Does Better Links have any unpatched vulnerabilities?

No. All known vulnerabilities in Better Links have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Better Links compatible with WordPress 3.9.40?

According to WordPress.org data, Better Links 1.1.4 has been tested up to WordPress 3.9.40. Check the plugin's changelog for the latest compatibility information.

How often is Better Links updated?

Better Links was last updated on Aug 12, 2014. Frequent updates are generally a positive security signal.

What is Better Links's security score?

Better Links has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Better Links Security & Risk Analysis

wordpress.org/plugins/better-links

Easily create, manage and insert shortened Better Links that originate from your WordPress domain. Forget link shortening services - use Better Links.

200 active installs v1.1.4 PHP + WP 3.9+ Updated Aug 12, 2014

admineditorlinks

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Better Links Safe to Use in 2026?

Generally Safe

Score 85/100

Better Links has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11yr ago

Risk Assessment

The "better-links" v1.1.4 plugin exhibits a generally good security posture, with a high percentage of properly escaped outputs and a strong reliance on prepared statements for SQL queries. The absence of any recorded vulnerabilities in its history is a positive indicator of past security diligence. However, a significant concern lies within its attack surface, specifically one unprotected AJAX handler. This represents a direct entry point that could be exploited if not properly secured, potentially leading to unauthorized actions or data manipulation within the WordPress environment. While taint analysis did not reveal critical or high severity issues, the presence of unsanitized paths in the analyzed flows warrants attention, as it suggests potential areas where input might not be adequately validated, even if no immediate critical vulnerabilities were detected.

Key Concerns

Unprotected AJAX handler
Flows with unsanitized paths

Vulnerabilities

None known

Better Links Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Better Links Code Analysis

Dangerous Functions

Raw SQL Queries

16 prepared

Unescaped Output

45 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

89% prepared18 total queries

Output Escaping

96% escaped47 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

load_tools_page (modules\better-links\better-links.php:700)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

Better Links Attack Surface

Entry Points2

Unprotected1

AJAX Handlers 1

authwp_ajax_better-linksmodules\better-links\better-links.php:50

Shortcodes 1

[bl] modules\better-links\better-links.php:85

WordPress Hooks 48

actionadmin_enqueue_scriptsmodules\better-links\better-links.php:31

actionadmin_initmodules\better-links\better-links.php:32

actionadmin_menumodules\better-links\better-links.php:33

actionadmin_noticesmodules\better-links\better-links.php:34

actiondbx_post_sidebarmodules\better-links\better-links.php:35

actionmedia_buttonsmodules\better-links\better-links.php:36

actionmedia_upload_better_linksmodules\better-links\better-links.php:37

actionsave_postmodules\better-links\better-links.php:38

actionbetter_links_process_tools_action_create_better_linkmodules\better-links\better-links.php:40

actionbetter_links_process_tools_action_import_pretty_linksmodules\better-links\better-links.php:41

actiondelete_postmodules\better-links\better-links.php:46

actioninitmodules\better-links\better-links.php:47

actionparse_requestmodules\better-links\better-links.php:48

actionpost_updatedmodules\better-links\better-links.php:49

actionbetter_links_ajax_callback_createmodules\better-links\better-links.php:52

actionbetter_links_ajax_callback_namemodules\better-links\better-links.php:53

actionbetter_links_ajax_callback_searchmodules\better-links\better-links.php:54

actionbetter_links_save_link_finalizemodules\better-links\better-links.php:55

filterbulk_post_updated_messagesmodules\better-links\better-links.php:61

filterdisplay_post_statesmodules\better-links\better-links.php:62

filtermedia_upload_tabsmodules\better-links\better-links.php:63

filterpost_row_actionsmodules\better-links\better-links.php:64

filterpost_updated_messagesmodules\better-links\better-links.php:65

filterredirect_post_locationmodules\better-links\better-links.php:66

filterpost_type_linkmodules\better-links\better-links.php:71

filterbetter_links_ajax_search_resultsmodules\better-links\better-links.php:73

filterbetter_links_pre_get_link_metamodules\better-links\better-links.php:75

filterbetter_links_pre_set_link_metamodules\better-links\better-links.php:76

filterbetter_links_validate_link_metamodules\better-links\better-links.php:77

filterbetter_links_pre_get_settingsmodules\better-links\better-links.php:79

filterbetter_links_pre_get_link_meta_errorsmodules\better-links\better-links.php:81

actionplugins_loadedmodules\better-links\better-links.php:1273

actionbetter_links_add_link_meta_boxesmodules\better-links-tracking\better-links-tracking.php:24

actionbetter_links_process_tools_action_purgemodules\better-links-tracking\better-links-tracking.php:25

actionbetter_links_process_tools_action_reset_click_datamodules\better-links-tracking\better-links-tracking.php:26

actionbetter_links_tools_page_bottommodules\better-links-tracking\better-links-tracking.php:27

actionwp_enqueue_scriptsmodules\better-links-tracking\better-links-tracking.php:31

actioninitmodules\better-links-tracking\better-links-tracking.php:34

actionpre_get_postsmodules\better-links-tracking\better-links-tracking.php:35

actionbetter_links_delete_linkmodules\better-links-tracking\better-links-tracking.php:37

actionbetter_links_save_link_finalizemodules\better-links-tracking\better-links-tracking.php:39

actionbetter_links_redirectingmodules\better-links-tracking\better-links-tracking.php:40

filterbetter_links_process_tools_action_reset_click_data_redirect_linkmodules\better-links-tracking\better-links-tracking.php:45

filterpost_row_actionsmodules\better-links-tracking\better-links-tracking.php:47

filterbetter_links_ajax_search_resultsmodules\better-links-tracking\better-links-tracking.php:53

filterbetter_links_pre_get_link_click_metamodules\better-links-tracking\better-links-tracking.php:55

filterbetter_links_pre_set_link_click_metamodules\better-links-tracking\better-links-tracking.php:56

actionplugins_loadedmodules\better-links-tracking\better-links-tracking.php:446

Maintenance & Trust

Better Links Maintenance & Trust

Maintenance Signals

WordPress version tested3.9.40

Last updatedAug 12, 2014

PHP min version

Downloads11K

Community Trust

Rating40/100

Number of ratings4

Active installs200

Alternatives

Better Links Alternatives

PublishPress Capabilities – User Role Editor, Access Permissions, User Capabilities, Admin Menus

capability-manager-enhanced

PublishPress Capabilities is the access control plugin. You can manage user capabilities, permissions, user roles, admin menus and more.

100K 4 CVEs

Ultimate Dashboard – Custom WordPress Dashboard

ultimate-dashboard

The #1 Plugin to Customize the WordPress Dashboard!

60K 8 CVEs

WP Custom Admin Interface

wp-custom-admin-interface

With WP Custom Admin Interface you can easily customise the WordPress admin and login interfaces.

30K 7 CVEs

Automatic Domain Changer

automatic-domain-changer

100

Automatically detects a domain name change, and updates all the WordPress tables in the database to reflect this change.

10K 1 CVE

WP Adminify – White Label WordPress, Admin Menu Editor, Login Customizer

adminify

Transform your WordPress admin into a fully white-labeled, organized client dashboard. Customize, Dark mode, Secure, Boost productivity, and more.

7K 7 CVEs

Developer Profile

Better Links Developer Profile

nickohrn

12 plugins · 760 total installs

trust score

Avg Security Score

86/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Better Links

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/better-links/assets/css/better-links.css/wp-content/plugins/better-links/assets/js/better-links.js/wp-content/plugins/better-links/assets/js/better-links-pro.js/wp-content/plugins/better-links/assets/js/better-links-tools.js

Script Paths

/wp-content/plugins/better-links/assets/js/better-links.js/wp-content/plugins/better-links/assets/js/better-links-pro.js/wp-content/plugins/better-links/assets/js/better-links-tools.js

Version Parameters

better-links/assets/css/better-links.css?ver=better-links/assets/js/better-links.js?ver=better-links/assets/js/better-links-pro.js?ver=better-links/assets/js/better-links-tools.js?ver=

HTML / DOM Fingerprints

CSS Classes

bl-editor-containerbl-links-wrapbl-link-details-wrapbl-link-add-wrapbl-link-edit-wrapbl-link-new-wrapbl-link-search-wrapbl-search-results-wrap+1 more

HTML Comments

Data Attributes

data-better-links-iddata-better-links-slugdata-better-links-redirectdata-better-links-namedata-better-links-target

JS Globals

BetterLinks

Shortcode Output

<a class="blink" href="

FAQ