Does PlanetStudio Payment Gateway have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is PlanetStudio Payment Gateway compatible with WordPress 6.9.4?

According to WordPress.org data, PlanetStudio Payment Gateway 1.1.8 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is PlanetStudio Payment Gateway compatible with PHP 7.4+?

PlanetStudio Payment Gateway requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is PlanetStudio Payment Gateway updated?

PlanetStudio Payment Gateway was last updated on Apr 14, 2026. Frequent updates are generally a positive security signal.

What is PlanetStudio Payment Gateway's security score?

PlanetStudio Payment Gateway has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

PlanetStudio Payment Gateway Security & Risk Analysis

wordpress.org/plugins/planetstudio-payment-gateway

Accept payments via Armenian banks and the Idram Wallet payment system.

10 active installs v1.1.8 PHP 7.4+ WP 5.4+ Updated Apr 14, 2026

arcaarmenian-banksidrampayment-gateway

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is PlanetStudio Payment Gateway Safe to Use in 2026?

Generally Safe

Score 100/100

PlanetStudio Payment Gateway has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The "planetstudio-payment-gateway" v1.1.8 plugin exhibits a generally strong security posture, with several positive indicators. The extensive use of prepared statements for all SQL queries and a very high percentage of properly escaped output are commendable. The plugin also demonstrates a good understanding of WordPress security best practices by implementing a significant number of nonce and capability checks across its functionalities, effectively limiting its attack surface. There are no known past vulnerabilities or CVEs, which suggests a history of secure development or diligent patching.

However, two specific concerns warrant attention. The presence of two "flows with unsanitized paths" in the taint analysis, despite not reaching critical or high severity, indicates a potential weakness in how file paths are handled. While these may not be exploitable without further conditions, they represent an area where an attacker could potentially manipulate file access. Furthermore, the plugin's reliance on 8 external HTTP requests could introduce risks if the target endpoints are compromised or if the plugin fails to properly validate responses from these external services.

Overall, the plugin is well-secured with robust input validation and authorization mechanisms. The identified unsanitized path flows are the primary area of concern and should be investigated for potential remediation. The lack of past vulnerabilities is a significant strength, but continuous vigilance regarding external dependencies and path handling is advised.

Key Concerns

Flows with unsanitized paths detected
8 external HTTP requests

Vulnerabilities

None known

PlanetStudio Payment Gateway Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

PlanetStudio Payment Gateway Release Timeline

v1.1.8Current

v1.0.0

Code Analysis

Analyzed Apr 16, 2026

PlanetStudio Payment Gateway Code Analysis

Dangerous Functions

Raw SQL Queries

38 prepared

Unescaped Output

483 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared38 total queries

Output Escaping

98% escaped491 total outputs

Data Flows · Security

2 unsanitized

Data Flow Analysis

9 flows2 with unsanitized paths

render_notice (includes/integrations/paylink/class-pspg-admin-paylink.php:703)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

PlanetStudio Payment Gateway Attack Surface

Entry Points1

Unprotected0

AJAX Handlers 1

authwp_ajax_pspg_order_logincludes/admin/class-pspg-admin-orders.php:53

WordPress Hooks 49

actionadmin_enqueue_scriptsincludes/admin/class-pspg-admin-addons.php:41

actionpspg_addon_card_paylinkincludes/admin/class-pspg-admin-addons.php:44

actionadmin_noticesincludes/admin/class-pspg-admin-addons.php:47

actionadmin_initincludes/admin/class-pspg-admin-addons.php:50

actionadmin_menuincludes/admin/class-pspg-admin-menu.php:28

actioncurrent_screenincludes/admin/class-pspg-admin-orders.php:46

filterset-screen-optionincludes/admin/class-pspg-admin-orders.php:47

actionadmin_post_pspg_order_actionincludes/admin/class-pspg-admin-orders.php:50

actionadmin_enqueue_scriptsincludes/admin/class-pspg-admin-orders.php:56

filtermanage_edit-shop_order_columnsincludes/admin/class-pspg-admin-orders.php:59

actionmanage_shop_order_posts_custom_columnincludes/admin/class-pspg-admin-orders.php:60

filtermanage_woocommerce_page_wc-orders_columnsincludes/admin/class-pspg-admin-orders.php:63

actionmanage_woocommerce_page_wc-orders_custom_columnincludes/admin/class-pspg-admin-orders.php:64

actionadmin_initincludes/admin/class-pspg-admin-settings.php:53

actionadmin_enqueue_scriptsincludes/admin/class-pspg-admin-settings.php:54

actionadmin_enqueue_scriptsincludes/admin/class-pspg-admin-support.php:41

actionadmin_enqueue_scriptsincludes/admin/class-pspg-admin-tools.php:75

actionadmin_post_pspg_export_settingsincludes/admin/class-pspg-admin-tools.php:77

actionadmin_post_pspg_import_settingsincludes/admin/class-pspg-admin-tools.php:78

actionadmin_post_pspg_tools_import_arca_legacyincludes/admin/class-pspg-admin-tools.php:79

actionadmin_post_pspg_tools_set_ui_modeincludes/admin/class-pspg-admin-tools.php:80

actionadmin_post_pspg_tools_reset_settingsincludes/admin/class-pspg-admin-tools.php:82

actionadmin_post_pspg_tools_clear_ordersincludes/admin/class-pspg-admin-tools.php:83

actionadmin_noticesincludes/admin/class-pspg-admin-tools.php:86

actionpspg_register_banksincludes/banks/class-pspg-bank-ameria.php:1389

actionpspg_register_banksincludes/banks/class-pspg-bank-amio.php:1293

actionpspg_register_banksincludes/banks/class-pspg-bank-arca.php:1396

actionpspg_register_banksincludes/banks/class-pspg-bank-idram.php:1153

actionpspg_register_banksincludes/banks/class-pspg-bank-ineco.php:1242

actionparse_requestincludes/core/class-pspg-core.php:80

actionrest_api_initincludes/core/class-pspg-rest-router.php:31

filterallowed_redirect_hostsincludes/core/class-pspg-security.php:23

actionadmin_enqueue_scriptsincludes/integrations/paylink/class-pspg-admin-paylink.php:70

actionadmin_post_pspg_paylink_createincludes/integrations/paylink/class-pspg-admin-paylink.php:71

filterset-screen-optionincludes/integrations/paylink/class-pspg-admin-paylink.php:77

actionpspg_payment_paidincludes/integrations/paylink/class-pspg-paylink-notifications.php:29

actionadmin_noticesincludes/integrations/paylink/class-pspg-paylink-notifications.php:30

actioninitincludes/integrations/paylink/class-pspg-paylink-public.php:38

filterquery_varsincludes/integrations/paylink/class-pspg-paylink-public.php:39

actiontemplate_redirectincludes/integrations/paylink/class-pspg-paylink-public.php:40

filterpspg_idram_success_redirect_urlincludes/integrations/paylink/class-pspg-paylink-public.php:43

filterpspg_idram_fail_redirect_urlincludes/integrations/paylink/class-pspg-paylink-public.php:44

filterpre_get_document_titleincludes/integrations/paylink/class-pspg-paylink-public.php:1030

filterdocument_title_partsincludes/integrations/paylink/class-pspg-paylink-public.php:1038

actionwp_enqueue_scriptsincludes/integrations/paylink/class-pspg-paylink-public.php:1047

actionplugins_loadedincludes/integrations/paylink/class-pspg-paylink-public.php:1615

filterplugin_row_metaplanetstudio-payment-gateway.php:112

actioninitplanetstudio-payment-gateway.php:138

actionadmin_enqueue_scriptsplanetstudio-payment-gateway.php:204

Maintenance & Trust

PlanetStudio Payment Gateway Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedApr 14, 2026

PHP min version7.4

Downloads82

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

PlanetStudio Payment Gateway Alternatives

Planet Studio Payment Gateway for ArCa

arca-payment-gateway

Accept payments from local & international customers to Armenian banks & Idram via ArCa paycenter for WooCommerce & GiveWP donation plugin.

100 1 CVE

Bayarcash for Fluent Forms

bayarcash-for-fluent-forms

100

Integrate Bayarcash payment gateway with Fluent Forms to accept payments in Malaysia via FPX, DuitNow, and other local payment methods.

50 No CVEs

Bayarcash for Gravity Forms

bayarcash-for-gravity-forms

Integrate Bayarcash payment gateway with Gravity Forms to accept payments in Malaysia via FPX, DuitNow, and other local payment methods.

10 No CVEs

Bayarcash For Easy Digital Downloads

bayarcash-for-easy-digital-downloads

100

Integrate Bayarcash payment solutions with your Easy Digital Downloads store.

0 No CVEs

Bayarcash for FluentCart

bayarcash-for-fluentcart

100

Accept payments via Bayarcash payment gateway for FluentCart. Supports FPX, DuitNow QR, and other Malaysian payment methods.

0 No CVEs

Developer Profile

PlanetStudio Payment Gateway Developer Profile

Planet Studio

3 plugins · 170 total installs

trust score

Avg Security Score

97/100

Avg Patch Time

15 days

View full developer profile

Detection Fingerprints

How We Detect PlanetStudio Payment Gateway

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/planetstudio-payment-gateway/includes/assets/css/pspg-style.css

Version Parameters

planetstudio-payment-gateway/includes/assets/css/pspg-style.css?ver=planetstudio-payment-gateway

HTML / DOM Fingerprints

CSS Classes

pspg-addon-license-boxpspg-addon-license-box--activepspg-addon-linkspspg-dot

HTML Comments

Shared PayLink helper (currency + bank labels).Render built-in info box for PayLink / QR card.Show admin notice if supported plugins are detected but PSPG add-ons are not installed.Handle dismiss action for missing add-ons notice.+27 more

Data Attributes

data-pspg-dismiss

JS Globals

pspg_core

FAQ