Does AURAS Pay have any unpatched vulnerabilities?

No. All known vulnerabilities in AURAS Pay have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is AURAS Pay compatible with WordPress 6.9.4?

According to WordPress.org data, AURAS Pay 1.0.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is AURAS Pay compatible with PHP 7.4+?

AURAS Pay requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is AURAS Pay updated?

AURAS Pay was last updated on Jan 19, 2026. Frequent updates are generally a positive security signal.

What is AURAS Pay's security score?

AURAS Pay has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

AURAS Pay Security & Risk Analysis

wordpress.org/plugins/auras-pay

Accept cryptocurrency payments on any WordPress site. No WooCommerce required! Support for SOL, USDC, BTC, and ETH via AURAS Pay.

0 active installs v1.0.0 PHP 7.4+ WP 5.8+ Updated Jan 19, 2026

bitcoincryptocurrencyethereumpayment-gatewaysolana

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is AURAS Pay Safe to Use in 2026?

Generally Safe

Score 100/100

AURAS Pay has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago

Risk Assessment

The auras-pay v1.0.0 plugin demonstrates a generally good security posture with several positive indicators. The plugin exhibits strong practices regarding output escaping, with 97% of outputs properly escaped, and a commendable 64% of SQL queries utilize prepared statements, reducing the risk of SQL injection. Furthermore, the absence of any known CVEs, critical taint flows, or dangerous functions suggests a history of secure development and maintenance. However, there are notable areas for concern. The presence of 3 unprotected entry points within the plugin's attack surface is a significant risk. Specifically, 2 AJAX handlers and 1 REST API route lack authentication checks, potentially allowing unauthenticated users to trigger sensitive functionality. While the taint analysis shows no unsanitized paths, the large number of AJAX handlers and REST API routes combined with the lack of auth checks creates a substantial potential attack vector. The plugin's vulnerability history is currently clean, which is a positive sign, but it doesn't negate the immediate risks identified in the static analysis. The focus should be on addressing the unprotected entry points to solidify its security. Overall, auras-pay v1.0.0 has a solid foundation but requires immediate attention to its exposed entry points.

Key Concerns

Unprotected AJAX handlers
Unprotected REST API route
SQL queries without prepared statements

Vulnerabilities

None known

AURAS Pay Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

AURAS Pay Code Analysis

Dangerous Functions

Raw SQL Queries

14 prepared

Unescaped Output

310 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

64% prepared22 total queries

Output Escaping

97% escaped319 total outputs

Data Flows

All sanitized

Data Flow Analysis

4 flows

<class-auras-pay-standalone-payment-handler> (includes\class-auras-pay-standalone-payment-handler.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

3 unprotected

AURAS Pay Attack Surface

Entry Points16

Unprotected3

AJAX Handlers 12

authwp_ajax_auras_pay_standalone_test_connectionincludes\class-auras-pay-standalone-admin.php:26

authwp_ajax_auras_pay_standalone_repair_dbincludes\class-auras-pay-standalone-admin.php:29

authwp_ajax_auras_pay_standalone_create_paymentincludes\class-auras-pay-standalone-payment-handler.php:22

noprivwp_ajax_auras_pay_standalone_create_paymentincludes\class-auras-pay-standalone-payment-handler.php:23

authwp_ajax_auras_pay_standalone_check_statusincludes\class-auras-pay-standalone-payment-handler.php:26

noprivwp_ajax_auras_pay_standalone_check_statusincludes\class-auras-pay-standalone-payment-handler.php:27

authwp_ajax_auras_pay_standalone_save_planincludes\class-auras-pay-standalone-plans.php:29

authwp_ajax_auras_pay_standalone_delete_planincludes\class-auras-pay-standalone-plans.php:30

authwp_ajax_auras_pay_standalone_get_plan_qrincludes\class-auras-pay-standalone-plans.php:31

noprivwp_ajax_auras_pay_standalone_get_plan_qrincludes\class-auras-pay-standalone-plans.php:32

authwp_ajax_auras_pay_webhookincludes\class-auras-pay-standalone-webhook.php:40

noprivwp_ajax_auras_pay_webhookincludes\class-auras-pay-standalone-webhook.php:41

REST API Routes 1

POST/wp-json/auras-pay-standalone/v1/webhookincludes\class-auras-pay-standalone-webhook.php:48

Shortcodes 3

[auras_pay_plans] includes\class-auras-pay-standalone-shortcodes.php:22

[auras_pay_plan] includes\class-auras-pay-standalone-shortcodes.php:25

[auras_pay_checkout] includes\class-auras-pay-standalone-shortcodes.php:28

WordPress Hooks 13

actionplugins_loadedauras-pay-standalone.php:102

actionadmin_menuincludes\class-auras-pay-standalone-admin-plans.php:21

actionadmin_enqueue_scriptsincludes\class-auras-pay-standalone-admin-plans.php:22

actionadmin_menuincludes\class-auras-pay-standalone-admin.php:21

actionadmin_initincludes\class-auras-pay-standalone-admin.php:22

actionadmin_enqueue_scriptsincludes\class-auras-pay-standalone-admin.php:23

actionadmin_noticesincludes\class-auras-pay-standalone-admin.php:32

actionwp_enqueue_scriptsincludes\class-auras-pay-standalone-payment-handler.php:30

actionauras_pay_standalone_payment_completedincludes\class-auras-pay-standalone-plans.php:35

actionrest_api_initincludes\class-auras-pay-standalone-webhook.php:33

actioninitincludes\class-auras-pay-standalone-webhook.php:36

actiontemplate_redirectincludes\class-auras-pay-standalone-webhook.php:37

filterquery_varsincludes\class-auras-pay-standalone-webhook.php:69

Maintenance & Trust

AURAS Pay Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 19, 2026

PHP min version7.4

Downloads91

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

AURAS Pay Alternatives

AURAS Pay for WooCommerce

auras-pay-for-woocommerce

100

Accept cryptocurrency payments on your WooCommerce store. Support for SOL, USDC, BTC, and ETH via AURAS Pay.

0 No CVEs

NOWPayments for WooCommerce – Crypto Payment Gateway

nowpayments-for-woocommerce

100

Accept Bitcoin, Ethereum, and 300+ cryptocurrencies in WooCommerce using the official NOWPayments crypto payment gateway.

3K No CVEs

Cryptocurrency Payment Gateway

cryptocurrency-payment-gateway

100

Digital Currency Payment Gateway for WooCommerce. Easily accept Bitcoin, Bitcoin Cash, Litecoin, Dogecoin, and more in your store.

500 No CVEs

YumitPay Paga con criptomonedas

yumitpay

YumitPay facilita a comercios aceptar criptomonedas con WooCommerce, ofreciendo transacciones seguras sin volatilidad.

0 No CVEs

elegro Crypto Payment

elegro-payment

Increase your customers base by accepting cryptocurrencies.

20K No CVEs

Developer Profile

AURAS Pay Developer Profile

Auras Pay

2 plugins · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect AURAS Pay

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/auras-pay/includes/js/auras-pay-payment-form.js/wp-content/plugins/auras-pay/includes/js/auras-pay-checkout.js/wp-content/plugins/auras-pay/includes/css/auras-pay-checkout.css/wp-content/plugins/auras-pay/includes/css/auras-pay-payment-form.css/wp-content/plugins/auras-pay/includes/js/auras-pay-admin.js

Script Paths

/wp-content/plugins/auras-pay/includes/js/auras-pay-payment-form.js/wp-content/plugins/auras-pay/includes/js/auras-pay-checkout.js/wp-content/plugins/auras-pay/includes/js/auras-pay-admin.js

Version Parameters

auras-pay/includes/js/auras-pay-payment-form.js?ver=auras-pay/includes/js/auras-pay-checkout.js?ver=auras-pay/includes/css/auras-pay-checkout.css?ver=auras-pay/includes/css/auras-pay-payment-form.css?ver=auras-pay/includes/js/auras-pay-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

auras-pay-checkout-wrapperauras-pay-payment-form-containerauras-pay-checkout-stepauras-pay-qr-code-container

HTML Comments

AURAS Pay Shortcode: Payment FormAURAS Pay Shortcode: Checkout PageAURAS Pay Admin Script

Data Attributes

data-auras-pay-payment-iddata-auras-pay-checkout-urldata-auras-pay-networkdata-auras-pay-crypto-currencydata-auras-pay-amount

JS Globals

AurasPayCheckoutAurasPayPaymentForm

REST Endpoints

/wp-json/auras-pay-standalone/v1/payment_status/wp-json/auras-pay-standalone/v1/create_payment

Shortcode Output

[auras_pay_payment_form][auras_pay_checkout]

FAQ