WP-Safety

BlueSnap All-in-One Platform Security & Risk Analysis

wordpress.org/plugins/bluesnap-payments

You can accept credit and debit cards with BlueSnap from your WordPress site without the need for an additional shopping cart plugin.

10 active installs v1.1.0 PHP 5.6+ WP 4.6+ Updated Oct 31, 2022
modal-formspayment
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is BlueSnap All-in-One Platform Safe to Use in 2026?

Generally Safe

Score 85/100

BlueSnap All-in-One Platform has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago
Risk Assessment

The bluesnap-payments plugin v1.1.0 exhibits several security concerns despite a clean vulnerability history and good practices in SQL query handling. The most significant risk lies in its attack surface, with 3 out of 6 entry points lacking authentication checks. This means unauthorized users could potentially interact with these unprotected AJAX handlers, leading to unintended actions or information disclosure if not properly secured within the handler's logic. The code also shows a moderate rate of unescaped output, with 35% of outputs not being properly escaped. While the taint analysis shows no identified flows, this is based on zero flows being analyzed, which is a limitation in itself. The absence of known CVEs is a positive indicator, suggesting a potentially stable codebase in terms of historical vulnerabilities. However, the presence of unprotected AJAX handlers is a clear area for immediate concern that requires further investigation to determine the exact impact.

Key Concerns

  • AJAX handlers without auth checks
  • Unescaped output rate is concerning
  • Taint analysis did not run on any flows
Vulnerabilities
None known

BlueSnap All-in-One Platform Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

BlueSnap All-in-One Platform Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
15
28 escaped
Nonce Checks
2
Capability Checks
1
File Operations
5
External Requests
2
Bundled Libraries
0

Output Escaping

65% escaped43 total outputs
Attack Surface
3 unprotected

BlueSnap All-in-One Platform Attack Surface

Entry Points6
Unprotected3

AJAX Handlers 5

authwp_ajax_delete_logsincludes\pluginSettings.php:239
authwp_ajax_bls_form_actionincludes\shortcodes.php:297
noprivwp_ajax_bls_form_actionincludes\shortcodes.php:298
authwp_ajax_bls_get_statesincludes\shortcodes.php:442
noprivwp_ajax_bls_get_statesincludes\shortcodes.php:443

Shortcodes 1

[bluesnapForm] includes\shortcodes.php:295
WordPress Hooks 5
actionadd_meta_boxesincludes\class.blf-admin.php:684
actionadmin_print_footer_scriptsincludes\class.blf-admin.php:686
actionadmin_menuincludes\pluginSettings.php:3
actionadmin_initincludes\pluginSettings.php:29
actioninitincludes\postTypes.php:32
Maintenance & Trust

BlueSnap All-in-One Platform Maintenance & Trust

Maintenance Signals

WordPress version tested6.1.10
Last updatedOct 31, 2022
PHP min version5.6
Downloads3K

Community Trust

Rating20/100
Number of ratings1
Active installs10
Alternatives

BlueSnap All-in-One Platform Alternatives

WooPayments: Integrated WooCommerce Payments

WooPayments: Integrated WooCommerce Payments

woocommerce-payments

A
89

Securely accept credit and debit cards on your WooCommerce store. Manage payments without leaving your WordPress dashboard. Only with WooPayments.

900K 7 CVEs
WooCommerce PayPal Payments

WooCommerce PayPal Payments

woocommerce-paypal-payments

A
100

PayPal's latest payment processing solution. Accept PayPal, Pay Later, credit/debit cards, alternative digital wallets and bank accounts.

800K 1 CVE
WooCommerce Stripe Payment Gateway

WooCommerce Stripe Payment Gateway

woocommerce-gateway-stripe

A
98

Accept debit and credit cards in 135+ currencies, many local methods like Alipay, ACH, and SEPA, and express checkout with Apple Pay and Google Pay.

700K 4 CVEs
Forminator Forms – Contact Form, Payment Form & Custom Form Builder

Forminator Forms – Contact Form, Payment Form & Custom Form Builder

forminator

B
76

Best WordPress form builder plugin. Create contact forms, payment forms & order forms with 1000+ integrations.

600K 36 CVEs
WooCommerce Tax (formerly WooCommerce Shipping & Tax)

WooCommerce Tax (formerly WooCommerce Shipping & Tax)

woocommerce-services

A
100

We’re here to help with tax rates: collect accurate sales tax, automatically.

600K 1 CVE
Developer Profile

BlueSnap All-in-One Platform Developer Profile

Scott Ring

2 plugins · 110 total installs

88
trust score
Avg Security Score
91/100
Avg Patch Time
21 days
View full developer profile
Detection Fingerprints

How We Detect BlueSnap All-in-One Platform

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/bluesnap-payments/assets/css/bs-forms.css/wp-content/plugins/bluesnap-payments/assets/js/bs-forms.js
Script Paths
/wp-content/plugins/bluesnap-payments/assets/js/bs-forms.js
Version Parameters
bluesnap-payments/assets/css/bs-forms.css?ver=bluesnap-payments/assets/js/bs-forms.js?ver=

HTML / DOM Fingerprints

CSS Classes
bls-checkout-formpopup-pay
HTML Comments
<!-- If this file is called directly, abort. --><!-- form must have amount -->
Data Attributes
data-targetid="bls-checkout-form"data-toggle
JS Globals
window.jQuery
Shortcode Output
<button class="btn btn-info btn-lg" type="button" id="getBlsForm" data-toggle="modal"<div id="blsModal-
FAQ

Frequently Asked Questions about BlueSnap All-in-One Platform