WP-Safety

Subscription Payu Latam Security & Risk Analysis

wordpress.org/plugins/subscription-payu-latam

Receive recurring payments for the countries Brazil, Colombia, Mexico and Peru

40 active installs v2.0.5 PHP 7.1.0+ WP 5.4+ Updated Jul 18, 2022
commercee-commercestorewordpress-ecommerce
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Subscription Payu Latam Safe to Use in 2026?

Generally Safe

Score 85/100

Subscription Payu Latam has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago
Risk Assessment

The "subscription-payu-latam" plugin v2.0.5 exhibits a mixed security posture. On the positive side, it demonstrates good practices by using prepared statements for all its SQL queries and has no recorded vulnerability history or bundled libraries. This suggests a potential commitment to secure coding for certain aspects. However, significant concerns arise from the static analysis. The plugin exposes one AJAX handler that lacks any authentication checks, creating a direct entry point for unauthorized actions. Furthermore, the complete absence of nonce checks and capability checks across the identified entry points is a critical oversight. While taint analysis didn't reveal any immediate unsanitized flows, the lack of fundamental security controls like authentication and nonces means that any data processed by these unprotected entry points could be manipulated if an attacker can trigger them.

Key Concerns

  • Unprotected AJAX handler
  • No nonce checks on entry points
  • No capability checks on entry points
  • Low percentage of properly escaped output
Vulnerabilities
None known

Subscription Payu Latam Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Subscription Payu Latam Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
1 prepared
Unescaped Output
6
3 escaped
Nonce Checks
0
Capability Checks
0
File Operations
5
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared1 total queries

Output Escaping

33% escaped9 total outputs
Attack Surface
1 unprotected

Subscription Payu Latam Attack Surface

Entry Points1
Unprotected1

AJAX Handlers 1

authwp_ajax_subscription_payu_latam_splincludes\class-subscription-payu-latam-admin.php:9
WordPress Hooks 18
actionwoocommerce_subscription_status_cancelledincludes\class-gateway-subscription-payu-latam.php:48
actionwoocommerce_available_payment_gatewaysincludes\class-gateway-subscription-payu-latam.php:49
actionadmin_menuincludes\class-subscription-payu-latam-admin.php:8
actionadmin_footerincludes\class-subscription-payu-latam-admin.php:24
filterwoocommerce_payment_gatewaysincludes\class-subscription-payu-latam-plugin.php:88
filterwoocommerce_billing_fieldsincludes\class-subscription-payu-latam-plugin.php:89
actionwp_enqueue_scriptsincludes\class-subscription-payu-latam-plugin.php:90
actionsubscription_payu_latam_splincludes\class-subscription-payu-latam-plugin.php:91
actionplugins_loadedsubscription-payu-latam.php:21
actionnotices_subscription_payu_latam_splsubscription-payu-latam.php:38
actionadmin_noticessubscription-payu-latam.php:54
actionadmin_noticessubscription-payu-latam.php:69
actionadmin_noticessubscription-payu-latam.php:82
actionadmin_noticessubscription-payu-latam.php:94
actionadmin_noticessubscription-payu-latam.php:112
actionadmin_noticessubscription-payu-latam.php:129
actionadmin_noticessubscription-payu-latam.php:147
actionadmin_noticessubscription-payu-latam.php:166

Scheduled Events 1

subscription_payu_latam_spl
Maintenance & Trust

Subscription Payu Latam Maintenance & Trust

Maintenance Signals

WordPress version tested6.1.10
Last updatedJul 18, 2022
PHP min version7.1.0
Downloads14K

Community Trust

Rating100/100
Number of ratings7
Active installs40
Alternatives

Subscription Payu Latam Alternatives

Payment Integration Wompi

Payment Integration Wompi

payment-integration-wompi

A
92

Integration of Wompi for Woocommerce

1K No CVEs
Payment Integration Wompi – El Salvador

Payment Integration Wompi – El Salvador

wompi-el-salvador

A
85

Integración para Wompi - El Salvador para Woocommerce

800 No CVEs
Pay with ATH Movil (WooCommerce payment gateway)

Pay with ATH Movil (WooCommerce payment gateway)

pay-with-ath-movil-woocommerce-gateway

A
85

Accept ATH Movil payments on your WooCommerce store.

100 No CVEs
Shipping Servientrega Woocommerce

Shipping Servientrega Woocommerce

shipping-servientrega-woocommerce

A
100

Servientrega empresa transportadora de Colombia

50 No CVEs
Subscription ePayco

Subscription ePayco

subscription-epayco

A
85

Receive recurring payments

30 No CVEs
Developer Profile

Subscription Payu Latam Developer Profile

Saul Morales Pacheco

11 plugins · 8K total installs

88
trust score
Avg Security Score
92/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Subscription Payu Latam

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/subscription-payu-latam/assets/css/admin.css/wp-content/plugins/subscription-payu-latam/assets/css/frontend.css/wp-content/plugins/subscription-payu-latam/assets/js/admin.js/wp-content/plugins/subscription-payu-latam/assets/js/frontend.js
Version Parameters
subscription-payu-latam/assets/css/admin.css?ver=subscription-payu-latam/assets/css/frontend.css?ver=subscription-payu-latam/assets/js/admin.js?ver=subscription-payu-latam/assets/js/frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
subscription_payu_latam_spl_notices
FAQ

Frequently Asked Questions about Subscription Payu Latam