WP-Safety

Culqi Full Integracion Security & Risk Analysis

wordpress.org/plugins/culqi-full-integration

Podrás hacer pagos desde Woocommerce usando el servicio de Culqi, además de reembolsos, estados, logs y personalizaciones del modal de pago.

300 active installs v3.0.3 PHP 7.4+ WP 6.6.0+ Updated Nov 17, 2025
culqifull-integrationpayment-methodperuwoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Culqi Full Integracion Safe to Use in 2026?

Generally Safe

Score 100/100

Culqi Full Integracion has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago
Risk Assessment

The "culqi-full-integration" plugin version 3.0.3 exhibits a generally strong security posture based on the provided static analysis. The absence of any recorded CVEs, critical or high severity taint flows, and the consistent use of prepared statements for SQL queries are significant strengths. The plugin also demonstrates good practices by implementing nonce and capability checks on its AJAX endpoints, and the attack surface, while present in AJAX handlers, appears to be protected by these checks.

However, there are areas for improvement. A notable concern is the percentage of unescaped output (17% of 207 outputs). While not a critical vulnerability in itself, this could lead to cross-site scripting (XSS) vulnerabilities if user-supplied data is improperly handled in these specific instances. Furthermore, the plugin performs file operations, which, without more context, warrants careful review to ensure these operations are secure and only perform necessary actions. The limited number of nonce and capability checks (2 and 1 respectively) for 7 AJAX handlers could indicate that some handlers might not be adequately protected if the existing checks don't cover all use cases or if their implementation is flawed.

Overall, the plugin's clean vulnerability history and adherence to basic secure coding practices like prepared statements are positive indicators. The primary weakness lies in the potential for XSS due to incomplete output escaping. The presence of file operations and a moderate number of entry points with limited explicit checks suggest that a deeper manual review of the code would be beneficial to confirm the security of these specific areas.

Key Concerns

  • Unescaped output identified (17%)
  • File operations present
  • Limited nonce/capability checks relative to entry points
Vulnerabilities
None known

Culqi Full Integracion Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Culqi Full Integracion Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
7 prepared
Unescaped Output
35
172 escaped
Nonce Checks
2
Capability Checks
1
File Operations
1
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared7 total queries

Output Escaping

83% escaped207 total outputs
Data Flows
All sanitized

Data Flow Analysis

2 flows
welcome_panel (includes\admin\class-fullculqi-welcome.php:22)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Culqi Full Integracion Attack Surface

Entry Points7
Unprotected0

AJAX Handlers 7

authwp_ajax_create_culqi_refundincludes\class-fullculqi-ajax.php:18
authwp_ajax_delete_culqi_chargesincludes\class-fullculqi-ajax.php:21
authwp_ajax_delete_culqi_ordersincludes\class-fullculqi-ajax.php:24
authwp_ajax_delete_culqi_customersincludes\class-fullculqi-ajax.php:27
authwp_ajax_sync_culqi_chargesincludes\class-fullculqi-ajax.php:30
authwp_ajax_sync_culqi_ordersincludes\class-fullculqi-ajax.php:33
authwp_ajax_sync_culqi_customersincludes\class-fullculqi-ajax.php:36
WordPress Hooks 33
actionadd_meta_boxesincludes\3rd-party\plugins\woocommerce\class-fullculqi-wc-admin.php:15
filterfullculqi/charges/column_nameincludes\3rd-party\plugins\woocommerce\class-fullculqi-wc-admin.php:18
filterfullculqi/charges/column_valueincludes\3rd-party\plugins\woocommerce\class-fullculqi-wc-admin.php:19
filterfullculqi/orders/column_nameincludes\3rd-party\plugins\woocommerce\class-fullculqi-wc-admin.php:20
filterfullculqi/orders/column_valueincludes\3rd-party\plugins\woocommerce\class-fullculqi-wc-admin.php:21
actionfullculqi/charges/basic/print_dataincludes\3rd-party\plugins\woocommerce\class-fullculqi-wc-admin.php:24
actionfullculqi/orders/basic/print_dataincludes\3rd-party\plugins\woocommerce\class-fullculqi-wc-admin.php:25
filterfullculqi/ajax/refund/is_externalincludes\3rd-party\plugins\woocommerce\class-fullculqi-wc-admin.php:28
filterfullculqi/ajax/refund/process_externalincludes\3rd-party\plugins\woocommerce\class-fullculqi-wc-admin.php:29
actionafter_setup_themeincludes\3rd-party\plugins\woocommerce\class-fullculqi-wc-main.php:16
filterwoocommerce_payment_gatewaysincludes\3rd-party\plugins\woocommerce\class-fullculqi-wc-main.php:19
actionfullculqi/api/wc-actionsincludes\3rd-party\plugins\woocommerce\class-fullculqi-wc-main.php:22
actionfullculqi/culqi_orders/updateincludes\3rd-party\plugins\woocommerce\class-fullculqi-wc-main.php:25
actionscript_loader_tagincludes\3rd-party\plugins\woocommerce\class-fullculqi-wc-main.php:28
actionbefore_woocommerce_initincludes\3rd-party\plugins\woocommerce\class-fullculqi-wc-main.php:31
actionwoocommerce_after_order_detailsincludes\3rd-party\plugins\woocommerce\class-fullculqi-wc-main.php:34
actionadmin_noticesincludes\3rd-party\plugins\woocommerce\class-fullculqi-wc-main.php:51
actionwp_enqueue_scriptsincludes\3rd-party\plugins\woocommerce\class-fullculqi-wc-method.php:97
actionadmin_enqueue_scriptsincludes\admin\class-fullculqi-settings.php:15
actionadmin_menuincludes\admin\class-fullculqi-settings.php:18
actionadmin_initincludes\admin\class-fullculqi-settings.php:21
actionadmin_initincludes\admin\class-fullculqi-welcome.php:13
actionadmin_menuincludes\admin\class-fullculqi-welcome.php:14
actionadmin_headincludes\admin\class-fullculqi-welcome.php:15
actionadmin_enqueue_scriptsincludes\admin\metaboxes\class-fullculqi-metaboxes.php:17
actionbefore_delete_postincludes\admin\metaboxes\class-fullculqi-metaboxes.php:23
actionpre_get_postsincludes\admin\metaboxes\class-fullculqi-metaboxes.php:35
actioninitincludes\class-fullculqi-cpt.php:13
actioninitincludes\class-fullculqi-endpoints.php:14
filterquery_varsincludes\class-fullculqi-endpoints.php:17
actionparse_requestincludes\class-fullculqi-endpoints.php:20
actionplugins_loadedincludes\class-fullculqi-i18n.php:19
actionfullculqi/api/webhooksincludes\class-fullculqi-webhooks.php:18
Maintenance & Trust

Culqi Full Integracion Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedNov 17, 2025
PHP min version7.4
Downloads22K

Community Trust

Rating98/100
Number of ratings10
Active installs300
Alternatives

Culqi Full Integracion Alternatives

Culqi

Culqi

culqi-checkout

A
91

Conéctate a nuestra pasarela de pago CulqiOnline de forma segura y estable en tu tienda virtual.

1K 1 CVE
Conditional Payments for WooCommerce

Conditional Payments for WooCommerce

conditional-payments-for-woocommerce

A
98

Restrict WooCommerce payment methods based on conditions. Works with your existing payment methods.

10K 2 CVEs
Satispay for WooCommerce

Satispay for WooCommerce

woo-satispay

A
100

Save time and money by accepting payments from your customers with Satispay. Free, simple, secure! #doitsmart

7K No CVEs
Enable Standard PayPal for WooCommerce

Enable Standard PayPal for WooCommerce

enable-standard-paypal-for-woocommerce

A
100

Enables the classic PayPal Standard payment method for WooCommerce, which has been disabled by default since WooCommerce version 5.5.0.

6K No CVEs
Bold pagos en linea

Bold pagos en linea

bold-pagos-en-linea

A
99

Recibe pagos en tu tienda de forma segura con diferentes métodos de pago confiables.

4K 1 CVE
Developer Profile

Culqi Full Integracion Developer Profile

gonzalesc

2 plugins · 350 total installs

89
trust score
Avg Security Score
93/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Culqi Full Integracion

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/culqi-full-integration/assets/css/fullculqi.css/wp-content/plugins/culqi-full-integration/assets/css/fullculqi_checkout.css/wp-content/plugins/culqi-full-integration/assets/js/fullculqi.js/wp-content/plugins/culqi-full-integration/assets/js/fullculqi_checkout.js/wp-content/plugins/culqi-full-integration/assets/js/fullculqi_stripe.js/wp-content/plugins/culqi-full-integration/assets/js/fullculqi_admin.js
Generator Patterns
Culqi Full Integration by Lets Go Dev
Script Paths
/wp-content/plugins/culqi-full-integration/assets/js/fullculqi.js/wp-content/plugins/culqi-full-integration/assets/js/fullculqi_checkout.js/wp-content/plugins/culqi-full-integration/assets/js/fullculqi_stripe.js/wp-content/plugins/culqi-full-integration/assets/js/fullculqi_admin.js
Version Parameters
culqi-full-integration/assets/css/fullculqi.css?ver=culqi-full-integration/assets/css/fullculqi_checkout.css?ver=culqi-full-integration/assets/js/fullculqi.js?ver=culqi-full-integration/assets/js/fullculqi_checkout.js?ver=culqi-full-integration/assets/js/fullculqi_stripe.js?ver=culqi-full-integration/assets/js/fullculqi_admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
fullculqi_checkout_modal
Data Attributes
data-culqi-chargedata-culqi-order-iddata-culqi-order-keydata-culqi-order-emaildata-culqi-order-firstnamedata-culqi-order-lastname+8 more
JS Globals
fullculqi_varsCulqiCheckout
REST Endpoints
/wp-json/fullculqi/v1/charge
FAQ

Frequently Asked Questions about Culqi Full Integracion