AffiliateWP – Affiliate Info Security & Risk Analysis
wordpress.org/plugins/affiliatewp-affiliate-infoDisplay information based on the affiliate's referral URL.
Is AffiliateWP – Affiliate Info Safe to Use in 2026?
Generally Safe
Score 100/100AffiliateWP – Affiliate Info has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The plugin 'affiliatewp-affiliate-info' v1.2.0 exhibits a strong security posture based on the provided static analysis. The absence of dangerous functions, SQL injection vulnerabilities, unescaped output, file operations, external HTTP requests, and taint analysis findings all indicate a well-written and securely coded plugin. Furthermore, the vulnerability history shows no known CVEs, suggesting a history of responsible development and maintenance.
However, the analysis does highlight a potential area for concern: the presence of 11 shortcodes without any explicitly stated capability checks or nonce checks. While the static analysis reports 0 unprotected entry points, the lack of explicit capability checks on shortcodes means that if any shortcode's functionality could be abused by an unauthenticated or lower-privileged user, it could pose a risk. The absence of these checks, even if currently benign in this specific version, represents a missed opportunity for hardening the plugin's security surface.
In conclusion, 'affiliatewp-affiliate-info' v1.2.0 is likely secure against common attack vectors due to its robust coding practices and clean vulnerability history. The primary weakness lies in the lack of explicit authorization checks on its shortcodes, which, while not currently exploitable based on the provided data, could become a point of failure in future updates or with different configurations.
Key Concerns
- 11 shortcodes without explicit capability checks
AffiliateWP – Affiliate Info Security Vulnerabilities
AffiliateWP – Affiliate Info Code Analysis
Output Escaping
AffiliateWP – Affiliate Info Attack Surface
Shortcodes 11
WordPress Hooks 3
Maintenance & Trust
AffiliateWP – Affiliate Info Maintenance & Trust
Maintenance Signals
Community Trust
AffiliateWP – Affiliate Info Alternatives
AffiliateWP – Affiliate Area Tabs
affiliatewp-affiliate-area-tabs
Add and reorder tabs in AffiliateWP's Affiliate Area
AffiliateWP – Affiliate Product Rates
affiliatewp-affiliate-product-rates
Allows you to set product referral rates on a per-affiliate level in AffiliateWP.
AffiliateWP – Order Details For Affiliates
affiliatewp-order-details-for-affiliates
Allow affiliates to see order details on referrals they generated
AffiliateWP – Affiliate QR Codes
affiliatewp-affiliate-qr-codes
Allows affiliates to save, print, or share their affiliate URL as a QR code.
AffiliateWP – Allowed Products
affiliatewp-allowed-products
Allows only specific products to generate commission in AffiliateWP.
AffiliateWP – Affiliate Info Developer Profile
94 plugins · 23.5M total installs
How We Detect AffiliateWP – Affiliate Info
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/affiliatewp-affiliate-info/includes/lib/affwp/css/admin-style.css/wp-content/plugins/affiliatewp-affiliate-info/includes/lib/affwp/css/style.css/wp-content/plugins/affiliatewp-affiliate-info/includes/lib/affwp/js/admin-script.js/wp-content/plugins/affiliatewp-affiliate-info/includes/lib/affwp/js/script.jsaffiliatewp-affiliate-info/includes/lib/affwp/css/admin-style.css?ver=affiliatewp-affiliate-info/includes/lib/affwp/css/style.css?ver=affiliatewp-affiliate-info/includes/lib/affwp/js/admin-script.js?ver=affiliatewp-affiliate-info/includes/lib/affwp/js/script.js?ver=HTML / DOM Fingerprints
affiliatewp-affiliate-info-requirements<!-- AffiliateWP - Affiliate Info -->affiliatewp_affiliate_info[affiliate_info_referred][affiliate_info_not_referred][affiliate_info_bio][affiliate_info_name]