Does Findio WooCommerce plugin have any unpatched vulnerabilities?

No. All known vulnerabilities in Findio WooCommerce plugin have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Findio WooCommerce plugin compatible with WordPress 4.9.29?

According to WordPress.org data, Findio WooCommerce plugin 0.5.1 has been tested up to WordPress 4.9.29. Check the plugin's changelog for the latest compatibility information.

Is Findio WooCommerce plugin compatible with PHP 7.0+?

Findio WooCommerce plugin requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Findio WooCommerce plugin updated?

Findio WooCommerce plugin was last updated on Jul 24, 2018. Frequent updates are generally a positive security signal.

What is Findio WooCommerce plugin's security score?

Findio WooCommerce plugin has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Findio WooCommerce plugin Security & Risk Analysis

wordpress.org/plugins/bstcm-findio-gateway

This plugin creates a new WooCommerce payment gateway for Findio credit services.

0 active installs v0.5.1 PHP 7.0+ WP 4.7.0+ Updated Jul 24, 2018

apiconnectorfindiowoocommercexml

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Findio WooCommerce plugin Safe to Use in 2026?

Generally Safe

Score 85/100

Findio WooCommerce plugin has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7yr ago

Risk Assessment

This plugin exhibits a concerning security posture due to a significant number of unprotected AJAX handlers. While the static analysis shows no dangerous functions or SQL injection vulnerabilities through prepared statements, the complete lack of output escaping for 14 outputs represents a substantial risk for Cross-Site Scripting (XSS) vulnerabilities. The presence of 10 file operations and 4 external HTTP requests, without clear sanitization or authorization checks indicated, also raises potential security concerns. The plugin's vulnerability history is clean, with no recorded CVEs, which is a positive sign. However, this does not negate the inherent risks identified in the static analysis. The absence of nonce and capability checks on the majority of its entry points, particularly the unprotected AJAX handlers, makes it susceptible to various attacks if an attacker can trigger these actions.

Key Concerns

Unprotected AJAX handlers
No output escaping
No nonce checks
No capability checks

Vulnerabilities

None known

Findio WooCommerce plugin Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Findio WooCommerce plugin Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped14 total outputs

Attack Surface

12 unprotected

Findio WooCommerce plugin Attack Surface

Entry Points16

Unprotected12

AJAX Handlers 12

authwp_ajax_bfg_get_woocommerce_loan_offer_block_hookincludes\bstcm-findio-gateway-class.php:55

noprivwp_ajax_bfg_get_woocommerce_loan_offer_block_hookincludes\bstcm-findio-gateway-class.php:56

authwp_ajax_bfg_get_woocommerce_loan_offer_shortcode_hookincludes\bstcm-findio-gateway-class.php:57

noprivwp_ajax_bfg_get_woocommerce_loan_offer_shortcode_hookincludes\bstcm-findio-gateway-class.php:58

authwp_ajax_bfg_get_woocommerce_single_block_shortcode_hookincludes\bstcm-findio-gateway-class.php:59

noprivwp_ajax_bfg_get_woocommerce_single_block_shortcode_hookincludes\bstcm-findio-gateway-class.php:60

authwp_ajax_bfg_generate_loan_offer_shortcode_hookincludes\bstcm-findio-gateway-class.php:61

noprivwp_ajax_bfg_generate_loan_offer_shortcode_hookincludes\bstcm-findio-gateway-class.php:62

authwp_ajax_bfg_test_api_connection_hookincludes\bstcm-findio-gateway-class.php:63

noprivwp_ajax_bfg_test_api_connection_hookincludes\bstcm-findio-gateway-class.php:64

authwp_ajax_bfg_add_to_collaterals_hookincludes\bstcm-findio-gateway-class.php:65

noprivwp_ajax_bfg_add_to_collaterals_hookincludes\bstcm-findio-gateway-class.php:66

Shortcodes 4

[findio-voorstel] includes\bstcm-findio-gateway-class.php:71

[findio-totaal] includes\bstcm-findio-gateway-class.php:72

[findio-single] includes\bstcm-findio-gateway-class.php:73

[findio-tabel] includes\bstcm-findio-gateway-class.php:74

WordPress Hooks 13

filterwoocommerce_payment_gatewaysbstcm-findio-gateway.php:40

actionwp_enqueue_scriptsbstcm-findio-gateway.php:51

actionadmin_enqueue_scriptsbstcm-findio-gateway.php:52

actionplugins_loadedbstcm-findio-gateway.php:84

actionplugins_loadedbstcm-findio-gateway.php:110

filterwoocommerce_available_payment_gatewaysincludes\bstcm-findio-gateway-class.php:48

actionwoocommerce_email_before_order_tableincludes\bstcm-findio-gateway-class.php:77

actionwoocommerce_api_bfg_wc_gateway_bfg_gatewayincludes\bstcm-findio-gateway-class.php:80

actionwoocommerce_before_add_to_cart_formincludes\bstcm-findio-gateway-class.php:83

filterwoocommerce_cart_collateralsincludes\bstcm-findio-gateway-class.php:86

filterwoocommerce_after_single_productincludes\bstcm-findio-gateway-class.php:89

filterwoocommerce_after_checkout_formincludes\bstcm-findio-gateway-class.php:90

filterwoocommerce_after_cartincludes\bstcm-findio-gateway-class.php:91

Maintenance & Trust

Findio WooCommerce plugin Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29

Last updatedJul 24, 2018

PHP min version7.0

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Findio WooCommerce plugin Alternatives

Bit integrations – Easy Automator with no-code automation, integrate Webhook and automate 300+ Platform

bit-integrations

Perfect Automation and integration plugin: Connect 300+ platforms and automate CRM, Email marketing tools, Google Sheets, Contact forms, LMS and more

20K 1 CVE

Api2Cart Bridge Connector

api2cart-bridge-connector

Establish the connection between a B2B system and WooCommerce or WP-eCommerce stores. Use the ready connection to make synchronization of such client …

50 2 CVEs

Brillocraft Connector

brillocraft-connector

100

A secure connector plugin that enables WooCommerce stores to integrate with the Brillocraft mobile app builder platform.

0 No CVEs

WooCommerce Legacy REST API

woocommerce-legacy-rest-api

The WooCommerce Legacy REST API, which is now part of WooCommerce itself but will be removed in WooCommerce 9.0.

400K No CVEs

WP All Export – Drag & Drop Export to Any Custom CSV, XML & Excel

wp-all-export

Easily export data from any post type, custom field, or taxonomy to a CSV, XML, or Excel file of any custom format. Supports WooCommerce products, ord …

100K 7 CVEs

Developer Profile

Findio WooCommerce plugin Developer Profile

Basticom

2 plugins · 100 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

13 days

View full developer profile

Detection Fingerprints

How We Detect Findio WooCommerce plugin

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/bstcm-findio-gateway/assets/js/bstcm-findio-gateway.js/wp-content/plugins/bstcm-findio-gateway/assets/css/bstcm-findio-gateway.css

Script Paths

/wp-content/plugins/bstcm-findio-gateway/assets/js/bstcm-findio-gateway.js

HTML / DOM Fingerprints

JS Globals

the_ajax_script

REST Endpoints

/wp-json/wc/v3/orders

Shortcode Output

[findio-voorstel][findio-totaal][findio-single][findio-tabel]

FAQ