Does Xpresspay Gateway have any unpatched vulnerabilities?

No. All known vulnerabilities in Xpresspay Gateway have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Xpresspay Gateway compatible with WordPress 6.7.5?

According to WordPress.org data, Xpresspay Gateway 1.0 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is Xpresspay Gateway compatible with PHP 7.4+?

Xpresspay Gateway requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Xpresspay Gateway updated?

Xpresspay Gateway was last updated on Dec 2, 2024. Frequent updates are generally a positive security signal.

What is Xpresspay Gateway's security score?

Xpresspay Gateway has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Xpresspay Gateway Security & Risk Analysis

wordpress.org/plugins/xpresspay-pg

The Xpresspay Gateway plugin provides seamless integration with WooCommerce, enabling your store to accept payments via the XpressPay platform securel …

0 active installs v1.0 PHP 7.4+ WP 5.0+ Updated Dec 2, 2024

ecommercepayment-gatewaypaymentswoocommercexpresspay

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Xpresspay Gateway Safe to Use in 2026?

Generally Safe

Score 92/100

Xpresspay Gateway has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

Based on the static analysis, the xpresspay-pg plugin v1.0 exhibits a generally positive security posture. The absence of identified dangerous functions, raw SQL queries, file operations, and a clean taint analysis report are strong indicators of secure coding practices. The low number of external HTTP requests and the presence of output escaping for most outputs further bolster this assessment. However, the lack of any capability checks or nonce checks on potential entry points, despite there being none identified in this analysis, presents a theoretical vulnerability if new entry points were added or overlooked. The vulnerability history being clean is a good sign, suggesting the plugin has historically been secure or has had issues addressed promptly. While the current analysis is reassuring, the absence of specific security checks on entry points is a point of caution. The plugin's strengths lie in its clean code regarding data handling and queries, but it could be more robust with explicit authorization checks on all exposed functionalities, even if the attack surface appears minimal at present.

Key Concerns

No capability checks on entry points
No nonce checks on entry points
Output escaping not 100%

Vulnerabilities

None known

Xpresspay Gateway Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Xpresspay Gateway Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

5 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

83% escaped6 total outputs

Attack Surface

Xpresspay Gateway Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 6

actionbefore_woocommerce_initxpresspay-pg.php:25

actionplugins_loadedxpresspay-pg.php:32

actionadmin_noticesxpresspay-pg.php:58

actionwp_enqueue_scriptsxpresspay-pg.php:59

actionwoocommerce_thankyouxpresspay-pg.php:61

filterwoocommerce_payment_gatewaysxpresspay-pg.php:292

Maintenance & Trust

Xpresspay Gateway Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedDec 2, 2024

PHP min version7.4

Downloads786

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Xpresspay Gateway Alternatives

SumUp Payment Gateway For WooCommerce

sumup-payment-gateway-for-woocommerce

The SumUp plugin for WooCommerce allows businesses to securely process payments online. Accept payments from customers using a range of payment method …

10K 1 CVE

MONEI Payments for WooCommerce

monei

100

Accept Card, Apple Pay, Google Pay, Bizum, PayPal and many more payment methods in your WooCommerce store using MONEI payment gateway.

400 No CVEs

Paystation Payment Gateway for woocommerce

paystation-woocommerce-payment-gateway

100

Take credit card payments on your store via Paystation.

100 No CVEs

Ecart Pay

ecart-pay

100

Ecart Pay allows online merchants to quickly and securely accept payments through WooCommerce. With multiple payment options, this plugin is easy to s …

80 No CVEs

kevin. Payment Gateway for WooCommerce

e-commerce-payment-gateway-kevin

100

kevin. Payment Gateway plugin for WooCommerce. Let your customers make fast, simple and secure payments directly from their bank accounts across Europ …

30 No CVEs

Developer Profile

Xpresspay Gateway Developer Profile

ajitech

1 plugin · 0 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Xpresspay Gateway

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/xpresspay-pg/assets/css/xpresspay-style.css

HTML / DOM Fingerprints

CSS Classes

xpresspay-payment-container

FAQ