Does Opayo Direct Gateway for Gravity Forms have any unpatched vulnerabilities?

No. All known vulnerabilities in Opayo Direct Gateway for Gravity Forms have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Opayo Direct Gateway for Gravity Forms compatible with WordPress 6.2.9?

According to WordPress.org data, Opayo Direct Gateway for Gravity Forms 1.0.2 has been tested up to WordPress 6.2.9. Check the plugin's changelog for the latest compatibility information.

Is Opayo Direct Gateway for Gravity Forms compatible with PHP 7.4+?

Opayo Direct Gateway for Gravity Forms requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Opayo Direct Gateway for Gravity Forms updated?

Opayo Direct Gateway for Gravity Forms was last updated on Apr 1, 2023. Frequent updates are generally a positive security signal.

What is Opayo Direct Gateway for Gravity Forms's security score?

Opayo Direct Gateway for Gravity Forms has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Opayo Direct Gateway for Gravity Forms Security & Risk Analysis

wordpress.org/plugins/sagepay-direct-gateway-for-gravity-forms

Opayo Direct Gateway for accepting payments on your Gravity Forms.

10 active installs v1.0.2 PHP 7.4+ WP 4.5+ Updated Apr 1, 2023

ecommercegravityformsopayo-directopayo-gopayment-gateway

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Opayo Direct Gateway for Gravity Forms Safe to Use in 2026?

Generally Safe

Score 85/100

Opayo Direct Gateway for Gravity Forms has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago

Risk Assessment

The plugin "sagepay-direct-gateway-for-gravity-forms" v1.0.2 exhibits a generally positive security posture with no known vulnerabilities in its history. The static analysis reveals a commendable absence of dangerous functions, raw SQL queries, file operations, and a relatively low number of external HTTP requests. However, a significant concern arises from the output escaping, where only 54% of outputs are properly escaped, indicating a potential for cross-site scripting (XSS) vulnerabilities. Additionally, the taint analysis shows two flows with unsanitized paths, which, while not classified as critical or high severity, warrants attention as it suggests potential injection risks that were not fully mitigated.

Key Concerns

Low output escaping percentage
Unsanitized paths in taint flows

Vulnerabilities

None known

Opayo Direct Gateway for Gravity Forms Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Opayo Direct Gateway for Gravity Forms Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

7 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

54% escaped13 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

callback (class-gf-sagepay-direct.php:743)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Opayo Direct Gateway for Gravity Forms Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 2

actionwpclass-gf-sagepay-direct.php:3

actiongform_loadedsagepay-direct.php:22

Maintenance & Trust

Opayo Direct Gateway for Gravity Forms Maintenance & Trust

Maintenance Signals

WordPress version tested6.2.9

Last updatedApr 1, 2023

PHP min version7.4

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Opayo Direct Gateway for Gravity Forms Alternatives

PatSaTECH's Opayo Direct Gateway for WooCommerce

sagepay-direct-gateway-for-woocommerce

PatSaTECH's Opayo Direct Gateway for accepting payments on your WooCommerce Store.

70 No CVEs

Opayo Form Payment Gateway for Gravity Forms

sagepay-form-payment-gateway-for-gravity-forms

Opayo Server Gateway for accepting payments on your Gravity Forms Store.

90 No CVEs

PatSaTECH's Opayo Server Gateway for WooCommerce

patsatech-wc-opayo-server

100

PatSaTECH's Opayo Server Gateway for accepting payments on your WooCommerce Store.

30 No CVEs

SumUp Payment Gateway For WooCommerce

sumup-payment-gateway-for-woocommerce

The SumUp plugin for WooCommerce allows businesses to securely process payments online. Accept payments from customers using a range of payment method …

10K 1 CVE

Pay for Payment for WooCommerce

woocommerce-pay-for-payment

100

Setup individual charges for each payment method in WooCommerce.

10K No CVEs

Developer Profile

Opayo Direct Gateway for Gravity Forms Developer Profile

PatSaTECH

9 plugins · 400 total installs

trust score

Avg Security Score

88/100

Avg Patch Time

2228 days

View full developer profile

Detection Fingerprints

How We Detect Opayo Direct Gateway for Gravity Forms

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/gravityformssagepaydirect/sagepay-direct.php/wp-content/plugins/gravityformssagepaydirect/assets/js/sagepay-direct-scripts.js/wp-content/plugins/gravityformssagepaydirect/assets/css/sagepay-direct-styles.css

Script Paths

/wp-content/plugins/gravityformssagepaydirect/assets/js/sagepay-direct-scripts.js

Version Parameters

gravityformssagepaydirect/sagepay-direct.php?ver=sagepay-direct-scripts.js?ver=

HTML / DOM Fingerprints

CSS Classes

gf_sagepay_direct_settings

HTML Comments

Data Attributes

data-sagepay-vendordata-sagepay-transaction-typedata-sagepay-mode

JS Globals

window.gf_sagepay_direct_params

FAQ