Does Freecharge PG for WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in Freecharge PG for WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Freecharge PG for WooCommerce compatible with WordPress 6.6.5?

According to WordPress.org data, Freecharge PG for WooCommerce 1.0.0 has been tested up to WordPress 6.6.5. Check the plugin's changelog for the latest compatibility information.

Is Freecharge PG for WooCommerce compatible with PHP 7.0+?

Freecharge PG for WooCommerce requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Freecharge PG for WooCommerce updated?

Freecharge PG for WooCommerce was last updated on Aug 22, 2024. Frequent updates are generally a positive security signal.

What is Freecharge PG for WooCommerce's security score?

Freecharge PG for WooCommerce has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Freecharge PG for WooCommerce Security & Risk Analysis

wordpress.org/plugins/freecharge-pay-woo

Integrate Freecharge Payment Gateway into your WooCommerce store for secure and seamless transactions via Credit/Debit cards or Internet Banking.

0 active installs v1.0.0 PHP 7.0+ WP 4.7+ Updated Aug 22, 2024

ecommercefreechargefreecharge-payment-gatewaypaywithfreechargewoocommerce-payments

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Freecharge PG for WooCommerce Safe to Use in 2026?

Generally Safe

Score 92/100

Freecharge PG for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The 'freecharge-pay-woo' plugin v1.0.0 presents a significant security risk due to its unprotected entry points. All three identified REST API routes lack permission callbacks, meaning any authenticated user could potentially access and manipulate these endpoints. This wide-open attack surface is concerning, especially given the presence of two high-severity taint flows with unsanitized paths, indicating a real possibility of code injection or unauthorized data access. The plugin also shows a complete absence of nonce checks and capability checks across its entire attack surface. While the plugin uses prepared statements for all SQL queries and a high percentage of output is properly escaped, these positive aspects are overshadowed by the critical lack of access control on its entry points and the identified taint issues. The absence of any recorded vulnerability history could suggest a lack of prior scrutiny or simply a recent introduction, but it does not negate the immediate risks identified in the static analysis.

Key Concerns

REST API routes without permission callbacks
High severity taint flows with unsanitized paths
No nonce checks implemented
No capability checks implemented

Vulnerabilities

None known

Freecharge PG for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Freecharge PG for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

8 prepared

Unescaped Output

101 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared8 total queries

Output Escaping

96% escaped105 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

fcpgz_woocommerce_freecharge_init (index.php:37)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

3 unprotected

Freecharge PG for WooCommerce Attack Surface

Entry Points3

Unprotected3

REST API Routes 3

POST/wp-json/wp-freecharge/v1order/statusindex.php:145

POST/wp-json/wp-freecharge/v1payment/updateindex.php:159

POST/wp-json/wp-freecharge/v1refund/updateindex.php:168

WordPress Hooks 15

actionadmin_menuindex.php:33

actionplugins_loadedindex.php:34

filterplugin_row_metaindex.php:74

filterwoocommerce_is_rest_api_requestindex.php:142

actionrest_api_initindex.php:181

actionwoocommerce_receipt_freechargeindex.php:219

actionwoocommerce_update_options_payment_gatewaysindex.php:224

actioninitindex.php:239

filtermanage_edit-shop_order_columnsindex.php:1014

filtermanage_woocommerce_page_wc-orders_columnsindex.php:1016

actionmanage_shop_order_posts_custom_columnindex.php:1027

actionmanage_woocommerce_page_wc-orders_custom_columnindex.php:1029

actioninitindex.php:1083

filterwc_order_statusesindex.php:1122

filterwoocommerce_payment_gatewaysindex.php:1142

Maintenance & Trust

Freecharge PG for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5

Last updatedAug 22, 2024

PHP min version7.0

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Freecharge PG for WooCommerce Alternatives

kevin. Payment Gateway for WooCommerce

e-commerce-payment-gateway-kevin

100

kevin. Payment Gateway plugin for WooCommerce. Let your customers make fast, simple and secure payments directly from their bank accounts across Europ …

30 No CVEs

Gateway for Freecharge on WooCommerce

arlen-woo-freecharge

FreeCharge woocommerce payments gateway which enables merchants to accept payments from their customers who use FreeCharge account for online/offline …

10 No CVEs

Freecharge for Woocommerce

woo-freecharge

100

FreeCharge is a gateway plugin that extends WooCommerce, allowing you to take payments via Freecharge.

10 No CVEs

WooCommerce

woocommerce

Everything you need to launch an online store in days and keep it growing for years. From your first sale to millions in revenue, Woo is with you.

7.0M 43 CVEs

Popup Builder & Popup Maker for WordPress – OptinMonster Email Marketing and Lead Generation

optinmonster

🤩 Make popups & optin forms to get more email newsletter subscribers, leads, and sales - #1 most popular popup builder plugin! 🚀

1.0M 6 CVEs

Developer Profile

Freecharge PG for WooCommerce Developer Profile

freechargepayments

1 plugin · 0 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Freecharge PG for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/freecharge-pay-woo/signature.php

HTML / DOM Fingerprints

HTML Comments

Data Attributes

data-plugin-name="Freecharge"data-plugin-version="1.0.0"data-plugin-author="Freecharge"

REST Endpoints

/wp-json/wp-freecharge/v1/order/status/wp-json/wp-freecharge/v1/payment/update/wp-json/wp-freecharge/v1/refund/update

FAQ