WP-Safety

AllPays.co – Payment Gateway for WooCommerce Security & Risk Analysis

wordpress.org/plugins/allpaysco-payment-gateway-for-woocommerce

Accept credit/debit cards, Apple Pay, Google Pay, Venmo and more with no registration. Fast and secure payments through traditional payment methods.

0 active installs v1.0.0 PHP 7.4+ WP 5.0+ Updated May 26, 2025
apple-paycredit-cardgoogle-paypayment-gatewaywoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is AllPays.co – Payment Gateway for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

AllPays.co – Payment Gateway for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10mo ago
Risk Assessment

The plugin 'allpaysco-payment-gateway-for-woocommerce' v1.2.0 exhibits a generally good security posture based on the provided static analysis and vulnerability history. The absence of known CVEs and the use of prepared statements for all SQL queries are significant strengths. Furthermore, the vast majority of output is properly escaped, and there are no indications of dangerous functions, file operations, or tainted code flows. This suggests a development team that is conscious of secure coding practices.

However, there are notable areas for improvement. The most significant concern is the presence of one unprotected REST API route. This represents a direct entry point into the plugin that lacks any permission checks, which could potentially be exploited by unauthenticated users. The lack of nonce checks on the identified entry point also presents a risk, as it doesn't protect against common cross-site request forgery (CSRF) attacks.

In conclusion, while the plugin has a solid foundation regarding SQL and output sanitization, the unprotected REST API route and absence of nonce checks are critical weaknesses that require immediate attention. The clean vulnerability history is positive but should not lead to complacency, especially with the identified unprotected entry point.

Key Concerns

  • Unprotected REST API route without permission callback
  • No nonce checks on entry points
Vulnerabilities
None known

AllPays.co – Payment Gateway for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

AllPays.co – Payment Gateway for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
4 prepared
Unescaped Output
2
81 escaped
Nonce Checks
0
Capability Checks
2
File Operations
0
External Requests
1
Bundled Libraries
0

SQL Query Safety

100% prepared4 total queries

Output Escaping

98% escaped83 total outputs
Attack Surface
1 unprotected

AllPays.co – Payment Gateway for WooCommerce Attack Surface

Entry Points1
Unprotected1

REST API Routes 1

GET/wp-json/allpaysco-payment-gateway-for-woocommerce/v1/callbackallpaysco-payment-gateway-for-woocommerce.php:735
WordPress Hooks 25
actionbefore_woocommerce_initallpaysco-payment-gateway-for-woocommerce.php:147
actionwoocommerce_admin_field_payment_gatewaysallpaysco-payment-gateway-for-woocommerce.php:150
actionallpaysco_gateway_admin_options_wrapperallpaysco-payment-gateway-for-woocommerce.php:153
actionadmin_headallpaysco-payment-gateway-for-woocommerce.php:156
filterbefore_woocommerce_initallpaysco-payment-gateway-for-woocommerce.php:159
actionbefore_woocommerce_initallpaysco-payment-gateway-for-woocommerce.php:162
actionrest_api_initallpaysco-payment-gateway-for-woocommerce.php:168
actionrest_api_initallpaysco-payment-gateway-for-woocommerce.php:171
filteris_protected_metaallpaysco-payment-gateway-for-woocommerce.php:174
filterwoocommerce_order_get_payment_method_titleallpaysco-payment-gateway-for-woocommerce.php:175
actionadmin_noticesallpaysco-payment-gateway-for-woocommerce.php:178
actionadmin_enqueue_scriptsallpaysco-payment-gateway-for-woocommerce.php:181
actionadmin_enqueue_scriptsallpaysco-payment-gateway-for-woocommerce.php:182
actionadmin_initallpaysco-payment-gateway-for-woocommerce.php:185
filterpre_update_option_woocommerce_allpaysco_settingsallpaysco-payment-gateway-for-woocommerce.php:550
filterwoocommerce_payment_gatewaysallpaysco-payment-gateway-for-woocommerce.php:557
filterwoocommerce_payment_gatewaysincludes\core\class-registry.php:50
filterplugin_localeincludes\core\class-translations.php:37
actionwoocommerce_cart_calculate_feesincludes\core\class-utils.php:26
actionwoocommerce_blocks_payment_method_type_registrationincludes\payment-methods\abstract-payment-gateway.php:89
actionbefore_woocommerce_payincludes\payment-methods\abstract-payment-gateway.php:243
actionallpaysco_send_reminder_emailincludes\payment-methods\abstract-payment-gateway.php:295
actionwoocommerce_payment_completeincludes\payment-methods\abstract-payment-gateway.php:296
actionwoocommerce_order_details_before_order_tableincludes\payment-methods\class-base-payment-provider-gateway.php:52
actionbefore_woocommerce_payincludes\payment-methods\class-hosted-payment-gateway.php:41

Scheduled Events 1

allpaysco_send_reminder_email
Maintenance & Trust

AllPays.co – Payment Gateway for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedMay 26, 2025
PHP min version7.4
Downloads332

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

AllPays.co – Payment Gateway for WooCommerce Alternatives

Sola Payment Gateway for WooCommerce

Sola Payment Gateway for WooCommerce

woo-cardknox-gateway

A
100

Accept payments with the Sola gateway.

700 No CVEs
WooPayments: Integrated WooCommerce Payments

WooPayments: Integrated WooCommerce Payments

woocommerce-payments

A
89

Securely accept credit and debit cards on your WooCommerce store. Manage payments without leaving your WordPress dashboard. Only with WooPayments.

900K 7 CVEs
Trust Payments Gateway for WooCommerce

Trust Payments Gateway for WooCommerce

trust-payments-hosted-payment-pages-integration

A
98

This plugin offers a simple and easy to implement method for merchants to add e-payment capabilities to their WooCommerce online commerce setup.

400 1 CVE
Nomod for WooCommerce

Nomod for WooCommerce

nomod-for-woocommerce

A
100

Accept major cards, Apple Pay, Google Pay, Mada, Tabby & Tamara on your store. Get same-day payouts, no monthly fees & amazing support!

200 No CVEs
iPOSpays Gateways WC

iPOSpays Gateways WC

ipospays-gateways-wc

A
100

Accept all major credit cards, Bank, and alternative payment methods like Google Pay, PayPal, and Venmo.

100 No CVEs
Developer Profile

AllPays.co – Payment Gateway for WooCommerce Developer Profile

AllPays.co

1 plugin · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect AllPays.co – Payment Gateway for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/allpaysco-payment-gateway-for-woocommerce/assets/css/payments-settings.css/wp-content/plugins/allpaysco-payment-gateway-for-woocommerce/assets/js/payments-settings.js/wp-content/plugins/allpaysco-payment-gateway-for-woocommerce/assets/js/payments-list.js
Script Paths
/wp-content/plugins/allpaysco-payment-gateway-for-woocommerce/assets/js/payments-settings.js/wp-content/plugins/allpaysco-payment-gateway-for-woocommerce/assets/js/payments-list.js
Version Parameters
allpaysco-payment-gateway-for-woocommerce/assets/css/payments-settings.css?ver=allpaysco-payment-gateway-for-woocommerce/assets/js/payments-settings.js?ver=allpaysco-payment-gateway-for-woocommerce/assets/js/payments-list.js?ver=

HTML / DOM Fingerprints

CSS Classes
allpaysco-settingsallpaysco-payment-gateway-logoallpaysco-settings-loading-screen
HTML Comments
<!-- Default AllPays.co Settings UI --><!-- Legacy AllPays.co Settings UI -->
Data Attributes
data-allpaysco-payment-gateway-id
JS Globals
window.allpaysco_settings_params
REST Endpoints
/wp-json/allpaysco/v1/settings
FAQ

Frequently Asked Questions about AllPays.co – Payment Gateway for WooCommerce