Does BitPay QuickPay have any unpatched vulnerabilities?

No. All known vulnerabilities in BitPay QuickPay have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is BitPay QuickPay compatible with WordPress 5.0.25?

According to WordPress.org data, BitPay QuickPay 1.1.1910 has been tested up to WordPress 5.0.25. Check the plugin's changelog for the latest compatibility information.

Is BitPay QuickPay compatible with PHP 5.5+?

BitPay QuickPay requires PHP 5.5 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is BitPay QuickPay updated?

BitPay QuickPay was last updated on Oct 14, 2019. Frequent updates are generally a positive security signal.

What is BitPay QuickPay's security score?

BitPay QuickPay has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

BitPay QuickPay Security & Risk Analysis

wordpress.org/plugins/bitpay-quickpay

The most secure and fastest way to accept crypto payments (Bitcoin, Bitcoin Cash, etc).

10 active installs v1.1.1910 PHP 5.5+ WP 4.9+ Updated Oct 14, 2019

bitcoinbitcoin-cashbitpaycryptocurrencypayments

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is BitPay QuickPay Safe to Use in 2026?

Generally Safe

Score 85/100

BitPay QuickPay has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago

Risk Assessment

The bitpay-quickpay plugin version 1.1.1910 exhibits a mixed security posture. On the positive side, it demonstrates good practices by avoiding dangerous functions, using prepared statements for all SQL queries, and having no known vulnerability history. This suggests a generally well-developed and maintained plugin from a security perspective. However, several significant concerns arise from the static analysis. The presence of a REST API route without a permission callback represents a critical unauthenticated entry point, allowing unauthorized access to plugin functionality. Furthermore, the complete lack of output escaping on all eight identified outputs is a severe weakness, opening the door to Cross-Site Scripting (XSS) vulnerabilities. The absence of nonce checks and capability checks on entry points further exacerbates these risks, as they are fundamental security mechanisms to prevent common web attacks. The plugin also makes external HTTP requests, which, while not inherently a vulnerability, can become one if not handled securely, especially in conjunction with unescaped output.

Key Concerns

REST API route without permission callback
No output escaping
No nonce checks
No capability checks

Vulnerabilities

None known

BitPay QuickPay Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

BitPay QuickPay Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped8 total outputs

Attack Surface

1 unprotected

BitPay QuickPay Attack Surface

Entry Points2

Unprotected1

REST API Routes 1

POSTGET/wp-json/bitpayquickpay/payindex.php:239

Shortcodes 1

[bitpayquickpay] index.php:167

WordPress Hooks 8

actionadmin_menuindex.php:11

actionwp_enqueue_scriptsindex.php:12

actionadmin_enqueue_scriptsindex.php:13

actioninitindex.php:28

actionwp_enqueue_scriptsindex.php:33

actionadmin_noticesindex.php:39

actionadmin_initindex.php:154

actionrest_api_initindex.php:238

Maintenance & Trust

BitPay QuickPay Maintenance & Trust

Maintenance Signals

WordPress version tested5.0.25

Last updatedOct 14, 2019

PHP min version5.5

Downloads7K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

BitPay QuickPay Alternatives

BitPay Checkout for Easy Digital Downloads

bitpay-checkout-for-easy-digital-downloads

100

The most secure and fastest way to accept crypto payments (Bitcoin, Bitcoin Cash, etc).

10 No CVEs

elegro Crypto Payment

elegro-payment

Increase your customers base by accepting cryptocurrencies.

20K No CVEs

Cryptocurrency Payment Gateway

cryptocurrency-payment-gateway

100

Digital Currency Payment Gateway for WooCommerce. Easily accept Bitcoin, Bitcoin Cash, Litecoin, Dogecoin, and more in your store.

500 No CVEs

iswipe payment gateway

iswipe-payment-gateway

iSwipe is a cryptocurrency payment gateway with an instant and automatic conversion of a wide range of cryptocurrencies into Euro/USD.

0 No CVEs

NOWPayments for WooCommerce – Crypto Payment Gateway

nowpayments-for-woocommerce

100

Accept Bitcoin, Ethereum, and 300+ cryptocurrencies in WooCommerce using the official NOWPayments crypto payment gateway.

3K No CVEs

Developer Profile

BitPay QuickPay Developer Profile

bitpayir

4 plugins · 720 total installs

trust score

Avg Security Score

93/100

Avg Patch Time

140 days

View full developer profile

Detection Fingerprints

How We Detect BitPay QuickPay

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

FAQ