WP-Safety

URL Auto Referrer Security & Risk Analysis

wordpress.org/plugins/auto-referrer

Add hostname to outgoing links as "#referrer=hostname".

10 active installs v1.0.0 PHP + WP 4.0+ Updated Feb 23, 2025
outgoingreferrertrackingurl
92
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is URL Auto Referrer Safe to Use in 2026?

Generally Safe

Score 92/100

URL Auto Referrer has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago
Risk Assessment

The "auto-referrer" plugin v1.0.0 exhibits a strong security posture based on the provided static analysis. There are no identified attack vectors through AJAX, REST API, shortcodes, or cron events. The code demonstrates excellent secure coding practices, with a complete absence of dangerous functions, raw SQL queries, unescaped output, file operations, external HTTP requests, and critical taint flows. The plugin also lacks bundled libraries, which can sometimes introduce vulnerabilities. This indicates a well-written and secure plugin at this version.

The vulnerability history further reinforces this positive assessment, showing zero known CVEs of any severity. The absence of recorded vulnerabilities suggests that the development team is either highly diligent in their security practices or that the plugin's functionality is simple enough to avoid common vulnerability classes. The overall impression is that of a robust and secure plugin, with no immediate security concerns identified.

Vulnerabilities
None known

URL Auto Referrer Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

URL Auto Referrer Release Timeline

v1.0.1
v1.0.0Current
v0.3
Code Analysis
Analyzed Apr 16, 2026

URL Auto Referrer Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
0 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0
Attack Surface

URL Auto Referrer Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 1
filterthe_contentauto-referrer.php:17
Maintenance & Trust

URL Auto Referrer Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedFeb 23, 2025
PHP min version
Downloads3K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

URL Auto Referrer Alternatives

AffiliateWP – Affiliate Info

AffiliateWP – Affiliate Info

affiliatewp-affiliate-info

A
92

Display information based on the affiliate's referral URL.

1K No CVEs
Easy UTM Builder

Easy UTM Builder

easy-utm-builder

A
100

Easy to build trackable URLs with UTM parameters in Bulk (complete site or specific post type) for Google Analytics!

400 No CVEs
ShortLinks Pro – Affiliate Links, Link Shortening, Click Tracking & Marketing

ShortLinks Pro – Affiliate Links, Link Shortening, Click Tracking & Marketing

shortlinkspro

A
99

Shorten, track, manage and share any URL using your own domain name!

100 1 CVE
PublishPress Shortlinks – Custom URLs for Posts and External Links – Share Previews for Draft Posts

PublishPress Shortlinks – Custom URLs for Posts and External Links – Share Previews for Draft Posts

tinypress

A
100

The best link manager . These links are brandable, trackable, and can have custom view permissions.

100 No CVEs
Tracking URL Builder for Analytics

Tracking URL Builder for Analytics

tracking-url-builder-for-analytics

A
85

A simple form to create url for tracking of custom campaigns on Google Analytics

20 No CVEs
Developer Profile

URL Auto Referrer Developer Profile

Marcin Pietrzak

23 plugins · 89K total installs

77
trust score
Avg Security Score
97/100
Avg Patch Time
274 days
View full developer profile
Detection Fingerprints

How We Detect URL Auto Referrer

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

FAQ

Frequently Asked Questions about URL Auto Referrer