Does Awin – Advertiser Tracking for WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in Awin – Advertiser Tracking for WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Awin – Advertiser Tracking for WooCommerce compatible with WordPress 6.8.5?

According to WordPress.org data, Awin – Advertiser Tracking for WooCommerce 2.0.5 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Awin – Advertiser Tracking for WooCommerce compatible with PHP 7.3+?

Awin – Advertiser Tracking for WooCommerce requires PHP 7.3 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Awin – Advertiser Tracking for WooCommerce updated?

Awin – Advertiser Tracking for WooCommerce was last updated on Mar 3, 2026. Frequent updates are generally a positive security signal.

What is Awin – Advertiser Tracking for WooCommerce's security score?

Awin – Advertiser Tracking for WooCommerce has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Awin – Advertiser Tracking for WooCommerce Security & Risk Analysis

wordpress.org/plugins/awin-advertiser-tracking

Awin is a global affiliate network with over 200,000 contributing publishers and 29,500 advertisers, connecting customers with brands in over 180 coun …

1K active installs v2.0.5 PHP 7.3+ WP 3.5+ Updated Mar 3, 2026

advertiseraffiliateaffiliate-windowawinzanox

A · Safe

CVEs total1

Unpatched0

Last CVEMay 7, 2025

Plugin page Download

Safety Verdict

Is Awin – Advertiser Tracking for WooCommerce Safe to Use in 2026?

Generally Safe

Score 99/100

Awin – Advertiser Tracking for WooCommerce has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: May 7, 2025Updated 1mo ago

Risk Assessment

The 'awin-advertiser-tracking' plugin v2.0.5 demonstrates a generally good security posture with several positive indicators. The absence of any critical or high-severity taint flows, along with 100% of SQL queries utilizing prepared statements, suggests a strong defense against common injection vulnerabilities. The presence of nonce checks and capability checks further reinforces its security measures. However, there are areas for improvement. The static analysis reveals that only 67% of output is properly escaped, leaving a potential window for cross-site scripting (XSS) vulnerabilities, particularly concerning given the presence of file operations and external HTTP requests which could be influenced by unsanitized output. The vulnerability history, while showing no currently unpatched issues, does list a past medium-severity vulnerability of the CSRF type. This, combined with the incomplete output escaping, indicates a need for continued vigilance and comprehensive security auditing.

Key Concerns

Unescaped output is a risk
Past medium vulnerability

Vulnerabilities

Awin – Advertiser Tracking for WooCommerce Security Vulnerabilities

CVEs by Year

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-47633medium · 4.3Cross-Site Request Forgery (CSRF)

Awin – Advertiser Tracking for WooCommerce <= 2.0.0 - Cross-Site Request Forgery

May 7, 2025 Patched in 2.0.1 (24d)

Code Analysis

Analyzed Mar 16, 2026

Awin – Advertiser Tracking for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

20 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

67% escaped30 total outputs

Data Flows

All sanitized

Data Flow Analysis

1 flows

<awin-advertiser-tracking> (awin-advertiser-tracking.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Awin – Advertiser Tracking for WooCommerce Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 18

actionadmin_menuawin-advertiser-tracking.php:27

actionadmin_initawin-advertiser-tracking.php:28

actionadmin_enqueue_scriptsawin-advertiser-tracking.php:29

actionwp_enqueue_scriptsawin-advertiser-tracking.php:30

actioninitawin-advertiser-tracking.php:31

actionwoocommerce_thankyouawin-advertiser-tracking.php:32

actionplugins_loadedawin-advertiser-tracking.php:33

actioninitawin-advertiser-tracking.php:37

filtercron_schedulesawin-advertiser-tracking.php:38

actiongenerate_product_feed_eventawin-advertiser-tracking.php:39

actioninitawin-advertiser-tracking.php:41

actionawin_approve_orders_cron_hookawin-advertiser-tracking.php:42

actionwoocommerce_order_status_cancelledawin-advertiser-tracking.php:44

actionwoocommerce_order_status_refundedawin-advertiser-tracking.php:45

actionwoocommerce_order_partially_refundedawin-advertiser-tracking.php:46

actionadmin_initawin-advertiser-tracking.php:48

actionadmin_noticesawin-advertiser-tracking.php:294

actionadmin_noticesawin-advertiser-tracking.php:297

Scheduled Events 2

generate_product_feed_event

awin_approve_orders_cron_hook

Maintenance & Trust

Awin – Advertiser Tracking for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedMar 3, 2026

PHP min version7.3

Downloads34K

Community Trust

Rating60/100

Number of ratings3

Active installs1K

Alternatives

Awin – Advertiser Tracking for WooCommerce Alternatives

Awin Publisher MasterTag

convert-a-link

100

The Awin Publisher MasterTag allows you to access and enable technology from Awin and our partners.

1K No CVEs

Awin Data Feed

awin-data-feed

This plugin allows you to import your Awin Datafeed and sell the products from any widget area.

200 2 CVEs

affiliate-toolkit – Multi-Network Affiliate & Amazon Product Display

affiliate-toolkit-starter

Fast & Compatible with every WordPress Theme: With our plugin for WordPress, you can easily create and add your affiliate products to your website.

3K 13 CVEs

Grow by Tradedoubler – Advertiser Plugin for WooCommerce

tradedoubler-affiliate-tracker

Grow is an affiliate marketing solution for small businesses and start-ups wanting to increase online visibility, traffic, and product sales.

200 1 CVE

Affiliate Power – Sales Tracking for Affiliate Marketers

affiliate-power

Affiliate Power imports your sales of various affiliate networks. Thanks to the additional tracking of posts, referer, URL-Parameters and devices, you …

100 1 CVE

Developer Profile

Awin – Advertiser Tracking for WooCommerce Developer Profile

Awin

3 plugins · 2K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

399 days

View full developer profile

Detection Fingerprints

How We Detect Awin – Advertiser Tracking for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/awin-advertiser-tracking/js/awin-advertiser-tracking.js/wp-content/plugins/awin-advertiser-tracking/css/awin-advertiser-tracking.css

Script Paths

/wp-content/plugins/awin-advertiser-tracking/js/awin-advertiser-tracking.js

Version Parameters

awin-advertiser-tracking/js/awin-advertiser-tracking.js?ver=awin-advertiser-tracking/css/awin-advertiser-tracking.css?ver=

HTML / DOM Fingerprints

HTML Comments

+1 more

Data Attributes

name="awin_settings[awin_advertiser_id]"name="awin_settings[awin_bearer_token]"name="awin_settings[awin_approval_days]"name="awin_settings[awin_xtype]"id="awin_xtype"

JS Globals

AWIN_SLUG

FAQ