WP-Safety

Payments via Stripe for WooCommerce Security & Risk Analysis

wordpress.org/plugins/wc-stripe-payment

Accept payments with credit card, GPay, Apple Pay & ACH directly from your website using Payments via Stripe for WooCommerce.

20 active installs v1.0 PHP 5.6+ WP 3.0.1+ Updated Aug 10, 2022
achapple-paycredit-cardgoogle-paystripe
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Payments via Stripe for WooCommerce Safe to Use in 2026?

Generally Safe

Score 85/100

Payments via Stripe for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago
Risk Assessment

The "wc-stripe-payment" v1.0 plugin exhibits a generally good security posture with several positive indicators. The code demonstrates a strong commitment to secure coding practices, evident in the absence of dangerous functions, 100% usage of prepared statements for SQL queries, and a high percentage of properly escaped output. The plugin also incorporates nonce and capability checks, suggesting an effort to protect against common WordPress attacks. The lack of any recorded vulnerabilities or CVEs further strengthens this positive impression, indicating a stable and likely well-maintained codebase.

However, a significant concern arises from the analysis of its attack surface. The plugin has one AJAX handler that lacks authentication checks, creating a direct entry point for potential exploitation. While the taint analysis shows no critical or high-severity flows, the unprotected AJAX endpoint could be leveraged to trigger unintended actions if not properly secured at the application level or within the handler itself. The presence of file operations and external HTTP requests, though not explicitly flagged as risky in this report, warrants careful review in conjunction with the unprotected AJAX endpoint to ensure they are not being misused.

In conclusion, the "wc-stripe-payment" v1.0 plugin shows strengths in its secure coding practices and a clean vulnerability history. The primary weakness is the unprotected AJAX endpoint, which presents a clear risk that needs immediate attention. Addressing this single unprotected entry point should be the priority to significantly improve the plugin's overall security.

Key Concerns

  • Unprotected AJAX handler
Vulnerabilities
None known

Payments via Stripe for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Payments via Stripe for WooCommerce Release Timeline

v1.0Current
Code Analysis
Analyzed Mar 16, 2026

Payments via Stripe for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
8 prepared
Unescaped Output
61
399 escaped
Nonce Checks
2
Capability Checks
10
File Operations
1
External Requests
2
Bundled Libraries
1

Bundled Libraries

Stripe PHP

SQL Query Safety

100% prepared8 total queries

Output Escaping

87% escaped460 total outputs
Attack Surface
1 unprotected

Payments via Stripe for WooCommerce Attack Surface

Entry Points1
Unprotected1

AJAX Handlers 1

authwp_ajax_wpp_api_admin_requestincludes\class-wpp-rest-api.php:31
WordPress Hooks 112
filterwppayment_admin_settings_tabsincludes\abstract\abstract-wpp-payment-gateway-stripe.php:152
filterwoocommerce_payment_methods_list_itemincludes\abstract\abstract-wpp-payment-gateway-stripe.php:155
filterwoocommerce_subscription_payment_metaincludes\abstract\abstract-wpp-payment-gateway-stripe.php:157
filterwpp_mini_cart_dependenciesincludes\abstract\abstract-wpp-payment-gateway-stripe.php:161
filterrest_request_before_callbacksincludes\abstract\abstract-wpp-rest-controller.php:96
actionadmin_enqueue_scriptsincludes\admin\class-wpp-admin-assets.php:12
actionwp_print_scriptsincludes\admin\class-wpp-admin-assets.php:14
actionadmin_footerincludes\admin\class-wpp-admin-assets.php:16
actionwpp_payment_localize_wpp_advanced_settingsincludes\admin\class-wpp-admin-assets.php:17
actionadmin_menuincludes\admin\class-wpp-admin-menus.php:12
actionadmin_menuincludes\admin\class-wpp-admin-menus.php:13
actionadmin_menuincludes\admin\class-wpp-admin-menus.php:14
actionadmin_noticesincludes\admin\class-wpp-admin-notices.php:15
actionwoocommerce_settings_checkoutincludes\admin\class-wpp-admin-settings.php:14
actionwoocommerce_update_options_checkoutincludes\admin\class-wpp-admin-settings.php:15
actionedit_user_profileincludes\admin\class-wpp-admin-user-edit.php:13
actionshow_user_profileincludes\admin\class-wpp-admin-user-edit.php:14
actionedit_user_profile_updateincludes\admin\class-wpp-admin-user-edit.php:15
actionpersonal_options_updateincludes\admin\class-wpp-admin-user-edit.php:16
filterwoocommerce_product_data_tabsincludes\admin\meta-boxes\class-wpp-admin-meta-box-product-data.php:12
actionwoocommerce_product_data_panelsincludes\admin\meta-boxes\class-wpp-admin-meta-box-product-data.php:13
actionwoocommerce_admin_process_product_objectincludes\admin\meta-boxes\class-wpp-admin-meta-box-product-data.php:14
actionadd_meta_boxesincludes\admin\meta-boxes\class-wpp-admin-order-metaboxes.php:14
actionwoocommerce_admin_order_data_after_order_detailsincludes\admin\meta-boxes\class-wpp-admin-order-metaboxes.php:28
actionwoocommerce_admin_order_data_after_billing_addressincludes\admin\meta-boxes\class-wpp-admin-order-metaboxes.php:37
actionwoocommerce_admin_order_totals_after_totalincludes\admin\meta-boxes\class-wpp-admin-order-metaboxes.php:38
actionwpp_payment_connect_settingsincludes\admin\settings\class-wpp-account-settings.php:18
filterwppayment_admin_settings_tabsincludes\admin\settings\class-wpp-advanced-settings.php:18
filterwppayment_admin_settings_tabsincludes\admin\settings\class-wpp-api-settings.php:22
filterwpp_payment_intent_argsincludes\class-wpp-api-request-filter.php:19
filterwpp_payment_payment_intent_confirmation_argsincludes\class-wpp-api-request-filter.php:20
filterwpp_payment_payment_intent_retrieve_argsincludes\class-wpp-api-request-filter.php:21
filterwpp_payment_payment_intent_capture_argsincludes\class-wpp-api-request-filter.php:22
filterwpp_payment_charge_order_argsincludes\class-wpp-api-request-filter.php:23
actionwoocommerce_checkout_update_customerincludes\class-wpp-customer-manager.php:24
actionwp_loadedincludes\class-wpp-customer-manager.php:25
actionwoocommerce_checkout_before_customer_detailsincludes\class-wpp-field-manager.php:19
actionwoocommerce_before_add_to_cart_formincludes\class-wpp-field-manager.php:20
actioninitincludes\class-wpp-field-manager.php:21
actionwoocommerce_review_order_after_order_totalincludes\class-wpp-field-manager.php:22
actionbefore_woocommerce_add_payment_methodincludes\class-wpp-field-manager.php:23
actionwoocommerce_widget_shopping_cart_buttonsincludes\class-wpp-field-manager.php:24
actionwoocommerce_proceed_to_checkoutincludes\class-wpp-field-manager.php:29
actionwp_enqueue_scriptsincludes\class-wpp-frontend-scripts.php:28
actionwp_print_scriptsincludes\class-wpp-frontend-scripts.php:29
actionwp_print_footer_scriptsincludes\class-wpp-frontend-scripts.php:30
actionwp_print_footer_scriptsincludes\class-wpp-frontend-scripts.php:31
filterwoocommerce_order_get_payment_methodincludes\class-wpp-gateway-conversions.php:12
filterwoocommerce_subscription_get_payment_methodincludes\class-wpp-gateway-conversions.php:13
actionget_headerincludes\class-wpp-redirect-handler.php:14
actionwoocommerce_cart_emptiedincludes\class-wpp-redirect-handler.php:85
actionwc_ajax_wpp_api_frontend_requestincludes\class-wpp-rest-api.php:29
actionrest_api_initincludes\class-wpp-rest-api.php:30
actioninitincludes\class-wpp-update.php:24
actionadmin_noticesincludes\class-wpp-update.php:47
filterwoocommerce_get_checkout_order_received_urlincludes\controllers\class-wpp-controller-checkout.php:89
actionwoocommerce_after_checkout_validationincludes\controllers\class-wpp-controller-checkout.php:219
actionwoocommerce_checkout_posted_dataincludes\controllers\class-wpp-controller-checkout.php:220
filterwpp_payment_intent_argsincludes\controllers\class-wpp-controller-order-actions.php:224
actionwoocommerce_checkout_update_order_reviewincludes\gateways\class-wpp-payment-gateway-stripe-ach.php:38
filterwpp_order_meta_dataincludes\gateways\class-wpp-payment-gateway-stripe-ach.php:123
actionwoocommerce_cart_calculate_feesincludes\gateways\class-wpp-payment-gateway-stripe-ach.php:318
actionwoocommerce_after_calculate_totalsincludes\gateways\class-wpp-payment-gateway-stripe-ach.php:347
actionplugins_loadedincludes\main.php:78
actioninitincludes\main.php:79
actionadmin_initincludes\main.php:80
actionwoocommerce_initincludes\main.php:81
actionwoocommerce_blocks_loadedincludes\main.php:82
filterwoocommerce_cart_ready_to_calc_shippingincludes\traits\wpp-controller-traits.php:18
actionwoocommerce_after_template_partincludes\wpp-functions.php:446
filterwp_kses_allowed_htmlincludes\wpp-functions.php:459
actionwoocommerce_payment_token_deletedincludes\wpp-hooks.php:8
actionwoocommerce_order_status_cancelledincludes\wpp-hooks.php:9
actionwoocommerce_order_status_completedincludes\wpp-hooks.php:10
actionwpp_payment_remove_order_locksincludes\wpp-hooks.php:11
actionwpp_payment_retry_source_chargeableincludes\wpp-hooks.php:12
actionwpp_payment_webhooks_source_chargeableincludes\wpp-hooks.php:17
actionwpp_payment_webhooks_charge_succeededincludes\wpp-hooks.php:18
actionwpp_payment_webhooks_charge_failedincludes\wpp-hooks.php:19
actionwpp_payment_webhooks_payment_intent_succeededincludes\wpp-hooks.php:20
actionwpp_payment_webhooks_charge_refundedincludes\wpp-hooks.php:21
actionwpp_payment_webhooks_charge_dispute_createdincludes\wpp-hooks.php:22
actionwpp_payment_webhooks_charge_dispute_closedincludes\wpp-hooks.php:23
actionwpp_payment_webhooks_review_openedincludes\wpp-hooks.php:24
actionwpp_payment_webhooks_review_closedincludes\wpp-hooks.php:25
filterwpp_payment_api_optionsincludes\wpp-hooks.php:30
filterwoocommerce_payment_gatewaysincludes\wpp-hooks.php:31
filterwoocommerce_available_payment_gatewaysincludes\wpp-hooks.php:32
actionwoocommerce_process_shop_subscription_metaincludes\wpp-hooks.php:33
filterwoocommerce_payment_complete_order_statusincludes\wpp-hooks.php:34
filterwoocommerce_get_customer_payment_tokensincludes\wpp-hooks.php:35
filterwoocommerce_credit_card_type_labelsincludes\wpp-hooks.php:36
filterwoocommerce_saved_payment_methods_listpackages\blocks\src\Payments\AbstractStripePayment.php:27
actionwoocommerce_blocks_payment_method_type_registrationpackages\blocks\src\Payments\PaymentsApi.php:41
actionwoocommerce_blocks_checkout_enqueue_datapackages\blocks\src\Payments\PaymentsApi.php:42
actionwoocommerce_blocks_cart_enqueue_datapackages\blocks\src\Payments\PaymentsApi.php:43
actionwoocommerce_rest_checkout_process_payment_with_contextpackages\blocks\src\Payments\PaymentsApi.php:44
actionwpp_payment_blocks_enqueue_stylespackages\blocks\src\Payments\PaymentsApi.php:45
actionwpp_process_payment_errorpackages\blocks\src\Payments\PaymentsApi.php:160
filtercartflows_offer_supported_payment_gatewayspackages\cartflows\src\PaymentsApi.php:10
filterwpp_payment_force_save_payment_methodpackages\cartflows\src\PaymentsApi.php:11
filtercartflows_offer_js_localizepackages\cartflows\src\PaymentsApi.php:12
actionrest_api_initpackages\cartflows\src\RoutesApi.php:15
filterwpp_payment_cc_show_save_sourcepackages\woofunnels\src\PaymentGateways\CreditCardGateway.php:12
actioninitpackages\woofunnels\src\PaymentGateways.php:14
filterwfocu_wc_get_supported_gatewayspackages\woofunnels\src\PaymentGateways.php:15
filterwpp_payment_force_save_payment_methodpackages\woofunnels\src\PaymentGateways.php:16
actionwpp_payment_order_payment_completepackages\woofunnels\src\PaymentGateways.php:17
actionwfocu_offer_new_order_created_before_completepackages\woofunnels\src\PaymentGateways.php:18
actionwfocu_footer_before_print_scriptspackages\woofunnels\src\PaymentGateways.php:19
filterwfocu_localized_datapackages\woofunnels\src\PaymentGateways.php:20
actionadmin_noticeswc-stripe-payments.php:23
Maintenance & Trust

Payments via Stripe for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.0.11
Last updatedAug 10, 2022
PHP min version5.6
Downloads3K

Community Trust

Rating0/100
Number of ratings0
Active installs20
Alternatives

Payments via Stripe for WooCommerce Alternatives

Payment Plugins for Stripe WooCommerce

Payment Plugins for Stripe WooCommerce

woo-stripe-payment

A
100

Accept Credit Cards, Google Pay, ApplePay, Afterpay, Affirm, ACH, Klarna, iDEAL and more all in one plugin for free!

100K No CVEs
Payment Gateway of Stripe for WooCommerce

Payment Gateway of Stripe for WooCommerce

payment-gateway-stripe-and-woocommerce-integration

A
96

Integrate Stripe Payment Gateway in WooCommerce and accept cards, Google Pay, Apple Pay, Klarna, Alipay, and more with seamless, secure checkout.

8K 4 CVEs
WP Stripe Cart

WP Stripe Cart

wp-stripe-cart

A
85

Simple cart for WordPress with STRIPE payment. Ideal for someone who wants to sell only a few products.

10 No CVEs
WooPayments: Integrated WooCommerce Payments

WooPayments: Integrated WooCommerce Payments

woocommerce-payments

A
89

Securely accept credit and debit cards on your WooCommerce store. Manage payments without leaving your WordPress dashboard. Only with WooPayments.

900K 7 CVEs
FunnelKit Payment Gateway for Stripe WooCommerce

FunnelKit Payment Gateway for Stripe WooCommerce

funnelkit-stripe-woo-payment-gateway

A
100

FunnelKit Payment Gateway for Stripe WooCommerce is an integrated solution that lets you accept payments on your online store for web and mobile.

20K No CVEs
Developer Profile

Payments via Stripe for WooCommerce Developer Profile

Website Learners

1 plugin · 20 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Payments via Stripe for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wc-stripe-payment/assets/js/wpp-stripe-checkout-gateway.js/wp-content/plugins/wc-stripe-payment/assets/js/wpp-stripe-payment-gateway.js/wp-content/plugins/wc-stripe-payment/assets/js/wpp-stripe-payment-helper.js/wp-content/plugins/wc-stripe-payment/assets/js/wpp-stripe-payment-frontend.js/wp-content/plugins/wc-stripe-payment/assets/js/wpp-stripe-payment-tokens.js/wp-content/plugins/wc-stripe-payment/assets/css/wpp-stripe-payment-gateway.css/wp-content/plugins/wc-stripe-payment/assets/css/wpp-stripe-payment-frontend.css
Script Paths
/wp-content/plugins/wc-stripe-payment/assets/js/wpp-stripe-checkout-gateway.js/wp-content/plugins/wc-stripe-payment/assets/js/wpp-stripe-payment-gateway.js/wp-content/plugins/wc-stripe-payment/assets/js/wpp-stripe-payment-helper.js/wp-content/plugins/wc-stripe-payment/assets/js/wpp-stripe-payment-frontend.js/wp-content/plugins/wc-stripe-payment/assets/js/wpp-stripe-payment-tokens.js
Version Parameters
wc-stripe-payment/assets/js/wpp-stripe-checkout-gateway.js?ver=wc-stripe-payment/assets/js/wpp-stripe-payment-gateway.js?ver=wc-stripe-payment/assets/js/wpp-stripe-payment-helper.js?ver=wc-stripe-payment/assets/js/wpp-stripe-payment-frontend.js?ver=wc-stripe-payment/assets/js/wpp-stripe-payment-tokens.js?ver=wc-stripe-payment/assets/css/wpp-stripe-payment-gateway.css?ver=wc-stripe-payment/assets/css/wpp-stripe-payment-frontend.css?ver=

HTML / DOM Fingerprints

CSS Classes
wpp-stripe-payment-gatewaywpp-stripe-payment-form
HTML Comments
<!-- .wpp-stripe-payment-gateway --><!-- .wpp-stripe-payment-form -->
Data Attributes
data-wpp-stripe-payment-gateway
JS Globals
WPP_Payment_HelperWPP_Stripe_Gateway
FAQ

Frequently Asked Questions about Payments via Stripe for WooCommerce