Viva Payments – Viva Wallet WooCommerce Payment Gateway Security & Risk Analysis
wordpress.org/plugins/woo-payment-gateway-for-vivapaymentsWoocommerce Viva Payments - Viva Wallet payment gateway plug-in.
Is Viva Payments – Viva Wallet WooCommerce Payment Gateway Safe to Use in 2026?
Generally Safe
Score 85/100Viva Payments – Viva Wallet WooCommerce Payment Gateway has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The plugin "woo-payment-gateway-for-vivapayments" v1.4.0.1 exhibits a generally good security posture with no recorded historical vulnerabilities. The static analysis indicates a minimal attack surface, with no exposed AJAX handlers, REST API routes, shortcodes, or cron events. This absence of direct entry points is a significant strength. However, concerns arise from the taint analysis, which reveals 3 high-severity flows with unsanitized paths. While the static analysis did not detect any dangerous functions or specific SQL injection vulnerabilities due to lack of prepared statements, these unsanitized flows suggest a potential risk if user-supplied data is not properly handled before being processed by potentially vulnerable backend operations. The plugin also uses external HTTP requests, which could be a vector if not properly secured. The lack of nonce and capability checks, combined with a moderate percentage of SQL queries not using prepared statements, points to areas where further hardening could significantly improve security.
Key Concerns
- High severity taint flows with unsanitized paths
- SQL queries not using prepared statements (50%)
- No nonce checks
- No capability checks
- External HTTP requests
Viva Payments – Viva Wallet WooCommerce Payment Gateway Security Vulnerabilities
Viva Payments – Viva Wallet WooCommerce Payment Gateway Code Analysis
SQL Query Safety
Output Escaping
Data Flow Analysis
Viva Payments – Viva Wallet WooCommerce Payment Gateway Attack Surface
WordPress Hooks 7
Maintenance & Trust
Viva Payments – Viva Wallet WooCommerce Payment Gateway Maintenance & Trust
Maintenance Signals
Community Trust
Viva Payments – Viva Wallet WooCommerce Payment Gateway Alternatives
Country Based Payments for WooCommerce
woocommerce-country-based-payments
Choose which payment gateway will be available in country/countries.
Fake Pay For WooCommerce
fake-pay-for-woocommerce
A simple pass-through WooCommerce payment gateway that can be used for testing orders with an admin account.
Disable Payment Methods based on cart conditions for WooCommerce
woo-conditional-payment-gateways
Enable or disable WooCommerce payment gateways based on cart conditions like the order total.
Conditional Payments and Shipping for WooCommerce
wc-restricted-shipping-and-payment
A simplistic plugin for excluding shipping methods based on multiple rules such as shipping class, package weight and cart totals.
Payment Gateways by Shipping for WooCommerce
payment-gateways-by-shipping-for-woocommerce
Set "enable for shipping methods" for WooCommerce payment gateways.
Viva Payments – Viva Wallet WooCommerce Payment Gateway Developer Profile
6 plugins · 12K total installs
How We Detect Viva Payments – Viva Wallet WooCommerce Payment Gateway
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/woo-payment-gateway-for-vivapayments/encryption.php/wp-content/plugins/woo-payment-gateway-for-vivapayments/languages//wp-content/plugins/woo-payment-gateway-for-vivapayments/img/viva_wallet.svgwoo-payment-gateway-for-vivapayments/style.css?ver=woo-payment-gateway-for-vivapayments/script.js?ver=HTML / DOM Fingerprints
papaki-vivapayments-gatewaydhmioyrgia vashsdata-gateway_id="papaki_vivapayments_gateway"data-merchant_iddata-code_iddata-api_keydata-customer_messagedata-mode+3 moreWooCommerce_Papaki_Vivapayments_Gatewayvivapayments_checkout_params/wp-json/wc/v1/payment/papaki_vivapayments_gateway