WP-Safety

Payment Gateway Based Fees and Discounts for WooCommerce Security & Risk Analysis

wordpress.org/plugins/checkout-fees-for-woocommerce

Set fees and discounts for WooCommerce payment gateways.

30K active installs v3.0.0 PHP 7.4+ WP 4.4+ Updated Mar 10, 2026
discountfeegatewaypaymentwoocommerce
99
A · Safe
CVEs total1
Unpatched0
Last CVEApr 25, 2024
Plugin page Download
Safety Verdict

Is Payment Gateway Based Fees and Discounts for WooCommerce Safe to Use in 2026?

Generally Safe

Score 99/100

Payment Gateway Based Fees and Discounts for WooCommerce has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Apr 25, 2024Updated 24d ago
Risk Assessment

The "checkout-fees-for-woocommerce" plugin version 3.0.0 exhibits a generally good security posture, with a robust number of capability and nonce checks, and a high percentage of SQL queries using prepared statements and outputs being properly escaped. The absence of dangerous functions, file operations, and critical/high severity taint flows is a positive indicator. However, the presence of one flow with unsanitized paths in the taint analysis warrants attention. Furthermore, the plugin's vulnerability history indicates a past medium severity vulnerability, specifically CSRF, which, while currently patched, suggests a need for continued vigilance in code security reviews.

The attack surface is relatively small with only a few entry points, and crucially, none are identified as unprotected in the static analysis. The external HTTP requests, while present, are not necessarily a direct security risk without further context but should be monitored. The existence of a single medium severity CVE in the past, though patched, highlights that past security issues have existed. This, combined with the taint analysis result, suggests that while the codebase is largely secure, there are specific areas that require ongoing attention and rigorous testing to maintain a strong security posture.

Key Concerns

  • Flow with unsanitized paths in taint analysis
  • Past medium severity CVE
Vulnerabilities
1

Payment Gateway Based Fees and Discounts for WooCommerce Security Vulnerabilities

CVEs by Year

1 CVE in 2024
2024
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2024-33585medium · 4.3Cross-Site Request Forgery (CSRF)

Payment Gateway Based Fees and Discounts for WooCommerce <= 2.12.1 - Cross-Site Request Forgery to Notice Dismissal

Apr 25, 2024 Patched in 2.12.2 (7d)
Code Analysis
Analyzed Mar 16, 2026

Payment Gateway Based Fees and Discounts for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
2
8 prepared
Unescaped Output
11
61 escaped
Nonce Checks
7
Capability Checks
3
File Operations
0
External Requests
2
Bundled Libraries
0

SQL Query Safety

80% prepared10 total queries

Output Escaping

85% escaped72 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

1 flows1 with unsanitized paths
<class-alg-wc-checkout-fees-settings-per-product> (includes\settings\class-alg-wc-checkout-fees-settings-per-product.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Payment Gateway Based Fees and Discounts for WooCommerce Attack Surface

Entry Points3
Unprotected0

AJAX Handlers 1

authwp_ajax_tyche_plugin_deactivation_submit_actionincludes\component\plugin-deactivation\class-tyche-plugin-deactivation.php:93

Shortcodes 2

[alg_show_checkout_fees_full_info] includes\class-alg-wc-checkout-fees-info.php:47
[alg_show_checkout_fees_lowest_price_info] includes\class-alg-wc-checkout-fees-info.php:48
WordPress Hooks 46
actionwoocommerce_blocks_loadedcheckout-block\checkout-blocks-initialize.php:16
actionwoocommerce_blocks_checkout_block_registrationcheckout-block\checkout-blocks-initialize.php:20
actioninitcheckout-fees-for-woocommerce.php:121
filterwoocommerce_get_settings_pagescheckout-fees-for-woocommerce.php:126
actionbefore_woocommerce_initcheckout-fees-for-woocommerce.php:128
actionadmin_footercheckout-fees-for-woocommerce.php:129
actionadmin_initcheckout-fees-for-woocommerce.php:130
actionpgbf_lite_init_tracker_completedcheckout-fees-for-woocommerce.php:131
filterpgbf_lite_ts_tracker_datacheckout-fees-for-woocommerce.php:132
actionadmin_initcheckout-fees-for-woocommerce.php:146
actionadmin_initincludes\class-alg-wc-checkout-fees-admin.php:33
actionadmin_enqueue_scriptsincludes\class-alg-wc-checkout-fees-admin.php:34
actionadmin_noticesincludes\class-alg-wc-checkout-fees-admin.php:98
actionadmin_noticesincludes\class-alg-wc-checkout-fees-admin.php:127
actionwoocommerce_cart_calculate_feesincludes\class-alg-wc-checkout-fees.php:112
filterwoocommerce_cart_totals_get_fees_from_cart_taxesincludes\class-alg-wc-checkout-fees.php:113
actionwp_enqueue_scriptsincludes\class-alg-wc-checkout-fees.php:114
actioninitincludes\class-alg-wc-checkout-fees.php:115
filterwoocommerce_cart_totals_fee_htmlincludes\class-alg-wc-checkout-fees.php:122
filterwc_stripe_paramsincludes\class-alg-wc-checkout-fees.php:125
filterwoocommerce_subscriptions_is_recurring_feeincludes\class-alg-wc-checkout-fees.php:130
actionwoocommerce_checkout_update_order_metaincludes\class-alg-wc-checkout-fees.php:133
actionwc_ajax_update_feesincludes\class-alg-wc-order-fees.php:69
filteralg_wc_add_gateways_feesincludes\class-alg-wc-order-fees.php:70
actionwoocommerce_before_save_order_itemsincludes\class-alg-wc-order-fees.php:71
actionwoocommerce_order_item_fee_after_calculate_taxesincludes\class-alg-wc-order-fees.php:72
actionadmin_print_scripts-plugins.phpincludes\component\plugin-deactivation\class-tyche-plugin-deactivation.php:92
actionadmin_noticesincludes\component\plugin-tracking\class-tyche-plugin-tracking.php:81
filtercron_schedulesincludes\component\plugin-tracking\class-tyche-plugin-tracking.php:82
actionadmin_initincludes\component\plugin-tracking\class-tyche-plugin-tracking.php:83
filterwoocommerce_get_sections_alg_checkout_feesincludes\settings\class-alg-wc-checkout-fees-settings-gateways.php:29
actionwoocommerce_update_options_alg_checkout_feesincludes\settings\class-alg-wc-checkout-fees-settings-gateways.php:30
filteradmin_initincludes\settings\class-alg-wc-checkout-fees-settings-gateways.php:31
actionwp_print_scriptsincludes\settings\class-alg-wc-checkout-fees-settings-gateways.php:32
actioninitincludes\settings\class-alg-wc-checkout-fees-settings-general.php:44
actioninitincludes\settings\class-alg-wc-checkout-fees-settings-global-extra-fee.php:45
actioninitincludes\settings\class-alg-wc-checkout-fees-settings-info.php:44
actioninitincludes\settings\class-alg-wc-checkout-fees-settings-per-product.php:45
actionadd_meta_boxesincludes\settings\class-alg-wc-checkout-fees-settings-per-product.php:48
actionsave_post_productincludes\settings\class-alg-wc-checkout-fees-settings-per-product.php:49
actionadmin_initincludes\settings\class-alg-wc-checkout-fees-settings-per-product.php:50
filterwoocommerce_get_sections_alg_checkout_feesincludes\settings\class-alg-wc-checkout-fees-settings-section.php:30
actionadmin_initincludes\settings\class-alg-wc-settings-checkout-fees.php:48
filterwoocommerce_admin_settings_sanitize_optionincludes\settings\class-alg-wc-settings-checkout-fees.php:49
actionwoocommerce_admin_field_alg_woocommerce_checkout_fees_custom_linkincludes\settings\class-alg-wc-settings-checkout-fees.php:50
actionwoocommerce_admin_field_linkincludes\settings\class-alg-wc-settings-checkout-fees.php:51
Maintenance & Trust

Payment Gateway Based Fees and Discounts for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 10, 2026
PHP min version7.4
Downloads498K

Community Trust

Rating94/100
Number of ratings57
Active installs30K
Alternatives

Payment Gateway Based Fees and Discounts for WooCommerce Alternatives

Pay for Payment for WooCommerce

Pay for Payment for WooCommerce

woocommerce-pay-for-payment

A
100

Setup individual charges for each payment method in WooCommerce.

10K No CVEs
Ni WooCommerce Payment Gateway Charges

Ni WooCommerce Payment Gateway Charges

ni-woocommerce-payment-gateway-charges

A
85

The Ni WooCommerce Payment Gateway Charges plugin offers the capability to apply additional payment amounts or fees based on the customer's selec &hellip;

100 No CVEs
Gateway Coupon Assistant

Gateway Coupon Assistant

gateway-coupon-assistant

A
100

Create and manage WooCommerce coupons that are only valid for specific payment gateways. Display promotional banners to boost sales.

20 No CVEs
PayFeez: Payment Gateway-Based Fees for WooCommerce

PayFeez: Payment Gateway-Based Fees for WooCommerce

payfeez

A
92

Apply fees based on the WooCommerce payment gateway selected by the customer.

20 No CVEs
Paystack WooCommerce Payment Gateway

Paystack WooCommerce Payment Gateway

woo-paystack

A
100

Paystack for WooCommerce allows your WooCommerce store to accept secure payments from multiple local and global payment channels.

30K No CVEs
Developer Profile

Payment Gateway Based Fees and Discounts for WooCommerce Developer Profile

tychesoftwares

20 plugins · 160K total installs

73
trust score
Avg Security Score
91/100
Avg Patch Time
232 days
View full developer profile
Detection Fingerprints

How We Detect Payment Gateway Based Fees and Discounts for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/checkout-fees-for-woocommerce/includes/js/tyche-dismiss-tracking-notice.js
Script Paths
/wp-content/plugins/checkout-fees-for-woocommerce/includes/js/tyche-dismiss-tracking-notice.js
Version Parameters
checkout-fees-for-woocommerce/includes/js/tyche-dismiss-tracking-notice.js?ver=checkout-fees-for-woocommerce.php?ver=

HTML / DOM Fingerprints

CSS Classes
alg-wc-checkout-fees-extra-costs-table
HTML Comments
<!-- Checkout Fees for WooCommerce -->
Data Attributes
data-alg-wc-checkout-fees-rule-iddata-alg-wc-checkout-fees-rule-type
JS Globals
pgbf_lite_ts_dismiss_notice
FAQ

Frequently Asked Questions about Payment Gateway Based Fees and Discounts for WooCommerce