info@welcart

@uscnanbu · wordpress.org profile ↗

Member since: 2009-10-13
Location: Fukui, Japan
Employer: Welcart Inc.
Job title: —
Authored: 4 (1 closed)
SVN commit access: 2
Readme contributor: 1
Combined install base: 10k+ across 5 plugins

Alerts (0)

No open alerts.

Show 3 resolved alerts

High code_scan_match Welcart e-Commerce Resolved · code_scan_fp_class_vendor_cdn_enqueue 1mo ago

Slug usc-e-shop

Finding count 471

Findings

Pattern	Kind	File	Line	Snippet	Confidence	Details
`remote_enqueue`	`builtin`	`tags/2.9.2/functions/filters.php`	1,799	wp_enqueue_script( 'usces_ajaxzip3', 'https://ajaxzip3.github.io/ajaxzip3.js', array(), current_time( 'timestamp' ), false );	`medium`	Url https://ajaxzip3.github.io/ajaxzip3.js Url host `ajaxzip3.github.io`
`puc_update_hijack`	`builtin`	`tags/2.9.2/includes/update_check.php`	91	$$slug = Puc_v4_Factory::buildUpdateChecker( $json_path, $fullpath, $slug );	`high`	Url — Url host — Slug arg —
`hardcoded_ip_url`	`builtin`	`tags/1.7.3/classes/usceshop.class.php`	1,727	$options['acting_settings']['mizuho']['send_url_test'] = "https://210.161.141.207/mltbank/MBWebFrontPayment";	`high`	—
`hardcoded_ip_url`	`builtin`	`tags/1.7.3/classes/usceshop.class.php`	1,728	if( defined('WCEX_MOBILE') ) $options['acting_settings']['mizuho']['send_url_mbl_test'] = "https://210.161.141.207/mltbank/iMBWebFrontPayment";	`high`	—
`remote_enqueue`	`builtin`	`tags/1.7.3/functions/filters.php`	1,399	`wp_enqueue_script( 'usces_ajaxzip3', "https://ajaxzip3.github.io/ajaxzip3.js" );`	`medium`	Url https://ajaxzip3.github.io/ajaxzip3.js Url host `ajaxzip3.github.io`
`remote_enqueue`	`builtin`	`tags/1.9.25/functions/filters.php`	1,308	`wp_enqueue_script( 'usces_ajaxzip3', "https://ajaxzip3.github.io/ajaxzip3.js" );`	`medium`	Url https://ajaxzip3.github.io/ajaxzip3.js Url host `ajaxzip3.github.io`
`hardcoded_ip_url`	`builtin`	`tags/1.6/classes/usceshop.class.php`	1,697	$options['acting_settings']['mizuho']['send_url_test'] = "https://210.161.141.207/mltbank/MBWebFrontPayment";	`high`	—
`hardcoded_ip_url`	`builtin`	`tags/1.6/classes/usceshop.class.php`	1,698	if( defined('WCEX_MOBILE') ) $options['acting_settings']['mizuho']['send_url_mbl_test'] = "https://210.161.141.207/mltbank/iMBWebFrontPayment";	`high`	—
`hardcoded_ip_url`	`builtin`	`tags/1.3.10.2/classes/usceshop.class.php`	1,553	$options['acting_settings']['mizuho']['send_url_test'] = "https://210.161.141.207/mltbank/MBWebFrontPayment";	`high`	—
`hardcoded_ip_url`	`builtin`	`tags/1.3.10.2/classes/usceshop.class.php`	1,554	if( defined('WCEX_MOBILE') ) $options['acting_settings']['mizuho']['send_url_mbl_test'] = "https://210.161.141.207/mltbank/iMBWebFrontPayment";	`high`	—
`remote_enqueue`	`builtin`	`tags/2.8.20/functions/filters.php`	1,784	wp_enqueue_script( 'usces_ajaxzip3', 'https://ajaxzip3.github.io/ajaxzip3.js', array(), current_time( 'timestamp' ), false );	`medium`	Url https://ajaxzip3.github.io/ajaxzip3.js Url host `ajaxzip3.github.io`
`puc_update_hijack`	`builtin`	`tags/2.8.20/includes/update_check.php`	91	$$slug = Puc_v4_Factory::buildUpdateChecker( $json_path, $fullpath, $slug );	`high`	Url — Url host — Slug arg —
`remote_enqueue`	`builtin`	`tags/2.11.8/functions/filters.php`	1,815	wp_enqueue_script( 'usces_ajaxzip3', 'https://ajaxzip3.github.io/ajaxzip3.js', array(), current_time( 'timestamp' ), false );	`medium`	Url https://ajaxzip3.github.io/ajaxzip3.js Url host `ajaxzip3.github.io`
`puc_update_hijack`	`builtin`	`tags/2.11.8/includes/update_check.php`	194	$$slug = Puc_v4_Factory::buildUpdateChecker( $json_path, $fullpath, $slug );	`high`	Url — Url host — Slug arg —
`remote_enqueue`	`builtin`	`tags/2.8.3/functions/filters.php`	1,730	`wp_enqueue_script( 'usces_ajaxzip3', "https://ajaxzip3.github.io/ajaxzip3.js" );`	`medium`	Url https://ajaxzip3.github.io/ajaxzip3.js Url host `ajaxzip3.github.io`

Resolved sha 907d4df9ce22d49fedd098f4cbffae6b8349dad5

View raw JSON

{
    "slug": "usc-e-shop",
    "finding_count": 471,
    "findings": [
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "tags/2.9.2/functions/filters.php",
            "line": 1799,
            "snippet": "wp_enqueue_script( 'usces_ajaxzip3', 'https://ajaxzip3.github.io/ajaxzip3.js', array(), current_time( 'timestamp' ), false );",
            "confidence": "medium",
            "details": {
                "url": "https://ajaxzip3.github.io/ajaxzip3.js",
                "url_host": "ajaxzip3.github.io"
            }
        },
        {
            "pattern": "puc_update_hijack",
            "kind": "builtin",
            "file": "tags/2.9.2/includes/update_check.php",
            "line": 91,
            "snippet": "$$slug     = Puc_v4_Factory::buildUpdateChecker( $json_path, $fullpath, $slug );",
            "confidence": "high",
            "details": {
                "url": null,
                "url_host": null,
                "slug_arg": null
            }
        },
        {
            "pattern": "hardcoded_ip_url",
            "kind": "builtin",
            "file": "tags/1.7.3/classes/usceshop.class.php",
            "line": 1727,
            "snippet": "$options['acting_settings']['mizuho']['send_url_test'] = \"https://210.161.141.207/mltbank/MBWebFrontPayment\";",
            "confidence": "high"
        },
        {
            "pattern": "hardcoded_ip_url",
            "kind": "builtin",
            "file": "tags/1.7.3/classes/usceshop.class.php",
            "line": 1728,
            "snippet": "if( defined('WCEX_MOBILE') ) $options['acting_settings']['mizuho']['send_url_mbl_test'] = \"https://210.161.141.207/mltbank/iMBWebFrontPayment\";",
            "confidence": "high"
        },
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "tags/1.7.3/functions/filters.php",
            "line": 1399,
            "snippet": "wp_enqueue_script( 'usces_ajaxzip3', \"https://ajaxzip3.github.io/ajaxzip3.js\" );",
            "confidence": "medium",
            "details": {
                "url": "https://ajaxzip3.github.io/ajaxzip3.js",
                "url_host": "ajaxzip3.github.io"
            }
        },
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "tags/1.9.25/functions/filters.php",
            "line": 1308,
            "snippet": "wp_enqueue_script( 'usces_ajaxzip3', \"https://ajaxzip3.github.io/ajaxzip3.js\" );",
            "confidence": "medium",
            "details": {
                "url": "https://ajaxzip3.github.io/ajaxzip3.js",
                "url_host": "ajaxzip3.github.io"
            }
        },
        {
            "pattern": "hardcoded_ip_url",
            "kind": "builtin",
            "file": "tags/1.6/classes/usceshop.class.php",
            "line": 1697,
            "snippet": "$options['acting_settings']['mizuho']['send_url_test'] = \"https://210.161.141.207/mltbank/MBWebFrontPayment\";",
            "confidence": "high"
        },
        {
            "pattern": "hardcoded_ip_url",
            "kind": "builtin",
            "file": "tags/1.6/classes/usceshop.class.php",
            "line": 1698,
            "snippet": "if( defined('WCEX_MOBILE') ) $options['acting_settings']['mizuho']['send_url_mbl_test'] = \"https://210.161.141.207/mltbank/iMBWebFrontPayment\";",
            "confidence": "high"
        },
        {
            "pattern": "hardcoded_ip_url",
            "kind": "builtin",
            "file": "tags/1.3.10.2/classes/usceshop.class.php",
            "line": 1553,
            "snippet": "$options['acting_settings']['mizuho']['send_url_test'] = \"https://210.161.141.207/mltbank/MBWebFrontPayment\";",
            "confidence": "high"
        },
        {
            "pattern": "hardcoded_ip_url",
            "kind": "builtin",
            "file": "tags/1.3.10.2/classes/usceshop.class.php",
            "line": 1554,
            "snippet": "if( defined('WCEX_MOBILE') ) $options['acting_settings']['mizuho']['send_url_mbl_test'] = \"https://210.161.141.207/mltbank/iMBWebFrontPayment\";",
            "confidence": "high"
        },
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "tags/2.8.20/functions/filters.php",
            "line": 1784,
            "snippet": "wp_enqueue_script( 'usces_ajaxzip3', 'https://ajaxzip3.github.io/ajaxzip3.js', array(), current_time( 'timestamp' ), false );",
            "confidence": "medium",
            "details": {
                "url": "https://ajaxzip3.github.io/ajaxzip3.js",
                "url_host": "ajaxzip3.github.io"
            }
        },
        {
            "pattern": "puc_update_hijack",
            "kind": "builtin",
            "file": "tags/2.8.20/includes/update_check.php",
            "line": 91,
            "snippet": "$$slug     = Puc_v4_Factory::buildUpdateChecker( $json_path, $fullpath, $slug );",
            "confidence": "high",
            "details": {
                "url": null,
                "url_host": null,
                "slug_arg": null
            }
        },
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "tags/2.11.8/functions/filters.php",
            "line": 1815,
            "snippet": "wp_enqueue_script( 'usces_ajaxzip3', 'https://ajaxzip3.github.io/ajaxzip3.js', array(), current_time( 'timestamp' ), false );",
            "confidence": "medium",
            "details": {
                "url": "https://ajaxzip3.github.io/ajaxzip3.js",
                "url_host": "ajaxzip3.github.io"
            }
        },
        {
            "pattern": "puc_update_hijack",
            "kind": "builtin",
            "file": "tags/2.11.8/includes/update_check.php",
            "line": 194,
            "snippet": "$$slug     = Puc_v4_Factory::buildUpdateChecker( $json_path, $fullpath, $slug );",
            "confidence": "high",
            "details": {
                "url": null,
                "url_host": null,
                "slug_arg": null
            }
        },
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "tags/2.8.3/functions/filters.php",
            "line": 1730,
            "snippet": "wp_enqueue_script( 'usces_ajaxzip3', \"https://ajaxzip3.github.io/ajaxzip3.js\" );",
            "confidence": "medium",
            "details": {
                "url": "https://ajaxzip3.github.io/ajaxzip3.js",
                "url_host": "ajaxzip3.github.io"
            }
        }
    ],
    "resolved_sha": "907d4df9ce22d49fedd098f4cbffae6b8349dad5"
}

Medium contributor_added Welcart e-Commerce Resolved · benign_welcart_brand_account_added 6d ago

Slug	usc-e-shop
New contributors	`welcart`
Active installs	10,000

View raw JSON

{
    "slug": "usc-e-shop",
    "new_contributors": [
        "welcart"
    ],
    "active_installs": 10000
}

Medium code_pattern Welcart e-Commerce Resolved · fp:vendor_premium_update_channel 1mo ago

Slug	usc-e-shop
Pattern	`puc_update_hijack`
Kind	`builtin`
Version	`2.11.28`
Hit count	1
First hit	File `includes/update_check.php` Line 194 Snippet $$slug = Puc_v4_Factory::buildUpdateChecker( $json_path, $fullpath, $slug );
Explanation	plugin calls `::buildUpdateChecker()` — the factory entry point of the Yahnis Elsts Plugin Update Checker library. A plugin distributed through wordpress.org that registers its own update source is bypassing the Plugin Review Team: every install polls the non-wp.org URL on cron and installs whatever JSON + zip it returns, with full plugin-author permissions. This is the mechanism behind the `anadnet`/quick-pagepost-redirect-plugin compromise (2021) where the author seeded 70,000+ installs through tagged releases and then removed the library from trunk to hide the persistence. Any URL argument pointing away from `downloads.wordpress.org`/`api.wordpress.org` is the hijack signal.
Shape	`unparseable`
Url	—
Url host	—
Slug arg	—

View raw JSON

{
    "slug": "usc-e-shop",
    "pattern": "puc_update_hijack",
    "kind": "builtin",
    "version": "2.11.28",
    "hit_count": 1,
    "first_hit": {
        "file": "includes/update_check.php",
        "line": 194,
        "snippet": "$$slug     = Puc_v4_Factory::buildUpdateChecker( $json_path, $fullpath, $slug );"
    },
    "explanation": "plugin calls `::buildUpdateChecker()` \u2014 the factory entry point of the Yahnis Elsts Plugin Update Checker library. A plugin distributed through wordpress.org that registers its own update source is bypassing the Plugin Review Team: every install polls the non-wp.org URL on cron and installs whatever JSON + zip it returns, with full plugin-author permissions. This is the mechanism behind the `anadnet`/quick-pagepost-redirect-plugin compromise (2021) where the author seeded 70,000+ installs through tagged releases and then removed the library from trunk to hide the persistence. Any URL argument pointing away from `downloads.wordpress.org`/`api.wordpress.org` is the hijack signal.",
    "shape": "unparseable",
    "url": null,
    "url_host": null,
    "slug_arg": null
}

Plugins authored (4)

Plugin	Version	Installs	Last updated	Status
Welcart e-Commerce ·`usc-e-shop`	2.11.29	10k+	9d ago	Active
e-SCOTT Smart pro for WooCommerce ·`woo-sonypayment`	2.0.8	10	1mo ago	Active
Failure ·`welcart`	0.1.2	—	16y ago	Active
welcart-shopping-cart ·`welcart-shopping-cart`	—	—	—	Closed

SVN commit access (2)

Plugins this account has pushed commits to, reconstructed from plugins.svn.wordpress.org. A new name showing up here on an established plugin is the strongest ownership-transfer signal.

Plugin	Primary author	Installs	Commits	First	Latest	Status
e-SCOTT Smart pro for WooCommerce	uscnanbu	10	80	7y ago	1mo ago	Active
Welcart e-Commerce	uscnanbu	10k+	2	9y ago	9d ago	Active

Contributor on other plugins (1)

Plugins where this account is listed in the readme contributors (distinct from SVN commit access).

Plugin	Primary author	Version	Installs
e-SCOTT Smart light for WooCommerce	sonypaymentservices	2.0.8	100