Does Checkout with Zelle on Woocommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in Checkout with Zelle on Woocommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Checkout with Zelle on Woocommerce compatible with WordPress 6.8.5?

According to WordPress.org data, Checkout with Zelle on Woocommerce 4.1.1 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Checkout with Zelle on Woocommerce compatible with PHP 5.0+?

Checkout with Zelle on Woocommerce requires PHP 5.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Checkout with Zelle on Woocommerce updated?

Checkout with Zelle on Woocommerce was last updated on May 28, 2025. Frequent updates are generally a positive security signal.

What is Checkout with Zelle on Woocommerce's security score?

Checkout with Zelle on Woocommerce has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Checkout with Zelle on Woocommerce Security & Risk Analysis

wordpress.org/plugins/wc-zelle

Receive Zelle payments on your website with WooCommerce + Zelle

3K active installs v4.1.1 PHP 5.0+ WP 5.0+ Updated May 28, 2025

bank-transfermoney-transferpaymentswoocommercezelle

A · Safe

CVEs total1

Unpatched0

Last CVEJul 12, 2023

Plugin page Download

Safety Verdict

Is Checkout with Zelle on Woocommerce Safe to Use in 2026?

Generally Safe

Score 99/100

Checkout with Zelle on Woocommerce has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Jul 12, 2023Updated 10mo ago

Risk Assessment

The wc-zelle plugin v4.1.1 presents a mixed security posture. On the positive side, the plugin demonstrates good practices regarding SQL query handling with 100% prepared statements and a high rate of output escaping (87%). It also appears to avoid dangerous functions and has no reported critical or medium severity vulnerabilities currently.

However, significant security concerns are present. The plugin exposes two REST API routes without any permission callbacks, creating a substantial attack surface that is entirely unprotected. The absence of nonce checks on AJAX handlers and capability checks in general indicates a lack of robust authorization mechanisms, which has historically been a common vulnerability type for this plugin. While there are no unpatched CVEs at this moment, the plugin has a history of vulnerabilities, with one high-severity CVE recorded in the past.

In conclusion, while the plugin has strengths in data handling and output sanitization, the unprotected REST API endpoints and general lack of authorization checks are critical security weaknesses. The historical vulnerability pattern of missing authorization further amplifies these concerns. Users should exercise caution and consider these areas for improvement.

Key Concerns

REST API routes without permission callbacks
No nonce checks on AJAX handlers
No capability checks implemented
Historical high severity vulnerability
Bundled library (Freemius v1.0) potentially outdated

Vulnerabilities

Checkout with Zelle on Woocommerce Security Vulnerabilities

CVEs by Year

1 CVE in 2023

2023

Patched Has unpatched

Severity Breakdown

High

1 total CVE

CVE-2023-37969high · 7.3Missing Authorization

Checkout with Zelle on Woocommerce <= 3.1 - Missing Authorization

Jul 12, 2023 Patched in 3.1.1 (195d)

Code Analysis

Analyzed Mar 16, 2026

Checkout with Zelle on Woocommerce Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

138 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Freemius1.0

Output Escaping

87% escaped159 total outputs

Attack Surface

2 unprotected

Checkout with Zelle on Woocommerce Attack Surface

Entry Points2

Unprotected2

REST API Routes 2

POST/wp-json/wc-zelle/v1/update-zelle-order/keyincludes\class-wc_zelle_update_order copy.php:37

POST/wp-json/wc-zelle/v1/update-zelle-orderincludes\class-wc_zelle_update_order copy.php:42

WordPress Hooks 24

actionadmin_menuincludes\admin\dashboard.php:134

actionwp_enqueue_scriptsincludes\class-wc_zelle_gateway.php:246

actionwoocommerce_checkout_order_processedincludes\class-wc_zelle_gateway.php:249

actionwoocommerce_email_order_detailsincludes\class-wc_zelle_gateway.php:256

actionwoocommerce_order_status_pending_to_on-hold_notificationincludes\class-wc_zelle_gateway.php:263

actionwoocommerce_blocks_loadedincludes\class-wc_zelle_gateway.php:266

actionwoocommerce_blocks_payment_method_type_registrationincludes\class-wc_zelle_gateway.php:272

actioninitincludes\class-wc_zelle_update_order copy.php:9

actionrest_api_initincludes\class-wc_zelle_update_order copy.php:10

actioninitincludes\class-wc_zelle_update_order.php:8

actionrest_api_initincludes\class-wc_zelle_update_order.php:9

actionadmin_noticesincludes\notifications\notices.php:7

actionadmin_noticesincludes\notifications\notices.php:14

actionadmin_noticesincludes\notifications\sms.php:8

actionadmin_noticesincludes\notifications\woocommerce.php:4

filterconnect_urlzelle.php:93

filterafter_skip_urlzelle.php:94

filterafter_connect_urlzelle.php:95

filterafter_pending_connect_urlzelle.php:96

actioninitzelle.php:103

actionadmin_enqueue_scriptszelle.php:117

filterwoocommerce_payment_gatewayszelle.php:132

actionbefore_woocommerce_initzelle.php:139

actionplugins_loadedzelle.php:144

Maintenance & Trust

Checkout with Zelle on Woocommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedMay 28, 2025

PHP min version5.0

Downloads36K

Community Trust

Rating68/100

Number of ratings5

Active installs3K

Alternatives

Checkout with Zelle on Woocommerce Alternatives

Receive customer payments on Woocommerce

momo-venmo

100

Receive Venmo payments on your website with WooCommerce + Venmo

2K No CVEs

Checkout Gateway for IRIS

checkout-gateway-iris

Unofficial IRIS checkout payment gateway for WooCommerce. Accept payments via IRIS and manage order statuses efficiently.

1K 1 CVE

WooPayments: Integrated WooCommerce Payments

woocommerce-payments

Securely accept credit and debit cards on your WooCommerce store. Manage payments without leaving your WordPress dashboard. Only with WooPayments.

900K 6 CVEs

WooCommerce PayPal Payments

woocommerce-paypal-payments

100

PayPal's latest payment processing solution. Accept PayPal, Pay Later, credit/debit cards, alternative digital wallets and bank accounts.

800K 1 CVE

WooCommerce Stripe Payment Gateway

woocommerce-gateway-stripe

Accept debit and credit cards in 135+ currencies, many local methods like Alipay, ACH, and SEPA, and express checkout with Apple Pay and Google Pay.

700K 4 CVEs

Developer Profile

Checkout with Zelle on Woocommerce Developer Profile

The African Boss

6 plugins · 8K total installs

trust score

Avg Security Score

90/100

Avg Patch Time

66 days

View full developer profile

Detection Fingerprints

How We Detect Checkout with Zelle on Woocommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wc-zelle/assets/css/bootstrap.min.css

HTML / DOM Fingerprints

FAQ