[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fJTHEbf7DcxSse7_S7GM7aT39FWEPXQRnJvfKEtNKNko":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":34,"analysis":114,"fingerprints":195},"wompi-el-salvador","Payment Integration Wompi – El Salvador","1.2.7","wompisv","https:\u002F\u002Fprofiles.wordpress.org\u002Fwompisv\u002F","\u003Cp>Esta es una extensión para integrar la pasarela de pago de Wompi – El Salvador para el sistema de carrito de compras de WooCommerce de WordPress. Con este Plugin podrá aceptar diferentes formas de pago directamente en su tienda online.\u003C\u002Fp>\n\u003Cp>REQUISITOS\u003Cbr \u002F>\n-PHP version 7.1+\u003Cbr \u002F>\n-WordPress 5.4+\u003Cbr \u002F>\n-WooCommerce 4.3+\u003C\u002Fp>\n\u003Ch3>Additional Info\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Contribuye\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwompisv\u002Fwocommerce-wompi-sv-plugin\" rel=\"nofollow ugc\">Repositorio en github\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.infinitechsv.com\" rel=\"nofollow ugc\">www.infinitechsv.com\u003C\u002Fa> \u003Ca href=\"http:\u002F\u002Fwww.bitworks.com.sv\" rel=\"nofollow ugc\">www.bitworks.com.sv\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Integración para Wompi - El Salvador para Woocommerce",800,13531,0,"2022-10-11T20:27:00.000Z","","5.3","7.1",[19,20,21,22],"commerce","e-commerce","store","wordpress-ecommerce","https:\u002F\u002Fgithub.com\u002Fwompisv\u002Fwocommerce-wompi-sv-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwompi-el-salvador.1.2.7.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},1,30,84,"2026-04-04T05:39:24.495Z",[35,53,71,86,101],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":32,"num_ratings":45,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":49,"tags":50,"homepage":15,"download_link":51,"security_score":52,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"payment-integration-wompi","Payment Integration Wompi","4.0.1","Saul Morales Pacheco","https:\u002F\u002Fprofiles.wordpress.org\u002Fsaulmorales\u002F","\u003Cp>With Wompi you have different payment alternatives: nequi, PSE, credit card\u003C\u002Fp>\n\u003Ch3>Additional Info\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Contribute\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsaulmoralespa\u002Fwoo-wompi-payment\" rel=\"nofollow ugc\">repository on github\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsaulmoralespa.com\" rel=\"nofollow ugc\">Website\u003C\u002Fa> \u003Ca href=\"https:\u002F\u002Fwww.linkedin.com\u002Fin\u002Fsaulmoralespa\u002F\" rel=\"nofollow ugc\">Linkedin\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Integration of Wompi for Woocommerce",1000,30976,5,"2024-08-06T17:47:00.000Z","6.6.5","6.0","8.0",[19,20,21,22],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpayment-integration-wompi.4.0.1.zip",92,{"slug":54,"name":55,"version":56,"author":57,"author_profile":58,"description":59,"short_description":60,"active_installs":61,"downloaded":62,"rating":63,"num_ratings":45,"last_updated":64,"tested_up_to":65,"requires_at_least":66,"requires_php":67,"tags":68,"homepage":15,"download_link":70,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"pay-with-ath-movil-woocommerce-gateway","Pay with ATH Movil (WooCommerce payment gateway)","1.2.2","Roberto Torres","https:\u002F\u002Fprofiles.wordpress.org\u002Frobtorres\u002F","\u003Cp>This is a ATH Movil Payment Gateway for WooCommerce.\u003C\u002Fp>\n\u003Cp>ATH Movil allows you to securely sell your products online allowing the customer to pay you with their ATH Movil account.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>IMPORTANT\u003C\u002Fstrong>: ATH Movil open a pop window every time the user click the “Pay with ATH móvil” button. Make sure your customers don’t use a popup blocker or they won’t be able to make payments through this gateway.\u003C\u002Fp>\n","Accept ATH Movil payments on your WooCommerce store.",100,4787,88,"2022-09-30T16:54:00.000Z","5.8.13","4.4","7.0",[19,20,69,21,22],"ecommerce","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpay-with-ath-movil-woocommerce-gateway.zip",{"slug":72,"name":73,"version":74,"author":39,"author_profile":40,"description":75,"short_description":76,"active_installs":77,"downloaded":78,"rating":79,"num_ratings":80,"last_updated":81,"tested_up_to":82,"requires_at_least":48,"requires_php":83,"tags":84,"homepage":15,"download_link":85,"security_score":61,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"shipping-servientrega-woocommerce","Shipping Servientrega Woocommerce","7.0.7","\u003Cp>Integración de Servientrega como método de envío para Woocommerce. Actualmente esta versión solo permite calcular el costo de envío. \u003Ca href=\"https:\u002F\u002Fshop.saulmoralespa.com\u002Fproducto\u002Fplugin-shipping-servientrega-woocommerce\u002F\" rel=\"nofollow ugc\">versión completa\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsaulmoralespa.com\" rel=\"nofollow ugc\">Website\u003C\u002Fa> \u003Ca href=\"https:\u002F\u002Fwww.linkedin.com\u002Fin\u002Fsaulmoralespa\u002F\" rel=\"nofollow ugc\">Linkedin\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Servientrega empresa transportadora de Colombia",50,22821,60,2,"2026-02-09T19:34:00.000Z","6.9.4","8.2",[19,20,21,22],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fshipping-servientrega-woocommerce.7.0.7.zip",{"slug":87,"name":88,"version":89,"author":39,"author_profile":40,"description":90,"short_description":91,"active_installs":92,"downloaded":93,"rating":61,"num_ratings":94,"last_updated":95,"tested_up_to":96,"requires_at_least":97,"requires_php":98,"tags":99,"homepage":15,"download_link":100,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"subscription-payu-latam","Subscription Payu Latam","2.0.5","\u003Cp>Subscription Payu Latam works together with the Woocommerce subscriptions plugin.\u003Cbr \u002F>\nReceive recurring payments for the countries Brazil, Colombia, Mexico and Peru\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Note:! Important you must request payu support to activate payment processing using the SDK\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Translations\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>English – default, always included\u003C\u002Fli>\n\u003Cli>English : Spanish, Español de españa, Colombia, México y Perú\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Additional Info\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Contribute\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsaulmoralespa\u002Fsubscription-payu-latam\" rel=\"nofollow ugc\">repository on github\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fsaulmoralespa\" rel=\"nofollow ugc\">Saul Morales Pacheco\u003C\u002Fa> \u003Ca href=\"http:\u002F\u002Ftwitter.com\u002Fsaulmoralespa\" rel=\"nofollow ugc\">@saulmoralespa\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Receive recurring payments for the countries Brazil, Colombia, Mexico and Peru",40,13502,7,"2022-07-18T21:45:00.000Z","6.1.10","5.4","7.1.0",[19,20,21,22],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsubscription-payu-latam.2.0.5.zip",{"slug":102,"name":103,"version":104,"author":39,"author_profile":40,"description":105,"short_description":106,"active_installs":31,"downloaded":107,"rating":108,"num_ratings":109,"last_updated":110,"tested_up_to":111,"requires_at_least":48,"requires_php":49,"tags":112,"homepage":15,"download_link":113,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"subscription-epayco","Subscription ePayco","4.0.2","\u003Cp>Subscription ePayco works together with the Woocommerce subscriptions plugin.\u003C\u002Fp>\n\u003Ch3>Additional Info\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Contribute\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsaulmoralespa\u002Fsubscription-epayco\" rel=\"nofollow ugc\">repository on github\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsaulmoralespa.com\" rel=\"nofollow ugc\">Website\u003C\u002Fa> \u003Ca href=\"https:\u002F\u002Fwww.linkedin.com\u002Fin\u002Fsaulmoralespa\u002F\" rel=\"nofollow ugc\">Linkedin\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Receive recurring payments",9653,76,4,"2024-03-04T15:57:00.000Z","6.4.8",[19,20,21,22],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsubscription-epayco.4.0.2.zip",{"attackSurface":115,"codeSignals":146,"taintFlows":162,"riskAssessment":181,"analyzedAt":194},{"hooks":116,"ajaxHandlers":142,"restRoutes":143,"shortcodes":144,"cronEvents":145,"entryPointCount":13,"unprotectedCount":13},[117,123,128,133,137],{"type":118,"name":119,"callback":120,"priority":13,"file":121,"line":122},"action","plugins_loaded","WOMPI_payment_init","wc-WOMPI-payment-gateway.php",12,{"type":124,"name":125,"callback":126,"file":121,"line":127},"filter","woocommerce_payment_gateways","add_WOMPI_payment_gateway",17,{"type":118,"name":129,"callback":130,"file":131,"line":132},"woocommerce_api_wc_gateway_wompi","validate_wompi_return","wc-WOMPI-payment.php",24,{"type":118,"name":134,"callback":135,"file":131,"line":136},"woocommerce_api_wc_webhook_wompi","validate_wompi_webhook",28,{"type":118,"name":138,"callback":139,"priority":140,"file":131,"line":141},"woocommerce_admin_order_data_after_billing_address","show_WOMPI_info",10,555,[],[],[],[],{"dangerousFunctions":147,"sqlUsage":148,"outputEscaping":150,"fileOperations":30,"externalRequests":160,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":161},[],{"prepared":13,"raw":13,"locations":149},[],{"escaped":45,"rawEcho":151,"locations":152},3,[153,156,158],{"file":131,"line":154,"context":155},474,"raw output",{"file":131,"line":157,"context":155},539,{"file":131,"line":159,"context":155},559,6,[],[163],{"entryPoint":164,"graph":165,"unsanitizedCount":30,"severity":180},"\u003Cwc-WOMPI-payment> (wc-WOMPI-payment.php:0)",{"nodes":166,"edges":177},[167,172],{"id":168,"type":169,"label":170,"file":131,"line":171},"n0","source","$_GET",201,{"id":173,"type":174,"label":175,"file":131,"line":159,"wp_function":176},"n1","sink","echo() [XSS]","echo",[178],{"from":168,"to":173,"sanitized":179},false,"low",{"summary":182,"deductions":183},"The \"wompi-el-salvador\" plugin v1.2.7 exhibits a mixed security posture. On the positive side, the plugin demonstrates good practices regarding SQL queries, exclusively utilizing prepared statements, and has no recorded vulnerabilities or CVEs. This suggests a generally conscientious approach to core security areas.  However, the static analysis reveals significant areas of concern.  The complete lack of nonce checks and capability checks, combined with 63% of output escaping being properly done, indicates a potential for Cross-Site Scripting (XSS) and other injection vulnerabilities where user-supplied data is not adequately validated or neutralized before being outputted.\n\nThe taint analysis identifying a flow with unsanitized paths, even if not classified as critical or high, is a red flag. This suggests a potential for path traversal or arbitrary file read\u002Fwrite vulnerabilities, especially considering the presence of a file operation. The plugin also makes multiple external HTTP requests, which could be a vector for compromised communication if not handled securely.  While the plugin's vulnerability history is clean, the code signals point to latent risks that could be exploited if not addressed. Therefore, while the plugin avoids known exploits, the lack of fundamental security checks like nonce and capability checks, coupled with the unsanitized path flow, presents a notable risk that requires remediation.",[184,186,188,190,192],{"reason":185,"points":140},"No nonce checks detected",{"reason":187,"points":140},"No capability checks detected",{"reason":189,"points":140},"Unsanitized path flow detected",{"reason":191,"points":160},"Improper output escaping (37%)",{"reason":193,"points":45},"File operations present without explicit checks","2026-03-16T19:16:36.950Z",{"wat":196,"direct":202},{"assetPaths":197,"generatorPatterns":199,"scriptPaths":200,"versionParams":201},[198],"\u002Fwp-content\u002Fplugins\u002Fwompi-el-salvador\u002Fassets\u002Fimages\u002Fwompi.png",[],[],[],{"cssClasses":203,"htmlComments":204,"htmlAttributes":205,"restEndpoints":206,"jsGlobals":208,"shortcodeOutput":209},[],[],[],[207],"\u002Fwp-json\u002Fwc\u002Fv1\u002Fwompi_payment",[],[]]