WP-Safety

Dominate Checkout Suite SaaS Security & Risk Analysis

wordpress.org/plugins/iwd-checkout-connector

Cloud-based checkout for WooCommerce with a fast, customizable single-page experience.

10 active installs v1.2.3 PHP 7.4+ WP 6.0+ Updated Mar 5, 2026
apple-paycredit-cardgoogle-paypaymentwoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Dominate Checkout Suite SaaS Safe to Use in 2026?

Generally Safe

Score 100/100

Dominate Checkout Suite SaaS has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 29d ago
Risk Assessment

The iwd-checkout-connector plugin v1.2.3 exhibits a generally good security posture, with a strong adherence to best practices in several key areas. The vast majority of SQL queries utilize prepared statements, and nearly all output is properly escaped, which are excellent defenses against common web vulnerabilities. The plugin also demonstrates a commendable lack of known CVEs and a clean vulnerability history, suggesting diligent security practices during its development and maintenance. The presence of a single unprotected REST API endpoint is the most significant concern arising from the static analysis.

Despite the strengths, the identified attack surface includes 21 REST API routes, with one lacking permission callbacks. This unprotected endpoint represents a potential entry point for unauthorized access or manipulation if it handles sensitive data or functionality. Furthermore, the presence of 20 instances of the `unserialize` function, while not inherently a vulnerability, warrants careful review. `unserialize` can be a significant risk if the data being deserialized comes from an untrusted source, as it can lead to object injection vulnerabilities. The low number of capability checks (3) also suggests that finer-grained access control might be limited, potentially increasing the impact of any successful exploitation of the unprotected endpoint.

In conclusion, while the plugin has a strong foundation with good practices in SQL and output handling, the unprotected REST API endpoint and the extensive use of `unserialize` are areas that require immediate attention. The absence of historical vulnerabilities is a positive indicator, but it does not negate the risks presented by the current static analysis findings. Addressing the unprotected endpoint and scrutinizing the use of `unserialize` will significantly enhance the plugin's overall security.

Key Concerns

  • Unprotected REST API endpoint
  • Dangerous function: unserialize (20 instances)
  • Low number of capability checks (3)
Vulnerabilities
None known

Dominate Checkout Suite SaaS Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Dominate Checkout Suite SaaS Code Analysis

Dangerous Functions
20
Raw SQL Queries
1
14 prepared
Unescaped Output
1
107 escaped
Nonce Checks
1
Capability Checks
3
File Operations
1
External Requests
5
Bundled Libraries
0

Dangerous Functions Found

unserialize$customer = unserialize( $session_data['customer'], array( 'allowed_classes' => false ) );includes\api\class-iwd-con-delivery-step.php:53
unserialize$customer = unserialize( $session_data['customer'], array( 'allowed_classes' => false ) );includes\api\class-iwd-con-paypal-checkout.php:55
unserialize$this->customer_data = unserialize( $session_data['customer'], array( 'allowed_classes' => false ) )includes\api\class-iwd-con-place-order.php:94
unserializeforeach (unserialize($session_data['cart'], array( 'allowed_classes' => false )) as $item) {includes\api\class-iwd-con-place-order.php:107
unserialize$order->apply_coupon(unserialize($session_data['applied_coupons'], array( 'allowed_classes' => falseincludes\api\class-iwd-con-place-order.php:145
unserialize$shipping_methods = unserialize($session_data['shipping_for_package_0'], array( 'allowed_classes' =>includes\api\class-iwd-con-place-order.php:148
unserializeif ($shipping_rate->get_id() == unserialize($session_data['chosen_shipping_methods'], array( 'alloweincludes\api\class-iwd-con-place-order.php:151
unserialize$cart_totals = unserialize($session_data['cart_totals'], array( 'allowed_classes' => false ));includes\model\cart\class-iwd-con-cart.php:19
unserialize'coupon_code' => !empty(unserialize($session_data['applied_coupons'], array( 'allowed_classes' => faincludes\model\cart\class-iwd-con-cart.php:31
unserialize'coupon_code' => !empty(unserialize($session_data['applied_coupons'], array( 'allowed_classes' => faincludes\model\cart\class-iwd-con-cart.php:31
unserialize'country' => unserialize($session_data['customer'], array( 'allowed_classes' => false ))['shippiincludes\model\cart\class-iwd-con-cart.php:32
unserialize$cartItem = unserialize($session_data['cart'], array( 'allowed_classes' => false ));includes\model\cart\class-iwd-con-cart.php:43
unserialize$cartItem = unserialize($session_data['cart'], array( 'allowed_classes' => false ));includes\model\cart\class-iwd-con-cart.php:107
unserialize$customer_data = unserialize( $session_data['customer'], array( 'allowed_classes' => false ) );includes\model\customer\class-iwd-con-customer.php:40
unserialize$this->send( unserialize($session_data['customer'], array( 'allowed_classes' => false ))['email'], $includes\model\emails\order-failed-email.php:71
unserialize$chosen_shipping = unserialize( $session_data['chosen_shipping_methods'], array( 'allowed_classes' includes\model\shipping\class-iwd-con-shipping.php:19
unserialize$shipping_methods = unserialize( $session_data['shipping_for_package_0'], array( 'allowed_classes' =includes\model\shipping\class-iwd-con-shipping.php:20
unserialize$shipping_methods = unserialize( $session_data['shipping_for_package_0'], array( 'allowed_classes' =includes\model\shipping\class-iwd-con-shipping.php:51
unserialize$cart_totals = unserialize($session_data['cart_totals'], array( 'allowed_classes' => false ));templates\emails\admin-fail-order.php:11
unserialize$customer_data = unserialize($session_data['customer'], array( 'allowed_classes' => false ));templates\emails\admin-fail-order.php:12

SQL Query Safety

93% prepared15 total queries

Output Escaping

99% escaped108 total outputs
Attack Surface
1 unprotected

Dominate Checkout Suite SaaS Attack Surface

Entry Points21
Unprotected1

REST API Routes 21

POST/wp-json/iwd-checkoutcheck-connectionadmin\check-connection\iwd-connector-check-connection.php:27
POST/wp-json/iwd-checkoutaddress-stepincludes\api\class-iwd-con-address-step.php:23
POST/wp-json/iwd-checkoutupdate-configincludes\api\class-iwd-con-config-update.php:23
POST/wp-json/iwd-checkoutdelivery-stepincludes\api\class-iwd-con-delivery-step.php:21
POST/wp-json/iwd-checkoutopcincludes\api\class-iwd-con-opc.php:23
POST/wp-json/iwd-checkoutorder-dataincludes\api\class-iwd-con-order-data.php:25
POST/wp-json/iwd-checkoutpayment-stepincludes\api\class-iwd-con-payment-step.php:23
POST/wp-json/iwd-checkoutpaypal-checkoutincludes\api\class-iwd-con-paypal-checkout.php:23
POST/wp-json/iwd-checkoutorder-createincludes\api\class-iwd-con-place-order.php:46
POST/wp-json/iwd-checkoutoffline-order-createincludes\api\class-iwd-con-place-order.php:61
POST/wp-json/iwd-checkoutorder-updateincludes\api\class-iwd-order-update.php:23
POST/wp-json/iwd-checkoutsuccess-pageincludes\api\class-iwd-order-update.php:38
POST/wp-json/iwd-checkoutorder-status-stepincludes\api\offline-payments\class-order-status-api.php:21
POST/wp-json/iwd-checkoutshipping-methods-stepincludes\api\offline-payments\class-shipping-methods-api.php:21
POST/wp-json/iwd-order-actioncaptureincludes\api\order\class-iwd-order-payments-action.php:26
POST/wp-json/iwd-order-actionvoidincludes\api\order\class-iwd-order-payments-action.php:41
GET/wp-json/iwd-checkoutproduct-searchincludes\api\subscription\class-iwd-con-search.php:24
POST/wp-json/iwd-checkoutsubscription-notifyincludes\api\subscription\class-iwd-con-subscription.php:24
POST/wp-json/iwd-checkoutsubscription-notify-orderincludes\api\subscription\class-iwd-con-subscription.php:39
POST/wp-json/iwd-checkoutapply-couponincludes\checkout\class-iwd-con-apply-coupon.php:21
POST/wp-json/iwd-checkoutajax-loginincludes\checkout\class-iwd-con-authenticate.php:26
WordPress Hooks 66
filterwoocommerce_email_order_meta_fieldsadmin\additional_fields.php:6
filterwoocommerce_order_details_after_order_table_itemsadmin\additional_fields.php:7
filterwoocommerce_order_details_after_customer_detailsadmin\additional_fields.php:8
actionadd_meta_boxesadmin\additional_fields.php:110
actionwoocommerce_admin_order_data_after_billing_addressadmin\additional_fields.php:117
actionwoocommerce_admin_order_data_after_shipping_addressadmin\additional_fields.php:118
actionwoocommerce_admin_order_items_after_shippingadmin\additional_fields.php:119
actionwoocommerce_admin_order_totals_after_taxadmin\additional_fields.php:120
actionwoocommerce_admin_order_totals_after_totaladmin\additional_fields.php:121
actionwoocommerce_admin_order_data_after_order_detailsadmin\additional_fields.php:122
actionrest_api_initadmin\check-connection\iwd-connector-check-connection.php:24
actionadmin_menuadmin\class-iwd-connector-backend.php:36
actionadmin_initadmin\class-iwd-connector-backend.php:37
actionadmin_enqueue_scriptsadmin\class-iwd-connector-backend.php:38
actionadd_meta_boxesadmin\class-iwd-connector-backend.php:39
actionwoocommerce_admin_order_data_after_billing_addressadmin\class-iwd-connector-backend.php:184
actionwoocommerce_order_item_add_action_buttonsadmin\class-iwd-connector-backend.php:185
actionwoocommerce_order_item_add_action_buttonsadmin\class-iwd-connector-backend.php:189
actionrest_api_initincludes\api\class-iwd-con-address-step.php:20
actionrest_api_initincludes\api\class-iwd-con-config-update.php:20
actionrest_api_initincludes\api\class-iwd-con-delivery-step.php:18
actionrest_api_initincludes\api\class-iwd-con-opc.php:20
actionrest_api_initincludes\api\class-iwd-con-order-data.php:22
actionrest_api_initincludes\api\class-iwd-con-payment-step.php:20
actionrest_api_initincludes\api\class-iwd-con-paypal-checkout.php:20
filterwoocommerce_order_numberincludes\api\class-iwd-con-place-order.php:10
actionrest_api_initincludes\api\class-iwd-con-place-order.php:43
actionrest_api_initincludes\api\class-iwd-con-place-order.php:58
actionrest_api_initincludes\api\class-iwd-order-update.php:20
actionrest_api_initincludes\api\class-iwd-order-update.php:35
actionrest_api_initincludes\api\offline-payments\class-order-status-api.php:18
actionrest_api_initincludes\api\offline-payments\class-shipping-methods-api.php:18
actionwoocommerce_order_status_changedincludes\api\order\class-iwd-change-order-status.php:23
actionrest_api_initincludes\api\order\class-iwd-order-payments-action.php:23
actionrest_api_initincludes\api\order\class-iwd-order-payments-action.php:38
actionrest_api_initincludes\api\subscription\class-iwd-con-search.php:21
filterwoocommerce_product_data_store_cpt_get_products_queryincludes\api\subscription\class-iwd-con-search.php:45
actionrest_api_initincludes\api\subscription\class-iwd-con-subscription.php:21
actionrest_api_initincludes\api\subscription\class-iwd-con-subscription.php:36
actionrest_api_initincludes\checkout\class-iwd-con-apply-coupon.php:18
actionrest_api_initincludes\checkout\class-iwd-con-authenticate.php:23
actionwp_enqueue_scriptsincludes\checkout\class-iwd-con-buttons.php:22
actionwoocommerce_proceed_to_checkoutincludes\checkout\class-iwd-con-buttons.php:23
actionwoocommerce_proceed_to_checkoutincludes\checkout\class-iwd-con-buttons.php:24
actionwoocommerce_after_mini_cartincludes\checkout\class-iwd-con-buttons.php:25
actionwoocommerce_widget_shopping_cart_before_buttonsincludes\checkout\class-iwd-con-buttons.php:26
actionwoocommerce_after_add_to_cart_buttonincludes\checkout\class-iwd-con-buttons.php:27
filterwoocommerce_payment_gatewaysincludes\checkout\class-iwd-payment-gateway.php:18
actionwoocommerce_email_after_order_tableincludes\checkout\class-iwd-payment-gateway.php:62
filterwoocommerce_payment_gatewaysincludes\checkout\class-iwd-zero-payment-gateway.php:19
filterwoocommerce_payment_gatewaysincludes\checkout\offline-payments\class-iwd-con-banktransfer-gateway.php:19
filterwoocommerce_payment_gatewaysincludes\checkout\offline-payments\class-iwd-con-cashondelivery-gateway.php:19
filterwoocommerce_payment_gatewaysincludes\checkout\offline-payments\class-iwd-con-checkmoney-gateway.php:19
filterwoocommerce_payment_gatewaysincludes\checkout\offline-payments\class-iwd-con-custompay-gateway.php:19
filterwoocommerce_payment_gatewaysincludes\checkout\offline-payments\class-iwd-con-multiple-offline-gateway.php:19
filterwoocommerce_payment_gatewaysincludes\checkout\offline-payments\class-iwd-con-purchaseorder-gateway.php:19
actioninitincludes\class-iwd-connector.php:257
filterwoocommerce_email_classesincludes\model\emails\order-failed-email.php:17
actionplugins_loadediwd-checkout-connector.php:21
actionadmin_noticesiwd-checkout-connector.php:30
actioninitiwd-checkout-connector.php:77
filterwc_order_statusesiwd-checkout-connector.php:97
actionwp_enqueue_scriptspublic\class-iwd-connector-frontend.php:18
filterwoocommerce_locate_templatepublic\class-iwd-connector-frontend.php:19
filterwoocommerce_thankyou_order_received_textpublic\class-iwd-connector-frontend.php:20
filterwoocommerce_email_recipient_customer_processing_orderpublic\class-iwd-connector-frontend.php:21
Maintenance & Trust

Dominate Checkout Suite SaaS Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 5, 2026
PHP min version7.4
Downloads4K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

Dominate Checkout Suite SaaS Alternatives

WooPayments: Integrated WooCommerce Payments

WooPayments: Integrated WooCommerce Payments

woocommerce-payments

A
97

Securely accept credit and debit cards on your WooCommerce store. Manage payments without leaving your WordPress dashboard. Only with WooPayments.

900K 6 CVEs
Sola Payment Gateway for WooCommerce

Sola Payment Gateway for WooCommerce

woo-cardknox-gateway

A
100

Accept payments with the Sola gateway.

700 No CVEs
AllPays.co – Payment Gateway for WooCommerce

AllPays.co – Payment Gateway for WooCommerce

allpaysco-payment-gateway-for-woocommerce

A
100

Accept credit/debit cards, Apple Pay, Google Pay, Venmo and more with no registration. Fast and secure payments through traditional payment methods.

0 No CVEs
Payment Gateway of Stripe for WooCommerce

Payment Gateway of Stripe for WooCommerce

payment-gateway-stripe-and-woocommerce-integration

A
96

Integrate Stripe Payment Gateway in WooCommerce and accept cards, Google Pay, Apple Pay, Klarna, Alipay, and more with seamless, secure checkout.

9K 4 CVEs
Clover Payments for WooCommerce

Clover Payments for WooCommerce

clover-payments-for-woocommerce

A
100

The Clover Payments plugin enables merchants that use WooCommerce to process online card payments using Clover.

3K No CVEs
Developer Profile

Dominate Checkout Suite SaaS Developer Profile

Dominate

1 plugin · 10 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Dominate Checkout Suite SaaS

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/iwd-checkout-connector/admin/assets/css/backend.css/wp-content/plugins/iwd-checkout-connector/admin/assets/js/backend.js/wp-content/plugins/iwd-checkout-connector/public/css/frontend.css/wp-content/plugins/iwd-checkout-connector/public/js/frontend.js
Script Paths
/wp-content/plugins/iwd-checkout-connector/admin/assets/js/backend.js/wp-content/plugins/iwd-checkout-connector/public/js/frontend.js
Version Parameters
iwd-checkout-connector/admin/assets/css/backend.css?ver=iwd-checkout-connector/admin/assets/js/backend.js?ver=iwd-checkout-connector/public/css/frontend.css?ver=iwd-checkout-connector/public/js/frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
iwd-connector-settings-wrapperiwd-wc-admin-pageiwd-wc-notice
HTML Comments
<!-- Dominate Checkout Suite SaaS -->
Data Attributes
data-iwd-connector-enableddata-iwd-connector-integration-keydata-iwd-connector-secret-key
JS Globals
IWD_CONNECTOR_ADMINIWD_CONNECTOR_FRONTEND
FAQ

Frequently Asked Questions about Dominate Checkout Suite SaaS