Does Riverty Payments for Woocommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in Riverty Payments for Woocommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Riverty Payments for Woocommerce compatible with WordPress 6.9.4?

According to WordPress.org data, Riverty Payments for Woocommerce 7.2.5 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Riverty Payments for Woocommerce compatible with PHP 5.6+?

Riverty Payments for Woocommerce requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Riverty Payments for Woocommerce updated?

Riverty Payments for Woocommerce was last updated on Mar 4, 2026. Frequent updates are generally a positive security signal.

What is Riverty Payments for Woocommerce's security score?

Riverty Payments for Woocommerce has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Riverty Payments for Woocommerce Security & Risk Analysis

wordpress.org/plugins/afterpay-payment-gateway-for-woocommerce

Riverty is the most consumer-friendly BNPL payment method in Germany, Austria, Switzerland, the Nordics, Netherlands and Belgium.

100 active installs v7.2.5 PHP 5.6+ WP 4.5.0+ Updated Mar 4, 2026

afterpaybnplpaymentrivertywoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Riverty Payments for Woocommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Riverty Payments for Woocommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The "afterpay-payment-gateway-for-woocommerce" plugin version 7.2.5 exhibits a mixed security posture. On the positive side, it demonstrates good practices by exclusively using prepared statements for SQL queries and appears to have a clean vulnerability history with no known CVEs. The code also performs a high percentage of output escaping, which is a positive indicator for preventing cross-site scripting vulnerabilities.

However, significant security concerns arise from the static analysis. The plugin exposes two REST API routes without any permission callbacks, creating an unprotected attack surface. Additionally, the presence of four `unserialize` function calls is a critical red flag, as deserialization vulnerabilities can lead to arbitrary code execution if user-controlled data is deserialized without proper sanitization. The lack of any nonce checks or capability checks on its entry points further exacerbates these risks, making it easier for unauthenticated or unauthorized users to interact with potentially vulnerable functions.

While the absence of past vulnerabilities is encouraging, it does not negate the inherent risks identified in the current version's code. The unprotected REST API endpoints and the use of `unserialize` represent substantial security weaknesses that require immediate attention. The plugin's strengths in SQL handling and output escaping are overshadowed by these critical vulnerabilities.

Key Concerns

Unprotected REST API routes
Dangerous function: unserialize used
No nonce checks on entry points
No capability checks on entry points

Vulnerabilities

None known

Riverty Payments for Woocommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Riverty Payments for Woocommerce Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

221

889 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize} elseif ( @unserialize( $postnl_meta_data ) !== false ) {class-wc-gateway-afterpay-base-rest.php:841

unserialize$postnl_meta_data = unserialize( $postnl_meta_data );class-wc-gateway-afterpay-base-rest.php:843

unserialize} elseif ( @unserialize( $postnl_meta_data ) !== false ) {class-wc-gateway-afterpay-base.php:1204

unserialize$postnl_meta_data = unserialize( $postnl_meta_data );class-wc-gateway-afterpay-base.php:1206

Bundled Libraries

Guzzle

Output Escaping

80% escaped1110 total outputs

Attack Surface

2 unprotected

Riverty Payments for Woocommerce Attack Surface

Entry Points2

Unprotected2

REST API Routes 2

POST/wp-json/afterpay/v1bankaccount-validateclass-wc-gateway-afterpay.php:787

POST/wp-json/riverty/v1apikey-validateclass-wc-gateway-afterpay.php:796

WordPress Hooks 102

actionwoocommerce_initclass-afterpay-coupon.php:35

filterwoocommerce_coupon_data_tabsclass-afterpay-coupon.php:47

actionwoocommerce_coupon_data_panelsclass-afterpay-coupon.php:48

actionwoocommerce_coupon_options_saveclass-afterpay-coupon.php:49

actionwoocommerce_receipt_afterpayclass-wc-gateway-afterpay-at-directdebit.php:141

actionwoocommerce_order_status_changedclass-wc-gateway-afterpay-at-directdebit.php:144

actionwoocommerce_receipt_afterpayclass-wc-gateway-afterpay-at-installments.php:143

actionwoocommerce_order_status_changedclass-wc-gateway-afterpay-at-installments.php:146

actionwoocommerce_receipt_afterpayclass-wc-gateway-afterpay-at-openinvoice.php:141

actionwoocommerce_order_status_changedclass-wc-gateway-afterpay-at-openinvoice.php:144

filterwoocommerce_available_payment_gatewaysclass-wc-gateway-afterpay-base-rest.php:43

filterscript_loader_tagclass-wc-gateway-afterpay-base-rest.php:64

actionwoocommerce_receipt_afterpayclass-wc-gateway-afterpay-be-openinvoice-rest.php:131

actionwoocommerce_order_status_changedclass-wc-gateway-afterpay-be-openinvoice-rest.php:134

actionwoocommerce_receipt_afterpayclass-wc-gateway-afterpay-be-openinvoice.php:131

actionwoocommerce_order_status_changedclass-wc-gateway-afterpay-be-openinvoice.php:134

actionwoocommerce_receipt_afterpayclass-wc-gateway-afterpay-ch-openinvoice.php:140

actionwoocommerce_order_status_changedclass-wc-gateway-afterpay-ch-openinvoice.php:143

actionwoocommerce_receipt_afterpayclass-wc-gateway-afterpay-de-directdebit.php:141

actionwoocommerce_order_status_changedclass-wc-gateway-afterpay-de-directdebit.php:144

actionwoocommerce_receipt_afterpayclass-wc-gateway-afterpay-de-installments.php:144

actionwoocommerce_order_status_changedclass-wc-gateway-afterpay-de-installments.php:147

actionwoocommerce_receipt_afterpayclass-wc-gateway-afterpay-de-openinvoice.php:141

actionwoocommerce_order_status_changedclass-wc-gateway-afterpay-de-openinvoice.php:144

actionwoocommerce_receipt_afterpayclass-wc-gateway-afterpay-dk-b2b-openinvoice.php:130

actionwoocommerce_order_status_changedclass-wc-gateway-afterpay-dk-b2b-openinvoice.php:133

actionwoocommerce_receipt_afterpayclass-wc-gateway-afterpay-dk-campaign.php:130

actionwoocommerce_order_status_changedclass-wc-gateway-afterpay-dk-campaign.php:133

actionwoocommerce_receipt_afterpayclass-wc-gateway-afterpay-dk-flex.php:138

actionwoocommerce_order_status_changedclass-wc-gateway-afterpay-dk-flex.php:141

actionwoocommerce_receipt_afterpayclass-wc-gateway-afterpay-dk-installments.php:136

actionwoocommerce_order_status_changedclass-wc-gateway-afterpay-dk-installments.php:139

actionwoocommerce_receipt_afterpayclass-wc-gateway-afterpay-dk-openinvoice.php:130

actionwoocommerce_order_status_changedclass-wc-gateway-afterpay-dk-openinvoice.php:133

actionwoocommerce_receipt_afterpayclass-wc-gateway-afterpay-fi-b2b-openinvoice.php:129

actionwoocommerce_order_status_changedclass-wc-gateway-afterpay-fi-b2b-openinvoice.php:132

actionwoocommerce_receipt_afterpayclass-wc-gateway-afterpay-fi-campaign.php:129

actionwoocommerce_order_status_changedclass-wc-gateway-afterpay-fi-campaign.php:132

actionwoocommerce_receipt_afterpayclass-wc-gateway-afterpay-fi-flex.php:138

actionwoocommerce_order_status_changedclass-wc-gateway-afterpay-fi-flex.php:141

actionwoocommerce_receipt_afterpayclass-wc-gateway-afterpay-fi-installments.php:138

actionwoocommerce_order_status_changedclass-wc-gateway-afterpay-fi-installments.php:141

actionwoocommerce_receipt_afterpayclass-wc-gateway-afterpay-fi-openinvoice.php:129

actionwoocommerce_order_status_changedclass-wc-gateway-afterpay-fi-openinvoice.php:132

actionwoocommerce_receipt_afterpayclass-wc-gateway-afterpay-nl-business-extra.php:127

actionwoocommerce_order_status_changedclass-wc-gateway-afterpay-nl-business-extra.php:130

actionwoocommerce_receipt_afterpayclass-wc-gateway-afterpay-nl-business-rest.php:131

actionwoocommerce_order_status_changedclass-wc-gateway-afterpay-nl-business-rest.php:134

actionwoocommerce_receipt_afterpayclass-wc-gateway-afterpay-nl-business.php:127

actionwoocommerce_order_status_changedclass-wc-gateway-afterpay-nl-business.php:130

actionwoocommerce_receipt_afterpayclass-wc-gateway-afterpay-nl-directdebit-rest.php:131

actionwoocommerce_order_status_changedclass-wc-gateway-afterpay-nl-directdebit-rest.php:134

actionwoocommerce_receipt_afterpayclass-wc-gateway-afterpay-nl-directdebit.php:129

actionwoocommerce_order_status_changedclass-wc-gateway-afterpay-nl-directdebit.php:132

actionwoocommerce_receipt_afterpayclass-wc-gateway-afterpay-nl-openinvoice-extra.php:131

actionwoocommerce_order_status_changedclass-wc-gateway-afterpay-nl-openinvoice-extra.php:134

actionwoocommerce_receipt_afterpayclass-wc-gateway-afterpay-nl-openinvoice-rest.php:131

actionwoocommerce_order_status_changedclass-wc-gateway-afterpay-nl-openinvoice-rest.php:134

actionwoocommerce_receipt_afterpayclass-wc-gateway-afterpay-nl-openinvoice.php:131

actionwoocommerce_order_status_changedclass-wc-gateway-afterpay-nl-openinvoice.php:134

actionwoocommerce_receipt_afterpayclass-wc-gateway-afterpay-nl-payinx.php:134

actionwoocommerce_order_status_changedclass-wc-gateway-afterpay-nl-payinx.php:137

actionwp_enqueue_scriptsclass-wc-gateway-afterpay-nl-payinx.php:140

actionwoocommerce_receipt_afterpayclass-wc-gateway-afterpay-no-b2b-openinvoice.php:129

actionwoocommerce_order_status_changedclass-wc-gateway-afterpay-no-b2b-openinvoice.php:132

actionwoocommerce_receipt_afterpayclass-wc-gateway-afterpay-no-campaign.php:129

actionwoocommerce_order_status_changedclass-wc-gateway-afterpay-no-campaign.php:132

actionwoocommerce_receipt_afterpayclass-wc-gateway-afterpay-no-flex.php:138

actionwoocommerce_order_status_changedclass-wc-gateway-afterpay-no-flex.php:141

actionwoocommerce_receipt_afterpayclass-wc-gateway-afterpay-no-installments.php:136

actionwoocommerce_order_status_changedclass-wc-gateway-afterpay-no-installments.php:139

actionwoocommerce_receipt_afterpayclass-wc-gateway-afterpay-no-openinvoice.php:129

actionwoocommerce_order_status_changedclass-wc-gateway-afterpay-no-openinvoice.php:132

actionwoocommerce_receipt_afterpayclass-wc-gateway-afterpay-se-b2b-openinvoice.php:131

actionwoocommerce_order_status_changedclass-wc-gateway-afterpay-se-b2b-openinvoice.php:134

actionwoocommerce_receipt_afterpayclass-wc-gateway-afterpay-se-campaign.php:131

actionwoocommerce_order_status_changedclass-wc-gateway-afterpay-se-campaign.php:134

actionwoocommerce_receipt_afterpayclass-wc-gateway-afterpay-se-flex.php:138

actionwoocommerce_order_status_changedclass-wc-gateway-afterpay-se-flex.php:141

actionwoocommerce_receipt_afterpayclass-wc-gateway-afterpay-se-installments.php:136

actionwoocommerce_order_status_changedclass-wc-gateway-afterpay-se-installments.php:139

actionwoocommerce_receipt_afterpayclass-wc-gateway-afterpay-se-openinvoice.php:131

actionwoocommerce_order_status_changedclass-wc-gateway-afterpay-se-openinvoice.php:134

actionbefore_woocommerce_initclass-wc-gateway-afterpay.php:62

actionplugins_loadedclass-wc-gateway-afterpay.php:188

filterwoocommerce_payment_gatewaysclass-wc-gateway-afterpay.php:442

actionwp_enqueue_scriptsclass-wc-gateway-afterpay.php:458

actionadmin_enqueue_scriptsclass-wc-gateway-afterpay.php:459

filterscript_loader_tagclass-wc-gateway-afterpay.php:480

filterscript_loader_tagclass-wc-gateway-afterpay.php:540

filterwoocommerce_thankyou_order_received_textclass-wc-gateway-afterpay.php:617

actionwoocommerce_single_product_summaryclass-wc-gateway-afterpay.php:778

actionplugins_loadedclass-wc-gateway-afterpay.php:1091

actionplugins_loadedclass-wc-gateway-afterpay.php:1093

actionrest_api_initclass-wc-gateway-afterpay.php:1095

actionwoocommerce_settings_tabs_afterpay_elementsclass-wc-gateway-afterpay.php:1097

actionwoocommerce_update_options_afterpay_elementsclass-wc-gateway-afterpay.php:1099

actionadmin_enqueue_scriptsclass-wc-gateway-afterpay.php:1101

actionwp_enqueue_scriptsclass-wc-gateway-afterpay.php:1103

actionparse_requestclass-wc-gateway-afterpay.php:1105

actionwoocommerce_before_thankyouclass-wc-gateway-afterpay.php:1107

actionafterpay_check_pendingclass-wc-gateway-afterpay.php:1110

Scheduled Events 1

afterpay_check_pending

Maintenance & Trust

Riverty Payments for Woocommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 4, 2026

PHP min version5.6

Downloads18K

Community Trust

Rating100/100

Number of ratings2

Active installs100

Alternatives

Riverty Payments for Woocommerce Alternatives

Alma – Pay in installments or later for WooCommerce

alma-gateway-for-woocommerce

100

This plugin adds a new payment method to WooCommerce, which allows you to offer monthly payments to your customer using Alma.

1K 1 CVE

seQura

sequra

100

Flexible payment platform that enhances business conversion and recurrence. The easiest, safest, and quickest way for customers to pay installments.

900 No CVEs

payever – WooCommerce Gateway

payever-woocommerce-gateway

100

With payever you can easily add all your preferred payment options to your checkout. Within minutes! Find more about us: www.getpayever.com

500 No CVEs

iwocaPay Payment Gateway

iwocapay-payment-gateway

100

Add iwocaPay as a payment option to your WooCommerce checkout flow.

100 No CVEs

Zip US Gateway for WooCommerce

quadpay-gateway-for-woocommerce

Use Zip US as a payment gateway for WooCommerce.

100 No CVEs

Developer Profile

Riverty Payments for Woocommerce Developer Profile

Afterpay

2 plugins · 10K total installs

trust score

Avg Security Score

96/100

Avg Patch Time

650 days

View full developer profile

Detection Fingerprints

How We Detect Riverty Payments for Woocommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/afterpay-payment-gateway-for-woocommerce/assets/js/afterpay-checkout.js/wp-content/plugins/afterpay-payment-gateway-for-woocommerce/assets/js/afterpay-frontend.js/wp-content/plugins/afterpay-payment-gateway-for-woocommerce/assets/css/afterpay-frontend.css/wp-content/plugins/afterpay-payment-gateway-for-woocommerce/assets/js/afterpay-admin.js/wp-content/plugins/afterpay-payment-gateway-for-woocommerce/assets/css/afterpay-admin.css

Generator Patterns

Riverty payment gateway for Woocommerce v7.2.5

Script Paths

Version Parameters

/wp-content/plugins/afterpay-payment-gateway-for-woocommerce/assets/js/afterpay-checkout.js?ver=/wp-content/plugins/afterpay-payment-gateway-for-woocommerce/assets/js/afterpay-frontend.js?ver=/wp-content/plugins/afterpay-payment-gateway-for-woocommerce/assets/css/afterpay-frontend.css?ver=/wp-content/plugins/afterpay-payment-gateway-for-woocommerce/assets/js/afterpay-admin.js?ver=/wp-content/plugins/afterpay-payment-gateway-for-woocommerce/assets/css/afterpay-admin.css?ver=

HTML / DOM Fingerprints

CSS Classes

afterpay-payment-gateway-for-woocommerceafterpay_payment_gateway_for_woocommerceafterpay-checkout-wrapperafterpay-method-afterpay-checkout-error-messageafterpay-modal-overlayafterpay-modal-content

HTML Comments

AfterPay reserves all rights in the Program as delivered. The Programor any portion thereof may not be reproduced in any form whatsoever withoutthe written consent of AfterPay.Disclaimer:+9 more

Data Attributes

data-afterpay-checkout-urldata-afterpay-order-id

JS Globals

afterpay_params

REST Endpoints

/wp-json/afterpay/v1/checkout/wp-json/afterpay/v1/callback/wp-json/afterpay/v1/payment-status

FAQ

Riverty Payments for Woocommerce Security & Risk Analysis

Is Riverty Payments for Woocommerce Safe to Use in 2026?

Generally Safe

Key Concerns

Riverty Payments for Woocommerce Security Vulnerabilities

Riverty Payments for Woocommerce Code Analysis

Dangerous Functions Found

Bundled Libraries

Output Escaping

Riverty Payments for Woocommerce Attack Surface

REST API Routes 2

Scheduled Events 1

Riverty Payments for Woocommerce Maintenance & Trust

Maintenance Signals

Community Trust

Riverty Payments for Woocommerce Alternatives

Alma – Pay in installments or later for WooCommerce

seQura

payever – WooCommerce Gateway

iwocaPay Payment Gateway

Zip US Gateway for WooCommerce

Riverty Payments for Woocommerce Developer Profile

How We Detect Riverty Payments for Woocommerce

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Riverty Payments for Woocommerce