There is more to PCI compliance than just slapping an SSL certificate on your site.
If you have a 'Direct Post' plugin that captures credit card data on your website and sends it to a processor then you are required to adhere to certain policies if you with to be PCI Compliant.
One method is to use a Hosted Checkout payment gateway. If your site never touches credit card data (PAN) then your burden to meet PCI Compliance is much lower.
Our Hosted Checkout payment gateways deliver the highest level of security for your checkout by redirecting your customers to Vantiv. While they 'stay' on your website, the fields that capture credit card data are served securely by Vantiv directly to the web browser of the customer. The Merchant site never touches the credit card data and generally stays 'out of scope' for this portion of the PCI Compliance assessment.
Our Direct Post Web Services plugin expects that Merchants will be adhering to the strictest standards of PCI Compliance as the plugin generates payment fields from within WooCommerce and transmits that data directly to Vantiv.
For a great article on the hazards of running a WordPress / WooCommerce website with a Direct Post style plugin from a Merchant who did not secure themselves properly, click through to the Trustwave article below.