Does Affiliates BuddyPress have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Affiliates BuddyPress compatible with WordPress 6.9.4?

According to WordPress.org data, Affiliates BuddyPress 2.0.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Affiliates BuddyPress compatible with PHP 7.4+?

Affiliates BuddyPress requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Affiliates BuddyPress updated?

Affiliates BuddyPress was last updated on Unknown. Frequent updates are generally a positive security signal.

What is Affiliates BuddyPress's security score?

Affiliates BuddyPress has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Affiliates BuddyPress Security & Risk Analysis

wordpress.org/plugins/affiliates-buddypress

Affiliates integration with BuddyPress.

10 active installs v2.0.0 PHP 7.4+ WP 6.5+ Updated Unknown

affiliatesbuddypressitthinxprofile

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Affiliates BuddyPress Safe to Use in 2026?

Generally Safe

Score 100/100

Affiliates BuddyPress has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The static analysis for affiliates-buddypress v2.0.0 indicates a generally strong security posture. The plugin boasts a zero attack surface with no identified AJAX handlers, REST API routes, shortcodes, or cron events, and importantly, no unprotected entry points. The code signals also reflect good practices, with no dangerous functions, file operations, or external HTTP requests. Noncing and capability checks are present, and output escaping is reasonably handled. However, a significant concern is the presence of one SQL query that does not utilize prepared statements, which poses a direct risk of SQL injection vulnerabilities if the input is not meticulously sanitized elsewhere. The plugin also has no recorded vulnerability history, which is a positive indicator of past security diligence. Overall, while the lack of attack vectors and good coding practices are commendable, the single un-prepared SQL query represents a critical weakness that needs immediate attention.

Key Concerns

SQL query not using prepared statements

Vulnerabilities

None known

Affiliates BuddyPress Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Affiliates BuddyPress Release Timeline

No version history available.

Code Analysis

Analyzed Mar 16, 2026

Affiliates BuddyPress Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

5 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared1 total queries

Output Escaping

71% escaped7 total outputs

Attack Surface

Affiliates BuddyPress Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 3

actioninitaffiliates-buddypress.php:62

actionadmin_noticesaffiliates-buddypress.php:63

actionadmin_menuaffiliates-buddypress.php:105

Maintenance & Trust

Affiliates BuddyPress Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedUnknown

PHP min version7.4

Downloads6K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Affiliates BuddyPress Alternatives

Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress

youzify

The best BuddyPress plugin for building online communities, user profile, social networks, and membership sites on WordPress with tons of features.

6K 1 unpatched

BuddyPress Xprofile Custom Field Types

bp-xprofile-custom-field-types

Buddypress Xprofile Custom Field Types adds extra custom profile fields to BuddyPress. Field types are: Birthdate, Email, Url etc.

4K 1 CVE

JSON API User

json-api-user

Extends the JSON API Plugin to allow RESTful user registration, authentication & many other User Meta, BP functions. A Pro version is also available.

1K 1 CVE

BuddyPress WooCommerce My Account Integration. Create WooCommerce Member Pages

wc4bp

Integrate WooCommerce my account into BuddyPress member profiles. Bring your WooCommerce member pages into BuddyPress and BuddyBoss.

1K 5 CVEs

BuddyPress Edit Activity

buddypress-edit-activity

BuddyPress Edit Activity allows your members to edit their activity posts on the front-end of your BuddyPress-powered site.

800 No CVEs

Developer Profile

Affiliates BuddyPress Developer Profile

itthinx

30 plugins · 23K total installs

trust score

Avg Security Score

96/100

Avg Patch Time

3 days

View full developer profile

Detection Fingerprints

How We Detect Affiliates BuddyPress

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/affiliates-buddypress/css/admin-styles.css

Version Parameters

affiliates-buddypress/css/admin-styles.css?ver=

HTML / DOM Fingerprints

Data Attributes

affiliates-buddypress-nonce

Shortcode Output

<!-- wp:affiliates

FAQ