JCC Payment Gateway for Woocommerce Security & Risk Analysis

wordpress.org/plugins/bse-jcc-payment-gateway-redirect

JCC Payment Gateway for Woocommerce Offers online retailers a simpler, faster way for their customers to shop and pay 24/7.

10 active installs v1.0.7 PHP + WP 4.0+ Updated Nov 19, 2020
jccjcc-cypruspaymentpayment-gateway
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is JCC Payment Gateway for Woocommerce Safe to Use in 2026?

Generally Safe

Score 85/100

JCC Payment Gateway for Woocommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago
Risk Assessment

The plugin "bse-jcc-payment-gateway-redirect" v1.0.7 exhibits a generally strong security posture, with no known vulnerabilities or critical security signals identified in the static analysis. The absence of dangerous functions, file operations, external HTTP requests, and a complete lack of unpatched CVEs are all positive indicators. The plugin also demonstrates good practice by exclusively using prepared statements for SQL queries and having a capability check in place.

However, a few areas warrant attention. The taint analysis revealed one flow with an unsanitized path, which, while not classified as critical or high severity, represents a potential weakness that could be exploited if the unsanitized data is used in a sensitive context. Furthermore, the output escaping is not perfect, with 29% of outputs not properly escaped, which could lead to Cross-Site Scripting (XSS) vulnerabilities if the unescaped data is user-controlled and rendered directly in the browser.

The plugin's vulnerability history is currently clear, indicating a potentially well-maintained or less-targeted plugin. This, combined with the good practices observed, suggests a relatively safe plugin. However, the identified taint flow and imperfect output escaping mean that vigilance is still required. A more robust approach to sanitizing all paths and ensuring comprehensive output escaping would further strengthen its security.

Key Concerns

  • Flow with unsanitized path
  • Improper output escaping (29% unescaped)
Vulnerabilities
None known

JCC Payment Gateway for Woocommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

JCC Payment Gateway for Woocommerce Release Timeline

v1.0.7Current
v1.0.6
v1.0.5
v1.0.4
v1.0.3
v1.0.1
Code Analysis
Analyzed Mar 17, 2026

JCC Payment Gateway for Woocommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
21
51 escaped
Nonce Checks
0
Capability Checks
1
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

71% escaped72 total outputs
Data Flows · Security
1 unsanitized

Data Flow Analysis

2 flows1 with unsanitized paths
jcc_callback (includes\class-wc-gateway-jcc-payment-gateway-redirect.php:274)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

JCC Payment Gateway for Woocommerce Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 6
actionwoocommerce_receipt_jccpaymentgatewayredirectincludes\class-wc-gateway-jcc-payment-gateway-redirect.php:40
actionplugins_loadedjcc-payment-gateway-redirect.php:211
filterwoocommerce_payment_gatewaysjcc-payment-gateway-redirect.php:217
filterplugin_row_metajcc-payment-gateway-redirect.php:218
actionpre_current_active_pluginsjcc-payment-gateway-redirect.php:220
actionadmin_noticesjcc-payment-gateway-redirect.php:222
Maintenance & Trust

JCC Payment Gateway for Woocommerce Maintenance & Trust

Maintenance Signals

WordPress version tested5.4.19
Last updatedNov 19, 2020
PHP min version
Downloads3K

Community Trust

Rating100/100
Number of ratings1
Active installs10
Developer Profile

JCC Payment Gateway for Woocommerce Developer Profile

bseltd

2 plugins · 20 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect JCC Payment Gateway for Woocommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/bse-jcc-payment-gateway-redirect/assets/css/frontend.css/wp-content/plugins/bse-jcc-payment-gateway-redirect/assets/js/frontend.js
Version Parameters
bse-jcc-payment-gateway-redirect/assets/css/frontend.css?ver=bse-jcc-payment-gateway-redirect/assets/js/frontend.js?ver=

HTML / DOM Fingerprints

FAQ

Frequently Asked Questions about JCC Payment Gateway for Woocommerce