Does Event Espresso – QuickPay (EE 4.x+) have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Event Espresso – QuickPay (EE 4.x+) compatible with WordPress 4.7.33?

According to WordPress.org data, Event Espresso – QuickPay (EE 4.x+) 1.0.0 has been tested up to WordPress 4.7.33. Check the plugin's changelog for the latest compatibility information.

How often is Event Espresso – QuickPay (EE 4.x+) updated?

Event Espresso – QuickPay (EE 4.x+) was last updated on Jan 30, 2017. Frequent updates are generally a positive security signal.

What is Event Espresso – QuickPay (EE 4.x+)'s security score?

Event Espresso – QuickPay (EE 4.x+) has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Event Espresso – QuickPay (EE 4.x+) Security & Risk Analysis

wordpress.org/plugins/ee4-quickpay

Integrates your QuickPay payment gateway into your Event Espresso 4 installation.

10 active installs v1.0.0 PHP + WP 1.0.0+ Updated Jan 30, 2017

event-espressoeventespressogatewayquickpay

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Event Espresso – QuickPay (EE 4.x+) Safe to Use in 2026?

Generally Safe

Score 85/100

Event Espresso – QuickPay (EE 4.x+) has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9yr ago

Risk Assessment

The ee4-quickpay v1.0.0 plugin presents a significant security risk due to a single unprotected AJAX entry point. While the plugin demonstrates good practices in its SQL query handling and avoids known vulnerabilities, this single unauthenticated AJAX handler represents a critical weakness. Without proper authentication or capability checks, an attacker could potentially trigger this handler and perform unintended actions, leading to various security issues depending on its functionality. The lack of taint analysis results and zero known CVEs suggest a potentially clean codebase in those specific areas, but this does not mitigate the direct risk posed by the unprotected entry point. The minimal output escaping also raises concerns about potential cross-site scripting (XSS) vulnerabilities if the data processed by the AJAX handler is not properly sanitized before being displayed. Overall, while the plugin has strengths in its database interaction and vulnerability history, the unprotected AJAX handler is a glaring security oversight that requires immediate attention.

Key Concerns

Unprotected AJAX handler
Low output escaping percentage
No nonce checks on AJAX
No capability checks

Vulnerabilities

None known

Event Espresso – QuickPay (EE 4.x+) Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Event Espresso – QuickPay (EE 4.x+) Release Timeline

v1.0.0Current

Code Analysis

Analyzed Mar 17, 2026

Event Espresso – QuickPay (EE 4.x+) Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

2 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

17% escaped12 total outputs

Attack Surface

1 unprotected

Event Espresso – QuickPay (EE 4.x+) Attack Surface

Entry Points1

Unprotected1

AJAX Handlers 1

authwp_ajax_quickpay_manual_transaction_actionspayment_methods\includes\QuickPayHelpers\AdminTransactions.php:20

WordPress Hooks 6

actionAHEE__Transactions_Admin_Page__apply_payments_or_refund__after_recordingEE_QuickPay.class.php:44

actioninitEE_QuickPay.class.php:46

filterplugin_action_linksEE_QuickPay.class.php:66

actionAHEE__EE_System__load_espresso_addonsevent-espresso-quickpay.php:41

actionadd_meta_boxespayment_methods\includes\QuickPayHelpers\AdminTransactions.php:18

actionadmin_enqueue_scriptspayment_methods\includes\QuickPayHelpers\AdminTransactions.php:19

Maintenance & Trust

Event Espresso – QuickPay (EE 4.x+) Maintenance & Trust

Maintenance Signals

WordPress version tested4.7.33

Last updatedJan 30, 2017

PHP min version

Downloads2K

Community Trust

Rating100/100

Number of ratings1

Active installs10

Alternatives

Event Espresso – QuickPay (EE 4.x+) Alternatives

Quickpay for WooCommerce

woocommerce-quickpay

100

Integrates your Quickpay payment gateway into your WooCommerce installation.

4K No CVEs

Event Espresso Smooth Integration

event-espresso-smooth-integration

Developed for Event Espresso 4. (Not tested with EE3)

30 No CVEs

Payment Gateway Based Fees and Discounts for WooCommerce

checkout-fees-for-woocommerce

100

Set fees and discounts for WooCommerce payment gateways.

30K 1 CVE

Paystack WooCommerce Payment Gateway

woo-paystack

100

Paystack for WooCommerce allows your WooCommerce store to accept secure payments from multiple local and global payment channels.

30K No CVEs

elegro Crypto Payment

elegro-payment

Increase your customers base by accepting cryptocurrencies.

20K No CVEs

Developer Profile

Event Espresso – QuickPay (EE 4.x+) Developer Profile

PerfectSolution

2 plugins · 4K total installs

trust score

Avg Security Score

93/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Event Espresso – QuickPay (EE 4.x+)

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/ee4-quickpay/assets/css/espresso_quickpay_admin.css/wp-content/plugins/ee4-quickpay/assets/scripts/espresso_quickpay_backend.js

Script Paths

/wp-content/plugins/ee4-quickpay/assets/scripts/espresso_quickpay_backend.js

Version Parameters

ee4-quickpay/assets/css/espresso_quickpay_admin.css?ver=ee4-quickpay/assets/scripts/espresso_quickpay_backend.js?ver=

HTML / DOM Fingerprints

JS Globals

ajax_object

FAQ