
Divit Payment Gateway Security & Risk Analysis
wordpress.org/plugins/divit-rewards-and-payment-gatewayDivit Payment Gateway for WooCommerce
Is Divit Payment Gateway Safe to Use in 2026?
Generally Safe
Score 92/100Divit Payment Gateway has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "divit-rewards-and-payment-gateway" plugin v1.7.16 exhibits a mixed security posture. On the positive side, the plugin demonstrates good practices in database interaction, utilizing prepared statements for all SQL queries and a high percentage of properly escaped output. The absence of known vulnerabilities in its history is also a significant strength, suggesting a history of relatively secure development.
However, there are notable concerns regarding its attack surface and internal security checks. A substantial portion of the plugin's 16 entry points, specifically 12 AJAX handlers, lack authentication checks. This presents a significant risk, as these endpoints could be accessed and potentially exploited by unauthenticated users. The presence of the `unserialize` dangerous function, while only one instance, always warrants caution due to its potential for remote code execution if used with untrusted input. The taint analysis, though limited, did reveal one flow with an unsanitized path, which could be a vector for injection vulnerabilities.
While the plugin has no recorded CVEs, the lack of nonce checks on the unprotected AJAX handlers, coupled with the `unserialize` function and the unsanitized taint flow, indicates potential weaknesses that could be exploited. The strengths in SQL and output escaping are commendable, but they are overshadowed by the significant number of unprotected entry points and the presence of dangerous functions without apparent safeguards. A balanced view suggests that while the plugin has a clean vulnerability history, the current codebase has identifiable areas of concern that require attention to improve its overall security.
Key Concerns
- 12 AJAX handlers without auth checks
- Dangerous function: unserialize
- Taint flow with unsanitized path
- 0 Nonce checks on entry points
Divit Payment Gateway Security Vulnerabilities
Divit Payment Gateway Release Timeline
Divit Payment Gateway Code Analysis
Dangerous Functions Found
Output Escaping
Data Flow Analysis
Divit Payment Gateway Attack Surface
AJAX Handlers 12
Shortcodes 4
WordPress Hooks 22
Scheduled Events 1
Maintenance & Trust
Divit Payment Gateway Maintenance & Trust
Maintenance Signals
Community Trust
Divit Payment Gateway Alternatives
Hong Kong FPS Woo Payment
hong-kong-fps-woo-payment
Woocommerce Payment Gateway for Hong Kong Faster Payment System featuring QR Codes for quick payments.
Paystack WooCommerce Payment Gateway
woo-paystack
Paystack for WooCommerce allows your WooCommerce store to accept secure payments from multiple local and global payment channels.
elegro Crypto Payment
elegro-payment
Increase your customers base by accepting cryptocurrencies.
Montonio for WooCommerce
montonio-for-woocommerce
Montonio is a complete checkout solution for online stores that includes all popular payment methods (local banks, card payments, Apple Pay, Google Pa …
NETOPIA Payments Payment Gateway
netopia-payments-payment-gateway
NETOPIA Payments Payment Gateway extends WooCommerce payment options by adding NETOPIA's Payment Gateway options.
Divit Payment Gateway Developer Profile
1 plugin · 10 total installs
How We Detect Divit Payment Gateway
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/divit-rewards-and-payment-gateway/assets/css/divit-gateway.css/wp-content/plugins/divit-rewards-and-payment-gateway/assets/css/rangeslider.css/wp-content/plugins/divit-rewards-and-payment-gateway/assets/js/rangeslider.min.js/wp-content/plugins/divit-rewards-and-payment-gateway/assets/js/divit-gateway.js/wp-content/plugins/divit-rewards-and-payment-gateway/assets/js/rangeslider.min.js/wp-content/plugins/divit-rewards-and-payment-gateway/assets/js/divit-gateway.jsdivit-rewards-and-payment-gateway/assets/css/divit-gateway.css?ver=divit-rewards-and-payment-gateway/assets/css/rangeslider.css?ver=divit-rewards-and-payment-gateway/assets/js/rangeslider.min.js?ver=divit-rewards-and-payment-gateway/assets/js/divit-gateway.js?ver=HTML / DOM Fingerprints
divit-earn-miles-messagedivit-promo-code-wrapperDivit Payment Gateway For WooCommerceAdd Divit Payment Gateway LogoDivit Express Checkout ButtonDivit Cart Earn Miles Message+2 moredata-divit-amountdata-divit-currencydata-divit-product-iddata-divit-earn-miles-tagwcdivit[divit_earn_miles_tag][divit_earn_miles_tag_product_in_cart][divit_earn_miles_tag_in_cart][divit_login_button]