Does Bold pagos en linea have any unpatched vulnerabilities?

No. All known vulnerabilities in Bold pagos en linea have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Bold pagos en linea compatible with WordPress 6.9.4?

According to WordPress.org data, Bold pagos en linea 3.3.2 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Bold pagos en linea compatible with PHP 7.4+?

Bold pagos en linea requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Bold pagos en linea updated?

Bold pagos en linea was last updated on Mar 12, 2026. Frequent updates are generally a positive security signal.

What is Bold pagos en linea's security score?

Bold pagos en linea has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Bold pagos en linea Security & Risk Analysis

wordpress.org/plugins/bold-pagos-en-linea

Recibe pagos en tu tienda de forma segura con diferentes métodos de pago confiables.

4K active installs v3.3.2 PHP 7.4+ WP 5.5.2+ Updated Mar 12, 2026

boldecommercepayment-gatewaypayment-methodwoocommerce

A · Safe

CVEs total1

Unpatched0

Last CVEJan 13, 2025

Plugin page Download

Safety Verdict

Is Bold pagos en linea Safe to Use in 2026?

Generally Safe

Score 99/100

Bold pagos en linea has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Jan 13, 2025Updated 21d ago

Risk Assessment

The "bold-pagos-en-linea" plugin v3.3.2 exhibits a mixed security posture. On the positive side, the static analysis reveals a small attack surface with no identified AJAX handlers or REST API routes lacking proper authorization. All SQL queries are correctly prepared, and the majority of output is properly escaped, indicating good coding practices in these areas. The presence of nonce checks and file operations, while noted, doesn't immediately point to a weakness without further context.

However, there are areas for concern. The absence of capability checks on any entry points (shortcodes, AJAX, REST API) is a significant weakness. While the static analysis shows zero unprotected entry points, this could be misleading if capability checks are not implemented effectively within the shortcode handler or other potential interaction points. The vulnerability history shows a past medium severity Cross-site Scripting (XSS) vulnerability, which, although patched, highlights a potential recurring risk if input sanitization and output escaping were not consistently applied across all functionalities.

In conclusion, while the plugin demonstrates strengths in SQL handling and output escaping, the lack of explicit capability checks on its entry points and the past XSS vulnerability warrant caution. The overall security is moderately good but could be significantly improved by ensuring robust authorization checks for all user-facing functionalities.

Key Concerns

Capability checks missing on entry points
Past medium severity XSS vulnerability
Moderate output escaping (76%)

Vulnerabilities

Bold pagos en linea Security Vulnerabilities

CVEs by Year

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-22793medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Bold pagos en linea <= 3.1.4 - Reflected Cross-Site Scripting

Jan 13, 2025 Patched in 3.1.5 (18d)

Code Analysis

Analyzed Mar 16, 2026

Bold pagos en linea Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

221 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

76% escaped292 total outputs

Attack Surface

Bold pagos en linea Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[bold-button] include\Components\BoldShortcode.php:19

WordPress Hooks 25

actionadmin_noticesbold-co.php:28

filterplugin_row_metabold-co.php:95

filterblock_categories_allbold-co.php:98

actionplugins_loadedbold-co.php:137

actioninitbold-co.php:139

actioninitbold-co.php:140

actioninitbold-co.php:152

actioninitbold-co.php:157

actionelementor/frontend/after_enqueue_stylesbold-co.php:158

actionelementor/preview/enqueue_stylesbold-co.php:159

actionelementor/editor/before_enqueue_scriptsbold-co.php:160

actionelementor/widgets/registerbold-co.php:177

actionadmin_menuinclude\BoldMenuAdmin.php:17

actionadmin_noticesinclude\BoldMenuAdmin.php:18

actionwoocommerce_thankyou_order_received_textinclude\BoldPaymentGatewayWoo.php:37

actionwoocommerce_before_thankyouinclude\BoldPaymentGatewayWoo.php:38

actionwoocommerce_settings_save_checkoutinclude\BoldPaymentGatewayWoo.php:40

actionwoocommerce_no_available_payment_methods_messageinclude\BoldPaymentGatewayWoo.php:526

actionadmin_enqueue_scriptsinclude\BoldWoo.php:49

actionwp_enqueue_scriptsinclude\BoldWoo.php:50

actionbefore_woocommerce_initinclude\BoldWoo.php:53

actionwoocommerce_payment_gatewaysinclude\BoldWoo.php:54

actionwoocommerce_blocks_loadedinclude\BoldWoo.php:55

actionwoocommerce_blocks_payment_method_type_registrationinclude\BoldWoo.php:66

actioninitinclude\Components\BoldButtonBlock.php:14

Maintenance & Trust

Bold pagos en linea Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 12, 2026

PHP min version7.4

Downloads33K

Community Trust

Rating100/100

Number of ratings3

Active installs4K

Alternatives

Bold pagos en linea Alternatives

SumUp Payment Gateway For WooCommerce

sumup-payment-gateway-for-woocommerce

The SumUp plugin for WooCommerce allows businesses to securely process payments online. Accept payments from customers using a range of payment method …

10K 1 CVE

Pay for Payment for WooCommerce

woocommerce-pay-for-payment

100

Setup individual charges for each payment method in WooCommerce.

10K No CVEs

Enable Standard PayPal for WooCommerce

enable-standard-paypal-for-woocommerce

100

Enables the classic PayPal Standard payment method for WooCommerce, which has been disabled by default since WooCommerce version 5.5.0.

6K No CVEs

Pay in Store WooCommerce Payment Gateway

pay-in-store-woocommerce-payment-gateway

Provides a Pay in Store upon pick up Payment Gateway for Woocommerce.

3K No CVEs

Robokassa payment gateway for Woocommerce

robokassa

Позволяет использовать интерфейс (платежный шлюз) для оплаты через Робокассу в WooCommerce. Поддерживает интеграцию чеков (закон 54-ФЗ)

3K 1 unpatched

Developer Profile

Bold pagos en linea Developer Profile

Bold

1 plugin · 4K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

18 days

View full developer profile

Detection Fingerprints

How We Detect Bold pagos en linea

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/bold-pagos-en-linea/build/index.js/wp-content/plugins/bold-pagos-en-linea/build/index.css/wp-content/plugins/bold-pagos-en-linea/assets/img/admin-panel/bold_co_button_light.png/wp-content/plugins/bold-pagos-en-linea/assets/img/admin-panel/bold_co_button_example_light.svg/wp-content/plugins/bold-pagos-en-linea/assets/img/admin-panel/bold_co_button_example_dark.svg/wp-content/plugins/bold-pagos-en-linea/assets/css/bold-elementor-widget.css

Script Paths

https://developers.bold.co/pagos-en-linea/boton-de-pagos/plugins/wordpress

Version Parameters

bold-pagos-en-linea/style.css?ver=bold-pagos-en-linea/build/index.js?ver=bold-pagos-en-linea/build/index.css?ver=bold-pagos-en-linea/assets/css/bold-elementor-widget.css?ver=

HTML / DOM Fingerprints

CSS Classes

boldicon

Data Attributes

data-block="bold-pagos-en-linea/bold-button-block"

JS Globals

boldBlockData

Shortcode Output

[bold-pagos-en-linea]

FAQ