Does bKash & Mobile Payment – Fast Checkout, Partial Payment & Buy Now Button have any unpatched vulnerabilities?

No. All known vulnerabilities in bKash & Mobile Payment – Fast Checkout, Partial Payment & Buy Now Button have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is bKash & Mobile Payment – Fast Checkout, Partial Payment & Buy Now Button compatible with WordPress 6.9.4?

According to WordPress.org data, bKash & Mobile Payment – Fast Checkout, Partial Payment & Buy Now Button 1.2 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

bKash & Mobile Payment – Fast Checkout, Partial Payment & Buy Now Button Security & Risk Analysis

wordpress.org/plugins/bangla-press

bKash, Nagad, Rocket, and Upay payments for WooCommerce with partial payments,Buy Now Button, and complete control over checkout options.

300 active installs v1.2 PHP + WP 5.0+ Updated Feb 20, 2026

bangladeshbkashbuy-nownagadpartial-payment

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is bKash & Mobile Payment – Fast Checkout, Partial Payment & Buy Now Button Safe to Use in 2026?

Generally Safe

Score 100/100

bKash & Mobile Payment – Fast Checkout, Partial Payment & Buy Now Button has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The Bangla Press plugin v1.2 exhibits a mixed security posture. On the positive side, it demonstrates strong practices in avoiding dangerous functions, executing all SQL queries using prepared statements, and performing a high percentage of output escaping. It also has no recorded vulnerabilities in its history, suggesting a general awareness of security or a lack of past exploitation. However, significant concerns arise from its attack surface. Two AJAX handlers are present without authentication checks, representing a direct pathway for potential unauthorized actions. The taint analysis also indicates one flow with an unsanitized path, which could lead to exploitable vulnerabilities if not handled carefully, though it's not categorized as critical or high severity.

While the absence of known CVEs is a positive sign, the presence of unprotected entry points in the code analysis, specifically the AJAX handlers, remains a notable weakness. The taint flow with an unsanitized path, even if not critical, warrants attention as it suggests a potential for input validation issues. The plugin's strengths lie in its secure database interactions and output handling, but the critical need for robust authentication and input sanitization on its AJAX endpoints cannot be overlooked.

Key Concerns

Unprotected AJAX handlers
Taint flow with unsanitized path

Vulnerabilities

None known

bKash & Mobile Payment – Fast Checkout, Partial Payment & Buy Now Button Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

bKash & Mobile Payment – Fast Checkout, Partial Payment & Buy Now Button Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

197 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

80% escaped245 total outputs

Data Flows

1 unsanitized

Data Flow Analysis

1 flows1 with unsanitized paths

<class-wc-gateway-mobile-banking> (class-wc-gateway-mobile-banking.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

bKash & Mobile Payment – Fast Checkout, Partial Payment & Buy Now Button Attack Surface

Entry Points3

Unprotected2

AJAX Handlers 2

authwp_ajax_process_bkash_paymentbp-bkash-for-wc.php:39

noprivwp_ajax_process_bkash_paymentbp-bkash-for-wc.php:40

Shortcodes 1

[bkash_payment_button] bp-bkash-for-wc.php:36

WordPress Hooks 17

actionplugins_loadedbp-bkash-for-wc.php:24

actionadmin_enqueue_scriptsbp-bkash-for-wc.php:31

actionwp_footerbp-bkash-for-wc.php:37

actionwp_enqueue_scriptsbp-bkash-for-wc.php:38

actionwoocommerce_admin_order_data_after_billing_addressbp-bkash-for-wc.php:41

actionwoocommerce_checkout_update_order_metabp-bkash-for-wc.php:42

actionwoocommerce_initbp-bkash-for-wc.php:518

actionwoocommerce_after_add_to_cart_buttonbp-bkash-for-wc.php:524

actionwoocommerce_thankyoubp-bkash-for-wc.php:539

actionadmin_initbp-bkash-settings.php:12

actionadmin_initbp-bkash-settings.php:13

actionadmin_noticesbp-bkash-settings.php:31

actionadmin_menubp-bkash-settings.php:434

actionwoocommerce_admin_order_data_after_order_detailsclass-wc-gateway-mobile-banking.php:454

actionwoocommerce_thankyouclass-wc-gateway-mobile-banking.php:493

actionwoocommerce_email_order_detailsclass-wc-gateway-mobile-banking.php:509

filterwoocommerce_payment_gatewaysclass-wc-gateway-mobile-banking.php:528

Maintenance & Trust

bKash & Mobile Payment – Fast Checkout, Partial Payment & Buy Now Button Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 20, 2026

PHP min version

Downloads10K

Community Trust

Rating80/100

Number of ratings4

Active installs300

Alternatives

bKash & Mobile Payment – Fast Checkout, Partial Payment & Buy Now Button Alternatives

Flying Pay

flying-pay-gateway

100

A seamless and secure payment gateway integration for WooCommerce featuring Mobile Banking, 4 Major Banks, and Crypto support with an interactive UI.

30 No CVEs

Deshi Pay bKash, Rocket, Nagad

deshi-pay

100

A professional and modern manual payment gateway for WooCommerce supporting bKash, Nagad, and Rocket with a sleek UI and easy copy features.

10 No CVEs

SoftTech-IT bKash, Rocket, Nagad

bkash

Easy to use bKash , Rocket and Nagad Payment Gateway for Woocommerce

7K No CVEs

Bangladeshi Payments Mobile – QR Code & Transaction Reports

bangladeshi-payments-mobile

100

Accept Mobile Payments in Bangladesh – WooCommerce Gateway for bKash, Nagad, Rocket & Upay with QR Code & Transaction Reports.

1K No CVEs

UddoktaPay

uddoktapay-gateway

100

UddoktaPay Plugin for WooCommerce.

1K No CVEs

Developer Profile

bKash & Mobile Payment – Fast Checkout, Partial Payment & Buy Now Button Developer Profile

Anowar Hossain Rana

9 plugins · 550 total installs

trust score

Avg Security Score

97/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect bKash & Mobile Payment – Fast Checkout, Partial Payment & Buy Now Button

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/bangla-press/assets/bkash-admin-style.css/wp-content/plugins/bangla-press/assets/js/admin-scripts.js/wp-content/plugins/bangla-press/assets/bkash-style.css/wp-content/plugins/bangla-press/assets/mobile-banking.css

Script Paths

/wp-content/plugins/bangla-press/assets/js/admin-scripts.js

Version Parameters

bangla-press/assets/bkash-style.css?ver=bangla-press/assets/js/admin-scripts.js?ver=

HTML / DOM Fingerprints

CSS Classes

bkash-payment-buttonbkash-modalbkash-modal-contentclose-modalbkash-error-messagebkash-success-messagebkash-processing-message

Data Attributes

data-product-iddata-product-pricedata-min-attributesdata-bkash-iddata-bkash-amountdata-bkash-product-id

JS Globals

bkash_payment_globalbkash_noncebkash_ajax_url

REST Endpoints

/wp-json/bangla-press/v1/process-payment

Shortcode Output

<div class="error">Please set a product ID!</div><button class="bkash-payment-button"

FAQ