[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fzUPPheFbxSPin0s-7aB3BYGNiOXtDtQvNKRWvXeNBgM":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":62,"crawl_stats":38,"alternatives":69,"analysis":163,"fingerprints":548},"whmcs-bridge","WHMCS Bridge","6.9","Global Programming","https:\u002F\u002Fprofiles.wordpress.org\u002Fglobalprogramming\u002F","\u003Cp>The WHMCS Bridge plugin integrates your WHMCS support and billing software into WordPress providing a seamless and consistent user experience to your customers.\u003C\u002Fp>\n\u003Cp>Thanks to the theme inheritance feature, you don’t need to style your WHMCS installation anymore, the integration ensures that your WHMCS installation looks and feels like your WordPress site.\u003C\u002Fp>\n\u003Cp>Full installation video (incl. Pro, SSL, WHMCS addon and caching)\u003Cbr \u002F>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FgRxXTDPVkV0?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>Our Pro version additionally offers:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Caching\u003C\u002Fstrong>: Supercharge your bridge with caching up to 30 days all parsed CSS and JS files to speed up loading time and reduce resource usage.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Support for WHMCS MarketConnect\u003C\u002Fstrong>: Full support for WHMCS MarketConnect allowing you to quickly and seamlessly re-sell products via WHMCS (via WordPress) using WHMCS MarketPlace.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Support for Sign-in Integrationss\u003C\u002Fstrong>: Upgrade and support Google oAuth and Facebook Login (Twitter not supported)\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Support for WHMCS Friendly URLs\u003C\u002Fstrong>: Upgrade and support WHMCS “Full Friendly Rewrite” instead of “Basic URLs”\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Pretty permalinks\u003C\u002Fstrong>: display links like http:\u002F\u002Fwww.mysite.tld\u002Fclientarea\u002F rather than http:\u002F\u002Fwww.mysite.tld\u002F?ccce=clientarea. Also supports knowledgebase, announcement and download links.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>SEO Titles\u003C\u002Fstrong>: Each Bridge page has it’s correct title tag from your WHMCS installation.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Custom Templates\u003C\u002Fstrong>: Use any template you like, including custom templates.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Enhanced visual integration\u003C\u002Fstrong>: using cross-domain messaging for a smoother visual integration\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Single sign on\u003C\u002Fstrong>: thanks to the single sign-on feature, your customers can sign in once on your site and comment on your blog postings, share information with their peers, order hosting plans and pay their bills.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Multi-lingual WHMCS support\u003C\u002Fstrong>: fully integrated with qtranslate & WPML\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>IP address resolution ‘patch’\u003C\u002Fstrong>: shows your customer’s IP address instead of your server’s IP address during sign up\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Choose your WHMCS portal\u003C\u002Fstrong>:fully compatible with the WHMCS ‘six’ responsive template\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Shortcodes\u003C\u002Fstrong>: use WordPress shortcodes on your pages to integrate WHMCS pages\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Thanks to the single sign-on feature (WHMCS Bridge Pro plugin), your customers can sign in once on your site and comment on your blog postings, share information with their peers, order hosting plans and pay their bills.\u003C\u002Fp>\n","WHMCS Bridge is a plugin that integrates the powerful WHMCS support and billing software with WordPress.",4000,532606,62,73,"2022-10-17T19:51:00.000Z","6.0.11","5.0","",[20,21,22,23,24],"billing","hosting","integration","support","whmcs","http:\u002F\u002Fi-plugins.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwhmcs-bridge.6.9.zip",84,2,0,"2022-01-27 00:00:00","2026-03-15T15:16:48.613Z",[33,49],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2021-25112","whmcs-bridge-reflected-cross-site-scripting","WHMCS Bridge \u003C= 6.3 - Reflected Cross-Site Scripting","The WHMCS Bridge WordPress plugin before 6.4b does not sanitise and escape the error parameter before outputting it back in admin dashboard, leading to a Reflected Cross-Site Scripting",null,"\u003C=6.3","6.4b","medium",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-01-22 19:56:02",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F3f08fd6e-4c1b-40e7-92ba-72cdd03ff585?source=api-prod",726,{"id":50,"url_slug":51,"title":52,"description":53,"plugin_slug":4,"theme_slug":38,"affected_versions":54,"patched_in_version":55,"severity":41,"cvss_score":56,"cvss_vector":57,"vuln_type":44,"published_date":58,"updated_date":45,"references":59,"days_to_patch":61},"CVE-2021-4074","whmcs-bridge-subscriber-stored-cross-site-scripting","WHMCS Bridge \u003C= 6.1 Subscriber+ Stored Cross-Site Scripting","The WHMCS Bridge WordPress plugin is vulnerable to Stored Cross-Site Scripting via the cc_whmcs_bridge_url parameter found in the ~\u002Fwhmcs-bridge\u002Fbridge_cp.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 6.1. Due to missing authorization checks on the cc_whmcs_bridge_add_admin function, low-level authenticated users such as subscribers can exploit this vulnerability.","\u003C=6.1","6.3",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2022-01-14 00:00:00",[60],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F24ba85a0-dbc7-4c9d-a67f-d449c1d275ab?source=api-prod",739,{"slug":63,"display_name":7,"profile_url":8,"plugin_count":28,"total_installs":64,"avg_security_score":65,"avg_patch_time_days":66,"trust_score":67,"computed_at":68},"globalprogramming",4010,85,733,69,"2026-04-04T21:00:14.051Z",[70,84,105,125,142],{"slug":71,"name":72,"version":73,"author":7,"author_profile":8,"description":74,"short_description":75,"active_installs":76,"downloaded":77,"rating":78,"num_ratings":79,"last_updated":80,"tested_up_to":81,"requires_at_least":18,"requires_php":18,"tags":82,"homepage":25,"download_link":83,"security_score":65,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"remote-provisioning","WHMCS Multi-Site Provisioning","1.7.0","\u003Cp>This plugin allows provisioning of blogs on a WordPress multi-site installation from external packages and billing systems. It adds an API to WordPress that allows the external system to call WordPress to create, suspend, unsuspend and terminate blogs on a WordPress multi-site installation.\u003C\u002Fp>\n\u003Cp>A commercial \u003Ca href=\"https:\u002F\u002Fi-plugins.com\u002Fwhmcs-bridge\u002Fcart\u002F?a=add&pid=22\" title=\"WHMCS addon\" rel=\"nofollow ugc\">WHMCS addon\u003C\u002Fa> is currently available for a recurring fee. This allows you to set up a product in WHMCS which will automatically provision WordPress blogs for your customers. It works just like a WHMCS server addon.\u003C\u002Fp>\n\u003Ch3>Coming soon\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Add mb size to API\u003C\u002Fli>\n\u003Cli>Add privacy option to API (to avoid search engines crawling the site before being built)\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin allows provisioning of blogs on a Wordpress multi-site installation from external packages and billing systems such as WHMCS.",10,10453,100,1,"2020-09-28T15:49:00.000Z","5.5.18",[20,21,22,23,24],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fremote-provisioning.1.7.0.zip",{"slug":85,"name":86,"version":87,"author":88,"author_profile":89,"description":90,"short_description":91,"active_installs":92,"downloaded":93,"rating":29,"num_ratings":29,"last_updated":94,"tested_up_to":95,"requires_at_least":96,"requires_php":97,"tags":98,"homepage":103,"download_link":104,"security_score":78,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"camoo-sso","CAMOO SSO","1.5.8","Camoo Sarl","https:\u002F\u002Fprofiles.wordpress.org\u002Fcamoo\u002F","\u003Cp>Camoo.Hosting Single sign On for Managed WordPress sites,\u003Cbr \u002F>\nThis plugin allows signing in Camoo.Hosting users via SSO to your managed WordPress without having to remember any password of your website.\u003Cbr \u002F>\nPlease note that the user information and role mappings are updated each time the user logs in via SSO. If you do not want to sync the roles from your existing system to WordPress, you can disable the functionality via the settings page.\u003C\u002Fp>\n","Camoo.Hosting Single sign On for WordPress websites.",200,5821,"2025-12-31T09:54:00.000Z","6.9.4","5.6","7.4",[99,100,101,102],"camoo-sso-integration","camoo-hosting","hebergement-web-avec-sso","managed-hosting-with-sso","https:\u002F\u002Fgithub.com\u002Fcamoo\u002Fwp-camoo-sso","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcamoo-sso.1.5.8.zip",{"slug":106,"name":107,"version":108,"author":109,"author_profile":110,"description":111,"short_description":112,"active_installs":92,"downloaded":113,"rating":78,"num_ratings":79,"last_updated":114,"tested_up_to":115,"requires_at_least":17,"requires_php":116,"tags":117,"homepage":122,"download_link":123,"security_score":124,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"domain-search-for-whmcs","Domain Search for WHMCS","2.0.3","Shipon Karmakar","https:\u002F\u002Fprofiles.wordpress.org\u002Fshiponkarmakar\u002F","\u003Cp>Domain Search for WHMCS is a lightweight yet powerful WordPress plugin that allows users to search for domain names and redirects them to your WHMCS-powered domain registration portal. This seamless integration improves user experience and streamlines domain purchase processes.\u003C\u002Fp>\n\u003Ch3>Key Features:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Simple and fast domain search form\u003C\u002Fli>\n\u003Cli>Fully customizable search field and placeholder text\u003C\u002Fli>\n\u003Cli>Shortcode support for easy placement anywhere on your website\u003C\u002Fli>\n\u003Cli>Redirect users to your WHMCS domain registration page automatically\u003C\u002Fli>\n\u003Cli>Admin settings page for easy configuration\u003C\u002Fli>\n\u003Cli>Lightweight and optimized for speed\u003C\u002Fli>\n\u003Cli>Secure nonce verification for form submissions\u003C\u002Fli>\n\u003Cli>Supports multiple domain search shortcodes with custom settings\u003C\u002Fli>\n\u003Cli>Easy deletion and management of created shortcodes\u003C\u002Fli>\n\u003Cli>Optimized code for better WordPress compatibility\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin is perfect for web hosting businesses, domain resellers, and WHMCS-based service providers looking to enhance user engagement and conversion rates.\u003C\u002Fp>\n","Integrate WHMCS domain search functionality into your WordPress website with a clean, responsive search form.",1517,"2025-04-03T17:47:00.000Z","6.7.5","7.2",[118,119,120,24,121],"domain-lookup","domain-registration","domain-search","whmcs-integration","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdomain-search-for-whmcs\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdomain-search-for-whmcs.2.0.3.zip",92,{"slug":126,"name":127,"version":108,"author":88,"author_profile":89,"description":128,"short_description":129,"active_installs":130,"downloaded":131,"rating":29,"num_ratings":29,"last_updated":132,"tested_up_to":115,"requires_at_least":133,"requires_php":134,"tags":135,"homepage":140,"download_link":141,"security_score":124,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"camoo-cdn","CAMOO CDN","\u003Cp>Camoo.Hosting Automatic Integration with CDN for websites. This plugin allows you to easily use CDN on your WordPress and accelerate website loading in any country, handling any load on your service. For optimal performance, CAMOO CDN requires WP Super Cache to be installed and activated on your WordPress site.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Replace static links with CDN links\u003C\u002Fli>\n\u003C\u002Ful>\n","Camoo.Hosting Automatic Integration with CDN for WordPress websites.",60,2292,"2024-11-17T14:00:00.000Z","6.4.3","8.0",[136,100,137,138,139],"camoo-cdn-integration","hebergement-web-avec-cdn","managed-hosting-with-cdn","wordpress-caching","https:\u002F\u002Fgithub.com\u002Fcamoo\u002Fwp-camoo-cdn","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcamoo-cdn.2.0.3.zip",{"slug":143,"name":144,"version":145,"author":146,"author_profile":147,"description":148,"short_description":149,"active_installs":150,"downloaded":151,"rating":78,"num_ratings":28,"last_updated":152,"tested_up_to":153,"requires_at_least":154,"requires_php":97,"tags":155,"homepage":161,"download_link":162,"security_score":78,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"mwb-zendesk-woo-order-sync","Order Sync with Zendesk for WooCommerce","2.2.1","WP Swings","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpswings\u002F","\u003Cp>Order Sync with Zendesk for WooCommerce plugin will provide a managed process for dealing with new tickets and assembling customers’ order data. It is a two-way integration between Zendesk and WooCommerce.\u003C\u002Fp>\n\u003Cp>The admin needs to install the \u003Ca href=\"https:\u002F\u002Fwww.zendesk.com\u002Fmarketplace\u002Fapps\u002Fsupport\u002F210789\u002Fwoocommerce-orders\u002F\" rel=\"nofollow ugc\">\u003Cstrong>WooCommerce Orders\u003C\u002Fstrong>\u003C\u002Fa> (from Zendesk Marketplace) before syncing this plugin. It is essentially, a Zendesk-oriented solution that will only work for WooCommerce orders.\u003C\u002Fp>\n\u003Cp>The admin can directly verify ticket details from their WooCommerce, removing the need to check their Zendesk account each time. Order Sync with Zendesk for WooCommerce plugin enhances the workflow of WooCommerce stores and improves ticket management. It also helps customers register their queries and follow up on them efficiently.\u003C\u002Fp>\n\u003Cp>Zendesk integration with WordPress And WooCommerce plugin enhances the workflow of WooCommerce stores and improves ticket management. Also, it helps customers register their queries and follow up on them efficiently.\u003C\u002Fp>\n\u003Cp>Zendesk WordPress & WooCommerce Integration is a remarkable way to improve the user experience. It helps establish better communication between the customers and store owners through chat ticketing, strengthening the customer-buyer relationship. And keeps the customers satisfied\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong>NOTE: For using Order Sync with Zendesk for WooCommerce plugin, you need to install the \u003Ca href=\"https:\u002F\u002Fwww.zendesk.com\u002Fmarketplace\u002Fapps\u002Fsupport\u002F210789\u002Fwoocommerce-orders\u002F\" rel=\"nofollow ugc\">\u003Cstrong>WooCommerce Orders App\u003C\u002Fstrong>\u003C\u002Fa> from the Zendesk Marketplace.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch3>MAIN FEATURES FOR ADMIN\u003C\u002Fh3>\n\u003Cp>Admin can decide the number of WooCommerce orders and details of new customers’ requests to be displayed.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>A New Report Section has been added for admin to quickly view all the important details in a glance this report include subject, customer, status, ticket priority etc\u003C\u002Fli>\n\u003Cli>You have the option to automatically generate a ticket when a new user registers on your website. This saves time and ensures immediate assistance for users right from the start.\u003C\u002Fli>\n\u003Cli>A custom widget has been created, which you can place on anywhere on the website to show the ticket history. This enhances user experience by providing easy access to past support interactions.\u003C\u002Fli>\n\u003Cli>Our WooCommerce Zendesk Integrations is compatible with the HPOS (High-Performance Order Sync) feature of WooCommerce.\u003C\u002Fli>\n\u003Cli>WooCommerce Orders App provides live information about your customers’ orders.\u003C\u002Fli>\n\u003Cli>Whenever a ticket is raised, the WooCommerce order app fetches the live order values and the total number of orders in your Zendesk dashboard. \u003C\u002Fli>\n\u003Cli>Admins can see all the tickets generated by any particular customer. \u003C\u002Fli>\n\u003Cli>The order data fetched by Zendesk from the WooCommerce store contains the order items and their attributes.\u003C\u002Fli>\n\u003Cli>The Admin can enable the option for email notification to get notified with all the details related to the ticket when a customer raises a ticket.\u003C\u002Fli>\n\u003Cli>The Admin can completely customize the email template from the WooCommerce email section.\u003C\u002Fli>\n\u003Cli>Along with the order details, the admin can also sync the order meta keys on Zendesk using Order Fields from Order Configuration Settings.\u003C\u002Fli>\n\u003Cli>The admin can configure the plugin to automatically sync the order status with CRM and create a Zendesk ticket based on the chosen order status.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>MAIN FEATURES FOR CUSTOMERS\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>In the Ticket History tab, customers can view all the tickets that they have generated.  The ticket list will contain tickets generated from different billing email addresses.\u003C\u002Fli>\n\u003Cli>Customers can create a new Zendesk ticket upon clicking the “Create Ticket” button in the My Account section by using any of their billing emails—no need to go to Zendesk to create tickets. \u003C\u002Fli>\n\u003Cli>Customers can also add their comments from WooCommerce. It will be reflected in the admin’s Zendesk account. \u003C\u002Fli>\n\u003Cli>Customers can review their chat history with your agents for tickets from the Ticket History section. This allows them to keep track of their interactions in one place.\u003C\u002Fli>\n\u003Cli>Customers and Admin both will get an email notification when a customer raises a ticket.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Visit \u003Ca href=\"https:\u002F\u002Fdocs.wpswings.com\u002Forder-sync-with-zendesk-for-woocommerce\u002F?utm_source=zendesk-org-page&utm_medium=referral&utm_campaign=zendesk-doc\" rel=\"nofollow ugc\">\u003Cstrong>Order Sync with Zendesk for WooCommerce Documentation\u003C\u002Fstrong>\u003C\u002Fa> to learn more about the features and working of the plugin. Check out our \u003Ca href=\"https:\u002F\u002Fsupport.wpswings.com\u002Fwordpress-plugins-knowledge-base\u002Fcategory\u002Fzendesk-woo-order-sync\u002F?utm_source=zendesk-org-page&utm_medium=referral&utm_campaign=zendesk-kb\" rel=\"nofollow ugc\">\u003Cstrong>Zendesk Plugin knowledge base\u003C\u002Fstrong>\u003C\u002Fa> for some deep insights and FAQs on the plugin.\u003C\u002Fp>\n\u003Ch3>ZENDESK FOR WOOCOMMERCE PLUGIN COMPATIBILITIES\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>WooCommerce HPOS:\u003C\u002Fstrong> Our Order Sync with Zendesk for WooCommerce plugin is fully compatible with WooCommerce HPOS (High-Performance Order Sync). \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This compatibility improves your store’s performance by enabling speedier and smoother order synchronization for large volumes, ensuring that your operations function normally even during periods of heavy demand.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>If you need support or have questions, kindly use our online chat window \u003Ca href=\"https:\u002F\u002Fwpswings.com\u002Fcontact-us\u002F?utm_source=zendesk-org-page&utm_medium=referral&utm_campaign=contact-us\" rel=\"nofollow ugc\">\u003Cstrong>here\u003C\u002Fstrong>\u003C\u002Fa> and discover all types of  \u003Ca href=\"https:\u002F\u002Fwpswings.com\u002Fwoocommerce-plugins\u002F?utm_source=zendesk-org-page&utm_medium=referral&utm_campaign=woocommerce-plugins\" rel=\"nofollow ugc\">\u003Cstrong>WooCommerce Extensions\u003C\u002Fstrong>\u003C\u002Fa> for your eCommerce store.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Get Huge Discount offers – \u003Ca href=\"https:\u002F\u002Fwpswings.com\u002Foffers\u002F?utm_source=zendesk-org-page&utm_medium=referral&utm_campaign=offers\" rel=\"nofollow ugc\">\u003Cstrong>Get More Offers\u003C\u002Fstrong>\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>If our documentation doesn’t contain the solution to your problem, you can visit the \u003Ca href=\"https:\u002F\u002Fforums.wpswings.com\u002F?utm_source=zendesk-org-page&utm_medium=referral&utm_campaign=forum\" rel=\"nofollow ugc\">\u003Cstrong>WP Swings Forums Community\u003C\u002Fstrong>\u003C\u002Fa> or \u003Ca href=\"https:\u002F\u002Fwpswings.com\u002Fsubmit-query\u002F?utm_source=zendesk-org-page&utm_medium=referral&utm_campaign=query\" rel=\"nofollow ugc\">\u003Cstrong>Generate a ticket\u003C\u002Fstrong>\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Create and Revamp your eCommerce store with \u003Ca href=\"https:\u002F\u002Fwpswings.com\u002Fwoocommerce-services\u002F?utm_source=zendesk-org-page&utm_medium=referral&utm_campaign=woocommerce-service\" rel=\"nofollow ugc\">\u003Cstrong>WooCommerce Services\u003C\u002Fstrong>\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n","Manage New Tickets and Orders with Zendesk Woo Order Sync",40,6360,"2025-08-26T10:47:00.000Z","6.8.5","5.5.0",[156,157,158,159,160],"customer-support","help-desk","integration-zendesk","order-sync-zendesk","zendesk","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmwb-zendesk-woo-order-sync\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmwb-zendesk-woo-order-sync.2.2.1.zip",{"attackSurface":164,"codeSignals":234,"taintFlows":402,"riskAssessment":535,"analyzedAt":547},{"hooks":165,"ajaxHandlers":224,"restRoutes":231,"shortcodes":232,"cronEvents":233,"entryPointCount":79,"unprotectedCount":29},[166,172,177,181,185,189,193,197,202,207,212,214,216,218,220,222],{"type":167,"name":168,"callback":169,"file":170,"line":171},"action","init","cc_whmcs_bridge_init","bridge.init.php",42,{"type":173,"name":174,"callback":175,"file":170,"line":176},"filter","wp_footer","cc_whmcs_bridge_footer",45,{"type":173,"name":178,"callback":179,"priority":76,"file":170,"line":180},"the_content","cc_whmcs_bridge_content",47,{"type":167,"name":182,"callback":183,"priority":76,"file":170,"line":184},"wp_head","cc_whmcs_bridge_header",49,{"type":167,"name":186,"callback":187,"file":170,"line":188},"plugins_loaded","cc_whmcs_sidebar_init",50,{"type":167,"name":190,"callback":191,"file":170,"line":192},"admin_head","cc_whmcs_bridge_admin_header",54,{"type":167,"name":194,"callback":195,"file":170,"line":196},"admin_notices","cc_whmcs_admin_notices",55,{"type":167,"name":198,"callback":199,"priority":200,"file":170,"line":201},"wp_loaded","cc_whmcs_close_my_session",30,57,{"type":167,"name":203,"callback":204,"file":205,"line":206},"admin_menu","cc_whmcs_bridge_add_admin","bridge_cp.php",212,{"type":167,"name":208,"callback":209,"file":210,"line":211},"widgets_init","closure","includes\\sidebars.php",3,{"type":167,"name":208,"callback":209,"file":210,"line":213},4,{"type":167,"name":208,"callback":209,"file":210,"line":215},5,{"type":167,"name":208,"callback":209,"file":210,"line":217},6,{"type":167,"name":208,"callback":209,"file":210,"line":219},7,{"type":167,"name":208,"callback":209,"file":210,"line":221},8,{"type":167,"name":208,"callback":209,"file":210,"line":223},9,[225],{"action":226,"nopriv":227,"callback":228,"hasNonce":229,"hasCapCheck":227,"file":170,"line":230},"check_bridge",false,"cc_whmcs_bridge_checks",true,51,[],[],[],{"dangerousFunctions":235,"sqlUsage":244,"outputEscaping":246,"fileOperations":400,"externalRequests":217,"nonceChecks":28,"capabilityChecks":29,"bundledLibraries":401},[236,240],{"fn":237,"file":170,"line":238,"context":239},"unserialize",1045,"$current = unserialize(get_option('cc_whmcs_bridge_cache' . $cache_flag));",{"fn":237,"file":241,"line":242,"context":243},"includes\\parser.inc.php",567,"$titles = unserialize($titles);",{"prepared":79,"raw":29,"locations":245},[],{"escaped":247,"rawEcho":248,"locations":249},99,76,[250,253,255,257,259,261,263,265,267,269,271,273,275,277,279,282,285,287,289,291,293,295,297,298,300,301,303,305,307,309,311,313,314,316,318,320,322,324,326,328,330,332,334,336,338,340,342,344,346,348,349,351,353,355,357,359,361,363,365,367,369,371,373,375,377,379,382,383,385,386,387,389,391,394,397,399],{"file":170,"line":251,"context":252},348,"raw output",{"file":170,"line":254,"context":252},599,{"file":170,"line":256,"context":252},611,{"file":170,"line":258,"context":252},639,{"file":170,"line":260,"context":252},682,{"file":170,"line":262,"context":252},692,{"file":170,"line":264,"context":252},703,{"file":170,"line":266,"context":252},708,{"file":170,"line":268,"context":252},724,{"file":170,"line":270,"context":252},727,{"file":170,"line":272,"context":252},748,{"file":170,"line":274,"context":252},859,{"file":170,"line":276,"context":252},864,{"file":170,"line":278,"context":252},867,{"file":280,"line":281,"context":252},"includes\\cpedit.inc.php",123,{"file":283,"line":284,"context":252},"includes\\footer.inc.php",14,{"file":241,"line":286,"context":252},1093,{"file":210,"line":288,"context":252},24,{"file":210,"line":290,"context":252},26,{"file":210,"line":292,"context":252},27,{"file":210,"line":294,"context":252},28,{"file":210,"line":296,"context":252},29,{"file":210,"line":200,"context":252},{"file":210,"line":299,"context":252},44,{"file":210,"line":176,"context":252},{"file":210,"line":302,"context":252},63,{"file":210,"line":304,"context":252},65,{"file":210,"line":306,"context":252},66,{"file":210,"line":308,"context":252},67,{"file":210,"line":310,"context":252},81,{"file":210,"line":312,"context":252},82,{"file":210,"line":78,"context":252},{"file":210,"line":315,"context":252},102,{"file":210,"line":317,"context":252},104,{"file":210,"line":319,"context":252},106,{"file":210,"line":321,"context":252},120,{"file":210,"line":323,"context":252},121,{"file":210,"line":325,"context":252},139,{"file":210,"line":327,"context":252},140,{"file":210,"line":329,"context":252},141,{"file":210,"line":331,"context":252},142,{"file":210,"line":333,"context":252},156,{"file":210,"line":335,"context":252},157,{"file":210,"line":337,"context":252},175,{"file":210,"line":339,"context":252},177,{"file":210,"line":341,"context":252},178,{"file":210,"line":343,"context":252},179,{"file":210,"line":345,"context":252},193,{"file":210,"line":347,"context":252},194,{"file":210,"line":206,"context":252},{"file":210,"line":350,"context":252},214,{"file":210,"line":352,"context":252},215,{"file":210,"line":354,"context":252},216,{"file":210,"line":356,"context":252},230,{"file":210,"line":358,"context":252},231,{"file":210,"line":360,"context":252},249,{"file":210,"line":362,"context":252},250,{"file":210,"line":364,"context":252},265,{"file":210,"line":366,"context":252},266,{"file":210,"line":368,"context":252},285,{"file":210,"line":370,"context":252},286,{"file":210,"line":372,"context":252},287,{"file":210,"line":374,"context":252},288,{"file":210,"line":376,"context":252},302,{"file":210,"line":378,"context":252},303,{"file":380,"line":381,"context":252},"includes\\simple_html_dom.php",53,{"file":380,"line":201,"context":252},{"file":384,"line":221,"context":252},"pages\\help.php",{"file":384,"line":221,"context":252},{"file":384,"line":290,"context":252},{"file":388,"line":76,"context":252},"pages\\log.php",{"file":388,"line":390,"context":252},11,{"file":392,"line":393,"context":252},"pages\\settings.php",16,{"file":395,"line":396,"context":252},"support-us.inc.php",18,{"file":395,"line":398,"context":252},32,{"file":395,"line":171,"context":252},12,[],[403,450,469,479,490,499,512,524],{"entryPoint":404,"graph":405,"unsanitizedCount":76,"severity":41},"cc_whmcs_bridge_output (bridge.init.php:458)",{"nodes":406,"edges":444},[407,412,417,421,426,430,434,437,441],{"id":408,"type":409,"label":410,"file":170,"line":411},"n0","source","$_REQUEST['gid']",494,{"id":413,"type":414,"label":415,"file":170,"line":411,"wp_function":416},"n1","sink","wp_redirect() [Open Redirect]","wp_redirect",{"id":418,"type":409,"label":419,"file":170,"line":420},"n2","$_REQUEST",572,{"id":422,"type":414,"label":423,"file":170,"line":424,"wp_function":425},"n3","file_put_contents() [File Write]",574,"file_put_contents",{"id":427,"type":409,"label":428,"file":170,"line":429},"n4","$_REQUEST (x7)",483,{"id":431,"type":414,"label":432,"file":170,"line":260,"wp_function":433},"n5","echo() [XSS]","echo",{"id":435,"type":409,"label":419,"file":170,"line":436},"n6",738,{"id":438,"type":439,"label":440,"file":170,"line":436},"n7","transform","→ cc_whmcs_bridge_parser_ajax2()",{"id":442,"type":414,"label":423,"file":241,"line":443,"wp_function":425},"n8",421,[445,446,447,448,449],{"from":408,"to":413,"sanitized":227},{"from":418,"to":422,"sanitized":227},{"from":427,"to":431,"sanitized":227},{"from":435,"to":438,"sanitized":227},{"from":438,"to":442,"sanitized":227},{"entryPoint":451,"graph":452,"unsanitizedCount":79,"severity":41},"\u003Cbridge.init> (bridge.init.php:0)",{"nodes":453,"edges":463},[454,455,456,457,458,459,460,461,462],{"id":408,"type":409,"label":410,"file":170,"line":411},{"id":413,"type":414,"label":415,"file":170,"line":411,"wp_function":416},{"id":418,"type":409,"label":419,"file":170,"line":420},{"id":422,"type":414,"label":423,"file":170,"line":424,"wp_function":425},{"id":427,"type":409,"label":428,"file":170,"line":429},{"id":431,"type":414,"label":432,"file":170,"line":260,"wp_function":433},{"id":435,"type":409,"label":419,"file":170,"line":436},{"id":438,"type":439,"label":440,"file":170,"line":436},{"id":442,"type":414,"label":423,"file":241,"line":443,"wp_function":425},[464,465,466,467,468],{"from":408,"to":413,"sanitized":229},{"from":418,"to":422,"sanitized":229},{"from":427,"to":431,"sanitized":229},{"from":435,"to":438,"sanitized":227},{"from":438,"to":442,"sanitized":227},{"entryPoint":470,"graph":471,"unsanitizedCount":79,"severity":41},"cc_whmcs_bridge_admin (bridge_cp.php:149)",{"nodes":472,"edges":477},[473,475],{"id":408,"type":409,"label":419,"file":205,"line":474},159,{"id":413,"type":414,"label":432,"file":205,"line":476,"wp_function":433},161,[478],{"from":408,"to":413,"sanitized":227},{"entryPoint":480,"graph":481,"unsanitizedCount":28,"severity":41},"cc_whmcs_bridge_parser_ajax1 (includes\\parser.inc.php:41)",{"nodes":482,"edges":488},[483,486],{"id":408,"type":409,"label":484,"file":241,"line":485},"$_REQUEST (x2)",43,{"id":413,"type":414,"label":423,"file":241,"line":487,"wp_function":425},353,[489],{"from":408,"to":413,"sanitized":227},{"entryPoint":491,"graph":492,"unsanitizedCount":79,"severity":41},"cc_whmcs_bridge_parser_ajax2 (includes\\parser.inc.php:363)",{"nodes":493,"edges":497},[494,496],{"id":408,"type":409,"label":419,"file":241,"line":495},365,{"id":413,"type":414,"label":423,"file":241,"line":443,"wp_function":425},[498],{"from":408,"to":413,"sanitized":227},{"entryPoint":500,"graph":501,"unsanitizedCount":215,"severity":41},"\u003Cparser.inc> (includes\\parser.inc.php:0)",{"nodes":502,"edges":509},[503,505,506,508],{"id":408,"type":409,"label":504,"file":241,"line":485},"$_REQUEST (x4)",{"id":413,"type":414,"label":423,"file":241,"line":487,"wp_function":425},{"id":418,"type":409,"label":419,"file":241,"line":507},248,{"id":422,"type":414,"label":432,"file":241,"line":286,"wp_function":433},[510,511],{"from":408,"to":413,"sanitized":227},{"from":418,"to":422,"sanitized":227},{"entryPoint":513,"graph":514,"unsanitizedCount":29,"severity":523},"cc_whmcs_bridge_add_admin (bridge_cp.php:101)",{"nodes":515,"edges":521},[516,518],{"id":408,"type":409,"label":419,"file":205,"line":517},117,{"id":413,"type":414,"label":519,"file":205,"line":323,"wp_function":520},"update_option() [Settings Manipulation]","update_option",[522],{"from":408,"to":413,"sanitized":229},"low",{"entryPoint":525,"graph":526,"unsanitizedCount":29,"severity":523},"\u003Cbridge_cp> (bridge_cp.php:0)",{"nodes":527,"edges":532},[528,529,530,531],{"id":408,"type":409,"label":419,"file":205,"line":517},{"id":413,"type":414,"label":519,"file":205,"line":323,"wp_function":520},{"id":418,"type":409,"label":419,"file":205,"line":474},{"id":422,"type":414,"label":432,"file":205,"line":476,"wp_function":433},[533,534],{"from":408,"to":413,"sanitized":229},{"from":418,"to":422,"sanitized":229},{"summary":536,"deductions":537},"The WHMCS Bridge plugin version 6.9 presents a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all SQL queries and implementing nonce checks on its entry points. The absence of any currently unpatched CVEs is also a strength, indicating that previously discovered vulnerabilities have been addressed.  However, several concerns warrant attention. The presence of two dangerous `unserialize` functions is a significant risk, as improper handling of serialized data can lead to remote code execution vulnerabilities. While taint analysis did not reveal critical or high severity unsanitized paths, the fact that 6 out of 8 analyzed flows had unsanitized paths suggests a potential for subtle vulnerabilities if the `unserialize` functions are misused or if other input handling mechanisms are not robust. Furthermore, a substantial 57% of output escaping indicates a potential for Cross-Site Scripting (XSS) vulnerabilities, especially considering past CVEs have been related to this type of attack. The plugin's history of medium severity XSS vulnerabilities, with the last one in early 2022, suggests a recurring issue that needs continuous vigilance.\n\nIn conclusion, while the plugin benefits from secure database interactions and basic input validation (nonces), the reliance on `unserialize` and the moderate level of output escaping are areas of concern that elevate its risk profile. The historical pattern of XSS vulnerabilities further emphasizes the need for careful review of how user-supplied data is handled and displayed. Developers should prioritize sanitizing and properly escaping all data, especially when dealing with potentially dangerous functions like `unserialize`.",[538,541,543,545],{"reason":539,"points":540},"Dangerous function 'unserialize' used",15,{"reason":542,"points":217},"Moderate output escaping (57% proper)",{"reason":544,"points":217},"Unsanitized paths in taint analysis flows",{"reason":546,"points":76},"2 known medium severity CVEs historically","2026-03-16T18:12:14.735Z",{"wat":549,"direct":560},{"assetPaths":550,"generatorPatterns":555,"scriptPaths":556,"versionParams":557},[551,552,553,554],"\u002Fwp-content\u002Fplugins\u002Fwhmcs-bridge\u002Fcss\u002Fwhmcs-bridge.css","\u002Fwp-content\u002Fplugins\u002Fwhmcs-bridge\u002Fjs\u002Fwhmcs-bridge.js","\u002Fwp-content\u002Fplugins\u002Fwhmcs-bridge\u002Fincludes\u002Fcss\u002Fwhmcs-bridge.css","\u002Fwp-content\u002Fplugins\u002Fwhmcs-bridge\u002Fincludes\u002Fjs\u002Fwhmcs-bridge.js",[],[552],[558,559],"whmcs-bridge\u002Fcss\u002Fwhmcs-bridge.css?ver=","whmcs-bridge\u002Fjs\u002Fwhmcs-bridge.js?ver=",{"cssClasses":561,"htmlComments":564,"htmlAttributes":570,"restEndpoints":575,"jsGlobals":576,"shortcodeOutput":579},[562,563],"whmcs_bridge_mainpage","whmcs_bridge_content",[565,566,567,568,569],"\u003C!-- WHMCS Bridge -->","\u003C!-- WHMCS Bridge End -->","\u003C!-- WHMCS Bridge CSS -->","\u003C!-- WHMCS Bridge JS -->","\u003C!-- WHMCS Bridge SSO -->",[571,572,573,574],"data-whmcs-bridge-url","data-whmcs-bridge-login-url","data-whmcs-bridge-register-url","data-whmcs-bridge-page-id",[],[577,578],"whmcs_bridge_vars","whmcs_bridge_ajaxurl",[580,581,582,583,584,585,586,587,588,589,590,591,592,593],"[whmcs_bridge]","[\u002Fwhmcs_bridge]","[whmcs_ticket]","[\u002Fwhmcs_ticket]","[whmcs_login]","[\u002Fwhmcs_login]","[whmcs_register]","[\u002Fwhmcs_register]","[whmcs_clientarea]","[\u002Fwhmcs_clientarea]","[whmcs_domainchecker]","[\u002Fwhmcs_domainchecker]","[whmcs_announcements]","[\u002Fwhmcs_announcements]"]