Does IDPay For MyCred have any unpatched vulnerabilities?

No. All known vulnerabilities in IDPay For MyCred have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is IDPay For MyCred compatible with WordPress 6.1.10?

According to WordPress.org data, IDPay For MyCred 1.2.2 has been tested up to WordPress 6.1.10. Check the plugin's changelog for the latest compatibility information.

How often is IDPay For MyCred updated?

IDPay For MyCred was last updated on Nov 13, 2022. Frequent updates are generally a positive security signal.

What is IDPay For MyCred's security score?

IDPay For MyCred has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

IDPay For MyCred Security & Risk Analysis

wordpress.org/plugins/idpay-mycred

After installing and enabling this plugin, your customers can pay through IDPay gateway.

10 active installs v1.2.2 PHP + WP + Updated Nov 13, 2022

creditgatewayidpaymycredpoint

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is IDPay For MyCred Safe to Use in 2026?

Generally Safe

Score 85/100

IDPay For MyCred has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago

Risk Assessment

The idpay-mycred plugin, version 1.2.2, exhibits a mixed security posture. On the positive side, the plugin demonstrates good practices by exclusively using prepared statements for all SQL queries and appears to have no known past vulnerabilities. The absence of a significant attack surface, including no detected AJAX handlers, REST API routes, shortcodes, or cron events, is also a strength. However, significant concerns arise from the static analysis. A notable 49% of output escaping is not properly handled, which could lead to cross-site scripting (XSS) vulnerabilities if user-supplied data is ever rendered without sanitization. Furthermore, all seven analyzed taint flows originate from unsanitized paths, although they are not flagged as critical or high severity, this suggests a general lack of input validation and sanitization within the plugin's logic. The presence of external HTTP requests without clear authentication or authorization checks could also pose a risk if the plugin communicates with sensitive endpoints. In conclusion, while the plugin avoids common pitfalls like raw SQL and known CVEs, the substantial number of unsanitized taint flows and the significant percentage of unescaped output are notable weaknesses that require attention to improve its overall security.

Key Concerns

Unescaped output detected
Taint flows with unsanitized paths
External HTTP request without auth checks

Vulnerabilities

None known

IDPay For MyCred Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

IDPay For MyCred Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

20 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

49% escaped41 total outputs

Data Flows

7 unsanitized

Data Flow Analysis

7 flows7 with unsanitized paths

mycred_idpay_plugins_loaded (class-mycred-gateway-idpay.php:5)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

IDPay For MyCred Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 8

actionplugins_loadedclass-mycred-gateway-idpay.php:3

filtermycred_setup_gatewaysclass-mycred-gateway-idpay.php:7

filtermycred_buycred_refsclass-mycred-gateway-idpay.php:17

filtermycred_buycred_log_refsclass-mycred-gateway-idpay.php:25

filterwp_body_openclass-mycred-gateway-idpay.php:33

filtermycred_dropdown_currenciesclass-mycred-gateway-idpay.php:111

filtermycred_run_thisclass-mycred-gateway-idpay.php:294

actioninitidpay-mycred.php:25

Maintenance & Trust

IDPay For MyCred Maintenance & Trust

Maintenance Signals

WordPress version tested6.1.10

Last updatedNov 13, 2022

PHP min version

Downloads4K

Community Trust

Rating100/100

Number of ratings1

Active installs10

Alternatives

IDPay For MyCred Alternatives

GamiPress – myCRED Importer

gamipress-mycred-importer

100

Tool to migrate all stored data from myCRED to GamiPress

10 No CVEs

PayU GPO Payment for WooCommerce

woo-payu-payment-gateway

100

PayU fast online payments for WooCommerce. Banks, BLIK, credit or debit cards, Installments, Apple Pay, Google Pay.

10K No CVEs

Stripe Payment Forms by WP Full Pay – Accept Credit Card Payments, Donations & Subscriptions

wp-full-stripe-free

🚀 Create Stripe payment forms for WordPress. Accept credit cards, Apple Pay, donations, subscriptions & more. Easy setup, no coding needed!

10K 5 CVEs

Stripe Payment Forms by WP Simple Pay – Accept Credit Card Payments + Subscriptions with Stripe

stripe

100

🤩 Accept Stripe payments and recurring subscriptions on your WordPress using WP Simple Pay, the best Stripe payments plugin! 🚀

9K No CVEs

Asaas Gateway for WooCommerce

woo-asaas

100

Take transparent credit card and bank ticket payment checkouts on your store using Asaas.

9K No CVEs

Developer Profile

IDPay For MyCred Developer Profile

IDPay

7 plugins · 1K total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect IDPay For MyCred

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/idpay-mycred/assets/logo.svg

HTML / DOM Fingerprints

CSS Classes

mycred_idpay_messagemycred_idpay_message errormycred_idpay_message success

Data Attributes

name="mycred-gateway-idpay-currency"

FAQ