Does elegro Crypto Payment have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is elegro Crypto Payment compatible with WordPress 4.9.29?

According to WordPress.org data, elegro Crypto Payment 1.0.0 has been tested up to WordPress 4.9.29. Check the plugin's changelog for the latest compatibility information.

Is elegro Crypto Payment compatible with PHP 5.6+?

elegro Crypto Payment requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is elegro Crypto Payment updated?

elegro Crypto Payment was last updated on Nov 22, 2019. Frequent updates are generally a positive security signal.

What is elegro Crypto Payment's security score?

elegro Crypto Payment has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

elegro Crypto Payment Security & Risk Analysis

wordpress.org/plugins/elegro-payment

Increase your customers base by accepting cryptocurrencies.

20K active installs v1.0.0 PHP 5.6+ WP 4.6+ Updated Nov 22, 2019

automatic-cryptocurrency-exchangebitcoinbitcoin-cashcrypto-paymentscryptocurrency-payment-gateway

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is elegro Crypto Payment Safe to Use in 2026?

Generally Safe

Score 85/100

elegro Crypto Payment has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago

Risk Assessment

The static analysis of elegro-payment v1.0.0 reveals a seemingly strong security posture with zero identified attack surface points, dangerous functions, SQL injection vulnerabilities, or taint flows. The absence of any recorded CVEs further contributes to this positive impression. However, there are significant areas of concern. The lack of nonce checks and capability checks, coupled with only 50% of output being properly escaped, presents potential risks. The presence of one file operation without further context is also a minor flag. The plugin's vulnerability history is clean, which is excellent, but this does not negate the potential risks highlighted by the code analysis, particularly the missing security checks and output sanitization.

Overall, while the plugin avoids common critical vulnerabilities like SQL injection and lacks a large attack surface, the identified weaknesses in nonce, capability checks, and output escaping are notable. The clean vulnerability history is a good sign, but it's crucial to address the identified code-level concerns to maintain a robust security profile. Further investigation into the file operation would be prudent.

Key Concerns

Missing nonce checks
Missing capability checks
50% of output not properly escaped
One file operation found

Vulnerabilities

None known

elegro Crypto Payment Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

elegro Crypto Payment Release Timeline

v1.0.1

v1.0

Code Analysis

Analyzed Mar 16, 2026

elegro Crypto Payment Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

1 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

50% escaped2 total outputs

Attack Surface

elegro Crypto Payment Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 3

actionplugins_loadedelegro-payment.php:32

actionwoocommerce_api_wc_elegro_paymentelegro-payment.php:68

filterwoocommerce_payment_gatewayselegro-payment.php:238

Maintenance & Trust

elegro Crypto Payment Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29

Last updatedNov 22, 2019

PHP min version5.6

Downloads440K

Community Trust

Rating100/100

Number of ratings12

Active installs20K

Alternatives

elegro Crypto Payment Alternatives

iswipe payment gateway

iswipe-payment-gateway

iSwipe is a cryptocurrency payment gateway with an instant and automatic conversion of a wide range of cryptocurrencies into Euro/USD.

0 No CVEs

Cryptocurrency Payment Gateway

cryptocurrency-payment-gateway

100

Digital Currency Payment Gateway for WooCommerce. Easily accept Bitcoin, Bitcoin Cash, Litecoin, Dogecoin, and more in your store.

500 No CVEs

IN4X Crypto Payment

in4x-crypto-payment

Increase your customers base by accepting cryptocurrencies.

0 No CVEs

OxaPay Crypto Payment Gateway: Accept Bitcoin Payments

oxapay

100

Secure crypto payment plugin for WordPress

300 No CVEs

BitPay Checkout for WooCommerce

bitpay-checkout-for-woocommerce

100

The most secure and fastest way to accept crypto payments.

200 1 CVE

Developer Profile

elegro Crypto Payment Developer Profile

nikotech

2 plugins · 20K total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect elegro Crypto Payment

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/elegro-payment/elegro-style.css/wp-content/plugins/elegro-payment/elegro-script.js/wp-content/plugins/elegro-payment/elegro-ga.js

Script Paths

https://widget.acceptance.elegro.eu/checkout/widget.js

HTML / DOM Fingerprints

CSS Classes

btnbtn-mdbtn-primarybtn-buy

Data Attributes

id="modal"id="btn-buy"

JS Globals

ElegroWidget

REST Endpoints

/wc-api/wc_elegro_payment/

Shortcode Output

<p>Thank you for your order, please click the button below to pay.</p>

FAQ