The "Best2Pay" plugin is a payment solution for WooCommerce websites:

10 active installs v3.3.34 PHP 8.1+ WP 4.7+ Updated Feb 20, 2026
%d0%bf%d0%bb%d0%b0%d1%82%d0%b5%d0%b6%d0%bd%d1%8b%d0%b5-%d1%81%d0%b8%d1%81%d1%82%d0%b5%d0%bc%d1%8bmethodpaymentswoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Safety Verdict

Is Best2Pay payment Safe to Use in 2026?

Generally Safe

Score 100/100

Best2Pay payment has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago
Risk Assessment

The 'best2pay-payment-method-visamastercard' plugin v3.3.34 presents a generally strong security posture based on the provided static analysis. The absence of any recorded vulnerabilities, critical or high severity taint flows, and the use of prepared statements for all SQL queries are positive indicators. The plugin also demonstrates good practices by implementing nonce and capability checks, and by properly escaping a high percentage of its output. However, the presence of two flows with unsanitized paths is a notable concern. While not classified as critical or high severity in this analysis, unsanitized paths can potentially lead to file inclusion vulnerabilities or path traversal issues if not handled with extreme care. Furthermore, the use of a bundled library like Guzzle, if outdated, could introduce vulnerabilities inherited from that library, though this is not explicitly stated in the provided data. Overall, the plugin appears to be well-developed from a security perspective, but the identified unsanitized paths warrant further investigation to ensure they are not exploitable.

Key Concerns

  • Flows with unsanitized paths detected
  • Bundled Guzzle library
Vulnerabilities
None known

Best2Pay payment Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Best2Pay payment Release Timeline

v3.3.34Current
v3.3.17
v3.2.14
v3.0.1
v3.0.0
v2.2.0
v2.1.5
Code Analysis
Analyzed Apr 16, 2026

Best2Pay payment Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
14
143 escaped
Nonce Checks
1
Capability Checks
1
File Operations
2
External Requests
0
Bundled Libraries
1

Bundled Libraries

Guzzle

Output Escaping

91% escaped157 total outputs
Data Flows · Security
2 unsanitized

Data Flow Analysis

3 flows2 with unsanitized paths
callback_notify (includes/class-wc-gateway-best2pay.php:616)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Best2Pay payment Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 10
actionplugins_loadedbest2pay-payment.php:33
filterwoocommerce_payment_gatewaysbest2pay-payment.php:36
actionwoocommerce_blocks_loadedbest2pay-payment.php:39
actionwoocommerce_blocks_payment_method_type_registrationbest2pay-payment.php:116
actionwoocommerce_api_best2pay_notifyincludes/class-wc-gateway-best2pay.php:125
actionwoocommerce_api_best2pay_complete_actionincludes/class-wc-gateway-best2pay.php:126
actionwoocommerce_api_best2pay_svkb_widgetincludes/class-wc-gateway-best2pay.php:127
actionwoocommerce_order_item_add_action_buttonsincludes/class-wc-gateway-best2pay.php:129
filterwoocommerce_generate_image_htmlincludes/class-wc-gateway-best2pay.php:130
actionwoocommerce_order_status_changedincludes/class-wc-gateway-best2pay.php:131
Maintenance & Trust

Best2Pay payment Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5
Last updatedFeb 20, 2026
PHP min version8.1
Downloads3K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Developer Profile

Best2Pay payment Developer Profile

best2pay

1 plugin · 10 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Best2Pay payment

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/best2pay-payment-method-visamastercard/assets/css/frontend.css/wp-content/plugins/best2pay-payment-method-visamastercard/assets/js/frontend.js/wp-content/plugins/best2pay-payment-method-visamastercard/assets/js/frontend.js?ver=1.0
Script Paths
/wp-content/plugins/best2pay-payment-method-visamastercard/assets/js/frontend.js
Version Parameters
best2pay-payment-method-visamastercard/assets/css/frontend.css?ver=best2pay-payment-method-visamastercard/assets/js/frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
wc-best2pay-payment-gateway-container
HTML Comments
<!-- Best2Pay Payment Gateway --><!-- BEGIN Best2Pay Payment Gateway --><!-- END Best2Pay Payment Gateway -->
Data Attributes
data-best2pay-order-iddata-best2pay-payment-url
JS Globals
Best2Paybest2pay_params
FAQ

Frequently Asked Questions about Best2Pay payment