Does AffiliateImporterAI have any unpatched vulnerabilities?

No. All known vulnerabilities in AffiliateImporterAI have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is AffiliateImporterAI compatible with WordPress 4.9.29?

According to WordPress.org data, AffiliateImporterAI 2.0.5 has been tested up to WordPress 4.9.29. Check the plugin's changelog for the latest compatibility information.

How often is AffiliateImporterAI updated?

AffiliateImporterAI was last updated on Feb 23, 2018. Frequent updates are generally a positive security signal.

What is AffiliateImporterAI's security score?

AffiliateImporterAI has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

AffiliateImporterAI Security & Risk Analysis

wordpress.org/plugins/affiliateimporteral

This plugin allows you to import the products directly from AliExpress in your Wordpress WooCommerce store and earn a commission!

20 active installs v2.0.5 PHP + WP 4.6+ Updated Feb 23, 2018

adsaffilatealiexpressimporterwoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is AffiliateImporterAI Safe to Use in 2026?

Generally Safe

Score 85/100

AffiliateImporterAI has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8yr ago

Risk Assessment

This plugin exhibits a concerning security posture primarily due to its extensive attack surface and lack of proper authorization checks. With 22 AJAX handlers and none of them protected by authentication or capability checks, there's a significant risk of unauthorized actions being performed by unauthenticated users. The presence of the `unserialize` function, especially when combined with unsanitized data flows identified in the taint analysis, raises a critical concern for potential remote code execution or object injection vulnerabilities. While the plugin has no recorded CVE history, this is not indicative of inherent security; it may simply mean it hasn't been extensively audited or exploited in the past. The relatively low percentage of prepared statements and the high percentage of unsanitized paths in taint analysis further amplify these risks. The plugin's strengths are its lack of bundled libraries and a decent percentage of SQL queries using prepared statements, but these are overshadowed by the critical vulnerabilities indicated by the unprotected entry points and taint analysis.

Key Concerns

Unprotected AJAX handlers
Critical taint flow detected
Use of unserialize function
Unsanitized paths in taint analysis
Low output escaping rate
Lack of capability checks

Vulnerabilities

None known

AffiliateImporterAI Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

AffiliateImporterAI Code Analysis

Dangerous Functions

Raw SQL Queries

37 prepared

Unescaped Output

132

105 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$settings = unserialize($results);layout\status.php:11

unserialize$fields = unserialize($results[0]->data);src\AEIDN\Abstract\Account.php:112

unserialize$this->$field = unserialize($value);src\AEIDN\Goods\Goods.php:52

unserialize$this->$key = unserialize($val);src\AEIDN\Goods\Goods.php:261

unserializereturn ($str === serialize(false) || @unserialize($str) !== false);src\AEIDN\Goods\Goods.php:282

unserialize$f_data = unserialize($results[0]->formula);src\AEIDN\Prices\PriceFormula.php:51

unserialize$f_data = unserialize($row->formula);src\AEIDN\Prices\PriceFormula.php:167

SQL Query Safety

73% prepared51 total queries

Output Escaping

44% escaped237 total outputs

Data Flows

11 unsanitized

Data Flow Analysis

13 flows11 with unsanitized paths

updateGoods (src\AEIDN\Utils\Ajax.php:507)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

22 unprotected

AffiliateImporterAI Attack Surface

Entry Points22

Unprotected22

AJAX Handlers 22

authwp_ajax_aeidn_product_infosrc\AEIDN\Utils\Ajax.php:11

authwp_ajax_aeidn_order_infosrc\AEIDN\Utils\Ajax.php:12

authwp_ajax_aeidn_export_settingssrc\AEIDN\Utils\Ajax.php:14

authwp_ajax_aeidn_export_productssrc\AEIDN\Utils\Ajax.php:15

authwp_ajax_aeidn_edit_goodssrc\AEIDN\Utils\Ajax.php:17

authwp_ajax_aeidn_select_imagesrc\AEIDN\Utils\Ajax.php:18

authwp_ajax_aeidn_load_detailssrc\AEIDN\Utils\Ajax.php:19

authwp_ajax_aeidn_import_goodssrc\AEIDN\Utils\Ajax.php:20

authwp_ajax_aeidn_blacklistsrc\AEIDN\Utils\Ajax.php:22

authwp_ajax_aeidn_unblacklistsrc\AEIDN\Utils\Ajax.php:23

authwp_ajax_aeidn_unshedulesrc\AEIDN\Utils\Ajax.php:24

authwp_ajax_aeidn_load_and_import_goodssrc\AEIDN\Utils\Ajax.php:26

authwp_ajax_aeidn_update_goodssrc\AEIDN\Utils\Ajax.php:27

authwp_ajax_aeidn_schedule_import_goodssrc\AEIDN\Utils\Ajax.php:29

authwp_ajax_aeidn_upload_imagesrc\AEIDN\Utils\Ajax.php:30

authwp_ajax_aeidn_description_editorsrc\AEIDN\Utils\Ajax.php:32

authwp_ajax_aeidn_price_formula_getsrc\AEIDN\Utils\Ajax.php:34

authwp_ajax_aeidn_price_formula_addsrc\AEIDN\Utils\Ajax.php:35

authwp_ajax_aeidn_price_formula_editsrc\AEIDN\Utils\Ajax.php:36

authwp_ajax_aeidn_price_formula_delsrc\AEIDN\Utils\Ajax.php:37

authwp_ajax_aeidn_redirectsrc\Dnolbon\Wordpress\WordpressStats.php:8

noprivwp_ajax_aeidn_redirectsrc\Dnolbon\Wordpress\WordpressStats.php:9

WordPress Hooks 36

actionadmin_noticesAffiliateImporterAl.php:67

actionadmin_menuAffiliateImporterAl.php:77

actionadmin_enqueue_scriptsAffiliateImporterAl.php:78

actionadmin_initAffiliateImporterAl.php:90

filterhttp_api_transportsinclude.php:451

filtercron_schedulesschedule.php:13

actionaeidn_schedule_post_eventschedule.php:84

actionaeidn_update_price_eventschedule.php:203

actionload-aeimporter_page_aeidn-addscreenoptions.php:2

actionload-aeimporter_page_aeidn-statsscreenoptions.php:12

actionaeidn_print_api_setting_pagesrc\AEIDN\Abstract\Configurator.php:19

actionaeidn_print_api_setting_pagesrc\AEIDN\Abstract\Configurator.php:21

filteraeidn_get_dashboard_columnssrc\AEIDN\Abstract\Configurator.php:26

filteraeidn_get_dashboard_sortable_columnssrc\AEIDN\Abstract\Configurator.php:27

filteraeidn_dashboard_column_defaultsrc\AEIDN\Abstract\Configurator.php:28

actionaeidn_befor_dashboard_rendersrc\AEIDN\Abstract\Configurator.php:30

actionaeidn_dashboard_rendersrc\AEIDN\Abstract\Configurator.php:33

actionaeidn_after_dashboard_rendersrc\AEIDN\Abstract\Configurator.php:35

actionaeidn_print_api_setting_pagesrc\AEIDN\Abstract\Configurator.php:37

actionadmin_enqueue_scriptssrc\AEIDN\WooCommerce\OrderList.php:10

actionmanage_shop_order_posts_custom_columnsrc\AEIDN\WooCommerce\OrderList.php:11

actionadmin_footer-edit.phpsrc\AEIDN\WooCommerce\ProductList.php:14

actionload-edit.phpsrc\AEIDN\WooCommerce\ProductList.php:15

actionadmin_noticessrc\AEIDN\WooCommerce\ProductList.php:16

filterpost_row_actionssrc\AEIDN\WooCommerce\ProductList.php:17

actionadmin_enqueue_scriptssrc\AEIDN\WooCommerce\ProductList.php:18

actionadmin_initsrc\AEIDN\WooCommerce\ProductList.php:19

actionwpsrc\Dnolbon\Wordpress\Frontend.php:8

actionwoocommerce_add_to_cartsrc\Dnolbon\Wordpress\Frontend.php:10

actionwoocommerce_product_add_to_cart_urlsrc\Dnolbon\Wordpress\WordpressStats.php:10

actionwpsrc\Dnolbon\Wordpress\WordpressStats.php:12

actionwoocommerce_add_to_cartsrc\Dnolbon\Wordpress\WordpressStats.php:13

actionaeidn_tr_getLocalizedUrlsrc\Dnolbon\Wordpress\WordpressTranslates.php:20

actionaeidn_tr_getLocalizedTextsrc\Dnolbon\Wordpress\WordpressTranslates.php:21

actionaeidn_tr_getLocalizedAttributessrc\Dnolbon\Wordpress\WordpressTranslates.php:22

actionadmin_footersrc\Dnolbon\Wordpress\WpListTable.php:139

Scheduled Events 3

aeidn_update_price_event

aeidn_schedule_post_event

aeidn_update_price_event

Maintenance & Trust

AffiliateImporterAI Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29

Last updatedFeb 23, 2018

PHP min version

Downloads24K

Community Trust

Rating74/100

Number of ratings9

Active installs20

Alternatives

AffiliateImporterAI Alternatives

AffiliateImporterAm

affiliateimporteram

This plugin allows you to import the products directly from Amazon in your Wordpress WooCommerce store and earn a commission!

10 No CVEs

AffiliateImporterBg

affiliateimporterbg

This plugin allows you to import the products directly from Banggood in your Wordpress WooCommerce store and earn a commission!

10 No CVEs

Google for WooCommerce

google-listings-and-ads

Native integration with Google that allows merchants to easily display their products across Google’s network.

900K 1 CVE

Kliken: Ads + Pixel for Meta

kliken-ads-pixel-for-meta

100

Drive Sales on Facebook and Instagram in 5 minutes—upload your catalog, implement the Meta Pixel & Conversions API, and grow via Meta Advantage+ now.

50K No CVEs

Pixel Manager for WooCommerce – Conversion Tracking, Google Ads, GA4, TikTok, Dynamic Remarketing

woocommerce-google-adwords-conversion-tracking-tag

Conversion tracking for WooCommerce. Google Ads, GA4, Meta/Facebook Pixel, TikTok & more. Recover 30% more conversions with server-side tracking!

50K 4 CVEs

Developer Profile

AffiliateImporterAI Developer Profile

Roman

4 plugins · 50 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect AffiliateImporterAI

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/affiliateimporteral/assets/css/dnolbon.css/wp-content/plugins/affiliateimporteral/assets/css/style.css/wp-content/plugins/affiliateimporteral/assets/css/font-awesome.min.css/wp-content/plugins/affiliateimporteral/assets/js/datetimepicker/jquery.datetimepicker.css/wp-content/plugins/affiliateimporteral/assets/js/lighttabs/lighttabs.css/wp-content/plugins/affiliateimporteral/assets/js/script.js/wp-content/plugins/affiliateimporteral/assets/js/datetimepicker/jquery.datetimepicker.js/wp-content/plugins/affiliateimporteral/assets/js/lighttabs/lighttabs.js+1 more

Script Paths

/wp-content/plugins/affiliateimporteral/assets/js/script.js/wp-content/plugins/affiliateimporteral/assets/js/datetimepicker/jquery.datetimepicker.js/wp-content/plugins/affiliateimporteral/assets/js/lighttabs/lighttabs.js/wp-content/plugins/affiliateimporteral/assets/js/DnolbonColumns.js

Version Parameters

affiliateimporteral/assets/css/dnolbon.css?ver=affiliateimporteral/assets/css/style.css?ver=affiliateimporteral/assets/css/font-awesome.min.css?ver=affiliateimporteral/assets/js/datetimepicker/jquery.datetimepicker.css?ver=affiliateimporteral/assets/js/lighttabs/lighttabs.css?ver=affiliateimporteral/assets/js/script.js?ver=affiliateimporteral/assets/js/datetimepicker/jquery.datetimepicker.js?ver=affiliateimporteral/assets/js/lighttabs/lighttabs.js?ver=affiliateimporteral/assets/js/DnolbonColumns.js?ver=

HTML / DOM Fingerprints

CSS Classes

aeidn-dashboardaeidn-settings

Data Attributes

data-aeidn-id

JS Globals

WPURLSAEIDN_PLUGIN_NAMEAEIDN_ROOT_URLAEIDN_ROOT_PATHAEIDN_FILE_FULLNAMEAEIDN_ROOT_MENU_ID

FAQ