Does USDC Payments with Buyer Protection have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is USDC Payments with Buyer Protection compatible with WordPress 6.8.5?

According to WordPress.org data, USDC Payments with Buyer Protection 5.0.6 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is USDC Payments with Buyer Protection compatible with PHP 7.4+?

USDC Payments with Buyer Protection requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is USDC Payments with Buyer Protection updated?

USDC Payments with Buyer Protection was last updated on Jan 9, 2026. Frequent updates are generally a positive security signal.

What is USDC Payments with Buyer Protection's security score?

USDC Payments with Buyer Protection has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

USDC Payments with Buyer Protection Security & Risk Analysis

wordpress.org/plugins/usdc-payments-with-buyer-protection

Accept USDC cryptocurrency payments with smart contract escrow protection. 1% fees, zero chargebacks, unlimited free refunds.

0 active installs v5.0.6 PHP 7.4+ WP 5.0+ Updated Jan 9, 2026

blockchaincryptocurrencypayment-gatewayusdcwoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is USDC Payments with Buyer Protection Safe to Use in 2026?

Generally Safe

Score 100/100

USDC Payments with Buyer Protection has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago

Risk Assessment

The 'usdc-payments-with-buyer-protection' v5.0.6 plugin exhibits a generally good security posture, adhering to several best practices such as using prepared statements for all SQL queries and a high percentage of properly escaped output. The absence of known CVEs and dangerous functions further contributes to this positive assessment. However, there are notable areas of concern that slightly detract from its overall security.

The primary risk identified stems from the attack surface. Specifically, 10 AJAX handlers are present, with 2 of them lacking authentication checks. This creates a potential entry point for unauthenticated attackers to interact with sensitive plugin functionalities. While no critical or high severity taint flows were detected, the presence of 3 flows with unsanitized paths indicates a need for careful review and sanitization of user-supplied data, even if they are not currently exploited in a critical manner.

The plugin's vulnerability history is spotless, with no recorded CVEs. This suggests a history of responsible development and patching, or potentially a lack of significant security scrutiny in the past. The plugin's strengths lie in its clean SQL handling and output escaping. The main weakness is the unprotected AJAX endpoints, which should be addressed to further harden its security.

Key Concerns

Unprotected AJAX handlers present
Taint flows with unsanitized paths detected

Vulnerabilities

None known

USDC Payments with Buyer Protection Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

USDC Payments with Buyer Protection Release Timeline

v5.0.6Current

v5.0.5

v5.0.4

v5.0.3

v5.0.2

v5.0.1

v5.0.0

v4.2.0

v4.1.0

v4.0.0

v3.1.4

v3.1.3

v3.1.2

v3.1.1

v3.1.0

v3.0.0

v2.5.9

v2.5.8

v2.5.7

v1.0.1

Code Analysis

Analyzed Apr 16, 2026

USDC Payments with Buyer Protection Code Analysis

Dangerous Functions

Raw SQL Queries

19 prepared

Unescaped Output

265 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared19 total queries

Output Escaping

96% escaped275 total outputs

Data Flows · Security

3 unsanitized

Data Flow Analysis

3 flows3 with unsanitized paths

receipt_page (includes/class-wc-gateway-usdc.php:249)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

USDC Payments with Buyer Protection Attack Surface

Entry Points11

Unprotected2

AJAX Handlers 10

authwp_ajax_usdc_approve_manual_paymentincludes/admin/class-admin-settings.php:28

authwp_ajax_usdc_reject_manual_paymentincludes/admin/class-admin-settings.php:29

authwp_ajax_usdc_create_contractincludes/class-wc-gateway-usdc.php:70

noprivwp_ajax_usdc_create_contractincludes/class-wc-gateway-usdc.php:71

authwp_ajax_usdc_store_contract_infoincludes/class-wc-gateway-usdc.php:72

noprivwp_ajax_usdc_store_contract_infoincludes/class-wc-gateway-usdc.php:73

authwp_ajax_usdc_check_payment_statusincludes/class-wc-gateway-usdc.php:74

noprivwp_ajax_usdc_check_payment_statusincludes/class-wc-gateway-usdc.php:75

authwp_ajax_usdc_verify_paymentincludes/class-wc-gateway-usdc.php:76

noprivwp_ajax_usdc_verify_paymentincludes/class-wc-gateway-usdc.php:77

REST API Routes 1

POST/wp-json/usdc-payments-with-buyer-protection/v1/webhookincludes/class-webhook-handler.php:28

WordPress Hooks 26

actionadmin_menuincludes/admin/class-admin-settings.php:21

actionadmin_initincludes/admin/class-admin-settings.php:22

actionadmin_noticesincludes/admin/class-admin-settings.php:23

actionadmin_enqueue_scriptsincludes/admin/class-admin-settings.php:24

filterwoocommerce_shipping_instance_form_fields_flat_rateincludes/class-shipping-settings.php:19

filterwoocommerce_shipping_instance_form_fields_free_shippingincludes/class-shipping-settings.php:20

filterwoocommerce_shipping_instance_form_fields_local_pickupincludes/class-shipping-settings.php:21

filterwoocommerce_shipping_method_add_settings_fieldsincludes/class-shipping-settings.php:24

actionwoocommerce_after_shipping_rateincludes/class-shipping-settings.php:27

actionwp_enqueue_scriptsincludes/class-wc-gateway-usdc.php:57

actionwpincludes/class-wc-gateway-usdc.php:63

filterwoocommerce_thankyou_order_received_textincludes/class-wc-gateway-usdc.php:66

filterthe_titleincludes/class-wc-gateway-usdc.php:67

actiontemplate_redirectincludes/class-wc-gateway-usdc.php:80

actionrest_api_initincludes/class-webhook-handler.php:21

actionplugins_loadedusdc-payments-with-buyer-protection.php:70

actionadmin_noticesusdc-payments-with-buyer-protection.php:81

filterwoocommerce_payment_gatewaysusdc-payments-with-buyer-protection.php:92

actionwoocommerce_product_options_general_product_datausdc-payments-with-buyer-protection.php:117

actionwoocommerce_process_product_metausdc-payments-with-buyer-protection.php:118

actioninitusdc-payments-with-buyer-protection.php:122

filterquery_varsusdc-payments-with-buyer-protection.php:123

actionwp_enqueue_scriptsusdc-payments-with-buyer-protection.php:126

actionadmin_enqueue_scriptsusdc-payments-with-buyer-protection.php:127

actionwoocommerce_admin_order_data_after_billing_addressusdc-payments-with-buyer-protection.php:130

actionwoocommerce_order_details_after_order_tableusdc-payments-with-buyer-protection.php:131

Maintenance & Trust

USDC Payments with Buyer Protection Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedJan 9, 2026

PHP min version7.4

Downloads515

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

USDC Payments with Buyer Protection Alternatives

Coinley – Cryptocurrency Payments

coinley-payment-gateway

100

Accept cryptocurrency payments on your WooCommerce store with lower fees, instant settlements, and no chargebacks.

0 No CVEs

NOWPayments for WooCommerce – Crypto Payment Gateway

nowpayments-for-woocommerce

100

Accept Bitcoin, Ethereum, and 300+ cryptocurrencies in WooCommerce using the official NOWPayments crypto payment gateway.

3K No CVEs

Helio Pay (Accept 1-click crypto payments #USDC #SOL #BTC #ETH)

helio

Helio Pay ⚡⚡ Sell more with crypto ⚡⚡ - Accept crypto payments the easy way - Set up in minutes & get paid instantly with real-time payouts - Sell …

600 No CVEs

Accept Bitcoin instantly via OpenNode

opennode-for-woocommerce

100

Start accepting Bitcoin instantly through Lightning Network today. Powered by OpenNode

400 No CVEs

ShieldClimb – Crypto Payment Gateway for WooCommerce

shieldclimb-crypto-payment-gateway

100

Crypto Payment Gateway with instant payouts—accept cryptocurrency with no registration, no KYC, and no delays. Your crypto, your control.

80 No CVEs

Developer Profile

USDC Payments with Buyer Protection Developer Profile

instantescrow

1 plugin · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect USDC Payments with Buyer Protection

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/usdc-payments-with-buyer-protection/assets/js/checkout.js/wp-content/plugins/usdc-payments-with-buyer-protection/assets/css/checkout.css/wp-content/plugins/usdc-payments-with-buyer-protection/assets/css/admin.css

Script Paths

/wp-content/plugins/usdc-payments-with-buyer-protection/assets/js/checkout.js

Version Parameters

usdc-payments-with-buyer-protection/assets/js/checkout.js?ver=usdc-payments-with-buyer-protection/assets/css/checkout.css?ver=usdc-payments-with-buyer-protection/assets/css/admin.css?ver=

HTML / DOM Fingerprints

CSS Classes

usdc-contract-info

Data Attributes

usdc_payment_nonce

JS Globals

usdc_payments_params

FAQ