Does Pagopar – WooCommerce Gateway have any unpatched vulnerabilities?

No. All known vulnerabilities in Pagopar – WooCommerce Gateway have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Pagopar – WooCommerce Gateway compatible with WordPress 6.8.5?

According to WordPress.org data, Pagopar – WooCommerce Gateway 2.8.13 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

How often is Pagopar – WooCommerce Gateway updated?

Pagopar – WooCommerce Gateway was last updated on Jul 11, 2025. Frequent updates are generally a positive security signal.

What is Pagopar – WooCommerce Gateway's security score?

Pagopar – WooCommerce Gateway has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Pagopar – WooCommerce Gateway Security & Risk Analysis

wordpress.org/plugins/pagopar-woocommerce-gateway

Vendé a todo el país con los principales medios de pago.

300 active installs v2.8.13 PHP + WP 4.0+ Updated Jul 11, 2025

bancardpagoparpixtarjetas-de-credito-y-billeteras-electronicasupay

A · Safe

CVEs total1

Unpatched0

Last CVEApr 9, 2025

Plugin page Download

Safety Verdict

Is Pagopar – WooCommerce Gateway Safe to Use in 2026?

Generally Safe

Score 99/100

Pagopar – WooCommerce Gateway has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Apr 9, 2025Updated 8mo ago

Risk Assessment

The pagopar-woocommerce-gateway plugin version 2.8.13 exhibits a mixed security posture. While it demonstrates strong practices in output escaping (97%) and a high percentage of SQL queries using prepared statements (78%), significant concerns arise from its attack surface. A substantial portion of its AJAX handlers (16 out of 26, or 61.5%) lack authentication checks, creating potential entry points for unauthorized actions. The taint analysis further exacerbates these concerns, revealing 10 high-severity flows with unsanitized paths, indicating a risk of data manipulation or execution vulnerabilities. Although the plugin has a history of only one known CVE, which is currently patched, the recurring pattern of potentially insecure AJAX endpoints and high-severity taint flows suggests a latent risk. The plugin's strengths lie in its careful handling of output and database queries, but the unauthenticated entry points and unsanitized data flows represent the most pressing security weaknesses that require immediate attention.

Key Concerns

Unprotected AJAX handlers
High severity unsanitized taint flows
Low capability checks
Moderate SQL query usage without prepare

Vulnerabilities

Pagopar – WooCommerce Gateway Security Vulnerabilities

CVEs by Year

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-31032medium · 6.1Cross-Site Request Forgery (CSRF)

Pagopar – WooCommerce Gateway <= 2.7.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting

Apr 9, 2025 Patched in 2.8.0 (36d)

Code Analysis

Analyzed Mar 16, 2026

Pagopar – WooCommerce Gateway Code Analysis

Dangerous Functions

Raw SQL Queries

57 prepared

Unescaped Output

521 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

78% prepared73 total queries

Output Escaping

97% escaped539 total outputs

Data Flows

12 unsanitized

Data Flow Analysis

18 flows12 with unsanitized paths

pagopar_borrar_tarjeta (woocommerce-pagopar-gateway.php:836)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

16 unprotected

Pagopar – WooCommerce Gateway Attack Surface

Entry Points26

Unprotected16

AJAX Handlers 26

authwp_ajax_pagopar_checkoutwoocommerce-pagopar-gateway.php:1564

noprivwp_ajax_pagopar_checkoutwoocommerce-pagopar-gateway.php:1565

authwp_ajax_non_pagopar_checkoutwoocommerce-pagopar-gateway.php:1566

noprivwp_ajax_non_pagopar_checkoutwoocommerce-pagopar-gateway.php:1567

authwp_ajax_change_order_reviewwoocommerce-pagopar-gateway.php:1568

noprivwp_ajax_change_order_reviewwoocommerce-pagopar-gateway.php:1569

authwp_ajax_set_fletewoocommerce-pagopar-gateway.php:1570

noprivwp_ajax_set_fletewoocommerce-pagopar-gateway.php:1571

authwp_ajax_pagopar_checkout_change_pricewoocommerce-pagopar-gateway.php:1572

noprivwp_ajax_pagopar_checkout_change_pricewoocommerce-pagopar-gateway.php:1573

authwp_ajax_pagopar_add_feeswoocommerce-pagopar-gateway.php:1589

noprivwp_ajax_pagopar_add_feeswoocommerce-pagopar-gateway.php:1590

authwp_ajax_pagopar_categorieswoocommerce-pagopar-gateway.php:1594

noprivwp_ajax_pagopar_categorieswoocommerce-pagopar-gateway.php:1595

authwp_ajax_pagopar_borrar_tarjetawoocommerce-pagopar-gateway.php:1598

noprivwp_ajax_pagopar_borrar_tarjetawoocommerce-pagopar-gateway.php:1599

authwp_ajax_pagopar_agregar_tarjetawoocommerce-pagopar-gateway.php:1601

noprivwp_ajax_pagopar_agregar_tarjetawoocommerce-pagopar-gateway.php:1602

authwp_ajax_pagopar_catastro_guardar_datos_faltanteswoocommerce-pagopar-gateway.php:1605

noprivwp_ajax_pagopar_catastro_guardar_datos_faltanteswoocommerce-pagopar-gateway.php:1606

authwp_ajax_pagopar_confirmar_tarjetawoocommerce-pagopar-gateway.php:1609

noprivwp_ajax_pagopar_confirmar_tarjetawoocommerce-pagopar-gateway.php:1610

authwp_ajax_pagopar_reversar_pagowoocommerce-pagopar-gateway.php:1613

noprivwp_ajax_pagopar_reversar_pagowoocommerce-pagopar-gateway.php:1614

authwp_ajax_pagopar_agregar_tarjetawoocommerce-pagopar-gateway.php:3578

noprivwp_ajax_pagopar_agregar_tarjetawoocommerce-pagopar-gateway.php:3579

WordPress Hooks 63

actionwoocommerce_update_options_payment_gatewaysincludes\billeteras\pagopar_billeteras.php:33

actionwoocommerce_blocks_checkout_block_registrationincludes\class-pagopar-gateway-base.php:9

filterwoocommerce_get_country_localeincludes\class-pagopar-gateway-base.php:10

filterwoocommerce_default_address_fieldsincludes\class-pagopar-gateway-base.php:12

actionwoocommerce_update_options_payment_gatewaysincludes\tarjetas\pagopar_tarjetas.php:28

actionwoocommerce_shipping_initpagopar-direcciones.php:381

filterwoocommerce_shipping_methodspagopar-direcciones.php:471

filterwoocommerce_available_payment_gatewayspagopar-multimedios-pago.php:646

actionwoocommerce_before_add_to_cart_formpagopar-multimedios-pago.php:648

filterpage_css_classwoocommerce-pagopar-gateway.php:26

actionwoocommerce_blocks_payment_method_type_registrationwoocommerce-pagopar-gateway.php:75

actionbefore_woocommerce_initwoocommerce-pagopar-gateway.php:83

actioninitwoocommerce-pagopar-gateway.php:111

filterwoocommerce_stateswoocommerce-pagopar-gateway.php:113

filterwoocommerce_package_rateswoocommerce-pagopar-gateway.php:226

filterwoocommerce_account_menu_itemswoocommerce-pagopar-gateway.php:462

filterthe_titlewoocommerce-pagopar-gateway.php:827

actionadmin_headwoocommerce-pagopar-gateway.php:1009

actionadmin_noticeswoocommerce-pagopar-gateway.php:1268

actionadmin_noticeswoocommerce-pagopar-gateway.php:1290

actionbefore_woocommerce_initwoocommerce-pagopar-gateway.php:1320

actionwoocommerce_initwoocommerce-pagopar-gateway.php:1329

actionwoocommerce_set_additional_field_valuewoocommerce-pagopar-gateway.php:1419

filterwoocommerce_get_default_value_for_pagopar/billing_documentowoocommerce-pagopar-gateway.php:1451

filterwoocommerce_get_default_value_for_pagopar/billing_razon_socialwoocommerce-pagopar-gateway.php:1462

filterwoocommerce_get_default_value_for_pagopar/billing_rucwoocommerce-pagopar-gateway.php:1473

filterwoocommerce_get_default_value_for_pagopar/billing_coordenadaswoocommerce-pagopar-gateway.php:1484

actionwoocommerce_blocks_loadedwoocommerce-pagopar-gateway.php:1496

actionplugins_loadedwoocommerce-pagopar-gateway.php:1499

filterwoocommerce_payment_gatewayswoocommerce-pagopar-gateway.php:1534

actionwp_enqueue_scriptswoocommerce-pagopar-gateway.php:1563

filterwoocommerce_after_checkout_shipping_formwoocommerce-pagopar-gateway.php:1575

filterthe_contentwoocommerce-pagopar-gateway.php:1576

filterwoocommerce_product_data_tabswoocommerce-pagopar-gateway.php:1579

filterwoocommerce_product_data_panelswoocommerce-pagopar-gateway.php:1580

actionwoocommerce_cart_calculate_feeswoocommerce-pagopar-gateway.php:1588

actionadmin_enqueue_scriptswoocommerce-pagopar-gateway.php:1592

actionadmin_enqueue_scriptswoocommerce-pagopar-gateway.php:1617

actionadmin_menuwoocommerce-pagopar-gateway.php:1619

filterpage_templatewoocommerce-pagopar-gateway.php:1792

actionpre_get_postswoocommerce-pagopar-gateway.php:1802

actionwoocommerce_process_product_metawoocommerce-pagopar-gateway.php:2544

filterwoocommerce_checkout_fieldswoocommerce-pagopar-gateway.php:2683

actionwp_footerwoocommerce-pagopar-gateway.php:2689

filterwoocommerce_update_order_review_fragmentswoocommerce-pagopar-gateway.php:3621

filterwoocommerce_update_order_review_fragmentswoocommerce-pagopar-gateway.php:3640

filterwoocommerce_billing_fieldswoocommerce-pagopar-gateway.php:3674

filterwoocommerce_review_order_before_cart_contentswoocommerce-pagopar-gateway.php:3786

actionwoocommerce_order_status_pendingwoocommerce-pagopar-gateway.php:3787

actionsave_postwoocommerce-pagopar-gateway.php:4490

actionwoocommerce_product_import_inserted_product_objectwoocommerce-pagopar-gateway.php:4491

actionwoocommerce_reduce_order_stockwoocommerce-pagopar-gateway.php:4495

filterthe_contentwoocommerce-pagopar-gateway.php:4496

filterwoocommerce_store_api_checkout_order_processedwoocommerce-pagopar-gateway.php:4612

filterwoocommerce_checkout_create_orderwoocommerce-pagopar-gateway.php:4731

filterwoocommerce_shipping_calculator_enable_citywoocommerce-pagopar-gateway.php:4824

filterwoocommerce_shipping_calculator_enable_postcodewoocommerce-pagopar-gateway.php:4838

filtercron_scheduleswoocommerce-pagopar-gateway.php:4850

actionpagopar_task_hookwoocommerce-pagopar-gateway.php:4855

actionadmin_noticeswoocommerce-pagopar.php:70

actionadmin_noticeswoocommerce-pagopar.php:75

actionadmin_noticeswoocommerce-pagopar.php:80

actionadmin_noticeswoocommerce-pagopar.php:206

Scheduled Events 1

pagopar_task_hook

Maintenance & Trust

Pagopar – WooCommerce Gateway Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedJul 11, 2025

PHP min version

Downloads26K

Community Trust

Rating60/100

Number of ratings2

Active installs300

Alternatives

Pagopar – WooCommerce Gateway Alternatives

PixelYourSite – Your smart PIXEL (TAG) & API Manager

pixelyoursite

Add Meta Pixel with Conversion API, Google Analytics (GA4) + Consent Mode, Google Tag Manager, and Head & Footer scripts.

500K 11 CVEs

Meta pixel for WordPress

official-facebook-pixel

Grow your business with Meta for WordPress!

400K 2 CVEs

Pinterest for WooCommerce

pinterest-for-woocommerce

100

Get your products in front of Pinterest users searching for ideas and things to buy. Connect your WooCommerce store to make your catalog browsable.

300K No CVEs

Insert Headers And Footers

wp-headers-and-footers

Include inline javascript, stylesheets, CSS code or anything you want in Header and Footer areas of your WordPress with ease.

300K 1 CVE

Instant Images – One-click Image Uploads from Unsplash, Openverse, Pixabay, Pexels, and Giphy

instant-images

One-click uploads from Unsplash, Openverse, Pixabay, Pexels, and Giphy directly to your WordPress media library.

200K 3 CVEs

Developer Profile

Pagopar – WooCommerce Gateway Developer Profile

Pagopar - Grupo M S.A.

1 plugin · 300 total installs

trust score

Avg Security Score

99/100

Avg Patch Time

36 days

View full developer profile

Detection Fingerprints

How We Detect Pagopar – WooCommerce Gateway

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/pagopar-woocommerce-gateway/assets/js/app.js/wp-content/plugins/pagopar-woocommerce-gateway/assets/css/style.css/wp-content/plugins/pagopar-woocommerce-gateway/assets/js/validation.js

Script Paths

/wp-content/plugins/pagopar-woocommerce-gateway/assets/js/app.js/wp-content/plugins/pagopar-woocommerce-gateway/assets/js/validation.js

Version Parameters

pagopar-woocommerce-gateway/assets/css/style.css?ver=pagopar-woocommerce-gateway/assets/js/app.js?ver=

HTML / DOM Fingerprints

CSS Classes

hide-page-item

HTML Comments

INICIO DE CODIGO PARA AGREGAR LOGICA DE BLOQUES PAGOPAR WOOCOMMERCEFIN DE CODIGO PARA AGREGAR LOGICA DE BLOQUES PAGOPAR WOOCOMMERCEInicio de codigo para agregar un field más a la barra de navegación de "Mi cuenta"Solo se muestran los resultados si se cargan los metodos de envio con Pagopar+3 more

Data Attributes

data-pagopar-merchant-iddata-pagopar-public-keydata-pagopar-url-successdata-pagopar-url-pendingdata-pagopar-url-failuredata-pagopar-order-id+11 more

JS Globals

pagopar_payment_gatewayPP_WOOCOMMERCE

FAQ