[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fHTkYldOcZg2j5q6C-Jms1Sv0XwenCmf2G-fWxSBJ4MI":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":39,"analysis":150,"fingerprints":237},"woo-worldpay-hosted-payment-gateway","WorldPay Hosted Payment Gateway","1.0.18","Priyank Patel","https:\u002F\u002Fprofiles.wordpress.org\u002Fpriyankkpatel\u002F","\u003Ch3>Overview\u003C\u002Fh3>\n\u003Cp>Easy plugin to add worldpay hosted payment support in your woocommerce based site. Users now will be given option to pay by card on the checkout page.\u003Cbr \u002F>\nYou can add information of your worldpay account from dashboard. To do so please follow these simple steps.\u003Cbr \u002F>\nStep 1: Go to Admin dashboard > WooCommerce > Settings > Payments > Custom Worldpay.\u003Cbr \u002F>\nStep 2: Please provide all the information in the givenm fields.\u003C\u002Fp>\n\u003Cp>Please refer this link for more information.\u003Cbr \u002F>\nhttp:\u002F\u002Fsupport.worldpay.com\u002Fsupport\u002Fkb\u002Fgg\u002Fcorporate-gateway-guide\u002Fcontent\u002Fhostedintegration\u002Fquickstart.htm\u003C\u002Fp>\n","Custom worldpay payment gateway for your woocommerce based site.",100,11107,20,3,"2020-10-05T12:13:00.000Z","5.5.18","4.5","",[20,21,22,23,24],"admin","administration","checkout","payment","worldpay","#","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwoo-worldpay-hosted-payment-gateway.1.0.20.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":11,"avg_security_score":35,"avg_patch_time_days":36,"trust_score":37,"computed_at":38},"priyankkpatel",2,89,30,86,"2026-04-04T08:17:26.478Z",[40,63,84,107,130],{"slug":41,"name":42,"version":43,"author":44,"author_profile":45,"description":46,"short_description":47,"active_installs":48,"downloaded":49,"rating":37,"num_ratings":50,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":54,"tags":55,"homepage":18,"download_link":59,"security_score":60,"vuln_count":61,"unpatched_count":28,"last_vuln_date":62,"fetched_at":30},"wp-maintenance-mode","LightStart – Maintenance Mode, Coming Soon and Landing Page Builder","2.6.20","Themeisle","https:\u002F\u002Fprofiles.wordpress.org\u002Fthemeisle\u002F","\u003Cp>Add a maintenance page to your blog that lets visitors know your blog is down for maintenance, add a coming soon page for a new website or create a landing page for an existing site. User with admin rights gets full access to the blog including the front end.\u003C\u002Fp>\n\u003Cp>Activate the plugin and your blog is in maintenance-mode, works and only registered users with enough rights can see the front end. You can use a date with a countdown timer for visitor information or set a value and unit for information.\u003C\u002Fp>\n\u003Cp>Also works with WordPress Multisite installs (each blog from the network has its own maintenance settings).\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Fully customizable (change colors, texts and backgrounds).\u003C\u002Fli>\n\u003Cli>Subscription form (export emails to .csv file).\u003C\u002Fli>\n\u003Cli>Countdown timer (remaining time).\u003C\u002Fli>\n\u003Cli>Contact form (receive emails from visitors).\u003C\u002Fli>\n\u003Cli>Coming soon page;\u003C\u002Fli>\n\u003Cli>Landing page templates;\u003C\u002Fli>\n\u003Cli>WordPress multisite;\u003C\u002Fli>\n\u003Cli>Responsive design;\u003C\u002Fli>\n\u003Cli>Social media icons;\u003C\u002Fli>\n\u003Cli>Works with any WordPress theme;\u003C\u002Fli>\n\u003Cli>SEO options;\u003C\u002Fli>\n\u003Cli>Exclude URLs from maintenance;\u003C\u002Fli>\n\u003Cli>Bot functionality to collect the emails in a friendly and efficient way;\u003C\u002Fli>\n\u003Cli>GDPR Ready;\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Bugs, technical hints or contribute\u003C\u002Fh4>\n\u003Cp>Please give us feedback, contribute and file technical bugs on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fandrianvaleanu\u002FWP-Maintenance-Mode\" rel=\"nofollow ugc\">GitHub Repo\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Credits\u003C\u002Fh4>\n\u003Cp>Developed by \u003Ca href=\"https:\u002F\u002Fthemeisle.com\" rel=\"nofollow ugc\">Themeisle\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>What’s Next\u003C\u002Fh4>\n\u003Cp>If you like this plugin, then consider checking out our other projects:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Foptimole.com\u002F\" rel=\"nofollow ugc\">Optimole\u003C\u002Fa> – Optimole is your all-in-one image optimization solution for WordPress & beyond.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpshout.com\u002F\" rel=\"nofollow ugc\">WPShout\u003C\u002Fa> – In-Depth WordPress Tutorials for Developers\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Frevive.social\u002F\" rel=\"nofollow ugc\">Revive Social\u003C\u002Fa> – Revive Old Posts helps you keep your content alive and in front the audiences that matter.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.codeinwp.com\u002F\" rel=\"nofollow ugc\">CodeinWP\u003C\u002Fa> – CodeinWP stands for all-things-WordPress. From web design to freelancing and from development to business, your questions are covered.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdomainwheel.com\" rel=\"nofollow ugc\">DomainWheel\u003C\u002Fa> – Free Short Website name generator, with the help of AI, for instant ideas.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Check-out \u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002Fblog\u002F\" title=\"Themeisle blog\" rel=\"nofollow ugc\">our blog\u003C\u002Fa> to learn from our \u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002Fblog\u002Fcategory\u002Fwordpress\u002Freviews\u002F\" title=\"WordPress Reviews\" rel=\"nofollow ugc\">WordPress Reviews\u003C\u002Fa> and see other \u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002Fblog\u002Fcategory\u002Fwordpress-plugins\u002F\" title=\"WordPress Plugins Comparisons\" rel=\"nofollow ugc\">WordPress plugins\u003C\u002Fa>.\u003C\u002Fp>\n","Easy Drag & Drop Page Builder that adds a splash page to your site that it's perfect for a coming soon page, maintenance or landing page.",500000,19310486,859,"2025-12-10T19:23:00.000Z","6.9.4","4.7","7.1",[20,21,56,57,58],"coming-soon","maintenance-mode","unavailable","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-maintenance-mode.2.6.20.zip",96,6,"2024-01-05 00:00:00",{"slug":64,"name":65,"version":66,"author":67,"author_profile":68,"description":69,"short_description":70,"active_installs":71,"downloaded":72,"rating":73,"num_ratings":74,"last_updated":75,"tested_up_to":76,"requires_at_least":77,"requires_php":18,"tags":78,"homepage":80,"download_link":81,"security_score":82,"vuln_count":34,"unpatched_count":28,"last_vuln_date":83,"fetched_at":30},"adminimize","Adminimize","1.11.11","WP Media","https:\u002F\u002Fprofiles.wordpress.org\u002Fwp_media\u002F","\u003Cp>If you manage a multi-author WordPress blog or WordPress sites for clients, then you may have wondered if it was possible to clean up the WordPress admin area for your users? There are lots of things in the WordPress admin area that your users don’t need to see or use. This plugin help you to hide unnecessary items from WordPress admin area.\u003C\u002Fp>\n\u003Cp>Adminimize makes it easy to remove items from view based on a user’s role.\u003C\u002Fp>\n\u003Ch4>What does this plugin do?\u003C\u002Fh4>\n\u003Cp>The plugin changes the administration backend and gives you the power to assign rights on certain parts. Admins can activate\u002Fdeactivate every part of the menu and even parts of the sub-menu. Meta fields can be administered separately for posts and pages. Certain parts of the write menu can be deactivated separately for admins or non-admins. The header of the backend is minimized and optimized to give you more space and the structure of the menu gets changed to make it more logical – this can all be done per user so each role and their resulting users can have his own settings.\u003C\u002Fp>\n\u003Ch4>Support Custom Post Type\u003C\u002Fh4>\n\u003Cp>The plugin support all functions also for custom post types, automatically in the settings page.\u003C\u002Fp>\n\u003Ch4>Support Custom Options on all different post types\u003C\u002Fh4>\n\u003Cp>It is possible to add own options to hide areas in the back-end of WordPress. It is easy and you must only forgive a ID or class, a selector, of the markup, that you will hide.\u003C\u002Fp>\n\u003Ch4>Compatibility with plugins for MetaBoxes in Write-area\u003C\u002Fh4>\n\u003Cp>You can add your own options, you must only check for css selectors.\u003C\u002Fp>\n\u003Ch4>Help with “Your own options”\u003C\u002Fh4>\n\u003Cp>See the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002F328449\" title=\"Plugin: Adminimize Help with Your own options (3 posts)\" rel=\"ugc\">entry on the WP community forum\u003C\u002Fa> for help with this great possibility.\u003C\u002Fp>\n\u003Ch4>License\u003C\u002Fh4>\n\u003Cp>Good news, this plugin is free for everyone! Since it’s released under the GPL, you can use it free of charge on your personal or commercial blog. But if you enjoy this plugin, you can thank me and leave a \u003Ca href=\"http:\u002F\u002Fbueltge.de\u002Fwunschliste\u002F\" title=\"Wishliste and Donate\" rel=\"nofollow ugc\">small donation\u003C\u002Fa> for the time I’ve spent writing and supporting this plugin. And I really don’t want to know how many hours of my life this plugin has already eaten 😉\u003C\u002Fp>\n\u003Ch4>Translations\u003C\u002Fh4>\n\u003Cp>The plugin comes with various translations, please refer to the \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FInstalling_WordPress_in_Your_Language\" title=\"Installing WordPress in Your Language\" rel=\"nofollow ugc\">WordPress Codex\u003C\u002Fa> for more information about activating the translation. If you want to help to translate the plugin to your language, please have a look at the sitemap.pot file which contains all definitions and may be used with a \u003Ca href=\"http:\u002F\u002Fwww.gnu.org\u002Fsoftware\u002Fgettext\u002F\" rel=\"nofollow ugc\">gettext\u003C\u002Fa> editor like \u003Ca href=\"http:\u002F\u002Fwww.poedit.net\u002F\" rel=\"nofollow ugc\">Poedit\u003C\u002Fa> (Windows) or use, I prefers this, the \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fadminimize\" rel=\"nofollow ugc\">translation service from wordpress.org\u003C\u002Fa>.\u003C\u002Fp>\n","Adminimize that lets you hide 'unnecessary' items from the WordPress backend",200000,3104947,94,253,"2024-03-15T16:24:00.000Z","6.4.8","4.0",[21,79],"customization","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadminimize\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadminimize.1.11.11.zip",84,"2014-08-01 00:00:00",{"slug":85,"name":86,"version":87,"author":88,"author_profile":89,"description":90,"short_description":91,"active_installs":92,"downloaded":93,"rating":94,"num_ratings":95,"last_updated":96,"tested_up_to":97,"requires_at_least":98,"requires_php":99,"tags":100,"homepage":105,"download_link":106,"security_score":94,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"remove-dashboard-access-for-non-admins","Remove Dashboard Access","1.2.1","TrustedLogin","https:\u002F\u002Fprofiles.wordpress.org\u002Ftrustedlogin\u002F","\u003Cp>The easiest and safest way to restrict access to your WordPress site’s Dashboard and administrative menus. Remove Dashboard Access is a lightweight plugin that automatically redirects users who shouldn’t have access to the Dashboard to a custom URL of your choosing. Redirects can also be configured on a per-role\u002Fper-capability basis, allowing you to keep certain users out of the Dashboard, while retaining access for others.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Limit Dashboard access to user roles:\n\u003Cul>\n\u003Cli>Admins only\u003C\u002Fli>\n\u003Cli>Admins + editors\u003C\u002Fli>\n\u003Cli>Admins, editors, and authors\u003C\u002Fli>\n\u003Cli>or restrict by specific user capability\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Choose your own redirect URL\u003C\u002Fli>\n\u003Cli>Optionally allow users to edit their profiles\u003C\u002Fli>\n\u003Cli>Display a message on the login screen so users know why they’re being redirected\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Blocking access to the Dashboard is a great way to prevent clients from breaking their sites, prevent users from seeing things they shouldn’t, and to keep your site’s backend more secure.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Allow only users with roles or capabilities:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>You can restrict Dashboard access to Admins only, Editors or above, Authors or above, or by selecting a specific user capability.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Grant access to user profiles:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Optionally allow all users the ability to edit their profiles in the Dashboard. Users lacking the chosen capability won’t be able to access any other sections of the Dashboard.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Show a custom login message:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Supply a message to display on the login screen. Leaving this blank disables the message.\u003C\u002Fli>\n\u003C\u002Ful>\n","Disable Dashboard access for users of a specific role or capability. Disallowed users are redirected to a chosen URL. Get set up in seconds.",30000,467245,92,78,"2024-11-29T20:13:00.000Z","6.7.5","3.1.0","5.3",[101,21,102,103,104],"access","dashboard","login","restrict","https:\u002F\u002Fwww.trustedlogin.com\u002Fremove-dashboard-access\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fremove-dashboard-access-for-non-admins.1.2.1.zip",{"slug":108,"name":109,"version":110,"author":111,"author_profile":112,"description":113,"short_description":114,"active_installs":115,"downloaded":116,"rating":37,"num_ratings":117,"last_updated":118,"tested_up_to":119,"requires_at_least":17,"requires_php":120,"tags":121,"homepage":125,"download_link":126,"security_score":127,"vuln_count":128,"unpatched_count":28,"last_vuln_date":129,"fetched_at":30},"error-log-monitor","Error Log Monitor","1.7.12","Janis Elsts","https:\u002F\u002Fprofiles.wordpress.org\u002Fwhiteshadow\u002F","\u003Cp>This plugin adds a Dashboard widget that displays the latest messages from your PHP error log. It can also send you email notifications about newly logged errors.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Automatically detects error log location.\u003C\u002Fli>\n\u003Cli>Explains how to configure PHP error logging if it’s not enabled yet.\u003C\u002Fli>\n\u003Cli>The number of displayed log entries is configurable.\u003C\u002Fli>\n\u003Cli>Sends you email notifications about logged errors (optional).\u003C\u002Fli>\n\u003Cli>Configurable email address and frequency.\u003C\u002Fli>\n\u003Cli>You can easily clear the log file.\u003C\u002Fli>\n\u003Cli>The dashboard widget is only visible to administrators.\u003C\u002Fli>\n\u003Cli>Optimized to work well even with very large log files.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Usage\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Once you’ve installed the plugin, go to the Dashboard and enable the “PHP Error Log” widget through the “Screen Options” panel. The widget should automatically display the last 20 lines from your PHP error log. If you see an error message like “Error logging is disabled” instead, follow the displayed instructions to configure error logging.\u003C\u002Fp>\n\u003Cp>Email notifications are disabled by default. To enable them, click the “Configure” link in the top-right corner of the widget and enter your email address in the “Periodically email logged errors to:” box. If desired, you can also change email frequency by selecting the minimum time interval between emails from the “How often to send email” drop-down.\u003C\u002Fp>\n","Adds a Dashboard widget that displays the latest messages from your PHP error log. It can also send logged errors to email.",20000,631204,48,"2025-10-01T15:12:00.000Z","6.8.5","7.4",[20,21,122,123,124],"dashboard-widget","error-reporting","php","http:\u002F\u002Fw-shadow.com\u002Fblog\u002F2012\u002F07\u002F25\u002Ferror-log-monitor-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ferror-log-monitor.1.7.12.zip",99,1,"2019-02-25 00:00:00",{"slug":131,"name":132,"version":133,"author":134,"author_profile":135,"description":136,"short_description":137,"active_installs":115,"downloaded":138,"rating":117,"num_ratings":139,"last_updated":140,"tested_up_to":52,"requires_at_least":141,"requires_php":18,"tags":142,"homepage":147,"download_link":148,"security_score":11,"vuln_count":128,"unpatched_count":28,"last_vuln_date":149,"fetched_at":30},"woocommerce-gateway-amazon-payments-advanced","Amazon Pay for WooCommerce","2.6.1","WooCommerce","https:\u002F\u002Fprofiles.wordpress.org\u002Fwoocommerce\u002F","\u003Cp>\u003Cstrong>What is Amazon Pay?\u003C\u002Fstrong> An end-to-end payment solution that gives hundreds of millions of active Amazon customers [1] a familiar, fast, and secure way to complete their purchase through your online store. Shoppers can use the address and payment information already stored in their Amazon account to check out – avoiding account creation or the need to re-enter their billing and shipping information. The performance is continually optimized by technology, learnings, and best practices from Amazon.\u003C\u002Fp>\n\u003Cp>As earth’s most customer-centric company, we are continuously innovating on behalf of our customers. With 91% of Amazon Pay customers saying they would use Amazon Pay again and hundreds of millions of active Amazon customers already enabled for Amazon Pay, it can make it easier for you to deliver an improved customer experience online [2].\u003C\u002Fp>\n\u003Ch4>The benefits of using Amazon Pay\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Keep customers engaged – from cart to finish\u003C\u002Fstrong>\u003Cbr \u002F>\n37% percent of customers abandon a site because they’re asked to create an account.[3] With Amazon Pay, there’s no need to create a new account or enter new information on your site.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Reduce chargebacks and fraudulent transactions\u003C\u002Fstrong>\u003Cbr \u002F>\nThe Amazon brand is a proven winner of customer trust.[4] Our advanced fraud protection is the same technology used on Amazon.com\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Grow your audience with co-marketing initiatives\u003C\u002Fstrong>\u003Cbr \u002F>\nThe cost of acquiring new customers has increased by over 50% over the last five years.[5] With Amazon Pay co-marketing programs, tap into Amazon’s customer base of 200m+ global Prime customers.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Leverage the latest technology that customers love\u003C\u002Fstrong>\u003Cbr \u002F>\nBenefit from Amazon’s ecommerce innovations, enable features like recurring payments, let customers shop with their voice using Alexa, and much more.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>PSD2 compliant\u003C\u002Fstrong>: Built-in support for Strong Customer Authentication (SCA) as required under the Second Payment Services Directive (PSD2) in the European Economic Area (EEA).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multi-currency\u003C\u002Fstrong>: Maintain the local currency experience across the shopping journey and help customers avoid currency conversion fees from their credit card issuer or bank.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Recurring payment support for \u003Ca href=\"https:\u002F\u002Fwoocommerce.com\u002Fproducts\u002Fwoocommerce-subscriptions\u002F\" rel=\"nofollow ugc\">WooCommerce Subscriptions\u003C\u002Fa>\u003C\u002Fstrong> (separate purchase): available for USA, UK, Germany, France, Italy, Ireland, Spain, Luxembourg, Austria, Belgium, Cyprus, Netherlands, Sweden, Portugal, Hungary, Denmark and Japan.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic Decline Handling\u003C\u002Fstrong>: Reduce lost sales with a consistent experience for customers to gracefully recover from a declined payment.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Payment Protection Policy\u003C\u002Fstrong>: Protection against fraud-related chargebacks[6].\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Amazon Pay A-to-z Guarantee\u003C\u002Fstrong>: Increase customer confidence to complete purchase in your online store with extra assurance on the timeliness of delivery and order quality[7] .\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Delivery Notifications\u003C\u002Fstrong>: Proactively alert customers on the arrival status of physical goods orders via Amazon Alexa[8].\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Definitions\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>[1] Represents active Amazon customer accounts, 2020.\u003C\u002Fli>\n\u003Cli>[2] Consumer Net Promoter Score (NPS) Surveys: Conducted by Amazon Pay in 2019 among US, UK, DE, FR, IT, and ES consumers who had used Amazon Pay in the 12 months preceding to the survey launch dates.\u003C\u002Fli>\n\u003Cli>[3] Data from Mobile Checkout Optimization Report, by the Baymard Institute, 2020, commissioned by Amazon Pay.\u003C\u002Fli>\n\u003Cli>[4] Axios Harris Poll 100, Corporate Reputation Rankings, July 2020.\u003C\u002Fli>\n\u003Cli>[5] Profitwell, 2020\u003C\u002Fli>\n\u003Cli>[6] Available for qualified physical goods purchases only.\u003C\u002Fli>\n\u003Cli>[7] For eligible transactions detailed on the \u003Ca href=\"https:\u002F\u002Fpay.amazon.com\u002Fhelp\u002F201212430\" rel=\"nofollow ugc\">Amazon Pay Customer Agreement\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>[8] Not available for Royal Mail in the UK.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How to enable Amazon Pay on WooCommerce\u003C\u002Fh4>\n\u003Cp>It only takes a few clicks to enable Amazon Pay on your WooCommerce storefront.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FrYoiEjl5Ek8?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n","Install the Amazon Pay plugin for your WooCommerce store and take advantage of a seamless checkout experience",537568,26,"2026-01-21T17:12:00.000Z","5.5",[143,22,144,145,146],"amazon","e-commerce","payments","woocommerce","https:\u002F\u002Fwoocommerce.com\u002Fproducts\u002Fpay-with-amazon\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwoocommerce-gateway-amazon-payments-advanced.2.6.1.zip","2021-05-14 00:00:00",{"attackSurface":151,"codeSignals":178,"taintFlows":195,"riskAssessment":222,"analyzedAt":236},{"hooks":152,"ajaxHandlers":174,"restRoutes":175,"shortcodes":176,"cronEvents":177,"entryPointCount":28,"unprotectedCount":28},[153,159,163,167,171],{"type":154,"name":155,"callback":156,"file":157,"line":158},"filter","woocommerce_payment_gateways","whpg_custom_worldpay_class","worldpay.php",12,{"type":160,"name":161,"callback":162,"file":157,"line":139},"action","wp_enqueue_scripts","whpg_load_worldpat_scripts",{"type":160,"name":164,"callback":165,"file":157,"line":166},"wp_footer","whpg_load_payment_iframe",36,{"type":160,"name":168,"callback":169,"priority":28,"file":157,"line":170},"plugins_loaded","whpg_custom_worldpay_init",72,{"type":160,"name":172,"callback":173,"file":157,"line":73},"admin_notices","do_ssl_check",[],[],[],[],{"dangerousFunctions":179,"sqlUsage":180,"outputEscaping":182,"fileOperations":28,"externalRequests":128,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":194},[],{"prepared":28,"raw":28,"locations":181},[],{"escaped":28,"rawEcho":183,"locations":184},4,[185,188,190,192],{"file":157,"line":186,"context":187},49,"raw output",{"file":157,"line":189,"context":187},50,{"file":157,"line":191,"context":187},51,{"file":157,"line":193,"context":187},214,[],[196,213],{"entryPoint":197,"graph":198,"unsanitizedCount":128,"severity":212},"whpg_load_payment_iframe (worldpay.php:37)",{"nodes":199,"edges":209},[200,204],{"id":201,"type":202,"label":203,"file":157,"line":191},"n0","source","$_COOKIE['worldpay_url']",{"id":205,"type":206,"label":207,"file":157,"line":191,"wp_function":208},"n1","sink","echo() [XSS]","echo",[210],{"from":201,"to":205,"sanitized":211},false,"medium",{"entryPoint":214,"graph":215,"unsanitizedCount":128,"severity":221},"\u003Cworldpay> (worldpay.php:0)",{"nodes":216,"edges":219},[217,218],{"id":201,"type":202,"label":203,"file":157,"line":191},{"id":205,"type":206,"label":207,"file":157,"line":191,"wp_function":208},[220],{"from":201,"to":205,"sanitized":211},"low",{"summary":223,"deductions":224},"The plugin 'woo-worldpay-hosted-payment-gateway' v1.0.18 presents a mixed security posture.  On the positive side, there are no reported CVEs, indicating a historical absence of publicly disclosed vulnerabilities. Furthermore, all SQL queries are prepared, which is a strong defense against SQL injection. The attack surface appears minimal with no AJAX handlers, REST API routes, shortcodes, or cron events, and all present entry points are protected.  However, a significant concern arises from the static analysis of the code signals, specifically the output escaping. With 4 total outputs and 0% properly escaped, there is a high risk of cross-site scripting (XSS) vulnerabilities. This is further amplified by the taint analysis, which reveals 2 flows with unsanitized paths. While these flows are not categorized as critical or high severity, the presence of unsanitized paths is a direct indicator of potential XSS or other injection vulnerabilities that could be exploited if they lead to output. The lack of nonce checks and capability checks on any entry points, though the attack surface is reported as zero, could become a risk if the attack surface grows in future versions without corresponding security updates.\n\nIn conclusion, while the plugin benefits from a clean vulnerability history and secure database practices, the identified issues with output escaping and unsanitized taint flows represent significant weaknesses. The lack of proper output sanitization is a direct gateway for XSS attacks, and the unsanitized paths in the taint analysis highlight potential injection risks that require immediate attention. The absence of explicit capability and nonce checks, while currently mitigated by the zero attack surface, should be monitored in future updates. Addressing these output and taint issues is crucial for improving the plugin's security.",[225,228,231,234],{"reason":226,"points":227},"Output escaping not implemented",8,{"reason":229,"points":230},"Unsanitized paths in taint flows",7,{"reason":232,"points":233},"No nonce checks",5,{"reason":235,"points":233},"No capability checks","2026-03-16T20:55:03.337Z",{"wat":238,"direct":245},{"assetPaths":239,"generatorPatterns":241,"scriptPaths":242,"versionParams":244},[240],"\u002Fwp-content\u002Fplugins\u002Fworldpay\u002Fworldpay-style.css",[],[243],"https:\u002F\u002Fpayments.worldpay.com\u002Fresources\u002Fhpp\u002Fintegrations\u002Fembedded\u002Fjs\u002Fhpp-embedded-integration-library.js",[],{"cssClasses":246,"htmlComments":248,"htmlAttributes":249,"restEndpoints":254,"jsGlobals":255,"shortcodeOutput":259},[247],"custom-worldpay-html",[],[250,251,252,253],"iframeIntegrationId","iframeHelperURL","iframeBaseURL","target",[],[256,257,258],"customOptions","WPCL","libraryObject",[]]