Does Limepay WooCommerce Gateway have any unpatched vulnerabilities?

No. All known vulnerabilities in Limepay WooCommerce Gateway have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Limepay WooCommerce Gateway compatible with WordPress 6.4.8?

According to WordPress.org data, Limepay WooCommerce Gateway 4.2.3 has been tested up to WordPress 6.4.8. Check the plugin's changelog for the latest compatibility information.

How often is Limepay WooCommerce Gateway updated?

Limepay WooCommerce Gateway was last updated on Dec 14, 2023. Frequent updates are generally a positive security signal.

What is Limepay WooCommerce Gateway's security score?

Limepay WooCommerce Gateway has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Limepay WooCommerce Gateway Security & Risk Analysis

wordpress.org/plugins/limepay-woocommerce-gateway

Woo-Commerce gateway extension to support Limepay payments

50 active installs v4.2.3 PHP + WP + Updated Dec 14, 2023

checkoutcredit-carddebit-cardsplit-payments

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Limepay WooCommerce Gateway Safe to Use in 2026?

Generally Safe

Score 85/100

Limepay WooCommerce Gateway has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2yr ago

Risk Assessment

The "limepay-woocommerce-gateway" v4.2.3 plugin exhibits a generally positive security posture based on the provided static analysis. The absence of known CVEs and the lack of critical or high severity findings in taint analysis are strong indicators of a well-maintained and secure codebase. The plugin also demonstrates good practices by exclusively using prepared statements for SQL queries and implementing nonce checks. However, a notable concern is the relatively low percentage of properly escaped output (61%), suggesting potential for Cross-Site Scripting (XSS) vulnerabilities if user-supplied data is not handled with sufficient care in the remaining unescaped output contexts. Additionally, the presence of file operations and external HTTP requests, while not inherently insecure, represent potential attack vectors that should be meticulously scrutinized in a deeper, dynamic analysis.

Key Concerns

Low output escaping percentage
File operations present
External HTTP requests present

Vulnerabilities

None known

Limepay WooCommerce Gateway Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Limepay WooCommerce Gateway Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

11 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

61% escaped18 total outputs

Attack Surface

Limepay WooCommerce Gateway Attack Surface

Entry Points3

Unprotected0

Shortcodes 3

[limepay_bnpl_toggle] includes\limepay-widgets.php:77

[limepay_product_bnpl_price] includes\limepay-widgets.php:119

[limepay_product_bnpl_toggle] includes\limepay-widgets.php:179

WordPress Hooks 18

actioninitincludes\apple-pay-domain-association.php:14

filterquery_varsincludes\apple-pay-domain-association.php:15

actionparse_requestincludes\apple-pay-domain-association.php:16

actionwp_enqueue_scriptsincludes\limepay-widgets.php:11

actionwp_enqueue_scriptsincludes\limepay-widgets.php:17

actionwc_ajax_wc_lp_payment_actionincludes\payment-action-controller.php:14

filterwoocommerce_checkout_show_termsincludes\traits\limepay-order-pay.php:21

filterwoocommerce_pay_order_button_htmlincludes\traits\limepay-order-pay.php:22

filterwoocommerce_available_payment_gatewaysincludes\traits\limepay-order-pay.php:23

filterwoocommerce_no_available_payment_methods_messageincludes\traits\limepay-order-pay.php:24

actionwoocommerce_pay_order_after_submitincludes\traits\limepay-order-pay.php:25

actionwp_enqueue_scriptsincludes\woocommerce-limepay.php:57

filterwoocommerce_available_payment_gatewaysincludes\woocommerce-limepay.php:60

filterwoocommerce_payment_successful_resultincludes\woocommerce-limepay.php:63

filterwoocommerce_get_checkout_payment_urlincludes\woocommerce-limepay.php:64

filterwoocommerce_currencyincludes\woocommerce-limepay.php:67

actionplugins_loadedwoocommerce-gateway-limepay.php:22

filterwoocommerce_payment_gatewayswoocommerce-gateway-limepay.php:47

Maintenance & Trust

Limepay WooCommerce Gateway Maintenance & Trust

Maintenance Signals

WordPress version tested6.4.8

Last updatedDec 14, 2023

PHP min version

Downloads3K

Community Trust

Rating0/100

Number of ratings0

Active installs50

Alternatives

Limepay WooCommerce Gateway Alternatives

April Payment Gateway for WooCommerce

april-payment-gateway-for-woocommerce

100

Woo-Commerce gateway extension to support April payments

0 No CVEs

Stax Payments

stax-payments

Take credit card payments on your Wordpress site using Stax Payments.

30 No CVEs

iyzico for WooCommerce

iyzico-woocommerce

100

iyzico latest payment processing solution. Accept credit/debit cards, alternative digital wallets and bank accounts.

10K No CVEs

Payment Gateway for PayPal on WooCommerce

woo-paypal-gateway

PayPal, Credit/Debit Cards, Google Pay, Apple Pay, Pay Later, Venmo, SEPA, iDEAL, Mercado Pago, Bancontact & more - by an official PayPal Partner

10K 1 CVE

Stripe Payment Forms by WP Full Pay – Accept Credit Card Payments, Donations & Subscriptions

wp-full-stripe-free

🚀 Create Stripe payment forms for WordPress. Accept credit cards, Apple Pay, donations, subscriptions & more. Easy setup, no coding needed!

10K 5 CVEs

Developer Profile

Limepay WooCommerce Gateway Developer Profile

Limepay

1 plugin · 50 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Limepay WooCommerce Gateway

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/limepay-woocommerce-gateway/public/css/limepay-installment-show.css/wp-content/plugins/limepay-woocommerce-gateway/public/js/limepay-installment-show.js

Script Paths

https://checkout-v3.limepay.com.au/v3/checkout-v3.0.0.min.js

HTML / DOM Fingerprints

CSS Classes

lp-switcher-toggle-containerlp-toggle-containerlp-one-timelp-split-paymentlp-switcherlimepay_installment_offerlimepay-installment-offer__shortcodelimepay-installment-price

HTML Comments

+9 more

Data Attributes

id="lpInstallmentSwitch"

JS Globals

LIMEPAY_VERSIONLIMEPAY_CHECKOUTJSLIMEPAY_GATEWAY_FILELIMEPAY_PLUGIN_PATHLIMEPAY_TOGGLE_DEFAULT_COLORLIMEPAY_BNPL_AMOUNT_DEFAULT_COLOR

Shortcode Output

<h6>One Time Payment</h6><div class="payment-amt"><span><h6>4 <strong>Interest Free</strong> Payments of</h6><div class="payment-amt"><span>

FAQ