[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fjb0YdugqT3EHrwbV_fNkME7ezm7VNVvqdLwURR8dvsc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":36,"analysis":83,"fingerprints":142},"woo-payment-addon","WePay Woocommerce addon","3.0.0","Yogesh Pawar","https:\u002F\u002Fprofiles.wordpress.org\u002Fpawaryogesh1989\u002F","\u003Cp>This plugin is an addon for WooCommerce to implement a payment gateway method for accepting \u003Cstrong>Credit Cards Payments\u003C\u002Fstrong> By merchants via \u003Cstrong>WePay Payment\u003C\u002Fstrong> Gateway\u003C\u002Fp>\n\u003Cp>To generate client ID, client secret, Access Token, and Account ID please visit https:\u002F\u002Fdeveloper.wepay.com\u002Fapi\u002F and create a new account and register a new APP.\u003C\u002Fp>\n","This plugin is an addon for WooCommerce to implement a payment gateway method for accepting Credit Cards Payments By merchants via WePay Payment Gatew …",30,4181,0,"2021-01-05T11:30:00.000Z","5.6.17","5.0","",[19,20,21,22,23],"wepay","wepay-woocommerce","wepay-woocommerce-addon","woocomerce-wepay","wordpress-wepay-integration","http:\u002F\u002Fclariontechnologies.co.in","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwoo-payment-addon.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":26,"avg_patch_time_days":11,"trust_score":34,"computed_at":35},"pawaryogesh1989",11,600,84,"2026-04-04T21:14:35.908Z",[37,56,72],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":13,"num_ratings":13,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":17,"tags":50,"homepage":54,"download_link":55,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"edd-wepay-oauth2","Crowdfunding WePay oAuth 2.0 by Astoundify","0.4","Adam Pickering","https:\u002F\u002Fprofiles.wordpress.org\u002Fadampickering\u002F","\u003Cp>Add WePay oAuth2 support for Easy Digital Downloads WePay and Crowdfunding by Astoundify.\u003C\u002Fp>\n\u003Ch4>Where can I use this?\u003C\u002Fh4>\n\u003Cp>We currently have two compatible themes that have been released:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The first theme released is called \u003Ca href=\"http:\u002F\u002Fthemeforest.net\u002Fitem\u002Ffundify-crowd-funding-wordpress-theme\u002F4257622?ref=Astoundify\" rel=\"nofollow ugc\">“Fundify”\u003C\u002Fa> from \u003Ca href=\"http:\u002F\u002FAstoundify.com\u002Ffundify.html\" rel=\"nofollow ugc\">Astoundify\u003C\u002Fa> A large community crowdfunding theme, like Kickstarter or Indiegogo.\u003C\u002Fli>\n\u003Cli>The second theme released is called \u003Ca href=\"http:\u002F\u002Fthemeforest.net\u002Fitem\u002Fcampaignify-multipurpose-crowdfunding-theme\u002F4725411?ref=Astoundify\" rel=\"nofollow ugc\">“Campaignify”\u003C\u002Fa> from \u003Ca href=\"http:\u002F\u002FAstoundify.com\u002F\" rel=\"nofollow ugc\">Astoundify\u003C\u002Fa> A multi-purpose crowdfunding theme, great for single project crowdfunding.\u003C\u002Fli>\n\u003C\u002Ful>\n","Add WePay oAuth2 support for Easy Digital Downloads WePay and Crowdfunding by Astoundify.",10,3880,"2014-06-25T20:53:00.000Z","3.9.40","3.5",[51,52,53,19],"downloads","easy-digital-downloads","gateway","https:\u002F\u002Fgithub.com\u002Fastoundify","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fedd-wepay-oauth2.0.4.zip",{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":45,"downloaded":64,"rating":13,"num_ratings":13,"last_updated":65,"tested_up_to":66,"requires_at_least":67,"requires_php":17,"tags":68,"homepage":70,"download_link":71,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"wepay-wordpress-plugin","WePay WordPress Plugin","1.5","apinnt","https:\u002F\u002Fprofiles.wordpress.org\u002Fapinnt\u002F","\u003Cp>You can easily create wepay buttons with simple short codes.\u003C\u002Fp>\n\u003Cp>What you can do with this version\u003Cbr \u002F>\n  –  See you account balance\u003Cbr \u002F>\n  –  Create buttons for your users to make payments on using shortcodes. (Totally customizable, make the button any type.)\u003Cbr \u002F>\n  –  Settings Menu to control API information\u003C\u002Fp>\n","Allows you to use a Wepay account to accept payments easily online thru your wordpress installation. Easy install, drag and drop.",6166,"2013-01-31T01:00:00.000Z","3.4.2","2.0.2",[19,69],"wepay-plugin","http:\u002F\u002Fwww.alanpinnt.com\u002Fwordpress-wepay-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwepay-wordpress-plugin.1.5.zip",{"slug":73,"name":74,"version":75,"author":60,"author_profile":61,"description":76,"short_description":77,"active_installs":45,"downloaded":78,"rating":13,"num_ratings":13,"last_updated":79,"tested_up_to":66,"requires_at_least":67,"requires_php":17,"tags":80,"homepage":81,"download_link":82,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"wp-thumbs","WP Thumbs Plugin","1.1","\u003Cp>WP Thumbs is a voting plugin that allows users to like or dislike posts and pages.\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Cp>*Thumbs up or down mode\u003Cbr \u002F>\n*Like button only mode\u003Cbr \u002F>\n*Like\u002FDislike button mode\u003Cbr \u002F>\n*Graph of clicks\u003Cbr \u002F>\n*Customizable via CSS\u003Cbr \u002F>\n*WPMU Compatible\u003Cbr \u002F>\n*User only or cookie based security.\u003Cbr \u002F>\n*Placement of buttons\u003Cbr \u002F>\n*Page or Post Placement\u003C\u002Fp>\n\u003Cp>Future:\u003C\u002Fp>\n\u003Cp>*IP based security\u003Cbr \u002F>\n*Reset likes\u002Fdislikes from wp-admin editor\u003C\u002Fp>\n","WP Thumbs is a voting plugin that allows users to like or dislike posts and pages. There are many customization options.",4271,"2012-11-27T02:18:00.000Z",[19,69],"http:\u002F\u002Fwww.alanpinnt.com\u002Fwp-thumbs\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-thumbs.1.1.zip",{"attackSurface":84,"codeSignals":109,"taintFlows":131,"riskAssessment":132,"analyzedAt":141},{"hooks":85,"ajaxHandlers":105,"restRoutes":106,"shortcodes":107,"cronEvents":108,"entryPointCount":13,"unprotectedCount":13},[86,92,96,101],{"type":87,"name":88,"callback":89,"file":90,"line":91},"action","woocommerce_receipt_wepay","receipt_page","woocommerce-wepay-addon.php",89,{"type":87,"name":93,"callback":94,"file":90,"line":95},"woocommerce_api_wc_wepay_gateway","callback",90,{"type":97,"name":98,"callback":99,"file":90,"line":100},"filter","woocommerce_payment_gateways","woocommerce_add_wepay_gateway_method",476,{"type":87,"name":102,"callback":103,"priority":13,"file":90,"line":104},"plugins_loaded","woocommerce_wepay_payment_init",478,[],[],[],[],{"dangerousFunctions":110,"sqlUsage":111,"outputEscaping":113,"fileOperations":13,"externalRequests":129,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":130},[],{"prepared":13,"raw":13,"locations":112},[],{"escaped":13,"rawEcho":114,"locations":115},6,[116,119,121,123,125,127],{"file":90,"line":117,"context":118},213,"raw output",{"file":90,"line":120,"context":118},216,{"file":90,"line":122,"context":118},223,{"file":90,"line":124,"context":118},342,{"file":90,"line":126,"context":118},348,{"file":90,"line":128,"context":118},350,1,[],[],{"summary":133,"deductions":134},"The \"woo-payment-addon\" v3.0.0 plugin exhibits a concerning security posture primarily due to a complete lack of output escaping, which is a significant vulnerability. While the static analysis reveals no dangerous functions, no SQL queries that are not prepared, and no file operations, the absence of any output escaping for the 6 identified outputs means that any data displayed to users could potentially be manipulated, leading to cross-site scripting (XSS) attacks. The plugin also makes an external HTTP request, which, without further context on what data is being sent and received, could pose a risk if the endpoint is compromised or the data is not properly handled.  The plugin's history of zero known vulnerabilities is a positive sign, suggesting a potentially well-maintained codebase or a lack of focused attacks. However, this is heavily outweighed by the critical flaw in output sanitization. In conclusion, while the plugin avoids common pitfalls like raw SQL and a large attack surface, the unescaped output represents a severe weakness that requires immediate attention.",[135,138],{"reason":136,"points":137},"All outputs are unescaped",18,{"reason":139,"points":140},"External HTTP request without clear context",4,"2026-03-16T22:31:04.113Z",{"wat":143,"direct":149},{"assetPaths":144,"generatorPatterns":146,"scriptPaths":147,"versionParams":148},[145],"\u002Fwp-content\u002Fplugins\u002Fwoo-payment-addon\u002Fclasses\u002Fwepay.php",[],[],[],{"cssClasses":150,"htmlComments":151,"htmlAttributes":152,"restEndpoints":153,"jsGlobals":155,"shortcodeOutput":156},[],[],[],[154],"\u002Fwc_wepay_gateway",[],[]]