Cryptocurrency Payment Gateway for WordPress & WooCommerce by CryptoPay Security & Risk Analysis

Cryptocurrency Payment Gateway for WordPress & WooCommerce by CryptoPay. Accept Crypto Payments, Accept Bitcoin Payments, Solana Pay, BTC, USDT, ETH

100 active installs v2.3.15 PHP 8.1+ WP 5.0+ Updated Jul 25, 2025

bitcoincryptocurrencygatewaypaymentwoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Cryptocurrency Payment Gateway for WordPress & WooCommerce by CryptoPay Safe to Use in 2026?

Generally Safe

Score 100/100

Cryptocurrency Payment Gateway for WordPress & WooCommerce by CryptoPay has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8mo ago

Risk Assessment

The cryptopay-wc-lite plugin, version 2.3.15, exhibits a generally strong security posture based on the provided static analysis. The absence of known CVEs and a clean vulnerability history is a significant positive indicator, suggesting a well-maintained and secure codebase over time. The code analysis reveals a relatively small attack surface with no directly exposed AJAX handlers, REST API routes, or shortcodes without authentication checks. Furthermore, the data indicates a good practice of utilizing prepared statements for the majority of SQL queries and proper output escaping.

However, some areas warrant attention. While the percentage of prepared statements and properly escaped outputs is high, it's not 100%, meaning there are instances of raw SQL queries and unescaped outputs that could potentially be exploited under specific circumstances. The presence of file operations and external HTTP requests, while not inherently insecure, represent potential vectors for attack if not meticulously handled. The plugin also uses the Guzzle bundled library, which, if outdated or vulnerable, could introduce risks. The limited taint analysis is a positive sign, showing no detected unsanitized paths, but its scope might be limited.

In conclusion, cryptopay-wc-lite v2.3.15 appears to be a relatively secure plugin, with a commendable track record and good adherence to security best practices. The primary areas for potential improvement lie in ensuring 100% sanitization of all SQL queries and outputs, and careful management of file operations and external requests. Vigilance regarding the security of bundled libraries is also recommended.

Key Concerns

Raw SQL queries present
Unescaped outputs present
Bundled library detected (Guzzle)

Vulnerabilities

None known

Cryptocurrency Payment Gateway for WordPress & WooCommerce by CryptoPay Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Cryptocurrency Payment Gateway for WordPress & WooCommerce by CryptoPay Code Analysis

Dangerous Functions

Raw SQL Queries

12 prepared

Unescaped Output

281 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Guzzle

SQL Query Safety

80% prepared15 total queries

Output Escaping

80% escaped351 total outputs

Attack Surface

Cryptocurrency Payment Gateway for WordPress & WooCommerce by CryptoPay Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 59

actionplugins_loadedapp\Loader.php:27

actioninitapp\Loader.php:33

actioninitapp\Loader.php:70

actionadmin_headapp\Pages\HomePage.php:30

actionadmin_bar_menuapp\Pages\Integrations.php:50

actionadmin_headapp\Pages\Integrations.php:74

actioninitapp\PluginHero\BaseAPI.php:35

actionrest_api_initapp\PluginHero\BaseAPI.php:43

filterrest_pre_dispatchapp\PluginHero\BaseAPI.php:71

actioninitapp\PluginHero\Helpers\Feedback.php:69

actionrest_api_initapp\PluginHero\Helpers\Feedback.php:75

actionadmin_enqueue_scriptsapp\PluginHero\Helpers\Feedback.php:114

actionadmin_footerapp\PluginHero\Helpers\Feedback.php:129

actionrest_api_initapp\PluginHero\Helpers\Feedback.php:155

actionadmin_initapp\PluginHero\Helpers\Redirect.php:36

actiontemplate_redirectapp\PluginHero\Helpers\Redirect.php:48

filtertheme_page_templatesapp\PluginHero\Helpers\Template.php:85

filtertemplate_includeapp\PluginHero\Helpers\Template.php:90

actionadmin_noticesapp\PluginHero\Helpers\Template.php:272

actionadmin_noticesapp\PluginHero\Helpers.php:96

actionadmin_noticesapp\PluginHero\Helpers.php:114

actionadmin_noticesapp\PluginHero\Helpers.php:124

actionadmin_noticesapp\PluginHero\Helpers.php:140

actionadmin_noticesapp\PluginHero\Helpers.php:148

actionadmin_noticesapp\PluginHero\Helpers.php:156

actionadmin_noticesapp\PluginHero\Helpers.php:164

actionadmin_noticesapp\PluginHero\Helpers.php:172

actionadmin_noticesapp\PluginHero\Helpers.php:183

actionadmin_menuapp\PluginHero\Page.php:40

actionadmin_headapp\PluginHero\Page.php:78

actionadmin_enqueue_scriptsapp\PluginHero\Plugin.php:68

actionwp_enqueue_scriptsapp\PluginHero\Plugin.php:77

actionadmin_initapp\PluginHero\Plugin.php:95

actioninitapp\PluginHero\Plugin.php:142

actionadmin_footerapp\PluginHero\templates\plugins.php:33

filterwoocommerce_checkout_customer_idapp\RestAPI.php:60

filtercron_schedulesapp\Services\Cron.php:22

actioncryptopay_lite_cron_jobapp\Services\Cron.php:30

actioncryptopay_lite_cron_jobapp\Services\Verifier.php:27

actionwoocommerce_view_orderapp\Services\Verifier.php:31

actionwoocommerce_before_account_ordersapp\Services\Verifier.php:32

actionwoocommerce_thankyou_cryptopay_liteapp\Services\Verifier.php:33

actionadmin_footerapp\Settings\Settings.php:439

actionadmin_menuapp\Settings\Settings.php:450

actionwoocommerce_blocks_enqueue_checkout_block_scripts_afterapp\WooCommerce\Gateway\Blocks\CryptoPay.php:43

filterwoocommerce_order_button_htmlapp\WooCommerce\Gateway\CryptoPay.php:109

actionwoocommerce_after_checkout_validationapp\WooCommerce\Gateway\CryptoPay.php:129

actionwp_footerapp\WooCommerce\Gateway\CryptoPay.php:268

actionwoocommerce_blocks_loadedapp\WooCommerce\Gateway\Register.php:16

filterwoocommerce_payment_gatewaysapp\WooCommerce\Gateway\Register.php:17

actionwoocommerce_blocks_payment_method_type_registrationapp\WooCommerce\Gateway\Register.php:26

actioninitapp\WooCommerce\Initialize.php:27

actionwoocommerce_receipt_cryptopay_liteapp\WooCommerce\Services\Checkout.php:19

actionwoocommerce_view_orderapp\WooCommerce\Services\Details.php:19

actionwoocommerce_thankyou_cryptopay_liteapp\WooCommerce\Services\Details.php:20

actionwoocommerce_admin_order_data_after_order_detailsapp\WooCommerce\Services\Details.php:21

actionwoocommerce_checkout_order_processedapp\WooCommerce\Services\Payment.php:39

actionwoocommerce_after_checkout_validationapp\WooCommerce\Services\Payment.php:40

actionbefore_woocommerce_initcryptopay-wc-lite.php:39

Scheduled Events 1

cryptopay_lite_cron_job

Maintenance & Trust

Cryptocurrency Payment Gateway for WordPress & WooCommerce by CryptoPay Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedJul 25, 2025

PHP min version8.1

Downloads18K

Community Trust

Rating100/100

Number of ratings5

Active installs100

Alternatives

Cryptocurrency Payment Gateway for WordPress & WooCommerce by CryptoPay Alternatives

NOWPayments for WooCommerce – Crypto Payment Gateway

nowpayments-for-woocommerce

100

Accept Bitcoin, Ethereum, and 300+ cryptocurrencies in WooCommerce using the official NOWPayments crypto payment gateway.

3K No CVEs

Accept Bitcoin instantly via OpenNode

opennode-for-woocommerce

100

Start accepting Bitcoin instantly through Lightning Network today. Powered by OpenNode

400 No CVEs

20bytes

20bytes-payment

100

Accept cryptocurrency payments in your WooCommerce store through 20bytes payment processing service.

0 No CVEs

Payment Gateway Coinify for WooCommerce

payment-gateway-coinify-for-woocommerce

100

A cryptocurrency payment gateway for WooCommerce that integrates with Coinify.

0 No CVEs

elegro Crypto Payment

elegro-payment

Increase your customers base by accepting cryptocurrencies.

20K No CVEs

Developer Profile

Cryptocurrency Payment Gateway for WordPress & WooCommerce by CryptoPay Developer Profile

BeycanPress LLC

16 plugins · 260 total installs

trust score

Avg Security Score

99/100

Avg Patch Time

85 days

View full developer profile

Detection Fingerprints

How We Detect Cryptocurrency Payment Gateway for WordPress & WooCommerce by CryptoPay

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/cryptopay-wc-lite/assets/css//wp-content/plugins/cryptopay-wc-lite/assets/js//wp-content/plugins/cryptopay-wc-lite/assets/images/

Script Paths

/wp-content/plugins/cryptopay-wc-lite/assets/js/frontend.js/wp-content/plugins/cryptopay-wc-lite/assets/js/admin.js/wp-content/plugins/cryptopay-wc-lite/assets/js/checkout.js/wp-content/plugins/cryptopay-wc-lite/assets/js/select.js

Version Parameters

cryptopay-wc-lite/assets/js/frontend.js?ver=cryptopay-wc-lite/assets/js/admin.js?ver=cryptopay-wc-lite/assets/js/checkout.js?ver=cryptopay-wc-lite/assets/js/select.js?ver=cryptopay-wc-lite/assets/css/frontend.css?ver=cryptopay-wc-lite/assets/css/admin.css?ver=

HTML / DOM Fingerprints

CSS Classes

cryptopay-lite

Data Attributes

data-keydata-namedata-versiondata-pathdata-urldata-slug+1 more

JS Globals

window.cryptopay_lite_backend_params

FAQ