WP-Safety

Bitcoin Widgets Security & Risk Analysis

wordpress.org/plugins/itez-payment-gateway-for-woocommerce

Using WooCommerce you can accept payment for orders in BTC.

0 active installs v1.0.0 PHP 5.2.4+ WP 4.6+ Updated Dec 3, 2020
bitcoincryptocryptocurrencywidgetwoocommerce
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Bitcoin Widgets Safe to Use in 2026?

Generally Safe

Score 85/100

Bitcoin Widgets has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago
Risk Assessment

The static analysis of the "itez-payment-gateway-for-woocommerce" v1.0.0 plugin reveals a generally positive security posture, with no identified dangerous functions, external HTTP requests, or vulnerabilities in the provided data. The plugin also exhibits good practices by using prepared statements for all SQL queries. However, there are a couple of areas that warrant attention. The output escaping is only at 40%, meaning a significant portion of outputs are not properly sanitized, which could lead to cross-site scripting (XSS) vulnerabilities if user-supplied data is included in these unescaped outputs. Additionally, the complete lack of nonce checks, capability checks, and any identified entry points is unusual. While this might indicate a very simple plugin, it also means there are no built-in mechanisms to verify user permissions or prevent cross-site request forgery (CSRF) if any functionality were to be added or discovered later.

The vulnerability history shows no recorded CVEs, which is a strong positive indicator for the plugin's current stability and security. The absence of common vulnerability types further reinforces this. However, it's crucial to remember that a clean history doesn't guarantee future safety, especially when combined with the noted areas for improvement in the static analysis. The lack of taint analysis results also means that potential data flow vulnerabilities, even if not explicitly flagged by specific dangerous functions, haven't been thoroughly explored in this analysis.

In conclusion, the plugin demonstrates strengths in areas like SQL query handling and a lack of known exploits. The primary weaknesses lie in the incomplete output escaping and the absence of fundamental security checks like nonces and capability checks. While the current attack surface appears minimal, these oversight could become critical security flaws if the plugin evolves or if previously undiscovered entry points exist. A score of 85 reflects the current good state but acknowledges the potential risks associated with the identified weaknesses.

Key Concerns

  • Inadequate output escaping (40%)
  • No nonce checks implemented
  • No capability checks implemented
Vulnerabilities
None known

Bitcoin Widgets Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Bitcoin Widgets Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
3
2 escaped
Nonce Checks
0
Capability Checks
0
File Operations
1
External Requests
0
Bundled Libraries
0

Output Escaping

40% escaped5 total outputs
Attack Surface

Bitcoin Widgets Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 8
filterwoocommerce_payment_gatewaysitez-gateway-wc.php:14
filterpage_templateitez-gateway-wc.php:20
actionwoocommerce_inititez-gateway-wc.php:29
actionplugins_loadeditez-gateway-wc.php:42
actionwoocommerce_receipt_itezpayitez-gateway-wc.php:78
actionwp_enqueue_scriptsitez-gateway-wc.php:83
actionwoocommerce_api_itezpayitez-gateway-wc.php:86
filterwoocommerce_available_payment_gatewaysitez-gateway-wc.php:316
Maintenance & Trust

Bitcoin Widgets Maintenance & Trust

Maintenance Signals

WordPress version tested5.5.18
Last updatedDec 3, 2020
PHP min version5.2.4
Downloads3K

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Bitcoin Widgets Alternatives

NOWPayments for WooCommerce – Crypto Payment Gateway

NOWPayments for WooCommerce – Crypto Payment Gateway

nowpayments-for-woocommerce

A
100

Accept Bitcoin, Ethereum, and 300+ cryptocurrencies in WooCommerce using the official NOWPayments crypto payment gateway.

3K No CVEs
Cryptocurrency Widgets For Elementor

Cryptocurrency Widgets For Elementor

cryptocurrency-widgets-for-elementor

A
98

Easily display cryptocurrency prices and generate customizable widgets for 250+ coins, including Bitcoin, Ethereum, and more in Elementor.

2K 1 CVE
Crypto Converter ⚡ Widget

Crypto Converter ⚡ Widget

crypto-converter-widget

A
99

Effortless ❤️ crypto/fiat conversion: ⚡ live, secure, fast, customizable WP 📟 widget—no API keys needed, completely free!

1K 2 CVEs
Accept Bitcoin instantly via OpenNode

Accept Bitcoin instantly via OpenNode

opennode-for-woocommerce

A
100

Start accepting Bitcoin instantly through Lightning Network today. Powered by OpenNode

400 No CVEs
Cryptocurrency Payment Gateway for WordPress & WooCommerce by CryptoPay

Cryptocurrency Payment Gateway for WordPress & WooCommerce by CryptoPay

cryptopay-wc-lite

A
100

Cryptocurrency Payment Gateway for WordPress & WooCommerce by CryptoPay. Accept Crypto Payments, Accept Bitcoin Payments, Solana Pay, BTC, USDT, ETH

100 No CVEs
Developer Profile

Bitcoin Widgets Developer Profile

Kingsley Ochu

2 plugins · 7K total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Bitcoin Widgets

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/itez-payment-gateway-for-woocommerce/assets/js/itez.js
Script Paths
/wp-content/plugins/itez-payment-gateway-for-woocommerce/assets/js/itez.js

HTML / DOM Fingerprints

Data Attributes
name="customer_email"name="order_amount"id="wc-itez-cc-form"
JS Globals
window.itez_params
REST Endpoints
/wp-json/api/v1/itezpay/webhook
FAQ

Frequently Asked Questions about Bitcoin Widgets