[andris9]

npm with wordpress usually means front-end code, so one possible issue is attackers sneaking in stuff like credit card number stealing scripts etc. So it is more like protecting end users and less protecting the server/system.

[TekMol]

The security concept behind credit cards is insane. Who thinks that a number which you hand over to everyone you buy from is a secret?

Shouldn't this be fixed at the root by handling payments via PayPal or Crypto?

[PeterisP]

It would have similar security risks if your frontend is compromised, for example, it could make the users pay their cryptocurrency payments to an attacker-controlled address.