Does MANGOPAY for WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in MANGOPAY for WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is MANGOPAY for WooCommerce compatible with WordPress 6.7.5?

According to WordPress.org data, MANGOPAY for WooCommerce 3.6.3 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is MANGOPAY for WooCommerce compatible with PHP 7.4+?

MANGOPAY for WooCommerce requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is MANGOPAY for WooCommerce updated?

MANGOPAY for WooCommerce was last updated on Oct 24, 2025. Frequent updates are generally a positive security signal.

What is MANGOPAY for WooCommerce's security score?

MANGOPAY for WooCommerce has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

MANGOPAY for WooCommerce Security & Risk Analysis

wordpress.org/plugins/mangopay-woocommerce

Official WooCommerce Payment gateway for the MANGOPAY payment solution dedicated to marketplaces.

90 active installs v3.6.3 PHP 7.4+ WP 4.4+ Updated Oct 24, 2025

gatewaymarketplacepaymentwc-vendorswoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is MANGOPAY for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

MANGOPAY for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5mo ago

Risk Assessment

The "mangopay-woocommerce" plugin v3.6.3 presents a mixed security posture. While it demonstrates strengths in areas like SQL query protection and output escaping, significant concerns exist regarding its attack surface and handling of sensitive operations. The plugin exposes a substantial number of AJAX handlers, a majority of which lack authentication checks. This, coupled with the presence of the `unserialize` function and unsanitized taint flows, creates a notable risk of unauthorized actions and potential code execution. The absence of nonce checks on these unprotected AJAX endpoints is particularly worrying, as it leaves them vulnerable to Cross-Site Request Forgery (CSRF) attacks.

The plugin's vulnerability history is notably clean, with no recorded CVEs. This is a positive indicator and suggests good development practices historically. However, this clean record should not overshadow the direct risks identified in the static analysis. The current code signals, particularly the unprotected AJAX endpoints and the potential for unsanitized data processing via `unserialize` and taint flows, warrant immediate attention. Therefore, while the plugin has a good track record, the identified vulnerabilities in the current version suggest a need for urgent remediation to maintain its security.

Key Concerns

Unprotected AJAX handlers
Dangerous function unserialize
High severity taint flow
Unsanitized paths in taint flows
Missing nonce checks

Vulnerabilities

None known

MANGOPAY for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

MANGOPAY for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

10 prepared

Unescaped Output

782 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserializereturn unserialize($serialized);sdk\MangoPay\Libraries\DefaultStorageStrategy.php:39

SQL Query Safety

100% prepared10 total queries

Output Escaping

94% escaped829 total outputs

Data Flows

9 unsanitized

Data Flow Analysis

17 flows9 with unsanitized paths

vendor_payouts (inc\admin.inc.php:2909)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

9 unprotected

MANGOPAY for WooCommerce Attack Surface

Entry Points15

Unprotected9

AJAX Handlers 12

authwp_ajax_ignore_mp_failed_poinc\ajax.inc.php:27

authwp_ajax_ignore_mp_refused_kycinc\ajax.inc.php:29

authwp_ajax_failed_transaction_widgetinc\ajax.inc.php:30

authwp_ajax_update_list_preauth_cardsinc\ajax.inc.php:33

authwp_ajax_delete_card_list_preauth_cardsinc\ajax.inc.php:34

authwp_ajax_preauth_registercardinc\ajax.inc.php:35

authwp_ajax_preauth_registercard_updateinc\ajax.inc.php:36

authwp_ajax_preauth_captureinc\ajax.inc.php:37

authwp_ajax_create_uboinc\ajax.inc.php:42

authwp_ajax_add_ubo_elementinc\ajax.inc.php:43

authwp_ajax_create_ubo_htmlinc\ajax.inc.php:44

authwp_ajax_ubo_ask_declarationinc\ajax.inc.php:45

Shortcodes 3

[mangopay_payform] inc\hooks.inc.php:110

[kyc_doc_upload_form] inc\main.inc.php:142

[kyc_doc_user_infos] inc\main.inc.php:143

WordPress Hooks 86

filterwp_insert_post_datainc\admin.inc.php:3411

filterwp_insert_post_datainc\admin.inc.php:3450

filterwoocommerce_payment_gateway_supportsinc\hooks.inc.php:31

actioninitinc\hooks.inc.php:34

filtermp_account_typesinc\hooks.inc.php:37

actionplugins_loadedinc\hooks.inc.php:40

actionset_user_roleinc\hooks.inc.php:43

actionuser_registerinc\hooks.inc.php:46

filtersafe_style_cssinc\hooks.inc.php:55

filterwoocommerce_payment_gatewaysinc\hooks.inc.php:63

actionwoocommerce_order_status_completedinc\hooks.inc.php:66

filterwoocommerce_available_payment_gatewaysinc\hooks.inc.php:69

filterwoocommerce_order_data_store_cpt_get_orders_queryinc\hooks.inc.php:72

actionwcvendors_completed_statusesinc\hooks.inc.php:80

actionwcvendors_before_store_settings_savedinc\hooks.inc.php:84

actionwcvendors_shop_settings_savedinc\hooks.inc.php:86

filterwcvendors_shipping_dueinc\hooks.inc.php:90

filterwcvendors_after_dashboardinc\hooks.inc.php:93

actionwcvendors_table_after_orderinc\hooks.inc.php:97

actionwcvendors_pro_table_after_orderinc\hooks.inc.php:99

actionwoocommerce_register_form_startinc\hooks.inc.php:118

actionwoocommerce_register_postinc\hooks.inc.php:119

actionwoocommerce_created_customerinc\hooks.inc.php:120

actionbp_account_details_fieldsinc\hooks.inc.php:123

actionbp_signup_pre_validateinc\hooks.inc.php:124

actionbp_complete_signupinc\hooks.inc.php:125

actionwoocommerce_edit_account_forminc\hooks.inc.php:128

filterwoocommerce_save_account_details_required_fieldsinc\hooks.inc.php:129

actionwoocommerce_save_account_detailsinc\hooks.inc.php:130

actionwoocommerce_save_account_details_errorsinc\hooks.inc.php:132

filterwoocommerce_checkout_fieldsinc\hooks.inc.php:135

actionwoocommerce_checkout_processinc\hooks.inc.php:136

actionwoocommerce_after_order_notesinc\hooks.inc.php:137

actionwoocommerce_checkout_update_user_metainc\hooks.inc.php:138

filterwoocommerce_add_errorinc\hooks.inc.php:139

actiontemplate_redirectinc\hooks.inc.php:146

actionwoocommerce_thankyouinc\hooks.inc.php:147

filterwoocommerce_add_noticeinc\hooks.inc.php:148

actionwoocommerce_customer_save_addressinc\hooks.inc.php:151

actionwoocommerce_thankyou_mangopayinc\hooks.inc.php:154

filterproduct_type_optionsinc\hooks.inc.php:157

actionsave_post_productinc\hooks.inc.php:159

actionwcvendors_settings_after_paypalinc\hooks.inc.php:166

actionwcvendors_before_store_settings_savedinc\hooks.inc.php:169

actionwcvendors_shop_settings_savedinc\hooks.inc.php:171

actionwcvendors_pro_store_settings_savedinc\hooks.inc.php:176

actionwcvendors_shop_settings_admin_savedinc\hooks.inc.php:182

filterwcvendors_order_actionsinc\hooks.inc.php:185

filterwoocommerce_order_items_meta_displayinc\hooks.inc.php:186

filterwoocommerce_after_template_partinc\hooks.inc.php:188

filterwcvendors_shipping_dueinc\hooks.inc.php:190

actionwp_enqueue_scriptsinc\hooks.inc.php:195

actionupgrader_process_completeinc\hooks.inc.php:198

actionadmin_enqueue_scriptsinc\hooks.inc.php:212

actionadmin_enqueue_scriptsinc\hooks.inc.php:215

actionadmin_menuinc\hooks.inc.php:218

actionadmin_initinc\hooks.inc.php:221

actionadmin_noticesinc\hooks.inc.php:224

actionwp_dashboard_setupinc\hooks.inc.php:227

actionshow_user_profileinc\hooks.inc.php:230

actionedit_user_profileinc\hooks.inc.php:231

actionuser_new_forminc\hooks.inc.php:232

actionpersonal_options_updateinc\hooks.inc.php:234

actionedit_user_profile_updateinc\hooks.inc.php:235

actionuser_registerinc\hooks.inc.php:236

actionuser_profile_update_errorsinc\hooks.inc.php:237

filtermanage_users_columnsinc\hooks.inc.php:240

filtermanage_users_sortable_columnsinc\hooks.inc.php:241

filtermanage_users_custom_columninc\hooks.inc.php:242

filterpre_user_queryinc\hooks.inc.php:243

actionadd_meta_boxesinc\hooks.inc.php:255

actionwoocommerce_update_options_payment_gateways_mangopayinc\hooks.inc.php:258

actionadd_meta_boxesinc\hooks.inc.php:260

filterwp_insert_post_datainc\hooks.inc.php:263

actionwcvendors_settings_after_paypalinc\hooks.inc.php:271

actionadmin_footer-woocommerce_page_pv_admin_commissionsinc\hooks.inc.php:276

actionadmin_footer-wc-vendors_page_wcv-commissionsinc\hooks.inc.php:277

actionload-woocommerce_page_pv_admin_commissionsinc\hooks.inc.php:278

actionload-wc-vendors_page_wcv-commissionsinc\hooks.inc.php:279

actionwp_enqueue_scriptsinc\main.inc.php:50

actionadmin_enqueue_scriptsinc\main.inc.php:51

actioninitinc\main.inc.php:139

filterquery_varsinc\webhooks.inc.php:32

actionparse_requestinc\webhooks.inc.php:33

actioninitinc\webhooks.inc.php:34

actionwp_loadedinc\webhooks.inc.php:35

Maintenance & Trust

MANGOPAY for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedOct 24, 2025

PHP min version7.4

Downloads15K

Community Trust

Rating88/100

Number of ratings5

Active installs90

Alternatives

MANGOPAY for WooCommerce Alternatives

Payment Gateway Based Fees and Discounts for WooCommerce

checkout-fees-for-woocommerce

Set fees and discounts for WooCommerce payment gateways.

30K 1 CVE

Paystack WooCommerce Payment Gateway

woo-paystack

100

Paystack for WooCommerce allows your WooCommerce store to accept secure payments from multiple local and global payment channels.

30K No CVEs

Montonio for WooCommerce

montonio-for-woocommerce

100

Montonio is a complete checkout solution for online stores that includes all popular payment methods (local banks, card payments, Apple Pay, Google Pa …

10K No CVEs

NETOPIA Payments Payment Gateway

netopia-payments-payment-gateway

NETOPIA Payments Payment Gateway extends WooCommerce payment options by adding NETOPIA's Payment Gateway options.

10K No CVEs

SumUp Payment Gateway For WooCommerce

sumup-payment-gateway-for-woocommerce

The SumUp plugin for WooCommerce allows businesses to securely process payments online. Accept payments from customers using a range of payment method …

10K 1 CVE

Developer Profile

MANGOPAY for WooCommerce Developer Profile

mangopay

1 plugin · 90 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect MANGOPAY for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/mangopay-woocommerce/assets/css/mangopay-admin.css/wp-content/plugins/mangopay-woocommerce/assets/css/mangopay-checkout.css/wp-content/plugins/mangopay-woocommerce/assets/js/mangopay-admin.js/wp-content/plugins/mangopay-woocommerce/assets/js/mangopay-checkout.js

Script Paths

/wp-content/plugins/mangopay-woocommerce/assets/js/mangopay-admin.js/wp-content/plugins/mangopay-woocommerce/assets/js/mangopay-checkout.js

Version Parameters

mangopay-woocommerce/assets/css/mangopay-admin.css?ver=mangopay-woocommerce/assets/css/mangopay-checkout.css?ver=mangopay-woocommerce/assets/js/mangopay-admin.js?ver=mangopay-woocommerce/assets/js/mangopay-checkout.js?ver=

HTML / DOM Fingerprints

CSS Classes

mangopay-admin-wrapmangopay-payment-method-form

HTML Comments

Data Attributes

data-mangopay-checkoutdata-mangopay-wallet

JS Globals

mangopay_checkout_params

REST Endpoints

/wp-json/mangopay-woocommerce/v1/process_payment

FAQ