WP-Safety

Virtuaria Rede ( Itaú ) Pagamentos Security & Risk Analysis

wordpress.org/plugins/virtuaria-eredeitau

Pagamentos via Pix e Cartão de Crédito na sua loja virtual com a confiabilidade da Rede / Itaú diretamente em seu WooCommerce.

60 active installs v2.0.0 PHP 7.4+ WP 4.7+ Updated Jan 6, 2026
cartaoitaupagamentospixrede
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Virtuaria Rede ( Itaú ) Pagamentos Safe to Use in 2026?

Generally Safe

Score 100/100

Virtuaria Rede ( Itaú ) Pagamentos has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago
Risk Assessment

The virtuaria-eredeitau v2.0.1 plugin exhibits a generally good security posture, demonstrating strong adherence to several best practices. The absence of known CVEs and a clean vulnerability history are positive indicators. The code analysis reveals robust use of prepared statements for SQL queries, and an overwhelming majority of outputs are properly escaped, significantly mitigating common injection risks. Nonce checks are present in most areas, and there are no REST API routes or shortcodes, which are often common attack vectors. However, there are a couple of areas that warrant attention. The presence of two AJAX handlers, while not explicitly stated as unprotected, raises a slight concern if authentication or capability checks are not consistently enforced. Furthermore, the taint analysis identified two flows with unsanitized paths, even though they are not categorized as critical or high severity. This suggests a potential for path traversal or similar issues if the inputs leading to these flows are not strictly validated. The file operation and external HTTP requests, while not inherently risky, represent potential points of failure or interaction that could be exploited if not properly secured.

In conclusion, virtuaria-eredeitau v2.0.1 appears to be a relatively secure plugin with strong foundational security practices. The lack of critical vulnerabilities and the excellent handling of SQL and output escaping are significant strengths. The primary concerns lie in the potential for unvalidated paths in the taint analysis and the general need for thorough authorization checks on the AJAX endpoints. These are not critical flaws but represent areas where vigilance is required to maintain its good security record. Addressing these specific points would further enhance the plugin's overall security.

Key Concerns

  • Unsanitized paths in taint analysis
  • Potential for missing auth on AJAX handlers
  • File operation detected
  • External HTTP requests detected
Vulnerabilities
None known

Virtuaria Rede ( Itaú ) Pagamentos Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Virtuaria Rede ( Itaú ) Pagamentos Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
2
153 escaped
Nonce Checks
9
Capability Checks
0
File Operations
1
External Requests
7
Bundled Libraries
0

Output Escaping

99% escaped155 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths
process_payment (includes\class-virtuaria-erede-gateway-credit.php:388)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Virtuaria Rede ( Itaú ) Pagamentos Attack Surface

Entry Points2
Unprotected0

AJAX Handlers 2

authwp_ajax_erede_fetch_payment_orderincludes\class-virtuaria-erede-events.php:46
noprivwp_ajax_erede_fetch_payment_orderincludes\class-virtuaria-erede-events.php:50
WordPress Hooks 31
filterwoocommerce_new_order_note_dataincludes\api\class-virtuaria-erede-pix-api.php:204
actionwoocommerce_process_shop_order_metaincludes\class-virtuaria-erede-additional-charge.php:75
actioninitincludes\class-virtuaria-erede-additional-charge.php:173
actionwoocommerce_api_wc_virtuaria_erede_gatewayincludes\class-virtuaria-erede-events.php:35
actionerede_process_update_order_statusincludes\class-virtuaria-erede-events.php:39
actionwp_enqueue_scriptsincludes\class-virtuaria-erede-gateway-credit.php:196
actionadmin_enqueue_scriptsincludes\class-virtuaria-erede-gateway-credit.php:197
filterwoocommerce_get_order_item_totalsincludes\class-virtuaria-erede-gateway-credit.php:199
actionvirt_rede_capture_transactionincludes\class-virtuaria-erede-gateway-credit.php:222
actionwoocommerce_process_shop_order_metaincludes\class-virtuaria-erede-gateway-credit.php:229
actionadmin_enqueue_scriptsincludes\class-virtuaria-erede-gateway-pix.php:169
actionwoocommerce_email_after_order_tableincludes\class-virtuaria-erede-gateway-pix.php:174
actionwp_enqueue_scriptsincludes\class-virtuaria-erede-gateway-pix.php:180
filtervirtuaria_erede_disable_discountincludes\class-virtuaria-erede-gateway-pix.php:185
filterwoocommerce_gateway_titleincludes\class-virtuaria-erede-gateway-pix.php:191
actionafter_virtuaria_pix_validate_textincludes\class-virtuaria-erede-gateway-pix.php:197
actionafter_virtuaria_pix_validate_textincludes\class-virtuaria-erede-gateway-pix.php:201
filterwoocommerce_new_order_note_dataincludes\class-virtuaria-erede-gateway-pix.php:582
actionadmin_menuincludes\class-virtuaria-erede-settings.php:40
actionadmin_enqueue_scriptsincludes\class-virtuaria-erede-settings.php:41
actionadmin_initincludes\class-virtuaria-erede-settings.php:42
actionin_admin_footerincludes\class-virtuaria-erede-settings.php:43
filterwoocommerce_erede_virt_iconincludes\class-virtuaria-erede-settings.php:44
filterwoocommerce_erede_virt_icon_pixincludes\class-virtuaria-erede-settings.php:45
actionwoocommerce_after_shop_loop_item_titleincludes\class-virtuaria-erede-settings.php:46
actionadmin_noticesincludes\class-virtuaria-erede-settings.php:52
actioninitvirtuaria-erede.php:52
filterwoocommerce_payment_gatewaysvirtuaria-erede.php:55
actionwoocommerce_before_checkout_billing_formvirtuaria-erede.php:56
actionadmin_noticesvirtuaria-erede.php:61
actionplugins_loadedvirtuaria-erede.php:204

Scheduled Events 4

erede_process_update_order_status
erede_process_update_order_status
erede_process_update_order_status
erede_pix_check_payment
Maintenance & Trust

Virtuaria Rede ( Itaú ) Pagamentos Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedJan 6, 2026
PHP min version7.4
Downloads1K

Community Trust

Rating100/100
Number of ratings1
Active installs60
Alternatives

Virtuaria Rede ( Itaú ) Pagamentos Alternatives

Rede Itaú for WooCommerce — Payment PIX, Credit Card and Debit

Rede Itaú for WooCommerce — Payment PIX, Credit Card and Debit

woo-rede

A
98

Payment Gateway for Rede Itaú for WooCommerce - PIX, Credit Card and Debit Cards.

1K 2 CVEs
iPag Pagamentos Digitais

iPag Pagamentos Digitais

ipag-woocommerce

A
100

Facilite pagamentos online com segurança e rapidez, integrando sua loja ao nosso gateway e PSP.

100 No CVEs
Virtuaria Payments by Payco

Virtuaria Payments by Payco

virtuaria-payments-by-payco

A
100

Permite pagamentos via Pix com confirmação automática na sua loja Woocommerce.

0 No CVEs
Virtuaria Serveloja

Virtuaria Serveloja

virtuaria-serveloja

A
100

Permite pagamentos com Cartão de crédito e Pix com confirmação automática na sua loja Woocommerce.

0 No CVEs
Virtuaria PagBank / PagSeguro para Woocommerce

Virtuaria PagBank / PagSeguro para Woocommerce

virtuaria-pagseguro

A
99

Crédito, Pix e Boleto na sua loja virtual. Mais segurança, menos chargebacks com 3DS. Descontos nas taxas do PagBank.

1K 1 CVE
Developer Profile

Virtuaria Rede ( Itaú ) Pagamentos Developer Profile

Virtuaria

10 plugins · 2K total installs

91
trust score
Avg Security Score
95/100
Avg Patch Time
22 days
View full developer profile
Detection Fingerprints

How We Detect Virtuaria Rede ( Itaú ) Pagamentos

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/virtuaria-eredeitau/public/images/erede.png
Version Parameters
virtuaria-eredeitau/style.css?ver=

HTML / DOM Fingerprints

CSS Classes
virtuaria-eredeitau
Data Attributes
data-plugin-name="virtuaria-eredeitau"
REST Endpoints
/wp-json/v1/auth/premium/plugins
FAQ

Frequently Asked Questions about Virtuaria Rede ( Itaú ) Pagamentos