AURPAY WooCommerce – Bitcoin/USDT Crypto Payment Gateway Security & Risk Analysis

wordpress.org/plugins/aurpay-for-woocommerce

Accept ETH, USDC, USDT, DAI, BTC & Lightning in WooCommerce. Non-custodial, low fees, no card chargebacks.

40 active installs v1.0.18 PHP 7.2+ WP 5.8+ Updated Oct 17, 2025
bitcoincryptocrypto-payusdtwoocommerce-crypto-gateway
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Safety Verdict

Is AURPAY WooCommerce – Bitcoin/USDT Crypto Payment Gateway Safe to Use in 2026?

Generally Safe

Score 100/100

AURPAY WooCommerce – Bitcoin/USDT Crypto Payment Gateway has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8mo ago
Risk Assessment

The static analysis of aurpay-for-woocommerce v1.0.18 indicates a generally strong security posture. The plugin boasts zero AJAX handlers, REST API routes, shortcodes, or cron events, resulting in a zero-total attack surface and no unprotected entry points. Furthermore, the code signals reveal no dangerous functions, all SQL queries are properly prepared, and the vast majority of outputs are escaped, mitigating common injection risks. The absence of file operations and a clean taint analysis report with no unsanitized paths further bolster this positive assessment. The vulnerability history is also notably clean, with zero known CVEs, suggesting a history of responsible development or effective security measures. However, the presence of external HTTP requests without explicit mention of their sanitization or security considerations is a minor concern, as is the complete lack of nonce and capability checks. While the limited attack surface currently mitigates the risk associated with these omissions, they represent potential future vulnerabilities if the plugin's functionality expands or integrates with less secure systems. Overall, the plugin is well-coded with good practices, but these specific areas warrant future attention for enhanced security.

Key Concerns

  • No nonce checks implemented
  • No capability checks implemented
  • External HTTP requests without clear sanitization
Vulnerabilities
None known

AURPAY WooCommerce – Bitcoin/USDT Crypto Payment Gateway Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

AURPAY WooCommerce – Bitcoin/USDT Crypto Payment Gateway Release Timeline

v1.0.18Current
v1.0.17
v1.0.16
v1.0.13
v1.0.10
v1.0.9
v1.0.8
v1.0.6
v1.0.5
v1.0.4
v1.0.3
v1.0.2
v1.0.1
v1.0
Code Analysis
Analyzed Apr 16, 2026

AURPAY WooCommerce – Bitcoin/USDT Crypto Payment Gateway Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
1
21 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
2
Bundled Libraries
0

Output Escaping

95% escaped22 total outputs
Attack Surface

AURPAY WooCommerce – Bitcoin/USDT Crypto Payment Gateway Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 10
actionplugins_loadedaurpay-for-woocommerce.php:43
filterplugin_row_metaaurpay-for-woocommerce.php:45
actionbefore_woocommerce_initaurpay-for-woocommerce.php:50
actionadmin_noticesaurpay-for-woocommerce.php:94
actionadmin_noticesincludes/class-apwc-init.php:46
actionadmin_noticesincludes/class-apwc-init.php:86
actionbefore_woocommerce_initincludes/class-gateway.php:18
actionwoocommerce_api_apwc_gatewayincludes/class-gateway.php:42
actionadmin_noticesincludes/class-gateway.php:126
filterwoocommerce_payment_gatewaysincludes/class-gateway.php:317
Maintenance & Trust

AURPAY WooCommerce – Bitcoin/USDT Crypto Payment Gateway Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedOct 17, 2025
PHP min version7.2
Downloads3K

Community Trust

Rating100/100
Number of ratings2
Active installs40
Developer Profile

AURPAY WooCommerce – Bitcoin/USDT Crypto Payment Gateway Developer Profile

aurtech01

3 plugins · 90 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect AURPAY WooCommerce – Bitcoin/USDT Crypto Payment Gateway

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/aurpay-for-woocommerce/assets/css/aurpay-usage-notice.css/wp-content/plugins/aurpay-for-woocommerce/assets/css/style.css/wp-content/plugins/aurpay-for-woocommerce/assets/js/aurpay-usage-notice.js
Version Parameters
aurpay-for-woocommerce/assets/css/style.css?ver=aurpay-for-woocommerce/assets/js/aurpay-usage-notice.js?ver=

HTML / DOM Fingerprints

CSS Classes
ap-connection-banneraurpay-usage-noticeap-connection-banner__container-top-textaurpay-usage-notice__dismissap-connection-banner__innerap-connection-banner__contentap-connection-banner__logoap-connection-banner__title+9 more
Data Attributes
id="ap-connect-button--alt"class="ap-banner-cta-button ap_step_1"class="ap-banner-cta-button ap_step_2"
FAQ

Frequently Asked Questions about AURPAY WooCommerce – Bitcoin/USDT Crypto Payment Gateway