[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fKj-ZMFyItE8hIA6PfjS9noS3NEasfRyu_JmbDIZg-pc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":35,"analysis":128,"fingerprints":271},"wp-mtn-momo","MTN MOMO","0.0.1","bmatovu","https:\u002F\u002Fprofiles.wordpress.org\u002Fbmatovu\u002F","\u003Cp>This plugin helps you make transactions via \u003Ca href=\"https:\u002F\u002Fmomodeveloper.mtn.com\" rel=\"nofollow ugc\">MTN Mobile Money\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>The \u003Ca href=\"https:\u002F\u002Fmomodeveloper.mtn.com\u002Fproducts\" rel=\"nofollow ugc\">products\u003C\u002Fa> via available are:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmomodeveloper.mtn.com\u002Fdocs\u002Fservices\u002Fcollection\" rel=\"nofollow ugc\">Collections\u003C\u002Fa>; enable remote collection of bills, fees or taxes,\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmomodeveloper.mtn.com\u002Fdocs\u002Fservices\u002Fdisbursement\" rel=\"nofollow ugc\">Disbursements\u003C\u002Fa>; automatically deposit funds to multiple users, and\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmomodeveloper.mtn.com\u002Fdocs\u002Fservices\u002Fremittance\" rel=\"nofollow ugc\">Remittances\u003C\u002Fa>; remit funds to local recipients from the diaspora with ease.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The plugin is available for both \u003Cstrong>sandbox\u003C\u002Fstrong> & \u003Cstrong>live\u003C\u002Fstrong> environment.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Database tables\u003C\u002Fstrong>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>wp_mtn_momo_configurations\u003C\u002Fcode>:\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For saving environment viables used in for connecting and transacting on the MTN MOMO API.\u003C\u002Fp>\n\u003Cp>These configurations can be managed through the configuration panel in the plugin admin portal.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>wp_mtn_momo_tokens\u003C\u002Fcode>:\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For storing access tokens used for authenticating your client application on the MTN MOMO API.\u003C\u002Fp>\n\u003Cp>Contents of this table are managed automatically by the plugin, so you may not edit anything here manually.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>wp_mtn_momo_transactions\u003C\u002Fcode>:\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For keep track of transactions between your client application and MTN MOMO API.\u003C\u002Fp>\n\u003Cp>The plugin has a transactions page in the admin portal for managing and viewing this data.\u003Cbr \u002F>\nIt also includes an option to export these to MS Excel.\u003C\u002Fp>\n\u003Ch3>Arbitrary section\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Prerequisites\u003C\u002Fstrong>:\u003C\u002Fp>\n\u003Cp>You will need the following to get started with you integration…\u003C\u002Fp>\n\u003Col>\n\u003Cli>Create a \u003Ca href=\"https:\u002F\u002Fmomodeveloper.mtn.com\u002Fsignup\" rel=\"nofollow ugc\">\u003Cstrong>developer account\u003C\u002Fstrong>\u003C\u002Fa> with MTN MOMO.\u003C\u002Fli>\n\u003Cli>Subscribe to a \u003Ca href=\"https:\u002F\u002Fmomodeveloper.mtn.com\u002Fproducts\" rel=\"nofollow ugc\">\u003Cstrong>product\u002Fservice\u003C\u002Fstrong>\u003C\u002Fa> that you wish to consume.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>If you already subscribed to a product, the subscription key can be found in your \u003Ca href=\"https:\u002F\u002Fmomodeveloper.mtn.com\u002Fdeveloper\" rel=\"nofollow ugc\">\u003Cstrong>profile\u003C\u002Fstrong>\u003C\u002Fa>.\u003C\u002Fp>\n","MTN MOMO is a plugin to help you make transactions via MTN mobile money.",10,4004,0,"2020-06-04T17:17:00.000Z","5.4.19","5.3","5.3.6",[19,20,21,22,23],"mobile","mobile-money","momo","money","mtn","https:\u002F\u002Fgithub.com\u002Fmtvbrianking\u002Fwp-mtn-momo","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-mtn-momo.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},1,30,84,"2026-04-04T15:36:15.839Z",[36,56,78,97,115],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":11,"downloaded":44,"rating":13,"num_ratings":13,"last_updated":45,"tested_up_to":46,"requires_at_least":47,"requires_php":48,"tags":49,"homepage":54,"download_link":55,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"gateway-payougo-checkout","Gateway Payougo Checkout","1.0.5","Payougo","https:\u002F\u002Fprofiles.wordpress.org\u002Fpayou1302560\u002F","\u003Cp>A dedicated payment solution for businesses, online stores, blogs, points of sale and physical stores\u003C\u002Fp>\n\u003Cp>Take advantage of a secure payment platform that is quick to integrate and reliable. Who will optimally collect payments for your transactions.\u003C\u002Fp>\n\u003Cp>Start accepting payments now with a ready-to-use toolbox.\u003C\u002Fp>\n\u003Cp>Payougo agregregate Mobile Money payment System on main Africa Operator.\u003C\u002Fp>\n\u003Cp>Your clients will have to authenticate on the USSD portal to confirm their ongoing transactions.\u003C\u002Fp>\n\u003Cp>The Module is free of commission on Mobile Money transactions.\u003Cbr \u002F>\nAssistance and support free of charge.\u003Cbr \u002F>\nIt provide users a seamless, secured and simple payment experience.\u003C\u002Fp>\n\u003Cp>With Payougo, you can cash-out, few minutes after client payment is confirmed.\u003C\u002Fp>\n\u003Cp>About gateway Payougo :\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>“EASY INTEGRATION :” Start accepting payments when you sign up.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>“SECURITY OF PAYMENTS :” Pre-confirmation of payments before authorization through USSD Portal\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>“MULTICHANNEL PAYMENTS :” Increase your conversion rate with the best mobile money solutions and local and international payment methods.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fpayougo.com\u002Fdevenir-partenaire\u002F\" title=\"Click to contact\" rel=\"nofollow ugc\">Contact us\u003C\u002Fa> to open your merchant account and start offering online payments at your store\u003C\u002Fp>\n","With Payougo, easyly accept secure Orange Money & MTN Mobile Money payments from Cameroon subscribers on your web store.",2461,"2022-11-01T09:12:00.000Z","6.0.11","4.0","5.4",[20,50,51,52,53],"mtn-mobile-money","mtn-momo","orange-money","payougo","https:\u002F\u002Fpayougo.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgateway-payougo-checkout.zip",{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":13,"num_ratings":13,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":69,"tags":70,"homepage":74,"download_link":75,"security_score":76,"vuln_count":31,"unpatched_count":13,"last_vuln_date":77,"fetched_at":28},"campay-api","Campay Woocommerce Payment Gateway","1.2.3","campay","https:\u002F\u002Fprofiles.wordpress.org\u002Fcampay\u002F","\u003Cp>CamPay is a Fintech service of the company TAKWID\u003Cbr \u002F>\nGROUP which launched its financial services in Cameroon\u003Cbr \u002F>\nfrom January 2021.\u003C\u002Fp>\n\u003Cp>We provide businesses and institutions with solutions for\u003Cbr \u002F>\ncollecting and transferring money online, via primarily\u003Cbr \u002F>\nMobile Money(MTN and Orange).\u003C\u002Fp>\n\u003Cp>With CamPay, simplify the purchasing experience for\u003Cbr \u002F>\nyour customers thanks to our mobile money\u003Cbr \u002F>\npayment solutions, accessible via your website\u003Cbr \u002F>\nand\u002For mobile application.\u003C\u002Fp>\n\u003Ch4>How it functions backend\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Install CamPay Payment Gateway in your website with Woocommerce activated\u003C\u002Fli>\n\u003Cli>Active the plugin\u003C\u002Fli>\n\u003Cli>Go into Woocommerce payment methods setting and activate CamPay Payment Gateway\u003C\u002Fli>\n\u003Cli>Set your App username and password (get it from https:\u002F\u002Fcampay.net\u002F)\u003C\u002Fli>\n\u003Cli>Save your settings.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How it function frontend\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>On Checkout page select CamPay Payment Gateway as your payment method.\u003C\u002Fli>\n\u003Cli>Input phone number to use for the payment (it must be a 9 digits valide MTN or Orange phone number)\u003C\u002Fli>\n\u003Cli>Click Command button\u003C\u002Fli>\n\u003Cli>On your mobile phone confirm payment \u003C\u002Fli>\n\u003Cli>You will be automatically redirected if payment was successfull or receive a failure message in case payment failed.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Contributors & Developers\u003C\u002Fh3>\n\u003Cp>CamPay Payment Gateway REST API was develop by CamPay with Gabinho as contributor to develop the WordPress plugin for Woocommerce\u003C\u002Fp>\n","CamPay is a Fintech service of the company TAKWID",200,9344,"2026-01-03T21:57:00.000Z","6.9.4","4.9","8.1",[20,71,52,72,73],"mtn-money","payments","woocommerce","https:\u002F\u002Fcampay.net\u002Fwordpress\u002Fcampay-payment-gateway\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcampay-api.1.2.3.zip",99,"2025-12-11 14:34:19",{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":86,"downloaded":87,"rating":88,"num_ratings":89,"last_updated":90,"tested_up_to":46,"requires_at_least":47,"requires_php":91,"tags":92,"homepage":95,"download_link":96,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"momo-mobile-money-payments-woocommerce-extension","Checkout with Mobile Money, Western Union, WorldRemit, WorldRemit","4.3.1","The African Boss","https:\u002F\u002Fprofiles.wordpress.org\u002Ftheafricanboss\u002F","\u003Cp>\u003Cstrong>Now compatible with Translation plugins (like Loco, WPML, etc) meaning you can translate the Checkout, Thank you page and Email notices\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Cstrong>You can also add the carrier name of your mobile money account and display\u002Fhide the payment methods you accept in the PRO version\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>For more details about this woocommerce extension, \u003Cstrong>please visit \u003Ca href=\"https:\u002F\u002Ftheafricanboss.com\u002Fmomo\" rel=\"nofollow ugc\">The African Boss\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>See available screenshots or the store example of \u003Ca href=\"https:\u002F\u002Fgurastores.com\u002Ftest\u002F\" rel=\"nofollow ugc\">Gura Stores\u003C\u002Fa> for visual details.\u003C\u002Fp>\n\u003Ch4>PRO or customized version\u003C\u002Fh4>\n\u003Cp>Please reach out to theafricanboss@gmail.com for a customized version of this plugin or for the pro version.\u003C\u002Fp>\n\u003Cp>You may get upgrades of ‘MOMO PRO’ from \u003Ca href=\"https:\u002F\u002Ftheafricanboss.com\u002Fmomo\" rel=\"nofollow ugc\">The African Boss\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Upgrades include \u003Cstrong>adding multiple numbers, different carriers, and more\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>Demo\u003C\u002Fh4>\n\u003Cp>An example of the plugin in use is the following store:\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgurastores.com\u002Ftest\u002F\" rel=\"nofollow ugc\">Gura Stores\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Compatible or Available Countries\u003C\u002Fh4>\n\u003Cp>This plugin is compatible with \u003Cstrong>any carrier in any country\u003C\u002Fstrong> since all it does is report details of a mobile money transaction between a customer and a store owner.\u003C\u002Fp>\n\u003Cp>See the screenshots or the store example of \u003Ca href=\"https:\u002F\u002Fgurastores.com\u002Ftest\u002F\" rel=\"nofollow ugc\">Gura Stores\u003C\u002Fa> for visual details.\u003C\u002Fp>\n\u003Ch3>Upgrade for more\u003C\u002Fh3>\n\u003Cp>You may get upgrades of ‘MOMO PRO’ from \u003Ca href=\"https:\u002F\u002Ftheafricanboss.com\u002Fmomo\" rel=\"nofollow ugc\">The African Boss\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Upgrades include \u003Cstrong>adding multiple numbers, different carriers, and more\u003C\u002Fstrong>\u003C\u002Fp>\n","Receive mobile money, Western Union, WorldRemit payments from any country and carrier on your website with WooCommerce + MOMO",100,8589,46,3,"2022-10-02T09:13:00.000Z","5.0",[20,21,93,94,73],"money-transfer","western-union","https:\u002F\u002Ftheafricanboss.com\u002Fmomo","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmomo-mobile-money-payments-woocommerce-extension.zip",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":105,"downloaded":106,"rating":13,"num_ratings":13,"last_updated":107,"tested_up_to":67,"requires_at_least":108,"requires_php":69,"tags":109,"homepage":113,"download_link":114,"security_score":86,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"camoo-pay-for-ecommerce","CamooPay for e-Commerce – Mobile Money Gateway","1.0.9","Camoo Sarl","https:\u002F\u002Fprofiles.wordpress.org\u002Fcamoo\u002F","\u003Cp>\u003Cstrong>This is the Mobile Money payment gateway for e-Commerce.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>About the CamooPay for e-Commerce Plugin\u003C\u002Fh4>\n\u003Cp>CamooPay for e-commerce is an online payment service aggregator that allows web users and e-Commerce merchants to buy and sell on the Internet using international and all existing local payment methods in Cameroon.\u003Cbr \u002F>\nWe enable digital organizations to accept cash, Mobile Money, or card payment via a simple, unique API permitting local businesses to participate in the vast digital economy by transforming their service offerings into the world of e-commerce sites.\u003C\u002Fp>\n\u003Cp>This fully functional plugin has been developed for e-Commerce to help merchants diminish payment friction for their customers by meeting customers where they spend more and more time online!\u003C\u002Fp>\n\u003Cp>It works in both Sandbox (development mode) and Live (production mode)\u003C\u002Fp>\n\u003Ch4>About the plugin\u003C\u002Fh4>\n\u003Cp>Cameroonians avoid online buying because it lacks local payments known to consumers.\u003Cbr \u002F>\nCustomers are more likely to finalize a purchase on a site that has their preferred payment options. This CamooPay for e-commerce plugin permits you to use all Mobile money payment gateways available in Cameroon with the e-Commerce plugin. This integration uses a single API. The user experience for the end-user be it tech-savvy or not, is hassle-free.\u003C\u002Fp>\n\u003Ch4>What is CamooPay?\u003C\u002Fh4>\n\u003Cp>A digital one-stop-shop, providing cashless payment solutions for Government, Corporations and businesses, and also providing a seamless Digital payment solution, used by third-party agents to sell digital services to end consumers.\u003C\u002Fp>\n\u003Ch4>Does CamooPay work with High Performance Order Storage (HPOS)?\u003C\u002Fh4>\n\u003Cp>Yes! This plugin is fully compatible with WooCommerce’s High Performance Order Storage (HPOS) feature.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Pay with Cameroon MTN Mobile Money\u003C\u002Fli>\n\u003Cli>Pay with Cameroon Orange Mobile Money\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Donations\u003C\u002Fh3>\n","A secure and seamless plugin to receive and manage Cash, Mobile, and Card payments in Cameroon on your e-shop or website",20,1000,"2026-01-03T17:23:00.000Z","6.0",[110,111,20,23,112],"cameroon","e-commerce","orange","https:\u002F\u002Fgithub.com\u002Fcamoo\u002Fcamoo-woocommerce-gateway","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcamoo-pay-for-ecommerce.1.0.9.zip",{"slug":116,"name":117,"version":118,"author":60,"author_profile":61,"description":119,"short_description":63,"active_installs":11,"downloaded":120,"rating":13,"num_ratings":13,"last_updated":121,"tested_up_to":122,"requires_at_least":91,"requires_php":123,"tags":124,"homepage":126,"download_link":127,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"campay-give","CamPay Give Donation Payment Gateway","1.0","\u003Cp>CamPay is a Fintech service of the company TAKWID\u003Cbr \u002F>\nGROUP which launched its financial services in Cameroon\u003Cbr \u002F>\nfrom January 2021.\u003C\u002Fp>\n\u003Cp>We provide businesses and institutions with solutions for\u003Cbr \u002F>\ncollecting and transferring money online, via primarily\u003Cbr \u002F>\nMobile Money(MTN and Orange).\u003C\u002Fp>\n\u003Cp>With CamPay, simplify the purchasing experience for\u003Cbr \u002F>\nyour customers thanks to our mobile money\u003Cbr \u002F>\npayment solutions, accessible via your website\u003Cbr \u002F>\nand\u002For mobile application.\u003C\u002Fp>\n\u003Ch4>Requiremnts\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WP Give Donation plugin must be installed\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How to setup\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Install CamPay Give Donation Payment Gateway in your website\u003C\u002Fli>\n\u003Cli>Active the plugin\u003C\u002Fli>\n\u003Cli>Go to Give (Donations) settings then go to payment gateways\u003C\u002Fli>\n\u003Cli>Set your App username and password (get it from https:\u002F\u002Fcampay.net\u002F)\u003C\u002Fli>\n\u003Cli>Save your settings.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>WE ARE USING A THIRD PARTY (CAMPAY HTTP API) IN THIS PLUGIN PLEASE READ BELOW\u003C\u002Fh3>\n\u003Cp>Campay Give plugin uses CamPay REST API present on campay.net to process payments. Full documentation about the API is present here : https:\u002F\u002Fdocumenter.getpostman.com\u002Fview\u002F2391374\u002FT1LV8PVA\u003Cbr \u002F>\nthe get_token function calls the \u002Ftoken\u002F endpoint of campay REST API to authenticate the user using the API.\u003Cbr \u002F>\nthe execute_payment function calls the \u002Fcollect\u002F endpoint of campay REST API to prompt the website user to confirm his donation by inserting secret code on his phone.\u003Cbr \u002F>\nthe check_payment function calls the \u002Ftransaction\u002F endpoint of campay REST API to check the status of the transaction initiated by execute_payment.\u003C\u002Fp>\n\u003Cp>Please visit https:\u002F\u002Fdocumenter.getpostman.com\u002Fview\u002F2391374\u002FT1LV8PVA for more information and contact info@campay.net for any question.\u003Cbr \u002F>\nVisit https:\u002F\u002Fwww.campay.net\u002Fstatic\u002Fdocs\u002FCamPay_Terms_and_Conditions.pdf for terms and conditions of usage and https:\u002F\u002Fwww.campay.net\u002Fstatic\u002Fdocs\u002FCamPay_Privacy_Policy.pdf for our privacy policy\u003C\u002Fp>\n\u003Ch3>Contributors & Developers\u003C\u002Fh3>\n\u003Cp>CamPay Give Donation Payment Gateway was develop by CamPay with gabinho as contributor to develop the WordPress plugin for Give-Donations Plugin\u003C\u002Fp>\n",66012,"2023-12-13T10:59:00.000Z","6.3.8","7.0",[20,71,52,72,125],"wp-give","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcampay-give.1.0.zip",{"attackSurface":129,"codeSignals":182,"taintFlows":241,"riskAssessment":258,"analyzedAt":270},{"hooks":130,"ajaxHandlers":150,"restRoutes":165,"shortcodes":174,"cronEvents":179,"entryPointCount":180,"unprotectedCount":181},[131,137,142,146],{"type":132,"name":133,"callback":134,"priority":11,"file":135,"line":136},"filter","http_response","fn_mtn_momo_log_http_requests","wp-mtn-momo.php",57,{"type":138,"name":139,"callback":140,"file":135,"line":141},"action","admin_menu","fn_mtn_momo_admin_menu_action",59,{"type":138,"name":143,"callback":144,"file":135,"line":145},"admin_enqueue_scripts","fn_mtn_momo_page_scripts",61,{"type":138,"name":147,"callback":148,"file":135,"line":149},"rest_api_init","init",63,[151,156,159,163],{"action":152,"nopriv":153,"callback":154,"hasNonce":153,"hasCapCheck":153,"file":135,"line":155},"get_configurations",false,"fn_mtn_momo_ajax_get_configurations",65,{"action":152,"nopriv":157,"callback":154,"hasNonce":153,"hasCapCheck":153,"file":135,"line":158},true,67,{"action":160,"nopriv":153,"callback":161,"hasNonce":153,"hasCapCheck":153,"file":135,"line":162},"get_transaction_status","fn_mtn_momo_ajax_get_transaction_status",69,{"action":160,"nopriv":157,"callback":161,"hasNonce":153,"hasCapCheck":153,"file":135,"line":164},71,[166],{"namespace":167,"route":168,"methods":169,"callback":171,"permissionCallback":27,"file":172,"line":173},"mtn-momo\u002Fv1","\u002Ftransaction",[170],"PUT","update_transaction","class.rest-api.php",16,[175],{"tag":176,"callback":177,"file":135,"line":178},"mtn_momo_greeting","fn_mtn_momo_greeting",73,[],6,5,{"dangerousFunctions":183,"sqlUsage":184,"outputEscaping":197,"fileOperations":13,"externalRequests":238,"nonceChecks":239,"capabilityChecks":13,"bundledLibraries":240},[],{"prepared":185,"raw":89,"locations":186},4,[187,191,194],{"file":188,"line":189,"context":190},"core.php",91,"$wpdb->get_var() with variable interpolation",{"file":192,"line":11,"context":193},"pages\\configurations.php","$wpdb->get_results() with variable interpolation",{"file":195,"line":196,"context":193},"pages\\transactions.php",8,{"escaped":198,"rawEcho":199,"locations":200},9,18,[201,205,207,208,210,212,214,217,219,221,223,224,226,228,230,232,234,236],{"file":202,"line":203,"context":204},"helpers.php",87,"raw output",{"file":192,"line":206,"context":204},45,{"file":192,"line":162,"context":204},{"file":192,"line":209,"context":204},76,{"file":192,"line":211,"context":204},77,{"file":192,"line":213,"context":204},80,{"file":215,"line":216,"context":204},"pages\\sandbox.php",66,{"file":215,"line":218,"context":204},86,{"file":195,"line":220,"context":204},88,{"file":195,"line":222,"context":204},90,{"file":195,"line":189,"context":204},{"file":195,"line":225,"context":204},92,{"file":195,"line":227,"context":204},93,{"file":195,"line":229,"context":204},94,{"file":195,"line":231,"context":204},95,{"file":195,"line":233,"context":204},96,{"file":195,"line":235,"context":204},97,{"file":195,"line":237,"context":204},98,7,2,[],[242],{"entryPoint":243,"graph":244,"unsanitizedCount":13,"severity":257},"\u003Csandbox> (pages\\sandbox.php:0)",{"nodes":245,"edges":255},[246,250],{"id":247,"type":248,"label":249,"file":215,"line":196},"n0","source","$_POST",{"id":251,"type":252,"label":253,"file":215,"line":218,"wp_function":254},"n1","sink","echo() [XSS]","echo",[256],{"from":247,"to":251,"sanitized":157},"low",{"summary":259,"deductions":260},"The \"wp-mtn-momo\" v0.0.1 plugin exhibits a concerning security posture, primarily due to a significant number of unprotected entry points. With 5 out of 6 total entry points lacking authentication checks, the plugin presents a broad attack surface that could be exploited by unauthenticated users.  The static analysis also highlights issues with output escaping, where only 33% of outputs are properly escaped, increasing the risk of cross-site scripting (XSS) vulnerabilities.  While the absence of dangerous functions, SQL injection vulnerabilities (57% prepared statements), and critical taint flows is positive, the lack of capability checks on any entry points is a major weakness.\n\nThe vulnerability history shows no known CVEs, which is a positive indicator. However, the absence of past vulnerabilities, especially in conjunction with the current code analysis findings, does not necessarily guarantee future security. It could simply mean the plugin hasn't been thoroughly analyzed or targeted yet.  The plugin's early version (0.0.1) also suggests it might be incomplete or undergoing active development, which often correlates with higher security risks due to rushed development practices.\n\nIn conclusion, while the plugin avoids some critical vulnerabilities like dangerous functions and raw SQL, its significant number of unprotected AJAX handlers and REST API routes, coupled with poor output escaping, creates substantial security risks.  The lack of any capability checks on its entry points is a critical oversight. Developers should prioritize implementing robust authentication and authorization for all exposed functionalities and thoroughly review output escaping to mitigate potential XSS and other injection attacks.",[261,263,265,267],{"reason":262,"points":11},"Unprotected AJAX handlers",{"reason":264,"points":11},"Unprotected REST API routes",{"reason":266,"points":181},"Low output escaping percentage",{"reason":268,"points":269},"No capability checks on entry points",15,"2026-03-17T01:41:44.295Z",{"wat":272,"direct":281},{"assetPaths":273,"generatorPatterns":276,"scriptPaths":277,"versionParams":278},[274,275],"\u002Fwp-content\u002Fplugins\u002Fwp-mtn-momo\u002Fassets\u002Fcss\u002Fmtn-momo.css","\u002Fwp-content\u002Fplugins\u002Fwp-mtn-momo\u002Fassets\u002Fjs\u002Fmtn-momo.js",[],[275],[279,280],"wp-mtn-momo\u002Fassets\u002Fcss\u002Fmtn-momo.css?ver=","wp-mtn-momo\u002Fassets\u002Fjs\u002Fmtn-momo.js?ver=",{"cssClasses":282,"htmlComments":283,"htmlAttributes":297,"restEndpoints":299,"jsGlobals":301,"shortcodeOutput":303},[],[284,285,286,287,288,289,290,291,292,293,294,295,296],"\u003C!-- MTN MOMO plugin for WordPress -->","\u003C!-- Store name: Identifies your store to the payee. -->","\u003C!-- providerCallbackHost -->","\u003C!-- Ocp-Apim-Subscription-Key -->","\u003C!-- apiKey -->","\u003C!-- Options: msisdn email -->","\u003C!-- Your business transaction ID. Say: order no. -->","\u003C!-- MTN MOMO transaction ID -->","\u003C!-- Make payments via MTN Mobile Money. -->","\u003C!-- On activation: migrate database. -->","\u003C!-- Migrate table only when non-existent -->","\u003C!-- On uninstallation; drop plugin database. -->","\u003C!-- Add mtn momo menu to the admin control panel -->",[298],"data-mtn-momo-transaction-id",[300],"\u002Fwp-json\u002Fmtn-momo\u002Fv1\u002Ftransaction",[302],"mtn_momo_ajax_object",[304],"[mtn_momo_greeting]"]