QQWorld收银台 初级版 / QQWorld Checkout Lite Security & Risk Analysis
wordpress.org/plugins/qqworld-checkout-liteQQWorld收银台 初级版,为WooCommerce打造的QQWorld收银台初级版,仅支持桌面端的微信扫描二维码支付,需要更多支付方式如微信全平台支付、支付宝、银联支付、有赞支付等请购买专业版。
Is QQWorld收银台 初级版 / QQWorld Checkout Lite Safe to Use in 2026?
Generally Safe
Score 85/100QQWorld收银台 初级版 / QQWorld Checkout Lite has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The plugin "qqworld-checkout-lite" v1.1.2 exhibits a concerning security posture due to a significant number of unprotected entry points, specifically two AJAX handlers that lack authentication checks. While the code signals show no dangerous functions or raw SQL queries, indicating good practices in database interaction and a lack of external requests or file operations, the absence of nonce and capability checks on critical AJAX endpoints leaves them vulnerable to unauthorized access and potential manipulation. The low percentage of properly escaped output also poses a risk of Cross-Site Scripting (XSS) vulnerabilities. The absence of recorded CVEs and a clean vulnerability history is a positive sign, suggesting the developers may have a good understanding of security fundamentals. However, this history does not compensate for the immediate risks identified in the static analysis. The plugin's strengths lie in its SQL handling and lack of external dependencies, but these are overshadowed by the exposed attack surface and insufficient input/output validation.
Key Concerns
- Unprotected AJAX handlers
- Low percentage of proper output escaping
- Missing nonce checks on AJAX handlers
- Missing capability checks on AJAX handlers
QQWorld收银台 初级版 / QQWorld Checkout Lite Security Vulnerabilities
QQWorld收银台 初级版 / QQWorld Checkout Lite Code Analysis
Output Escaping
Data Flow Analysis
QQWorld收银台 初级版 / QQWorld Checkout Lite Attack Surface
AJAX Handlers 2
WordPress Hooks 10
Maintenance & Trust
QQWorld收银台 初级版 / QQWorld Checkout Lite Maintenance & Trust
Maintenance Signals
Community Trust
QQWorld收银台 初级版 / QQWorld Checkout Lite Alternatives
Amazon Pay for WooCommerce
woocommerce-gateway-amazon-payments-advanced
Install the Amazon Pay plugin for your WooCommerce store and take advantage of a seamless checkout experience
iyzico for WooCommerce
iyzico-woocommerce
iyzico latest payment processing solution. Accept credit/debit cards, alternative digital wallets and bank accounts.
Custom Payment Gateways for WooCommerce
custom-payment-gateways-woocommerce
Custom payment gateways for WooCommerce - create custom payment gateways to never miss out any payments for your WooCommerce Store.
Payoneer Checkout
payoneer-checkout
Payoneer Checkout for WooCommerce - Build beautiful checkout flows + manage payments in one place
myPOS Checkout
mypos-virtual-for-woocommerce
One-click checkout with instant settlement. Accept all major cards, Apple Pay and Google Pay. No setup costs or monthly fees.
QQWorld收银台 初级版 / QQWorld Checkout Lite Developer Profile
8 plugins · 660 total installs
How We Detect QQWorld收银台 初级版 / QQWorld Checkout Lite
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/qqworld-checkout-lite/css/style.css/wp-content/plugins/qqworld-checkout-lite/images/banner-772x250.png/wp-content/plugins/qqworld-checkout-lite/images/wepay/featured.pngqqworld-checkout-lite/css/style.css?ver=HTML / DOM Fingerprints
qqworld-checkout-containericon32-qqworld-checkout-settingsdata-colnameqqworld_checkout_payments/wp-json/qqworld-checkout/v1/check_order_status