[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f9eQiFmUWfs_lXpBw9QOqYtnWkYkoS2MOdariP-JXaB8":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":46,"crawl_stats":37,"alternatives":49,"analysis":148,"fingerprints":405},"zarinpal-woocommerce-payment-gateway","Zarinpal Gateway","5.0.17","zarinpal","https:\u002F\u002Fprofiles.wordpress.org\u002Fzarinpal\u002F","\u003Cp>** Zarinpal Gateway** این افزونه شما را قادر می سازد تا براحتی اقدام به ایجاد درگاه پرداخت اینترنتی زرین پال برای پرداخت های محصولات ووکامرس کنید\u003C\u002Fp>\n\u003Ch4>امکانات\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>اضافه شدن خودکار واحد های پولی ریال تومن هزار ریال و هزار تومان به ووکامرس\u003C\u002Fli>\n\u003Cli>سازگار با ووکامرس 2.6 و قدیمی تر\u003C\u002Fli>\n\u003Cli>پنل تنظیمات ساده و کاربرپسند\u003C\u002Fli>\n\u003Cli>تنظیم پیام دلخواه در هنگام پرداخت موفقیت آمیز ، انصراف از پرداخت و یا لغو پرداخت\u003C\u002Fli>\n\u003Cli>قابلیت نمایش کد رهگیری زرین پال همراه با کد میانبر\u003C\u002Fli>\n\u003Cli>نمایش خطاهای درگاه پرداخت\u003C\u002Fli>\n\u003C\u002Ful>\n","پرداخت اینترنتی وجه به وسیله درگاه پرداخت واسطه زرین پال",60000,671571,70,13,"2026-01-24T01:09:00.000Z","6.7.5","5.8","7.0",[20,21,7,22,23],"%d9%88%d9%88%da%a9%d8%a7%d9%85%d8%b1%d8%b3","woocommerce","%d8%af%d8%b1%da%af%d8%a7%d9%87","%d8%b2%d8%b1%db%8c%d9%86-%d9%be%d8%a7%d9%84","https:\u002F\u002Fzarinpal.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fzarinpal-woocommerce-payment-gateway.5.0.17.zip",97,1,0,"2026-02-16 16:35:00","2026-03-15T15:16:48.613Z",[32],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":6,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":29,"updated_date":43,"references":44,"days_to_patch":27},"CVE-2026-2592","zarinpal-gateway-for-woocommerce-improper-access-control-to-payment-status-update","Zarinpal Gateway for WooCommerce \u003C= 5.0.16 - Improper Access Control to Payment Status Update","The Zarinpal Gateway for WooCommerce plugin for WordPress is vulnerable to Improper Access Control to Payment Status Update in all versions up to and including 5.0.16. This is due to the payment callback handler 'Return_from_ZarinPal_Gateway' failing to validate that the authority token provided in the callback URL belongs to the specific order being marked as paid. This makes it possible for unauthenticated attackers to potentially mark orders as paid without proper payment by reusing a valid authority token from a different transaction of the same amount.",null,"\u003C=5.0.16","high",7.7,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:N\u002FUI:N\u002FS:U\u002FC:L\u002FI:H\u002FA:H","Improper Access Control","2026-02-17 04:35:46",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fe33fcd17-318b-408e-86bf-b4ece46121cc?source=api-prod",{"slug":7,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":27,"trust_score":47,"computed_at":48},98,"2026-04-04T16:53:00.966Z",[50,74,93,112,133],{"slug":51,"name":52,"version":53,"author":54,"author_profile":55,"description":56,"short_description":57,"active_installs":58,"downloaded":59,"rating":60,"num_ratings":61,"last_updated":62,"tested_up_to":63,"requires_at_least":64,"requires_php":65,"tags":66,"homepage":69,"download_link":70,"security_score":71,"vuln_count":72,"unpatched_count":28,"last_vuln_date":73,"fetched_at":30},"persian-woocommerce","ووکامرس فارسی","10.0.2","PersianScript","https:\u002F\u002Fprofiles.wordpress.org\u002Fpersianscript\u002F","\u003Cp>\u003Cstrong>ووکامرس فارسی – فارسی و شمسی ساز ووکامرس\u003C\u002Fstrong>\u003Cbr \u002F>\nافزونه ووکامرس فارسی، اولین و پرنصب‌ترین افزونه بومی ساز ووکامرس است که قادر است بروزترین ترجمه فارسی ووکامرس را همراه با جعبه ابزار حرفه ای و بومی (مثل واحدهای پولی ایران، لیست شهرها و درگاه‌های پرداخت و…) به شما ارائه کند. همچنین بدون نیاز به نصب افزونه‌های اضافی قادر هستید تاریخ وردپرس و ووکامرس خود را به بهترین نحو ممکن و کاملا سازگار با آخرین اصول سئو، شمسی کنید.\u003C\u002Fp>\n\u003Ch4>پشتیبانی\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.woosupport.ir\" rel=\"nofollow ugc\">پشتیبان ووکامرس فارسی\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>امکانات ووکامرس فارسی\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>گزارشات جامع فروش و درآمد شمسی (برای اولین بار در ایران)\u003C\u002Fli>\n\u003Cli>گزارشات انبار، موجودی و ارزش محصولات\u003C\u002Fli>\n\u003Cli>گزارشات مشتریان فروشگاه و نرخ مشتریان فعال\u003C\u002Fli>\n\u003Cli>گزارشات جامع و اختصاصی شمسی (برای اولین بار در ایران)\u003C\u002Fli>\n\u003Cli>ارائه بروزترین ترجمه فارسی ووکامرس\u003C\u002Fli>\n\u003Cli>واحد های پولی تومان، ریال، هزار تومان و هزار ریال (سازگار با اصول سئو)\u003C\u002Fli>\n\u003Cli>شمسی سازی محیط وردپرس و ووکامرس (بدون نیاز به افزونه جانبی)\u003C\u002Fli>\n\u003Cli>سوپر ابزار افزایش سرعت پیشخوان وردپرس و ووکامرس\u003C\u002Fli>\n\u003Cli>لیست استان ها و شهرهای ایران\u003C\u002Fli>\n\u003Cli>ابزار جایگزین کننده عبارات و ترجمه ها\u003C\u002Fli>\n\u003Cli>ابزار محدودیت فروش در استان های خاص\u003C\u002Fli>\n\u003Cli>ابزار متن دلخواه جایگزین قیمت محصولات\u003C\u002Fli>\n\u003Cli>ابزار پذیرش اعداد فارسی در بخش شماره موبایل و کد پستی\u003C\u002Fli>\n\u003Cli>ابزار تایید صحت شماره موبایل\u003C\u002Fli>\n\u003Cli>ابزار تایید کدپستی\u003C\u002Fli>\n\u003Cli>ابزار نمایش کمترین قیمت برای محصولات متغیر\u003C\u002Fli>\n\u003Cli>ابزار مشخص نمودن حداقل میزان مبلغ برای ثبت سفارش\u003C\u002Fli>\n\u003Cli>ابزار حذف خودکار فیلد های اضافه تسویه حساب برای محصولات دانلودی\u003C\u002Fli>\n\u003Cli>تبدیل حروف عربی به فارسی در هنگام جستجو در فروشگاه\u003C\u002Fli>\n\u003Cli>اتصال ایمن و سریع به درگاه زیبال بدون افزونه\u003C\u002Fli>\n\u003Cli>ابزارساده سازی صفحه تسویه حساب، مناسب برای فروشگاه های دانلودی و فروش فایل\u003C\u002Fli>\n\u003Cli>و تمام آن چیزی که برای یک فروشگاه ووکامرسی نیاز است.\u003C\u002Fli>\n\u003Cli>تغییر فونت محیط مدیریت\u003C\u002Fli>\n\u003Cli>امکان تغییر لوگوی صفحه ورود وردپرس\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Traducciones\u003C\u002Fh3>\n\u003Cp>پشتیبانی در سایت \u003Ca href=\"https:\u002F\u002Fwww.woosupport.ir\" rel=\"nofollow ugc\">WooSupport.ir\u003C\u002Fa> انجام میشود.\u003C\u002Fp>\n","بسته ووکامرس فارسی به راحتی سیستم فروشگاه ساز ووکامرس را فارسی می کند و امکانات جدید متناسب با ایران را به ووکامرس اضافه میکند.",100000,2226385,86,71,"2026-02-18T07:23:00.000Z","6.9.4","6.0.0","7.4",[51,67,20,68,21],"shamsi","%d9%88%d9%88%da%a9%d8%a7%d9%85%d8%b1%d8%b3-%d9%81%d8%a7%d8%b1%d8%b3%db%8c","https:\u002F\u002Fwoosupport.ir","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpersian-woocommerce.10.0.2.zip",99,2,"2024-08-09 00:00:00",{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":58,"downloaded":82,"rating":83,"num_ratings":84,"last_updated":85,"tested_up_to":63,"requires_at_least":86,"requires_php":65,"tags":87,"homepage":90,"download_link":91,"security_score":71,"vuln_count":72,"unpatched_count":28,"last_vuln_date":92,"fetched_at":30},"wp-parsidate","پارسی دیت – Parsi Date","5.1.8.2","Morteza Geransayeh","https:\u002F\u002Fprofiles.wordpress.org\u002Fman4toman\u002F","\u003Cp>ParsiDate is a powerful plugin developed by Persian contributors to enhance the WordPress experience for Farsi users. It provides full support for the Shamsi (Jalali) calendar across the WordPress dashboard and front-end, fixes character display issues, and improves Right-to-Left (RTL) compatibility. With seamless integration into core features and popular plugins like WooCommerce and Gravity Forms, ParsiDate makes managing Persian websites easier and more professional.\u003C\u002Fp>\n\u003Cp>List of some features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Shamsi (Jalali) day-picker in Block Editor (Gutenberg)\u003C\u002Fli>\n\u003Cli>Shamsi (Jalali) jQuery UI date-picker\u003C\u002Fli>\n\u003Cli>Shamsi (Jalali) dates in posts, pages, comments, archives, categories, search results, and permalinks\u003C\u002Fli>\n\u003Cli>Full WooCommerce support (checkout fields, orders, reports, widgets, and date-pickers)\u003C\u002Fli>\n\u003Cli>Shamsi (Jalali) dates in admin sections: post list, comment list, page list, and Quick Edit panels\u003C\u002Fli>\n\u003Cli>Shamsi (Jalali) calendar widget and archive widget\u003C\u002Fli>\n\u003Cli>RTL and fixed TinyMCE editor for a better writing experience\u003C\u002Fli>\n\u003Cli>Add Persian features to WooCommerce\u003C\u002Fli>\n\u003Cli>Advanced compatibility with ACF (Advanced Custom Fields)\u003C\u002Fli>\n\u003Cli>Powerful and fast function for fixing Arabic (ي , ك) to Persian (ی , ک)\u003C\u002Fli>\n\u003Cli>Automatic conversion of English numbers to Persian numbers\u003C\u002Fli>\n\u003Cli>Lightweight and optimized for low resource usage\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwp-planet.ir\" rel=\"nofollow ugc\">WP-Planet.ir\u003C\u002Fa> Widget\u003C\u002Fli>\n\u003C\u002Ful>\n","Persian date support for WordPress",1281452,92,126,"2025-12-10T21:40:00.000Z","5.3",[88,89,67,20,21],"jalali","persian","https:\u002F\u002Fwp-parsi.com\u002Fsupport\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-parsidate.5.1.8.2.zip","2024-11-25 20:48:17",{"slug":94,"name":95,"version":96,"author":54,"author_profile":55,"description":97,"short_description":98,"active_installs":99,"downloaded":100,"rating":101,"num_ratings":102,"last_updated":103,"tested_up_to":104,"requires_at_least":17,"requires_php":65,"tags":105,"homepage":69,"download_link":108,"security_score":109,"vuln_count":110,"unpatched_count":27,"last_vuln_date":111,"fetched_at":30},"persian-woocommerce-sms","افزونه پیامک ووکامرس Persian WooCommerce SMS","7.1.1","\u003Cp>\u003Cstrong>Persian Woocommerce SMS\u003C\u002Fstrong> یک افزونه کاربردی برای سیستم فروشگاه ساز رایگان ووکامرس می باشد که شما را قادر می سازد تا براحتی اقدام به اطلاع رسانی از طریق پیامک به مدیران و کاربرانتان کنید.\u003C\u002Fp>\n\u003Ch4>امکانات\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>ارسال پیامک به مشتری و مدیرکل و مدیر محصول (فروشندگان) در صورت ثبت و تغییر وضعیت سفارش\u003C\u002Fli>\n\u003Cli>امکان تنظیم ارسال پیامک در وضعیت های مختلف سفارش (تکمیل شده، معلق و…)\u003C\u002Fli>\n\u003Cli>قابلیت تغییر متن و شخصی سازی هر پیامک برای مدیر، مشتری و فروشنده برای هر وضعیت سفارش\u003C\u002Fli>\n\u003Cli>سیستم خبرنامه حرفه ای محصولات برای با خبر سازی کاربران از وضعیت موجود شدن محصولات، فروش ویژه شدن و ….\u003C\u002Fli>\n\u003Cli>\n\u003Cp>و سایر ویژگی های حرفه ای دیگر\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>شما برای شروع کار با پلاگین نیاز به یک پنل اس ام اس دارید. پیشنهاد ما استفاده از پنل اس ام اس ملی پیامک است. این سامانه 20% تخفیف با کد wcsms20 به مدیران سایت های وردپرس ارائه می‌دهد.\u003Ca href=\"http:\u002F\u002Fwww.melipayamak.com\u002F\" rel=\"nofollow ugc\">خرید پنل پیامک\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>درگاه های پیامک\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>MeliPayamak.com\u003C\u002Fli>\n\u003Cli>ParsGreen.com\u003C\u002Fli>\n\u003Cli>ParandSMS.com\u003C\u002Fli>\n\u003Cli>GAMAPayamak.com\u003C\u002Fli>\n\u003Cli>LimooSMS.com\u003C\u002Fli>\n\u003Cli>SMSFa.net\u003C\u002Fli>\n\u003Cli>Arad-SMS.ir\u003C\u002Fli>\n\u003Cli>FaraPayamak.ir\u003C\u002Fli>\n\u003Cli>TJP.ir\u003C\u002Fli>\n\u003Cli>SMS.Niazpardaz.com\u003C\u002Fli>\n\u003Cli>PayamAfraz.ir\u003C\u002Fli>\n\u003Cli>YektaSMS.com\u003C\u002Fli>\n\u003Cli>Relax.ir\u003C\u002Fli>\n\u003Cli>SMS.Paaz.ir\u003C\u002Fli>\n\u003Cli>SmsBefrest.ir\u003C\u002Fli>\n\u003Cli>Yektatech.ir\u003C\u002Fli>\n\u003Cli>Postgah.info\u003C\u002Fli>\n\u003Cli>IdehPayam.com\u003C\u002Fli>\n\u003Cli>Azaranpayamak.ir\u003C\u002Fli>\n\u003Cli>SMS.IR\u003C\u002Fli>\n\u003Cli>S1.Websms.ir\u003C\u002Fli>\n\u003Cli>Manirani.ir\u003C\u002Fli>\n\u003Cli>Payam-Resan.com\u003C\u002Fli>\n\u003Cli>BakhtarPanel.com\u003C\u002Fli>\n\u003Cli>Avalpayam.com\u003C\u002Fli>\n\u003Cli>IranSmsServer.com\u003C\u002Fli>\n\u003Cli>LoginPanel.IR\u003C\u002Fli>\n\u003Cli>SmsHooshmand.com\u003C\u002Fli>\n\u003Cli>SmsFor.ir\u003C\u002Fli>\n\u003Cli>ChaparPanel.ir\u003C\u002Fli>\n\u003Cli>FirstPayamak.ir\u003C\u002Fli>\n\u003Cli>SMS.Netpaydar.com\u003C\u002Fli>\n\u003Cli>Panel.SmsPishgaman.com\u003C\u002Fli>\n\u003Cli>ParsianPayam.ir\u003C\u002Fli>\n\u003Cli>Hostiran.com\u003C\u002Fli>\n\u003Cli>IranSMS.co\u003C\u002Fli>\n\u003Cli>Negins.com\u003C\u002Fli>\n\u003Cli>Afe.ir\u003C\u002Fli>\n\u003Cli>Aradpayamak.net\u003C\u002Fli>\n\u003Cli>iSMS.ir\u003C\u002Fli>\n\u003Cli>RazPayamak.com\u003C\u002Fli>\n\u003Cli>MihanSMSCenter.ir\u003C\u002Fli>\n\u003Cli>0098SMS.com\u003C\u002Fli>\n\u003Cli>SefidSMS.ir\u003C\u002Fli>\n\u003Cli>Chapargah.ir\u003C\u002Fli>\n\u003Cli>Hafezpayam.com\u003C\u002Fli>\n\u003Cli>MehrPanel.ir\u003C\u002Fli>\n\u003Cli>KianArtPanel.ir\u003C\u002Fli>\n\u003Cli>Sms.FarsTech.ir\u003C\u002Fli>\n\u003Cli>Berandet.ir\u003C\u002Fli>\n\u003Cli>NicSMS.com\u003C\u002Fli>\n\u003Cli>Asanak.ir\u003C\u002Fli>\n\u003Cli>Ssmss.ir\u003C\u002Fli>\n\u003Cli>Hiro-Sms.com\u003C\u002Fli>\n\u003Cli>RayganSms.com\u003C\u002Fli>\n\u003Cli>SmsPanel.Trez.ir\u003C\u002Fli>\n\u003Cli>SepahanSms.com(SepahanGostar.com)\u003C\u002Fli>\n\u003Cli>Sms.3300.ir\u003C\u002Fli>\n\u003Cli>Sms.SmsNegar.com\u003C\u002Fli>\n\u003Cli>Sms.BehsaDade.com\u003C\u002Fli>\n\u003Cli>FlashSms.ir(AdminPayamak.ir)\u003C\u002Fli>\n\u003Cli>PayamSms.com\u003C\u002Fli>\n\u003Cli>SMS.HadafWP.COM\u003C\u002Fli>\n\u003Cli>SunwaySMS.com\u003C\u002Fli>\n\u003Cli>mehrafraz.com\u003C\u002Fli>\n\u003Cli>PSMS.Ir\u003C\u002Fli>\n\u003Cli>IRPayamak.Com\u003C\u002Fli>\n\u003Cli>Gama.systems\u003C\u002Fli>\n\u003Cli>AtlasPayamak.ir\u003C\u002Fli>\n\u003Cli>SMS-Melli.com\u003C\u002Fli>\n\u003Cli>sms-meli.com\u003C\u002Fli>\n\u003Cli>Parsian-SMS.ir\u003C\u002Fli>\n\u003Cli>panelsms20.ir\u003C\u002Fli>\n\u003Cli>sahandsms.com\u003C\u002Fli>\n\u003Cli>newsms.ir\u003C\u002Fli>\n\u003Cli>sms.parsiantd.com\u003C\u002Fli>\n\u003Cli>payamkotah.com\u003C\u002Fli>\n\u003Cli>npsms.com\u003C\u002Fli>\n\u003Cli>karenkart.com\u003C\u002Fli>\n\u003Cli>jarin.ir\u003C\u002Fli>\n\u003Cli>samait.ir\u003C\u002Fli>\n\u003Cli>1b1.ir\u003C\u002Fli>\n\u003Cli>pardis.ssmss.ir\u003C\u002Fli>\n\u003Cli>candoosms.com\u003C\u002Fli>\n\u003Cli>Kavenegar.com (بجای نام کاربری ApiKey را وارد کرده و کلمه عبور را خالی قرار دهید)\u003C\u002Fli>\n\u003Cli>SabaNovin.com (بجای نام کاربری ApiKey را وارد کرده و کلمه عبور را خالی قرار دهید)\u003C\u002Fli>\n\u003Cli>webone-sms.com\u003C\u002Fli>\n\u003Cli>satsms.ir\u003C\u002Fli>\n\u003Cli>asiasms.ir\u003C\u002Fli>\n\u003Cli>payamakyab.com\u003C\u002Fli>\n\u003Cli>Arad ITC\u003C\u002Fli>\n\u003Cli>SMSNegar.ir\u003C\u002Fli>\n\u003Cli>MAX-SMS.co\u003C\u002Fli>\n\u003Cli>IPPANEL.com \u003C\u002Fli>\n\u003Cli>ModirPayamak.com \u003C\u002Fli>\n\u003Cli>FarazSMS.com\u003C\u002Fli>\n\u003Cli>GhasedakSMS.com \u003C\u002Fli>\n\u003Cli>Mediana.ir\u003C\u002Fli>\n\u003Cli>PanelChi\u003C\u002Fli>\n\u003Cli>Asanak\u003C\u002Fli>\n\u003Cli>NMTSMS\u003C\u002Fli>\n\u003Cli>PersianSMS\u003C\u002Fli>\n\u003C\u002Ful>\n","افزونه کامل و حرفه ای برای اطلاع رسانی پیامکی سفارشات و رویداد های محصولات ووکامرس",50000,662929,90,115,"2025-11-25T09:48:00.000Z","6.8.5",[51,106,68,107,21],"sms","%d9%be%db%8c%d8%a7%d9%85%da%a9","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpersian-woocommerce-sms.7.1.1.zip",72,7,"2026-02-11 00:00:00",{"slug":113,"name":114,"version":115,"author":116,"author_profile":117,"description":118,"short_description":119,"active_installs":120,"downloaded":121,"rating":122,"num_ratings":72,"last_updated":123,"tested_up_to":104,"requires_at_least":124,"requires_php":125,"tags":126,"homepage":131,"download_link":132,"security_score":122,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"woo-payping-gateway","PayPing Gateway For Woocommerce","4.6.2","PayPing","https:\u002F\u002Fprofiles.wordpress.org\u002Fpayping\u002F","\u003Cp>با استفاده از این افزونه فروشگاه خود را به درگاه آنلاین پرداخت بانکی متصل کنید.\u003C\u002Fp>\n\u003Ch3>Third-Party Services\u003C\u002Fh3>\n\u003Cp>This plugin leverages the following third-party services:\u003C\u002Fp>\n\u003Col>\n\u003Cli>https:\u002F\u002Fapi.payping.ir: This plugin adds online payment functionality to the Woocommerce plugin, allowing us to process payments and check payment statuses through https:\u002F\u002Fapi.payping.ir.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Privacy Policy\u003C\u002Fh3>\n\u003Cp>This plugin follows strict privacy guidelines. When using the api.payping.ir service, user data is securely transmitted and stored following industry best practices.\u003C\u002Fp>\n\u003Ch3>4.6.2\u003C\u002Fh3>\n\u003Cp>بهبود عملکرد افزونه\u003C\u002Fp>\n\u003Ch3>4.6.1\u003C\u002Fh3>\n\u003Cp>بهبود عملکرد افزونه\u003C\u002Fp>\n\u003Ch3>4.6.0\u003C\u002Fh3>\n\u003Cp>بهبود عملکرد افزونه و رفع مشکلات گزارش شده\u003C\u002Fp>\n\u003Ch3>4.5.1\u003C\u002Fh3>\n\u003Cp>تغییر در ثبت توضیحات سفارش\u003C\u002Fp>\n\u003Ch3>4.5.0\u003C\u002Fh3>\n\u003Cp>بروزرسانی وب سرویس پی پینگ به نسخه جدید.\u003C\u002Fp>\n\u003Ch3>4.4.0\u003C\u002Fh3>\n\u003Cp>سازگاری با نسخه جدید ووکامرس و ویرایشگر بلوک.\u003C\u002Fp>\n\u003Ch3>4.3.0\u003C\u002Fh3>\n\u003Cp>بهبود عملکرد نمایش خطا ها در صفحه تسویه حساب.\u003Cbr \u002F>\nحذف حالت اشکال زدایی(تغییر فرایند اشکال زدایی).\u003Cbr \u002F>\nسازگاری با php 8.x\u003Cbr \u002F>\nسازگاری با نسخه جدید وکامرس و وردپرس.\u003C\u002Fp>\n\u003Ch3>4.2.1\u003C\u002Fh3>\n\u003Cp>بهبود عملکرد تایید پرداخت و نمایش خطاها.\u003Cbr \u002F>\nنمایش شماره کارت پرداخت کننده در صورت ارسال از سمت بانک.\u003C\u002Fp>\n\u003Ch3>4.1.1\u003C\u002Fh3>\n\u003Cp>بهبود عملکرد در صورت خطای اتصال به سرور پی‌پینگ.\u003Cbr \u002F>\nبهبود عملکرد دریافت شماره سفارش در تایید پرداخت.\u003Cbr \u002F>\nنمایش کد پرداخت پی‌پینگ در سفارشات.\u003C\u002Fp>\n\u003Ch3>4.0.0\u003C\u002Fh3>\n\u003Cp>تغییرات در بخش نمایش جزئیات پرداخت.\u003Cbr \u002F>\nهماهنگی بیشتر با افزونه پنل پی‌پینگ و بخش مغایرت‌گیری.\u003Cbr \u002F>\nتغییر در ساختار اکشن‌های افزونه.\u003C\u002Fp>\n\u003Ch3>3.0.0\u003C\u002Fh3>\n\u003Cp>تغییر در پیام‌ خطاهای سفارش.\u003Cbr \u002F>\nثبت کد پرداخت برای هر سفارش و استفاده مجدد از آن برای تلاش‌های بعدی.\u003Cbr \u002F>\nبهبود عملکرد کدهای واحد ارزی و نمایش خطاها.\u003C\u002Fp>\n\u003Ch3>2.8.0\u003C\u002Fh3>\n\u003Cp>برطرف شدن تداخل همسان‌سازی در برخی افزونه‌ها.\u003C\u002Fp>\n\u003Ch3>2.7.0\u003C\u002Fh3>\n\u003Cp>اضافه شدن شرط بیشتر‌ برای دریافت کد فاکتور در تایید پرداخت.\u003C\u002Fp>\n\u003Ch3>2.6.2\u003C\u002Fh3>\n\u003Cp>رفع خطاهای Notice در صفحه تسویه حساب.\u003Cbr \u002F>\nاستفاده از لوگوی کوچک‌تر برای نمایش درست لوگو در صفحه تسویه حساب.\u003C\u002Fp>\n","افزونه درگاه پرداخت پی‌پینگ برای ووکامرس",3000,54059,100,"2025-08-30T07:59:00.000Z","6.2","7.0.0",[127,128,129,21,130],"gateway","payment","payping","%d8%af%d8%b1%da%af%d8%a7%d9%87-%d9%be%d8%b1%d8%af%d8%a7%d8%ae%d8%aa","https:\u002F\u002Fgithub.com\u002Fpayping\u002Fplugins-woocommerce\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwoo-payping-gateway.4.6.2.zip",{"slug":134,"name":135,"version":136,"author":137,"author_profile":138,"description":139,"short_description":140,"active_installs":141,"downloaded":142,"rating":28,"num_ratings":28,"last_updated":143,"tested_up_to":104,"requires_at_least":124,"requires_php":65,"tags":144,"homepage":146,"download_link":147,"security_score":122,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"irandargah-payment-gateway-for-woocommerce","IranDargah Payment Gateway for Woocommerce","2.3","irandargah","https:\u002F\u002Fprofiles.wordpress.org\u002Firandargah\u002F","\u003Cp>با کمک افزونه IranDargah Payment Gateway for Woocommerce می‌توانید فروشگاه ووکامرس خود را به درگاه پرداخت آنلاین و شبکه بانکی کشور متصل نمائید.\u003C\u002Fp>\n","پرداخت اینترنتی وجه به وسیله درگاه پرداخت ایران درگاه برای افزونه ووکامرس",500,4373,"2026-02-08T20:41:00.000Z",[127,137,128,21,145],"%d8%a7%db%8c%d8%b1%d8%a7%d9%86-%d8%af%d8%b1%da%af%d8%a7%d9%87","https:\u002F\u002Firandargah.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Firandargah-payment-gateway-for-woocommerce.2.3.zip",{"attackSurface":149,"codeSignals":277,"taintFlows":325,"riskAssessment":389,"analyzedAt":404},{"hooks":150,"ajaxHandlers":250,"restRoutes":274,"shortcodes":275,"cronEvents":276,"entryPointCount":110,"unprotectedCount":28},[151,157,162,166,170,174,177,180,184,187,191,195,199,203,207,211,215,219,223,226,230,234,238,243,247],{"type":152,"name":153,"callback":154,"file":155,"line":156},"action","plugins_loaded","load_zarinpal_textdomain","class-wc-gateway-zarinpal.php",10,{"type":158,"name":159,"callback":160,"file":155,"line":161},"filter","woocommerce_payment_gateways","Woocommerce_Add_ZarinPal_Gateway",17,{"type":158,"name":163,"callback":164,"file":155,"line":165},"woocommerce_currencies","add_IR_currency",22,{"type":158,"name":167,"callback":168,"priority":156,"file":155,"line":169},"woocommerce_currency_symbol","add_IR_currency_symbol",30,{"type":152,"name":171,"callback":172,"priority":156,"file":155,"line":173},"woocommerce_email_after_order_table","email_instructions",96,{"type":152,"name":175,"callback":176,"priority":156,"file":155,"line":47},"woocommerce_order_status_refunded","process_refund",{"type":152,"name":178,"callback":179,"priority":122,"file":155,"line":122},"admin_bar_menu","add_sandbox_notice_to_admin_bar",{"type":152,"name":181,"callback":182,"file":155,"line":183},"admin_notices","admin_notice_missing_merchantcode",102,{"type":152,"name":181,"callback":185,"file":155,"line":186},"admin_notice_missing_accesstoken",103,{"type":152,"name":188,"callback":189,"file":155,"line":190},"woocommerce_cart_calculate_fees","add_zarinpal_fee_to_cart",105,{"type":152,"name":192,"callback":193,"file":155,"line":194},"woocommerce_checkout_update_order_meta","save_fee_to_order",106,{"type":152,"name":196,"callback":197,"file":155,"line":198},"woocommerce_checkout_update_order_review","update_checkout_fees",107,{"type":152,"name":200,"callback":201,"file":155,"line":202},"woocommerce_store_api_register_endpoint_data","register_store_api_data",108,{"type":152,"name":204,"callback":205,"priority":156,"file":155,"line":206},"woocommerce_store_api_checkout_update_order_from_request","blocks_add_fee",109,{"type":152,"name":208,"callback":209,"priority":156,"file":155,"line":210},"woocommerce_checkout_create_order","checkout_create_order_fee",110,{"type":152,"name":212,"callback":213,"priority":156,"file":155,"line":214},"woocommerce_blocks_checkout_order_processed","blocks_order_processed",111,{"type":152,"name":216,"callback":217,"priority":156,"file":155,"line":218},"woocommerce_store_api_cart_update_customer","blocks_payment_method_changed",112,{"type":158,"name":220,"callback":221,"priority":156,"file":155,"line":222},"woocommerce_get_price_decimals","adjust_decimals_for_zarinpal_fee",113,{"type":152,"name":224,"callback":225,"file":155,"line":102},"wp_head","add_cart_css",{"type":152,"name":153,"callback":227,"priority":228,"file":155,"line":229},"Load_ZarinPal_Gateway",11,1038,{"type":152,"name":231,"callback":232,"priority":156,"file":155,"line":233},"upgrader_process_complete","zarinpal_plugin_updated",1157,{"type":152,"name":235,"callback":236,"file":155,"line":237},"woocommerce_admin_order_data_after_order_details","zpal_manual_verify_button",1393,{"type":152,"name":239,"callback":240,"file":241,"line":242},"before_woocommerce_init","closure","index.php",21,{"type":152,"name":244,"callback":245,"file":241,"line":246},"woocommerce_blocks_loaded","zarinpal_gateway_block_support",28,{"type":152,"name":248,"callback":240,"file":241,"line":249},"woocommerce_blocks_payment_method_type_registration",31,[251,257,259,262,264,268,270],{"action":252,"nopriv":253,"callback":254,"hasNonce":255,"hasCapCheck":253,"file":155,"line":256},"get_zarinpal_fee",false,"zarinpal_ajax_get_fee",true,1040,{"action":252,"nopriv":255,"callback":254,"hasNonce":255,"hasCapCheck":253,"file":155,"line":258},1041,{"action":260,"nopriv":253,"callback":260,"hasNonce":255,"hasCapCheck":253,"file":155,"line":261},"zarinpal_update_payment_method",1043,{"action":260,"nopriv":255,"callback":260,"hasNonce":255,"hasCapCheck":253,"file":155,"line":263},1044,{"action":265,"nopriv":253,"callback":266,"hasNonce":253,"hasCapCheck":255,"file":155,"line":267},"zpal_transaction_info","zpal_display_transaction_info",1174,{"action":265,"nopriv":255,"callback":266,"hasNonce":253,"hasCapCheck":255,"file":155,"line":269},1175,{"action":271,"nopriv":253,"callback":272,"hasNonce":253,"hasCapCheck":255,"file":155,"line":273},"zpal_manual_verify","zpal_manual_verify_transaction",1323,[],[],[],{"dangerousFunctions":278,"sqlUsage":279,"outputEscaping":281,"fileOperations":27,"externalRequests":322,"nonceChecks":72,"capabilityChecks":323,"bundledLibraries":324},[],{"prepared":28,"raw":28,"locations":280},[],{"escaped":282,"rawEcho":283,"locations":284},46,18,[285,288,290,292,294,296,298,300,302,304,306,308,310,312,314,316,318,320],{"file":155,"line":286,"context":287},222,"raw output",{"file":155,"line":289,"context":287},223,{"file":155,"line":291,"context":287},234,{"file":155,"line":293,"context":287},236,{"file":155,"line":295,"context":287},510,{"file":155,"line":297,"context":287},515,{"file":155,"line":299,"context":287},527,{"file":155,"line":301,"context":287},552,{"file":155,"line":303,"context":287},969,{"file":155,"line":305,"context":287},1229,{"file":155,"line":307,"context":287},1279,{"file":155,"line":309,"context":287},1283,{"file":155,"line":311,"context":287},1284,{"file":155,"line":313,"context":287},1315,{"file":155,"line":315,"context":287},1318,{"file":155,"line":317,"context":287},1380,{"file":155,"line":319,"context":287},1383,{"file":155,"line":321,"context":287},1388,4,3,[],[326,344,380],{"entryPoint":327,"graph":328,"unsanitizedCount":72,"severity":343},"Return_from_ZarinPal_Gateway (class-wc-gateway-zarinpal.php:378)",{"nodes":329,"edges":341},[330,335],{"id":331,"type":332,"label":333,"file":155,"line":334},"n0","source","$_GET (x2)",380,{"id":336,"type":337,"label":338,"file":155,"line":339,"wp_function":340},"n1","sink","wp_redirect() [Open Redirect]",389,"wp_redirect",[342],{"from":331,"to":336,"sanitized":253},"medium",{"entryPoint":345,"graph":346,"unsanitizedCount":110,"severity":343},"\u003Cclass-wc-gateway-zarinpal> (class-wc-gateway-zarinpal.php:0)",{"nodes":347,"edges":374},[348,349,350,353,357,361,364,368,372],{"id":331,"type":332,"label":333,"file":155,"line":334},{"id":336,"type":337,"label":338,"file":155,"line":339,"wp_function":340},{"id":351,"type":332,"label":333,"file":155,"line":352},"n2",394,{"id":354,"type":337,"label":355,"file":155,"line":317,"wp_function":356},"n3","echo() [XSS]","echo",{"id":358,"type":332,"label":359,"file":155,"line":360},"n4","$_POST",1328,{"id":362,"type":337,"label":355,"file":155,"line":363,"wp_function":356},"n5",1413,{"id":365,"type":332,"label":366,"file":155,"line":367},"n6","$_GET (x7)",1287,{"id":369,"type":370,"label":371,"file":155,"line":367},"n7","transform","→ render_row()",{"id":373,"type":337,"label":355,"file":155,"line":311,"wp_function":356},"n8",[375,376,377,378,379],{"from":331,"to":336,"sanitized":255},{"from":351,"to":354,"sanitized":255},{"from":358,"to":362,"sanitized":255},{"from":365,"to":369,"sanitized":253},{"from":369,"to":373,"sanitized":253},{"entryPoint":381,"graph":382,"unsanitizedCount":28,"severity":388},"Load_ZarinPal_Gateway (class-wc-gateway-zarinpal.php:15)",{"nodes":383,"edges":386},[384,385],{"id":331,"type":332,"label":333,"file":155,"line":334},{"id":336,"type":337,"label":338,"file":155,"line":339,"wp_function":340},[387],{"from":331,"to":336,"sanitized":255},"low",{"summary":390,"deductions":391},"The zarinpal-woocommerce-payment-gateway plugin, version 5.0.17, exhibits several positive security practices, including the exclusive use of prepared statements for SQL queries and a reasonable percentage of properly escaped output.  The absence of identified critical or high severity taint flows is also a good sign. However, the plugin does present some areas of concern. The presence of 7 AJAX handlers, even with all currently protected by authentication, represents a notable attack surface. The file operation and external HTTP requests, while not inherently problematic, warrant attention during further review to ensure they are handled securely.  Furthermore, the plugin has a history of known vulnerabilities, specifically one high severity issue related to Improper Access Control. While this vulnerability is currently unpatched, its past occurrence suggests a potential recurring weakness in access control mechanisms.  The last recorded vulnerability date also seems to be in the future, which is unusual and requires investigation.",[392,395,398,400,402],{"reason":393,"points":394},"Past high severity vulnerability (Improper Access Control)",15,{"reason":396,"points":397},"7 AJAX handlers represent a notable attack surface",5,{"reason":399,"points":72},"One file operation found",{"reason":401,"points":72},"Four external HTTP requests found",{"reason":403,"points":397},"Unusual future date for last vulnerability","2026-03-16T17:15:41.750Z",{"wat":406,"direct":415},{"assetPaths":407,"generatorPatterns":410,"scriptPaths":411,"versionParams":412},[408,409],"\u002Fwp-content\u002Fplugins\u002Fzarinpal-woocommerce-payment-gateway\u002Fassets\u002Fimages\u002Flogo.svg","\u002Fwp-content\u002Fplugins\u002Fzarinpal-woocommerce-payment-gateway\u002Fassets\u002Fcss\u002Fcart.css",[],[],[413,414],"zarinpal-woocommerce-payment-gateway\u002Fassets\u002Fcss\u002Fcart.css?ver=","zarinpal-woocommerce-payment-gateway\u002Fassets\u002Fjs\u002Fzarinpal.js?ver=",{"cssClasses":416,"htmlComments":418,"htmlAttributes":421,"restEndpoints":425,"jsGlobals":427,"shortcodeOutput":430},[417],"wc-zpal-gateway-link",[419,420],"\u003C!-- zarinpal payment gateway -->","\u003C!-- Sandbox Mode Active -->",[422,423,424],"data-gateway-id=\"WC_ZPal\"","data-merchant-code","data-sandbox",[426],"\u002Fwp-json\u002Fwc-zarinpal\u002Fv1\u002Fget-payment-url",[428,429],"window.zarinpal_payment_gateway_params","var wc_zarinpal_params",[]]