Does CollabPay ‑ Split Profits have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is CollabPay ‑ Split Profits compatible with WordPress 6.6.5?

According to WordPress.org data, CollabPay ‑ Split Profits 1.9.0 has been tested up to WordPress 6.6.5. Check the plugin's changelog for the latest compatibility information.

Is CollabPay ‑ Split Profits compatible with PHP 7.0+?

CollabPay ‑ Split Profits requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is CollabPay ‑ Split Profits updated?

CollabPay ‑ Split Profits was last updated on Aug 6, 2024. Frequent updates are generally a positive security signal.

What is CollabPay ‑ Split Profits's security score?

CollabPay ‑ Split Profits has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

CollabPay ‑ Split Profits Security & Risk Analysis

wordpress.org/plugins/collabpay

Automatically calculate, split & pay profits to product creators, influencers or sales reps!

40 active installs v1.9.0 PHP 7.0+ WP 5.9+ Updated Aug 6, 2024

marketplace-paymentshare-profitssplit-paymentssplit-profitsvendor-payouts

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is CollabPay ‑ Split Profits Safe to Use in 2026?

Generally Safe

Score 92/100

CollabPay ‑ Split Profits has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The CollabPay plugin v1.9.0 exhibits a generally strong security posture based on the provided static analysis and vulnerability history. The plugin has a relatively small attack surface with all identified entry points (REST API routes) seemingly protected by permission callbacks. Furthermore, the absence of dangerous functions, file operations, and known vulnerabilities in its history are positive indicators. However, there are significant areas for concern. The plugin's SQL queries are not using prepared statements, presenting a potential risk for SQL injection vulnerabilities, especially if any of the query parameters are derived from user input. Additionally, the lack of nonce checks and capability checks, while not directly linked to an exploit path in the provided data, represents a missed opportunity to implement standard WordPress security practices and could be exploited in conjunction with other vulnerabilities if they were to arise.

Key Concerns

SQL queries without prepared statements
Zero nonce checks implemented
Zero capability checks implemented
77% of output escaping is good, but 23% is not

Vulnerabilities

None known

CollabPay ‑ Split Profits Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

CollabPay ‑ Split Profits Release Timeline

v1.9.0Current

Code Analysis

Analyzed Mar 16, 2026

CollabPay ‑ Split Profits Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

10 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared2 total queries

Output Escaping

77% escaped13 total outputs

Attack Surface

CollabPay ‑ Split Profits Attack Surface

Entry Points5

Unprotected0

REST API Routes 5

GET/wp-json/collabpay/v1pingincludes\CollabPayApi.php:8

GET/wp-json/collabpay/v1webhooks/deactivateincludes\CollabPayApi.php:16

GET/wp-json/collabpay/v1webhooks/activateincludes\CollabPayApi.php:24

GET/wp-json/collabpay/v1revokeincludes\CollabPayApi.php:32

GET/wp-json/collabpay/v1refundsincludes\CollabPayApi.php:40

WordPress Hooks 18

actionrest_api_initincludes\CollabPayApi.php:7

actionadmin_menuincludes\CollabpaySettingsPageAdmin.php:12

actionadmin_initincludes\CollabpaySettingsPageAdmin.php:13

actionupdate_optionincludes\CollabpaySettingsPageAdmin.php:15

actionadd_optionincludes\CollabpaySettingsPageAdmin.php:16

actionadmin_post_update_rollincludes\CollabpaySettingsPageAdmin.php:18

actionwoocommerce_product_options_general_product_dataincludes\CollabPayWooCommerceFields.php:8

actionwoocommerce_process_product_metaincludes\CollabPayWooCommerceFields.php:9

actionwoocommerce_variation_options_pricingincludes\CollabPayWooCommerceFields.php:12

actionwoocommerce_save_product_variationincludes\CollabPayWooCommerceFields.php:13

filterwoocommerce_available_variationincludes\CollabPayWooCommerceFields.php:14

actionwoocommerce_product_options_advancedincludes\CollabPayWooCommerceFields.php:17

actionwoocommerce_process_product_metaincludes\CollabPayWooCommerceFields.php:18

actioninitindex.php:47

actionwoocommerce_checkout_order_processedindex.php:54

filterwoocommerce_max_webhook_delivery_failuresindex.php:76

filterhttp_request_argsindex.php:90

filterhttps_ssl_verifyindex.php:91

Maintenance & Trust

CollabPay ‑ Split Profits Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5

Last updatedAug 6, 2024

PHP min version7.0

Downloads4K

Community Trust

Rating100/100

Number of ratings2

Active installs40

Alternatives

CollabPay ‑ Split Profits Alternatives

Netgíró Payment Gateway for WooCommerce

netgiro-payment-gateway-for-woocommerce

100

Offer your customers Netgíró’s quick, secure, and streamlined payment solution directly in your WooCommerce store.

400 No CVEs

Split Pay – Stripe Connect Split Payments & Multi-Vendor Marketplace for WooCommerce

bsd-woo-stripe-connect-split-pay

100

Split payments made in WooCommerce stores between multiple Stripe Connected Accounts and a Stripe Platform Account.

100 No CVEs

Limepay WooCommerce Gateway

limepay-woocommerce-gateway

Woo-Commerce gateway extension to support Limepay payments

50 No CVEs

April Payment Gateway for WooCommerce

april-payment-gateway-for-woocommerce

100

Woo-Commerce gateway extension to support April payments

0 No CVEs

LoyCart-POS

loycart-pos

100

LoyCart-POS provides a simple, fast, accurate, and seamless point-of-sale interface directly within your WordPress admin dashboard.

0 No CVEs

Developer Profile

CollabPay ‑ Split Profits Developer Profile

collabpay

1 plugin · 40 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect CollabPay ‑ Split Profits

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/collabpay/assets/css/collabpay-backend.css/wp-content/plugins/collabpay/assets/js/collabpay-backend.js

Script Paths

/wp-content/plugins/collabpay/assets/js/collabpay-backend.js

Version Parameters

collabpay/assets/css/collabpay-backend.css?ver=collabpay/assets/js/collabpay-backend.js?ver=

HTML / DOM Fingerprints

Data Attributes

name="_collabpay_cost[id="_collabpay_cost

JS Globals

window.cp_ref

REST Endpoints

/wp-json/collabpay/v1/ping/wp-json/collabpay/v1/webhooks/deactivate/wp-json/collabpay/v1/webhooks/activate/wp-json/collabpay/v1/revoke/wp-json/collabpay/v1/refunds

FAQ