Does IMMAGIT ePayco Payment Gateway for WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in IMMAGIT ePayco Payment Gateway for WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is IMMAGIT ePayco Payment Gateway for WooCommerce compatible with WordPress 6.4.8?

According to WordPress.org data, IMMAGIT ePayco Payment Gateway for WooCommerce 1.1.8 has been tested up to WordPress 6.4.8. Check the plugin's changelog for the latest compatibility information.

Is IMMAGIT ePayco Payment Gateway for WooCommerce compatible with PHP 7.0+?

IMMAGIT ePayco Payment Gateway for WooCommerce requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

What is IMMAGIT ePayco Payment Gateway for WooCommerce's security score?

IMMAGIT ePayco Payment Gateway for WooCommerce has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

IMMAGIT ePayco Payment Gateway for WooCommerce Security & Risk Analysis

wordpress.org/plugins/wc-epayco-payment-gateway

Receive payments by more than 22 means (credit card, digital wallet, bank transfer, cash and more payments) through the ePayco Colombia service in you …

60 active installs v1.1.8 PHP 7.0+ WP 5.6+ Updated Dec 17, 2023

checkoutepaycogatewayspaymentswoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is IMMAGIT ePayco Payment Gateway for WooCommerce Safe to Use in 2026?

Generally Safe

Score 85/100

IMMAGIT ePayco Payment Gateway for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2yr ago

Risk Assessment

The "wc-epayco-payment-gateway" plugin, version 1.1.8, presents a concerning security posture due to a significant number of unprotected entry points. While the plugin exhibits good practices in its handling of SQL queries and avoids dangerous functions or file operations, the presence of two AJAX handlers without authentication checks is a major vulnerability. This allows any authenticated user, or potentially even unauthenticated users depending on the specific AJAX handler implementation, to trigger potentially harmful actions. The taint analysis, though limited in scope, did identify two flows with unsanitized paths, which, when combined with the unprotected entry points, indicates a risk of input manipulation that could lead to unintended behavior. The absence of any recorded vulnerability history is positive, suggesting a lack of past security flaws. However, this does not negate the immediate risks identified in the static analysis. The plugin has strengths in its database query practices and avoidance of common risky code patterns, but the critical lack of authorization on its AJAX endpoints is a significant weakness that requires immediate attention.

Key Concerns

2 unprotected AJAX handlers
2 flows with unsanitized paths
0 Nonce checks
0 Capability checks
57% properly escaped outputs

Vulnerabilities

None known

IMMAGIT ePayco Payment Gateway for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

IMMAGIT ePayco Payment Gateway for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

12 prepared

Unescaped Output

28 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

86% prepared14 total queries

Output Escaping

57% escaped49 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

<epayco-admin> (includes\admin\epayco-admin.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

IMMAGIT ePayco Payment Gateway for WooCommerce Attack Surface

Entry Points2

Unprotected2

AJAX Handlers 2

authwp_ajax_imma_close_admin_noticesincludes\admin\epayco-admin.php:20

authwp_ajax_imma_replicate_epayco_transactionincludes\admin\epayco-admin.php:21

WordPress Hooks 20

actionadd_meta_boxesincludes\admin\epayco-admin.php:19

actionadd_meta_boxesincludes\admin\epayco-admin.php:22

actionrestrict_manage_postsincludes\class-functions-gateway-imma.php:15

actionwoocommerce_order_list_table_restrict_manage_ordersincludes\class-functions-gateway-imma.php:16

filterpre_get_postsincludes\class-functions-gateway-imma.php:17

filterwoocommerce_shop_order_list_table_prepare_items_query_argsincludes\class-functions-gateway-imma.php:18

filterwoocommerce_thankyou_order_idincludes\class-wc-gateway-epayco.php:73

actionwoocommerce_email_before_order_tableincludes\class-wc-gateway-epayco.php:75

filterwoocommerce_thankyou_order_keyincludes\class-wc-gateway-epayco.php:76

filterwoocommerce_payment_complete_order_statusincludes\class-wc-gateway-epayco.php:77

filterdo_epayco_check_responseincludes\class-wc-gateway-epayco.php:78

filterwoocommerce_can_restore_order_stockincludes\class-wc-gateway-epayco.php:79

actionbefore_woocommerce_initwc-epayco-payment-gateway.php:69

actionplugins_loadedwc-epayco-payment-gateway.php:79

actionadmin_noticeswc-epayco-payment-gateway.php:87

actionadmin_noticeswc-epayco-payment-gateway.php:92

actionadmin_initwc-epayco-payment-gateway.php:122

filterwoocommerce_payment_gatewayswc-epayco-payment-gateway.php:133

actionwoocommerce_maintenance_task_event_epaycowc-epayco-payment-gateway.php:134

actionadmin_noticeswc-epayco-payment-gateway.php:327

Maintenance & Trust

IMMAGIT ePayco Payment Gateway for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.4.8

Last updatedDec 17, 2023

PHP min version7.0

Downloads6K

Community Trust

Rating100/100

Number of ratings1

Active installs60

Alternatives

IMMAGIT ePayco Payment Gateway for WooCommerce Alternatives

ePayco plugin for WooCommerce

epayco-gateway

100

The official ePayco plugin for WooCommerce allows seamless payment processing for your online store.

3K No CVEs

Beep Conditional Payments for WooCommerce

beep-conditional-payments

100

Control WooCommerce payment methods with flexible rules. Enable, disable, or add fees based on order, products, or customers.

10 No CVEs

Shetab Card Field For WooCommerce

woo-iran-shetab-card-field

100

Adding a field for receiving Shetab card number for WooCommerce

10 No CVEs

Amazon Pay for WooCommerce

woocommerce-gateway-amazon-payments-advanced

100

Install the Amazon Pay plugin for your WooCommerce store and take advantage of a seamless checkout experience

20K 1 CVE

myPOS Checkout

mypos-virtual-for-woocommerce

100

One-click checkout with instant settlement. Accept all major cards, Apple Pay and Google Pay. No setup costs or monthly fees.

4K No CVEs

Developer Profile

IMMAGIT ePayco Payment Gateway for WooCommerce Developer Profile

IMMAGIT

2 plugins · 130 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect IMMAGIT ePayco Payment Gateway for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wc-epayco-payment-gateway/assets/css/epayco.css/wp-content/plugins/wc-epayco-payment-gateway/assets/js/epayco.js

Script Paths

/wp-content/plugins/wc-epayco-payment-gateway/assets/js/epayco.js

Version Parameters

wc-epayco-payment-gateway/assets/css/epayco.css?ver=wc-epayco-payment-gateway/assets/js/epayco.js?ver=

HTML / DOM Fingerprints

CSS Classes

epayco-checkout-formepayco_methods

HTML Comments

+4 more

Data Attributes

data-epayco-amountdata-epayco-currencydata-epayco-orderdata-epayco-merchantiddata-epayco-publickeydata-epayco-secure+2 more

JS Globals

epayco_params

REST Endpoints

/wp-json/epayco-payment-gateway/v1/process_payment

FAQ