WP-Safety

Opayo Form Payment Gateway for Gravity Forms Security & Risk Analysis

wordpress.org/plugins/sagepay-form-payment-gateway-for-gravity-forms

Opayo Server Gateway for accepting payments on your Gravity Forms Store.

90 active installs v1.1.9 PHP + WP 4.5+ Updated Mar 28, 2023
ecommercegravity-formsopayo-goopayo-serverpayment-gateway
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Opayo Form Payment Gateway for Gravity Forms Safe to Use in 2026?

Generally Safe

Score 85/100

Opayo Form Payment Gateway for Gravity Forms has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago
Risk Assessment

The plugin "sagepay-form-payment-gateway-for-gravity-forms" version 1.1.9 exhibits a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all SQL queries and has no recorded vulnerabilities or CVEs. This suggests a generally mature development process with a focus on preventing common database attacks and a good track record. However, the static analysis reveals a significant concern: one AJAX handler lacks authentication checks. This unprotected entry point creates a direct avenue for potential exploitation if it handles user-supplied data without proper authorization. The absence of taint analysis flows is a limitation, but the identified unprotected AJAX handler is a concrete risk that warrants attention.

Key Concerns

  • AJAX handler without authentication
  • Low output escaping coverage
Vulnerabilities
None known

Opayo Form Payment Gateway for Gravity Forms Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Opayo Form Payment Gateway for Gravity Forms Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
8 prepared
Unescaped Output
10
6 escaped
Nonce Checks
1
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared8 total queries

Output Escaping

38% escaped16 total outputs
Attack Surface
1 unprotected

Opayo Form Payment Gateway for Gravity Forms Attack Surface

Entry Points1
Unprotected1

AJAX Handlers 1

authwp_ajax_gf_dismiss_sagepay_form_menuclass-gf-sagepay-form.php:1819
WordPress Hooks 10
actionwpclass-gf-sagepay-form.php:3
filtergform_disable_post_creationclass-gf-sagepay-form.php:46
filtergform_disable_notificationclass-gf-sagepay-form.php:47
actiongform_payment_statusclass-gf-sagepay-form.php:1832
actiongform_entry_infoclass-gf-sagepay-form.php:1836
actiongform_payment_dateclass-gf-sagepay-form.php:1838
actiongform_payment_transaction_idclass-gf-sagepay-form.php:1839
actiongform_payment_amountclass-gf-sagepay-form.php:1840
actiongform_after_update_entryclass-gf-sagepay-form.php:1843
actiongform_loadedsagepay-form.php:22
Maintenance & Trust

Opayo Form Payment Gateway for Gravity Forms Maintenance & Trust

Maintenance Signals

WordPress version tested6.1.10
Last updatedMar 28, 2023
PHP min version
Downloads6K

Community Trust

Rating0/100
Number of ratings0
Active installs90
Alternatives

Opayo Form Payment Gateway for Gravity Forms Alternatives

PatSaTECH's Opayo Server Gateway for WooCommerce

PatSaTECH's Opayo Server Gateway for WooCommerce

patsatech-wc-opayo-server

A
100

PatSaTECH's Opayo Server Gateway for accepting payments on your WooCommerce Store.

30 No CVEs
Gravity Forms Eway

Gravity Forms Eway

gravityforms-eway

A
100

Easily create online payment forms with Gravity Forms and Eway.

500 No CVEs
PatSaTECH's Opayo Direct Gateway for WooCommerce

PatSaTECH's Opayo Direct Gateway for WooCommerce

sagepay-direct-gateway-for-woocommerce

A
85

PatSaTECH's Opayo Direct Gateway for accepting payments on your WooCommerce Store.

70 No CVEs
Click & Pledge for Gravity Forms

Click & Pledge for Gravity Forms

gravity-forms-click-pledge

A
100

Add a credit card payment gateway for Click & Pledge to the Gravity Forms plugin

30 No CVEs
Mijireh Checkout for Gravity Forms

Mijireh Checkout for Gravity Forms

mijireh-checkout-for-gravity-forms

A
85

Mijireh Checkout Plugin for accepting payments on with your Gravity Forms.

10 No CVEs
Developer Profile

Opayo Form Payment Gateway for Gravity Forms Developer Profile

PatSaTECH

9 plugins · 400 total installs

71
trust score
Avg Security Score
88/100
Avg Patch Time
2228 days
View full developer profile
Detection Fingerprints

How We Detect Opayo Form Payment Gateway for Gravity Forms

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/sagepay-form-payment-gateway-for-gravity-forms/sagepay.php

HTML / DOM Fingerprints

CSS Classes
gf_sagepay_form_mode_livegf_sagepay_form_mode_testgf_sagepay_form_send_emails_nogf_sagepay_form_send_emails_customergf_sagepay_form_send_emails_vendorgf_sagepay_form_apply3d_truegf_sagepay_form_apply3d_falsegf_sagepay_form_trans_type_payment+2 more
Data Attributes
data-gf_sagepay_form_modedata-gf_sagepay_form_vendor_namedata-gf_sagepay_form_vendor_passworddata-gf_sagepay_form_vendor_emaildata-gf_sagepay_form_send_emailsdata-gf_sagepay_form_email_message+2 more
JS Globals
window.gf_sagepay_form_modewindow.gf_sagepay_form_vendor_namewindow.gf_sagepay_form_vendor_passwordwindow.gf_sagepay_form_vendor_emailwindow.gf_sagepay_form_send_emailswindow.gf_sagepay_form_email_message+2 more
FAQ

Frequently Asked Questions about Opayo Form Payment Gateway for Gravity Forms