WP-Safety

Frisbii Pay Security & Risk Analysis

wordpress.org/plugins/reepay-checkout-gateway

Accept Visa, MasterCard, Dankort, MobilePay, American Express, Diners Club and more directly on your store with the Frisbii Pay Gateway.

1K active installs v1.8.9 PHP 7.4+ WP 4.0+ Updated Mar 9, 2026
billwerkdankortfrisbiimastercardvisa
99
A · Safe
CVEs total1
Unpatched0
Last CVESep 3, 2025
Download
Safety Verdict

Is Frisbii Pay Safe to Use in 2026?

Generally Safe

Score 99/100

Frisbii Pay has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Sep 3, 2025Updated 26d ago
Risk Assessment

The reepay-checkout-gateway plugin v1.8.9 exhibits a mixed security posture. While it demonstrates good practices in using prepared statements for SQL queries and incorporates a reasonable number of capability checks and nonces, there are significant concerns regarding its attack surface and input sanitization. The high number of AJAX handlers, particularly the six without explicit authentication checks, presents a substantial risk. Although taint analysis did not reveal critical or high severity vulnerabilities in this specific scan, the presence of three flows with unsanitized paths warrants attention. The plugin's vulnerability history shows one known medium-severity CVE, which is thankfully patched. However, the common vulnerability type being 'Missing Authorization' aligns with the static analysis findings of unprotected AJAX endpoints, suggesting a recurring pattern. Overall, the plugin has strengths in its database interaction and some security checks, but the lack of robust authentication on a significant portion of its AJAX endpoints is a primary concern that could be exploited if not properly addressed.

Key Concerns

  • Large attack surface without auth
  • Flows with unsanitized paths
  • Unprotected AJAX handlers
  • Medium severity CVE (patched)
Vulnerabilities
1

Frisbii Pay Security Vulnerabilities

CVEs by Year

1 CVE in 2025
2025
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2025-58616medium · 4.3Missing Authorization

Frisbii Pay <= 1.8.2.1 - Missing Authorization

Sep 3, 2025 Patched in 1.8.3 (7d)
Code Analysis
Analyzed Mar 16, 2026

Frisbii Pay Code Analysis

Dangerous Functions
0
Raw SQL Queries
1
20 prepared
Unescaped Output
65
123 escaped
Nonce Checks
4
Capability Checks
7
File Operations
3
External Requests
2
Bundled Libraries
0

SQL Query Safety

95% prepared21 total queries

Output Escaping

65% escaped188 total outputs
Data Flows
3 unsanitized

Data Flow Analysis

3 flows3 with unsanitized paths
<ReepayGateway> (includes\Gateways\ReepayGateway.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
6 unprotected

Frisbii Pay Attack Surface

Entry Points8
Unprotected6

AJAX Handlers 8

authwp_ajax_reepay_migration_upload_csvincludes\Admin\MigrationMobilepayToVipps.php:42
authwp_ajax_reepay_migration_process_batchincludes\Admin\MigrationMobilepayToVipps.php:43
authwp_ajax_reepay_finalizeincludes\Gateways\ReepayCheckout.php:95
noprivwp_ajax_reepay_finalizeincludes\Gateways\ReepayCheckout.php:96
authwp_ajax_reepay_check_paymentincludes\OrderFlow\ThankyouPage.php:40
noprivwp_ajax_reepay_check_paymentincludes\OrderFlow\ThankyouPage.php:41
authwp_ajax_reepay_order_descriptionsincludes\OrderFlow\ThankyouPage.php:43
noprivwp_ajax_reepay_order_descriptionsincludes\OrderFlow\ThankyouPage.php:44
WordPress Hooks 105
actionadmin_noticesincludes\Actions\Admin.php:20
actionadmin_noticesincludes\Actions\Admin.php:21
actionwoocommerce_checkout_create_order_line_itemincludes\Actions\Checkout.php:23
filterallowed_redirect_hostsincludes\Actions\Main.php:28
actionuser_registerincludes\Actions\ReepayCustomer.php:23
actionwoocommerce_payment_token_added_to_orderincludes\Actions\Subscriptions.php:42
actionwoocommerce_payment_completeincludes\Actions\Subscriptions.php:43
actionwoocommerce_payment_complete_order_status_on-holdincludes\Actions\Subscriptions.php:44
filterwcs_renewal_order_createdincludes\Actions\Subscriptions.php:47
actionwcs_resubscribe_order_createdincludes\Actions\Subscriptions.php:58
filterwoocommerce_subscription_payment_metaincludes\Actions\Subscriptions.php:61
actionwoocommerce_subscription_validate_payment_metaincludes\Actions\Subscriptions.php:64
actionwcs_save_other_payment_metaincludes\Actions\Subscriptions.php:67
filterwoocommerce_my_subscriptions_payment_methodincludes\Actions\Subscriptions.php:70
filterwoocommerce_payment_gateway_save_new_payment_method_option_htmlincludes\Actions\Subscriptions.php:73
actionwoocommerce_order_status_changedincludes\Actions\Subscriptions.php:75
actionupdated_post_metaincludes\Actions\Subscriptions.php:77
actionadmin_menuincludes\Admin\DebugPage.php:24
actionadmin_headincludes\Admin\DebugPage.php:25
actionadmin_enqueue_scriptsincludes\Admin\Main.php:34
actionadd_meta_boxesincludes\Admin\MetaBoxes\Order.php:34
actionwoocommerce_product_data_panelsincludes\Admin\MetaBoxes\Product.php:24
actionwoocommerce_product_write_panel_tabsincludes\Admin\MetaBoxes\Product.php:25
actionwoocommerce_process_product_metaincludes\Admin\MetaBoxes\Product.php:26
actionadmin_enqueue_scriptsincludes\Admin\MetaBoxes\Product.php:27
actionadmin_noticesincludes\Admin\MetaBoxes\Product.php:139
actionedit_user_profileincludes\Admin\MetaBoxes\User.php:24
actionshow_user_profileincludes\Admin\MetaBoxes\User.php:25
actionadmin_enqueue_scriptsincludes\Admin\MigrationMobilepayToVipps.php:40
actionadmin_menuincludes\Admin\MigrationMobilepayToVipps.php:41
filterreepay_checkout_form_fieldsincludes\Admin\OrderTable.php:25
actionmanage_woocommerce_page_wc-orders_custom_columnincludes\Admin\OrderTable.php:29
filtermanage_woocommerce_page_wc-orders_columnsincludes\Admin\OrderTable.php:35
actionmanage_shop_order_posts_custom_columnincludes\Admin\OrderTable.php:37
filtermanage_edit-shop_order_columnsincludes\Admin\OrderTable.php:38
filterplugin_row_metaincludes\Admin\PluginsPage.php:23
filterplugin_row_metaincludes\Admin\PluginsPage.php:24
actionreepay_webhook_invoice_authorizedincludes\Analytics\AnalyticsSync.php:24
actionreepay_webhook_invoice_settledincludes\Analytics\AnalyticsSync.php:25
actionwoocommerce_order_status_changedincludes\Analytics\AnalyticsSync.php:28
actionwp_enqueue_scriptsincludes\Frontend\Assets.php:28
actionadmin_enqueue_scriptsincludes\Frontend\Assets.php:29
actionwpincludes\Frontend\PaymentMethodsActions.php:25
actionwp_enqueue_scriptsincludes\Gateways\ApplePay.php:70
actionwp_enqueue_scriptsincludes\Gateways\Googlepay.php:56
actionadmin_noticesincludes\Gateways\Mobilepay.php:54
actionadmin_noticesincludes\Gateways\MobilepaySubscriptions.php:74
actionwp_enqueue_scriptsincludes\Gateways\PESantander.php:55
filterwoocommerce_available_payment_gatewaysincludes\Gateways\PPIdeal.php:70
filterwoocommerce_available_payment_gatewaysincludes\Gateways\PPSepa.php:71
actionwoocommerce_update_options_checkoutincludes\Gateways\ReepayCheckout.php:707
actionwoocommerce_update_options_checkoutincludes\Gateways\ReepayCheckout.php:709
actionwoocommerce_update_options_checkoutincludes\Gateways\ReepayCheckout.php:712
filterwoocommerce_available_payment_gatewaysincludes\Gateways\VippsMobilepay.php:60
filterwoocommerce_gateway_titleincludes\Gateways\VippsMobilepay.php:61
filterwoocommerce_gateway_descriptionincludes\Gateways\VippsMobilepay.php:62
filterwoocommerce_gateway_iconincludes\Gateways\VippsMobilepay.php:63
filterwoocommerce_gateway_iconincludes\Gateways\VippsRecurring.php:75
filterwoocommerce_available_payment_gatewaysincludes\Gateways\VippsRecurring.php:78
filterwoocommerce_payment_gatewaysincludes\Gateways.php:157
actionplugins_loadedincludes\Integrations\PolylangIntegration.php:20
filterwoocommerce_get_script_dataincludes\Integrations\PolylangIntegration.php:37
filterwoocommerce_gc_is_redeeming_enabledincludes\Integrations\WCGiftCardsIntegration.php:25
filterwoocommerce_gc_disable_uiincludes\Integrations\WCGiftCardsIntegration.php:26
actionwoocommerce_blocks_payment_method_type_registrationincludes\Integrations\WooBlocks\WooBlocksIntegration.php:28
actionreepay_instant_settleincludes\OrderFlow\InstantSettle.php:48
filterwoocommerce_order_item_get_formatted_meta_dataincludes\OrderFlow\OrderCapture.php:46
actionwoocommerce_after_order_itemmetaincludes\OrderFlow\OrderCapture.php:48
actionwoocommerce_after_order_fee_item_nameincludes\OrderFlow\OrderCapture.php:50
actionwoocommerce_order_status_changedincludes\OrderFlow\OrderCapture.php:52
actionadmin_initincludes\OrderFlow\OrderCapture.php:54
actionadmin_initincludes\OrderFlow\OrderCapture.php:56
actionwoocommerce_order_item_add_action_buttonsincludes\OrderFlow\OrderCapture.php:58
actionreepay_order_item_settledincludes\OrderFlow\OrderCapture.php:60
filterreepay_checkout_form_fieldsincludes\OrderFlow\OrderStatuses.php:67
filterwoocommerce_valid_order_statuses_for_payment_completeincludes\OrderFlow\OrderStatuses.php:69
filterwoocommerce_payment_complete_order_statusincludes\OrderFlow\OrderStatuses.php:71
actioninitincludes\OrderFlow\OrderStatuses.php:74
actionwoocommerce_payment_completeincludes\OrderFlow\OrderStatuses.php:76
filterwc_order_is_editableincludes\OrderFlow\OrderStatuses.php:78
filterwoocommerce_order_is_paidincludes\OrderFlow\OrderStatuses.php:80
filterwoocommerce_cancel_unpaid_orderincludes\OrderFlow\OrderStatuses.php:82
actionwoocommerce_order_status_changedincludes\OrderFlow\OrderStatuses.php:84
filterwoocommerce_get_saved_payment_methods_list_htmlincludes\OrderFlow\OrderStatuses.php:531
filterwoocommerce_saved_payment_methods_listincludes\OrderFlow\OrderStatuses.php:549
filterwc_get_templateincludes\OrderFlow\ThankyouPage.php:36
actionwp_enqueue_scriptsincludes\OrderFlow\ThankyouPage.php:38
actionupgrader_process_completeincludes\Plugin\Statistics.php:52
actionadmin_noticesincludes\Plugin\UpdateDB.php:51
actionadmin_menuincludes\Plugin\UpdateDB.php:54
actionplugins_loadedincludes\Plugin\WoocommerceExists.php:24
actionadmin_noticesincludes\Plugin\WoocommerceExists.php:32
actionbefore_woocommerce_initincludes\Plugin\WoocommerceHPOS.php:25
filterwoocommerce_payment_token_classincludes\Tokens\Main.php:26
filterwoocommerce_get_customer_payment_tokensincludes\Tokens\Main.php:27
filterwoocommerce_payment_methods_list_itemincludes\Tokens\TokenReepay.php:170
actionwoocommerce_account_payment_methods_column_methodincludes\Tokens\TokenReepay.php:171
filterwoocommerce_payment_gateway_get_saved_payment_method_option_htmlincludes\Tokens\TokenReepay.php:172
filterwoocommerce_payment_methods_list_itemincludes\Tokens\TokenReepayMS.php:59
actionwoocommerce_account_payment_methods_column_methodincludes\Tokens\TokenReepayMS.php:60
filterwoocommerce_payment_methods_list_itemincludes\Tokens\TokenReepayVR.php:59
actionwoocommerce_account_payment_methods_column_methodincludes\Tokens\TokenReepayVR.php:60
actionplugins_loadedreepay-woocommerce-payment.php:73
actioninitreepay-woocommerce-payment.php:76
actionrest_api_initreepay-woocommerce-payment.php:78
Maintenance & Trust

Frisbii Pay Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedMar 9, 2026
PHP min version7.4
Downloads52K

Community Trust

Rating62/100
Number of ratings8
Active installs1K
Alternatives

Frisbii Pay Alternatives

Paystack WooCommerce Payment Gateway

Paystack WooCommerce Payment Gateway

woo-paystack

A
100

Paystack for WooCommerce allows your WooCommerce store to accept secure payments from multiple local and global payment channels.

30K No CVEs
IntaSend Payment

IntaSend Payment

intasend-payment

A
100

Securely collect M-Pesa and card payments (Visa and Mastercard) (WooCommerce Plugin).

400 No CVEs
Pagadito Payment Gateway for WooCommerce

Pagadito Payment Gateway for WooCommerce

woo-pagadito-payment-gateway

A
100

Pagadito allows you to pay online in a safe, easy and reliable way.

300 No CVEs
BudPay

BudPay

budpay

A
100

Accept both international and local payments on from your store.

200 No CVEs
Bykea.Cash – Online Payments

Bykea.Cash – Online Payments

bykea-cash-online-payments

A
85

The Bykea Cash plugin allows you to collect payments on your WordPress WooCommerce website instantly using Credit/Debit Cards (VISA, MasterCard, PayPa &hellip;

200 No CVEs
Developer Profile

Frisbii Pay Developer Profile

Frisbii

2 plugins · 1K total installs

100
trust score
Avg Security Score
100/100
Avg Patch Time
7 days
View full developer profile
Detection Fingerprints

How We Detect Frisbii Pay

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/reepay-checkout-gateway/assets/dist/css/reepay-checkout-gateway.css/wp-content/plugins/reepay-checkout-gateway/assets/dist/js/reepay-checkout-gateway.js/wp-content/plugins/reepay-checkout-gateway/assets/dist/js/reepay-gateway-admin.js/wp-content/plugins/reepay-checkout-gateway/assets/dist/vite/assets/chunk-common.js/wp-content/plugins/reepay-checkout-gateway/assets/dist/vite/assets/chunk-vendors.js/wp-content/plugins/reepay-checkout-gateway/assets/dist/vite/reepay-checkout-gateway.js
Script Paths
/wp-content/plugins/reepay-checkout-gateway/assets/dist/js/reepay-checkout-gateway.js/wp-content/plugins/reepay-checkout-gateway/assets/dist/js/reepay-gateway-admin.js/wp-content/plugins/reepay-checkout-gateway/assets/dist/vite/assets/chunk-common.js/wp-content/plugins/reepay-checkout-gateway/assets/dist/vite/assets/chunk-vendors.js/wp-content/plugins/reepay-checkout-gateway/assets/dist/vite/reepay-checkout-gateway.js
Version Parameters
reepay-checkout-gateway/assets/dist/css/reepay-checkout-gateway.css?ver=reepay-checkout-gateway/assets/dist/js/reepay-checkout-gateway.js?ver=reepay-checkout-gateway/assets/dist/js/reepay-gateway-admin.js?ver=reepay-checkout-gateway/assets/dist/vite/assets/chunk-common.js?ver=reepay-checkout-gateway/assets/dist/vite/assets/chunk-vendors.js?ver=reepay-checkout-gateway/assets/dist/vite/reepay-checkout-gateway.js?ver=

HTML / DOM Fingerprints

CSS Classes
reepay-checkout-gatewayreepay-gateway
HTML Comments
<!-- begin reepay-checkout-gateway --><!-- end reepay-checkout-gateway -->
Data Attributes
data-reepay-gateway
JS Globals
ReepayCheckoutConfig
REST Endpoints
/wp-json/reepay/v1/debug/wp-json/reepay/v1/meta
FAQ

Frequently Asked Questions about Frisbii Pay