WP-Safety

Adfever Monétisation Security & Risk Analysis

wordpress.org/plugins/adfever-monetisation

Plugin de monétisation pour les membres de la régie publicitaire AdFever.

10 active installs v1.0.2 PHP + WP 3.4+ Updated Apr 17, 2014
adfeveradvertisingmonetizationpublicitesponsored-links
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Adfever Monétisation Safe to Use in 2026?

Generally Safe

Score 85/100

Adfever Monétisation has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11yr ago
Risk Assessment

The adfever-monetisation plugin v1.0.2 exhibits a concerning security posture primarily due to its unprotected entry points and lack of output escaping. While it utilizes prepared statements for SQL queries and has no recorded vulnerability history, these positives are overshadowed by significant risks. The presence of two AJAX handlers without any authentication checks creates a substantial attack surface, potentially allowing unauthorized actions or information disclosure if these handlers are not inherently restricted by other WordPress mechanisms. Furthermore, the complete absence of output escaping on 34 identified outputs means that any data processed or displayed by the plugin is vulnerable to Cross-Site Scripting (XSS) attacks. The taint analysis revealing unsanitized paths, although not reaching a critical or high severity in this specific scan, further highlights the potential for data manipulation and injection vulnerabilities.

In conclusion, the plugin's strengths lie in its SQL query handling and lack of historical vulnerabilities. However, the critical weaknesses in authentication for AJAX handlers and the pervasive lack of output escaping present immediate and significant security risks. The absence of nonce and capability checks on these entry points exacerbates the situation. Until these issues are addressed, the plugin should be considered high risk for any WordPress site.

Key Concerns

  • AJAX handlers without auth checks
  • Output escaping not properly implemented
  • Flows with unsanitized paths
  • Nonce checks missing
  • Capability checks missing
Vulnerabilities
None known

Adfever Monétisation Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Adfever Monétisation Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
5 prepared
Unescaped Output
34
0 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared5 total queries

Output Escaping

0% escaped34 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths
AFajaxcallback (adfever-monetisation.php:705)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

Adfever Monétisation Attack Surface

Entry Points2
Unprotected2

AJAX Handlers 2

authwp_ajax_AFajaxadfever-monetisation.php:21
noprivwp_ajax_AFajaxadfever-monetisation.php:22
WordPress Hooks 11
actionadmin_menuadfever-monetisation.php:29
actionadmin_enqueue_scriptsadfever-monetisation.php:30
actionadmin_initadfever-monetisation.php:31
actionadmin_noticesadfever-monetisation.php:32
actionwp_print_scriptsadfever-monetisation.php:39
actionwp_headadfever-monetisation.php:40
actionwp_headadfever-monetisation.php:42
actionwp_headadfever-monetisation.php:45
actionwp_headadfever-monetisation.php:48
actionthe_contentadfever-monetisation.php:52
actionwp_footeradfever-monetisation.php:55
Maintenance & Trust

Adfever Monétisation Maintenance & Trust

Maintenance Signals

WordPress version tested3.9.40
Last updatedApr 17, 2014
PHP min version
Downloads6K

Community Trust

Rating80/100
Number of ratings1
Active installs10
Alternatives

Adfever Monétisation Alternatives

Website Article Monetization By MageNet

Website Article Monetization By MageNet

website-article-monetization-by-magenet

A
100

Get additional income from your website or blog by placing text ads automatically.

20K 1 CVE
Website Monetization by MageNet

Website Monetization by MageNet

website-monetization-by-magenet

A
100

Get additional income from your website or blog by placing text ads automatically.

20K 1 CVE
Actirise — Advertising & Monetization

Actirise — Advertising & Monetization

actirise

A
100

Premium advertising solution to grow your WordPress site revenue with no code and real-time insights.

200 No CVEs
The Publisher Desk ads.txt

The Publisher Desk ads.txt

the-publisher-desk-ads-txt

A
85

Ads.txt management tool for publishers in The Publisher Desk portfolio.

100 No CVEs
Adnow Native Widget

Adnow Native Widget

native-ads-adnow

A
92

Use the Adnow widget to monetize your website successfully with high quality native ads

60 No CVEs
Developer Profile

Adfever Monétisation Developer Profile

adfever

1 plugin · 10 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Adfever Monétisation

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/adfever-monetisation/css/adfever_styles.css/wp-content/plugins/adfever-monetisation/js/admin_scripts.js/wp-content/plugins/adfever-monetisation/js/scripts.js
Script Paths
http://c.ad6media.fr/l.jshttp://adfever.fr.intellitxt.com/intellitxt/front.asp?ipid=

HTML / DOM Fingerprints

CSS Classes
icon32
HTML Comments
<!-- encart 100% Footer 2 - 2013-10-31 --><!-- encart 100% Footer 2 --><!-- encart Site-under 1 - 2013-10-31 --><!-- encart Site-under 1 -->+2 more
Data Attributes
name="AF_options[AF_SID]"name="AF_options[AF_AID]"
JS Globals
ajax_object
REST Endpoints
/wp-json/wp/v2/posts
FAQ

Frequently Asked Questions about Adfever Monétisation