افزونه پیامک ووکامرس Persian WooCommerce SMS

persian-woocommerce-sms · by persianscript · wordpress.org ↗ · SVN ↗

Active installs: 30k+
Current version: 7.1.1
Added: 2014-02-01
Last updated: 2025-11-25 (5mo ago)
First seen by beacon: 11d ago
Total downloads: 665,188

Alerts (0)

No open alerts.

Show 4 resolved alerts

Critical code_pattern Resolved · false_positive_legit_ip_use 2026-04-30 15:25:28 (2d ago)

Slug	persian-woocommerce-sms
Pattern	`hardcoded_ip_url`
Kind	`builtin`
Version	`7.1.1`
Hit count	17
First hit	File `src/Gateways/PanelChi.php` Line 11 Snippet `public string $api_url = 'http://185.141.171.123/wbs/send.php?wsdl';`
Explanation	plugin source hardcodes a raw IPv4 URL (e.g. `https://94.156.79.8/...`) — legitimate plugins use DNS hostnames because IPs change. Hardcoded IPs in plugin code are almost always either dev leftovers or attacker C2 infrastructure. The June 2024 social-warfare keylogger (audit #14) used `https://94.156.79.8/sc-top.js` for the JS payload host, `/AddSites` for victim registration, `/CMSUsers` for filesystem-recon exfil. Operator infrastructure on raw IPs avoids domain registration / RDAP detection paths. Post-filtered to skip RFC1918/loopback/link-local ranges and `vendor/`/`tests/` paths.

View raw JSON

{
    "slug": "persian-woocommerce-sms",
    "pattern": "hardcoded_ip_url",
    "kind": "builtin",
    "version": "7.1.1",
    "hit_count": 17,
    "first_hit": {
        "file": "src/Gateways/PanelChi.php",
        "line": 11,
        "snippet": "public string $api_url = 'http://185.141.171.123/wbs/send.php?wsdl';"
    },
    "explanation": "plugin source hardcodes a raw IPv4 URL (e.g. `https://94.156.79.8/...`) \u2014 legitimate plugins use DNS hostnames because IPs change. Hardcoded IPs in plugin code are almost always either dev leftovers or attacker C2 infrastructure. The June 2024 social-warfare keylogger (audit #14) used `https://94.156.79.8/sc-top.js` for the JS payload host, `/AddSites` for victim registration, `/CMSUsers` for filesystem-recon exfil. Operator infrastructure on raw IPs avoids domain registration / RDAP detection paths. Post-filtered to skip RFC1918/loopback/link-local ranges and `vendor/`/`tests/` paths."
}

Critical code_scan_delta Resolved · false_positive_cdn_known_good 2026-04-30 07:29:49 (2d ago)

Slug persian-woocommerce-sms

Previous version 7.1.1

Current version 7.1.1

New findings

Pattern	Kind	File	Line	Snippet	Confidence
`hardcoded_ip_url`	`builtin`	`src/Gateways/PanelChi.php`	11	`public string $api_url = 'http://185.141.171.123/wbs/send.php?wsdl';`	`high`
`hardcoded_ip_url`	`builtin`	`src/Gateways/IdehPayam.php`	34	`$soap = new SoapClient( "http://185.112.33.61/webservice/send.php?wsdl" );`	`high`
`hardcoded_ip_url`	`builtin`	`src/Gateways/ChaparPanel.php`	33	$client = new SoapClient( "http://87.107.121.52/post/send.asmx?wsdl" );	`high`
`hardcoded_ip_url`	`builtin`	`src/Gateways/RazPayamak.php`	33	$client = new SoapClient( "http://37.228.138.118/post/send.asmx?wsdl" );	`high`
`hardcoded_ip_url`	`builtin`	`src/Gateways/NiazPardazCOM.php`	34	$client = new SoapClient( "http://37.228.138.118/post/send.asmx?wsdl" );	`high`
`hardcoded_ip_url`	`builtin`	`src/Gateways/LoginPanel.php`	33	$client = new SoapClient( "http://87.107.121.52/post/send.asmx?wsdl" );	`high`
`hardcoded_ip_url`	`builtin`	`src/Gateways/YektaTech.php`	34	$client = new SoapClient( "http://37.228.138.118/post/send.asmx?wsdl" );	`high`
`hardcoded_ip_url`	`builtin`	`src/Gateways/ParsianSMS.php`	38	$remote = wp_remote_get( 'http://185.4.31.182/class/sms/webservice/send_url.php?' . $content );	`high`
`hardcoded_ip_url`	`builtin`	`src/Gateways/SMSMeli.php`	35	$client = new SoapClient( "http://37.228.138.118/post/send.asmx?wsdl" );	`high`
`hardcoded_ip_url`	`builtin`	`src/Gateways/MehrPanel.php`	33	`$client = new SoapClient( "http://87.107.121.52/post/send.asmx?wsdl" );`	`high`
`hardcoded_ip_url`	`builtin`	`src/Gateways/SMSPishgaman.php`	66	$client = new nusoap_client( 'http://82.99.216.45/services/?wsdl', true );	`high`
`hardcoded_ip_url`	`builtin`	`src/Gateways/SMSMelli.php`	40	$remote = wp_remote_get( 'http://185.4.31.182/class/sms/webservice/send_url.php?' . $content );	`high`
`hardcoded_ip_url`	`builtin`	`src/Gateways/GamaPayamak.php`	34	$client = new SoapClient( "http://37.228.138.118/post/send.asmx?wsdl" );	`high`
`hardcoded_ip_url`	`builtin`	`src/Gateways/ParandSMS.php`	32	`$client = new SoapClient( "http://87.107.121.52/post/send.asmx?wsdl" );`	`high`
`hardcoded_ip_url`	`builtin`	`src/Gateways/SMSBefrest.php`	34	`$client = new SoapClient( "http://87.107.121.52/post/send.asmx?wsdl" );`	`high`

New finding count 17

View raw JSON

{
    "slug": "persian-woocommerce-sms",
    "previous_version": "7.1.1",
    "current_version": "7.1.1",
    "new_findings": [
        {
            "pattern": "hardcoded_ip_url",
            "kind": "builtin",
            "file": "src/Gateways/PanelChi.php",
            "line": 11,
            "snippet": "public string $api_url = 'http://185.141.171.123/wbs/send.php?wsdl';",
            "confidence": "high"
        },
        {
            "pattern": "hardcoded_ip_url",
            "kind": "builtin",
            "file": "src/Gateways/IdehPayam.php",
            "line": 34,
            "snippet": "$soap = new SoapClient( \"http://185.112.33.61/webservice/send.php?wsdl\" );",
            "confidence": "high"
        },
        {
            "pattern": "hardcoded_ip_url",
            "kind": "builtin",
            "file": "src/Gateways/ChaparPanel.php",
            "line": 33,
            "snippet": "$client       = new SoapClient( \"http://87.107.121.52/post/send.asmx?wsdl\" );",
            "confidence": "high"
        },
        {
            "pattern": "hardcoded_ip_url",
            "kind": "builtin",
            "file": "src/Gateways/RazPayamak.php",
            "line": 33,
            "snippet": "$client       = new SoapClient( \"http://37.228.138.118/post/send.asmx?wsdl\" );",
            "confidence": "high"
        },
        {
            "pattern": "hardcoded_ip_url",
            "kind": "builtin",
            "file": "src/Gateways/NiazPardazCOM.php",
            "line": 34,
            "snippet": "$client       = new SoapClient( \"http://37.228.138.118/post/send.asmx?wsdl\" );",
            "confidence": "high"
        },
        {
            "pattern": "hardcoded_ip_url",
            "kind": "builtin",
            "file": "src/Gateways/LoginPanel.php",
            "line": 33,
            "snippet": "$client       = new SoapClient( \"http://87.107.121.52/post/send.asmx?wsdl\" );",
            "confidence": "high"
        },
        {
            "pattern": "hardcoded_ip_url",
            "kind": "builtin",
            "file": "src/Gateways/YektaTech.php",
            "line": 34,
            "snippet": "$client       = new SoapClient( \"http://37.228.138.118/post/send.asmx?wsdl\" );",
            "confidence": "high"
        },
        {
            "pattern": "hardcoded_ip_url",
            "kind": "builtin",
            "file": "src/Gateways/ParsianSMS.php",
            "line": 38,
            "snippet": "$remote = wp_remote_get( 'http://185.4.31.182/class/sms/webservice/send_url.php?' . $content );",
            "confidence": "high"
        },
        {
            "pattern": "hardcoded_ip_url",
            "kind": "builtin",
            "file": "src/Gateways/SMSMeli.php",
            "line": 35,
            "snippet": "$client       = new SoapClient( \"http://37.228.138.118/post/send.asmx?wsdl\" );",
            "confidence": "high"
        },
        {
            "pattern": "hardcoded_ip_url",
            "kind": "builtin",
            "file": "src/Gateways/MehrPanel.php",
            "line": 33,
            "snippet": "$client = new SoapClient( \"http://87.107.121.52/post/send.asmx?wsdl\" );",
            "confidence": "high"
        },
        {
            "pattern": "hardcoded_ip_url",
            "kind": "builtin",
            "file": "src/Gateways/SMSPishgaman.php",
            "line": 66,
            "snippet": "$client                   = new nusoap_client( 'http://82.99.216.45/services/?wsdl', true );",
            "confidence": "high"
        },
        {
            "pattern": "hardcoded_ip_url",
            "kind": "builtin",
            "file": "src/Gateways/SMSMelli.php",
            "line": 40,
            "snippet": "$remote = wp_remote_get( 'http://185.4.31.182/class/sms/webservice/send_url.php?' . $content );",
            "confidence": "high"
        },
        {
            "pattern": "hardcoded_ip_url",
            "kind": "builtin",
            "file": "src/Gateways/GamaPayamak.php",
            "line": 34,
            "snippet": "$client       = new SoapClient( \"http://37.228.138.118/post/send.asmx?wsdl\" );",
            "confidence": "high"
        },
        {
            "pattern": "hardcoded_ip_url",
            "kind": "builtin",
            "file": "src/Gateways/ParandSMS.php",
            "line": 32,
            "snippet": "$client = new SoapClient( \"http://87.107.121.52/post/send.asmx?wsdl\" );",
            "confidence": "high"
        },
        {
            "pattern": "hardcoded_ip_url",
            "kind": "builtin",
            "file": "src/Gateways/SMSBefrest.php",
            "line": 34,
            "snippet": "$client = new SoapClient( \"http://87.107.121.52/post/send.asmx?wsdl\" );",
            "confidence": "high"
        }
    ],
    "new_finding_count": 17
}

Medium domain_younger_than_plugin Resolved · no_longer_matches 2026-04-24 09:27:49 (8d ago)

Slug	persian-woocommerce-sms
Domain	`avalpayam.com`
Domain source	`c2_http_call`
Domain registered at	2025-07-08
Plugin earliest commit	2014-01-31 17:26:32
Plugin latest release	2025-11-25 09:48:04
Gap days	4,175
Domain age at release	140
Active installs	40,000

View raw JSON

{
    "slug": "persian-woocommerce-sms",
    "domain": "avalpayam.com",
    "domain_source": "c2_http_call",
    "domain_registered_at": "2025-07-08",
    "plugin_earliest_commit": "2014-01-31 17:26:32",
    "plugin_latest_release": "2025-11-25 09:48:04",
    "gap_days": 4175,
    "domain_age_at_release": 140,
    "active_installs": 40000
}

Medium domain_younger_than_plugin Resolved · no_longer_matches 2026-04-24 09:27:49 (8d ago)

Slug	persian-woocommerce-sms
Domain	`iranpayamak.com`
Domain source	`c2_http_call`
Domain registered at	2024-07-16
Plugin earliest commit	2014-01-31 17:26:32
Plugin latest release	2025-11-25 09:48:04
Gap days	3,818
Domain age at release	497
Active installs	40,000

View raw JSON

{
    "slug": "persian-woocommerce-sms",
    "domain": "iranpayamak.com",
    "domain_source": "c2_http_call",
    "domain_registered_at": "2024-07-16",
    "plugin_earliest_commit": "2014-01-31 17:26:32",
    "plugin_latest_release": "2025-11-25 09:48:04",
    "gap_days": 3818,
    "domain_age_at_release": 497,
    "active_installs": 40000
}

SVN committers (3)

Accounts with actual commit access to persian-woocommerce-sms on plugins.svn.wordpress.org, reconstructed from svn log. This is the list that matters for ownership changes — not the readme contributors.

Committer	Member since	Commits	First commit	Latest commit
PersianScript	2010-03-27	117	2014-02-01 · r849283	2025-11-25 · r3402367
Hannan	2013-12-04	63	2015-07-28 · r1207924	2019-01-11 · r2010770
plugin-master	2007-03-09	1	2014-01-31 · r848919	2014-01-31 · r848919

Readme contributors (1)

Names the plugin's readme declares as contributors. A soft signal — anyone can be listed. The SVN access column is the ground-truth cross-reference: does this contributor actually commit code?

Contributor	Member since	SVN access	Status
PersianScript	2010-03-27	117 commits	Active

Versions (100 most recent)

Version	Released	Download
7.1.1	2025-11-25 · 5mo ago	zip
7.1.0	2025-06-02 · 11mo ago	zip
7.0.10	2025-01-18 · 1y ago	zip
7.0.8	2025-01-16 · 1y ago	zip
7.0.9	2025-01-16 · 1y ago	zip
7.0.7	2024-12-12 · 1y ago	zip
7.0.6	2024-12-03 · 1y ago	zip
7.0.5	2024-11-12 · 1y ago	zip
7.0.4	2024-10-19 · 1y ago	zip
7.0.3	2024-10-16 · 1y ago	zip
7.0.2	2024-09-22 · 1y ago	zip
7.0.1	2024-09-21 · 1y ago	zip
7.0.0	2024-09-20 · 1y ago	zip
6.1.0	2023-12-19 · 2y ago	zip
6.0.0	2023-10-17 · 2y ago	zip
5.0.0	2023-02-01 · 3y ago	zip
4.4.5	2022-06-23 · 3y ago	zip
4.4.4	2022-06-22 · 3y ago	zip
4.4.3	2022-06-01 · 3y ago	zip
4.4.2	2022-05-13 · 3y ago	zip
4.4.1	2022-04-10 · 4y ago	zip
4.3.0	2020-10-09 · 5y ago	zip
4.1.0	2019-11-24 · 6y ago	zip
4.0.8	2019-08-31 · 6y ago	zip
4.0.7	2019-01-11 · 7y ago	zip
4.0.6	2018-12-23 · 7y ago	zip
4.0.5	2018-10-17 · 7y ago	zip
4.0.4	2018-09-04 · 7y ago	zip
4.0.3	2018-08-20 · 7y ago	zip
4.0.2	2018-08-13 · 7y ago	zip
3.7.0	2018-07-08 · 7y ago	zip
4.0.1	2018-07-08 · 7y ago	zip
4.0.0	2018-07-01 · 7y ago	zip
3.7.1	2018-04-15 · 8y ago	zip
3.6.10	2018-04-15 · 8y ago	zip
3.6.4	2018-02-27 · 8y ago	zip
3.6.9	2018-02-18 · 8y ago	zip
3.6.7	2017-11-28 · 8y ago	zip
3.6.6	2017-11-20 · 8y ago	zip
3.6.5	2017-11-12 · 8y ago	zip
3.6.3	2017-09-19 · 8y ago	zip
3.6.2	2017-08-22 · 8y ago	zip
3.6.1	2017-08-16 · 8y ago	zip
3.6.0	2017-08-06 · 8y ago	zip
3.5.6	2017-07-08 · 8y ago	zip
3.5.5	2017-05-31 · 8y ago	zip
3.5.4	2017-05-24 · 8y ago	zip
3.5.3	2017-05-15 · 8y ago	zip
3.5.2	2017-05-09 · 8y ago	zip
3.5.1	2017-04-14 · 9y ago	zip
3.5.0	2017-03-20 · 9y ago	zip
3.4.9	2017-02-27 · 9y ago	zip
3.4.8	2017-02-07 · 9y ago	zip
3.4.7	2016-12-01 · 9y ago	zip
3.4.6	2016-11-26 · 9y ago	zip
3.4.5	2016-11-19 · 9y ago	zip
3.4.4	2016-11-19 · 9y ago	zip
3.4.3	2016-08-21 · 9y ago	zip
3.4.2	2016-08-18 · 9y ago	zip
3.4.1	2016-08-04 · 9y ago	zip
3.4.0	2016-07-24 · 9y ago	zip
3.3.9	2016-07-23 · 9y ago	zip
3.3.8	2016-06-06 · 9y ago	zip
3.3.7	2016-05-18 · 9y ago	zip
3.3.6	2016-05-01 · 10y ago	zip
3.3.5	2016-04-27 · 10y ago	zip
3.3.3	2016-04-11 · 10y ago	zip
3.3.4	2016-04-11 · 10y ago	zip
3.3.2	2016-03-09 · 10y ago	zip
3.3.1	2016-02-21 · 10y ago	zip
3.3.0	2016-02-05 · 10y ago	zip
3.2.9	2015-12-30 · 10y ago	zip
3.2.8	2015-11-17 · 10y ago	zip
3.2.7	2015-11-01 · 10y ago	zip
3.2.6	2015-10-06 · 10y ago	zip
3.2.5	2015-10-02 · 10y ago	zip
3.2.1	2015-09-27 · 10y ago	zip
3.2.0	2015-09-27 · 10y ago	zip
3.1.0	2015-09-26 · 10y ago	zip
3.0.3	2015-07-29 · 10y ago	zip
3.0.2	2015-07-29 · 10y ago	zip
3.0.1	2015-07-29 · 10y ago	zip
3.0.0	2015-07-28 · 10y ago	zip
2.1.1	2015-05-15 · 10y ago	zip
2.1.0	2015-05-12 · 10y ago	zip
2.0.11	2015-03-08 · 11y ago	zip
2.0.10	2015-01-24 · 11y ago	zip
2.0.9	2015-01-24 · 11y ago	zip
2.0.8	2015-01-08 · 11y ago	zip
2.0.7	2014-12-20 · 11y ago	zip
2.0.6	2014-11-25 · 11y ago	zip
2.0.5	2014-11-02 · 11y ago	zip
2.0.4	2014-10-28 · 11y ago	zip
2.0.3	2014-10-06 · 11y ago	zip
2.0.2	2014-09-17 · 11y ago	zip
2.0.1	2014-09-14 · 11y ago	zip
2.0	2014-09-11 · 11y ago	zip
1.5	2014-07-09 · 11y ago	zip
1.4	2014-02-06 · 12y ago	zip
1.3	2014-02-06 · 12y ago	zip