Does Pay Advantage have any unpatched vulnerabilities?

No. All known vulnerabilities in Pay Advantage have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Pay Advantage compatible with WordPress 6.4.8?

According to WordPress.org data, Pay Advantage 3.3.1 has been tested up to WordPress 6.4.8. Check the plugin's changelog for the latest compatibility information.

Is Pay Advantage compatible with PHP 7.0+?

Pay Advantage requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Pay Advantage updated?

Pay Advantage was last updated on Nov 22, 2023. Frequent updates are generally a positive security signal.

What is Pay Advantage's security score?

Pay Advantage has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Pay Advantage Security & Risk Analysis

wordpress.org/plugins/pay-advantage

Instantly accept Visa, Mastercard and American Express from your site with fast settlement to any Australian bank account.

40 active installs v3.3.1 PHP 7.0+ WP 5.2+ Updated Nov 22, 2023

credit-cardse-commerceonline-paymentspayment-gateway

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Pay Advantage Safe to Use in 2026?

Generally Safe

Score 85/100

Pay Advantage has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2yr ago

Risk Assessment

The 'pay-advantage' plugin v3.3.1 demonstrates a generally strong security posture, with no known historical vulnerabilities and good practices in SQL query handling and output escaping. The extensive use of prepared statements for all SQL queries and a high percentage of properly escaped outputs are positive indicators. However, the plugin's attack surface presents a significant area for concern. With 13 AJAX handlers, two of which lack proper authentication checks, there is a clear risk of unauthorized actions being performed if these handlers are exploitable. While no critical taint flows were identified, the presence of flows with unsanitized paths, even if not classified as critical or high, warrants further investigation as these could potentially lead to vulnerabilities if inputs are not adequately validated or sanitized before use. The lack of known CVEs is reassuring, but the identified unprotected entry points are a notable weakness that requires immediate attention.

Key Concerns

AJAX handlers without authentication
Flows with unsanitized paths

Vulnerabilities

None known

Pay Advantage Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Pay Advantage Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

80 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

82% escaped97 total outputs

Data Flows

3 unsanitized

Data Flow Analysis

5 flows3 with unsanitized paths

pay_advantage_create_customer_handler (public\ajax-payadvantage-customer.php:15)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

Pay Advantage Attack Surface

Entry Points13

Unprotected2

AJAX Handlers 13

authwp_ajax_save_pay_advantage_settings_actionadmin\options-ajax.php:2

authwp_ajax_pay_advantage_connect_actionadmin\options-ajax.php:60

authwp_ajax_pay_advantage_disconnect_actionadmin\options-ajax.php:109

authwp_ajax_pay_advantage_credit_cardpublic\ajax-payadvantage-creditcard.php:9

noprivwp_ajax_pay_advantage_credit_cardpublic\ajax-payadvantage-creditcard.php:10

authwp_ajax_pay_advantage_create_customerpublic\ajax-payadvantage-customer.php:9

noprivwp_ajax_pay_advantage_create_customerpublic\ajax-payadvantage-customer.php:10

authwp_ajax_pay_advantage_wc_mark_order_as_paidpublic\ajax-payadvantage-woocommerce.php:6

noprivwp_ajax_pay_advantage_wc_mark_order_as_paidpublic\ajax-payadvantage-woocommerce.php:7

authwp_ajax_pay_advantage_wc_mark_order_as_cancelledpublic\ajax-payadvantage-woocommerce.php:9

noprivwp_ajax_pay_advantage_wc_mark_order_as_cancelledpublic\ajax-payadvantage-woocommerce.php:10

authwp_ajax_pay_advantage_wc_mark_order_as_failedpublic\ajax-payadvantage-woocommerce.php:12

noprivwp_ajax_pay_advantage_wc_mark_order_as_failedpublic\ajax-payadvantage-woocommerce.php:13

WordPress Hooks 13

actionadmin_menuadmin\options-page.php:14

actionadmin_enqueue_scriptsadmin\options-page.php:16

actionplugins_loadedmigration\migration.php:14

actionadmin_noticespayadvantage.php:83

filterhttp_headers_useragentpayadvantage.php:120

actionbefore_woocommerce_initpayadvantage.php:129

actionplugins_loadedpublic\cls-payadvantage-woocommerce.php:10

actionwp_enqueue_scriptspublic\cls-payadvantage-woocommerce.php:37

filterwoocommerce_payment_gatewayspublic\cls-payadvantage-woocommerce.php:220

actionwidgets_initpublic\widget-payadvantage-make-payment.php:68

actionwp_enqueue_scriptspublic\widget-payadvantage-make-payment.php:128

actionwidgets_initpublic\widget-payadvantage-register-bpay.php:67

actionwp_enqueue_scriptspublic\widget-payadvantage-register-bpay.php:115

Maintenance & Trust

Pay Advantage Maintenance & Trust

Maintenance Signals

WordPress version tested6.4.8

Last updatedNov 22, 2023

PHP min version7.0

Downloads4K

Community Trust

Rating60/100

Number of ratings2

Active installs40

Alternatives

Pay Advantage Alternatives

Nexi XPay

cartasi-x-pay

100

XPay is the payment gateway provided by Nexi, a leading group in Italy with the goal of shaping the future of digital payments.

6K No CVEs

Instamojo for WooCommerce

woo-instamojo

Sell & collect payments instantly for almost anything -- directly from your WordPress website.

5K No CVEs

Up2pay e-Transactions WooCommerce Payment Gateway

e-transactions-wc

100

This plugin is a Up2pay e-Transactions payment gateway for WooCommerce 4.x

4K No CVEs

MultiSafepay plugin for WooCommerce

multisafepay

MultiSafepay offers the most comprehensive payment solutions. Easily integrate the payment solutions of MultiSafepay into your webshop.

2K 1 CVE

PayPlus Payment Gateway

payplus-payment-gateway

Accept credit/debit card payments or other methods such as bit, Apple Pay, Google Pay in one page. Create digitally signed invoices & much more!

1K 3 CVEs

Developer Profile

Pay Advantage Developer Profile

Pay Advantage

1 plugin · 40 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Pay Advantage

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/pay-advantage/admin/js/options-page.js/wp-content/plugins/pay-advantage/public/css/payadvantage.css/wp-content/plugins/pay-advantage/public/js/common.js/wp-content/plugins/pay-advantage/public/js/jquery-blockui/jquery.blockUI.min.js

Script Paths

/wp-content/plugins/pay-advantage/public/js/common.js/wp-content/plugins/pay-advantage/public/js/jquery-blockui/jquery.blockUI.min.js/wp-content/plugins/pay-advantage/admin/js/options-page.js

Version Parameters

payadvantage/admin/js/options-page.js?ver=payadvantage/public/css/payadvantage.css?ver=payadvantage/public/js/common.js?ver=payadvantage/public/js/jquery-blockui/jquery.blockUI.min.js?ver=

HTML / DOM Fingerprints

HTML Comments

Data Attributes

data-payadvantage-nonce

JS Globals

pay_advantage_ajax_object

FAQ