Does MakeCommerce for WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in MakeCommerce for WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is MakeCommerce for WooCommerce compatible with WordPress 6.9.4?

According to WordPress.org data, MakeCommerce for WooCommerce 4.0.6 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is MakeCommerce for WooCommerce compatible with PHP 8.1+?

MakeCommerce for WooCommerce requires PHP 8.1 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is MakeCommerce for WooCommerce updated?

MakeCommerce for WooCommerce was last updated on Jan 27, 2026. Frequent updates are generally a positive security signal.

What is MakeCommerce for WooCommerce's security score?

MakeCommerce for WooCommerce has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

MakeCommerce for WooCommerce Security & Risk Analysis

wordpress.org/plugins/makecommerce

Payment Gateway for Estonian, Latvian, Lithuanian and Finnish banks and Visa/MasterCard payments with single contract (by Maksekeskus). And more...

3K active installs v4.0.6 PHP 8.1+ WP 6.8.1+ Updated Jan 27, 2026

banklinkcreditcardpaymentshippingwoocommerce

A · Safe

CVEs total1

Unpatched0

Last CVEJul 4, 2024

Plugin page Download

Safety Verdict

Is MakeCommerce for WooCommerce Safe to Use in 2026?

Generally Safe

Score 99/100

MakeCommerce for WooCommerce has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Jul 4, 2024Updated 2mo ago

Risk Assessment

The 'makecommerce' v4.0.6 plugin exhibits a concerning security posture primarily due to a significant number of unprotected entry points. All 13 identified AJAX handlers lack authentication checks, creating a broad attack surface where any unauthenticated user could potentially interact with these functions. Furthermore, the presence of unsanitized paths in all analyzed taint flows, coupled with two high-severity taint flow findings, indicates a strong possibility of remote code execution or privilege escalation vulnerabilities. The plugin also uses the `unserialize` function, which is a known risk if used with untrusted input.

While the plugin shows some positive signs, such as a moderate use of prepared statements for SQL queries and a decent percentage of properly escaped output, these strengths are overshadowed by the critical weaknesses. The vulnerability history, including a recent medium-severity Cross-site Scripting (XSS) vulnerability, reinforces the concerns about input validation and output sanitization. Although there are no currently unpatched CVEs, the pattern of past vulnerabilities and the static analysis findings suggest a need for significant improvements in secure coding practices. The lack of nonce checks on any AJAX handlers is a glaring omission that exacerbates the risk posed by the unprotected entry points.

In conclusion, 'makecommerce' v4.0.6 presents a high security risk. The large number of unprotected AJAX handlers, combined with high-severity taint flows and the presence of dangerous functions like `unserialize`, creates ample opportunities for attackers. While some basic security measures are in place, they are insufficient to mitigate the inherent risks. It is strongly recommended that the plugin undergo a thorough security audit and remediation of identified issues before further use.

Key Concerns

All AJAX handlers lack auth checks
High severity taint flows
Unsanitized paths in taint flows
Dangerous function: unserialize
No nonce checks on AJAX handlers
Bundled outdated jQuery v3.4.0
Recent XSS vulnerability
Insufficient capability checks

Vulnerabilities

MakeCommerce for WooCommerce Security Vulnerabilities

CVEs by Year

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2024-37509medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

MakeCommerce for WooCommerce <= 3.5.1 - Reflected Cross-Site Scripting

Jul 4, 2024 Patched in 3.5.2 (7d)

Code Analysis

Analyzed Mar 16, 2026

MakeCommerce for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

11 prepared

Unescaped Output

137

143 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$this->__unserialize(unserialize($data));makecommerce\vendor-prefixed\twig\twig\src\Profiler\Profile.php:176

Bundled Libraries

jQuery3.4.0Guzzle

SQL Query Safety

37% prepared30 total queries

Output Escaping

51% escaped280 total outputs

Data Flows

13 unsanitized

Data Flow Analysis

13 flows13 with unsanitized paths

render_shipping_configuration_iframe (makecommerce\admin\dashboard.php:191)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

13 unprotected

MakeCommerce for WooCommerce Attack Surface

Entry Points13

Unprotected13

AJAX Handlers 13

authwp_ajax_update_map_centerincludes\makecommerce.php:224

noprivwp_ajax_update_map_centerincludes\makecommerce.php:225

authwp_ajax_get_carrier_machinesmakecommerce\shipping\shipping.php:150

noprivwp_ajax_get_carrier_machinesmakecommerce\shipping\shipping.php:151

authwp_ajax_mc_blocks_save_shipping_datapayment\gateway\woocommerce\blocks\woocommerceblocks.php:29

noprivwp_ajax_mc_blocks_save_shipping_datapayment\gateway\woocommerce\blocks\woocommerceblocks.php:30

authwp_ajax_get_parcel_machine_htmlpayment\gateway\woocommerce\blocks\woocommerceblocks.php:32

noprivwp_ajax_get_parcel_machine_htmlpayment\gateway\woocommerce\blocks\woocommerceblocks.php:33

authwp_ajax_get_smartpost_courier_htmlpayment\gateway\woocommerce\blocks\woocommerceblocks.php:35

noprivwp_ajax_get_smartpost_courier_htmlpayment\gateway\woocommerce\blocks\woocommerceblocks.php:36

authwp_ajax_mc_banklinks_reloadpayment\gateway\woocommerce\woocommerce.php:335

authwp_ajax_print_pmlshipping\label.php:50

authwp_ajax_verify_feature_swcshipping\shipping.php:115

WordPress Hooks 147

actionbefore_woocommerce_initconfig.php:28

actionadmin_noticesconfig.php:44

actionadmin_noticesconfig.php:111

filterauto_update_pluginconfig.php:148

actioninitincludes\makecommerce.php:113

filterquery_varsincludes\makecommerce.php:128

actionmc_banklinks_update_cronincludes\makecommerce.php:131

actionparse_requestincludes\makecommerce.php:133

actionadmin_noticesincludes\makecommerce.php:148

actionadmin_noticesincludes\makecommerce.php:152

actionadmin_noticesincludes\makecommerce.php:156

actionupdate_option_mk_api_typeincludes\makecommerce.php:159

actionwoocommerce_get_sections_advancedincludes\makecommerce.php:162

actionwoocommerce_get_sections_apiincludes\makecommerce.php:163

filterwoocommerce_get_settings_advancedincludes\makecommerce.php:166

filterwoocommerce_get_settings_apiincludes\makecommerce.php:167

filtermanage_edit-shop_order_columnsincludes\makecommerce.php:170

filtermanage_edit-shop_order_sortable_columnsincludes\makecommerce.php:171

actionmanage_shop_order_posts_custom_columnincludes\makecommerce.php:172

actionwp_loginincludes\makecommerce.php:175

actionwoocommerce_settings_savedincludes\makecommerce.php:176

filterplugin_action_links_makecommerce/makecommerce.phpincludes\makecommerce.php:179

filterwoocommerce_admin_field_api_javascript_uiincludes\makecommerce.php:181

actionadmin_enqueue_scriptsincludes\makecommerce.php:184

actionadmin_menuincludes\makecommerce.php:185

actionadmin_headincludes\makecommerce.php:186

actionadmin_headincludes\makecommerce.php:187

actionadmin_initincludes\makecommerce.php:188

actionwp_enqueue_scriptsincludes\makecommerce.php:203

actionwp_enqueue_scriptsincludes\makecommerce.php:204

actionadmin_enqueue_scriptsincludes\makecommerce.php:207

actionadmin_enqueue_scriptsincludes\makecommerce.php:208

actionwoocommerce_shipping_initincludes\makecommerce.php:211

filterwoocommerce_shipping_methodsincludes\makecommerce.php:214

filterwoocommerce_checkout_update_order_reviewincludes\makecommerce.php:216

filterposts_whereincludes\makecommerce.php:217

filterwoocommerce_order_status_processingincludes\makecommerce.php:219

actionwoocommerce_update_orderincludes\makecommerce.php:221

actionwoocommerce_update_orderincludes\makecommerce.php:222

actionupdate_option_mc_map_geocoding_api_keyincludes\makecommerce.php:227

actionadmin_noticesincludes\makecommerce.php:228

actioninitmakecommerce\includes\makecommerce.php:115

filterquery_varsmakecommerce\includes\makecommerce.php:130

actionmc_banklinks_update_cronmakecommerce\includes\makecommerce.php:133

actionparse_requestmakecommerce\includes\makecommerce.php:135

actionadmin_noticesmakecommerce\includes\makecommerce.php:150

actionadmin_noticesmakecommerce\includes\makecommerce.php:154

actionupdate_option_mc_api_modemakecommerce\includes\makecommerce.php:158

filtermanage_edit-shop_order_columnsmakecommerce\includes\makecommerce.php:161

filtermanage_edit-shop_order_sortable_columnsmakecommerce\includes\makecommerce.php:162

actionmanage_shop_order_posts_custom_columnmakecommerce\includes\makecommerce.php:163

filtermanage_woocommerce_page_wc-orders_columnsmakecommerce\includes\makecommerce.php:166

actionmanage_woocommerce_page_wc-orders_custom_columnmakecommerce\includes\makecommerce.php:167

actionwp_loginmakecommerce\includes\makecommerce.php:170

filterplugin_action_links_makecommerce/makecommerce.phpmakecommerce\includes\makecommerce.php:173

actionadmin_initmakecommerce\includes\makecommerce.php:187

actionadmin_initmakecommerce\includes\makecommerce.php:188

actionadmin_headmakecommerce\includes\makecommerce.php:189

actionadmin_menumakecommerce\includes\makecommerce.php:190

actionadmin_menumakecommerce\includes\makecommerce.php:191

actionadmin_enqueue_scriptsmakecommerce\includes\makecommerce.php:192

actionadd_option_mc_paymentsmakecommerce\includes\makecommerce.php:193

actionupdate_option_mc_paymentsmakecommerce\includes\makecommerce.php:194

actionbefore_woocommerce_initmakecommerce\makecommerce.php:25

actionadmin_noticesmakecommerce\makecommerce.php:40

actionadmin_noticesmakecommerce\makecommerce.php:107

filterauto_update_pluginmakecommerce\makecommerce.php:144

actionwoocommerce_update_options_payment_gatewaysmakecommerce\payment\gateway\gateway.php:101

actionwoocommerce_payment_gatewaysmakecommerce\payment\gateway\gateway.php:103

actionwoocommerce_blocks_loadedmakecommerce\payment\gateway\woocommerce\woocommerce.php:63

filterquery_varsmakecommerce\payment\gateway\woocommerce\woocommerce.php:96

actiontemplate_redirectmakecommerce\payment\gateway\woocommerce\woocommerce.php:97

actionwoocommerce_checkout_update_order_metamakecommerce\payment\gateway\woocommerce\woocommerce.php:102

actionwp_enqueue_scriptsmakecommerce\payment\gateway\woocommerce\woocommerce.php:114

filterwoocommerce_blocks_checkout_enqueue_datamakecommerce\payment\gateway\woocommerce\woocommerce.php:115

actionwoocommerce_blocks_payment_method_type_registrationmakecommerce\payment\gateway\woocommerce\woocommerce.php:418

actionplugins_loadedmakecommerce\payment\payment.php:61

actionwoocommerce_before_checkout_formmakecommerce\payment\payment.php:62

actionwoocommerce_initmakecommerce\shipping\blocks\mc-shipping-blocks.php:13

actionwoocommerce_initmakecommerce\shipping\blocks\mc-shipping-blocks.php:14

actionwoocommerce_blocks_checkout_block_registrationmakecommerce\shipping\blocks\mc-shipping-blocks.php:15

actionwoocommerce_store_api_checkout_update_order_from_requestmakecommerce\shipping\blocks\mc-shipping-blocks.php:16

actionwoocommerce_thankyoumakecommerce\shipping\blocks\mc-shipping-blocks.php:17

actionwoocommerce_order_actions_endmakecommerce\shipping\label.php:36

actionadmin_initmakecommerce\shipping\label.php:37

actionwoocommerce_after_checkout_validationmakecommerce\shipping\method\method.php:51

filterwoocommerce_package_ratesmakecommerce\shipping\method\method.php:52

filterwoocommerce_admin_order_data_after_shipping_addressmakecommerce\shipping\order.php:37

filterwoocommerce_order_details_after_customer_detailsmakecommerce\shipping\order.php:40

actionwoocommerce_email_after_order_tablemakecommerce\shipping\order.php:43

filterwoocommerce_product_options_shippingmakecommerce\shipping\product.php:34

filterwoocommerce_process_product_metamakecommerce\shipping\product.php:35

actionwoocommerce_blocks_loadedmakecommerce\shipping\shipping.php:83

actionwp_enqueue_scriptsmakecommerce\shipping\shipping.php:129

actionadmin_enqueue_scriptsmakecommerce\shipping\shipping.php:132

actionadd_option_mc_shippingmakecommerce\shipping\shipping.php:135

actionupdate_option_mc_shippingmakecommerce\shipping\shipping.php:136

filterwoocommerce_shipping_methodsmakecommerce\shipping\shipping.php:139

filterwoocommerce_get_sections_shippingmakecommerce\shipping\shipping.php:141

filterwoocommerce_order_status_processingmakecommerce\shipping\shipping.php:144

actionwoocommerce_new_ordermakecommerce\shipping\shipping.php:147

filterwoocommerce_billing_fieldsmakecommerce\shipping\shipping.php:154

actionwoocommerce_review_order_after_shippingmakecommerce\shipping\shipping.php:156

actionwoocommerce_update_options_payment_gatewayspayment\gateway\gateway.php:140

actionwoocommerce_payment_gatewayspayment\gateway\gateway.php:142

filterwoocommerce_gateway_titlepayment\gateway\gateway.php:148

actionwoocommerce_before_checkout_formpayment\gateway\simplecheckout\simplecheckout.php:24

actionquery_varspayment\gateway\simplecheckout\simplecheckout.php:25

actiontemplate_redirectpayment\gateway\simplecheckout\simplecheckout.php:26

actionwoocommerce_before_cartpayment\gateway\simplecheckout\simplecheckout.php:27

actionwoocommerce_store_api_checkout_update_order_from_requestpayment\gateway\woocommerce\blocks\woocommerceblocks.php:38

actionwoocommerce_checkout_subscription_createdpayment\gateway\woocommerce\blocks\woocommerceblocks.php:39

actionadmin_noticespayment\gateway\woocommerce\methods.php:73

actionadmin_noticespayment\gateway\woocommerce\methods.php:146

actionwoocommerce_blocks_loadedpayment\gateway\woocommerce\woocommerce.php:61

filterquery_varspayment\gateway\woocommerce\woocommerce.php:314

actiontemplate_redirectpayment\gateway\woocommerce\woocommerce.php:315

actionwoocommerce_checkout_update_order_metapayment\gateway\woocommerce\woocommerce.php:320

actionwp_enqueue_scriptspayment\gateway\woocommerce\woocommerce.php:330

actionwoocommerce_blocks_payment_method_type_registrationpayment\gateway\woocommerce\woocommerce.php:642

actionplugins_loadedpayment\payment.php:61

actionwoocommerce_before_checkout_formpayment\payment.php:62

actionwoocommerce_order_actions_endshipping\label.php:49

filteradmin_action_parcel_machine_print_labelsshipping\label.php:51

filteradmin_footershipping\label.php:52

filteradmin_action_parcel_machine_labelsshipping\label.php:53

filterhandle_bulk_actions-woocommerce_page_wc-ordersshipping\label.php:55

actionwoocommerce_checkout_update_order_metashipping\method\courier\smartpost.php:49

filterwoocommerce_review_order_after_shippingshipping\method\courier\smartpost.php:52

filterwoocommerce_package_ratesshipping\method\method.php:83

filterwoocommerce_order_get_itemsshipping\method\method.php:84

actionwoocommerce_checkout_processshipping\method\method.php:88

actionwoocommerce_after_checkout_validationshipping\method\method.php:89

actionadmin_noticesshipping\method\method.php:105

actionwoocommerce_checkout_update_order_metashipping\method\parcelmachine\parcelmachine.php:119

filterwoocommerce_review_order_after_shippingshipping\method\parcelmachine\parcelmachine.php:123

filterwoocommerce_order_details_after_customer_detailsshipping\order.php:33

filterwoocommerce_admin_order_data_after_shipping_addressshipping\order.php:34

filtermanage_shop_order_posts_custom_columnshipping\order.php:35

filterwoocommerce_email_customer_details_fieldsshipping\order.php:36

filterrestrict_manage_postsshipping\order.php:37

filterwoocommerce_order_list_table_restrict_manage_ordersshipping\order.php:40

filterwoocommerce_order_query_argsshipping\order.php:42

filterbulk_actions-woocommerce_page_wc-ordersshipping\order.php:44

filterwoocommerce_product_options_shippingshipping\product.php:34

filterwoocommerce_process_product_metashipping\product.php:35

actionwoocommerce_before_checkout_formshipping\shipping.php:119

Scheduled Events 2

mc_banklinks_update_cron

Maintenance & Trust

MakeCommerce for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 27, 2026

PHP min version8.1

Downloads64K

Community Trust

Rating72/100

Number of ratings8

Active installs3K

Alternatives

MakeCommerce for WooCommerce Alternatives

Montonio for WooCommerce

montonio-for-woocommerce

100

Montonio is a complete checkout solution for online stores that includes all popular payment methods (local banks, card payments, Apple Pay, Google Pa …

10K No CVEs

RY Tools for WooCommerce

ry-woocommerce-tools

100

Accept your WooCommerce store payment with ECPay / NewebPay / SmilePay and shipping with ECPay / NewebPay / SmilePay.

5K No CVEs

Conditional Payments and Shipping for WooCommerce

wc-restricted-shipping-and-payment

100

A simplistic plugin for excluding shipping methods based on multiple rules such as shipping class, package weight and cart totals.

900 No CVEs

Cashflows for WooCommerce

cashflows-payments-by-ideal-checkout

100

Cashflows Payments Gateway for WooCommerce

700 No CVEs

Payment Gateways by Shipping for WooCommerce

payment-gateways-by-shipping-for-woocommerce

100

Set "enable for shipping methods" for WooCommerce payment gateways.

500 No CVEs

Developer Profile

MakeCommerce for WooCommerce Developer Profile

MakeCommerce.net

1 plugin · 3K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

7 days

View full developer profile

Detection Fingerprints

How We Detect MakeCommerce for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/makecommerce/admin/css/admin.css/wp-content/plugins/makecommerce/admin/js/admin.js/wp-content/plugins/makecommerce/js/frontend.js/wp-content/plugins/makecommerce/js/cart.js/wp-content/plugins/makecommerce/js/checkout.js/wp-content/plugins/makecommerce/js/makecommerce-checkout-validation.js

Script Paths

/wp-content/plugins/makecommerce/admin/js/admin.js/wp-content/plugins/makecommerce/js/frontend.js/wp-content/plugins/makecommerce/js/cart.js/wp-content/plugins/makecommerce/js/checkout.js/wp-content/plugins/makecommerce/js/makecommerce-checkout-validation.js/wp-content/plugins/makecommerce/api/js/api.js

Version Parameters

makecommerce/admin/css/admin.css?ver=makecommerce/admin/js/admin.js?ver=makecommerce/js/frontend.js?ver=makecommerce/js/cart.js?ver=makecommerce/js/checkout.js?ver=makecommerce/js/makecommerce-checkout-validation.js?ver=makecommerce/api/js/api.js?ver=

HTML / DOM Fingerprints

CSS Classes

mc-api-settingsmakecommerce-shipping-plus-noticemk-shipping-plus-link

HTML Comments

Data Attributes

data-envdata-payment-envdata-currencydata-languagedata-return-urldata-cancel-url+11 more

JS Globals

makecommerce_checkout_paramsmakecommerce_shipping_params

REST Endpoints

/wp-json/makecommerce/v1/webhook

FAQ

MakeCommerce for WooCommerce Security & Risk Analysis

Is MakeCommerce for WooCommerce Safe to Use in 2026?

Generally Safe

Key Concerns

MakeCommerce for WooCommerce Security Vulnerabilities

CVEs by Year

Severity Breakdown

MakeCommerce for WooCommerce Code Analysis

Dangerous Functions Found

Bundled Libraries

SQL Query Safety

Output Escaping

Data Flow Analysis

MakeCommerce for WooCommerce Attack Surface

AJAX Handlers 13

Scheduled Events 2

MakeCommerce for WooCommerce Maintenance & Trust

Maintenance Signals

Community Trust

MakeCommerce for WooCommerce Alternatives

Montonio for WooCommerce

RY Tools for WooCommerce

Conditional Payments and Shipping for WooCommerce

Cashflows for WooCommerce

Payment Gateways by Shipping for WooCommerce

MakeCommerce for WooCommerce Developer Profile

How We Detect MakeCommerce for WooCommerce

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about MakeCommerce for WooCommerce