WP-Safety

Payment Gateway for Redsys & WooCommerce Lite Security & Risk Analysis

wordpress.org/plugins/woo-redsys-gateway-light

Add Redsys Gateway, BIZUM, and Apple/Google Pay redirection to WooCommerce. Lite version of the premium Redsys plugin on WooCommerce.com.

20K active installs v7.0.0 PHP 7.0+ WP 4.0+ Updated Feb 15, 2026
bizumgoogle-apple-payinespayredsyswoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Payment Gateway for Redsys & WooCommerce Lite Safe to Use in 2026?

Generally Safe

Score 100/100

Payment Gateway for Redsys & WooCommerce Lite has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The "woo-redsys-gateway-light" v7.0.0 plugin exhibits a generally strong security posture based on the static analysis. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events with unprotected entry points significantly reduces the attack surface. Furthermore, the code's adherence to using prepared statements for all SQL queries and a high percentage of properly escaped output are positive indicators. The low number of file operations and external HTTP requests also contribute to a more controlled environment. The lack of any recorded vulnerabilities, historical or current, suggests a history of stable and secure development.

However, there are minor areas for attention. The presence of file operations and external HTTP requests, while not inherently insecure, represent potential vectors if not meticulously handled. The plugin also relies on nonce checks, which are present, but the absence of capability checks for any entry points is a notable gap. While the attack surface is currently zero, future additions could introduce risks if proper authorization is not implemented from the outset. Overall, this plugin appears to be well-developed from a security perspective, with only minor considerations for continued vigilance.

Key Concerns

  • Missing capability checks on entry points
  • Presence of file operations
  • Presence of external HTTP requests
Vulnerabilities
None known

Payment Gateway for Redsys & WooCommerce Lite Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Payment Gateway for Redsys & WooCommerce Lite Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
15
154 escaped
Nonce Checks
2
Capability Checks
0
File Operations
1
External Requests
5
Bundled Libraries
0

Output Escaping

91% escaped169 total outputs
Attack Surface

Payment Gateway for Redsys & WooCommerce Lite Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 27
actionwoocommerce_before_checkout_formclasses\class-wc-gateway-bizum-redsys.php:325
filterwoocommerce_available_payment_gatewaysclasses\class-wc-gateway-bizum-redsys.php:326
actionwoocommerce_before_checkout_formclasses\class-wc-gateway-googlepay-redirection-redsys.php:230
filterwoocommerce_available_payment_gatewaysclasses\class-wc-gateway-googlepay-redirection-redsys.php:231
filterwoocommerce_available_payment_gatewaysclasses\class-wc-gateway-inespay-redsys.php:153
actionwoocommerce_before_checkout_formclasses\class-wc-gateway-redsys.php:291
actionplugins_loadedwoocommerce-redsys.php:45
actionwoocommerce_loadedwoocommerce-redsys.php:46
actionbefore_woocommerce_initwoocommerce-redsys.php:48
actionadmin_enqueue_scriptswoocommerce-redsys.php:94
actionadmin_initwoocommerce-redsys.php:120
actionadmin_enqueue_scriptswoocommerce-redsys.php:135
actionadmin_menuwoocommerce-redsys.php:153
actionadmin_noticeswoocommerce-redsys.php:179
actionadmin_noticeswoocommerce-redsys.php:223
actionadmin_noticeswoocommerce-redsys.php:255
actionadmin_enqueue_scriptswoocommerce-redsys.php:264
filterwoocommerce_payment_gatewayswoocommerce-redsys.php:278
actionwoocommerce_admin_order_data_after_billing_addresswoocommerce-redsys.php:313
actionwp_headwoocommerce-redsys.php:321
actionwoocommerce_blocks_payment_method_type_registrationwoocommerce-redsys.php:347
actionwoocommerce_blocks_payment_method_type_registrationwoocommerce-redsys.php:353
actionwoocommerce_blocks_payment_method_type_registrationwoocommerce-redsys.php:359
actionwoocommerce_blocks_payment_method_type_registrationwoocommerce-redsys.php:366
actionwoocommerce_blocks_loadedwoocommerce-redsys.php:374
actionwp_headwoocommerce-redsys.php:424
filterwoocommerce_thankyou_order_received_textwoocommerce-redsys.php:477
Maintenance & Trust

Payment Gateway for Redsys & WooCommerce Lite Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 15, 2026
PHP min version7.0
Downloads334K

Community Trust

Rating98/100
Number of ratings87
Active installs20K
Alternatives

Payment Gateway for Redsys & WooCommerce Lite Alternatives

Essential Addons for Elementor – Popular Elementor Templates & Widgets

Essential Addons for Elementor – Popular Elementor Templates & Widgets

essential-addons-for-elementor-lite

B
76

Elementor addon offering 110+ widgets and templates — Elementor Gallery, Slider, Form, Post Grid, Menu, Accordion, WooCommerce & more.

2.0M 56 CVEs
Google for WooCommerce

Google for WooCommerce

google-listings-and-ads

A
99

Native integration with Google that allows merchants to easily display their products across Google’s network.

900K 1 CVE
WooPayments: Integrated WooCommerce Payments

WooPayments: Integrated WooCommerce Payments

woocommerce-payments

A
89

Securely accept credit and debit cards on your WooCommerce store. Manage payments without leaving your WordPress dashboard. Only with WooPayments.

900K 7 CVEs
WooCommerce PayPal Payments

WooCommerce PayPal Payments

woocommerce-paypal-payments

A
100

PayPal's latest payment processing solution. Accept PayPal, Pay Later, credit/debit cards, alternative digital wallets and bank accounts.

800K 1 CVE
Click to Chat – HoliThemes

Click to Chat – HoliThemes

click-to-chat-for-whatsapp

A
96

WhatsApp Chat🔥. Let's make your Web page visitors contact you through 'WhatsApp', 'WhatsApp Business'. Add matching Widget✅

700K 3 CVEs
Developer Profile

Payment Gateway for Redsys & WooCommerce Lite Developer Profile

Jose Conti

6 plugins · 21K total installs

87
trust score
Avg Security Score
90/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Payment Gateway for Redsys & WooCommerce Lite

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/woo-redsys-gateway-light/assets/css/welcome.css/wp-content/plugins/woo-redsys-gateway-light/assets/css/redsys-css.css
Version Parameters
woo-redsys-gateway-light/assets/css/welcome.css?ver=woo-redsys-gateway-light/assets/css/redsys-css.css?ver=

HTML / DOM Fingerprints

CSS Classes
woocommerce-redsys-messagescontenido-redsys-notice
HTML Comments
Copyright: (C) 2013 - 2021 José ContiGlobal class for global functions.PSD2 class for Redsys.
Data Attributes
id="message"class="updated woocommerce-message woocommerce-redsys-messages"
JS Globals
REDSYS_WOOCOMMERCE_VERSIONREDSYS_PLUGIN_URLREDSYS_PLUGIN_PATHREDSYS_POST_UPDATE_URLREDSYS_TELEGRAM_URLREDSYS_REVIEW+5 more
FAQ

Frequently Asked Questions about Payment Gateway for Redsys & WooCommerce Lite