Does Synchrony Financing have any unpatched vulnerabilities?

No. All known vulnerabilities in Synchrony Financing have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Synchrony Financing compatible with WordPress 6.9.4?

According to WordPress.org data, Synchrony Financing 1.0.9 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Synchrony Financing compatible with PHP 7.2+?

Synchrony Financing requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Synchrony Financing updated?

Synchrony Financing was last updated on Feb 9, 2026. Frequent updates are generally a positive security signal.

What is Synchrony Financing's security score?

Synchrony Financing has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Synchrony Financing Security & Risk Analysis

wordpress.org/plugins/synchrony-payments

Boost your business with Synchrony

60 active installs v1.0.9 PHP 7.2+ WP 5.3+ Updated Feb 9, 2026

synchronysynchrony-checkoutsynchrony-paymentssynchrony-pluginwordpress-ecommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Synchrony Financing Safe to Use in 2026?

Generally Safe

Score 100/100

Synchrony Financing has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The "synchrony-payments" plugin v1.0.9 exhibits a generally good security posture with a few notable areas of concern. The plugin demonstrates strong adherence to secure coding practices, with a high percentage of SQL queries utilizing prepared statements and an excellent rate of proper output escaping. The absence of dangerous functions, file operations, and known vulnerabilities in its history further contributes to a positive security outlook. However, the presence of unprotected AJAX handlers represents a significant risk. Two out of four AJAX handlers lack authentication checks, which could allow unauthorized users to trigger potentially sensitive actions. While taint analysis shows no critical or high-severity unsanitized flows, the unprotected AJAX endpoints could still be a vector for exploiting other, perhaps minor, vulnerabilities not directly detected by static analysis. The plugin's clean vulnerability history is encouraging, suggesting a history of diligent security efforts or fortunate avoidance of past issues. Overall, the plugin has a solid foundation, but the unprotected AJAX handlers are a critical weakness that requires immediate attention to prevent potential exploitation.

Key Concerns

Unprotected AJAX handlers

Vulnerabilities

None known

Synchrony Financing Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Synchrony Financing Code Analysis

Dangerous Functions

Raw SQL Queries

8 prepared

Unescaped Output

244 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

89% prepared9 total queries

Output Escaping

95% escaped257 total outputs

Attack Surface

2 unprotected

Synchrony Financing Attack Surface

Entry Points11

Unprotected2

AJAX Handlers 4

authwp_ajax_checkout_form_datasrc\frontend\class-synchrony-cart-hooks.php:45

noprivwp_ajax_checkout_form_datasrc\frontend\class-synchrony-cart-hooks.php:46

authwp_ajax_place_custom_ordersrc\gateway\class-synchrony-custom-order.php:196

noprivwp_ajax_place_custom_ordersrc\gateway\class-synchrony-custom-order.php:197

Shortcodes 7

[synchrony_mppbanner_link_widget] src\frontend\class-synchrony-cart-hooks.php:43

[synchrony_button] src\frontend\class-synchrony-cart-hooks.php:44

[synchrony_multiwidget] src\frontend\class-synchrony-frontend.php:132

[synchrony_product_widget] src\frontend\class-synchrony-frontend.php:137

[synchrony_cart_widget] src\frontend\class-synchrony-widgets.php:46

[synchrony_checkout_widget] src\frontend\class-synchrony-widgets.php:47

[synchrony_error_message] src\gateway\class-synchrony-gateway.php:203

WordPress Hooks 63

actionadmin_noticesclass-synchrony-payment.php:187

actionadmin_noticesclass-synchrony-payment.php:197

actionadmin_noticesclass-synchrony-payment.php:206

actionwp_enqueue_scriptsclass-synchrony-payment.php:219

actionadmin_enqueue_scriptsclass-synchrony-payment.php:220

filterwp_nav_menu_objectsclass-synchrony-payment.php:238

filterwoocommerce_payment_gatewaysclass-synchrony-payment.php:239

actionplugins_loadedclass-synchrony-payment.php:240

actionadd_meta_boxesclass-synchrony-payment.php:241

actionadmin_noticesclass-synchrony-payment.php:244

actionwoocommerce_thankyouclass-synchrony-payment.php:245

actionwidgets_initclass-synchrony-payment.php:246

actionbefore_woocommerce_initclass-synchrony-payment.php:248

filterscript_loader_tagclass-synchrony-payment.php:249

actionwoocommerce_blocks_loadedclass-synchrony-payment.php:253

actionwoocommerce_blocks_payment_method_type_registrationclass-synchrony-payment.php:257

filterpage_templateclass-synchrony-payment.php:310

actionadmin_footersrc\admin\class-synchrony-admin-order.php:34

actionadmin_noticessrc\admin\class-synchrony-admin-order.php:35

actionadmin_enqueue_scriptssrc\admin\class-synchrony-admin-order.php:36

filterwoocommerce_get_sections_checkoutsrc\admin\class-synchrony-admin.php:143

filterwoocommerce_get_settings_checkoutsrc\admin\class-synchrony-admin.php:144

actionwoocommerce_settings_checkoutsrc\admin\class-synchrony-admin.php:145

actionwoocommerce_process_shop_order_metasrc\admin\class-synchrony-admin.php:147

actionsave_postsrc\admin\class-synchrony-admin.php:149

actionpost_submitbox_misc_actionssrc\admin\class-synchrony-admin.php:152

actioninitsrc\admin\class-synchrony-mppaw-banner.php:20

actionmanage_mpp-banner_posts_custom_columnsrc\admin\class-synchrony-mppaw-banner.php:21

actionadmin_headsrc\admin\class-synchrony-mppaw-banner.php:22

filterpost_row_actionssrc\admin\class-synchrony-mppaw-banner.php:23

filtermanage_mpp-banner_posts_columnssrc\admin\class-synchrony-mppaw-banner.php:24

actionenqueue_block_editor_assetssrc\blocks\class-synchrony-block-cart-widget.php:22

actionenqueue_block_editor_assetssrc\blocks\class-synchrony-block-checkout-widget.php:22

actionenqueue_block_editor_assetssrc\blocks\class-synchrony-block-mpp-widget.php:22

actionenqueue_block_editor_assetssrc\blocks\class-synchrony-block-split-modal.php:22

actionwp_headsrc\frontend\class-synchrony-cart-hooks.php:42

actionwp_footersrc\frontend\class-synchrony-cart-hooks.php:47

actionwoocommerce_after_order_notessrc\frontend\class-synchrony-cart-hooks.php:48

filterwoocommerce_gateway_descriptionsrc\frontend\class-synchrony-cart-hooks.php:51

filterwoocommerce_proceed_to_checkoutsrc\frontend\class-synchrony-cart-hooks.php:54

actionwoocommerce_after_shop_loop_itemsrc\frontend\class-synchrony-frontend.php:133

actionwp_footersrc\frontend\class-synchrony-frontend.php:136

actionwp_headsrc\frontend\class-synchrony-frontend.php:139

actionwoocommerce_before_single_productsrc\frontend\class-synchrony-frontend.php:141

filterwoocommerce_available_payment_gatewayssrc\frontend\class-synchrony-frontend.php:144

actionwoocommerce_after_cartsrc\frontend\class-synchrony-widgets.php:43

actionwoocommerce_review_order_after_paymentsrc\frontend\class-synchrony-widgets.php:44

actionbefore_woocommerce_paysrc\frontend\class-synchrony-widgets.php:45

actionwoocommerce_before_checkout_formsrc\gateway\class-synchrony-gateway.php:202

actionrest_api_initsrc\webhooks\class-synchrony-callback.php:109

actionrest_api_initsrc\webhooks\class-synchrony-callback.php:110

actionrest_api_initsrc\webhooks\class-synchrony-callback.php:111

actionwoocommerce_before_cart_tablesrc\webhooks\class-synchrony-callback.php:112

actionrest_api_initsrc\webhooks\class-synchrony-callback.php:113

actionrest_api_initsrc\webhooks\class-synchrony-callback.php:114

actionrest_api_initsrc\webhooks\class-synchrony-callback.php:115

actionrest_api_initsrc\webhooks\class-synchrony-callback.php:116

actionwoocommerce_initsrc\webhooks\class-synchrony-callback.php:117

actionrest_api_initsrc\webhooks\class-synchrony-callback.php:118

actionrest_api_initsrc\webhooks\class-synchrony-callback.php:119

actionrest_api_initsrc\webhooks\class-synchrony-callback.php:120

actionrest_api_initsrc\webhooks\class-synchrony-callback.php:121

actionshutdownsrc\webhooks\class-synchrony-callback.php:167

Maintenance & Trust

Synchrony Financing Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 9, 2026

PHP min version7.2

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs60

Alternatives

Synchrony Financing Alternatives

Braintree for WooCommerce Payment Gateway

woocommerce-gateway-paypal-powered-by-braintree

100

Accept PayPal, Credit Cards, and Debit Cards on your WooCommerce store.

10K No CVEs

Payment Integration Wompi

payment-integration-wompi

Integration of Wompi for Woocommerce

1K No CVEs

Skroutz & Bestprice XML feed for WooCommerce

woo-xml-feed-for-skroutzgr-bestpricegr

100

Create Skroutz and Bestprice XML feeds for Woocommerce

1K No CVEs

2C2P Redirect API for WooCommerce

2c2p-redirect-api-for-woocommerce

Accept Payment (Credit/Debit Cards, Alipay, Alternative/Cash Payments) on your WooCommerce webstore.

900 No CVEs

Payment Integration Wompi – El Salvador

wompi-el-salvador

Integración para Wompi - El Salvador para Woocommerce

800 No CVEs

Developer Profile

Synchrony Financing Developer Profile

syfwoocommerce

1 plugin · 60 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Synchrony Financing

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/synchrony-payments/assets/js/synchrony-common.js

Script Paths

assets/js/synchrony-common.js

Version Parameters

synchrony-common.js?ver=1.0.9.1

HTML / DOM Fingerprints

CSS Classes

synchrony-payment-settings

Data Attributes

data-synchrony-gateway-url

JS Globals

synchrony_payment_data

REST Endpoints

/wp-json/synchrony-payments/v1/settings/wp-json/synchrony-payments/v1/checkout/wp-json/synchrony-payments/v1/payment-status

Shortcode Output

[synchrony_payment_button]

FAQ