Does pensopay Payments v2 have any unpatched vulnerabilities?

No. All known vulnerabilities in pensopay Payments v2 have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is pensopay Payments v2 compatible with WordPress 6.8.5?

According to WordPress.org data, pensopay Payments v2 2.0.6 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

How often is pensopay Payments v2 updated?

pensopay Payments v2 was last updated on Jan 29, 2026. Frequent updates are generally a positive security signal.

What is pensopay Payments v2's security score?

pensopay Payments v2 has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

pensopay Payments v2 Security & Risk Analysis

wordpress.org/plugins/pensopay-payments-v2

Integrates your pensopay V2 payment gateway into your WooCommerce installation.

1K active installs v2.0.6 PHP + WP 6.3+ Updated Jan 29, 2026

gatewaypaymentpensopaypspwoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is pensopay Payments v2 Safe to Use in 2026?

Generally Safe

Score 100/100

pensopay Payments v2 has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago

Risk Assessment

The "pensopay-payments-v2" plugin v2.0.6 exhibits a generally good security posture with several strong practices in place. The complete absence of known CVEs and a history of zero recorded vulnerabilities across all severities is a significant positive indicator. Furthermore, the code demonstrates robust data handling with 100% of SQL queries utilizing prepared statements and a high percentage (92%) of output properly escaped. The presence of nonce and capability checks on most entry points also suggests a conscious effort to secure the plugin.

However, there are specific areas that introduce risk. The analysis reveals one unprotected REST API route, which represents a direct attack vector that could be exploited if not properly secured by other means. While the total attack surface is small and the taint analysis shows no concerning flows, this single unprotected entry point warrants attention. The presence of file operations also introduces a potential risk if not handled with extreme care, although no specific vulnerabilities are highlighted in this area.

In conclusion, the plugin is well-maintained in terms of known vulnerabilities and core security practices like prepared statements and output escaping. The primary weakness lies in the single unprotected REST API route. Mitigating this specific risk would significantly enhance the plugin's security. The overall security is good, but the unprotected REST API route prevents it from being excellent.

Key Concerns

Unprotected REST API route

Vulnerabilities

None known

pensopay Payments v2 Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

pensopay Payments v2 Code Analysis

Dangerous Functions

Raw SQL Queries

4 prepared

Unescaped Output

94 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared4 total queries

Output Escaping

92% escaped102 total outputs

Attack Surface

1 unprotected

pensopay Payments v2 Attack Surface

Entry Points3

Unprotected1

AJAX Handlers 1

authwp_ajax_pensopay_transaction_actionsincludes\admin\panel.php:14

REST API Routes 2

POST/wp-json/pensopay/v2/callbackincludes\methods\creditcard.php:91

GET/wp-json/pensopay/v1/versionincludes\rest\api.php:17

WordPress Hooks 45

filterwoocommerce_order_actionsincludes\admin\admin-order-actions.php:7

actionwoocommerce_order_action_pensopay_gateway_create_payment_linkincludes\admin\admin-order-actions.php:8

filterpensopay_payments_order_number_for_apiincludes\admin\admin-order-actions.php:52

actionadmin_initincludes\admin\order-table\order-table-transaction-data.php:9

filterwoocommerce_subscription_bulk_actionsincludes\admin\order-table\order-table-transaction-data.php:45

actionadmin_noticesincludes\admin\panel.php:9

actionadd_meta_boxes_shop_orderincludes\admin\panel.php:10

actionadd_meta_boxes_woocommerce_page_wc-ordersincludes\admin\panel.php:11

actionadmin_enqueue_scriptsincludes\admin\panel.php:12

actionwoocommerce_blocks_loadedincludes\blocks\checkout.php:16

actionwp_print_footer_scriptsincludes\blocks\checkout.php:19

actionadmin_print_scriptsincludes\blocks\checkout.php:20

actionwoocommerce_blocks_payment_method_type_registrationincludes\blocks\checkout.php:43

filterwoocommerce_email_classesincludes\emails\manager.php:10

actionpensopay_payments_order_action_payment_link_createdincludes\emails\manager.php:11

actionadmin_noticesincludes\gateway.php:22

actioninitincludes\gateway.php:37

filterwoocommerce_payment_gatewaysincludes\gateway.php:39

filterplugin_row_metaincludes\gateway.php:40

filterallowed_redirect_hostsincludes\gateway.php:42

filterauto_update_pluginincludes\gateway.php:43

actionwoocommerce_order_status_completedincludes\methods\abstract.php:30

actionwoocommerce_order_status_cancelledincludes\methods\abstract.php:34

filterwoocommerce_gateway_iconincludes\methods\abstract.php:37

filterwoocommerce_available_payment_gatewaysincludes\methods\anyday.php:26

filterpensopay_payments_request_bodyincludes\methods\applepay.php:26

filterwoocommerce_available_payment_gatewaysincludes\methods\applepay.php:27

actionrest_api_initincludes\methods\creditcard.php:68

actionwoocommerce_api_pensopayincludes\methods\creditcard.php:69

filterpensopay_payments_facilitator_pensopay_gatewayincludes\methods\creditcard.php:70

filterpensopay_payments_request_bodyincludes\methods\googlepay.php:26

filterwoocommerce_available_payment_gatewaysincludes\methods\googlepay.php:27

filterwoocommerce_available_payment_gatewaysincludes\methods\klarna.php:26

filterwoocommerce_available_payment_gatewaysincludes\methods\mobilepay.php:26

filterwoocommerce_available_payment_gatewaysincludes\methods\stripe-ideal.php:26

filterpensopay_payments_request_bodyincludes\methods\stripe-ideal.php:27

filterwoocommerce_available_payment_gatewaysincludes\methods\stripe-klarna.php:26

filterpensopay_payments_request_bodyincludes\methods\stripe-klarna.php:27

filterwoocommerce_available_payment_gatewaysincludes\methods\swish.php:26

filterpensopay_payments_request_bodyincludes\methods\swish.php:27

filterwoocommerce_available_payment_gatewaysincludes\methods\viabill.php:26

filterwoocommerce_available_payment_gatewaysincludes\methods\vippspsp.php:26

actionrest_api_initincludes\rest\api.php:10

actionbefore_woocommerce_initpensopay.php:32

actionplugins_loadedpensopay.php:39

Maintenance & Trust

pensopay Payments v2 Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedJan 29, 2026

PHP min version

Downloads7K

Community Trust

Rating0/100

Number of ratings0

Active installs1K

Alternatives

pensopay Payments v2 Alternatives

pensopay Payments

woo-pensopay

100

Integrates the pensopay payment gateway into your WooCommerce installation.

2K 1 CVE

Payment Gateway Based Fees and Discounts for WooCommerce

checkout-fees-for-woocommerce

Set fees and discounts for WooCommerce payment gateways.

30K 1 CVE

Paystack WooCommerce Payment Gateway

woo-paystack

100

Paystack for WooCommerce allows your WooCommerce store to accept secure payments from multiple local and global payment channels.

30K No CVEs

Montonio for WooCommerce

montonio-for-woocommerce

100

Montonio is a complete checkout solution for online stores that includes all popular payment methods (local banks, card payments, Apple Pay, Google Pa …

10K No CVEs

NETOPIA Payments Payment Gateway

netopia-payments-payment-gateway

NETOPIA Payments Payment Gateway extends WooCommerce payment options by adding NETOPIA's Payment Gateway options.

10K No CVEs

Developer Profile

pensopay Payments v2 Developer Profile

pensopay

2 plugins · 3K total installs

trust score

Avg Security Score

100/100

Avg Patch Time

140 days

View full developer profile

Detection Fingerprints

How We Detect pensopay Payments v2

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/pensopay-payments-v2/assets/js/admin/pensopay.js/wp-content/plugins/pensopay-payments-v2/assets/css/admin/pensopay.css/wp-content/plugins/pensopay-payments-v2/assets/js/admin/pensopay-settings.js

Script Paths

/wp-content/plugins/pensopay-payments-v2/assets/js/admin/pensopay.js/wp-content/plugins/pensopay-payments-v2/assets/js/admin/pensopay-settings.js

Version Parameters

pensopay-payments-v2/assets/js/admin/pensopay.js?ver=pensopay-payments-v2/assets/css/admin/pensopay.css?ver=pensopay-payments-v2/assets/js/admin/pensopay-settings.js?ver=

HTML / DOM Fingerprints

CSS Classes

pensopay-payments-v2-payment-actions

Data Attributes

data-is_pensopay

JS Globals

pensopayBackend

FAQ