Does Paytm Payment Donation have any unpatched vulnerabilities?

Yes — Paytm Payment Donation currently has 1 unpatched vulnerability. We recommend switching to an alternative or applying any available workarounds.

Is Paytm Payment Donation compatible with WordPress 6.7.5?

According to WordPress.org data, Paytm Payment Donation 2.3.3 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is Paytm Payment Donation compatible with PHP 7.4+?

Paytm Payment Donation requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Paytm Payment Donation updated?

Paytm Payment Donation was last updated on Mar 3, 2025. Frequent updates are generally a positive security signal.

What is Paytm Payment Donation's security score?

Paytm Payment Donation has a WP-Safety security score of 67/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Paytm Payment Donation Security & Risk Analysis

wordpress.org/plugins/paytm-donation

A plugin to create Custom form and accept donation payment using paytm payment gateway.

200 active installs v2.3.3 PHP 7.4+ WP 4.9+ Updated Mar 3, 2025

paytmpaytm-donationpaytm-paymentpaytm-pluginpaytm-wordpress-donation

C · Use Caution

CVEs total3

Unpatched1

Last CVEFeb 3, 2025

Plugin page Download

Safety Verdict

Is Paytm Payment Donation Safe to Use in 2026?

Use With Caution

Score 67/100

Paytm Payment Donation has 1 unpatched vulnerability. Evaluate alternatives or apply available mitigations.

3 known CVEs 1 unpatched Last CVE: Feb 3, 2025Updated 1yr ago

Risk Assessment

The 'paytm-donation' plugin v2.3.3 exhibits a mixed security posture. While it demonstrates good practices such as a high percentage of properly escaped outputs and a majority of SQL queries using prepared statements, several concerning areas exist. The presence of an unprotected AJAX handler represents a significant entry point that could be exploited without proper authentication, posing a direct risk. Furthermore, the taint analysis reveals two high-severity flows with unsanitized paths, indicating potential vulnerabilities where user input might not be adequately validated before being used in sensitive operations. The plugin's vulnerability history is also a notable concern, with three known CVEs and one currently unpatched high-severity vulnerability. The prevalence of Cross-site Scripting vulnerabilities in the past suggests a recurring issue with input sanitization or output escaping, even if current static analysis shows good rates in those areas for this version. Overall, while the plugin has strengths, the unprotected entry point, high-severity taint flows, and past vulnerability patterns warrant caution and prompt remediation of the unpatched CVE.

Key Concerns

Unprotected AJAX handler
High severity taint flows (2)
Unpatched high severity CVE
File operations present
External HTTP requests present
Limited nonce checks (2)
Limited capability checks (1)

Vulnerabilities

Paytm Payment Donation Security Vulnerabilities

CVEs by Year

1 CVE in 2023

2023

2 CVEs in 2025 · unpatched

2025

Patched Has unpatched

Severity Breakdown

High

Medium

3 total CVEs

CVE-2025-22640medium · 4.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Paytm Payment Donation <= 2.3.3 - Authenticated (Administrator+) Stored Cross-Site Scripting

Feb 3, 2025Unpatched

CVE-2025-24635medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Paytm Payment Donation <= 2.3.1 - Reflected Cross-Site Scripting

Jan 5, 2025 Patched in 2.3.2 (46d)

CVE-2023-28535high · 7.2Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Paytm Payment Donation <= 2.2.0 - Reflected Cross-Site Scripting

Apr 14, 2023 Patched in 2.2.1 (284d)

Code Analysis

Analyzed Mar 16, 2026

Paytm Payment Donation Code Analysis

Dangerous Functions

Raw SQL Queries

27 prepared

Unescaped Output

122 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

DataTables

SQL Query Safety

66% prepared41 total queries

Output Escaping

94% escaped130 total outputs

Data Flows

3 unsanitized

Data Flow Analysis

5 flows3 with unsanitized paths

refresh_Paytmhistory (paytm-donation.php:1016)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

Paytm Payment Donation Attack Surface

Entry Points6

Unprotected1

AJAX Handlers 5

authwp_ajax_initiate_blinkCheckoutpaytm-donation.php:608

noprivwp_ajax_initiate_blinkCheckoutpaytm-donation.php:609

authwp_ajax_initiate_paytmCustomFieldSavepaytm-donation.php:983

noprivwp_ajax_initiate_paytmCustomFieldSavepaytm-donation.php:984

authwp_ajax_refresh_Paytmhistorypaytm-donation.php:1014

Shortcodes 1

[paytmcheckout] paytm-donation.php:22

WordPress Hooks 9

actioninitpaytm-donation.php:19

actionplugins_loadedpaytm-donation.php:24

actionplugins_loadedpaytm-donation.php:25

actionwp_enqueue_scriptspaytm-donation.php:73

actionadmin_enqueue_scriptspaytm-donation.php:75

actionadmin_menupaytm-donation.php:273

actionadmin_initpaytm-donation.php:274

actionwppaytm-donation.php:503

actionadd_meta_boxespaytm-donation.php:726

Maintenance & Trust

Paytm Payment Donation Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedMar 3, 2025

PHP min version7.4

Downloads18K

Community Trust

Rating100/100

Number of ratings3

Active installs200

Alternatives

Paytm Payment Donation Alternatives

Paytm Gravity Forms

paytm-gravity-forms

This plugin allows you to accept payments using Paytm. After setup configuration with Payment Form. he will redirect to Paytm website to complete his …

10 No CVEs

WPeCommerce Paytm Payment

wp-ecommerce-paytm-payment

This plugin allow you to accept payments using Paytm in WPeCommerce. This plugin will add a Paytm Payment option on WPeCommerce checkout page, when us …

0 No CVEs

Paytm Payment Gateway

paytm-payments

Welcome to the official Paytm Payment Gateway plugin for Woocommerce. Paytm Payment Gateway is ideal for Woocommerce and Wordpress merchants since it …

3K 2 CVEs

Paytm Digital Downloads

edd-paytm-gateway

A paytm gateway for Easy Digital Downloads. This plugin allow you to accept payments using Paytm. This plugin will add a Paytm Payment option on check …

10 No CVEs

UPI QR Code Payment Gateway

upi-qr-code-payment-gateway

This Plugin enables WooCommerce shop owners to get direct and instant payments through UPI apps like GPay, PhonePe, Paytm or any banking UPI app.

1K No CVEs

Developer Profile

Paytm Payment Donation Developer Profile

integrationdevpaytm

5 plugins · 3K total installs

trust score

Avg Security Score

85/100

Avg Patch Time

271 days

View full developer profile

Detection Fingerprints

How We Detect Paytm Payment Donation

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/paytm-donation/assets/2.3.3/css/admin/paytm-donation-admin.css/wp-content/plugins/paytm-donation/assets/2.3.3/js/admin/paytm-donation-admin.js/wp-content/plugins/paytm-donation/assets/2.3.3/css/admin/jquery.dataTables.min.css/wp-content/plugins/paytm-donation/assets/2.3.3/js/admin/jquery.dataTables.min.js/wp-content/plugins/paytm-donation/assets/2.3.3/css/paytm-donation.css/wp-content/plugins/paytm-donation/assets/2.3.3/js/paytm-donation.js

Script Paths

/wp-content/plugins/paytm-donation/assets/2.3.3/js/admin/paytm-donation-admin.js/wp-content/plugins/paytm-donation/assets/2.3.3/js/admin/jquery.dataTables.min.js/wp-content/plugins/paytm-donation/assets/2.3.3/js/paytm-donation.js

Version Parameters

paytm-donation/assets/2.3.3/css/admin/paytm-donation-admin.css?ver=paytm-donation/assets/2.3.3/js/admin/paytm-donation-admin.js?ver=paytm-donation/assets/2.3.3/css/admin/jquery.dataTables.min.css?ver=paytm-donation/assets/2.3.3/js/admin/jquery.dataTables.min.js?ver=paytm-donation/assets/2.3.3/css/paytm-donation.css?ver=paytm-donation/assets/2.3.3/js/paytm-donation.js?ver=

HTML / DOM Fingerprints

CSS Classes

paytm-donation-form

HTML Comments

Data Attributes

data-paytm-checkout-button

JS Globals

PaytmConstantsDonation

Shortcode Output

[paytmcheckout]

FAQ