Does Amazon Ranking have any unpatched vulnerabilities?

No. All known vulnerabilities in Amazon Ranking have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Amazon Ranking compatible with WordPress 3.4.2?

According to WordPress.org data, Amazon Ranking 1.0.2 has been tested up to WordPress 3.4.2. Check the plugin's changelog for the latest compatibility information.

How often is Amazon Ranking updated?

Amazon Ranking was last updated on Dec 5, 2012. Frequent updates are generally a positive security signal.

What is Amazon Ranking's security score?

Amazon Ranking has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Amazon Ranking Security & Risk Analysis

wordpress.org/plugins/amazon-ranking

This widget shows Amazon Bestsellers, Hot New Releases, Most Gifted and Most Wished For.

10 active installs v1.0.2 PHP + WP 2.8+ Updated Dec 5, 2012

affiliateamazonsidebarwidget

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Amazon Ranking Safe to Use in 2026?

Generally Safe

Score 85/100

Amazon Ranking has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 13yr ago

Risk Assessment

The "amazon-ranking" plugin v1.0.2 exhibits a strong security posture based on the static analysis provided. The complete absence of direct attack surface entries like AJAX handlers, REST API routes, and shortcodes significantly limits potential entry points for attackers. Furthermore, the fact that all SQL queries utilize prepared statements is an excellent practice, mitigating the risk of SQL injection vulnerabilities. The lack of dangerous functions and file operations also contributes positively to its security. However, a significant concern arises from the output escaping. With 25 total outputs and 0% properly escaped, this indicates a high risk of Cross-Site Scripting (XSS) vulnerabilities. Any dynamic data rendered on the frontend without proper sanitization could be exploited to inject malicious scripts.

Key Concerns

No output escaping

Vulnerabilities

None known

Amazon Ranking Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Amazon Ranking Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped25 total outputs

Attack Surface

Amazon Ranking Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 1

actionwidgets_initks-amazon-ranking.php:308

Maintenance & Trust

Amazon Ranking Maintenance & Trust

Maintenance Signals

WordPress version tested3.4.2

Last updatedDec 5, 2012

PHP min version

Downloads4K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Amazon Ranking Alternatives

TechGasp Amazing Master

amazon-master

TechGasp Amazing Master let's you can automatically display the hottest deals from Amazon making your wordpress a money making machine.

10 No CVEs

WP-Amazon-Search widget

amazon-search-widget

Add slick looking Amazon Search widgets to your blog posts in a brain-dead simple way! Just say [search] to add a Search widget anywhere on your blog.

10 No CVEs