WP-Safety

Quick Payment By UPI Security & Risk Analysis

wordpress.org/plugins/quick-payment-by-upi

Receive Quick Payment from customers using UPI by GooglePay, Paytm, PhonePe, MobiKwik, FreeCharge, TrueCaller etc.

50 active installs v1.2 PHP 5.2.4+ WP 4.5+ Updated Mar 11, 2021
bhim-upiquick-paymentupiupi-gatewayupi-payment
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Quick Payment By UPI Safe to Use in 2026?

Generally Safe

Score 85/100

Quick Payment By UPI has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago
Risk Assessment

The "quick-payment-by-upi" plugin v1.2 currently presents a strong security posture based on the provided static analysis and vulnerability history. The absence of any detected entry points like AJAX handlers, REST API routes, or shortcodes significantly limits the potential attack surface. Furthermore, the code analysis reveals no dangerous functions, raw SQL queries, file operations, or external HTTP requests, indicating robust secure coding practices. The presence of prepared statements for SQL queries is a positive indicator of preventing SQL injection vulnerabilities.

While the static analysis shows a good adherence to secure coding, there are areas for improvement. The 60% rate of proper output escaping suggests that a portion of outputs might be vulnerable to cross-site scripting (XSS) attacks if user-supplied data is not properly sanitized before being displayed. The lack of nonce checks and capability checks on any potential entry points (even though none are identified) is a concern that could become a risk if new entry points are added in future versions without proper security measures.

The plugin's vulnerability history is clean, with zero known CVEs. This suggests a proactive approach to security by the developers or a lack of past issues, which is a positive sign. However, the absence of any recorded vulnerabilities does not guarantee future security. The overall assessment is that the plugin is currently secure, but the unescaped outputs and the theoretical lack of authorization checks on potential future entry points are weaknesses that should be addressed to maintain a high security standard.

Key Concerns

  • Outputs with potential XSS vulnerabilities
  • Lack of nonce checks
  • Lack of capability checks
Vulnerabilities
None known

Quick Payment By UPI Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Quick Payment By UPI Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
2
3 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

60% escaped5 total outputs
Attack Surface

Quick Payment By UPI Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 3
actionplugins_loadedquick-payment-by-upi.php:36
actionwoocommerce_thankyou_upi_extendquick-payment-by-upi.php:59
filterwoocommerce_payment_gatewaysquick-payment-by-upi.php:125
Maintenance & Trust

Quick Payment By UPI Maintenance & Trust

Maintenance Signals

WordPress version tested5.5.18
Last updatedMar 11, 2021
PHP min version5.2.4
Downloads9K

Community Trust

Rating100/100
Number of ratings1
Active installs50
Alternatives

Quick Payment By UPI Alternatives

UPI QR Code Payment Gateway for WooCommerce

UPI QR Code Payment Gateway for WooCommerce

upi-qr-code-payment-for-woocommerce

A
99

This Plugin enables WooCommerce shop owners to get direct and instant payments through UPI apps like BHIM, GooglePay, PhonePe or any banking UPI app.

20K 1 CVE
UPI QR Code Payment Gateway

UPI QR Code Payment Gateway

upi-qr-code-payment-gateway

A
92

This Plugin enables WooCommerce shop owners to get direct and instant payments through UPI apps like GPay, PhonePe, Paytm or any banking UPI app.

1K No CVEs
Integrate PhonePe with WooCommerce

Integrate PhonePe with WooCommerce

wc-phonepe

A
85

Allows customers to use PhonePe payment gateway with the WooCommerce Plugin.

200 No CVEs
Autopilot For UPI QR Code Payment Gateway for WooCommerce

Autopilot For UPI QR Code Payment Gateway for WooCommerce

autopilot-for-upi-qr-code-payment-gateway

A
92

This plugin automates the payment verification process for WooCommerce orders made through the UPI QR Code Payment Gateway for WooCommerce, facilitati …

90 No CVEs
Easy UPI Payment

Easy UPI Payment

easy-upi-payment

A
85

Easy UPI Payment plugin (for WooCommerce ) helps you accept payments online from your Customers instantly & directly into your bank account (witho …

60 No CVEs
Developer Profile

Quick Payment By UPI Developer Profile

Quickupi

1 plugin · 50 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Quick Payment By UPI

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/quick-payment-by-upi/includes/qp-required-fields.php

HTML / DOM Fingerprints

CSS Classes
disabled
HTML Comments
SPECIAL THANKS TO KIASA * * who inspired me to making such a nice upi payment plugin with more * functionalities and customized features(for Pro and Premium Versions) * for receiving payments by upi for Woocommerce stores. * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. Quick Payment By UPI
Data Attributes
woocommerce_upi_extend_0woocommerce_upi_extend_1
JS Globals
jQuery
Shortcode Output
<a href="" class="button"></a>
FAQ

Frequently Asked Questions about Quick Payment By UPI