WP-Safety

Affiliate Links Expert Security & Risk Analysis

wordpress.org/plugins/affiliate-links-woocommerce

As a website owner, you can easily manage all your affiliate data from the admin panel. Also it is useful for users who want to create affiliate links …

10 active installs v2.3 PHP + WP 5.5+ Updated Aug 24, 2023
affiliate-marketingaffiliate-trackingcommission-ratesreal-time-reportingsocial-media-sharing
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Affiliate Links Expert Safe to Use in 2026?

Generally Safe

Score 85/100

Affiliate Links Expert has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2yr ago
Risk Assessment

The 'affiliate-links-woocommerce' v2.3 plugin exhibits a generally strong security posture, with a significant number of implemented security checks like nonces and capability checks. The absence of known CVEs and the lack of critical or high-severity vulnerabilities in the vulnerability history are positive indicators. Furthermore, the plugin has no external HTTP requests, reducing its attack surface in that regard.

However, there are areas for improvement. The static analysis reveals that 54% of SQL queries are not using prepared statements, posing a potential risk of SQL injection if the data is not strictly validated and sanitized. Additionally, 54% of output escaping is not properly handled, which could lead to Cross-Site Scripting (XSS) vulnerabilities. The presence of two taint flows with unsanitized paths, even if not classified as critical or high severity in the provided output, warrants further investigation as it indicates potential data exposure or manipulation risks.

Overall, while the plugin benefits from a clean vulnerability history and good implementation of common WordPress security practices, the identified weaknesses in SQL query preparation and output escaping present specific, actionable security concerns that require attention to further solidify its security.

Key Concerns

  • SQL queries not using prepared statements
  • Output escaping not properly handled
  • Flows with unsanitized paths (High Severity Taint)
Vulnerabilities
None known

Affiliate Links Expert Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Affiliate Links Expert Code Analysis

Dangerous Functions
0
Raw SQL Queries
9
12 prepared
Unescaped Output
157
134 escaped
Nonce Checks
11
Capability Checks
6
File Operations
4
External Requests
0
Bundled Libraries
0

SQL Query Safety

57% prepared21 total queries

Output Escaping

46% escaped291 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

8 flows2 with unsanitized paths
prepareSaveSettings (includes\admin\models\MXALFWPMainAdminModel.php:276)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Affiliate Links Expert Attack Surface

Entry Points10
Unprotected0

AJAX Handlers 9

authwp_ajax_mxalfwp_bulk_actionsincludes\admin\models\MXALFWPMainAdminModel.php:18
authwp_ajax_mxalfwp_save_settingsincludes\admin\models\MXALFWPMainAdminModel.php:21
authwp_ajax_mxalfwp_pay_partnerincludes\admin\models\MXALFWPMainAdminModel.php:24
authwp_ajax_mxalfwp_block_partnerincludes\admin\models\MXALFWPMainAdminModel.php:27
authwp_ajax_mxalfwp_link_generateincludes\frontend\classes\server.php:11
authwp_ajax_mxalfwp_get_linksincludes\frontend\classes\server.php:14
authwp_ajax_mxalfwp_get_links_countincludes\frontend\classes\server.php:17
authwp_ajax_mxalfwp_save_link_dataincludes\frontend\classes\server.php:20
noprivwp_ajax_mxalfwp_save_link_dataincludes\frontend\classes\server.php:21

Shortcodes 1

[mxalfwp_partner_cabinet] includes\frontend\classes\shortcodes\cabinet.php:11
WordPress Hooks 15
actionplugins_loadedaffiliate-links-for-woocommerce-plugin.php:154
actioninitincludes\admin\classes\cpt.php:16
filtermanage_mxalfwp_books_posts_columnsincludes\admin\classes\cpt.php:20
actionmanage_mxalfwp_books_posts_custom_columnincludes\admin\classes\cpt.php:23
actionadmin_enqueue_scriptsincludes\admin\classes\enqueue-scripts.php:16
actionmxalfwp_affiliate_links_before_tableincludes\admin\classes\integration\woocommerce.php:14
actionwoocommerce_order_status_changedincludes\admin\classes\integration\woocommerce.php:19
actionwoocommerce_admin_order_data_after_order_detailsincludes\admin\classes\integration\woocommerce.php:22
actionadmin_enqueue_scriptsincludes\admin\classes\metabox-image-upload.php:14
actionadd_meta_boxesincludes\admin\classes\metabox.php:56
actionsave_postincludes\admin\classes\metabox.php:58
actionadmin_noticesincludes\core\error_handle\Display-Error.php:27
actionadmin_footerincludes\core\helpers.php:86
actionadmin_menuincludes\core\Route-Registrar.php:159
actionwp_enqueue_scriptsincludes\frontend\classes\enqueue-scripts.php:16
Maintenance & Trust

Affiliate Links Expert Maintenance & Trust

Maintenance Signals

WordPress version tested6.3.8
Last updatedAug 24, 2023
PHP min version
Downloads2K

Community Trust

Rating100/100
Number of ratings2
Active installs10
Alternatives

Affiliate Links Expert Alternatives

LeadDyno WordPress Plugin

LeadDyno WordPress Plugin

leaddyno

A
100

Integrates the LeadDyno affiliate tracking and web analytics service into your blog/wordpress/woocommerce site.

200 No CVEs
Revive Social – Social Media Auto Post and Scheduling Automation Plugin

Revive Social – Social Media Auto Post and Scheduling Automation Plugin

tweet-old-post

A
95

Automatically share your WordPress posts on multiple social networks like Facebook, X (Twitter), LinkedIn, Instagram and more.

20K 3 CVEs
AffiliateX – Amazon Affiliate Plugin

AffiliateX – Amazon Affiliate Plugin

affiliatex

A
96

AffiliateX is the best WordPress Amazon Affiliate Plugin. Create professional affiliate websites with customizable WordPress Amazon Affiliate Blocks.

10K 3 CVEs
Content Egg – Affiliate Product Importer & Price Comparison

Content Egg – Affiliate Product Importer & Price Comparison

content-egg

A
96

Import affiliate products, compare prices, sync to WooCommerce, and auto-generate SEO content with AI — all in one toolkit.

10K 3 CVEs
Affiliates Manager

Affiliates Manager

affiliates-manager

A
95

Affiliates Manager plugin can help you manage an affiliate marketing program to drive more traffic and more sales to your site.

9K 12 CVEs
Developer Profile

Affiliate Links Expert Developer Profile

Maksym Marko

11 plugins · 1K total installs

69
trust score
Avg Security Score
86/100
Avg Patch Time
881 days
View full developer profile
Detection Fingerprints

How We Detect Affiliate Links Expert

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/affiliate-links-for-woocommerce-plugin/assets/font-awesome-4.6.3/css/font-awesome.min.css/wp-content/plugins/affiliate-links-for-woocommerce-plugin/assets/css/common-style.css/wp-content/plugins/affiliate-links-for-woocommerce-plugin/includes/admin/assets/css/style.css/wp-content/plugins/affiliate-links-for-woocommerce-plugin/assets/add/vue/vue-dev.js/wp-content/plugins/affiliate-links-for-woocommerce-plugin/includes/admin/assets/js/script.js/wp-content/plugins/affiliate-links-for-woocommerce-plugin/includes/admin/assets/js/image-upload.js/wp-content/plugins/affiliate-links-for-woocommerce-plugin/includes/frontend/assets/css/style.css
Script Paths
/wp-content/plugins/affiliate-links-for-woocommerce-plugin/assets/add/vue/vue-dev.js
Version Parameters
/wp-content/plugins/affiliate-links-for-woocommerce-plugin/assets/font-awesome-4.6.3/css/font-awesome.min.css/wp-content/plugins/affiliate-links-for-woocommerce-plugin/assets/css/common-style.css/wp-content/plugins/affiliate-links-for-woocommerce-plugin/includes/admin/assets/css/style.css/wp-content/plugins/affiliate-links-for-woocommerce-plugin/assets/add/vue/vue-dev.js/wp-content/plugins/affiliate-links-for-woocommerce-plugin/includes/admin/assets/js/script.js/wp-content/plugins/affiliate-links-for-woocommerce-plugin/includes/admin/assets/js/image-upload.js/wp-content/plugins/affiliate-links-for-woocommerce-plugin/includes/frontend/assets/css/style.css

HTML / DOM Fingerprints

CSS Classes
mxalfwp_font_awesome
HTML Comments
<!-- Unique string - MXALFWP --><!-- Define MXALFWP_PLUGIN_PATH --><!-- Define MXALFWP_PLUGIN_URL --><!-- Define MXALFWP_PLUGN_BASE_NAME -->+14 more
Data Attributes
mxalfwp_admin_localize
JS Globals
MXALFWP_PLUGIN_URLMXALFWP_PLUGIN_VERSIONMXALFWP_MAIN_MENU_SLUGmxalfwp_admin_localize
FAQ

Frequently Asked Questions about Affiliate Links Expert