"paybox-woocommerce-gateway","Paybox WooCommerce Payment Gateway","0.9.9.8","\u003Cp>This module adds a Paybox Payment Gateway to your Installation of WooCommerce.\u003C\u002Fp>\n\u003Cp>Paybox is a Payment Services Provider in Europe, part of the Verifone Group.\u003C\u002Fp>\n\u003Cp>plugin actions in wordpress:\u003C\u002Fp>\n\u003Cp>this plugin offers an admin panel from the order section to the settings of Woocommerce.\u003Cbr \u002F>\nit adds payment information to the orders details and changes the status of orders (upon reception of an IPN, see below.) and adds payment means on the checkout page.\u003C\u002Fp>\n\u003Cp>This plugin takes information from the order and creates a form containing the details of the payment to be made, including parameters configured in the admin panel of the module that identify the mechant.\u003C\u002Fp>\n\u003Cp>The plugin checks for availability of the Paybox platform, through a call to our servers.\u003Cbr \u002F>\nIt then submits with javascript the form to the first available server.\u003C\u002Fp>\n\u003Cp>the customer is then presented with a payment page, hosted on the Paybox Platform (urls above).\u003C\u002Fp>\n\u003Cp>The Paybox Platform sends an Instant Payment Notification (IPN) to the server when the customer actually made the payment, indicating to the merchant the status of the payment.\u003C\u002Fp>\n\u003Cp>the plugin generates a url that can catch the IPN call from Paybox’s server, filtering incoming calls to the Paybox IP address.\u003C\u002Fp>\n\u003Cp>if payment is successfull, then the plugin validates the order though woocommerce.\u003C\u002Fp>\n","This plugin is a Paybox payment gateway for WooCommerce 4.x",500,22232,60,4,"2026-01-20T14:37:00.000Z","6.9.4",[92,21,93,22,24],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpaybox-woocommerce-gateway.0.9.9.8.zip",{"slug":110,"name":111,"version":112,"author":81,"author_profile":82,"description":113,"short_description":114,"active_installs":13,"downloaded":115,"rating":29,"num_ratings":29,"last_updated":116,"tested_up_to":106,"requires_at_least":90,"requires_php":18,"tags":117,"homepage":18,"download_link":118,"security_score":13,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"wc-sofinco-3xcb","Sofinco 3XCB","0.9.9.7","\u003Cp>This module adds a Sofinco Payment Gateway to your Installation of WooCommerce.\u003C\u002Fp>\n\u003Cp>Sofinco is a Payment Services Provider in Europe, part of the Verifone Group.\u003C\u002Fp>\n\u003Cp>plugin actions in wordpress:\u003C\u002Fp>\n\u003Cp>this plugin offers an admin panel from the order section to the settings of Woocommerce.\u003Cbr \u002F>\nit adds payment information to the orders details and changes the status of orders (upon reception of an IPN, see below.) and adds payment means on the checkout page.\u003C\u002Fp>\n\u003Cp>This plugin takes information from the order and creates a form containing the details of the payment to be made, including parameters configured in the admin panel of the module that identify the mechant.\u003C\u002Fp>\n\u003Cp>The plugin checks for availability of the Sofinco platform, through a call to our servers.\u003Cbr \u002F>\nIt then submits with javascript the form to the first available server.\u003C\u002Fp>\n\u003Cp>the customer is then presented with a payment page, hosted on the Sofinco Platform (urls above).\u003C\u002Fp>\n\u003Cp>The Sofinco Platform sends an Instant Payment Notification (IPN) to the server when the customer actually made the payment, indicating to the merchant the status of the payment.\u003C\u002Fp>\n\u003Cp>the plugin generates a url that can catch the IPN call from Sofinco’s server, filtering incoming calls to the Sofinco IP address.\u003C\u002Fp>\n\u003Cp>if payment is successfull, then the plugin validates the order though woocommerce.\u003C\u002Fp>\n","This plugin is a Sofinco 3x CB payment gateway for WooCommerce",6615,"2026-01-20T15:04:00.000Z",[92,21,93,22,24],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwc-sofinco-3xcb.0.9.9.7.zip",{"slug":120,"name":121,"version":122,"author":123,"author_profile":124,"description":125,"short_description":126,"active_installs":127,"downloaded":128,"rating":13,"num_ratings":28,"last_updated":129,"tested_up_to":16,"requires_at_least":130,"requires_php":131,"tags":132,"homepage":18,"download_link":134,"security_score":13,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"avify","Avify","1.3.8","Alexis Valenciano","https:\u002F\u002Fprofiles.wordpress.org\u002Favify\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Favify.com\u002F?utm_source=WP.PLUGIN.PAGE&utm_medium=LINK.WEB\" rel=\"nofollow ugc\">Avify is a platform that gives you a WhatsApp CRM\u003C\u002Fa>, an online store (or connection to an existing one), and a point of sale system for physical stores, all in one place.\u003C\u002Fp>\n\u003Cp>By using \u003Ca href=\"https:\u002F\u002Favify.com\u002F?utm_source=WP.PLUGIN.PAGE&utm_medium=LINK.WEB\" rel=\"nofollow ugc\">Avify\u003C\u002Fa>, SMBs do not have to worry about maintaining inventory control manually since all sales channels affect a single centralized inventory.\u003C\u002Fp>\n\u003Cp>With our technology you can receive orders and payments coming from WordPress and merge them with any other one coming from social media interaction like Instagram, Facebook or WhatsApp. You can connect your logistics, payment and billing services so that any order that enters the business can process shipping price calculations, payment or transfer receipts, and receipts or invoices automatically.\u003C\u002Fp>\n\u003Cp>With our plugin you will be able to sync orders and online payments in WooCommerce via Avify Integration. Also, you can connect multiple card payment systems and \u003Ca href=\"https:\u002F\u002Favify.com\u002F?utm_source=WP.PLUGIN.PAGE&utm_medium=LINK.WEB\" rel=\"nofollow ugc\">Avify\u003C\u002Fa> displays them at your checkout.\u003C\u002Fp>\n\u003Cp>Contact your dedicated support channel to get your API Key and the ID of your store.\u003C\u002Fp>\n\u003Ch4>Multiple currencies\u003C\u002Fh4>\n\u003Cp>Process payments and display prices in USD, CRC, MXN.\u003C\u002Fp>\n\u003Ch4>Current version features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Customer data and card encryption.\u003C\u002Fli>\n\u003Cli>Processing of payments in USD or CRC.\u003C\u002Fli>\n\u003Cli>Sandbox testing.\u003C\u002Fli>\n\u003Cli>Synchronize orders\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Do you want to know more about Avify? Please visit our \u003Ca href=\"https:\u002F\u002Favify.com\u002F?utm_source=WP.PLUGIN.PAGE&utm_medium=LINK.WEB\" rel=\"nofollow ugc\">website\u003C\u002Fa> and find out what we can do.\u003C\u002Fp>\n","Connect your WooCommerce account to Avify and send all your orders to one centralized inventory.",80,5649,"2026-02-12T20:13:00.000Z","5.6","7.0",[120,133,21,22,24],"checkout","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Favify.1.3.8.zip",{"attackSurface":136,"codeSignals":209,"taintFlows":223,"riskAssessment":224,"analyzedAt":233},{"hooks":137,"ajaxHandlers":192,"restRoutes":206,"shortcodes":207,"cronEvents":208,"entryPointCount":104,"unprotectedCount":104},[138,144,148,151,154,157,160,163,166,169,171,174,176,179,182,185,187,190],{"type":139,"name":140,"callback":141,"file":142,"line":143},"filter","wp_check_filetype_and_ext","anonymous","includes\\class-bbpo-purchase-orders.php",147,{"type":145,"name":146,"callback":141,"file":142,"line":147},"action","admin_notices",148,{"type":139,"name":149,"callback":141,"file":142,"line":150},"woocommerce_payment_gateways",159,{"type":139,"name":152,"callback":141,"file":142,"line":153},"woocommerce_available_payment_gateways",160,{"type":145,"name":155,"callback":141,"file":142,"line":156},"plugins_loaded",161,{"type":145,"name":158,"callback":141,"file":142,"line":159},"show_user_profile",169,{"type":145,"name":161,"callback":141,"file":142,"line":162},"edit_user_profile",170,{"type":145,"name":164,"callback":141,"file":142,"line":165},"personal_options_update",171,{"type":145,"name":167,"callback":141,"file":142,"line":168},"edit_user_profile_update",172,{"type":145,"name":155,"callback":141,"file":142,"line":170},189,{"type":145,"name":172,"callback":141,"file":142,"line":173},"admin_enqueue_scripts",203,{"type":145,"name":172,"callback":141,"file":142,"line":175},204,{"type":145,"name":177,"callback":141,"file":142,"line":178},"woocommerce_admin_order_data_after_order_details",205,{"type":145,"name":180,"callback":141,"file":142,"line":181},"woocommerce_email_order_meta",206,{"type":145,"name":183,"callback":141,"file":142,"line":184},"woocommerce_order_details_after_order_table_items",207,{"type":145,"name":146,"callback":141,"file":142,"line":186},208,{"type":145,"name":188,"callback":141,"file":142,"line":189},"wp_enqueue_scripts",223,{"type":145,"name":188,"callback":141,"file":142,"line":191},224,[193,197,200,203],{"action":194,"nopriv":195,"callback":141,"hasNonce":195,"hasCapCheck":195,"file":142,"line":196},"wcpo_dismiss_admin_notice",false,149,{"action":198,"nopriv":195,"callback":141,"hasNonce":195,"hasCapCheck":195,"file":142,"line":199},"wcpo_upload_purchase_order",150,{"action":201,"nopriv":195,"callback":141,"hasNonce":195,"hasCapCheck":195,"file":142,"line":202},"wcpo_delete_purchase_order_file",151,{"action":204,"nopriv":195,"callback":141,"hasNonce":195,"hasCapCheck":195,"file":142,"line":205},"wcpo_dismiss_new_settings_notice",209,[],[],[],{"dangerousFunctions":210,"sqlUsage":211,"outputEscaping":213,"fileOperations":14,"externalRequests":29,"nonceChecks":220,"capabilityChecks":221,"bundledLibraries":222},[],{"prepared":29,"raw":29,"locations":212},[],{"escaped":214,"rawEcho":28,"locations":215},28,[216],{"file":217,"line":218,"context":219},"includes\\class-bbpo-purchase-orders-gateway.php",75,"raw output",6,3,[],[],{"summary":225,"deductions":226},"The 'wc-purchase-orders' plugin v1.0.4 presents a mixed security posture.  On the positive side, the plugin demonstrates good practices by exclusively using prepared statements for SQL queries and having a very high percentage of properly escaped output. The absence of dangerous functions and external HTTP requests is also commendable. Furthermore, there are no reported critical or high severity vulnerabilities currently unpatched, which is a strong indicator of ongoing maintenance and responsiveness.\n\nHowever, significant concerns arise from the plugin's attack surface.  All four identified AJAX handlers lack authentication checks, creating a substantial risk for unauthorized actions if these handlers perform sensitive operations. While taint analysis revealed no immediate critical or high severity issues, the presence of unprotected entry points means that even low-severity vulnerabilities could be easily exploited. The vulnerability history, while currently showing no unpatched issues, does indicate a past high severity vulnerability related to path traversal. This suggests a potential for such vulnerabilities to reappear if not carefully addressed in development practices.\n\nIn conclusion, while the plugin excels in secure coding practices for SQL and output handling, the lack of authentication on its AJAX endpoints is a critical oversight that significantly elevates its risk profile.  The past path traversal vulnerability also warrants vigilance.  A thorough security review of the unprotected AJAX handlers is strongly recommended to mitigate potential risks.",[227,230],{"reason":228,"points":229},"4 unprotected AJAX handlers",20,{"reason":231,"points":232},"1 past high severity vulnerability (Path Traversal)",15,"2026-03-16T22:26:06.227Z",{"wat":235,"direct":245},{"assetPaths":236,"generatorPatterns":239,"scriptPaths":240,"versionParams":242},[237,238],"\u002Fwp-content\u002Fplugins\u002Fwc-purchase-orders\u002Fcss\u002Fwc-purchase-orders-admin.css","\u002Fwp-content\u002Fplugins\u002Fwc-purchase-orders\u002Fjs\u002Fwc-purchase-orders-admin.js",[],[241],"js\u002Fwc-purchase-orders-admin.js",[243,244],"wc-purchase-orders\u002Fcss\u002Fwc-purchase-orders-admin.css?ver=","wc-purchase-orders\u002Fjs\u002Fwc-purchase-orders-admin.js?ver=",{"cssClasses":246,"htmlComments":249,"htmlAttributes":250,"restEndpoints":252,"jsGlobals":253,"shortcodeOutput":255},[247,248],"purchase-order-document-file","purchase-order-number",[],[251],"download",[],[254],"wcpo_object",[]]