Does Set WooCommerce Payment Gateway by URL have any unpatched vulnerabilities?

No. All known vulnerabilities in Set WooCommerce Payment Gateway by URL have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Set WooCommerce Payment Gateway by URL compatible with WordPress 6.0.11?

According to WordPress.org data, Set WooCommerce Payment Gateway by URL 1.2.1 has been tested up to WordPress 6.0.11. Check the plugin's changelog for the latest compatibility information.

Is Set WooCommerce Payment Gateway by URL compatible with PHP 7.4+?

Set WooCommerce Payment Gateway by URL requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Set WooCommerce Payment Gateway by URL updated?

Set WooCommerce Payment Gateway by URL was last updated on Unknown. Frequent updates are generally a positive security signal.

What is Set WooCommerce Payment Gateway by URL's security score?

Set WooCommerce Payment Gateway by URL has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Set WooCommerce Payment Gateway by URL Security & Risk Analysis

wordpress.org/plugins/bh-wc-set-gateway-by-url

Set the WooCommerce payment gateway in URLs sent to customers.

0 active installs v1.2.1 PHP 7.4+ WP 3.6.0+ Updated Unknown

payment-gatewayurlwoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Set WooCommerce Payment Gateway by URL Safe to Use in 2026?

Generally Safe

Score 100/100

Set WooCommerce Payment Gateway by URL has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The "bh-wc-set-gateway-by-url" plugin v1.2.1 exhibits a mixed security posture. It demonstrates good practices by utilizing prepared statements for all SQL queries and properly escaping all output. Furthermore, the absence of known CVEs and a history of past vulnerabilities suggests a generally well-maintained codebase. However, a significant concern arises from the presence of two AJAX handlers that lack authentication checks. This creates a direct attack vector for unauthenticated users to interact with potentially sensitive functionality, increasing the overall risk. While taint analysis did not reveal critical or high severity issues, the two flows with unsanitized paths warrant attention and suggest that the plugin's input handling could be more robust. The plugin's vulnerability history is a positive indicator, implying stability, but the identified unprotected entry points represent a tangible risk that should be addressed.

Key Concerns

AJAX handlers without auth checks
Flows with unsanitized paths

Vulnerabilities

None known

Set WooCommerce Payment Gateway by URL Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Set WooCommerce Payment Gateway by URL Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

37 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped37 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

4 flows2 with unsanitized paths

display_page (vendor-prefixed\brianhenryie\bh-wp-logger\src\Admin\class-logs-page.php:89)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

Set WooCommerce Payment Gateway by URL Attack Surface

Entry Points3

Unprotected2

AJAX Handlers 3

authwp_ajax_bh_wp_logger_logs_deletevendor-prefixed\brianhenryie\bh-wp-logger\src\WP_Includes\class-plugin-logger-actions.php:136

authwp_ajax_bh_wp_logger_logs_delete_allvendor-prefixed\brianhenryie\bh-wp-logger\src\WP_Includes\class-plugin-logger-actions.php:137

authwp_ajax_wptrt_dismiss_noticevendor-prefixed\wptrt\admin-notices\src\Dismiss.php:68

WordPress Hooks 39

actionplugins_loadedsrc\class-bh-wc-set-gateway-by-url.php:86

actionadmin_enqueue_scriptssrc\class-bh-wc-set-gateway-by-url.php:99

filterplugin_row_metasrc\class-bh-wc-set-gateway-by-url.php:112

actioninitsrc\class-bh-wc-set-gateway-by-url.php:124

actionwoocommerce_after_register_post_typesrc\class-bh-wc-set-gateway-by-url.php:128

filterwoocommerce_get_checkout_payment_urlsrc\class-bh-wc-set-gateway-by-url.php:131

filterwoocommerce_format_log_entryvendor-prefixed\brianhenryie\bh-wp-logger\src\class-logger.php:99

actionwoocommerce_loadedvendor-prefixed\brianhenryie\bh-wp-logger\src\WooCommerce\class-wc-psr-logger.php:68

actionwoocommerce_loadedvendor-prefixed\brianhenryie\bh-wp-logger\src\WooCommerce\class-wc-psr-logger.php:97

filterdeprecated_function_trigger_errorvendor-prefixed\brianhenryie\bh-wp-logger\src\WP_Includes\class-functions.php:126

filterdeprecated_argument_trigger_errorvendor-prefixed\brianhenryie\bh-wp-logger\src\WP_Includes\class-functions.php:185

filterdoing_it_wrong_trigger_errorvendor-prefixed\brianhenryie\bh-wp-logger\src\WP_Includes\class-functions.php:247

filterdeprecated_hook_trigger_errorvendor-prefixed\brianhenryie\bh-wp-logger\src\WP_Includes\class-functions.php:316

actionplugins_loadedvendor-prefixed\brianhenryie\bh-wp-logger\src\WP_Includes\class-plugin-logger-actions.php:84

actionplugins_loadedvendor-prefixed\brianhenryie\bh-wp-logger\src\WP_Includes\class-plugin-logger-actions.php:87

actiondeprecated_function_runvendor-prefixed\brianhenryie\bh-wp-logger\src\WP_Includes\class-plugin-logger-actions.php:97

actiondeprecated_argument_runvendor-prefixed\brianhenryie\bh-wp-logger\src\WP_Includes\class-plugin-logger-actions.php:98

actiondoing_it_wrong_runvendor-prefixed\brianhenryie\bh-wp-logger\src\WP_Includes\class-plugin-logger-actions.php:99

actiondeprecated_hook_runvendor-prefixed\brianhenryie\bh-wp-logger\src\WP_Includes\class-plugin-logger-actions.php:100

actionadmin_initvendor-prefixed\brianhenryie\bh-wp-logger\src\WP_Includes\class-plugin-logger-actions.php:110

actionadmin_noticesvendor-prefixed\brianhenryie\bh-wp-logger\src\WP_Includes\class-plugin-logger-actions.php:112

actionadmin_initvendor-prefixed\brianhenryie\bh-wp-logger\src\WP_Includes\class-plugin-logger-actions.php:114

actionadmin_menuvendor-prefixed\brianhenryie\bh-wp-logger\src\WP_Includes\class-plugin-logger-actions.php:124

actionadmin_enqueue_scriptsvendor-prefixed\brianhenryie\bh-wp-logger\src\WP_Includes\class-plugin-logger-actions.php:125

actionadmin_enqueue_scriptsvendor-prefixed\brianhenryie\bh-wp-logger\src\WP_Includes\class-plugin-logger-actions.php:126

actioninitvendor-prefixed\brianhenryie\bh-wp-logger\src\WP_Includes\class-plugin-logger-actions.php:158

actioninitvendor-prefixed\brianhenryie\bh-wp-logger\src\WP_Includes\class-plugin-logger-actions.php:181

filterupload_dirvendor-prefixed\brianhenryie\bh-wp-private-uploads\src\API\class-api.php:138

actioninitvendor-prefixed\brianhenryie\bh-wp-private-uploads\src\WP_Includes\class-bh-wp-private-uploads.php:75

actioninitvendor-prefixed\brianhenryie\bh-wp-private-uploads\src\WP_Includes\class-bh-wp-private-uploads.php:87

actionadmin_initvendor-prefixed\brianhenryie\bh-wp-private-uploads\src\WP_Includes\class-bh-wp-private-uploads.php:100

actionadmin_noticesvendor-prefixed\brianhenryie\bh-wp-private-uploads\src\WP_Includes\class-bh-wp-private-uploads.php:102

actionadmin_initvendor-prefixed\brianhenryie\bh-wp-private-uploads\src\WP_Includes\class-bh-wp-private-uploads.php:104

actioninitvendor-prefixed\brianhenryie\bh-wp-private-uploads\src\WP_Includes\class-bh-wp-private-uploads.php:116

actioninitvendor-prefixed\brianhenryie\bh-wp-private-uploads\src\WP_Includes\class-bh-wp-private-uploads.php:126

actioninitvendor-prefixed\brianhenryie\bh-wp-private-uploads\src\WP_Includes\class-bh-wp-private-uploads.php:170

filterupload_dirvendor-prefixed\brianhenryie\bh-wp-private-uploads\src\WP_Includes\class-rest-private-uploads-controller.php:121

actionadmin_noticesvendor-prefixed\wptrt\admin-notices\src\Notices.php:47

actionadmin_initvendor-prefixed\wptrt\admin-notices\src\Notices.php:50

Maintenance & Trust

Set WooCommerce Payment Gateway by URL Maintenance & Trust

Maintenance Signals

WordPress version tested6.0.11

Last updatedUnknown

PHP min version7.4

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Set WooCommerce Payment Gateway by URL Alternatives

Razorpay for WooCommerce

woo-razorpay

Start accepting payments in minutes with 100% digital onboarding & feature filled Razorpay payment gateway with the WooCommerce plugin.

100K 3 CVEs

Featured Image from URL (FIFU)

featured-image-from-url

Use remote media as the featured image and beyond.

70K 13 CVEs

Premmerce Permalink Manager for WooCommerce

woo-permalink-manager

Premmerce Permalink Manager for WooCommerce allows you to change WooCommerce permalink and remove product and product_category slugs from the URL.

50K 1 CVE

Paystack WooCommerce Payment Gateway

woo-paystack

100

Paystack for WooCommerce allows your WooCommerce store to accept secure payments from multiple local and global payment channels.

30K No CVEs

Montonio for WooCommerce

montonio-for-woocommerce

100

Montonio is a complete checkout solution for online stores that includes all popular payment methods (local banks, card payments, Apple Pay, Google Pa …

10K No CVEs

Developer Profile

Set WooCommerce Payment Gateway by URL Developer Profile

Brian Henry

2 plugins · 90 total installs

trust score

Avg Security Score

96/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Set WooCommerce Payment Gateway by URL

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/bh-wc-set-gateway-by-url/assets/bh-wc-set-gateway-by-url-admin.css

Version Parameters

bh-wc-set-gateway-by-url-admin.css?ver=

HTML / DOM Fingerprints

CSS Classes

logs-page

Data Attributes

data-date

FAQ