WP-Safety

Affiliates for WooCommerce – Boost your Earnings with Affiliate Marketing Program Security & Risk Analysis

wordpress.org/plugins/affiliates-for-woocommerce

Run a WooCommerce affiliate program from your store. Affiliates get referral links, track commissions, and request payouts from their own dashboard.

300 active installs v2.0.1 PHP 7.4+ WP 6.5+ Updated Mar 15, 2026
affiliate-marketingaffiliate-networkingaffiliate-programwoocommerce-affiliatewoocommerce-partner-program
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Affiliates for WooCommerce – Boost your Earnings with Affiliate Marketing Program Safe to Use in 2026?

Generally Safe

Score 100/100

Affiliates for WooCommerce – Boost your Earnings with Affiliate Marketing Program has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 19d ago
Risk Assessment

The "affiliates-for-woocommerce" v2.0.2 plugin exhibits a generally good security posture with strong adherence to best practices in SQL query preparation and output escaping. The vast majority of SQL queries utilize prepared statements, and a high percentage of output is properly escaped, significantly reducing the risk of common injection and XSS vulnerabilities. The plugin also demonstrates a good number of nonce checks, indicating an awareness of CSRF protection.

However, there are notable areas of concern that impact its overall security. The presence of 11 AJAX handlers, with 3 of them lacking authentication checks, presents a significant attack surface. Furthermore, the taint analysis reveals 6 high-severity flows with unsanitized paths. While there is no recorded vulnerability history, the existence of these specific code signals warrants attention. The bundled Select2 library, while common, could be a potential vector if it contains known vulnerabilities not yet patched in this specific version.

In conclusion, the plugin has strengths in its development practices regarding SQL and output handling. However, the unprotected AJAX endpoints and high-severity taint flows are critical security weaknesses that need immediate remediation to improve the plugin's overall security rating. The lack of past vulnerabilities is a positive indicator but does not negate the risks identified in the current static analysis.

Key Concerns

  • Unprotected AJAX handlers
  • High severity unsanitized taint flows
  • Bundled library (Select2)
Vulnerabilities
None known

Affiliates for WooCommerce – Boost your Earnings with Affiliate Marketing Program Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Affiliates for WooCommerce – Boost your Earnings with Affiliate Marketing Program Code Analysis

Dangerous Functions
0
Raw SQL Queries
9
125 prepared
Unescaped Output
61
1310 escaped
Nonce Checks
21
Capability Checks
2
File Operations
0
External Requests
5
Bundled Libraries
1

Bundled Libraries

Select2

SQL Query Safety

93% prepared134 total queries

Output Escaping

96% escaped1371 total outputs
Data Flows
12 unsanitized

Data Flow Analysis

25 flows12 with unsanitized paths
ddwcaf_get_custom_referral_html (includes\front\front-ajax-functions.php:44)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
3 unprotected

Affiliates for WooCommerce – Boost your Earnings with Affiliate Marketing Program Attack Surface

Entry Points11
Unprotected3

AJAX Handlers 11

authwp_ajax_ddfw_verify_licensedevdiggers-framework\includes\class-ddfw-ajax.php:37
authwp_ajax_ddfw_get_products_listdevdiggers-framework\includes\class-ddfw-ajax.php:38
authwp_ajax_ddfw_get_categories_listdevdiggers-framework\includes\class-ddfw-ajax.php:39
authwp_ajax_ddfw_get_users_listdevdiggers-framework\includes\class-ddfw-ajax.php:40
authwp_ajax_ddfw_refresh_plugins_cachedevdiggers-framework\includes\class-ddfw-ajax.php:41
authwp_ajax_ddfw_newsletter_subscribedevdiggers-framework\includes\class-ddfw-ajax.php:42
authwp_ajax_ddfw_dismiss_review_noticedevdiggers-framework\includes\class-ddfw-review-notice.php:45
authwp_ajax_devdiggers_dismiss_notificationdevdiggers-framework\includes\class-devdiggers-notifications.php:51
authwp_ajax_ddwcaf_create_payout_for_affiliatesincludes\admin\admin-ajax-hooks.php:25
authwp_ajax_ddwcaf_get_custom_referral_htmlincludes\front\front-ajax-hooks.php:25
authwp_ajax_ddwcaf_get_table_rowsincludes\front\front-ajax-hooks.php:26
WordPress Hooks 42
actioninitdevdiggers-framework\global-functions.php:296
actionadmin_menudevdiggers-framework\includes\class-ddfw-admin.php:37
actionadmin_headdevdiggers-framework\includes\class-ddfw-admin.php:38
filterextra_plugin_headersdevdiggers-framework\includes\class-ddfw-admin.php:40
actionadmin_enqueue_scriptsdevdiggers-framework\includes\class-ddfw-assets.php:53
actionadmin_menudevdiggers-framework\includes\class-ddfw-plugin-dashboard.php:60
actionadmin_headdevdiggers-framework\includes\class-ddfw-plugin-dashboard.php:61
actionadmin_menudevdiggers-framework\includes\class-ddfw-plugin-dashboard.php:101
actionadmin_noticesdevdiggers-framework\includes\class-ddfw-review-notice.php:44
actionadmin_initdevdiggers-framework\includes\class-devdiggers-notifications.php:39
actionadmin_noticesdevdiggers-framework\includes\class-devdiggers-notifications.php:50
actionadmin_footerdevdiggers-framework\includes\class-devdiggers-notifications.php:54
actioninitfunctions.php:48
filterplugin_row_metafunctions.php:50
actionadmin_noticesfunctions.php:81
actionplugins_loadedfunctions.php:152
actionbefore_woocommerce_initfunctions.php:186
actionadmin_initincludes\admin\admin-hooks.php:24
actionuser_new_formincludes\admin\admin-hooks.php:26
actionuser_registerincludes\admin\admin-hooks.php:28
actionwoocommerce_refund_createdincludes\admin\admin-hooks.php:31
actionadmin_enqueue_scriptsincludes\admin-dashboard.php:59
filteradmin_footer_textincludes\admin-dashboard.php:60
filterddfw_modify_svg_iconsincludes\common\common-hooks.php:28
filterwoocommerce_order_status_changedincludes\common\common-hooks.php:30
filterquery_varsincludes\front\front-hooks.php:25
filterwoocommerce_account_menu_itemsincludes\front\front-hooks.php:28
filterthe_titleincludes\front\front-hooks.php:32
filtersidebars_widgetsincludes\front\front-hooks.php:34
actionwp_enqueue_scriptsincludes\front\front-hooks.php:37
actionddwcaf_add_affiliate_registration_fieldsincludes\front\front-hooks.php:39
actionwoocommerce_register_formincludes\front\front-hooks.php:42
filterwoocommerce_registration_errorsincludes\front\front-hooks.php:45
filterwoocommerce_new_customer_dataincludes\front\front-hooks.php:47
actionwoocommerce_created_customerincludes\front\front-hooks.php:49
filterwoocommerce_registration_redirectincludes\front\front-hooks.php:51
filterwoocommerce_login_redirectincludes\front\front-hooks.php:53
actionwoocommerce_applied_couponincludes\front\front-hooks.php:55
actionwp_loadedincludes\front\front-hooks.php:57
actionwpincludes\front\front-hooks.php:59
actionwoocommerce_checkout_order_processedincludes\front\front-hooks.php:61
actionwoocommerce_store_api_checkout_order_processedincludes\front\front-hooks.php:63
Maintenance & Trust

Affiliates for WooCommerce – Boost your Earnings with Affiliate Marketing Program Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 15, 2026
PHP min version7.4
Downloads7K

Community Trust

Rating100/100
Number of ratings5
Active installs300
Alternatives

Affiliates for WooCommerce – Boost your Earnings with Affiliate Marketing Program Alternatives

Affiliate Program Suite — SliceWP Affiliates

Affiliate Program Suite — SliceWP Affiliates

slicewp

A
97

SliceWP is the quickest and easiest WordPress affiliates plugin for building your affiliate program. Track affiliate commissions, easily pay your affi …

10K 5 CVEs
Affiliates Manager

Affiliates Manager

affiliates-manager

A
95

Affiliates Manager plugin can help you manage an affiliate marketing program to drive more traffic and more sales to your site.

9K 12 CVEs
Coupon Affiliates – Affiliate Plugin for WooCommerce

Coupon Affiliates – Affiliate Plugin for WooCommerce

woo-coupon-usage

A
90

The most powerful affiliate plugin for WooCommerce. Track commission, generate referral URLs, assign affiliate coupons, and display detailed stats.

5K 12 CVEs
FluentAffiliate – Affiliate Program Management Suite, Affiliates Manager

FluentAffiliate – Affiliate Program Management Suite, Affiliates Manager

fluent-affiliate

A
100

The Ultimate all-in-one affiliate program management plugin for WordPress.

1K No CVEs
Affilia – Affiliate Program & Referral Tracking for WordPress

Affilia – Affiliate Program & Referral Tracking for WordPress

affiliaa-affiliate-program-with-mlm

A
100

Launch a powerful, self-hosted affiliate program for WordPress. Track referrals, manage affiliates, and boost sales for WooCommerce, EDD, and Contact …

700 No CVEs
Developer Profile

Affiliates for WooCommerce – Boost your Earnings with Affiliate Marketing Program Developer Profile

DevDiggers

2 plugins · 310 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Affiliates for WooCommerce – Boost your Earnings with Affiliate Marketing Program

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/affiliates-for-woocommerce/assets/css/ddwcaf-admin.css/wp-content/plugins/affiliates-for-woocommerce/assets/css/ddwcaf-frontend.css/wp-content/plugins/affiliates-for-woocommerce/assets/js/ddwcaf-admin.js/wp-content/plugins/affiliates-for-woocommerce/assets/js/ddwcaf-frontend.js
Script Paths
/wp-content/plugins/affiliates-for-woocommerce/assets/js/ddwcaf-admin.js/wp-content/plugins/affiliates-for-woocommerce/assets/js/ddwcaf-frontend.js
Version Parameters
/wp-content/plugins/affiliates-for-woocommerce/assets/css/ddwcaf-admin.css?ver=/wp-content/plugins/affiliates-for-woocommerce/assets/css/ddwcaf-frontend.css?ver=/wp-content/plugins/affiliates-for-woocommerce/assets/js/ddwcaf-admin.js?ver=/wp-content/plugins/affiliates-for-woocommerce/assets/js/ddwcaf-frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
ddwcaf-dashboard-pageddwcaf-configuration-pageddwcaf-affiliate-listddwcaf-affiliate-detailsddwcaf-report-tableddwcaf-coupon-listddwcaf-settings-form
HTML Comments
<!-- ddwcaf: Affiliates for WooCommerce. -->
Data Attributes
data-ddwcaf-affiliate-iddata-ddwcaf-campaign-iddata-ddwcaf-user-id
JS Globals
window.ddwcaf_admin_paramswindow.ddwcaf_frontend_params
Shortcode Output
[ddwcaf_affiliate_dashboard][ddwcaf_affiliate_registration][ddwcaf_affiliate_login]
FAQ

Frequently Asked Questions about Affiliates for WooCommerce – Boost your Earnings with Affiliate Marketing Program