Does WC Moneris Payment Gateway have any unpatched vulnerabilities?

No. All known vulnerabilities in WC Moneris Payment Gateway have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WC Moneris Payment Gateway compatible with WordPress 6.8.5?

According to WordPress.org data, WC Moneris Payment Gateway 3.6 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

How often is WC Moneris Payment Gateway updated?

WC Moneris Payment Gateway was last updated on Aug 13, 2025. Frequent updates are generally a positive security signal.

What is WC Moneris Payment Gateway's security score?

WC Moneris Payment Gateway has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WC Moneris Payment Gateway Security & Risk Analysis

wordpress.org/plugins/wc-moneris-payment-gateway

A simple plugin that easily add moneris payment gateway to your WooCommerce website.

900 active installs v3.6 PHP + WP 4.9+ Updated Aug 13, 2025

credit-cardmonerispayment-gatewaywc-moneris-payment-gatewaywoocommerce-moneris-payment-gateway

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is WC Moneris Payment Gateway Safe to Use in 2026?

Generally Safe

Score 100/100

WC Moneris Payment Gateway has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7mo ago

Risk Assessment

The plugin "wc-moneris-payment-gateway" v3.6 exhibits a generally strong security posture due to its adherence to several best practices. Notably, it utilizes prepared statements for all SQL queries and appears to have no history of reported vulnerabilities, suggesting a diligent development team. The absence of dangerous functions, file operations, and bundled libraries further contribute to a lower risk profile. However, a significant concern arises from the presence of one unprotected AJAX handler, which represents a direct attack surface without proper authentication or authorization checks. While the static analysis did not reveal critical taint flows or unsanitized paths, the unprotected entry point could still be exploited if sensitive actions are performed within it without adequate validation. The plugin also shows a moderate percentage of improperly escaped output, which, while not flagged as critical, can sometimes lead to cross-site scripting (XSS) vulnerabilities if user-supplied data is displayed without proper sanitization.

Key Concerns

AJAX handler without authentication
Improperly escaped output (33%)

Vulnerabilities

None known

WC Moneris Payment Gateway Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

WC Moneris Payment Gateway Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

44 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

67% escaped66 total outputs

Attack Surface

1 unprotected

WC Moneris Payment Gateway Attack Surface

Entry Points2

Unprotected1

AJAX Handlers 2

authwp_ajax_wpheka_moneris_submit_deactivationincludes\admin\class-wpheka-gateway-moneris-deactivation.php:46

authwp_ajax_wpheka_gateway_moneris_donation_dismiss_noticeincludes\admin\class-wpheka-gateway-moneris-donation.php:33

WordPress Hooks 22

actionadmin_footerincludes\admin\class-wpheka-gateway-moneris-deactivation.php:45

actionadmin_noticesincludes\admin\class-wpheka-gateway-moneris-donation.php:31

actionadmin_enqueue_scriptsincludes\admin\class-wpheka-gateway-moneris-donation.php:32

filterplugin_row_metaincludes\admin\class-wpheka-gateway-moneris-donation.php:35

actionadmin_enqueue_scriptsincludes\admin\class-wpheka-gateway-moneris-donation.php:36

actionadmin_initincludes\admin\class-wpheka-gateway-moneris-donation.php:100

actionadmin_enqueue_scriptsincludes\class-wpheka-gateway-moneris.php:59

actionwoocommerce_after_settings_checkoutincludes\class-wpheka-gateway-moneris.php:61

actionplugins_loadedwc-moneris-payment-gateway.php:92

actionbefore_woocommerce_initwc-moneris-payment-gateway.php:106

actionbefore_woocommerce_initwc-moneris-payment-gateway.php:124

actionwoocommerce_blocks_payment_method_type_registrationwc-moneris-payment-gateway.php:136

actionwoocommerce_blocks_loadedwc-moneris-payment-gateway.php:146

actionafter_setup_themewc-moneris-payment-gateway.php:165

actionadmin_noticeswc-moneris-payment-gateway.php:172

actionadmin_noticeswc-moneris-payment-gateway.php:177

actionadmin_noticeswc-moneris-payment-gateway.php:182

actionadmin_noticeswc-moneris-payment-gateway.php:187

actionadmin_noticeswc-moneris-payment-gateway.php:192

actionadmin_initwc-moneris-payment-gateway.php:245

filterwoocommerce_payment_gatewayswc-moneris-payment-gateway.php:267

filterplugin_row_metawc-moneris-payment-gateway.php:269

Maintenance & Trust

WC Moneris Payment Gateway Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedAug 13, 2025

PHP min version

Downloads23K

Community Trust

Rating84/100

Number of ratings5

Active installs900

Alternatives

WC Moneris Payment Gateway Alternatives

PayU GPO Payment for WooCommerce

woo-payu-payment-gateway

100

PayU fast online payments for WooCommerce. Banks, BLIK, credit or debit cards, Installments, Apple Pay, Google Pay.

10K No CVEs

Asaas Gateway for WooCommerce

woo-asaas

100

Take transparent credit card and bank ticket payment checkouts on your store using Asaas.

9K No CVEs

Payment Gateway of PayPal for WooCommerce

express-checkout-paypal-payment-gateway-for-woocommerce

100

Enable faster checkout with PayPal for WooCommerce. Add PayPal Express/PayPal Standard gateways that accept PayPal, Pay Later, debit & credit cards.

8K No CVEs

Midtrans-WooCommerce

midtrans-woocommerce

Midtrans-WooCommerce is plugin for Midtrans, Indonesian Payment Gateway. Brings safety and highly dedicated to customer experience (UX) to WooCommerce

5K No CVEs

MultiSafepay plugin for WooCommerce

multisafepay

MultiSafepay offers the most comprehensive payment solutions. Easily integrate the payment solutions of MultiSafepay into your webshop.

2K 1 CVE

Developer Profile

WC Moneris Payment Gateway Developer Profile

akshayaswaroop

4 plugins · 2K total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WC Moneris Payment Gateway

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wc-moneris-payment-gateway/assets/css/blocks/credit-card-inputs.css

Version Parameters

/wc-moneris-payment-gateway/assets/css/blocks/credit-card-inputs.css?ver=

HTML / DOM Fingerprints

FAQ