Does Worldline Online Checkout have any unpatched vulnerabilities?

No. All known vulnerabilities in Worldline Online Checkout have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Worldline Online Checkout compatible with WordPress 6.9.4?

According to WordPress.org data, Worldline Online Checkout 8.0.7 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Worldline Online Checkout compatible with PHP 7.4+?

Worldline Online Checkout requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Worldline Online Checkout updated?

Worldline Online Checkout was last updated on Feb 3, 2026. Frequent updates are generally a positive security signal.

What is Worldline Online Checkout's security score?

Worldline Online Checkout has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Worldline Online Checkout Security & Risk Analysis

wordpress.org/plugins/bambora-online-checkout

Integrates Worldline Online Checkout payment gateway into your WooCommerce installation.

1K active installs v8.0.7 PHP 7.4+ WP 6.6+ Updated Feb 3, 2026

gatewaypaymentpayment-gatewaywoo-commercewoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Worldline Online Checkout Safe to Use in 2026?

Generally Safe

Score 100/100

Worldline Online Checkout has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The 'bambora-online-checkout' plugin version 8.0.7 exhibits a generally good security posture due to the absence of known vulnerabilities and the use of prepared statements for all SQL queries. The code signals also indicate strong adherence to output escaping best practices, with 95% of outputs properly escaped. Furthermore, the plugin doesn't engage in file operations or external HTTP requests, minimizing potential attack vectors. The presence of a nonce check is also a positive security indicator.

However, a significant concern arises from the static analysis, which reveals a single REST API route that lacks proper permission callbacks. This unprotected entry point represents a potential vulnerability that could be exploited by unauthenticated users to interact with the plugin's functionality in unintended ways. While taint analysis did not reveal any unsanitized paths, the unprotected REST API route could potentially be a conduit for malicious input if not handled carefully within the API endpoint's logic.

Given the clean vulnerability history, it suggests a history of responsible development and maintenance. The overall security is strong, but the unprotected REST API route is a critical area that requires immediate attention to ensure the plugin's robust security. Addressing this specific weakness will significantly bolster the plugin's overall security.

Key Concerns

REST API route without permission callbacks

Vulnerabilities

None known

Worldline Online Checkout Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Worldline Online Checkout Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

101 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

95% escaped106 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

init_bambora_online_checkout (bambora-online-checkout.php:30)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

Worldline Online Checkout Attack Surface

Entry Points1

Unprotected1

REST API Routes 1

POST/wp-json/bambora/v1paymenttypesbambora-online-checkout.php:351

WordPress Hooks 20

actionplugins_loadedbambora-online-checkout.php:22

filterwoocommerce_payment_gatewaysbambora-online-checkout.php:253

filterallowed_redirect_hostsbambora-online-checkout.php:262

actionwp_enqueue_scriptsbambora-online-checkout.php:297

actioninitbambora-online-checkout.php:305

actionbefore_woocommerce_initbambora-online-checkout.php:316

actionbefore_woocommerce_initbambora-online-checkout.php:330

actionwoocommerce_blocks_loadedbambora-online-checkout.php:339

actionrest_api_initbambora-online-checkout.php:348

actionwoocommerce_order_status_completedbambora-online-checkout.php:368

actionadd_meta_boxesbambora-online-checkout.php:380

actionwp_before_admin_bar_renderbambora-online-checkout.php:394

actionwp_before_admin_bar_renderbambora-online-checkout.php:401

actionadmin_noticesbambora-online-checkout.php:408

actionadmin_enqueue_scriptsbambora-online-checkout.php:415

actionmanage_shop_order_posts_custom_columnbambora-online-checkout.php:422

actionmanage_woocommerce_page_wc-orders_custom_columnbambora-online-checkout.php:431

filtermanage_edit-shop_order_columnsbambora-online-checkout.php:443

filtermanage_woocommerce_page_wc-orders_columnsbambora-online-checkout.php:453

actionwoocommerce_blocks_payment_method_type_registrationbambora-online-checkout.php:2626

Maintenance & Trust

Worldline Online Checkout Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 3, 2026

PHP min version7.4

Downloads55K

Community Trust

Rating100/100

Number of ratings1

Active installs1K

Alternatives

Worldline Online Checkout Alternatives

Conditional Payment Gateways for WooCommerce

conditional-payment-gateways-for-woocommerce

100

Manage payment gateways in WooCommerce. Beautifully.

200 No CVEs

ccAvenue gateway for WooCommerce

ccavenue-gateway-for-woocommerce

Integrates CCAvenue Payment Gateway with WooCommerce.

100 No CVEs

Webmoney – payment gateway for WooCommerce

wc-webmoney

Allows you to use the Webmoney with WooCommerce as a payment gateway plugin.

100 No CVEs

Bambora APAC Online Plug-in for WooCommerce.

bambora-apac-online-plug-in-for-woocommerce

Welcome to the Bambora APAC Online Plugin for WooCommerce.

20 No CVEs

Hatton National Bank Payment Gateway for WooCommerce

woo-hnb

100

Hatton National Bank Payment Gateway for WooCommerce plugin is a free and open source plugin to integrate Hatton National Bank Internet Payment Gatewa …

10 No CVEs

Developer Profile

Worldline Online Checkout Developer Profile

Worldline Checkout Nordics

2 plugins · 1K total installs

trust score

Avg Security Score

93/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Worldline Online Checkout

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/bambora-online-checkout/worldline-logo-checkout.svg/wp-content/plugins/bambora-online-checkout/worldline-logo.svg

HTML / DOM Fingerprints

CSS Classes

bambora-online-checkout

Data Attributes

data-bambora-settings

JS Globals

Bambora_Online_Checkout_Script

FAQ