Does CIELO API PIX, credit card, debit payment for WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in CIELO API PIX, credit card, debit payment for WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is CIELO API PIX, credit card, debit payment for WooCommerce compatible with WordPress 6.9.4?

According to WordPress.org data, CIELO API PIX, credit card, debit payment for WooCommerce 1.29.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is CIELO API PIX, credit card, debit payment for WooCommerce compatible with PHP 7.2+?

CIELO API PIX, credit card, debit payment for WooCommerce requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

CIELO API PIX, credit card, debit payment for WooCommerce Security & Risk Analysis

wordpress.org/plugins/lkn-wc-gateway-cielo

Payment Gateway for Cielo API for WooCommerce - PIX, Google Pay, Credit Card and Debit Cards.

800 active installs v1.29.0 PHP 7.2+ WP 5.7+ Updated Mar 10, 2026

cielocreditcardpagamentopixwoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is CIELO API PIX, credit card, debit payment for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

CIELO API PIX, credit card, debit payment for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 24d ago

Risk Assessment

The plugin 'lkn-wc-gateway-cielo' v1.29.0 presents a mixed security posture. On the positive side, the static analysis indicates excellent practices regarding SQL queries and output escaping, with 100% of SQL using prepared statements and 98% of outputs properly escaped. The absence of any historical CVEs or recorded vulnerability types is also a strong positive indicator of prior security diligence. However, a significant concern arises from the substantial attack surface, where all 10 identified entry points (6 AJAX handlers and 4 REST API routes) lack authentication or permission checks. This leaves the plugin highly vulnerable to unauthorized access and potential exploitation of its functionalities. While taint analysis shows no critical or high severity unsanitized flows, the lack of authorization on numerous entry points could allow attackers to trigger unintended actions or access sensitive data through these exposed endpoints.

Key Concerns

AJAX handlers without auth checks
REST API routes without permission callbacks

Vulnerabilities

None known

CIELO API PIX, credit card, debit payment for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

CIELO API PIX, credit card, debit payment for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

8 prepared

Unescaped Output

397 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared8 total queries

Output Escaping

98% escaped404 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

ajax_get_recent_cielo_orders (includes\LknWCCieloPayment.php:983)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

10 unprotected

CIELO API PIX, credit card, debit payment for WooCommerce Attack Surface

Entry Points10

Unprotected10

AJAX Handlers 6

authwp_ajax_lkn_update_payment_feesincludes\LknWCCieloPayment.php:206

noprivwp_ajax_lkn_update_payment_feesincludes\LknWCCieloPayment.php:207

authwp_ajax_lkn_update_card_typeincludes\LknWCCieloPayment.php:209

noprivwp_ajax_lkn_update_card_typeincludes\LknWCCieloPayment.php:210

authwp_ajax_lkn_get_recent_cielo_ordersincludes\LknWCCieloPayment.php:212

noprivwp_ajax_lkn_get_recent_cielo_ordersincludes\LknWCCieloPayment.php:213

REST API Routes 4

GET/wp-json/lknWCGatewayCielo/checkCardincludes\LknWCGatewayCieloEndpoint.php:14

DELETE/wp-json/lknWCGatewayCielo/clearOrderLogsincludes\LknWCGatewayCieloEndpoint.php:20

GET/wp-json/lknWCGatewayCielo/getAcessTokenincludes\LknWCGatewayCieloEndpoint.php:26

GET/wp-json/lknWCGatewayCielo/getCardBrandincludes\LknWCGatewayCieloEndpoint.php:32

WordPress Hooks 28

actionwoocommerce_initincludes\LknWCCieloPayment.php:107

actionadmin_noticesincludes\LknWCCieloPayment.php:129

actionadmin_noticesincludes\LknWCCieloPayment.php:172

actionlkn_schedule_check_free_pix_payment_hookincludes\LknWCCieloPayment.php:175

actionlkn_remove_custom_cron_job_hookincludes\LknWCCieloPayment.php:176

actionadmin_enqueue_scriptsincludes\LknWCCieloPayment.php:179

filterwoocommerce_analytics_report_menu_itemsincludes\LknWCCieloPayment.php:180

actionadmin_enqueue_scriptsincludes\LknWCCieloPayment.php:183

filterwoocommerce_payment_gatewaysincludes\LknWCCieloPayment.php:195

actionrest_api_initincludes\LknWCCieloPayment.php:196

actionadd_meta_boxesincludes\LknWCCieloPayment.php:197

actionwoocommerce_order_details_after_order_tableincludes\LknWCCieloPayment.php:198

filterwoocommerce_get_order_item_totalsincludes\LknWCCieloPayment.php:199

actionbefore_woocommerce_initincludes\LknWCCieloPayment.php:201

actionwoocommerce_blocks_payment_method_type_registrationincludes\LknWCCieloPayment.php:202

filterwoocommerce_cart_calculate_feesincludes\LknWCCieloPayment.php:204

actionwoocommerce_review_order_after_order_totalincludes\LknWCCieloPayment.php:215

filterwoocommerce_new_order_note_dataincludes\LknWcCieloPix.php:61

actionadmin_enqueue_scriptsincludes\LknWcCieloPix.php:73

actionadmin_noticesincludes\LknWcCieloPix.php:695

actionadmin_noticesincludes\LknWcCieloPix.php:709

actionadmin_noticesincludes\LknWcCieloPix.php:723

actionadmin_noticesincludes\LknWcCieloPix.php:738

filterwoocommerce_new_order_note_dataincludes\LknWCGatewayCieloCredit.php:93

actionadmin_enqueue_scriptsincludes\LknWCGatewayCieloCredit.php:100

filterwoocommerce_new_order_note_dataincludes\LknWCGatewayCieloDebit.php:102

actionadmin_enqueue_scriptsincludes\LknWCGatewayCieloDebit.php:107

actionadmin_enqueue_scriptsincludes\LknWCGatewayCieloGooglePay.php:70

Scheduled Events 2

lkn_schedule_check_free_pix_payment_hook

lkn_remove_custom_cron_job_hook

Maintenance & Trust

CIELO API PIX, credit card, debit payment for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 10, 2026

PHP min version7.2

Downloads20K

Community Trust

Rating84/100

Number of ratings5

Active installs800

Alternatives

CIELO API PIX, credit card, debit payment for WooCommerce Alternatives

Pix Automático com Pagarme para WooCommerce

wc-pagarme-pix-payment

Pagamentos Pix com compensação automática, status do pedido é alterado automaticamente.

600 No CVEs

Pix for WooCommerce

payment-gateway-pix-for-woocommerce

Easily accept Pix payments in your WooCommerce store via Pix Key, PagHiper, or C6 Bank. The complete Pix solution for Brazil.

100 1 CVE

Pagou – Payments for WooCommerce

pagou-payments-for-woocommerce

Pagamentos via PIX e boletos bancários no WooCommerce.

30 No CVEs

PEI Digital – PIX Sandbox Gateway

pei-digital-sandbox-for-pix

100

Gateway PIX em sandbox para WooCommerce: simule pagamentos, QR Code e status.

10 No CVEs

Global Pays – Payments for WooCommerce

global-pays-payments-for-woocommerce

100

PIX, Boleto and credit card payments in WooCommerce.

0 No CVEs

Developer Profile

CIELO API PIX, credit card, debit payment for WooCommerce Developer Profile

linknacional

18 plugins · 5K total installs

trust score

Avg Security Score

98/100

Avg Patch Time

6 days

View full developer profile

Detection Fingerprints

How We Detect CIELO API PIX, credit card, debit payment for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/lkn-wc-gateway-cielo/resources/css/frontend/lkn-cc-style.css/wp-content/plugins/lkn-wc-gateway-cielo/resources/css/frontend/lkn-mask.css/wp-content/plugins/lkn-wc-gateway-cielo/resources/js/frontend/formatter.js/wp-content/plugins/lkn-wc-gateway-cielo/resources/js/frontend/define-mask.js/wp-content/plugins/lkn-wc-gateway-cielo/resources/js/frontend/lkn-cc-installment.js/wp-content/plugins/lkn-wc-gateway-cielo/resources/js/creditCard/lknCieloCreditCompiled.js/wp-content/plugins/lkn-wc-gateway-cielo/resources/js/creditCard/lkn-wc-gateway-checkout-layout.js/wp-content/plugins/lkn-wc-gateway-cielo/resources/css/frontend/lkn-wc-gateway-credit-card-checkout.css

Script Paths

/wp-content/plugins/lkn-wc-gateway-cielo/resources/js/frontend/formatter.js/wp-content/plugins/lkn-wc-gateway-cielo/resources/js/frontend/define-mask.js/wp-content/plugins/lkn-wc-gateway-cielo/resources/js/frontend/lkn-cc-installment.js/wp-content/plugins/lkn-wc-gateway-cielo/resources/js/creditCard/lknCieloCreditCompiled.js/wp-content/plugins/lkn-wc-gateway-cielo/resources/js/creditCard/lkn-wc-gateway-checkout-layout.js

Version Parameters

lkn-wc-gateway-cielo/resources/css/frontend/lkn-cc-style.css?ver=lkn-wc-gateway-cielo/resources/css/frontend/lkn-mask.css?ver=lkn-wc-gateway-cielo/resources/js/frontend/formatter.js?ver=lkn-wc-gateway-cielo/resources/js/frontend/define-mask.js?ver=lkn-wc-gateway-cielo/resources/js/frontend/lkn-cc-installment.js?ver=lkn-wc-gateway-cielo/resources/js/creditCard/lknCieloCreditCompiled.js?ver=lkn-wc-gateway-cielo/resources/js/creditCard/lkn-wc-gateway-checkout-layout.js?ver=lkn-wc-gateway-cielo/resources/css/frontend/lkn-wc-gateway-credit-card-checkout.css?ver=

HTML / DOM Fingerprints

CSS Classes

lkn-wc-gateway-cielo-credit-card-checkoutlkn-cielo-credit-blocks-integrationlkn-wc-gateway-checkout-layout

Data Attributes

data-lkn-wc-gateway-cielo

JS Globals

lknWCCieloCreditlknWCCieloCreditConfiglknWCCieloCreditAjaxlknCieloCreditConfiglknCieloCreditCardIconslknCieloInputIcons

REST Endpoints

/wp-json/lkn-wc-gateway-cielo

FAQ