WP-Safety

Экспресс Платежи: E-POS Security & Risk Analysis

wordpress.org/plugins/e-pos

«Экспресс Платежи: E-POS» для WooCommerce, плагин для простого подключения приема платежей в системе E-POS.

40 active installs v1.1.6 PHP 5.4+ WP 4.0+ Updated Feb 19, 2026
merchantonline-paymentpayment-gatewaypaymentswoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Экспресс Платежи: E-POS Safe to Use in 2026?

Generally Safe

Score 100/100

Экспресс Платежи: E-POS has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The e-pos plugin v1.1.6 exhibits a generally good security posture, with no known vulnerabilities or CVEs recorded, and a low number of identified code signals that typically indicate risk. The absence of direct attack surface entry points like AJAX handlers, REST API routes, shortcodes, and cron events is a positive sign. Furthermore, all SQL queries utilize prepared statements, indicating a strong defense against SQL injection. However, the low percentage of properly escaped output (21%) presents a significant concern for Cross-Site Scripting (XSS) vulnerabilities. While only one taint flow was analyzed, the presence of unsanitized paths, even without critical or high severity, warrants attention as it suggests potential for data manipulation if exploited. The limited capability checks and zero nonce checks on its entry points (though there are no direct entry points listed, this can be extrapolated if other indirect methods were used) could be a concern if any indirect entry points are discovered in the future.

Key Concerns

  • Low output escaping percentage
  • Flow with unsanitized path detected
  • No nonce checks observed
Vulnerabilities
None known

Экспресс Платежи: E-POS Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Экспресс Платежи: E-POS Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
15
4 escaped
Nonce Checks
0
Capability Checks
1
File Operations
2
External Requests
2
Bundled Libraries
0

Output Escaping

21% escaped19 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

1 flows1 with unsanitized paths
<class-wc-gateway-expresspay-epos> (includes\class-wc-gateway-expresspay-epos.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Экспресс Платежи: E-POS Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 5
actionplugins_loadedwordpress_epos_expresspay.php:37
filterwoocommerce_payment_gatewayswordpress_epos_expresspay.php:38
actionwoocommerce_blocks_loadedwordpress_epos_expresspay.php:39
actionbefore_woocommerce_initwordpress_epos_expresspay.php:40
actionwoocommerce_blocks_payment_method_type_registrationwordpress_epos_expresspay.php:103
Maintenance & Trust

Экспресс Платежи: E-POS Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 19, 2026
PHP min version5.4
Downloads2K

Community Trust

Rating0/100
Number of ratings0
Active installs40
Alternatives

Экспресс Платежи: E-POS Alternatives

Flitt payment gateway for WooCommerce

Flitt payment gateway for WooCommerce

flitt-payment-gateway-for-woocommerce

A
100

The plugin for WooCommerce allows you to integrate the online payment form on the Checkout page of your online store.

40 No CVEs
Экспресс Платежи: Интернет-Эквайринг

Экспресс Платежи: Интернет-Эквайринг

express-pay-card

A
100

Описание

30 No CVEs
Экспресс Платежи: ЕРИП

Экспресс Платежи: ЕРИП

express-pay-erip

A
100

«Экспресс Платежи: ЕРИП» для WooCommerce, плагин для простого подключения приема платежей в системе «ЕРИП» (АИС “Расчет”).

20 No CVEs
Paystation Payment Gateway for woocommerce

Paystation Payment Gateway for woocommerce

paystation-woocommerce-payment-gateway

A
100

Take credit card payments on your store via Paystation.

100 No CVEs
Live eftpos for WooCommerce

Live eftpos for WooCommerce

live-eftpos-for-woocommerce

A
100

The Live eftpos for WooCommerce plugin is the easy way to manage card payments via your online store.

30 No CVEs
Developer Profile

Экспресс Платежи: E-POS Developer Profile

Сервис "Экспресс Платежи"

3 plugins · 90 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Экспресс Платежи: E-POS

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/e-pos/assets/images/icon-128x128.png/wp-content/plugins/e-pos/assets/images/icon-128x128@2x.png/wp-content/plugins/e-pos/assets/images/icon-128x128@3x.png/wp-content/plugins/e-pos/assets/images/icon-128x128@4x.png/wp-content/plugins/e-pos/assets/images/icon-32x32.png/wp-content/plugins/e-pos/assets/images/icon-32x32@2x.png/wp-content/plugins/e-pos/assets/images/icon-32x32@3x.png/wp-content/plugins/e-pos/assets/images/icon-32x32@4x.png+15 more
Script Paths
/wp-content/plugins/e-pos/assets/js/expresspay-epos-blocks.js/wp-content/plugins/e-pos/assets/js/expresspay-epos-checkout.js/wp-content/plugins/e-pos/assets/js/expresspay-epos-admin.js
Version Parameters
e-pos/assets/js/expresspay-epos-blocks.js?ver=e-pos/assets/js/expresspay-epos-checkout.js?ver=e-pos/assets/js/expresspay-epos-admin.js?ver=

HTML / DOM Fingerprints

JS Globals
wc_expresspay_epos_blocks_paramswc_expresspay_epos_checkout_params
FAQ

Frequently Asked Questions about Экспресс Платежи: E-POS