Does BANKpay+ Instant Bank Payments for WooCommerce (EUR) have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is BANKpay+ Instant Bank Payments for WooCommerce (EUR) compatible with WordPress 6.9.4?

According to WordPress.org data, BANKpay+ Instant Bank Payments for WooCommerce (EUR) 1.7.18 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is BANKpay+ Instant Bank Payments for WooCommerce (EUR) compatible with PHP 8.0+?

BANKpay+ Instant Bank Payments for WooCommerce (EUR) requires PHP 8.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

What is BANKpay+ Instant Bank Payments for WooCommerce (EUR)'s security score?

BANKpay+ Instant Bank Payments for WooCommerce (EUR) has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

BANKpay+ Instant Bank Payments for WooCommerce (EUR) Security & Risk Analysis

wordpress.org/plugins/bankpay-open-banking-sepa-payments-for-woocommerce

Accept instant SEPA payments with 7-second settlement time via BANKpay+ directly into your bank account.

10 active installs v1.7.18 PHP 8.0+ WP 6.0+ Updated Apr 12, 2026

bank-transferinstant-paymentpayment-gatewaysepawoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is BANKpay+ Instant Bank Payments for WooCommerce (EUR) Safe to Use in 2026?

Generally Safe

Score 100/100

BANKpay+ Instant Bank Payments for WooCommerce (EUR) has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The "bankpay-open-banking-sepa-payments-for-woocommerce" plugin version 1.7.18 demonstrates a generally good security posture with a strong reliance on prepared statements for SQL queries and a high percentage of properly escaped output. The plugin also incorporates a good number of nonce and capability checks, indicating an awareness of common WordPress security practices. However, there are notable areas of concern that elevate the risk profile.

The static analysis reveals a significant attack surface with three out of five entry points, specifically REST API routes, lacking permission callbacks. This means these routes are potentially accessible and controllable by unauthenticated users, which is a critical security oversight. Furthermore, the taint analysis flagged two high-severity unsanitized paths, suggesting potential vulnerabilities where user-supplied data could be processed in an unsafe manner, leading to unintended consequences. The presence of the `ini_set` function, while not inherently a vulnerability, can be a tool used in exploit chains if not carefully managed and is often flagged in security analyses.

The plugin's vulnerability history is remarkably clean, with zero recorded CVEs. This is a positive indicator of the development team's efforts in maintaining a secure codebase over time. However, this lack of historical issues should not overshadow the identified weaknesses in the current version's static analysis. The combination of unprotected REST API endpoints and high-severity taint flows presents a tangible risk that requires immediate attention.

Key Concerns

REST API routes without permission callbacks
High severity unsanitized taint flows
Use of dangerous function: ini_set

Vulnerabilities

None known

BANKpay+ Instant Bank Payments for WooCommerce (EUR) Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

BANKpay+ Instant Bank Payments for WooCommerce (EUR) Release Timeline

v1.7.18Current

v1.7.17

v1.7.16

v1.7.15

v1.7.14

v1.7.13

v1.7.12

v1.7.11

v1.7.10

v1.7.9

v1.7.8

v1.7.7

v1.7.5

v1.7.4

v1.7.3

v1.7.2

v1.7.1

v1.7.0

v1.6.5

v1.6.1

Code Analysis

Analyzed Apr 16, 2026

BANKpay+ Instant Bank Payments for WooCommerce (EUR) Code Analysis

Dangerous Functions

Raw SQL Queries

26 prepared

Unescaped Output

373 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

ini_setini_set( 'display_errors', 1 );ROOT_CAUSE_DEBUG_TEST.php:21

SQL Query Safety

100% prepared26 total queries

Output Escaping

95% escaped394 total outputs

Data Flows · Security

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

render (includes/admin/class-bankpay-plus-analytics-page.php:38)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

3 unprotected

BANKpay+ Instant Bank Payments for WooCommerce (EUR) Attack Surface

Entry Points5

Unprotected3

AJAX Handlers 2

authwp_ajax_bankpay_plus_export_analyticsbankpay-plus-woocommerce.php:545

authwp_ajax_bankpay_plus_dismiss_setup_noticeincludes/admin/class-bankpay-plus-setup-wizard.php:52

REST API Routes 3

GET/wp-json/bankpay-plus/v1/validate-ibanbankpay-plus-woocommerce.php:441

GET/wp-json/bankpay/v1/payment-methodsincludes/class-bankpay-plus-gateway.php:456

GET/wp-json/mock-bankpay/v1/payment-methodsincludes/class-bankpay-plus-gateway.php:1368

WordPress Hooks 43

actionadmin_noticesbankpay-plus-woocommerce.php:42

actionwoocommerce_initbankpay-plus-woocommerce.php:74

actionrest_api_initbankpay-plus-woocommerce.php:80

actioninitbankpay-plus-woocommerce.php:83

actionplugins_loadedbankpay-plus-woocommerce.php:85

filterwoocommerce_payment_gatewaysbankpay-plus-woocommerce.php:112

actionwoocommerce_initbankpay-plus-woocommerce.php:115

filterwoocommerce_payment_gatewaysbankpay-plus-woocommerce.php:118

actioninitbankpay-plus-woocommerce.php:185

actionwp_enqueue_scriptsbankpay-plus-woocommerce.php:314

actionadmin_enqueue_scriptsbankpay-plus-woocommerce.php:355

actionbefore_woocommerce_initbankpay-plus-woocommerce.php:365

filtercron_schedulesbankpay-plus-woocommerce.php:377

actionbankpay_plus_process_webhook_queuebankpay-plus-woocommerce.php:418

actionbankpay_plus_cleanup_old_databankpay-plus-woocommerce.php:435

actionwoocommerce_order_refundedbankpay-plus-woocommerce.php:566

actionadmin_menuincludes/admin/class-bankpay-plus-admin.php:27

actionadmin_initincludes/admin/class-bankpay-plus-admin.php:28

actionadmin_enqueue_scriptsincludes/admin/class-bankpay-plus-admin.php:29

actionadd_meta_boxesincludes/admin/class-bankpay-plus-admin.php:30

actionwp_dashboard_setupincludes/admin/class-bankpay-plus-admin.php:31

actionadmin_initincludes/admin/class-bankpay-plus-admin.php:34

actionadmin_menuincludes/admin/class-bankpay-plus-admin.php:37

actionadmin_initincludes/admin/class-bankpay-plus-setup-wizard.php:43

actionadmin_enqueue_scriptsincludes/admin/class-bankpay-plus-setup-wizard.php:44

actionadmin_noticesincludes/admin/class-bankpay-plus-setup-wizard.php:48

actionadmin_initincludes/admin/class-bankpay-plus-setup-wizard.php:55

actionwoocommerce_api_wc_gateway_bankpay_plusincludes/class-bankpay-plus-gateway.php:108

actioninitincludes/class-bankpay-plus-gateway.php:112

actioninitincludes/class-bankpay-plus-gateway.php:115

actionadmin_noticesincludes/class-bankpay-plus-gateway.php:118

actionplugins_loadedincludes/class-bankpay-plus-gateway.php:121

actioninitincludes/class-bankpay-plus-gateway.php:122

actionwp_loadedincludes/class-bankpay-plus-gateway.php:123

actionwoocommerce_blocks_loadedincludes/class-bankpay-plus-gateway.php:366

filtercartflows_woo_gateway_enabledincludes/class-bankpay-plus-gateway.php:369

actionrest_api_initincludes/class-bankpay-plus-gateway.php:372

actionwoocommerce_blocks_payment_method_type_registrationincludes/class-bankpay-plus-gateway.php:407

actionwoocommerce_blocks_loadedincludes/class-bankpay-plus-gateway.php:1316

filtercartflows_woo_gateway_enabledincludes/class-bankpay-plus-gateway.php:1319

actionrest_api_initincludes/class-bankpay-plus-gateway.php:1322

actionwoocommerce_blocks_payment_method_type_registrationincludes/class-bankpay-plus-gateway.php:1333

actionadmin_inittemplates/privacy-policy.php:135

Scheduled Events 2

bankpay_plus_process_webhook_queue

bankpay_plus_cleanup_old_data

Maintenance & Trust

BANKpay+ Instant Bank Payments for WooCommerce (EUR) Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedApr 12, 2026

PHP min version8.0

Downloads3K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

BANKpay+ Instant Bank Payments for WooCommerce (EUR) Alternatives

Fr Multi Bank Transfer Payment Gateways for WooCommerce

fr-multi-bank-transfer-payment-gateways-for-woocommerce

100

Add multiple bank transfer payment gateways.

2K No CVEs

Advance Bank Payment Transfer Gateway

advance-bank-payment-transfer-gateway

100

Short Description: This plugin clones the Direct Bank Transfer gateway to create another offline payment method. License: GPLv2 or later

1K No CVEs

Direct Payments for WooCommerce – Bank Transfer, Mobile Money, Crypto and Peer-to-Peer (P2P) Payments

direct-payments-for-woocommerce

100

Direct Payments for WooCommerce allows your store to accept instant payments via bank transfers, mobile money, crypto and popular P2P platforms global …

800 No CVEs

Flywire for WooCommerce

flywire-payment-gateway

100

Enable Flywire payments option for WooCommerce

90 No CVEs

LapinoPay – Instant USDC Payment Gateway

lapinopay

100

Accept instant USD/EUR payments with USDC conversion. Support for credit cards, Apple Pay, Google Pay, and Revolut with instant payouts.

20 No CVEs

Developer Profile

BANKpay+ Instant Bank Payments for WooCommerce (EUR) Developer Profile

Swedbank Pay

2 plugins · 210 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect BANKpay+ Instant Bank Payments for WooCommerce (EUR)

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/bankpay-open-banking-sepa-payments-for-woocommerce/assets/css/bankpay-plus-checkout.css/wp-content/plugins/bankpay-open-banking-sepa-payments-for-woocommerce/assets/js/bankpay-plus-checkout.js/wp-content/plugins/bankpay-open-banking-sepa-payments-for-woocommerce/assets/js/bankpay-plus-admin.js/wp-content/plugins/bankpay-open-banking-sepa-payments-for-woocommerce/assets/css/bankpay-plus-admin.css

Script Paths

/wp-content/plugins/bankpay-open-banking-sepa-payments-for-woocommerce/assets/js/bankpay-plus-checkout.js/wp-content/plugins/bankpay-open-banking-sepa-payments-for-woocommerce/assets/js/bankpay-plus-admin.js

Version Parameters

/wp-content/plugins/bankpay-open-banking-sepa-payments-for-woocommerce/assets/css/bankpay-plus-checkout.css?ver=/wp-content/plugins/bankpay-open-banking-sepa-payments-for-woocommerce/assets/js/bankpay-plus-checkout.js?ver=/wp-content/plugins/bankpay-open-banking-sepa-payments-for-woocommerce/assets/js/bankpay-plus-admin.js?ver=/wp-content/plugins/bankpay-open-banking-sepa-payments-for-woocommerce/assets/css/bankpay-plus-admin.css?ver=

HTML / DOM Fingerprints

CSS Classes

bankpay-plus-checkoutbankpay-plus-checkout-formbankpay-plus-payment-method

Data Attributes

data-gateway-id="bankpay_plus"data-method-title="BANKpay+"

data-method-description="Accept instant SEPA payments via BANKpay+ Real-time bank transfers with 7-second settlement directly into your bank account. A secure and convenient payment method that boosts conversions and customer satisfaction."

JS Globals

BANKPAY_PLUS_CHECKOUT_PARAMS

REST Endpoints

/wp-json/bankpay-plus/v1/webhook/wp-json/bankpay-plus/v1/payment-status

FAQ