WP-Safety

ANKA Commerce Security & Risk Analysis

wordpress.org/plugins/anka-commerce

Accept payments through ANKA Pay using Credit Cards, Mobile Money, Nigerian Bank Transfer, and PayPal on your WooCommerce store or Payment buttons.

10 active installs v1.2.0 PHP 7.2+ WP 5.0+ Updated Jan 8, 2026
ecommercepayment-gatewaypayment-buttonwoocommercewordpress
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is ANKA Commerce Safe to Use in 2026?

Generally Safe

Score 100/100

ANKA Commerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago
Risk Assessment

The "anka-commerce" v1.2.0 plugin demonstrates a generally good security posture with several positive indicators. The absence of dangerous functions, file operations, and critical/high severity taint flows is a strong sign of secure coding practices. Furthermore, the plugin exhibits a decent rate of prepared statements for SQL queries and proper output escaping, mitigating common risks. The lack of any recorded vulnerabilities in its history is also a reassuring factor, suggesting a history of stability and security focus.

However, there are notable areas of concern that detract from its overall security. The presence of two unprotected REST API routes represents a significant attack surface. These routes, accessible without proper permission checks, could potentially be exploited for unauthorized actions or information disclosure. While the total number of entry points is low, the fact that a majority of them lack authentication is a critical weakness. The plugin also has external HTTP requests, which, while not explicitly flagged as insecure, could pose a risk if not handled with strict validation and sanitization on incoming data.

In conclusion, "anka-commerce" v1.2.0 has a solid foundation with its secure coding practices and clean vulnerability history. Nevertheless, the two unprotected REST API routes present a clear and present danger that must be addressed. Addressing these specific weaknesses would significantly enhance the plugin's security.

Key Concerns

  • REST API routes without permission callbacks
  • External HTTP requests
Vulnerabilities
None known

ANKA Commerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

ANKA Commerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
8
12 prepared
Unescaped Output
30
115 escaped
Nonce Checks
4
Capability Checks
1
File Operations
0
External Requests
4
Bundled Libraries
0

SQL Query Safety

60% prepared20 total queries

Output Escaping

79% escaped145 total outputs
Data Flows
All sanitized

Data Flow Analysis

4 flows
anka_commerce_payment_button_payment_buttons_form_admin_page (includes\payment-button\class-anka-commerce-payment-button-admin-setting.php:162)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

ANKA Commerce Attack Surface

Entry Points3
Unprotected2

REST API Routes 2

GET/wp-json/anka-pay/v1/webhookincludes\woocommerce\class-anka-commerce-woocommerce-gateway-anka-pay.php:289
GET/wp-json/anka-commerce/v1/woocommerce/get-icon-urlincludes\woocommerce\class-anka-commerce-woocommerce.php:215

Shortcodes 1

[anka_pay_button] anka-commerce.php:66
WordPress Hooks 20
actionplugins_loadedanka-commerce.php:46
actionplugins_loadedanka-commerce.php:49
actionplugins_loadedanka-commerce.php:60
actionadmin_menuanka-commerce.php:63
actionwp_enqueue_scriptsanka-commerce.php:69
actioninitanka-commerce.php:75
actionrest_api_initanka-commerce.php:78
actionplugins_loadedanka-commerce.php:89
actionwp_enqueue_scriptsanka-commerce.php:92
filterwoocommerce_payment_gatewaysanka-commerce.php:95
actionwoocommerce_blocks_loadedanka-commerce.php:98
actionbefore_woocommerce_initanka-commerce.php:101
actiontemplate_redirectanka-commerce.php:104
actionrest_api_initanka-commerce.php:107
actionrest_api_initincludes\woocommerce\class-anka-commerce-woocommerce-gateway-anka-pay.php:51
actionadmin_initincludes\woocommerce\class-anka-commerce-woocommerce-gateway-anka-pay.php:52
actionadmin_noticesincludes\woocommerce\class-anka-commerce-woocommerce-gateway-anka-pay.php:55
actionadmin_noticesincludes\woocommerce\class-anka-commerce-woocommerce-gateway-anka-pay.php:56
actionadmin_noticesincludes\woocommerce\class-anka-commerce-woocommerce-gateway-anka-pay.php:319
actionwoocommerce_blocks_payment_method_type_registrationincludes\woocommerce\class-anka-commerce-woocommerce.php:57
Maintenance & Trust

ANKA Commerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedJan 8, 2026
PHP min version7.2
Downloads2K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

ANKA Commerce Alternatives

SumUp Payment Gateway For WooCommerce

SumUp Payment Gateway For WooCommerce

sumup-payment-gateway-for-woocommerce

A
99

The SumUp plugin for WooCommerce allows businesses to securely process payments online. Accept payments from customers using a range of payment method …

10K 1 CVE
Pay for Payment for WooCommerce

Pay for Payment for WooCommerce

woocommerce-pay-for-payment

A
100

Setup individual charges for each payment method in WooCommerce.

10K No CVEs
Bold pagos en linea

Bold pagos en linea

bold-pagos-en-linea

A
99

Recibe pagos en tu tienda de forma segura con diferentes métodos de pago confiables.

4K 1 CVE
Pay in Store WooCommerce Payment Gateway

Pay in Store WooCommerce Payment Gateway

pay-in-store-woocommerce-payment-gateway

A
85

Provides a Pay in Store upon pick up Payment Gateway for Woocommerce.

3K No CVEs
Robokassa payment gateway for Woocommerce

Robokassa payment gateway for Woocommerce

robokassa

B
75

Позволяет использовать интерфейс (платежный шлюз) для оплаты через Робокассу в WooCommerce. Поддерживает интеграцию чеков (закон 54-ФЗ)

3K 1 unpatched
Developer Profile

ANKA Commerce Developer Profile

ANKA Developer Team

1 plugin · 10 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect ANKA Commerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/anka-commerce/includes/payment-button/css/anka-commerce-payment-button.css/wp-content/plugins/anka-commerce/includes/payment-button/js/anka-commerce-payment-button.js/wp-content/plugins/anka-commerce/includes/woocommerce/css/anka-commerce-woocommerce.css/wp-content/plugins/anka-commerce/includes/woocommerce/js/anka-commerce-woocommerce.js
Script Paths
/wp-content/plugins/anka-commerce/includes/payment-button/js/anka-commerce-payment-button.js/wp-content/plugins/anka-commerce/includes/woocommerce/js/anka-commerce-woocommerce.js
Version Parameters
anka-commerce/includes/payment-button/css/anka-commerce-payment-button.css?ver=anka-commerce/includes/payment-button/js/anka-commerce-payment-button.js?ver=anka-commerce/includes/woocommerce/css/anka-commerce-woocommerce.css?ver=anka-commerce/includes/woocommerce/js/anka-commerce-woocommerce.js?ver=

HTML / DOM Fingerprints

CSS Classes
anka-pay-button-containeranka-pay-button-wrapperanka-commerce-payment-gateway
HTML Comments
<!-- ANKA Commerce payment button --><!-- ANKA Commerce WooCoomerce payment gateway -->
Data Attributes
data-anka-pay-button-id
JS Globals
ankaCommercePaymentButtonankaCommerceWooCommerce
REST Endpoints
/wp-json/anka-commerce/v1/payment-button/list/wp-json/anka-commerce/v1/woocommerce/payment-method-icon
Shortcode Output
[anka_pay_button
FAQ

Frequently Asked Questions about ANKA Commerce