WP-Safety

Slim CD payment gateway Security & Risk Analysis

wordpress.org/plugins/slimcd-payment-gateway

Accept credit card/check payments for woocommerce stores, using your own merchant account.

70 active installs v1.1.0 PHP + WP 4.9.0+ Updated Jun 20, 2025
commercee-commerceecommercewoothemeswordpress-ecommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Slim CD payment gateway Safe to Use in 2026?

Generally Safe

Score 100/100

Slim CD payment gateway has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9mo ago
Risk Assessment

The "slimcd-payment-gateway" plugin v1.1.0 exhibits a mixed security posture. On the positive side, the static analysis reveals no known CVEs and a strong adherence to secure coding practices regarding SQL queries, which are 100% prepared. Furthermore, the plugin has no recorded vulnerability history, suggesting a generally stable codebase.

However, several areas raise concerns. The complete absence of nonce checks and capability checks, especially with file operations and external HTTP requests present, creates a significant risk. While the attack surface is reported as zero entry points, the presence of file operations and external requests without proper authorization checks could allow for unauthorized actions if these functions are triggered through indirect means. The taint analysis indicating two flows with unsanitized paths, even without critical or high severity, warrants attention as it points to potential vulnerabilities in handling user-supplied data.

In conclusion, while the plugin benefits from a clean vulnerability history and secure SQL handling, the lack of robust authorization checks and the presence of unsanitized data flows represent notable weaknesses. Further investigation into how file operations and external requests are triggered and secured is recommended.

Key Concerns

  • Missing nonce checks
  • Missing capability checks
  • Taint flow with unsanitized path
  • File operations without auth checks
  • External HTTP requests without auth checks
  • Unescaped output present
Vulnerabilities
None known

Slim CD payment gateway Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Slim CD payment gateway Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
6
28 escaped
Nonce Checks
0
Capability Checks
0
File Operations
1
External Requests
4
Bundled Libraries
0

Output Escaping

82% escaped34 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths
process_payment (includes\class-slimcd-payment-gateway.php:70)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Slim CD payment gateway Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 10
actionwp_footerincludes\class-slimcd-payment-gateway.php:47
actionwp_enqueue_scriptsincludes\class-slimcd-payment-gateway.php:48
filterwoocommerce_gateway_descriptionincludes\class-slimcd-payment-gateway.php:49
actionwoocommerce_api_iframe_responseincludes\class-slimcd-payment-gateway.php:51
actionadmin_noticesslimcd-payment-for-woocommerce.php:29
actionplugins_loadedslimcd-payment-for-woocommerce.php:47
filterwoocommerce_payment_gatewaysslimcd-payment-for-woocommerce.php:62
actionbefore_woocommerce_initslimcd-payment-for-woocommerce.php:88
actionwoocommerce_blocks_payment_method_type_registrationslimcd-payment-for-woocommerce.php:100
actionwoocommerce_blocks_loadedslimcd-payment-for-woocommerce.php:108
Maintenance & Trust

Slim CD payment gateway Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedJun 20, 2025
PHP min version
Downloads2K

Community Trust

Rating0/100
Number of ratings0
Active installs70
Alternatives

Slim CD payment gateway Alternatives

Braintree for WooCommerce Payment Gateway

Braintree for WooCommerce Payment Gateway

woocommerce-gateway-paypal-powered-by-braintree

A
100

Accept PayPal, Credit Cards, and Debit Cards on your WooCommerce store.

10K No CVEs
dLocal Go Payments

dLocal Go Payments

dlocal-go-payments-for-woocommerce

A
100

Accept dLocal Go payment methods in your WooCommerce store.

300 No CVEs
PayPal Checkout Payment for WooCommerce in Japan

PayPal Checkout Payment for WooCommerce in Japan

pp-express-wc4jp

A
85

Accept PayPal, Credit Cards and Debit Cards on your WooCommerce store.

100 No CVEs
AstroPay for WooCommerce

AstroPay for WooCommerce

astropay-for-woocommerce

A
100

Accept AstroPay payment methods in your WooCommerce store.

60 No CVEs
PayEx WooCommerce Checkout

PayEx WooCommerce Checkout

payex-woocommerce-checkout

A
85

This plugin provides the PayEx Checkout for WooCommerce.

10 No CVEs
Developer Profile

Slim CD payment gateway Developer Profile

SLIM CD

1 plugin · 70 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Slim CD payment gateway

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/slimcd-payment-gateway/assets/css/slimcd-checkout.css/wp-content/plugins/slimcd-payment-gateway/assets/js/slimcd-checkout.js
Script Paths
/wp-content/plugins/slimcd-payment-gateway/assets/js/slimcd-checkout.js
Version Parameters
slimcd-payment-gateway/assets/css/slimcd-checkout.css?ver=slimcd-payment-gateway/assets/js/slimcd-checkout.js?ver=

HTML / DOM Fingerprints

CSS Classes
slimcd-checkout-iframe-wrapperslimcd-checkout-description-fields
Data Attributes
data-slimcd-hostdata-hide-selectors
JS Globals
slimcd_checkout_params
REST Endpoints
/wp-json/slimcd/v1/payment-status
FAQ

Frequently Asked Questions about Slim CD payment gateway