WP-Safety

Up2pay e-Transactions WooCommerce Payment Gateway Security & Risk Analysis

wordpress.org/plugins/e-transactions-wc

This plugin is a Up2pay e-Transactions payment gateway for WooCommerce 4.x

4K active installs v3.0.9 PHP + WP 5.0.0+ Updated May 19, 2025
e-commerceorderspaymentpayment-gatewaywoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Up2pay e-Transactions WooCommerce Payment Gateway Safe to Use in 2026?

Generally Safe

Score 100/100

Up2pay e-Transactions WooCommerce Payment Gateway has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10mo ago
Risk Assessment

The e-transactions-wc plugin v3.0.9 demonstrates a generally strong security posture with robust practices in place. The static analysis reveals no direct SQL injection vulnerabilities due to the consistent use of prepared statements. Furthermore, the plugin has no recorded history of CVEs, suggesting a good track record of security awareness and maintenance. The presence of nonce and capability checks on all identified AJAX entry points is a significant strength, mitigating common attack vectors.

However, there are areas for improvement. A concerning finding is the taint analysis, which shows 5 out of 6 analyzed flows with unsanitized paths. While these did not escalate to critical or high severity in this analysis, this indicates a potential for vulnerabilities if user-supplied data is not handled with extreme care throughout the code. The output escaping, while at 81%, still leaves a significant portion of outputs potentially vulnerable to cross-site scripting (XSS) attacks if user input is involved in those unescaped outputs.

In conclusion, e-transactions-wc v3.0.9 is well-protected against common direct injection and authentication bypass issues. The absence of past vulnerabilities is reassuring. The primary risk lies in the unsanitized data flows, which, despite not currently leading to exploitable vulnerabilities in this version, represent a latent risk that requires diligent developer attention. The moderate percentage of unescaped output also warrants careful review to prevent potential XSS.

Key Concerns

  • Flows with unsanitized paths in taint analysis
  • Unescaped output percentage is below ideal threshold
Vulnerabilities
None known

Up2pay e-Transactions WooCommerce Payment Gateway Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Up2pay e-Transactions WooCommerce Payment Gateway Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
76
330 escaped
Nonce Checks
5
Capability Checks
2
File Operations
30
External Requests
5
Bundled Libraries
1

Bundled Libraries

Select2

Output Escaping

81% escaped406 total outputs
Data Flows
5 unsanitized

Data Flow Analysis

6 flows5 with unsanitized paths
render_filters (classes\helpers\wc-etransaction-order-manager.php:142)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Up2pay e-Transactions WooCommerce Payment Gateway Attack Surface

Entry Points4
Unprotected0

AJAX Handlers 4

authwp_ajax_wc_etransactions_admin_single_order_submitclasses\wc-etransactions-order.php:24
authwp_ajax_wc_etransactions_admin_single_order_refundclasses\wc-etransactions-order.php:25
authwp_ajax_wc_etransactions_get_test_requestclasses\wc-etransactions-settings.php:24
authwp_ajax_wc_etransactions_get_log_file_contentclasses\wc-etransactions-settings.php:25
WordPress Hooks 33
actionwp_enqueue_scriptsclasses\wc-etransactions-front.php:19
filterwoocommerce_account_menu_itemsclasses\wc-etransactions-front.php:20
actionplugins_loadedclasses\wc-etransactions-gateways.php:21
actionadmin_enqueue_scriptsclasses\wc-etransactions-gateways.php:22
actionwoocommerce_blocks_loadedclasses\wc-etransactions-gateways.php:23
actionadmin_noticesclasses\wc-etransactions-gateways.php:33
filterwoocommerce_payment_gatewaysclasses\wc-etransactions-gateways.php:44
actionwoocommerce_blocks_payment_method_type_registrationclasses\wc-etransactions-gateways.php:70
actionadmin_menuclasses\wc-etransactions-list-transaction.php:15
actionadmin_enqueue_scriptsclasses\wc-etransactions-list-transaction.php:16
actionadmin_post_reset_filtersclasses\wc-etransactions-list-transaction.php:17
filterwc_order_statusesclasses\wc-etransactions-order.php:17
filterwoocommerce_register_shop_order_post_statusesclasses\wc-etransactions-order.php:18
filterwoocommerce_analytics_excluded_order_statusesclasses\wc-etransactions-order.php:19
filterwoocommerce_valid_order_statuses_for_paymentclasses\wc-etransactions-order.php:20
filterwoocommerce_valid_order_statuses_for_payment_completeclasses\wc-etransactions-order.php:21
actionwoocommerce_order_status_changedclasses\wc-etransactions-order.php:22
actionadd_meta_boxesclasses\wc-etransactions-order.php:23
actionwoocommerce_new_orderclasses\wc-etransactions-order.php:26
actionwoocommerce_order_shipping_method_changedclasses\wc-etransactions-order.php:27
actionadmin_enqueue_scriptsclasses\wc-etransactions-settings.php:21
actionadmin_menuclasses\wc-etransactions-settings.php:22
actionadmin_initclasses\wc-etransactions-settings.php:23
actionadmin_initclasses\wc-etransactions-settings.php:26
actionadmin_footerclasses\wc-etransactions-settings.php:27
actionadmin_noticesclasses\wc-etransactions-settings.php:173
actionadmin_noticesclasses\wc-etransactions-settings.php:261
filtercron_schedulesclasses\wc-etransactions-updater.php:33
actionwpclasses\wc-etransactions-updater.php:34
actioninitclasses\wc-etransactions-updater.php:35
actionadmin_noticeswc-etransactions.php:30
actionadmin_initwc-etransactions.php:34
actioninitwc-etransactions.php:84
Maintenance & Trust

Up2pay e-Transactions WooCommerce Payment Gateway Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedMay 19, 2025
PHP min version
Downloads76K

Community Trust

Rating46/100
Number of ratings13
Active installs4K
Alternatives

Up2pay e-Transactions WooCommerce Payment Gateway Alternatives

Paybox WooCommerce Payment Gateway

Paybox WooCommerce Payment Gateway

paybox-woocommerce-gateway

A
100

This plugin is a Paybox payment gateway for WooCommerce 4.x

500 No CVEs
Sofinco 3XCB

Sofinco 3XCB

wc-sofinco-3xcb

A
100

This plugin is a Sofinco 3x CB payment gateway for WooCommerce

100 No CVEs
HyperPay Payments

HyperPay Payments

hyperpay-gateways

A
100

Payments Gateways provided by Gate2Play, to make you able to add Credit Card, Mada, STCpay and more payments method.

600 No CVEs
KueskiPay Gateway

KueskiPay Gateway

kueskipay-gateway

A
100

Add Kueski gateway to buy now and pay later on your store.

200 No CVEs
Avify

Avify

avify

A
100

Connect your WooCommerce account to Avify and send all your orders to one centralized inventory.

80 No CVEs
Developer Profile

Up2pay e-Transactions WooCommerce Payment Gateway Developer Profile

Verifone e-commerce

3 plugins · 5K total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Up2pay e-Transactions WooCommerce Payment Gateway

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/e-transactions-wc/assets/build/checkout-page.css/wp-content/plugins/e-transactions-wc/assets/build/checkout-page.js
Script Paths
/wp-content/plugins/e-transactions-wc/assets/build/checkout-page.js
Version Parameters
e-transactions-wc/assets/build/checkout-page.css?ver=e-transactions-wc/assets/build/checkout-page.js?ver=

HTML / DOM Fingerprints

CSS Classes
wc-etransactions-checkout-page
Data Attributes
data-wc-etransactions-plugin-url
JS Globals
wc_etransactions
FAQ

Frequently Asked Questions about Up2pay e-Transactions WooCommerce Payment Gateway