Does YengaPay have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is YengaPay compatible with WordPress 6.7.5?

According to WordPress.org data, YengaPay 1.0.0 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is YengaPay compatible with PHP 7.2+?

YengaPay requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is YengaPay updated?

YengaPay was last updated on Feb 3, 2025. Frequent updates are generally a positive security signal.

What is YengaPay's security score?

YengaPay has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

YengaPay Security & Risk Analysis

wordpress.org/plugins/yengapay

Integrate YengaPay payment gateway with WooCommerce for mobile money payments in West Africa.

20 active installs v1.0.0 PHP 7.2+ WP 5.0+ Updated Feb 3, 2025

mobile-moneypayment-gatewaywest-africawoocommerceyengapay

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is YengaPay Safe to Use in 2026?

Generally Safe

Score 92/100

YengaPay has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The Yengapay v1.0.0 plugin exhibits a generally positive security posture based on the static analysis. It demonstrates good practices by not utilizing dangerous functions, employing prepared statements for all SQL queries, and properly escaping all output. The absence of identified taint flows also indicates a lack of detectable vulnerabilities related to data sanitization. The plugin also has no recorded vulnerability history, which is a strong indicator of secure development over time.

However, there are notable areas for concern. The complete absence of nonce checks and capability checks is a significant security weakness. This means that any functionality exposed, even if not directly through a large attack surface, is vulnerable to unauthorized execution if an attacker can trigger it. The presence of a file operation and an external HTTP request, while not inherently insecure, warrants further scrutiny to ensure these actions are appropriately secured and validated.

In conclusion, Yengapay v1.0.0 scores well on many fundamental security aspects like SQL injection prevention and output escaping. The lack of historical vulnerabilities is a testament to its developer's attention to security. Nevertheless, the critical oversight in implementing authorization checks (nonces and capabilities) presents a substantial risk that needs to be addressed to achieve a truly secure plugin.

Key Concerns

Missing nonce checks
Missing capability checks
File operation without explicit auth check context
External HTTP request without explicit auth check context

Vulnerabilities

None known

YengaPay Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

YengaPay Release Timeline

v1.0.1

v1.0.0Current

Code Analysis

Analyzed Mar 17, 2026

YengaPay Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

2 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped2 total outputs

Attack Surface

YengaPay Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 4

actionplugins_loadedyengapay.php:23

filterwoocommerce_payment_gatewaysyengapay.php:24

filterwoocommerce_currenciesyengapay.php:25

filterwoocommerce_currency_symbolyengapay.php:26

Maintenance & Trust

YengaPay Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedFeb 3, 2025

PHP min version7.2

Downloads633

Community Trust

Rating100/100

Number of ratings1

Active installs20

Alternatives

YengaPay Alternatives

Direct Payments for WooCommerce – Bank Transfer, Mobile Money, Crypto and Peer-to-Peer (P2P) Payments

direct-payments-for-woocommerce

100

Direct Payments for WooCommerce allows your store to accept instant payments via bank transfers, mobile money, crypto and popular P2P platforms global …

800 No CVEs

Bani Payments for WooCommerce

bani-payments-for-woocommerce

100

Bani for WooCommerce allows merchants seamlessly accept cardless payments from their customers whether that be mobile money payments across Sub-Sahara …

10 No CVEs

SoleasPay payment gateway for WooCommerce

soleaspay-payment-gateway-for-woocommerce

SoleasPay - Payment gateway for WooCommerce

0 No CVEs

ZERTH Pay Payment Gateway

zerth-pay-payment-gateway

100

ZERTH Pay for WooCommerce allows your store in Nigeria to accept secure payments via Bank transfer witthin Nigeria banks and cryptocurrency payment ch …

0 No CVEs

Paystack WooCommerce Payment Gateway

woo-paystack

100

Paystack for WooCommerce allows your WooCommerce store to accept secure payments from multiple local and global payment channels.

30K No CVEs

Developer Profile

YengaPay Developer Profile

Kreezus

1 plugin · 20 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect YengaPay

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/yengapay/includes/class-wc-yengapay-gateway.php/wp-content/plugins/yengapay/includes/class-yengapay-currency-converter.php

HTML / DOM Fingerprints

FAQ