WP-Safety

POS Virtual Security & Risk Analysis

wordpress.org/plugins/pos-virtual

Integra tu POS Virtual a WooCommerce con este plugin desarrollado por ShopShop para aceptar pagos con tarjeta de crédito o débito en contado y cuotas.

10 active installs v3.2 PHP 7.0.0+ WP 6.0+ Updated Mar 3, 2023
ecommerceempresasmedio-de-pagonegocioswoocommerce
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is POS Virtual Safe to Use in 2026?

Generally Safe

Score 85/100

POS Virtual has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago
Risk Assessment

The "pos-virtual" plugin v3.2 exhibits a generally good security posture based on the static analysis. It effectively utilizes prepared statements for all SQL queries and has a high percentage of properly escaped output, which are crucial for preventing common web vulnerabilities like SQL injection and cross-site scripting. The plugin also correctly implements nonce checks for its AJAX handlers, further limiting potential exploitation vectors. The absence of any recorded vulnerabilities in its history is also a positive indicator of its security development practices.

However, there are areas for improvement. The plugin lacks capability checks for its two AJAX entry points, meaning any authenticated user could potentially trigger these functions without proper authorization. While taint analysis found no issues, the lack of capability checks means that if user input were to reach these AJAX handlers and be mishandled, there could still be security implications. The presence of external HTTP requests, though not inherently risky, warrants careful scrutiny to ensure they are not exploited for information disclosure or malicious redirects.

In conclusion, "pos-virtual" v3.2 is a relatively secure plugin with strong foundations in preventing common vulnerabilities. Its main weakness lies in the missing capability checks on its AJAX handlers. Addressing this oversight would significantly enhance its overall security.

Key Concerns

  • AJAX handlers without capability checks
Vulnerabilities
None known

POS Virtual Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

POS Virtual Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
20 prepared
Unescaped Output
21
62 escaped
Nonce Checks
2
Capability Checks
0
File Operations
0
External Requests
3
Bundled Libraries
0

SQL Query Safety

100% prepared20 total queries

Output Escaping

75% escaped83 total outputs
Attack Surface

POS Virtual Attack Surface

Entry Points2
Unprotected0

AJAX Handlers 2

authwp_ajax_PosVirtual_connectPosVirtual.php:309
authwp_ajax_PosVirtual_disconnectPosVirtual.php:348
WordPress Hooks 7
actionadmin_menuPosVirtual.php:34
actionadmin_enqueue_scriptsPosVirtual.php:60
actionadmin_enqueue_scriptsPosVirtual.php:78
actionadmin_initPosVirtual.php:371
filterwoocommerce_payment_gatewaysPosVirtual.php:905
actionplugins_loadedPosVirtual.php:908
actionwoocommerce_email_before_order_tablePosVirtual.php:942
Maintenance & Trust

POS Virtual Maintenance & Trust

Maintenance Signals

WordPress version tested6.1.10
Last updatedMar 3, 2023
PHP min version7.0.0
Downloads1K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

POS Virtual Alternatives

pay bi

pay bi

ebi-pay

A
100

El plugin de pay bi es una solución de Banco Industrial que le proporciona funciones de pago para sitios de comercio electrónico que se encuentren des …

100 No CVEs
WooCommerce PayPal Payments

WooCommerce PayPal Payments

woocommerce-paypal-payments

A
100

PayPal's latest payment processing solution. Accept PayPal, Pay Later, credit/debit cards, alternative digital wallets and bank accounts.

800K 1 CVE
Mollie Payments for WooCommerce

Mollie Payments for WooCommerce

mollie-payments-for-woocommerce

A
93

Accept all major payment methods in WooCommerce today. Credit cards, iDEAL and more! Fast, safe and intuitive.

100K 4 CVEs
TI WooCommerce Wishlist

TI WooCommerce Wishlist

ti-woocommerce-wishlist

B
77

Boost your sales with a free WooCommerce Wishlist feature. Let your customers save and share their favorite products!

100K 9 CVEs
Mercado Pago payments for WooCommerce

Mercado Pago payments for WooCommerce

woocommerce-mercadopago

A
98

Offer to your clients the best experience in e-Commerce by using Mercado Pago as your payment method.

100K 3 CVEs
Developer Profile

POS Virtual Developer Profile

tatovm

1 plugin · 10 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect POS Virtual

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/pos-virtual/css/foundation.css/wp-content/plugins/pos-virtual/css/app.css/wp-content/plugins/pos-virtual/css/PosVirtual.css/wp-content/plugins/pos-virtual/icon/style.css/wp-content/plugins/pos-virtual/fonts/Roboto/Roboto-Bold.ttf/wp-content/plugins/pos-virtual/css/cssCustom.css/wp-content/plugins/pos-virtual/js/connectionPosVirtual.js/wp-content/plugins/pos-virtual/js/vendor/what-input.js+2 more
Script Paths
/wp-content/plugins/pos-virtual/js/connectionPosVirtual.js/wp-content/plugins/pos-virtual/js/vendor/what-input.js/wp-content/plugins/pos-virtual/js/vendor/foundation.js/wp-content/plugins/pos-virtual/js/vendor/header.js
Version Parameters
pos-virtual/css/foundation.css?ver=pos-virtual/css/app.css?ver=pos-virtual/css/PosVirtual.css?ver=pos-virtual/icon/style.css?ver=pos-virtual/fonts/Roboto/Roboto-Bold.ttf?ver=pos-virtual/css/cssCustom.css?ver=pos-virtual/js/connectionPosVirtual.js?ver=pos-virtual/js/vendor/what-input.js?ver=pos-virtual/js/vendor/foundation.js?ver=pos-virtual/js/vendor/header.js?ver=

HTML / DOM Fingerprints

JS Globals
SolicitudesAjaxPosVirtual
FAQ

Frequently Asked Questions about POS Virtual