WP-Safety

Payment gateway: accept.blue for WooCommerce Security & Risk Analysis

wordpress.org/plugins/payment-gateway-accept-blue-for-woocommerce

This plugin was made for receiving Credit Cards and ACH payments on your store using the accept.blue payment gateway.

200 active installs v1.6.0 PHP 8.1+ WP 4.4+ Updated Mar 2, 2026
accept-blueachcredit-cardpayments
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Payment gateway: accept.blue for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Payment gateway: accept.blue for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago
Risk Assessment

The plugin "payment-gateway-accept-blue-for-woocommerce" v1.6.0 exhibits a mixed security posture. On the positive side, it has no recorded CVEs, indicating a generally stable security history and no known critical vulnerabilities. The static analysis also shows good practices in SQL query preparation (67% prepared) and output escaping (92% properly escaped). Taint analysis reveals no unsanitized paths, which is a significant strength. The plugin also bundles Guzzle, a common HTTP client library.

However, there are significant security concerns stemming from the identified attack surface. The plugin exposes two AJAX handlers, both of which lack authentication checks. This is a critical vulnerability as it allows unauthenticated users to trigger potentially sensitive functionality. The absence of nonce checks on these AJAX handlers further exacerbates this risk, making them susceptible to Cross-Site Request Forgery (CSRF) attacks. Additionally, the plugin lacks capability checks, meaning any authenticated user, regardless of their role or permissions, could potentially interact with these endpoints.

In conclusion, while the plugin benefits from a clean vulnerability history and good practices in data handling (SQL and output escaping), the lack of authentication and capability checks on its AJAX endpoints presents a substantial security risk. This oversight could lead to unauthorized actions being performed on the site. The presence of unprotected entry points is the most critical weakness and should be addressed immediately.

Key Concerns

  • Unprotected AJAX handlers
  • Missing nonce checks on AJAX
  • Missing capability checks
  • SQL queries without prepared statements
  • Unescaped output
Vulnerabilities
None known

Payment gateway: accept.blue for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Payment gateway: accept.blue for WooCommerce Release Timeline

v1.6.0Current
v1.5.9
v1.5.8
v1.5.7
v1.5.6
v1.5.5
v1.5.4
v1.5.3
v1.5.2
v1.5.1
v1.5.0
v1.4.9
v1.4.8
v1.4.7
v1.4.6
v1.4.5
v1.4.4
v1.4.3
v1.4.2
v1.4.1
Code Analysis
Analyzed Mar 16, 2026

Payment gateway: accept.blue for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
1
2 prepared
Unescaped Output
4
44 escaped
Nonce Checks
0
Capability Checks
0
File Operations
1
External Requests
2
Bundled Libraries
1

Bundled Libraries

Guzzle

SQL Query Safety

67% prepared3 total queries

Output Escaping

92% escaped48 total outputs
Data Flows · Security
All sanitized

Data Flow Analysis

1 flows
<wc-acceptblue-gateway-credit-card> (includes\wc-acceptblue-gateway-credit-card.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

Payment gateway: accept.blue for WooCommerce Attack Surface

Entry Points2
Unprotected2

AJAX Handlers 2

authwp_ajax_acceptblue_gateway_process_paymentmodules\GooglePay\WC_AcceptBlue_GooglePay_Gateway.php:78
noprivwp_ajax_acceptblue_gateway_process_paymentmodules\GooglePay\WC_AcceptBlue_GooglePay_Gateway.php:79
WordPress Hooks 41
actionplugins_loadedacceptblue-payments.php:40
filterwoocommerce_payment_gatewaysacceptblue-payments.php:72
actionwoocommerce_order_status_on-hold_to_processingacceptblue-payments.php:81
actionwoocommerce_order_status_on-hold_to_completedacceptblue-payments.php:82
actionwoocommerce_order_status_processing_to_completedacceptblue-payments.php:83
filtercron_schedulesacceptblue-payments.php:85
actionacceptblue_check_ach_statusacceptblue-payments.php:102
filterwoocommerce_available_payment_gatewaysacceptblue-payments.php:113
actionadmin_noticesacceptblue-payments.php:115
actionwp_enqueue_scriptsacceptblue-payments.php:117
actionwp_enqueue_scriptsacceptblue-payments.php:119
actionadmin_enqueue_scriptsacceptblue-payments.php:121
actionacceptblue_after_credit_card_formacceptblue-payments.php:123
actionacceptblue_after_check_formacceptblue-payments.php:125
actionbefore_woocommerce_initacceptblue-payments.php:137
actionwoocommerce_blocks_loadedacceptblue-payments.php:140
actionwoocommerce_blocks_payment_method_type_registrationacceptblue-payments.php:148
filterrest_request_before_callbacksacceptblue-payments.php:162
actionadmin_noticesacceptblue-payments.php:200
filterwoocommerce_subscription_payment_metaincludes\wc-acceptblue-gateway-credit-card.php:105
filterpgabfw_save_subscription_payment_tokenincludes\wc-acceptblue-gateway-credit-card.php:106
actionwoocommerce_before_order_object_saveincludes\wc-acceptblue-gateway-credit-card.php:107
actionwoocommerce_before_order_object_saveincludes\wc-acceptblue-gateway-credit-card.php:827
filterwoocommerce_payment_gatewaysmodules\Common\PaymentGatewayRegistrator.php:12
actionwoocommerce_blocks_payment_method_type_registrationmodules\Common\PaymentGatewayRegistrator.php:21
actionwp_enqueue_scriptsmodules\GooglePay\GooglePayButton.php:13
filterscript_loader_tagmodules\GooglePay\GooglePayButton.php:14
actionwp_footermodules\GooglePay\GooglePayButton.php:16
actionwoocommerce_order_status_on-hold_to_processingmodules\GooglePay\WC_AcceptBlue_GooglePay_Gateway.php:81
actionwoocommerce_order_status_on-hold_to_completedmodules\GooglePay\WC_AcceptBlue_GooglePay_Gateway.php:82
actionwoocommerce_order_status_processing_to_completedmodules\GooglePay\WC_AcceptBlue_GooglePay_Gateway.php:83
actionwp_enqueue_scriptsmodules\Surcharge\Surcharge.php:16
filterpgabfw_cc_request_datamodules\Surcharge\Surcharge.php:17
filterpgabfw_ach_request_datamodules\Surcharge\Surcharge.php:18
filterpgabfw_google_pay_request_datamodules\Surcharge\Surcharge.php:19
filterwc_acceptblue_settings_credit_cardmodules\Surcharge\Surcharge.php:20
filterwc_acceptblue_settings_achmodules\Surcharge\Surcharge.php:21
filterwc_acceptblue_settings_google_paymodules\Surcharge\Surcharge.php:22
actionpgabfw_before_transaction_updatemodules\Surcharge\Surcharge.php:23
filterpgabfw_surcharge_amountmodules\Surcharge\Surcharge.php:24
actionwoocommerce_order_status_failedmodules\Surcharge\Surcharge.php:25

Scheduled Events 1

acceptblue_check_ach_status
Maintenance & Trust

Payment gateway: accept.blue for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedMar 2, 2026
PHP min version8.1
Downloads7K

Community Trust

Rating72/100
Number of ratings8
Active installs200
Alternatives

Payment gateway: accept.blue for WooCommerce Alternatives

Charge Anywhere Payment Gateway for WooCommerce

Charge Anywhere Payment Gateway for WooCommerce

charge-anywhere-payment-gateway-for-woocommerce

A
100

Charge Anywhere payment gateway integration for WooCommerce to accept credit cards directly on WordPress e-commerce websites.

20 No CVEs
Flux Payments Gateway for WooCommerce

Flux Payments Gateway for WooCommerce

flux-payments-gateway

A
100

Accept credit cards, ACH, and cryptocurrency payments with recurring billing, invoicing, and business integrations for US and Canadian merchants.

0 No CVEs
WooPayments: Integrated WooCommerce Payments

WooPayments: Integrated WooCommerce Payments

woocommerce-payments

A
89

Securely accept credit and debit cards on your WooCommerce store. Manage payments without leaving your WordPress dashboard. Only with WooPayments.

900K 7 CVEs
WooCommerce PayPal Payments

WooCommerce PayPal Payments

woocommerce-paypal-payments

A
100

PayPal's latest payment processing solution. Accept PayPal, Pay Later, credit/debit cards, alternative digital wallets and bank accounts.

800K 1 CVE
WooCommerce Stripe Payment Gateway

WooCommerce Stripe Payment Gateway

woocommerce-gateway-stripe

A
98

Accept debit and credit cards in 135+ currencies, many local methods like Alipay, ACH, and SEPA, and express checkout with Apple Pay and Google Pay.

700K 4 CVEs
Developer Profile

Payment gateway: accept.blue for WooCommerce Developer Profile

devurai

1 plugin · 200 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Payment gateway: accept.blue for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/payment-gateway-accept-blue-for-woocommerce/assets/css/backend/pgabfw-backend-style.css/wp-content/plugins/payment-gateway-accept-blue-for-woocommerce/assets/css/frontend/pgabfw-frontend-style.css/wp-content/plugins/payment-gateway-accept-blue-for-woocommerce/assets/js/backend/pgabfw-backend.js/wp-content/plugins/payment-gateway-accept-blue-for-woocommerce/assets/js/frontend/pgabfw-frontend.js/wp-content/plugins/payment-gateway-accept-blue-for-woocommerce/assets/js/frontend/pgabfw-credit-card-validation.js/wp-content/plugins/payment-gateway-accept-blue-for-woocommerce/assets/js/frontend/pgabfw-ach-validation.js/wp-content/plugins/payment-gateway-accept-blue-for-woocommerce/assets/js/libs/jquery.mask.min.js/wp-content/plugins/payment-gateway-accept-blue-for-woocommerce/assets/js/libs/cleave.min.js+2 more
Script Paths
/wp-content/plugins/payment-gateway-accept-blue-for-woocommerce/assets/js/backend/pgabfw-backend.js/wp-content/plugins/payment-gateway-accept-blue-for-woocommerce/assets/js/frontend/pgabfw-frontend.js/wp-content/plugins/payment-gateway-accept-blue-for-woocommerce/assets/js/frontend/pgabfw-credit-card-validation.js/wp-content/plugins/payment-gateway-accept-blue-for-woocommerce/assets/js/frontend/pgabfw-ach-validation.js/wp-content/plugins/payment-gateway-accept-blue-for-woocommerce/assets/js/libs/jquery.mask.min.js/wp-content/plugins/payment-gateway-accept-blue-for-woocommerce/assets/js/libs/cleave.min.js
Version Parameters
payment-gateway-accept-blue-for-woocommerce/assets/css/backend/pgabfw-backend-style.css?ver=payment-gateway-accept-blue-for-woocommerce/assets/css/frontend/pgabfw-frontend-style.css?ver=payment-gateway-accept-blue-for-woocommerce/assets/js/backend/pgabfw-backend.js?ver=payment-gateway-accept-blue-for-woocommerce/assets/js/frontend/pgabfw-frontend.js?ver=payment-gateway-accept-blue-for-woocommerce/assets/js/frontend/pgabfw-credit-card-validation.js?ver=payment-gateway-accept-blue-for-woocommerce/assets/js/frontend/pgabfw-ach-validation.js?ver=payment-gateway-accept-blue-for-woocommerce/assets/js/libs/jquery.mask.min.js?ver=payment-gateway-accept-blue-for-woocommerce/assets/js/libs/cleave.min.js?ver=payment-gateway-accept-blue-for-woocommerce/wc_blocks/acceptblue-cc-block.js?ver=payment-gateway-accept-blue-for-woocommerce/wc_blocks/acceptblue-ach-block.js?ver=

HTML / DOM Fingerprints

CSS Classes
pgabfw-credit-card-validation-formpgabfw-ach-validation-formpgabfw-credit-card-input-wrappgabfw-ach-input-wrap
Data Attributes
data-gateway-id="acceptblue-cc"data-gateway-id="acceptblue-ach"data-payment-method-type="acceptblue-cc"data-payment-method-type="acceptblue-ach"
JS Globals
PGABFW_LIBS_FRONTENDPGABFW_WC_BLOCKSacceptblue_cc_block_paramsacceptblue_ach_block_params
REST Endpoints
/wp-json/devurai/acceptblue-payment-pro/v1/settings/google-pay/wp-json/devurai/acceptblue-payment-pro/v1/settings/cc/wp-json/devurai/acceptblue-payment-pro/v1/settings/ach
FAQ

Frequently Asked Questions about Payment gateway: accept.blue for WooCommerce