Does UnivaPay for WooCommerce have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is UnivaPay for WooCommerce compatible with WordPress 6.8.5?

According to WordPress.org data, UnivaPay for WooCommerce 0.4.6 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is UnivaPay for WooCommerce compatible with PHP 7.4+?

UnivaPay for WooCommerce requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is UnivaPay for WooCommerce updated?

UnivaPay for WooCommerce was last updated on Aug 29, 2025. Frequent updates are generally a positive security signal.

What is UnivaPay for WooCommerce's security score?

UnivaPay for WooCommerce has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

UnivaPay for WooCommerce Security & Risk Analysis

wordpress.org/plugins/univapay-for-wc

UnivaPayを使用して、WooCommerceでクレジットカード決済を可能にするプラグインです。

90 active installs v0.4.6 PHP 7.4+ WP 6.2.2+ Updated Aug 29, 2025

credit-cardpayment-requestwoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is UnivaPay for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

UnivaPay for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8mo ago

Risk Assessment

The static analysis of "univapay-for-wc" v0.4.6 reveals a generally strong security posture with no identified critical or high-severity issues in the code. The absence of dangerous functions, raw SQL queries, external HTTP requests, and taint flows suggests that the developers have implemented many good security practices. The plugin also boasts a clean vulnerability history with zero recorded CVEs, indicating a history of stability and security. However, there are a few areas of concern. The plugin has a very limited attack surface, with no AJAX handlers, REST API routes, shortcodes, or cron events, which is a positive sign. Nevertheless, the 0% nonce checks and 0% capability checks on potential entry points, coupled with only 33% of output being properly escaped, present potential weaknesses. While the attack surface is minimal, any future expansion or unforeseen interactions could be vulnerable if these checks are not implemented. The single file operation without further context is also a point to monitor.

Key Concerns

No nonce checks on entry points
No capability checks on entry points
67% of output not properly escaped
1 file operation without context

Vulnerabilities

None known

UnivaPay for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

UnivaPay for WooCommerce Release Timeline

v0.4.6Current

v0.4.5

v0.4.4-1

v0.4.3

v0.4.2

v0.4.1

v0.4.0

v0.3.6

v0.3.5

v0.3.4

v0.3.3

v0.3.2

v0.3.1

v0.3.0

v0.2.9

v0.2.8

v0.2.7

v0.2.6

v0.2.5

v0.2.4

Code Analysis

Analyzed Mar 16, 2026

UnivaPay for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

1 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

33% escaped3 total outputs

Attack Surface

UnivaPay for WooCommerce Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 8

actionwp_enqueue_scriptsincludes\WC-Univapay-Gateway.php:116

actiontemplate_redirectincludes\WC-Univapay-Gateway.php:117

actionwoocommerce_admin_order_data_after_order_detailsincludes\WC-Univapay-Gateway.php:121

actionplugins_loadedUnivaPay-for-WooCommerce.php:22

filterwoocommerce_payment_gatewaysUnivaPay-for-WooCommerce.php:32

actionwoocommerce_blocks_loadedUnivaPay-for-WooCommerce.php:33

actionadd_meta_boxesUnivaPay-for-WooCommerce.php:34

actionwoocommerce_blocks_payment_method_type_registrationUnivaPay-for-WooCommerce.php:126

Maintenance & Trust

UnivaPay for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedAug 29, 2025

PHP min version7.4

Downloads4K

Community Trust

Rating0/100

Number of ratings0

Active installs90

Alternatives

UnivaPay for WooCommerce Alternatives

WooCommerce Payfast Gateway

woocommerce-payfast-gateway

100

Give customers more flexibility and increase your bottom line with Payfast — one of South Africa’s most popular payment gateways.

30K No CVEs

Eway Payments for Woo

woocommerce-gateway-eway

100

This is the official WooCommerce extension to take credit card and subscription payments directly on your store with Eway.

3K 1 CVE

Peach Payments Gateway

wc-peach-payments-gateway

A payment gateway integration between WooCommerce and Peach Payments.

1K 2 CVEs

Paymennt

paymennt-card-payment

Take credit card payments on your woocommerce store using Paymennt.

300 No CVEs

YouCan Pay

youcan-pay-for-woocommerce

Take credit card payments on your store using YouCan Pay.

200 No CVEs

Developer Profile

UnivaPay for WooCommerce Developer Profile

UnivaPay

1 plugin · 90 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect UnivaPay for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/univapay-for-wc/assets/js/univapay.js/wp-content/plugins/univapay-for-wc/assets/css/univapay.css

Version Parameters

univapay-for-wc/assets/js/univapay.js?ver=univapay-for-wc/assets/css/univapay.css?ver=

HTML / DOM Fingerprints

Data Attributes

data-api-tokendata-api-secretdata-api-urldata-public-tokendata-capturedata-store-id+6 more

JS Globals

Univapay

FAQ