WP-Safety

Pagadito Payment Gateway for WooCommerce Security & Risk Analysis

wordpress.org/plugins/woo-pagadito-payment-gateway

Pagadito allows you to pay online in a safe, easy and reliable way.

300 active installs v6.2.1 PHP 5.6+ WP 4.9+ Updated Jan 24, 2026
checkoutecommercemastercardpaymentsvisa
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Pagadito Payment Gateway for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Pagadito Payment Gateway for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago
Risk Assessment

The "woo-pagadito-payment-gateway" v6.2.1 plugin exhibits a generally strong security posture based on the static analysis, with no direct vulnerabilities identified in the attack surface. All SQL queries are properly prepared, and output escaping is consistently applied. The absence of known CVEs and a clean vulnerability history further contribute to a positive assessment. However, the presence of the `unserialize` function is a significant concern, as it can lead to remote code execution if used with untrusted input, even without a direct taint flow identified in this analysis. Additionally, the lack of nonce checks and capability checks on potential entry points (though none are currently exposed) represents a gap in best practices that could become a risk if the plugin evolves or interacts with other components in unforeseen ways. The file operations and external HTTP requests, while not flagged as immediately dangerous, warrant attention in a comprehensive security review.

Key Concerns

  • Usage of unserialize function
  • Missing nonce checks
  • Missing capability checks
Vulnerabilities
None known

Pagadito Payment Gateway for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Pagadito Payment Gateway for WooCommerce Code Analysis

Dangerous Functions
1
Raw SQL Queries
0
1 prepared
Unescaped Output
0
0 escaped
Nonce Checks
0
Capability Checks
0
File Operations
2
External Requests
1
Bundled Libraries
0

Dangerous Functions Found

unserializereturn unserialize($response);includes\pagadito-1.5.2.php:504

SQL Query Safety

100% prepared1 total queries
Attack Surface

Pagadito Payment Gateway for WooCommerce Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 8
actionwoocommerce_api_wc_gateway_pagaditoincludes\class-wc-pagadito-payment-gateway.php:73
actionwoocommerce_api_wc_webhook_pagaditoincludes\class-wc-pagadito-payment-gateway.php:75
actioninitwoo-pagadito-payment-gateway.php:50
actionplugins_loadedwoo-pagadito-payment-gateway.php:52
filterwoocommerce_payment_gatewayswoo-pagadito-payment-gateway.php:55
actionwoocommerce_blocks_loadedwoo-pagadito-payment-gateway.php:58
filterwoocommerce_thankyou_order_received_textwoo-pagadito-payment-gateway.php:61
actionwoocommerce_blocks_payment_method_type_registrationwoo-pagadito-payment-gateway.php:126
Maintenance & Trust

Pagadito Payment Gateway for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 24, 2026
PHP min version5.6
Downloads14K

Community Trust

Rating60/100
Number of ratings2
Active installs300
Alternatives

Pagadito Payment Gateway for WooCommerce Alternatives

IntaSend Payment

IntaSend Payment

intasend-payment

A
100

Securely collect M-Pesa and card payments (Visa and Mastercard) (WooCommerce Plugin).

400 No CVEs
IntaSend Pay Button

IntaSend Pay Button

intasend-pay-button

A
92

Securely collect M-Pesa and card payments (Visa and Mastercard).

60 No CVEs
FluentCart A New Era of eCommerce – Faster, Lighter, and Simpler

FluentCart A New Era of eCommerce – Faster, Lighter, and Simpler

fluent-cart

A
96

Sell Subscriptions, Physical Products, Digital Downloads easier than ever. Built for performance, scalability, and flexibility.

4K 2 CVEs
GoDaddy Payments for WooCommerce

GoDaddy Payments for WooCommerce

godaddy-payments

A
100

A payment gateway plugin that enables your U.S. or Canadian business to accept credit card payments directly on your WooCommerce site.

1K No CVEs
Lemon Squeezy — Sell Digital Products, Subscriptions, and Licenses

Lemon Squeezy — Sell Digital Products, Subscriptions, and Licenses

lemon-squeezy

A
100

Sell digital products, subscriptions, memberships, and software licenses on your WordPress website.

400 No CVEs
Developer Profile

Pagadito Payment Gateway for WooCommerce Developer Profile

Pagadito Developers

1 plugin · 300 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Pagadito Payment Gateway for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/woo-pagadito-payment-gateway/assets/images/icon-pagadito-gray.png/wp-content/plugins/woo-pagadito-payment-gateway/assets/images/icon-pagadito-dark.png/wp-content/plugins/woo-pagadito-payment-gateway/assets/images/icon-pagadito-light.png

HTML / DOM Fingerprints

HTML Comments
<!-- Pagadito Payments gateway class -->
Data Attributes
data-pagadito-uiddata-pagadito-wskdata-pagadito-themedata-pagadito-currencydata-pagadito-sandbox
JS Globals
window.pagaditoPayment
REST Endpoints
/wp-json/woo-pagadito/v1/payment/process
FAQ

Frequently Asked Questions about Pagadito Payment Gateway for WooCommerce